Hi!
Steven Chamberlain <ste...@pyro.eu.org> writes:
> tags 706414 + pending
> thanks
>
> I've applied upstream's patch in SVN, I'm running it now on my NFS
> server and seems okay.
>
> Christoph, would you be able to do an upload of this to unstable please?
I'm building right now. As it is too late for wheezy r0 it seems we'll
need to go through either security or stable-updates for wheezy
(security Cc-ed and patch attached to get that going).
Christoph
Description:
Fix a bug that allows NFS clients to issue READDIR on files. [13:05]
(CVE-2013-3266)
Origin: vendor, http://security.freebsd.org/patches/SA-13:05/nfsserver.patch
Bug: http://security.freebsd.org/advisories/FreeBSD-SA-13:05.nfsserver.asc
Bug-Debian: http://bugs.debian.org/706414
Applied-Upstream: http://svnweb.freebsd.org/base?view=revision&revision=250060
Index: kfreebsd-9-9.0/sys/fs/nfsserver/nfs_nfsdport.c
===================================================================
--- kfreebsd-9-9.0.orig/sys/fs/nfsserver/nfs_nfsdport.c 2013-04-29
22:53:42.000000000 +0100
+++ kfreebsd-9-9.0/sys/fs/nfsserver/nfs_nfsdport.c 2013-04-29
22:54:00.428787262 +0100
@@ -1550,6 +1550,8 @@
nd->nd_repstat = NFSERR_BAD_COOKIE;
#endif
}
+ if (!nd->nd_repstat && vp->v_type != VDIR)
+ nd->nd_repstat = NFSERR_NOTDIR;
if (nd->nd_repstat == 0 && cnt == 0) {
if (nd->nd_flag & ND_NFSV2)
/* NFSv2 does not have NFSERR_TOOSMALL */
--
9FED 5C6C E206 B70A 5857 70CA 9655 22B9 D49A E731
Debian Developer | Lisp Hacker | CaCert Assurer
--
To UNSUBSCRIBE, email to debian-bsd-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/8761z357o7....@hepworth.siccegge.de
