[LWN Logo]
[Timeline]
Date:         Sat, 30 Sep 2000 03:46:38 -0400
Subject:      Re: Very interesting traceroute flaw
To: BUGTRAQ@SECURITYFOCUS.COM

--CE+1k2dSO48ffgeK
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Fri, Sep 29, 2000 at 07:57:12AM +0000, Martin Peikert wrote:
> Chris Evans <chris@ferret.lmh.ox.ac.uk> wrote:
> > VERSIONS AFFECTED
> > =================
> >
> > (Where LBNL = Lawrence Berkeley National Laboratory)
> >
> > Affected: LBNL 1.4a5
> > Safe:     LBNL 1.4a7
> > Safe:     RedHat7.0 traceroute (1.4a5 + a patch)
> 
> Debian potato: Affected
> Debian woody: Safe

This will be fixed in 2.2r1, expected shortly.  Meanwhile, fixed
packages have been in the proposed-updates distribution for a month.

Apt: deb http://http.us.debian.org/debian dists/proposed-updates/
Http: http://http.us.debian.org/debian/dists/proposed-updates

fa0c426fa84bf54ec33093bae90c1fdf  traceroute_1.4a5-3.diff.gz
4bd7bc9ec1894c75e7ccba51e6a91cc6  traceroute_1.4a5-3.dsc
6b3f20ecb08276c15715ae54ef8be0c7  traceroute_1.4a5-3_alpha.deb
feba02e20848bdfafa6bf7dd9c594eba  traceroute_1.4a5-3_i386.deb
fdc5a6ed3cd97067c4b7e1ddf7945287  traceroute_1.4a5-3_m68k.deb




Dan

/--------------------------------\  /--------------------------------\
|       Daniel Jacobowitz        |__|        SCS Class of 2002       |
|   Debian GNU/Linux Developer    __    Carnegie Mellon University   |
|         dan@debian.org         |  |       dmj+@andrew.cmu.edu      |
\--------------------------------/  \--------------------------------/

--CE+1k2dSO48ffgeK
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE51ZpebgOPXuCjg3cRAgIcAKCESA5WBeVjhWpew8quPd8cZ/jARACfRN3h
HD1iz0IB5KNlhBIQ81O8mx0=MMq4
-----END PGP SIGNATURE-----

--CE+1k2dSO48ffgeK--