Bug#559107: closed by Petr Salinger <Petr.Salinger@seznam.cz> (Re: Bug#559107: Local root exploit in rtld)

[Moritz Muehlenhoff <jmm@inutil.org>]

reopen 559107
retitle 559107 weaknesses in BSD PRNG algorithms
thanks 

> >http://seclists.org/fulldisclosure/2009/Nov/371
> >
> >Colin Percival posted a preliminary patch, a full advisory is announced
> >for tomorrow.
> >
> >I suppose this affects Debian/KFreeBSD?
> 
> No, the rtld (/lib/ld*.so) comes from eglibc, not from kernel source.

Thanks, fixed in the Debian Security Tracker.

But the status of CVE-2008-114[678] is still open. Do they affect the
KFreeBSD port? What's the position of the FreeBSD kernel developers on
these issues?

Cheers,
        Moritz