lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 9 Apr 2009 21:31:33 +0530
From: Raj Mathur <raju@...ux-delhi.org>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Linux Kernel CIFS Vulnerability

On Thursday 09 Apr 2009, Andreas Bogk wrote:
> [snip]
> fixing a remotely exploitable buffer overflow vulnerability in the
> CIFS protocol.
>
> Neither the Linux kernel team, the CIFS maintainers nor any of the
> commercial Linux distributors bothered to send out an advisory.

The advisory will be out in all the major distributions' kernel upgrade 
notice to this and other security lists.  E.g. (to randomly pick an 
advisory):

http://archives.neohapsis.com/archives/fulldisclosure/2009-04/0060.html

Regards,

-- Raju
-- 
Raj Mathur                raju@...dalaya.org      http://kandalaya.org/
       GPG: 78D4 FC67 367F 40E2 0DD5  0FEF C968 D0EF CC68 D17F
PsyTrance & Chill: http://schizoid.in/   ||   It is the mind that moves

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ