Date: Fri, 26 Jun 2009 16:58:30 +0200 (CEST) From: Bjoern Engels <engels@openit.de> To: FreeBSD-gnats-submit@FreeBSD.org Cc: Bjoern Engels <engels@openit.de> Subject: ports/136070: [security] please update net-mgmt/nfsen to 1.3.2 Message-ID: <200906261458.n5QEwU17007522@flow.dus0.openit.net> Resent-Message-ID: <200906261520.n5QFK2oU086811@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 136070 >Category: ports >Synopsis: [security] please update net-mgmt/nfsen to 1.3.2 >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Fri Jun 26 15:20:01 UTC 2009 >Closed-Date: >Last-Modified: >Originator: Bjoern Engels >Release: FreeBSD 7.2-RELEASE-p2 i386 >Organization: OpenIT GmbH >Environment: System: FreeBSD foo.dus0.openit.net 7.2-RELEASE-p2 FreeBSD 7.2-RELEASE-p2 #2: Thu Jun 25 17:09:27 CEST 2009 root@foo.dus0.openit.net:/usr/obj/usr/src/sys/GENERIC i386 >Description: Quoting http://sourceforge.net/forum/forum.php?forum_id=967583 Due to double input checking, a remote command execution security bug exists in all NfSen versions 1.3 and 1.3.1. Users are requested to update to nfsen-1.3.2. >How-To-Repeat: >Fix: Upgrade to nfsen-1.3.2 >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200906261458.n5QEwU17007522>