On Wed, Jan 09, 2013 at 03:24:58PM +0000, Neil McGovern wrote:
> On Wed, Jan 09, 2013 at 02:40:25PM +0000, Barak A. Pearlmutter wrote:
> > As I've stated previously, I don't believe that backporting fixes is
> > really feasible. There are too many, they are mixed with
> > non-security-related modifications, there would be enormous opportunity
> > for error, and ongoing security maintenance would be quite difficult.
>
> Do you have CVE numbers, BTS references or any further detail? These
> very changes make it not suitable for update when we've been frozen for
> over 6 months.
I'm not aware of any security issues in Ettercap and the release announcement
of 0.7.5 doesn't mention them either.
The 0.7.4 release mentions several buffer overflows, but this version is
already in testing.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20130109183800.ga15...@inutil.org
