Date: Mon, 04 May 2009 10:45:54 +0800 From: Eugene Teo <eugene@...hat.com> To: oss-security@...ts.openwall.com Subject: CVE-2009-1184 selinux: skipped node/port send checks in the compat_net=1 case Not upstream in 2.6.30, as the function was removed there. Node and port send checks can skip in the compat_net=1 case. This bug was introduced in commit effad8d. This is fixed in 188.8.131.52 and 184.108.40.206. I believe it will be fixed in 2.6.29.y soon.  http://lwn.net/Articles/331434/  http://lwn.net/Articles/331435/ Thanks, Eugene
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ