Processed: Re: Bug#601305: kfreebsd-8: pseudofs null ptr dereference exploit
Processing commands for cont...@bugs.debian.org: found 601305 7.0-1 Bug #601305 [kfreebsd-7] kfreebsd-8: pseudofs null ptr dereference exploit There is no source info for the package 'kfreebsd-7' at version '7.0-1' with architecture '' Unable to make a source version for version '7.0-1' Bug Marked as found in versions 7.0-1. notfound 601305 7.3-7 Bug #601305 [kfreebsd-7] kfreebsd-8: pseudofs null ptr dereference exploit There is no source info for the package 'kfreebsd-7' at version '7.3-7' with architecture '' Unable to make a source version for version '7.3-7' Bug No longer marked as found in versions 7.3-7. fixed 601305 7.3-1 Bug #601305 [kfreebsd-7] kfreebsd-8: pseudofs null ptr dereference exploit There is no source info for the package 'kfreebsd-7' at version '7.3-1' with architecture '' Unable to make a source version for version '7.3-1' Bug Marked as fixed in versions 7.3-1. thanks Stopping processing here. Please contact me if you need assistance. -- 601305: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601305 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#601305: kfreebsd-8: pseudofs null ptr dereference exploit
package: kfreebsd-7 version: 7.3-7 severity: serious tags: security another freebsd privilege escalation has been disclosed: http://www.exploit-db.com/exploits/15206/ this seems different than the recent CVE advisories. i haven't checked any of this, but they claim 7.0-7.2 are affected and don't mention 8, so who knows if its affected. all of this should be checked. thanks, mike -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#601305: kfreebsd-8: pseudofs null ptr dereference exploit
On Sun, 24 Oct 2010, Michael Gilbert wrote: package: kfreebsd-7 version: 7.3-7 severity: serious tags: security another freebsd privilege escalation has been disclosed: http://www.exploit-db.com/exploits/15206/ this seems different than the recent CVE advisories. i haven't checked any of this, but they claim 7.0-7.2 are affected and don't mention 8, so who knows if its affected. all of this should be checked. It looks like http://seclists.org/fulldisclosure/2010/Sep/107 The bug was fixed in following commit: http://svn.freebsd.org/viewvc/base?view=revisionrevision=196689 Nevertheless it was not recognized as security vulnerability. The following versions are vulnerable: 7.0-RELEASE 7.1-RELEASE 7.2-RELEASE 8.0-RELEASE (system crash only) Not vulnerable versions: 6.x-RELEASE 7.3-RELEASE 8.1-RELEASE 7-STABLE and 8-STABLE after 05/09/2009 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org