Bug#523365: marked as done (linux-source-2.6.26: CIFS Buffer Overflow as Reported on Full Disclosure)

Thu, 09 Jul 2009 21:16:51 -0700 

Your message dated Fri, 10 Jul 2009 05:13:53 +0100
with message-id <1247199233.21924.139.ca...@deadeye>
and subject line Re: linux-source-2.6.26: CIFS Buffer Overflow as Reported on 
Full Disclosure
has caused the Debian Bug report #523365,
regarding linux-source-2.6.26: CIFS Buffer Overflow as Reported on Full 
Disclosure
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
523365: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=523365
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Package: linux-source-2.6.26
Version: 2.6.26-13
Severity: critical
Tags: security
Justification: root security hole


I don't know if this has already been reported or if you guys are already 
working 
on a fix, but I thought I should be extra sure you all heard about it:

  http://seclists.org/fulldisclosure/2009/Apr/0080.html

If this is as serious as it is advertised to be, it would be nice to see
a back patch ASAP.

thanks,
tim


-- System Information:
Debian Release: 5.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.18
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash

Versions of packages linux-source-2.6.26 depends on:
ii  binutils                      2.19.1-1   The GNU assembler, linker and bina
ii  bzip2                         1.0.5-1    high-quality block-sorting file co

Versions of packages linux-source-2.6.26 recommends:
pn  gcc                           <none>     (no description available)
ii  libc6-dev [libc-dev]          2.7-18     GNU C Library: Development Librari
ii  make                          3.81-5     The GNU version of the "make" util

Versions of packages linux-source-2.6.26 suggests:
ii  kernel-package                11.017     A utility for building Linux kerne
pn  libncurses-dev | ncurses-dev  <none>     (no description available)
pn  libqt3-mt-dev                 <none>     (no description available)

-- no debconf information

--- End Message ---
--- Begin Message --- 
This appears to be fixed in etch, lenny, squeeze and sid.

Ben.

-- 
Ben Hutchings
No political challenge can be met by shopping. - George Monbiot

Attachment: signature.asc
Description: This is a digitally signed message part


--- End Message ---

Reply via email to