[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#559107: closed by Petr Salinger <Petr.Salinger@seznam.cz> (Re: Bug#559107: Local root exploit in rtld)

reopen 559107
retitle 559107 weaknesses in BSD PRNG algorithms

> >http://seclists.org/fulldisclosure/2009/Nov/371
> >
> >Colin Percival posted a preliminary patch, a full advisory is announced
> >for tomorrow.
> >
> >I suppose this affects Debian/KFreeBSD?
> No, the rtld (/lib/ld*.so) comes from eglibc, not from kernel source.

Thanks, fixed in the Debian Security Tracker.

But the status of CVE-2008-114[678] is still open. Do they affect the
KFreeBSD port? What's the position of the FreeBSD kernel developers on
these issues?


Reply to: