Re: CVE-2007-6514 shouldn't apply to the linux-2.6 package

To: Michael Gilbert <michael.s.gilbert@gmail.com>
Cc: debian-security-tracker@lists.debian.org
Subject: Re: CVE-2007-6514 shouldn't apply to the linux-2.6 package
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Thu, 24 Jul 2008 00:34:59 +0200
Message-id: <[🔎] 20080723223459.GA4340@galadriel.inutil.org>
In-reply-to: <[🔎] 8e2a98be0807231523h29fd3240w9a33b03df6fa0f15@mail.gmail.com>
References: <[🔎] 8e2a98be0807231523h29fd3240w9a33b03df6fa0f15@mail.gmail.com>

Michael Gilbert wrote:
> according to the CVE description [1], it appears that CVE-2007-6514
> should apply to the apache and/or samba packages.  however, according
> to the tracker [2], it is tracked as a problem with the kernel.  i
> think that this should be fixed.

This needs to be fixed in smbfs. It very likely is already on current
etch, it only needs someone to test it with the Etch kernel.

Cheers,
        Moritz

Reply to:

Follow-Ups:
- Re: CVE-2007-6514 shouldn't apply to the linux-2.6 package
  - From: "Michael Gilbert" <michael.s.gilbert@gmail.com>

References:
- CVE-2007-6514 shouldn't apply to the linux-2.6 package
  - From: "Michael Gilbert" <michael.s.gilbert@gmail.com>

Prev by Date: CVE-2008-2826 should be listed low-urgency in the tracker
Next by Date: Re: CVE-2007-6514 shouldn't apply to the linux-2.6 package
Previous by thread: CVE-2007-6514 shouldn't apply to the linux-2.6 package
Next by thread: Re: CVE-2007-6514 shouldn't apply to the linux-2.6 package
Index(es):
- Date
- Thread