[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#613312: kfreebsd: denial-of-service

On Mon, Feb 14, 2011 at 08:15:43AM +0100, Petr Salinger wrote:
> forcemerge 613312 611476
> --
>> a denial-of-service has been posted for freebsd [0]. i don't have time
>> to verify whether any of the claims actually affect debian.  please
>> check the kfreebsd package.
>> [0] http://www.exploit-db.com/exploits/16064/
> It affects us, we already care about it in #611476.
> The tested patch is scheduled (not-yet-uploaded) in our squeeze branch
> http://svn.debian.org/wsvn/glibc-bsd/branches/squeeze/kfreebsd-8/
> http://svn.debian.org/wsvn/glibc-bsd/branches/squeeze/kfreebsd-8/debian/patches/000_tcp_usrreq.diff
> Please decide, whether fix should go via security.d.o or can wait for point update.

A point update is sufficient. IIRC FreeBSD itself doesn't treat local
denial of service as security issues.


Reply to: