Your message dated Mon, 14 Feb 2011 08:03:46 +0100 (CET)
with message-id <[email protected]>
and subject line Re: Bug#613311: kfreebsd: kernel leak
has caused the Debian Bug report #613311,
regarding kfreebsd: kernel leak
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
613311: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=613311
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
package: kfreebsd-8
version: 8.1+dfsg-7.1
severity: important
tags: security
an exploit has been posted for freebsd using a kernel leak and their
ftpd [0]. it's against an ancient version of freebsd (5.3), so it may
not affect newer versions. i don't have time to verify whether any of
the claims actually affect the debian kfreebsd. i would suggest
discussing this with upstream.
best wishes,
mike
[0] http://www.exploit-db.com/exploits/16119/
--- End Message ---
--- Begin Message ---
an exploit has been posted for freebsd using a kernel leak and their
ftpd [0]. it's against an ancient version of freebsd (5.3), so it may
not affect newer versions. i don't have time to verify whether any of
the claims actually affect the debian kfreebsd. i would suggest
discussing this with upstream.
[0] http://www.exploit-db.com/exploits/16119/
The description clearly references to FreeBSD-SA-05:02.sendfile [1],
It is fixed in 5.4 and later releases.
Petr
[1] http://security.freebsd.org/advisories/FreeBSD-SA-05:02.sendfile.asc
--- End Message ---
