[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#645377: marked as done (kfreebsd-8: Buffer overflow in handling of UNIX socket addresses)



Your message dated Sat, 15 Oct 2011 13:26:56 +0200
with message-id <CAOfDtXP+OEZWtZREug5ZeDHPHim4GTJ+LMaDm8hgPSS9bPKCbQ@mail.gmail.com>
and subject line Re: Bug#645377: kfreebsd-8: Buffer overflow in handling of UNIX socket addresses
has caused the Debian Bug report #645377,
regarding kfreebsd-8: Buffer overflow in handling of UNIX socket addresses
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
645377: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=645377
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
package: kfreebsd-8
version: 8.1
severity: serious
tag: security , patch

A buffer overflow issue in kfreebsd has been disclosed [0] along with a
poc [1]. patch is available [2].

I've only checked the kfreebsd-8 source, but the description says -7 is
affected, and 9- and higher may be as well; I haven't checked those.

Best wishes,
Mike

[0] http://www.securityfocus.com/archive/1/519864/30/0/threaded
[1] http://www.exploit-db.com/exploits/17908/
[2] http://security.freebsd.org/patches/SA-11:05/unix.patch



--- End Message ---
--- Begin Message ---
Version: 9.0~svn225873-1

Fixed in kfreebsd-9.

2011/10/15 Michael Gilbert <michael.s.gilbert@gmail.com>:
> package: kfreebsd-8
> version: 8.1
> severity: serious
> tag: security , patch
>
> A buffer overflow issue in kfreebsd has been disclosed [0] along with a
> poc [1]. patch is available [2].
>
> I've only checked the kfreebsd-8 source, but the description says -7 is
> affected, and 9- and higher may be as well; I haven't checked those.
>
> Best wishes,
> Mike
>
> [0] http://www.securityfocus.com/archive/1/519864/30/0/threaded
> [1] http://www.exploit-db.com/exploits/17908/
> [2] http://security.freebsd.org/patches/SA-11:05/unix.patch
>
>
>
> --
> To UNSUBSCRIBE, email to debian-bsd-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: 20111015001032.019d32c30b117e74e4e4f5fa@gmail.com">http://lists.debian.org/20111015001032.019d32c30b117e74e4e4f5fa@gmail.com
>
>



-- 
Robert Millan


--- End Message ---

Reply to: