Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 18 May 2012 11:41:48 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE Request -- kernel: incomplete fix for CVE-2011-4131

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 05/18/2012 05:30 AM, Petr Matousek wrote:
> The fix for CVE-2011-4131 was not complete. Malicious NFS server
> could still crash the clients when more than 2 GETATTR bitmap words
> are returned in response to the FATTR4_ACL attribute request.
> 
> Upstream fixes: 20e0fa98b751facf9a1101edaefbc19c82616a68 
> 5794d21ef4639f0e33440927bb903f9598c21e92 
> 5a00689930ab975fdd1b37b034475017e460cf2a
> 
> Reference: https://bugzilla.redhat.com/show_bug.cgi?id=822869
> 
> Thanks,

Please use CVE-2012-2375 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJPtoncAAoJEBYNRVNeJnmTEn4P/ivawBkc6pRsnsqOot1eIm0h
J4CP3vC5yEu4qUZloUt/hOqw6XUiKOsfbEozClJ4txn8YJc62Wl6xee9BjQl+dOB
BIAKfkhEns3MIgoc+L4ODE76Vyamn1jtABX6DhLShREEY2HCXArO1IHMhfW8u9FQ
AFowP05JPBasVb4w6Xzb+MMvbREgyO40q0Zs10Uk5IxHbeDX0jqqRJsgXOmIk6KZ
UIZN4s9e2dGWQ0N1j/l8WQa+08Cg6DEaHIj8zybU86b2mzblPRx3Jh98YNruam0f
JFgU9/dIBWMrZXg1iX1xMzLGkY3p4fW+k33RR6dzuL0gu7QvP0yj3MGFr2CFmvHI
r+yz8bVXMpWd5Evn2B8SCgc7SqpfwK1GHbGqg5k6v0SZbxIlaut8znEFoqpCEkAj
My/4S2AfDNRcSbzlRjyvNQroyBXt51P4lCsRZ86OYgEmB+FsCTJzj/F2U3cnIz41
KP2nA4+tJZOoUKjLanwrBxLlCgZGX5TEl1Rj/1PO2tWNqiLXQjO1Owa9wsfLAFwJ
b3MSjcaDJQmeXp2Ya6l18Zsh21pmsDrPQavR98YrsO4BOhajsno2Bj8mdytjCmZd
MShMw2ItAbF004DF+xnmc+e+PZuc2iqTy+X7VZNWaj3hIncCGMWiF/L/F6UghtTS
H0LIgJP8nwsp/4cmYHsZ
=wG27
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.