Source: ntopng Severity: grave Tags: security upstream fixed-upstream Hi Ludovico,
Marking this bugreport as grave, as more information seem a bit scarce, so was not able to identify the issues. There is an upstream report [1] which mentions several fixes were done in ntopng 1.2.1. [1] http://www.ntop.org/ndpi/released-ndpi-1-5-1-and-ntopng-1-2-1/ > Fixes for > - CVE-2014-5464 > - CVE-2014-4329 Strangely this was marked as fixed in 1.2.0+dfsg1-1 in the security tracker at [2]. Is this information correct? [2] https://security-tracker.debian.org/tracker/CVE-2014-4329 > - CVE-2014-5511, CVE-2014-5512, CVE-2014-5513, CVE-2014-5514, > CVE-2014-5515 No information referenced for these in the advisory. Could you have a look at them and also clarify if CVE-2014-4329 version information is wrong in the tracker? Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
