On Thursday 09 Apr 2009, Andreas Bogk wrote: > [snip] > fixing a remotely exploitable buffer overflow vulnerability in the > CIFS protocol. > > Neither the Linux kernel team, the CIFS maintainers nor any of the > commercial Linux distributors bothered to send out an advisory.
The advisory will be out in all the major distributions' kernel upgrade notice to this and other security lists. E.g. (to randomly pick an advisory): http://archives.neohapsis.com/archives/fulldisclosure/2009-04/0060.html Regards, -- Raju -- Raj Mathur [email protected] http://kandalaya.org/ GPG: 78D4 FC67 367F 40E2 0DD5 0FEF C968 D0EF CC68 D17F PsyTrance & Chill: http://schizoid.in/ || It is the mind that moves _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
