On Fri, Sep 07, 2012 at 12:17:45PM -0500, Raphael Geissert wrote:
> Package: kfreebsd-8
> Severity: grave
> Tags: security
> Control: clone -1 -2 -3
> Control: reassign -2 src:kfreebsd-9
> Control: reassign -3 src:kfreebsd-10
>
> Hi,
>
> CVE-2012-3549 has been assigned to be a remote DoS (via a NULL pointer
> dereference in the kernel) vulnerability in FreeBSD's SCTP
> implementation[1].
>
> [1] http://www.exploit-db.com/exploits/20226/
>
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
If no upstream fix is available you might want to disable SCTP in the Wheezy
kernel?
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
