http://security.freebsd.org/advisories/FreeBSD-SA-11:05.unix.asc (2011.09.28. ... )
On 10/23/11, Aurelien Jarno <aure...@debian.org> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > - -------------------------------------------------------------------------- > Debian Security Advisory DSA-2325-1 secur...@debian.org > http://www.debian.org/security/ Aurelien Jarno > October 23, 2011 http://www.debian.org/security/faq > - -------------------------------------------------------------------------- > > Package : kfreebsd-8 > Vulnerability : privilege escalation/denial of service > Problem type : remote > Debian-specific: no > CVE ID : CVE-2011-4062 > > Buffer overflow in the "linux emulation" support in FreeBSD kernel > allows local users to cause a denial of service (panic) and possibly > execute arbitrary code by calling the bind system call with a long path > for a UNIX-domain socket, which is not properly handled when the > address is used by other unspecified system calls. > > For the stable distribution (squeeze), this problem has been fixed in > version 8.1+dfsg-8+squeeze2. > > For the unstable distribution (sid), this problem has been fixed in > version 8.2-9. > > We recommend that you upgrade your kfreebsd-8 packages. > > Further information about Debian Security Advisories, how to apply > these updates to your system and frequently asked questions can be > found at: http://www.debian.org/security/ > > Mailing list: debian-security-annou...@lists.debian.org > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (GNU/Linux) > > iEYEARECAAYFAk6khhEACgkQXm3vHE4uylrCcwCeNLG+LOKrLBQN/sNYeq13K+3m > sAUAnRQN9dsuinAuSypdAtWd557tx4t6 > =2kA6 > -----END PGP SIGNATURE----- > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/