Bug number - 674715

Part of package: arpwatch.

Bug description:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
Debian Bug report logs -  #674715 CVE-2012-2653: initgroups() adds gid 0 to the group list
Package:      arpwatch; Maintainer for arpwatch is Debian Security Tools <team+pkg-security@tracker.debian.org>; Source for arpwatch is src:arpwatch (PTS, buildd, popcon).
Reported by: Yves-Alexis Perez <corsac@debian.org>
Date: Sat, 26 May 2012 22:00:01 UTC
Severity: critical
Tags: security
Found in version arpwatch/2.1a15-1.1
Fixed in versions arpwatch/2.1a15-1.2, arpwatch/2.1a15-1.1+squeeze1
Done: Yves-Alexis Perez <corsac@debian.org>
Bug is archived. No further changes may be made.

All x-patch and x-diff attachments.

Patch	Author	Date
arpwatch_2.1a15-1.1_2.1a15-1.2.diff	Yves-Alexis Perez <corsac@debian.org>	Sun, 27 May 2012 10:25:11 +0200

Original bug report here.