preapproval for nfs-utils/1:1.1.2-6lenny1 to fix CVE-2008-4552

To: debian-release@lists.debian.org
Subject: preapproval for nfs-utils/1:1.1.2-6lenny1 to fix CVE-2008-4552
From: Aníbal Monsalve Salazar <anibal@debian.org>
Date: Sun, 19 Oct 2008 16:14:56 +1100
Message-id: <20081019051456.GP4674@debianrules.debiancolombia.org>

Please consider preapproving nfs-utils/1:1.1.2-6lenny1 to fix
CVE-2008-4552.

http://bugs.debian.org/502680
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4552
https://bugzilla.redhat.com/show_bug.cgi?id=458676

Changes:
 nfs-utils (1:1.1.2-6lenny1) testing-proposed-updates; urgency=high
 .
   * Fix CVE-2008-4552
     nfs-utils 1.1.2, and possibly other versions before 1.1.3, invokes the
     host_ctl function with the wrong order of arguments, which causes TCP
     Wrappers to ignore netgroups and allows remote attackers to bypass
     intended access restrictions.
     Closes: #502680

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Re: preapproval for nfs-utils/1:1.1.2-6lenny1 to fix CVE-2008-4552
  - From: Aníbal Monsalve Salazar <anibal@debian.org>

Prev by Date: Please unblock icedove 2.0.0.17-1
Next by Date: binNMU on amd64 solves conspy RC bug
Previous by thread: Re: Please unblock icedove 2.0.0.17-1
Next by thread: Re: preapproval for nfs-utils/1:1.1.2-6lenny1 to fix CVE-2008-4552
Index(es):
- Date
- Thread