FreeBSD Mail Archives

Date:      Sat, 13 Aug 2011 09:31:53 GMT
From:      Ansgar Burchardt <ansgar@debian.org>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   ports/159736: sysutils/dtc: many security issues
Message-ID:  <201108130931.p7D9Vrfs035676@red.freebsd.org>
Resent-Message-ID: <201108130940.p7D9e3Mu086089@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help


>Number:         159736
>Category:       ports
>Synopsis:       sysutils/dtc: many security issues
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Aug 13 09:40:03 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator:     Ansgar Burchardt
>Release:        
>Organization:
>Environment:
>Description:
The FreeBSD ports collection appears to distribute dtc/0.32.0.1 which has many security issues allowing full access even without an account.

These include CVE-2011-0434, CVE-2011-0435, CVE-2011-0436, CVE-2011-0437[1].
Please be also aware of current issues[2].

Regards,
Ansgar

[1] <http://www.debian.org/security/2011/dsa-2179>;
[2] <http://seclists.org/oss-sec/2011/q3/326>;
    <http://bugs.debian.org/src:dtc>;

>How-To-Repeat:

>Fix:


>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201108130931.p7D9Vrfs035676>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation