Package: src:kfreebsd-10
Version: 10.0~svn253832-1
Severity: grave
Tags: security upstream
Control: found -1 kfreebsd-10/10.0~svn225709-1
http://security.FreeBSD.org/advisories/FreeBSD-SA-13:09.ip_multicast.asc
integer overflow in IP_MSFILTER
An integer overflow in computing the size of a temporary buffer can
result in a buffer which is too small for the requested operation.
An unprivileged process can read or write pages of memory which
belong to the kernel. These may lead to exposure of sensitive
information or allow privilege escalation.
kfreebsd-8 and kfreebsd-9 in wheezy will need the patch from r254629
kfreebsd-9 in jessie/sid will need updating to r254630 or later
kfreebsd-10 in experimental will need updating to r254629 or later
kfreebsd-8 8.1 in oldstable looks to be affected too (likely introduced
in r189592 or earlier). The same patch should be suitable.
-- System Information:
Debian Release: 7.1
APT prefers proposed-updates
APT policy: (500, 'proposed-updates'), (500, 'stable')
Architecture: kfreebsd-amd64 (x86_64)
Kernel: kFreeBSD 9.0-2-amd64-xenhvm
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages kfreebsd-image-9.0-2-amd64-xenhvm depends on:
ii devd 9.0-10+deb70.2
ii freebsd-utils 9.0-10+deb70.2
ii kbdcontrol 9.0-10+deb70.2
ii kldutils 9.0-10+deb70.2
kfreebsd-image-9.0-2-amd64-xenhvm recommends no packages.
kfreebsd-image-9.0-2-amd64-xenhvm suggests no packages.
-- no debconf information
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org