From owner-freebsd-ports-bugs@FreeBSD.ORG Fri Jun 26 15:20:02 2009 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9C90E10656B2 for ; Fri, 26 Jun 2009 15:20:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 5C6918FC24 for ; Fri, 26 Jun 2009 15:20:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n5QFK2An086812 for ; Fri, 26 Jun 2009 15:20:02 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n5QFK2oU086811; Fri, 26 Jun 2009 15:20:02 GMT (envelope-from gnats) Resent-Date: Fri, 26 Jun 2009 15:20:02 GMT Resent-Message-Id: <200906261520.n5QFK2oU086811@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Bjoern Engels Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EF7D41065673 for ; Fri, 26 Jun 2009 15:16:31 +0000 (UTC) (envelope-from root@flow.dus0.openit.net) Received: from flow.dus0.openit.net (flow.dus0.openit.net [217.69.91.240]) by mx1.freebsd.org (Postfix) with ESMTP id 8E0438FC1A for ; Fri, 26 Jun 2009 15:16:31 +0000 (UTC) (envelope-from root@flow.dus0.openit.net) Received: from flow.dus0.openit.net (localhost [127.0.0.1]) by flow.dus0.openit.net (8.14.3/8.14.3) with ESMTP id n5QEwUK8008332; Fri, 26 Jun 2009 16:58:30 +0200 (CEST) (envelope-from root@flow.dus0.openit.net) Received: (from root@localhost) by flow.dus0.openit.net (8.14.3/8.14.3/Submit) id n5QEwU17007522; Fri, 26 Jun 2009 16:58:30 +0200 (CEST) (envelope-from root) Message-Id: <200906261458.n5QEwU17007522@flow.dus0.openit.net> Date: Fri, 26 Jun 2009 16:58:30 +0200 (CEST) From: Bjoern Engels To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: Bjoern Engels Subject: ports/136070: [security] please update net-mgmt/nfsen to 1.3.2 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 Jun 2009 15:20:03 -0000 >Number: 136070 >Category: ports >Synopsis: [security] please update net-mgmt/nfsen to 1.3.2 >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Fri Jun 26 15:20:01 UTC 2009 >Closed-Date: >Last-Modified: >Originator: Bjoern Engels >Release: FreeBSD 7.2-RELEASE-p2 i386 >Organization: OpenIT GmbH >Environment: System: FreeBSD foo.dus0.openit.net 7.2-RELEASE-p2 FreeBSD 7.2-RELEASE-p2 #2: Thu Jun 25 17:09:27 CEST 2009 root@foo.dus0.openit.net:/usr/obj/usr/src/sys/GENERIC i386 >Description: Quoting http://sourceforge.net/forum/forum.php?forum_id=967583 Due to double input checking, a remote command execution security bug exists in all NfSen versions 1.3 and 1.3.1. Users are requested to update to nfsen-1.3.2. >How-To-Repeat: >Fix: Upgrade to nfsen-1.3.2 >Release-Note: >Audit-Trail: >Unformatted: