[SECURITY] Fedora 21 Update: ettercap-0.8.2-1.fc21

updates at fedoraproject.org updates at fedoraproject.org
Thu Mar 26 21:49:42 UTC 2015 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-3984
2015-03-16 21:50:48
--------------------------------------------------------------------------------

Name        : ettercap
Product     : Fedora 21
Version     : 0.8.2
Release     : 1.fc21
URL         : http://ettercap.sourceforge.net
Summary     : Network traffic sniffer/analyser, NCURSES interface version
Description :
Ettercap is a suite for man in the middle attacks on LAN. It features
sniffing of live connections, content filtering on the fly and many other
interesting tricks. It supports active and passive dissection of many
protocols (even ciphered ones) and includes many feature for network and host
analysis.

--------------------------------------------------------------------------------
Update Information:

0.8.2-Ferri


    Bug Fix
        !! Fixed some openssl deprecated functions usage
        !! Fixed log file ownership
        !! Fixed mixed output print
        !! Fixed drop_privs function usage
        !! Fixed nopromisc option usage.
        !! Fixed missing break in parser code.
        !! Improved redirect commands
        !! Fix truncated VLAN packet headers
        !! Fix ettercap.rc file (windows only)
        !! Various cmake fixes
        !! A ton of BSD bug fixes
        !! Simplify macosx cmake files
        !! Fix incorrect sequence number after TCP injection
        !! Fix pcap length, and aligment problems with libpcap
        !! Bug fixes and gtk code refactor (gtk box wrapper)
        !! Fix some ipv6 send issues
        !! Fixed sleep time on Windows (high CPU usage)
        !! Fixed many CVE vulnerabilities (some of them already fixed in 0.8.1)
            - CVE-2014-6395 (Length Parameter Inconsistency)
            - CVE-2014-6396 (Arbitrary write)
            - CVE-2014-9376 (Negative index/underflow)
            - CVE-2014-9377 (Heap overflow)
            - CVE-2014-9378 (Unchecked return value)
            - CVE-2014-9379 (Incorrect cast)
            - CVE-2014-9380 (Buffer over-read)
            - CVE-2014-9381 (Signedness error)

    New Features
        + Updated etter.finger.mac
        + Add TXT and ANY query support on dns_spoof
        + New macosx travis-ci build!
        + Enable again PDF generation

    Removed
        - Remove gprof support

--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 16 2015 Jon Ciesla <limburgher at gmail.com> - 0.8.2-1
- Latest upstream.
* Tue Dec 16 2014 Jon Ciesla <limburgher at gmail.com> - 0.8.1-2
- Patches for multiple CVEs
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update ettercap' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list