From owner-freebsd-security@FreeBSD.ORG Tue May 26 17:36:47 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3F0461065672 for ; Tue, 26 May 2009 17:36:47 +0000 (UTC) (envelope-from bounces@nabble.com) Received: from kuber.nabble.com (kuber.nabble.com [216.139.236.158]) by mx1.freebsd.org (Postfix) with ESMTP id 1292A8FC1B for ; Tue, 26 May 2009 17:36:47 +0000 (UTC) (envelope-from bounces@nabble.com) Received: from isper.nabble.com ([192.168.236.156]) by kuber.nabble.com with esmtp (Exim 4.63) (envelope-from ) id 1M90Ic-0003SW-F9 for freebsd-security@freebsd.org; Tue, 26 May 2009 10:18:50 -0700 Message-ID: <23727599.post@talk.nabble.com> Date: Tue, 26 May 2009 10:18:50 -0700 (PDT) From: Jakub Lach To: freebsd-security@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Nabble-From: jakub_lach@mailplus.pl X-Mailman-Approved-At: Tue, 26 May 2009 17:42:49 +0000 Subject: FYI Lighttpd 1.4.23 /kernel (trailing '/' on regular file symlink) vulnerability X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2009 17:36:47 -0000 http://www.milw0rm.com/exploits/8786 http://redmine.lighttpd.net/issues/1989 http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/21768 affected: FreeBSD, OSX, Solaris < 10 not affected: Linux, NetBSD, OpenBSD, DragonflyBSD, Solaris 10 -- View this message in context: http://www.nabble.com/FYI-Lighttpd-1.4.23--kernel-%28trailing-%27-%27-on-regular-file-symlink%29-vulnerability-tp23727599p23727599.html Sent from the freebsd-security mailing list archive at Nabble.com.