Debian Bug report logs - #611476
Subject: kfreebsd-8: local denial of service

version graph

Package: kfreebsd-8; Maintainer for kfreebsd-8 is GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>;

Reported by: recoverym4n@gmail.com

Date: Sat, 29 Jan 2011 19:00:01 UTC

Severity: important

Tags: security

Merged with 613312

Found in version 8.1+dfsg-7.1

Fixed in versions kfreebsd-8/8.2-1, kfreebsd-8/8.1+dfsg-8

Done: Aurelien Jarno <aurel32@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>:
Bug#611476; Package kfreebsd-image-8.1-1-686. (Sat, 29 Jan 2011 19:00:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to recoverym4n@gmail.com:
New Bug report received and forwarded. Copy sent to GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>. (Sat, 29 Jan 2011 19:00:04 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: recoverym4n@gmail.com
To: root@kfbsd.kvm
Cc: To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Subject: kfreebsd-8: local denial of service
Date: Sat, 29 Jan 2011 21:56:05 +0300
Package: kfreebsd-image-8.1-1-686
Version: 8.1+dfsg-7.1
Severity: important

Originally reported here:

http://seclists.org/bugtraq/2011/Jan/181

It should be mentioned that current version of kfreebsd-image is also 
affected. It is also possible to reproduce forced reboot using qemu-kvm.

-- System Information:
Debian Release: 6.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: kfreebsd-i386 (i686)

Kernel: kFreeBSD 8.1-1-686
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages kfreebsd-image-8.1-1-686 depends on:
ii  freebsd-utils                 8.1-3.1    FreeBSD utilities needed for GNU/k
ii  kldutils                      8.1-3.1    tools for managing kFreeBSD module

Versions of packages kfreebsd-image-8.1-1-686 recommends:
pn  libc0.1-i686                  <none>     (no description available)

kfreebsd-image-8.1-1-686 suggests no packages.

-- no debconf information




Information stored :
Bug#611476; Package kfreebsd-image-8.1-1-686. (Sun, 30 Jan 2011 11:27:06 GMT) Full text and rfc822 format available.

Acknowledgement sent to Petr Salinger <Petr.Salinger@seznam.cz>:
Extra info received and filed, but not forwarded. (Sun, 30 Jan 2011 11:27:06 GMT) Full text and rfc822 format available.

Message #10 received at 611476-quiet@bugs.debian.org (full text, mbox):

From: Petr Salinger <Petr.Salinger@seznam.cz>
To: 611476-quiet@bugs.debian.org
Subject: kfreebsd-8: local denial of service
Date: Sun, 30 Jan 2011 12:28:20 +0100 (CET)
the upstream discussion:

http://lists.freebsd.org/pipermail/freebsd-security/2011-January/005758.html





Information stored :
Bug#611476; Package kfreebsd-image-8.1-1-686. (Fri, 04 Feb 2011 07:51:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Petr Salinger <Petr.Salinger@seznam.cz>:
Extra info received and filed, but not forwarded. (Fri, 04 Feb 2011 07:51:03 GMT) Full text and rfc822 format available.

Message #15 received at 611476-quiet@bugs.debian.org (full text, mbox):

From: Petr Salinger <Petr.Salinger@seznam.cz>
To: recoverym4n@gmail.com, 611476-quiet@bugs.debian.org
Subject: kfreebsd-8: local denial of service
Date: Fri, 4 Feb 2011 08:51:25 +0100 (CET)
> It should be mentioned that current version of kfreebsd-image is also
> affected. It is also possible to reproduce forced reboot using qemu-kvm.

Not for me. The host is current squeeze (linux-)amd64 machine,
the guest uses kfreebsd-image-8.1-1-686 8.1+dfsg-7.1, with:

# lspci
00:00.0 Host bridge: Intel Corporation 440FX - 82441FX PMC [Natoma] (rev 02)
00:01.0 ISA bridge: Intel Corporation 82371SB PIIX3 ISA [Natoma/Triton II]
00:01.1 IDE interface: Intel Corporation 82371SB PIIX3 IDE [Natoma/Triton II]
00:01.3 Bridge: Intel Corporation 82371AB/EB/MB PIIX4 ACPI (rev 03)
00:02.0 VGA compatible controller: Cirrus Logic GD 5446
00:03.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL-8139/8139C/8139C+ (rev 20)

# cat /proc/cpuinfo
processor       : 0
vendor_id       : GenuineIntel
cpu family      : 6
model           : 7
model name      : QEMU Virtual CPU version 0.12.5
stepping        : 3
flags           : fpu de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 mmx fxsr xmm sse2
cpu MHz         : 2667.14
bogomips        : 2667.14

Petr





Information stored :
Bug#611476; Package kfreebsd-image-8.1-1-686. (Fri, 04 Feb 2011 20:36:06 GMT) Full text and rfc822 format available.

Acknowledgement sent to recoverym4n@gmail.com:
Extra info received and filed, but not forwarded. (Fri, 04 Feb 2011 20:36:06 GMT) Full text and rfc822 format available.

Message #20 received at 611476-quiet@bugs.debian.org (full text, mbox):

From: recoverym4n@gmail.com
To: Petr Salinger <Petr.Salinger@seznam.cz>
Cc: 611476-quiet@bugs.debian.org
Subject: Re: kfreebsd-8: local denial of service
Date: Fri, 4 Feb 2011 23:33:57 +0300
 Works for me every time I try it.

$ sudo lspci 
00:00.0 Host bridge: Intel Corporation 440FX - 82441FX PMC [Natoma] (rev 02)
00:01.0 ISA bridge: Intel Corporation 82371SB PIIX3 ISA [Natoma/Triton II]
00:01.1 IDE interface: Intel Corporation 82371SB PIIX3 IDE [Natoma/Triton II]
00:01.2 USB Controller: Intel Corporation 82371SB PIIX3 USB [Natoma/Triton II]
(rev 01) 00:01.3 Bridge: Intel Corporation 82371AB/EB/MB PIIX4 ACPI (rev 03)
00:02.0 VGA compatible controller: VMware SVGA II Adapter
00:03.0 RAM memory: Red Hat, Inc Virtio memory balloon
00:04.0 Ethernet controller: Intel Corporation 82540EM Gigabit Ethernet
Controller (rev 03) 00:05.0 SCSI storage controller: LSI Logic / Symbios Logic
53c895a

$ cat /proc/cpuinfo 
processor	: 0
vendor_id	: GenuineIntel
cpu family	: 6
model		: 7
model name	: QEMU Virtual CPU version 0.12.5
stepping	: 3
flags		: fpu de pse tsc msr pae mce cx8 apic sep mtrr pge mca
cmov pat pse36 mmx fxsr xmm sse2 cpu MHz		: 2405.52
bogomips	: 2405.52

 Guest configuration is kfreebsd-i386, host is squeeze linux-amd64.

On Fri, 4 Feb 2011 08:51:25 +0100 (CET)
Petr Salinger <Petr.Salinger@seznam.cz> wrote:

> Not for me. The host is current squeeze (linux-)amd64 machine,
> the guest uses kfreebsd-image-8.1-1-686 8.1+dfsg-7.1, with:
>
> ..skip
> 
> Petr
> 




Information stored :
Bug#611476; Package kfreebsd-image-8.1-1-686. (Fri, 04 Feb 2011 20:48:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Petr Salinger <Petr.Salinger@seznam.cz>:
Extra info received and filed, but not forwarded. (Fri, 04 Feb 2011 20:48:03 GMT) Full text and rfc822 format available.

Message #25 received at 611476-quiet@bugs.debian.org (full text, mbox):

From: Petr Salinger <Petr.Salinger@seznam.cz>
To: recoverym4n@gmail.com
Cc: 611476-quiet@bugs.debian.org
Subject: Re: kfreebsd-8: local denial of service
Date: Fri, 4 Feb 2011 21:48:42 +0100 (CET)

On Fri, 4 Feb 2011 recoverym4n@gmail.com wrote:

> Works for me every time I try it.
>
> $ sudo lspci
> 00:00.0 Host bridge: Intel Corporation 440FX - 82441FX PMC [Natoma] (rev 02)
> 00:01.0 ISA bridge: Intel Corporation 82371SB PIIX3 ISA [Natoma/Triton II]
> 00:01.1 IDE interface: Intel Corporation 82371SB PIIX3 IDE [Natoma/Triton II]
> 00:01.2 USB Controller: Intel Corporation 82371SB PIIX3 USB [Natoma/Triton II]
> (rev 01) 00:01.3 Bridge: Intel Corporation 82371AB/EB/MB PIIX4 ACPI (rev 03)
> 00:02.0 VGA compatible controller: VMware SVGA II Adapter
> 00:03.0 RAM memory: Red Hat, Inc Virtio memory balloon
> 00:04.0 Ethernet controller: Intel Corporation 82540EM Gigabit Ethernet
> Controller (rev 03) 00:05.0 SCSI storage controller: LSI Logic / Symbios Logic
> 53c895a
> Guest configuration is kfreebsd-i386, host is squeeze linux-amd64.

The patch proposed by upstream is in
http://lists.freebsd.org/pipermail/svn-src-all/2011-February/035066.html
It would be nice, if you can test it.
I can prepare the kernel image, iff needed.

Petr




Information stored :
Bug#611476; Package kfreebsd-image-8.1-1-686. (Fri, 04 Feb 2011 21:15:07 GMT) Full text and rfc822 format available.

Acknowledgement sent to recoverym4n@gmail.com:
Extra info received and filed, but not forwarded. (Fri, 04 Feb 2011 21:15:08 GMT) Full text and rfc822 format available.

Message #30 received at 611476-quiet@bugs.debian.org (full text, mbox):

From: recoverym4n@gmail.com
To: Petr Salinger <Petr.Salinger@seznam.cz>
Cc: 611476-quiet@bugs.debian.org
Subject: Re: kfreebsd-8: local denial of service
Date: Sat, 5 Feb 2011 00:11:11 +0300
 Please make the image. I'm short on a bandwidth ATM, so there is a noticeable
difference for me between downloading a kernel source and build depends and a
simple pre-built kernel image.
 
On Fri, 4 Feb 2011 21:48:42 +0100 (CET)
Petr Salinger <Petr.Salinger@seznam.cz> wrote:

> The patch proposed by upstream is in
> http://lists.freebsd.org/pipermail/svn-src-all/2011-February/035066.html
> It would be nice, if you can test it.
> I can prepare the kernel image, iff needed.
> 
> Petr




Information stored :
Bug#611476; Package kfreebsd-image-8.1-1-686. (Sat, 05 Feb 2011 06:39:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Petr Salinger <Petr.Salinger@seznam.cz>:
Extra info received and filed, but not forwarded. (Sat, 05 Feb 2011 06:39:03 GMT) Full text and rfc822 format available.

Message #35 received at 611476-quiet@bugs.debian.org (full text, mbox):

From: Petr Salinger <Petr.Salinger@seznam.cz>
To: recoverym4n@gmail.com, 611476-quiet@bugs.debian.org
Subject: Re: kfreebsd-8: local denial of service
Date: Sat, 5 Feb 2011 07:40:53 +0100 (CET)
> Please make the image.

http://io.debian.net/~salinger/kfreebsd-image-8.1-1-686_8.1+dfsg-7.2_kfreebsd-i386.deb

Thanks for testing it.

	Petr





Information stored :
Bug#611476; Package kfreebsd-image-8.1-1-686. (Sat, 05 Feb 2011 12:03:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to recoverym4n@gmail.com:
Extra info received and filed, but not forwarded. (Sat, 05 Feb 2011 12:03:03 GMT) Full text and rfc822 format available.

Message #40 received at 611476-quiet@bugs.debian.org (full text, mbox):

From: recoverym4n@gmail.com
To: Petr Salinger <Petr.Salinger@seznam.cz>
Cc: 611476-quiet@bugs.debian.org
Subject: Re: kfreebsd-8: local denial of service
Date: Sat, 5 Feb 2011 14:59:29 +0300
 Yes, apparently this patch fixes it.

$ gcc -o freebsdrip freebsdrip.c
freebsdrip.c: In function ‘main’:
freebsdrip.c:17: warning: incompatible implicit declaration of built-in
function ‘printf’

$ ./freebsdrip
SUCCESS!
SUCCESS!
SUCCESS!

And … nothing else happens. System still working, syslog doesn't show anything.

On Sat, 5 Feb 2011 07:40:53 +0100 (CET)
Petr Salinger <Petr.Salinger@seznam.cz> wrote:

> > Please make the image.
> 
> http://io.debian.net/~salinger/kfreebsd-image-8.1-1-686_8.1+dfsg-7.2_kfreebsd-i386.deb
> 
> Thanks for testing it.
> 
>  	Petr
> 




Bug reassigned from package 'kfreebsd-image-8.1-1-686' to 'kfreebsd-8'. Request was from Petr Salinger <Petr.Salinger@seznam.cz> to control@bugs.debian.org. (Mon, 14 Feb 2011 07:21:08 GMT) Full text and rfc822 format available.

Bug No longer marked as found in versions kfreebsd-8/8.1+dfsg-7.1. Request was from Petr Salinger <Petr.Salinger@seznam.cz> to control@bugs.debian.org. (Mon, 14 Feb 2011 07:21:08 GMT) Full text and rfc822 format available.

Forcibly Merged 611476 613312. Request was from Petr Salinger <Petr.Salinger@seznam.cz> to control@bugs.debian.org. (Mon, 14 Feb 2011 07:21:09 GMT) Full text and rfc822 format available.

Reply sent to Aurelien Jarno <aurel32@debian.org>:
You have taken responsibility. (Sun, 20 Feb 2011 00:51:35 GMT) Full text and rfc822 format available.

Notification sent to recoverym4n@gmail.com:
Bug acknowledged by developer. (Sun, 20 Feb 2011 00:51:36 GMT) Full text and rfc822 format available.

Message #51 received at 611476-close@bugs.debian.org (full text, mbox):

From: Aurelien Jarno <aurel32@debian.org>
To: 611476-close@bugs.debian.org
Subject: Bug#611476: fixed in kfreebsd-8 8.2-1
Date: Sun, 20 Feb 2011 00:48:29 +0000
Source: kfreebsd-8
Source-Version: 8.2-1

We believe that the bug you reported is fixed in the latest version of
kfreebsd-8, which is due to be installed in the Debian FTP archive:

kfreebsd-8_8.2-1.diff.gz
  to main/k/kfreebsd-8/kfreebsd-8_8.2-1.diff.gz
kfreebsd-8_8.2-1.dsc
  to main/k/kfreebsd-8/kfreebsd-8_8.2-1.dsc
kfreebsd-8_8.2.orig.tar.gz
  to main/k/kfreebsd-8/kfreebsd-8_8.2.orig.tar.gz
kfreebsd-headers-8-amd64_8.2-1_kfreebsd-amd64.deb
  to main/k/kfreebsd-8/kfreebsd-headers-8-amd64_8.2-1_kfreebsd-amd64.deb
kfreebsd-headers-8.2-1-amd64_8.2-1_kfreebsd-amd64.deb
  to main/k/kfreebsd-8/kfreebsd-headers-8.2-1-amd64_8.2-1_kfreebsd-amd64.deb
kfreebsd-headers-8.2-1_8.2-1_kfreebsd-amd64.deb
  to main/k/kfreebsd-8/kfreebsd-headers-8.2-1_8.2-1_kfreebsd-amd64.deb
kfreebsd-image-8-amd64_8.2-1_kfreebsd-amd64.deb
  to main/k/kfreebsd-8/kfreebsd-image-8-amd64_8.2-1_kfreebsd-amd64.deb
kfreebsd-image-8.2-1-amd64_8.2-1_kfreebsd-amd64.deb
  to main/k/kfreebsd-8/kfreebsd-image-8.2-1-amd64_8.2-1_kfreebsd-amd64.deb
kfreebsd-source-8.2_8.2-1_all.deb
  to main/k/kfreebsd-8/kfreebsd-source-8.2_8.2-1_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 611476@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Aurelien Jarno <aurel32@debian.org> (supplier of updated kfreebsd-8 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sat, 19 Feb 2011 23:01:52 +0100
Source: kfreebsd-8
Binary: kfreebsd-source-8.2 kfreebsd-headers-8.2-1 kfreebsd-image-8.2-1-amd64 kfreebsd-image-8-amd64 kfreebsd-headers-8.2-1-amd64 kfreebsd-headers-8-amd64 kfreebsd-image-8.2-1-486 kfreebsd-image-8-486 kfreebsd-headers-8.2-1-486 kfreebsd-headers-8-486 kfreebsd-image-8.2-1-686 kfreebsd-image-8-686 kfreebsd-headers-8.2-1-686 kfreebsd-headers-8-686 kfreebsd-image-8.2-1-686-smp kfreebsd-image-8-686-smp kfreebsd-headers-8.2-1-686-smp kfreebsd-headers-8-686-smp kfreebsd-image-8.2-1-xen kfreebsd-image-8-xen kfreebsd-headers-8.2-1-xen kfreebsd-headers-8-xen kfreebsd-image-8.2-1-malta kfreebsd-image-8-malta kfreebsd-headers-8.2-1-malta kfreebsd-headers-8-malta
Architecture: source all kfreebsd-amd64
Version: 8.2-1
Distribution: unstable
Urgency: low
Maintainer: Aurelien Jarno <aurel32@debian.org>
Changed-By: Aurelien Jarno <aurel32@debian.org>
Description: 
 kfreebsd-headers-8-486 - header files for kernel of FreeBSD 8
 kfreebsd-headers-8-686 - header files for kernel of FreeBSD 8
 kfreebsd-headers-8-686-smp - header files for kernel of FreeBSD 8
 kfreebsd-headers-8-amd64 - header files for kernel of FreeBSD 8
 kfreebsd-headers-8-malta - header files for kernel of FreeBSD 8
 kfreebsd-headers-8-xen - header files for kernel of FreeBSD 8
 kfreebsd-headers-8.2-1 - Common architecture-specific header files for kernel of FreeBSD 8
 kfreebsd-headers-8.2-1-486 - header files for kernel of FreeBSD 8.2
 kfreebsd-headers-8.2-1-686 - header files for kernel of FreeBSD 8.2
 kfreebsd-headers-8.2-1-686-smp - header files for kernel of FreeBSD 8.2
 kfreebsd-headers-8.2-1-amd64 - header files for kernel of FreeBSD 8.2
 kfreebsd-headers-8.2-1-malta - header files for kernel of FreeBSD 8.2
 kfreebsd-headers-8.2-1-xen - header files for kernel of FreeBSD 8.2
 kfreebsd-image-8-486 - kernel of FreeBSD 8 image
 kfreebsd-image-8-686 - kernel of FreeBSD 8 image
 kfreebsd-image-8-686-smp - kernel of FreeBSD 8 image
 kfreebsd-image-8-amd64 - kernel of FreeBSD 8 image
 kfreebsd-image-8-malta - kernel of FreeBSD 8 image
 kfreebsd-image-8-xen - kernel of FreeBSD 8 image
 kfreebsd-image-8.2-1-486 - kernel of FreeBSD 8.2 image
 kfreebsd-image-8.2-1-686 - kernel of FreeBSD 8.2 image
 kfreebsd-image-8.2-1-686-smp - kernel of FreeBSD 8.2 image
 kfreebsd-image-8.2-1-amd64 - kernel of FreeBSD 8.2 image
 kfreebsd-image-8.2-1-malta - kernel of FreeBSD 8.2 image
 kfreebsd-image-8.2-1-xen - kernel of FreeBSD 8.2 image
 kfreebsd-source-8.2 - source code for kernel of FreeBSD 8.2 with Debian patches
Closes: 583848 600061 602768 608995 609681 611476 613312
Changes: 
 kfreebsd-8 (8.2-1) unstable; urgency=low
 .
   [ Robert Millan ]
   * New upstream release.
     - 000_adaptive_machine_arch.diff: Remove (merged).
     - 000_ata.diff: Remove (merged).
     - 000_ufs_lookup.diff: Remove (merged).
     - 004_xargs.diff: Resync.
     - 102_POLL_HUP.diff: Remove (merged).
     - 104_linprocfs.diff: Remove (merged).
     - 904_dev_full.diff: Resync.
     - 999_firmware.diff: Resync.
   * Make this package buildable on GNU/Linux. Closes: #602768.
   * MIPS port (with malta flavor).
 .
   [ Petr Salinger ]
   * New upstream release, fixes local DoS. Closes: #611476, #613312.
     - 105_apm_amd64.diff: Resync.
     - 907_cpu_class.diff: Resync.
   * Extend 108_teken_utf8_table.diff for middle-dot l/L.
     Closes: #609681. Thanks to Robert Millan.
   * Add xen flavor on i386.
   * Enable quota.  Closes: #608995.
 .
   [ Aurelien Jarno ]
   * Enable CARP, PF and PFSYNC.  Closes: #583848, #600061.
Checksums-Sha1: 
 7307bed587381eac12740515773636f3a7baa2b6 2032 kfreebsd-8_8.2-1.dsc
 cd98de0934c8df9ef8ee31573be51a11190f6bc9 28312093 kfreebsd-8_8.2.orig.tar.gz
 29683539400035b2e94e305f5434a6d269ce5a97 84740 kfreebsd-8_8.2-1.diff.gz
 3a2ee3a390b74704fe5062cedb8a50df27c2597b 18710732 kfreebsd-source-8.2_8.2-1_all.deb
 6018961e91370a42632b3f99a476fee2a33d0f3a 7294248 kfreebsd-headers-8.2-1_8.2-1_kfreebsd-amd64.deb
 fe1f877eed14666072d4cc92dfd7285cbf45a1c5 11120716 kfreebsd-image-8.2-1-amd64_8.2-1_kfreebsd-amd64.deb
 909bb921117e8ca245c0ca1cdb5e393693912df2 47750 kfreebsd-image-8-amd64_8.2-1_kfreebsd-amd64.deb
 e6789aefe3142011680b6685d55904d64b1720ac 320276 kfreebsd-headers-8.2-1-amd64_8.2-1_kfreebsd-amd64.deb
 dad55bd03352d565ad0e12ebc81e07aae33cb664 47752 kfreebsd-headers-8-amd64_8.2-1_kfreebsd-amd64.deb
Checksums-Sha256: 
 e078af2c49ef5657ae374f9c4f7a2dd85ebdef379973d8b8a8e08eea3cd0fb37 2032 kfreebsd-8_8.2-1.dsc
 1a7608f5922236a89c1a40f83969d9c1a1c4d83ba63a1951b8edb35791a7ed01 28312093 kfreebsd-8_8.2.orig.tar.gz
 bd884ed8af212cf7da0d0b0f93dff6ad2e057291ef262c9736da3104b536ef2b 84740 kfreebsd-8_8.2-1.diff.gz
 0a97ff52b340c4a1e314f9ddc0f3c31d9529aab759369032e90b55acd3c11421 18710732 kfreebsd-source-8.2_8.2-1_all.deb
 51c18c841f7baf7b92ca2d087a1eff1e075e79a351454a5337c646e939279f1b 7294248 kfreebsd-headers-8.2-1_8.2-1_kfreebsd-amd64.deb
 a44a3c355965ae359159cce6421d5ac5403364fc8dc3f1ba57c36f40c14ba164 11120716 kfreebsd-image-8.2-1-amd64_8.2-1_kfreebsd-amd64.deb
 e487a945273e2824bb4b2470b15446da43fad15dfe3ef03356451e627566021e 47750 kfreebsd-image-8-amd64_8.2-1_kfreebsd-amd64.deb
 af3a757788908512073ccc5992cde3a8b1bfff63305eb7a1f64caf1efbc9a0a8 320276 kfreebsd-headers-8.2-1-amd64_8.2-1_kfreebsd-amd64.deb
 b22ee70f659bcead3e163b3edf082853c38de1ee6adcfc7d4b7c2a81cc46e145 47752 kfreebsd-headers-8-amd64_8.2-1_kfreebsd-amd64.deb
Files: 
 efa0b2457ff4afaf4d3b382903a8e564 2032 kernel optional kfreebsd-8_8.2-1.dsc
 cfbb3358defa899261ac9de232c8210b 28312093 kernel optional kfreebsd-8_8.2.orig.tar.gz
 83687c685febf485cdec2544a007e37f 84740 kernel optional kfreebsd-8_8.2-1.diff.gz
 a5db016f0219a3d261c25ce873fb611f 18710732 kernel optional kfreebsd-source-8.2_8.2-1_all.deb
 a5481a97fd9f872731f038909fce48f6 7294248 kernel optional kfreebsd-headers-8.2-1_8.2-1_kfreebsd-amd64.deb
 36d6b5ddd8630ab29c92677388d25181 11120716 kernel optional kfreebsd-image-8.2-1-amd64_8.2-1_kfreebsd-amd64.deb
 561bfce83164aa42e464645be92a91ed 47750 kernel optional kfreebsd-image-8-amd64_8.2-1_kfreebsd-amd64.deb
 6aedb97e46ec292be51e36cff1056761 320276 kernel optional kfreebsd-headers-8.2-1-amd64_8.2-1_kfreebsd-amd64.deb
 59a23f2211c2c8e77d1ecd92e6a8d990 47752 kernel optional kfreebsd-headers-8-amd64_8.2-1_kfreebsd-amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/kFreeBSD)

iD8DBQFNYEMxw3ao2vG823MRAhIlAJ9r3YPgcAAJ4h27UUSypVq4WaDlJgCcDYia
IPG+whROE+F1pwBcvnyA9Bc=
=hmpk
-----END PGP SIGNATURE-----





Reply sent to Aurelien Jarno <aurel32@debian.org>:
You have taken responsibility. (Sun, 20 Feb 2011 00:51:36 GMT) Full text and rfc822 format available.

Notification sent to Michael Gilbert <michael.s.gilbert@gmail.com>:
Bug acknowledged by developer. (Sun, 20 Feb 2011 00:51:36 GMT) Full text and rfc822 format available.

Added tag(s) pending. Request was from Anibal Monsalve Salazar <anibal@debian.org> to control@bugs.debian.org. (Sun, 20 Feb 2011 07:06:07 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>:
Bug#611476; Package kfreebsd-8. (Mon, 21 Feb 2011 11:21:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Jonathan Wiltshire <jmw@debian.org>:
Extra info received and forwarded to list. Copy sent to GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>. (Mon, 21 Feb 2011 11:21:03 GMT) Full text and rfc822 format available.

Message #63 received at 611476@bugs.debian.org (full text, mbox):

From: Jonathan Wiltshire <jmw@debian.org>
To: 611476@bugs.debian.org
Subject: Re: Bug#611476: Subject: kfreebsd-8: local denial of service
Date: Mon, 21 Feb 2011 11:19:48 +0000
[Message part 1 (text/plain, inline)]
Dear maintainer,

Recently you fixed one or more security problems and as a result you closed
this bug. These problems were not serious enough for a Debian Security
Advisory, so they are now on my radar for fixing in the following suites
through point releases:

squeeze (6.0.1)

Please arrange to backport your fix and liase with the release team for
permission to upload. I will happily assist you if the patch is
straightforward and you need help or lack time.

For details of this process and the rationale, please see the original
announcement [1] and my blog post [2].

1: <201101232332.11736.thijs@debian.org>
2: http://deb.li/prsc

Thanks,

with his security hat on:
-- 
Jonathan Wiltshire                                      jmw@debian.org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>:
Bug#611476; Package kfreebsd-8. (Wed, 23 Feb 2011 09:33:11 GMT) Full text and rfc822 format available.

Acknowledgement sent to Philipp Kern <pkern@debian.org>:
Extra info received and forwarded to list. Copy sent to GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>. (Wed, 23 Feb 2011 09:33:11 GMT) Full text and rfc822 format available.

Message #68 received at 611476@bugs.debian.org (full text, mbox):

From: Philipp Kern <pkern@debian.org>
To: Jonathan Wiltshire <jmw@debian.org>, 611476@bugs.debian.org
Cc: debian-release@lists.debian.org
Subject: Re: Bug#611476: Subject: kfreebsd-8: local denial of service
Date: Wed, 23 Feb 2011 10:31:46 +0100
[Message part 1 (text/plain, inline)]
On Mon, Feb 21, 2011 at 11:19:48AM +0000, Jonathan Wiltshire wrote:
> Please arrange to backport your fix and liase with the release team for
> permission to upload. I will happily assist you if the patch is
> straightforward and you need help or lack time.

Maybe the wording should be adjusted a bit.

I haven't seen any prior discussion of the kfreebsd-8 upload on
debian-release@.  However, as the fixes are straightforward, I'll accept them
now anyway.  But next time please just drop a mail to -release first.

(The diff has some noise in debian/control about -686 and -686-smp moving
around[1].  It would be cool if that could be made stable so that it's not
cluttering the diff.)

Thanks for your efforts in fixing stable!  :)

Kind regards
Philipp Kern

[1] http://release.debian.org/proposed-updates/stable_diffs/kfreebsd-8_8.1+dfsg-8.debdiff
[signature.asc (application/pgp-signature, inline)]

Reply sent to Aurelien Jarno <aurel32@debian.org>:
You have taken responsibility. (Wed, 23 Feb 2011 14:00:08 GMT) Full text and rfc822 format available.

Notification sent to recoverym4n@gmail.com:
Bug acknowledged by developer. (Wed, 23 Feb 2011 14:00:08 GMT) Full text and rfc822 format available.

Message #73 received at 611476-close@bugs.debian.org (full text, mbox):

From: Aurelien Jarno <aurel32@debian.org>
To: 611476-close@bugs.debian.org
Subject: Bug#611476: fixed in kfreebsd-8 8.1+dfsg-8
Date: Wed, 23 Feb 2011 13:57:19 +0000
Source: kfreebsd-8
Source-Version: 8.1+dfsg-8

We believe that the bug you reported is fixed in the latest version of
kfreebsd-8, which is due to be installed in the Debian FTP archive:

kfreebsd-8_8.1+dfsg-8.diff.gz
  to main/k/kfreebsd-8/kfreebsd-8_8.1+dfsg-8.diff.gz
kfreebsd-8_8.1+dfsg-8.dsc
  to main/k/kfreebsd-8/kfreebsd-8_8.1+dfsg-8.dsc
kfreebsd-headers-8-amd64_8.1+dfsg-8_kfreebsd-amd64.deb
  to main/k/kfreebsd-8/kfreebsd-headers-8-amd64_8.1+dfsg-8_kfreebsd-amd64.deb
kfreebsd-headers-8.1-1-amd64_8.1+dfsg-8_kfreebsd-amd64.deb
  to main/k/kfreebsd-8/kfreebsd-headers-8.1-1-amd64_8.1+dfsg-8_kfreebsd-amd64.deb
kfreebsd-headers-8.1-1_8.1+dfsg-8_kfreebsd-amd64.deb
  to main/k/kfreebsd-8/kfreebsd-headers-8.1-1_8.1+dfsg-8_kfreebsd-amd64.deb
kfreebsd-image-8-amd64_8.1+dfsg-8_kfreebsd-amd64.deb
  to main/k/kfreebsd-8/kfreebsd-image-8-amd64_8.1+dfsg-8_kfreebsd-amd64.deb
kfreebsd-image-8.1-1-amd64_8.1+dfsg-8_kfreebsd-amd64.deb
  to main/k/kfreebsd-8/kfreebsd-image-8.1-1-amd64_8.1+dfsg-8_kfreebsd-amd64.deb
kfreebsd-source-8.1_8.1+dfsg-8_all.deb
  to main/k/kfreebsd-8/kfreebsd-source-8.1_8.1+dfsg-8_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 611476@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Aurelien Jarno <aurel32@debian.org> (supplier of updated kfreebsd-8 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Mon, 21 Feb 2011 22:51:05 +0100
Source: kfreebsd-8
Binary: kfreebsd-source-8.1 kfreebsd-headers-8.1-1 kfreebsd-image-8.1-1-amd64 kfreebsd-image-8-amd64 kfreebsd-headers-8.1-1-amd64 kfreebsd-headers-8-amd64 kfreebsd-image-8.1-1-486 kfreebsd-image-8-486 kfreebsd-headers-8.1-1-486 kfreebsd-headers-8-486 kfreebsd-image-8.1-1-686-smp kfreebsd-image-8-686-smp kfreebsd-headers-8.1-1-686-smp kfreebsd-headers-8-686-smp kfreebsd-image-8.1-1-686 kfreebsd-image-8-686 kfreebsd-headers-8.1-1-686 kfreebsd-headers-8-686
Architecture: source all kfreebsd-amd64
Version: 8.1+dfsg-8
Distribution: stable-proposed-updates
Urgency: low
Maintainer: Aurelien Jarno <aurel32@debian.org>
Changed-By: Aurelien Jarno <aurel32@debian.org>
Description: 
 kfreebsd-headers-8-486 - header files for kernel of FreeBSD 8
 kfreebsd-headers-8-686 - header files for kernel of FreeBSD 8
 kfreebsd-headers-8-686-smp - header files for kernel of FreeBSD 8
 kfreebsd-headers-8-amd64 - header files for kernel of FreeBSD 8
 kfreebsd-headers-8.1-1 - Common architecture-specific header files for kernel of FreeBSD 8
 kfreebsd-headers-8.1-1-486 - header files for kernel of FreeBSD 8.1
 kfreebsd-headers-8.1-1-686 - header files for kernel of FreeBSD 8.1
 kfreebsd-headers-8.1-1-686-smp - header files for kernel of FreeBSD 8.1
 kfreebsd-headers-8.1-1-amd64 - header files for kernel of FreeBSD 8.1
 kfreebsd-image-8-486 - kernel of FreeBSD 8 image
 kfreebsd-image-8-686 - kernel of FreeBSD 8 image
 kfreebsd-image-8-686-smp - kernel of FreeBSD 8 image
 kfreebsd-image-8-amd64 - kernel of FreeBSD 8 image
 kfreebsd-image-8.1-1-486 - kernel of FreeBSD 8.1 image
 kfreebsd-image-8.1-1-686 - kernel of FreeBSD 8.1 image
 kfreebsd-image-8.1-1-686-smp - kernel of FreeBSD 8.1 image
 kfreebsd-image-8.1-1-amd64 - kernel of FreeBSD 8.1 image
 kfreebsd-source-8.1 - source code for kernel of FreeBSD 8.1 with Debian patches
Closes: 609681 611476
Changes: 
 kfreebsd-8 (8.1+dfsg-8) stable-proposed-updates; urgency=low
 .
   [ Petr Salinger ]
   * Add 000_tcp_usrreq.diff, fixes local DoS. Closes: #611476.
   * Extend 108_teken_utf8_table.diff for middle-dot l/L.
     Closes: #609681. Thanks to Robert Millan.
Checksums-Sha1: 
 b223ef8c9ec0ed47789e7a2358b963220a072459 1898 kfreebsd-8_8.1+dfsg-8.dsc
 68e5a0f6cef315f180c16789af86842d4bf39746 87158 kfreebsd-8_8.1+dfsg-8.diff.gz
 a3a960e2f4055f56658e5ef942600196034b49e8 17481054 kfreebsd-source-8.1_8.1+dfsg-8_all.deb
 073fccd41f64f056545d2678cafed6bf0b87f695 6554104 kfreebsd-headers-8.1-1_8.1+dfsg-8_kfreebsd-amd64.deb
 5eea45e3e4ab6c39ddc75da3b821ae5ba8b00b66 10854198 kfreebsd-image-8.1-1-amd64_8.1+dfsg-8_kfreebsd-amd64.deb
 e47d2c3bdd6e47abbd34acfcc02037f8d28d7e95 47594 kfreebsd-image-8-amd64_8.1+dfsg-8_kfreebsd-amd64.deb
 a3bfb1cd9a9df6bfd790cf4bac49062a4142f613 312330 kfreebsd-headers-8.1-1-amd64_8.1+dfsg-8_kfreebsd-amd64.deb
 ce31b54e31b5911e9d3fe4e121bba9bd1248422b 47600 kfreebsd-headers-8-amd64_8.1+dfsg-8_kfreebsd-amd64.deb
Checksums-Sha256: 
 b024b74ad153ca938a6bc50ed3e0773dcbb3b612af51aa3a8424bee6d4350518 1898 kfreebsd-8_8.1+dfsg-8.dsc
 380dabdc6e7bcaa583f68507c45546c66382f1a2f0b2dfa839cf68cdae1ed187 87158 kfreebsd-8_8.1+dfsg-8.diff.gz
 a6de2839ba850687165c196e683355e5f28826b9b270baf9a46e90714f007b5f 17481054 kfreebsd-source-8.1_8.1+dfsg-8_all.deb
 7d13d9ccb4ab06648f09a6e6194484b594b5873ddf751304b0e1b3aff243e4e5 6554104 kfreebsd-headers-8.1-1_8.1+dfsg-8_kfreebsd-amd64.deb
 b3c88a83494fbb80c9d566e51ad1c36245228f8e72c01935b301e8a6e82cd85a 10854198 kfreebsd-image-8.1-1-amd64_8.1+dfsg-8_kfreebsd-amd64.deb
 5d2c4713549410b7dd69961d5396208fd2181eb469a38568cb94499f54a39ac9 47594 kfreebsd-image-8-amd64_8.1+dfsg-8_kfreebsd-amd64.deb
 1ed25dab8d5bf0d62c55c2002b69c2ebb958b8ad3683c17a97aaa09f87788cfa 312330 kfreebsd-headers-8.1-1-amd64_8.1+dfsg-8_kfreebsd-amd64.deb
 dc05db41ddf3eb4b6ef6a13c2c129ac66cf07c9f8ccdba4d0de61c1520a75523 47600 kfreebsd-headers-8-amd64_8.1+dfsg-8_kfreebsd-amd64.deb
Files: 
 d3825bc9833714984e120e59b49913b5 1898 kernel optional kfreebsd-8_8.1+dfsg-8.dsc
 49f6851d913b49d4692524651f9d1bac 87158 kernel optional kfreebsd-8_8.1+dfsg-8.diff.gz
 565b62ed7a92f0dccde61a9cbc732f00 17481054 kernel optional kfreebsd-source-8.1_8.1+dfsg-8_all.deb
 5439070d2cd731d0ce66a8963e38e9ba 6554104 kernel optional kfreebsd-headers-8.1-1_8.1+dfsg-8_kfreebsd-amd64.deb
 42377a88ef02a5d89d039f31e1e78f04 10854198 kernel optional kfreebsd-image-8.1-1-amd64_8.1+dfsg-8_kfreebsd-amd64.deb
 fd713eb0d6f650a4f7b35ff6c8af98cd 47594 kernel optional kfreebsd-image-8-amd64_8.1+dfsg-8_kfreebsd-amd64.deb
 1e614288792dbbe3573f5f2fdde3b699 312330 kernel optional kfreebsd-headers-8.1-1-amd64_8.1+dfsg-8_kfreebsd-amd64.deb
 7979e4a8ded341c5baa700436135c23a 47600 kernel optional kfreebsd-headers-8-amd64_8.1+dfsg-8_kfreebsd-amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/kFreeBSD)

iD8DBQFNY1tHw3ao2vG823MRAp/JAJ9yzkGMH9m61vMyhf21qMfq9GgETwCeLfS8
wEKZJV7YC8iyVt0xhMvr6VA=
=5pGE
-----END PGP SIGNATURE-----





Reply sent to Aurelien Jarno <aurel32@debian.org>:
You have taken responsibility. (Wed, 23 Feb 2011 14:00:09 GMT) Full text and rfc822 format available.

Notification sent to Michael Gilbert <michael.s.gilbert@gmail.com>:
Bug acknowledged by developer. (Wed, 23 Feb 2011 14:00:09 GMT) Full text and rfc822 format available.

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Thu, 14 Apr 2011 07:33:21 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sat Apr 19 08:09:16 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.