Bug#584930: Two security issues fixed in FreeBSD
On Mon, Jun 07, 2010 at 06:15:47PM +0200, Moritz Muehlenhoff wrote:
> Package: kfreebsd-8
> Severity: grave
> Tags: security
>
> Hi,
> the following CVE IDs have been published for FreeBSD, please
> check whether they need to be fixed for kfreebsd and whether
> kfreebsd-6 and kfreebsd-7 from Lenny are affected:
>
> CVE-2010-2022:
> http://security.FreeBSD.org/advisories/FreeBSD-SA-10:04.jail.asc
We don't yet provide (yet) the jail binary, so we are not vulnerable to
this one.
> CVE-2010-2020:
> http://security.FreeBSD.org/advisories/FreeBSD-SA-10:06.nfsclient.asc
>
On the other hand, the kfreebsd* packages are affected by this bug,
though not with the default configuration. I'll do an upload to unstable
with high urgency, but I don't think it deserve a fix in lenny.
I'll upload the security tracker accordingly.
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurelien@aurel32.net http://www.aurel32.net
Reply to: