Upgrade ethereal please. . .
John Richard Moser
nigelenki at comcast.net
Mon Mar 14 21:19:53 CST 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ethereal <0.10.10 has a serious security bug. This bug is detailed.
http://www.securityfocus.com/archive/1/393190?ref=rss
As you can see, this is a remote root. While this is a Universe
package, it is a common *security tool* and thus it would be in all of
our best interests to *fix this*, most easily by upgrading ethereal.
Your universe maintainers can just backport the fix if they want but
*shrug*.
No bug seems to be filed. Considering that ethereal is (I'm told by my
LAN teacher) a common tool used in the field for security and network
analysis, it may be prudent to file a bug with a priority above the
standard "enhancement" level for this particular case. It is, of
course, a Universe package, so politics will determine.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCNlRZhDd4aOud5P8RAhlAAJ4l6552iURt1uGomf4dSSKOkXbcqwCgj6qG
UHH14veVTkH3Xeqo9PerCe4=
=eThv
-----END PGP SIGNATURE-----
More information about the ubuntu-devel
mailing list