CVE-2011-1925 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1925): nbd-server.c in Network Block Device (nbd-server) 2.9.21 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by causing a negotiation failure, as demonstrated by specifying a name for a non-existent export. Is 2.9.22 ok to go stable?
that's fine
(In reply to comment #1) > that's fine Great, thanks. Arches, please test and mark stable: =sys-block/nbd-2.9.22 Target keywords : "amd64 ppc ppc64 x86"
x86 stable
amd64 ok
ditto
amd64 stable
ppc64 done
ppc stable, last arch done
Thanks, folks. GLSA Vote: Yes.
Vote: YES. Added to pending GLSA request.
This issue was resolved and addressed in GLSA 201206-35 at http://security.gentoo.org/glsa/glsa-201206-35.xml by GLSA coordinator Stefan Behte (craig).