Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for kfreebsd-7 some time ago. CVE-2009-1041[0]: | The ktimer feature (sys/kern/kern_time.c) in FreeBSD 7.0, 7.1, and 7.2 | allows local users to overwrite arbitrary kernel memory via an | out-of-bounds timer value. Unfortunately the vulnerability described above is not important enough to get it fixed via regular security update in Debian stable. It does not warrant a DSA. However it would be nice if this could get fixed via a regular point update[1]. Please contact the release team for this. This is an automatically generated mail, in case you are already working on an upgrade this is of course pointless. For further information: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1041 [1] http://www.debian.org/doc/developers-reference/pkgs.html#upload-stable Kind regards Nico -- Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
Attachment:
pgpjfq3YOu6cZ.pgp
Description: PGP signature