On 10/09/13 14:20, Ed Maste wrote:
> This is fixed in stable/9 in r255443. The offending commit was already
> reverted from the 9.2 branch prior to 9.2-RC3 for other reasons.
I suspected that might be the case but didn't have time to look into it
yet. Thanks very much for saying so!
Please could one of the DDs on the team upload (urgency=medium or high?)
a new upstream snapshot of r255444 to unstable , which includes fixes for:
- sendfile kernel memory disclosure [SA-13:11]
(CVE-2013-5666) (Closes #722336)
- ifioctl credential checks missing [SA-13:12]
(CVE-2013-5691) (Closes: #722338)
- nullfs hardlinks across mounts [SA-13:13]
(CVE-2013-5710) (Closes: #722337)
Thanks,
Regards,
--
Steven Chamberlain
ste...@pyro.eu.org
--
To UNSUBSCRIBE, email to debian-bsd-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/522f1f07.6070...@pyro.eu.org
