Bug#730519: kfreebsd-10: CVE-2013-6834, CVE-2013-6833: qlxgbe/qlxge memory leaks in ioctl
On 26/11/2013 03:58, Steven Chamberlain wrote: Fixed by upstream SVN commits r258155 and r258156. That'd be MFC r258457 in stable/10. Correct? -- Robert Millan -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#730519: kfreebsd-10: CVE-2013-6834, CVE-2013-6833: qlxgbe/qlxge memory leaks in ioctl
Forgot to mention here the kfreebsd-11 package version 11.0~svn256281-1 was affected but current 11.0~svn258494-1 is already fixed. On 26/11/13 10:48, Robert Millan wrote: On 26/11/2013 03:58, Steven Chamberlain wrote: Fixed by upstream SVN commits r258155 and r258156. That'd be MFC r258457 in stable/10. Correct? Yes. Regards, -- Steven Chamberlain ste...@pyro.eu.org -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#730519: kfreebsd-10: CVE-2013-6834, CVE-2013-6833: qlxgbe/qlxge memory leaks in ioctl
Package: kfreebsd-10 Version: 10.0~svn257123-1 Severity: grave Tags: security fixed-upstream Control: fixed -1 kfreebsd-10/10.0~svn242489-1 http://seclists.org/bugtraq/2013/Nov/74 The qlxgbe and glxge drivers were introduced into kfreebsd-10 by r250661 and r252206 respectively. kfreebsd-9 and kfreebsd-8 packages do not have these drivers, but kfreebsd-9 has a similarly named qlxgb driver which does not contain the affected MPI dump code. Fixed by upstream SVN commits r258155 and r258156. -- System Information: Debian Release: 7.1 APT prefers proposed-updates APT policy: (500, 'proposed-updates'), (500, 'stable') Architecture: kfreebsd-amd64 (x86_64) Kernel: kFreeBSD 9.0-2-amd64-xenhvm Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org