Accepted nfs-utils 1:1.1.2-6lenny1 (source amd64)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 19 Oct 2008 13:37:33 +1100
Source: nfs-utils
Binary: nfs-kernel-server nfs-common
Architecture: source amd64
Version: 1:1.1.2-6lenny1
Distribution: testing-proposed-updates
Urgency: high
Maintainer: Anibal Monsalve Salazar <anibal@debian.org>
Changed-By: Anibal Monsalve Salazar <anibal@debian.org>
Description:
nfs-common - NFS support files common to client and server
nfs-kernel-server - support for NFS kernel server
Closes: 502680
Changes:
nfs-utils (1:1.1.2-6lenny1) testing-proposed-updates; urgency=high
.
* Fix CVE-2008-4552
nfs-utils 1.1.2, and possibly other versions before 1.1.3, invokes the
host_ctl function with the wrong order of arguments, which causes TCP
Wrappers to ignore netgroups and allows remote attackers to bypass
intended access restrictions.
Closes: #502680
Checksums-Sha1:
4b07baf7f03c12af8495250633aa97ef0e7d265d 1332 nfs-utils_1.1.2-6lenny1.dsc
ab4f25acd858c7b3d35a9c7d63825aa0130e1f68 34519 nfs-utils_1.1.2-6lenny1.diff.gz
3ef772056babdacc07f08ecc7876da6d9b1c5bf5 161630 nfs-kernel-server_1.1.2-6lenny1_amd64.deb
2ab5ebe2964864fbec172aceb4c3238fd1aac18a 203758 nfs-common_1.1.2-6lenny1_amd64.deb
Checksums-Sha256:
d2f9436b855e575c9681b29a5586594df7b07220a2b1836a3aacdfba56ceefb8 1332 nfs-utils_1.1.2-6lenny1.dsc
3074523d4105b551fb0dea051f9cf8344097d6987c28b7590276bb414a20a09d 34519 nfs-utils_1.1.2-6lenny1.diff.gz
fed9f2f9ffc310ddcfb5e565f85031643a5c9c4cac0cd05aeb2170add61da519 161630 nfs-kernel-server_1.1.2-6lenny1_amd64.deb
afc397d7e2dc6922de9ddf0008f19fc3e93e65db44f530b1d80531936fa422d9 203758 nfs-common_1.1.2-6lenny1_amd64.deb
Files:
5e58cd1a3f30f69cce122c67d3227719 1332 net standard nfs-utils_1.1.2-6lenny1.dsc
624892a894706fd0c989b479d4d52529 34519 net standard nfs-utils_1.1.2-6lenny1.diff.gz
6230b83d7fc1d63fe0e5572606fd9155 161630 net optional nfs-kernel-server_1.1.2-6lenny1_amd64.deb
a5a3b83933f97c3e70f0a129a09db641 203758 net standard nfs-common_1.1.2-6lenny1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkj8TuYACgkQgY5NIXPNpFWOjACdHDvflWmEmk34z+lEjCbRT+yJ
6kIAnjOIfib6zlnBWaZR5n4aSoHUwguE
=drLo
-----END PGP SIGNATURE-----
Accepted:
nfs-common_1.1.2-6lenny1_amd64.deb
to pool/main/n/nfs-utils/nfs-common_1.1.2-6lenny1_amd64.deb
nfs-kernel-server_1.1.2-6lenny1_amd64.deb
to pool/main/n/nfs-utils/nfs-kernel-server_1.1.2-6lenny1_amd64.deb
nfs-utils_1.1.2-6lenny1.diff.gz
to pool/main/n/nfs-utils/nfs-utils_1.1.2-6lenny1.diff.gz
nfs-utils_1.1.2-6lenny1.dsc
to pool/main/n/nfs-utils/nfs-utils_1.1.2-6lenny1.dsc
Reply to: