Source: zfs-linux X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security
Hi, The following vulnerability was published for zfs-linux. CVE-2013-20001[0]: | An issue was discovered in OpenZFS through 2.0.3. When an NFS share | is exported to IPv6 addresses via the sharenfs feature, there is a | silent failure to parse the IPv6 address data, and access is allowed | to everyone. IPv6 restrictions from the configuration are not | applied. https://github.com/openzfs/zfs/commit/6cb5e1e7591da20af3a15793e022345a73e40fb7 (zfs-2.2.0-rc1) If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2013-20001 https://www.cve.org/CVERecord?id=CVE-2013-20001 Please adjust the affected versions in the BTS as needed.