Re: preapproval for nfs-utils/1:1.1.2-6lenny1 to fix CVE-2008-4552

To: Aníbal Monsalve Salazar <anibal@v7w.com>
Cc: Aníbal Monsalve Salazar <anibal@debian.org>, debian-release@lists.debian.org
Subject: Re: preapproval for nfs-utils/1:1.1.2-6lenny1 to fix CVE-2008-4552
From: Adeodato Simó <dato@net.com.org.es>
Date: Thu, 23 Oct 2008 17:20:21 +0200
Message-id: <20081023152021.GG24147@chistera.yi.org>
Mail-followup-to: Aníbal Monsalve Salazar <anibal@v7w.com>, Aníbal Monsalve Salazar <anibal@debian.org>, debian-release@lists.debian.org
In-reply-to: <20081020095601.GB4674@debianrules.debiancolombia.org>
References: <20081019051456.GP4674@debianrules.debiancolombia.org> <20081019102001.GY4674@debianrules.debiancolombia.org> <20081019180734.GF16610@artemis.corp> <20081020095601.GB4674@debianrules.debiancolombia.org>

* Aníbal Monsalve Salazar [Mon, 20 Oct 2008 20:56:01 +1100]:

> On Sun, Oct 19, 2008 at 08:07:34PM +0200, Pierre Habouzit wrote:
> >On Sun, Oct 19, 2008 at 10:20:01AM +0000, Aníbal Monsalve Salazar wrote:
> >>On Sun, Oct 19, 2008 at 04:14:56PM +1100, Anibal Monsalve Salazar wrote:
> >>>Please consider preapproving nfs-utils/1:1.1.2-6lenny1 to fix
> >>>CVE-2008-4552.

> >>>http://bugs.debian.org/502680
> >>>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4552
> >>>https://bugzilla.redhat.com/show_bug.cgi?id=458676

> >>>Changes:
> >>> nfs-utils (1:1.1.2-6lenny1) testing-proposed-updates; urgency=high
> >>> .
> >>>   * Fix CVE-2008-4552
> >>>     nfs-utils 1.1.2, and possibly other versions before 1.1.3, invokes the
> >>>     host_ctl function with the wrong order of arguments, which causes TCP
> >>>     Wrappers to ignore netgroups and allows remote attackers to bypass
> >>>     intended access restrictions.
> >>>     Closes: #502680

> >>The change is very minimal.

> >looks fine, please upload and ping us again.

> done

Thanks, will unblock once it's built on all architectures.

-- 
Adeodato Simó                                     dato at net.com.org.es
Debian Developer                                  adeodato at debian.org
 
— Oh, George, you didn't jump into the river. How sensible of you! 
                -- Mrs Banks in “Mary Poppins”

Reply to:

References:
- preapproval for nfs-utils/1:1.1.2-6lenny1 to fix CVE-2008-4552
  - From: Aníbal Monsalve Salazar <anibal@debian.org>
- Re: preapproval for nfs-utils/1:1.1.2-6lenny1 to fix CVE-2008-4552
  - From: Aníbal Monsalve Salazar <anibal@debian.org>
- Re: preapproval for nfs-utils/1:1.1.2-6lenny1 to fix CVE-2008-4552
  - From: Pierre Habouzit <madcoder@debian.org>
- Re: preapproval for nfs-utils/1:1.1.2-6lenny1 to fix CVE-2008-4552
  - From: Aníbal Monsalve Salazar <anibal@v7w.com>

Prev by Date: Re: Various minor and/or important changes to prayer
Next by Date: Re: Please unblock ocaml-ssl/0.4.2-4 and binNMU ocsigen/1.1.0-1
Previous by thread: Re: preapproval for nfs-utils/1:1.1.2-6lenny1 to fix CVE-2008-4552
Next by thread: binNMU on amd64 solves conspy RC bug
Index(es):
- Date
- Thread