[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#572811: marked as done (kfreebsd: CVE-2009-2649 denial-of-service)

Your message dated Mon, 8 Mar 2010 04:49:15 +0100 (CET)
with message-id <Pine.LNX.4.62.1003080444340.4944@sci.felk.cvut.cz>
and subject line kfreebsd: CVE-2009-2649 denial-of-service
has caused the Debian Bug report #572811,
regarding kfreebsd: CVE-2009-2649 denial-of-service
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org

572811: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572811
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
Package: kfreebsd-8
Version: 8.0-4
Severity: important
Tags: security

the following CVE (Common Vulnerabilities & Exposures) id was
published for kfreebsd-8.

| Heap-based buffer overflow in Sorcerer Software MultiMedia Jukebox 4.0
| Build 020124 allows remote attackers to cause a denial of service
| (application crash) or possibly execute arbitrary code via a crafted
| (1) .m3u or possibly (2) .pst file.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2650

--- End Message ---
--- Begin Message ---
Version: 8.0-1

| The IATA (ata) driver in FreeBSD 6.0 and 8.0, when read access to /dev
| is available, allows local users to cause a denial of service (kernel
| panic) via a certain IOCTL request with a large count, which triggers
| a malloc call with a large value.

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2649

It have been fixed in


the 8.0 have been released with rev 1.308.


--- End Message ---

Reply to: