Upgrade ethereal please. . .

John Richard Moser nigelenki at comcast.net
Tue Mar 15 09:45:26 CST 2005

Hash: SHA1

Shimon wrote:
> Never thought I will see this day a secuirty tool allowing remote access....

PaX had one too, got a fix in 2.6.11.  Major hole but it happens to the
best of us; just check out the Ubuntu Security Notices.

It's not like this is amazing that it's in ethereal; it's just ironic
that a security tool has a huge security hole, and of course any
security hole should be a priority fix (Gentoo policy I believe mandates
security holes are fixed within 5-10 days of discovery and are treated
as high priority even if nobody in the universe uses the packages, for
example; not sure about debian or Ubuntu).

I was only pointing it out because Ethereal is a Universe package and a
very common tool, which means it's not a top priority for Ubuntu but it
may be a priority to fix it for a lot of users.

> Best to remove it from the reps before the release if its not fixed in time?
> And I just told ##linux a few days I am using ethereal.
> I'll say it again i never thought i'll see this day...... LOL
- --
All content of all messages exchanged herein are left in the
Public Domain, unless otherwise explicitly stated.

    Creative brains are a valuable, limited resource. They shouldn't be
    wasted on re-inventing the wheel when there are so many fascinating
    new problems waiting out there.
                                                 -- Eric Steven Raymond
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org


More information about the ubuntu-devel mailing list