Re: Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server

To: Steven Chamberlain <steven@pyro.eu.org>
Cc: 706414@bugs.debian.org, Christoph Egger <christoph@debian.org>, "debian-bsd\@lists.debian.org" <debian-bsd@lists.debian.org>, team@security.debian.org
Subject: Re: Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server
From: Florian Weimer <fw@deneb.enyo.de>
Date: Fri, 24 May 2013 22:20:28 +0200
Message-id: <[🔎] 871u8w9lkj.fsf@mid.deneb.enyo.de>
In-reply-to: <[🔎] 519FC91A.6050000@pyro.eu.org> (Steven Chamberlain's message of "Fri, 24 May 2013 21:10:02 +0100")
References: <517EEA4B.2090302@pyro.eu.org> <517EF9CC.90408@pyro.eu.org> <[🔎] 8761z357o7.fsf@hepworth.siccegge.de> <[🔎] 87ip32aprp.fsf@mid.deneb.enyo.de> <[🔎] 87ip324ya3.fsf@hepworth.siccegge.de> <[🔎] 8738u695l1.fsf@mid.deneb.enyo.de> <[🔎] 874nem4w8t.fsf@hepworth.siccegge.de> <[🔎] 519BE5E2.5060305@pyro.eu.org> <[🔎] 87fvxeg8eu.fsf@mid.deneb.enyo.de> <[🔎] 519FC91A.6050000@pyro.eu.org>

* Steven Chamberlain:

> Hi,
>
> On 22/05/13 19:46, Florian Weimer wrote:
>> Sorry for the delay.  I'm taking care of this now.
>
> Thank you for the DSA.
>
> I notice a problem though when this was (I think - I'm unsure of the
> security team's processes here) copied to the main archive, probably so
> that it can be included in stable-proposed-updates:

Thanks for noticing.

I don't see package in the stable queue:

<http://release.debian.org/proposed-updates/stable.html>

And the dak mirror on ries.debian.org hasn't got it, either.

Could you contact ftpmaster and/or the stable release managers about
this?  I don't think we can do anything about it on the security side.

Reply to:

Follow-Ups:
- Re: Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

References:
- Re: Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server
  - From: Christoph Egger <christoph@debian.org>
- Re: Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server
  - From: Florian Weimer <fw@deneb.enyo.de>
- Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server
  - From: Christoph Egger <christoph@christoph-egger.org>
- Re: Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server
  - From: Florian Weimer <fw@deneb.enyo.de>
- Re: Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server
  - From: Christoph Egger <christoph@debian.org>
- Re: Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server
  - From: Steven Chamberlain <steven@pyro.eu.org>
- Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server
  - From: Florian Weimer <fw@deneb.enyo.de>
- Re: Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server
  - From: Steven Chamberlain <steven@pyro.eu.org>

Prev by Date: Re: Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server
Next by Date: Re: Processing of kfreebsd-9_9.0-10+deb70.1_kfreebsd-amd64.changes
Previous by thread: Re: Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server
Next by thread: Re: Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server
Index(es):
- Date
- Thread