Re: preapproval for nfs-utils/1:1.1.2-6lenny1 to fix CVE-2008-4552
* Aníbal Monsalve Salazar [Mon, 20 Oct 2008 20:56:01 +1100]:
> On Sun, Oct 19, 2008 at 08:07:34PM +0200, Pierre Habouzit wrote:
> >On Sun, Oct 19, 2008 at 10:20:01AM +0000, Aníbal Monsalve Salazar wrote:
> >>On Sun, Oct 19, 2008 at 04:14:56PM +1100, Anibal Monsalve Salazar wrote:
> >>>Please consider preapproving nfs-utils/1:1.1.2-6lenny1 to fix
> >>>CVE-2008-4552.
> >>>http://bugs.debian.org/502680
> >>>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4552
> >>>https://bugzilla.redhat.com/show_bug.cgi?id=458676
> >>>Changes:
> >>> nfs-utils (1:1.1.2-6lenny1) testing-proposed-updates; urgency=high
> >>> .
> >>> * Fix CVE-2008-4552
> >>> nfs-utils 1.1.2, and possibly other versions before 1.1.3, invokes the
> >>> host_ctl function with the wrong order of arguments, which causes TCP
> >>> Wrappers to ignore netgroups and allows remote attackers to bypass
> >>> intended access restrictions.
> >>> Closes: #502680
> >>The change is very minimal.
> >looks fine, please upload and ping us again.
> done
Thanks, will unblock once it's built on all architectures.
--
Adeodato Simó dato at net.com.org.es
Debian Developer adeodato at debian.org
— Oh, George, you didn't jump into the river. How sensible of you!
-- Mrs Banks in “Mary Poppins”
Reply to: