Bug#645377: marked as done (kfreebsd-8: Buffer overflow in handling of UNIX socket addresses)

Sat, 15 Oct 2011 04:30:24 -0700 

Your message dated Sat, 15 Oct 2011 13:26:56 +0200
with message-id 
<caofdtxp+oezwtzreug5zedhphim4gtj+lmadm8hgpss9bpk...@mail.gmail.com>
and subject line Re: Bug#645377: kfreebsd-8: Buffer overflow in handling of 
UNIX socket addresses
has caused the Debian Bug report #645377,
regarding kfreebsd-8: Buffer overflow in handling of UNIX socket addresses
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
645377: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=645377
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
package: kfreebsd-8
version: 8.1
severity: serious
tag: security , patch

A buffer overflow issue in kfreebsd has been disclosed [0] along with a
poc [1]. patch is available [2].

I've only checked the kfreebsd-8 source, but the description says -7 is
affected, and 9- and higher may be as well; I haven't checked those.

Best wishes,
Mike

[0] http://www.securityfocus.com/archive/1/519864/30/0/threaded
[1] http://www.exploit-db.com/exploits/17908/
[2] http://security.freebsd.org/patches/SA-11:05/unix.patch

--- End Message ---
--- Begin Message --- 
Version: 9.0~svn225873-1

Fixed in kfreebsd-9.

2011/10/15 Michael Gilbert <[email protected]>:
> package: kfreebsd-8
> version: 8.1
> severity: serious
> tag: security , patch
>
> A buffer overflow issue in kfreebsd has been disclosed [0] along with a
> poc [1]. patch is available [2].
>
> I've only checked the kfreebsd-8 source, but the description says -7 is
> affected, and 9- and higher may be as well; I haven't checked those.
>
> Best wishes,
> Mike
>
> [0] http://www.securityfocus.com/archive/1/519864/30/0/threaded
> [1] http://www.exploit-db.com/exploits/17908/
> [2] http://security.freebsd.org/patches/SA-11:05/unix.patch
>
>
>
> --
> To UNSUBSCRIBE, email to [email protected]
> with a subject of "unsubscribe". Trouble? Contact [email protected]
> Archive: 
> http://lists.debian.org/[email protected]
>
>



-- 
Robert Millan

--- End Message ---

Reply via email to