Re: Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server

To: Florian Weimer <fw@deneb.enyo.de>
Cc: Steven Chamberlain <steven@pyro.eu.org>, Christoph Egger <christoph@debian.org>, "debian-bsd@lists.debian.org" <debian-bsd@lists.debian.org>, team@security.debian.org
Subject: Re: Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Sat, 25 May 2013 11:43:40 +0100
Message-id: <[🔎] 1369478620.18864.22.camel@jacala.jungle.funky-badger.org>
In-reply-to: <[🔎] 877gio84x3.fsf@mid.deneb.enyo.de>
References: <517EEA4B.2090302@pyro.eu.org> <517EF9CC.90408@pyro.eu.org> <[🔎] 8761z357o7.fsf@hepworth.siccegge.de> <[🔎] 87ip32aprp.fsf@mid.deneb.enyo.de> <[🔎] 87ip324ya3.fsf@hepworth.siccegge.de> <[🔎] 8738u695l1.fsf@mid.deneb.enyo.de> <[🔎] 874nem4w8t.fsf@hepworth.siccegge.de> <[🔎] 519BE5E2.5060305@pyro.eu.org> <[🔎] 87fvxeg8eu.fsf@mid.deneb.enyo.de> <[🔎] 519FC91A.6050000@pyro.eu.org> <[🔎] 871u8w9lkj.fsf@mid.deneb.enyo.de> <[🔎] 1369427656.18864.12.camel@jacala.jungle.funky-badger.org> <[🔎] 877gio84x3.fsf@mid.deneb.enyo.de>

On Fri, 2013-05-24 at 23:05 +0200, Florian Weimer wrote:
> * Adam D. Barratt:
> 
> > On Fri, 2013-05-24 at 22:20 +0200, Florian Weimer wrote:
> >> * Steven Chamberlain:
> >> > I notice a problem though when this was (I think - I'm unsure of the
> >> > security team's processes here) copied to the main archive, probably so
> >> > that it can be included in stable-proposed-updates:
[...]
> >> Could you contact ftpmaster and/or the stable release managers about
> >> this?  I don't think we can do anything about it on the security side.
> >
> > We (SRM) can't; we don't have any particular access to the upload
> > queues and none to security.d.o.
> 
> I still have access to the original .changes files.  If you think that
> uploading again would fix things, I can try that.  I'd be surprised if
> resolving this were so simple, though. 8-/

The package is now in p-u-NEW, so it looks like someone sorted this.
Thanks. :)

Regards,

Adam

Reply to:

References:
- Re: Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server
  - From: Christoph Egger <christoph@debian.org>
- Re: Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server
  - From: Florian Weimer <fw@deneb.enyo.de>
- Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server
  - From: Christoph Egger <christoph@christoph-egger.org>
- Re: Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server
  - From: Florian Weimer <fw@deneb.enyo.de>
- Re: Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server
  - From: Christoph Egger <christoph@debian.org>
- Re: Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server
  - From: Steven Chamberlain <steven@pyro.eu.org>
- Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server
  - From: Florian Weimer <fw@deneb.enyo.de>
- Re: Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server
  - From: Steven Chamberlain <steven@pyro.eu.org>
- Re: Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server
  - From: Florian Weimer <fw@deneb.enyo.de>
- Re: Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Re: Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server
  - From: Florian Weimer <fw@deneb.enyo.de>

Prev by Date: kfreebsd-9_9.0-10+deb70.1_kfreebsd-amd64.changes ACCEPTED into proposed-updates->stable-new
Next by Date: Builds stuck on fasch
Previous by thread: Re: Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server
Next by thread: Re: Bug#706414: CVE-2013-3266: Insufficient input validation in the NFS server
Index(es):
- Date
- Thread