[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#584930: Two security issues fixed in FreeBSD

On Mon, Jun 07, 2010 at 06:15:47PM +0200, Moritz Muehlenhoff wrote:
> Package: kfreebsd-8
> Severity: grave
> Tags: security
> Hi,
> the following CVE IDs have been published for FreeBSD, please
> check whether they need to be fixed for kfreebsd and whether
> kfreebsd-6 and kfreebsd-7 from Lenny are affected:
> CVE-2010-2022:
> http://security.FreeBSD.org/advisories/FreeBSD-SA-10:04.jail.asc

We don't yet provide (yet) the jail binary, so we are not vulnerable to
this one.

> CVE-2010-2020:
> http://security.FreeBSD.org/advisories/FreeBSD-SA-10:06.nfsclient.asc

On the other hand, the kfreebsd* packages are affected by this bug,
though not with the default configuration. I'll do an upload to unstable
with high urgency, but I don't think it deserve a fix in lenny.

I'll upload the security tracker accordingly.

Aurelien Jarno	                        GPG: 1024D/F1BCDB73
aurelien@aurel32.net                 http://www.aurel32.net

Reply to: