On Mon, Jun 07, 2010 at 06:15:47PM +0200, Moritz Muehlenhoff wrote: > Package: kfreebsd-8 > Severity: grave > Tags: security > > Hi, > the following CVE IDs have been published for FreeBSD, please > check whether they need to be fixed for kfreebsd and whether > kfreebsd-6 and kfreebsd-7 from Lenny are affected: > > CVE-2010-2022: > http://security.FreeBSD.org/advisories/FreeBSD-SA-10:04.jail.asc
We don't yet provide (yet) the jail binary, so we are not vulnerable to this one. > CVE-2010-2020: > http://security.FreeBSD.org/advisories/FreeBSD-SA-10:06.nfsclient.asc > On the other hand, the kfreebsd* packages are affected by this bug, though not with the default configuration. I'll do an upload to unstable with high urgency, but I don't think it deserve a fix in lenny. I'll upload the security tracker accordingly. -- Aurelien Jarno GPG: 1024D/F1BCDB73 aurel...@aurel32.net http://www.aurel32.net -- To UNSUBSCRIBE, email to debian-bsd-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100608125325.gm30...@hall.aurel32.net
