[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#869639: marked as done (firmware-brcm80211: BroadPwn vulnerability CVE-2017-9417)



Your message dated Wed, 24 Oct 2018 20:13:13 +0000
with message-id <E1gFPWj-0003Yn-FP@fasolo.debian.org>
and subject line Bug#869639: fixed in firmware-nonfree 20161130-4
has caused the Debian Bug report #869639,
regarding firmware-brcm80211: BroadPwn vulnerability CVE-2017-9417
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
869639: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869639
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
Package: firmware-brcm80211
Version: 0.43
Severity: critical
Tags: security upstream
Justification: root security hole

Dear Maintainer,

CVE-2017-8386 "BroadPwn" has been around for a while.

It seems Debian ships the relevant firmware in this package.

Could I impose on you to ensure that all is as it should be?

Many thanks.
Mark

https://nvd.nist.gov/vuln/detail/CVE-2017-8386
https://security-tracker.debian.org/tracker/CVE-2017-9417
https://packages.debian.org/search?keywords=firmware-brcm80211
http://boosterok.com/blog/broadpwn/

-- System Information:
Debian Release: 8.9
  APT prefers testing
  APT policy: (1000, 'testing'), (1000, 'stable'), (1000, 'oldstable'), (500, 'oldstable-updates'), (500, 'oldstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_NZ.UTF-8, LC_CTYPE=en_NZ.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

--- End Message ---
--- Begin Message ---
Source: firmware-nonfree
Source-Version: 20161130-4

We believe that the bug you reported is fixed in the latest version of
firmware-nonfree, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 869639@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ben Hutchings <ben@decadent.org.uk> (supplier of updated firmware-nonfree package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 13 Oct 2018 20:27:06 +0100
Source: firmware-nonfree
Binary: firmware-linux firmware-linux-nonfree firmware-adi firmware-ralink firmware-amd-graphics firmware-atheros firmware-bnx2 firmware-bnx2x firmware-brcm80211 firmware-cavium firmware-intelwimax firmware-intel-sound firmware-ipw2x00 firmware-ivtv firmware-iwlwifi firmware-libertas firmware-misc-nonfree firmware-myricom firmware-netxen firmware-qlogic firmware-realtek firmware-samsung firmware-siano firmware-ti-connectivity
Architecture: all source
Version: 20161130-4
Distribution: stretch
Urgency: medium
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: Ben Hutchings <ben@decadent.org.uk>
Closes: 869639 907320
Description: 
 firmware-adi - Binary firmware for Analog Devices Inc. DSL modem chips (dummmy p
 firmware-amd-graphics - Binary firmware for AMD/ATI graphics chips
 firmware-atheros - Binary firmware for Atheros wireless cards
 firmware-bnx2 - Binary firmware for Broadcom NetXtremeII
 firmware-bnx2x - Binary firmware for Broadcom NetXtreme II 10Gb
 firmware-brcm80211 - Binary firmware for Broadcom 802.11 wireless cards
 firmware-cavium - Binary firmware for Cavium Ethernet adapters
 firmware-intel-sound - Binary firmware for Intel sound DSPs
 firmware-intelwimax - Binary firmware for Intel WiMAX Connection
 firmware-ipw2x00 - Binary firmware for Intel Pro Wireless 2100, 2200 and 2915
 firmware-ivtv - Binary firmware for iTVC15-family MPEG codecs (ivtv and pvrusb2 d
 firmware-iwlwifi - Binary firmware for Intel Wireless cards
 firmware-libertas - Binary firmware for Marvell wireless cards
 firmware-linux - Binary firmware for various drivers in the Linux kernel (meta-pac
 firmware-linux-nonfree - Binary firmware for various drivers in the Linux kernel (meta-pac
 firmware-misc-nonfree - Binary firmware for various drivers in the Linux kernel
 firmware-myricom - Binary firmware for Myri-10G Ethernet adapters
 firmware-netxen - Binary firmware for QLogic Intelligent Ethernet (3000 and 3100 Se
 firmware-qlogic - Binary firmware for QLogic HBAs
 firmware-ralink - Binary firmware for Ralink wireless cards (dummmy package)
 firmware-realtek - Binary firmware for Realtek wired/wifi/BT adapters
 firmware-samsung - Binary firmware for Samsung MFC video codecs
 firmware-siano - Binary firmware for Siano MDTV receivers
 firmware-ti-connectivity - Binary firmware for TI Connectivity wifi and BT/FM/GPS adapters
Changes:
 firmware-nonfree (20161130-4) stretch; urgency=medium
 .
   * debian/bin/gencontrol.py: Set encoding to UTF-8 globally
   * Add back firmware-{adi,ralink} as transitional packages (Closes: #907320)
   * debian/control: Point Vcs URLs to Salsa
   * Update to linux-support 4.9.0-8
   * firmware-brcm80211: Update Broadcom wifi firmware to fix security issues
     (Closes: #869639):
     - BCM4339 (CVE-2016-0801)
     - BCM4354 (CVE-2016-0801, CVE-2017-0561, CVE-2017-9417, CVE-2017-13077,
       CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081)
     - BCM4356-PCIe (CVE-2016-0801, CVE-2017-0561, CVE-2017-9417,
       CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080,
       CVE-2017-13081)
     - BCM43340 (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080,
       CVE-2017-13081) (also fixes issues when operating in 5GHz band)
     - BCM43362 (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080,
       CVE-2017-13081)
     - BCM43430 (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080,
       CVE-2017-13081)
Checksums-Sha1: 
 e63617166c8950ec0a54242e362800b487f2f2b5 3845 firmware-nonfree_20161130-4.dsc
 cc30c11c959879cc8f42800dd7ee956ed85931c6 2456372 firmware-nonfree_20161130-4.debian.tar.xz
 0a0d5b25fef15355b5e8886b5f6502b1f2f65022 6030 firmware-nonfree_20161130-4_source.buildinfo
 823743e3fe5a411b67666157cd6336416ee9667c 14024 firmware-adi_20161130-4_all.deb
 63db596c39887e104801fa947dac23e551092f29 1566256 firmware-amd-graphics_20161130-4_all.deb
 322585b683b5431601e7c7807dc9fdd9dc0cb3e6 3131644 firmware-atheros_20161130-4_all.deb
 5ef521ae4000e063b043f4ae8c5a75eb7d02493e 98984 firmware-bnx2_20161130-4_all.deb
 dec9e279c0314ed54305313b4a7990398f58d6c8 2816314 firmware-bnx2x_20161130-4_all.deb
 18ff9a2218d7f4c97b61c2dcc975b065ccd20ab6 3668582 firmware-brcm80211_20161130-4_all.deb
 ec506459ebbc425b7ddfcf80274354f4437ee275 436214 firmware-cavium_20161130-4_all.deb
 c9d13bac5420d1a8aaf3cbbf6dfb6124cc049058 611636 firmware-intel-sound_20161130-4_all.deb
 3bba9ed502057e70c930077c88c63e2106d08df6 1190310 firmware-intelwimax_20161130-4_all.deb
 b786acebd1e7a014087c0f7d8bcd9362485d5294 247830 firmware-ipw2x00_20161130-4_all.deb
 75892b0c6e42b9d3e151a2a44a97c7954c90da34 105798 firmware-ivtv_20161130-4_all.deb
 8949019b71f13230ded180f6437b5e5be603978e 5524182 firmware-iwlwifi_20161130-4_all.deb
 4cbd993ac057cfe925933d5c8d7b062c7ff69251 2949540 firmware-libertas_20161130-4_all.deb
 05b18c1ac44f7a1305a7ccc34770c86f6c8b9a84 14078 firmware-linux-nonfree_20161130-4_all.deb
 6cd9b96f4a553bc2ab675b85605b3f6194cb8b1a 14324 firmware-linux_20161130-4_all.deb
 0f23f99319f316f7b201e992638d2b7a987fa96e 2319602 firmware-misc-nonfree_20161130-4_all.deb
 ec84e0b0c0c0d7d79c071f7d790e9f7cb13929c6 266970 firmware-myricom_20161130-4_all.deb
 579461a92d4e98261cfec3539be3c9c1452e6e7a 1238180 firmware-netxen_20161130-4_all.deb
 236c91b56992bda8d6e95fff2fcf548126e39a2a 11500 firmware-nonfree_20161130-4_amd64.buildinfo
 f09c0c5c1f2bffd18cd4c0dd6fe4c8ca3651be06 2911162 firmware-qlogic_20161130-4_all.deb
 95968c4cd5dd8ed35e4b9e1c938761cf277e8f9e 14026 firmware-ralink_20161130-4_all.deb
 8105266fd71299ed57e0a918081a4af66ecc7ada 341996 firmware-realtek_20161130-4_all.deb
 00ad650fe0bc6507815b8f69ecb3234a97820b24 515964 firmware-samsung_20161130-4_all.deb
 f0229c041c09e93edb34f4c2c07208b89f872a77 319460 firmware-siano_20161130-4_all.deb
 07d8d0f664213af811f051d779be7ed466ab7a49 1011034 firmware-ti-connectivity_20161130-4_all.deb
Checksums-Sha256: 
 5b54100e614154a5576ee8c3d9465206caf68c9f41c0dbcf0b0ff4be7d5ada88 3845 firmware-nonfree_20161130-4.dsc
 4e4c6f22dc58026c7003e188a39fb1500d3f9524bbcd93fef70895d0a3653f61 2456372 firmware-nonfree_20161130-4.debian.tar.xz
 922f9bffecfe3f465d043f64e4fa0e6ea1747a48ccb4a209cffb278d58218839 6030 firmware-nonfree_20161130-4_source.buildinfo
 3cbda0ff379ed467a49bcc7552f59b2b6c3b9e7065b5a5f39819141f72191e06 14024 firmware-adi_20161130-4_all.deb
 219441241a5d47a85ae80fe3601e8eb6b8fac4d7d3be1c81a7bf15f3517873e4 1566256 firmware-amd-graphics_20161130-4_all.deb
 1f40b7d4008b0602a2de54aa096995aa3aeeb3426e136a1e0130de7b17bdf523 3131644 firmware-atheros_20161130-4_all.deb
 18dee61bb85daee41bb28bdc40144d3473f5dc287a8ec5ba12b670267f49aa51 98984 firmware-bnx2_20161130-4_all.deb
 c3bb40016dc466d32c3070a976c2f2e09253f4e33310657b190ae55da614389e 2816314 firmware-bnx2x_20161130-4_all.deb
 72f9a94ec9e82830547056548cba7477ed56678e5708704c2b756c7390b85e84 3668582 firmware-brcm80211_20161130-4_all.deb
 f244ccda4382dbb2f635da83be69c48ce443605d9e30637070c97e5824dd6361 436214 firmware-cavium_20161130-4_all.deb
 443d6f0968b1af4159d219c7308137e5c74080d1637e935ef6e3ff905b82e62f 611636 firmware-intel-sound_20161130-4_all.deb
 de404d9dac19c21cd54e6a31e46879d80d79269694ccbd991de46a6173aed538 1190310 firmware-intelwimax_20161130-4_all.deb
 e0ff5d67f5abe90b1c36ba2dadf14eef7964614c8f8b10090abc9bdd5f21c49c 247830 firmware-ipw2x00_20161130-4_all.deb
 b9d0e6f5ed291460eba4bbda016d3fc14363fbe4f5ebf2a9b6f3a9ac4c2576e7 105798 firmware-ivtv_20161130-4_all.deb
 c5c66996f082364c1c7617dd5dd737905c443386776be17e6f0d53af2e544a5e 5524182 firmware-iwlwifi_20161130-4_all.deb
 877557d6337b44c1feaed17df94b6eee5e7194a4c9f1e33f3d675a4fa6d55e1e 2949540 firmware-libertas_20161130-4_all.deb
 9e689495babf9094863edb67e1b2aecae1b8c1ffd596d26ba1ec5b1563163935 14078 firmware-linux-nonfree_20161130-4_all.deb
 e2e29cffd119067b3d04e1f7f5bc7e52d52fb32f18c6e5867f8c76ff9ad64e17 14324 firmware-linux_20161130-4_all.deb
 4768fdac999a53f008bd67b2904ba13b33fe77a7bb17852333c6ce6e344b7469 2319602 firmware-misc-nonfree_20161130-4_all.deb
 5e62b866822e2aa88a01e8c71531f9a8a6afcc19b31ee656a78513a7fd094f93 266970 firmware-myricom_20161130-4_all.deb
 fec8d6b285b160e9ac7ea317149ab62a077ceb7f95d957fbb4abe5a5a4a1def6 1238180 firmware-netxen_20161130-4_all.deb
 bdd39026c8182953b798cc60a362c40a17ca1206de13c5d90d3d9947e554601c 11500 firmware-nonfree_20161130-4_amd64.buildinfo
 a64ff4f15eeb48e2322032484139d7821292490bfad7e2bdd552335a0644c01d 2911162 firmware-qlogic_20161130-4_all.deb
 a1f4591dcc5068355d969a9d8e21724beffa25f5d16522bc8ecc7c08e81da69e 14026 firmware-ralink_20161130-4_all.deb
 e0348f4da9f96cebbb23aa8f8d888d917eacfb83cd0f9de8a52ba9041f08d276 341996 firmware-realtek_20161130-4_all.deb
 59400e5b79d912f47d30ae7e6a9d0b917e691d52b0b75f69b77b8c2024ae9208 515964 firmware-samsung_20161130-4_all.deb
 9365c2c5f38bb21ddb296d5298f62a8652a2f7443c5bd3ee4f6340170c0e5f8d 319460 firmware-siano_20161130-4_all.deb
 fc9cc1bfc1982903c6d12964c79f7ffe24bcf1f6802a03b5dbb27c35ed01f52b 1011034 firmware-ti-connectivity_20161130-4_all.deb
Files: 
 97e2ec1aa0b6ad062f39a0ed2c35baf3 3845 non-free/kernel optional firmware-nonfree_20161130-4.dsc
 fc69bec2c2efbc07a8a4bd5553a5adb9 2456372 non-free/kernel optional firmware-nonfree_20161130-4.debian.tar.xz
 e4930eb2c09436e14135e1a96399084f 6030 non-free/kernel optional firmware-nonfree_20161130-4_source.buildinfo
 1313ed4af58733413f0ea9101299c0eb 14024 non-free/oldlibs optional firmware-adi_20161130-4_all.deb
 9859d4774d3de5178f75b642c85b4758 1566256 non-free/kernel optional firmware-amd-graphics_20161130-4_all.deb
 bdf5a2d7254bb0e7f9763e44b2eece45 3131644 non-free/kernel optional firmware-atheros_20161130-4_all.deb
 7a5ebb4585e2b881ca9fe564dae5ea44 98984 non-free/kernel optional firmware-bnx2_20161130-4_all.deb
 2e7dd904e7836433c45d33a338fda33a 2816314 non-free/kernel optional firmware-bnx2x_20161130-4_all.deb
 aa3985040265a85a1efa735fe0c73611 3668582 non-free/kernel optional firmware-brcm80211_20161130-4_all.deb
 052a04e7de9fbd511e64b7258b85f3b5 436214 non-free/kernel optional firmware-cavium_20161130-4_all.deb
 60618d6371775625fc21d900a87a9c8f 611636 non-free/kernel optional firmware-intel-sound_20161130-4_all.deb
 9e73735e3a9b2ed2b404540bd79dce24 1190310 non-free/kernel optional firmware-intelwimax_20161130-4_all.deb
 de13494e4e78d50c0826463096e0fc75 247830 non-free/kernel optional firmware-ipw2x00_20161130-4_all.deb
 8f0e4c41d59740f2269c42d56558984b 105798 non-free/kernel optional firmware-ivtv_20161130-4_all.deb
 234398c728b83df48ca33224a08276c9 5524182 non-free/kernel optional firmware-iwlwifi_20161130-4_all.deb
 04fd1744bc9ce8d7218bc7f5c1f01001 2949540 non-free/kernel optional firmware-libertas_20161130-4_all.deb
 e413ea502b8f66dc4dc1d856296886d4 14078 non-free/metapackages optional firmware-linux-nonfree_20161130-4_all.deb
 d8f19e64ec7b8ce19c3df73743caf5db 14324 non-free/metapackages optional firmware-linux_20161130-4_all.deb
 de488c464316ac7afa040934ca98b69a 2319602 non-free/kernel optional firmware-misc-nonfree_20161130-4_all.deb
 0413669cac3baa5f394d72ab16a3587b 266970 non-free/kernel optional firmware-myricom_20161130-4_all.deb
 440a795b7b9f7f6b3eaf7f4ac060603e 1238180 non-free/kernel optional firmware-netxen_20161130-4_all.deb
 3ec74f9e1574d8eadcb9b55db141358d 11500 non-free/kernel optional firmware-nonfree_20161130-4_amd64.buildinfo
 69abdfa5ebe636f942583092ef429657 2911162 non-free/kernel optional firmware-qlogic_20161130-4_all.deb
 5c128935825c8c508f5f0e32c8e24c82 14026 non-free/oldlibs optional firmware-ralink_20161130-4_all.deb
 2c5015287ef3d7439f27c1bb451ea0fa 341996 non-free/kernel optional firmware-realtek_20161130-4_all.deb
 35722a2a363cf65322095449e10cc039 515964 non-free/kernel optional firmware-samsung_20161130-4_all.deb
 ef74974a85225160aef14abd35f2e2bd 319460 non-free/kernel optional firmware-siano_20161130-4_all.deb
 bc926046107291dc959ff1e8b1fded9b 1011034 non-free/kernel optional firmware-ti-connectivity_20161130-4_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlvCTgwACgkQ57/I7JWG
EQnIZhAAqzZiizhuo5YKMBnavx9Do/ovaOd1uq+rT+KHEc/3DjuRTFe07DxBNt8i
4CLy3I8uBLwO9oDICbuZvRdgkMPOBX0gbyQKnn2KCdwY/LMjdbgUuSn1u31baRe3
VZ2fGtXmwtDiRhQmCoKvvPMaokbO/0uUJONyeDIZZx8tPcrguX+5Egi/DKyjMuvz
SP6nEeKgsjswaJ2sK6KiehQwrgsw45HY0g2G8PErBvtakZJPtOVQNsU3ZaLxwT6c
xbMbWQOVG9FnzoXyZpZD9mz6K8REANltNpKHnw6PrNHi0fwyKf3dmU/3F6TRbcXM
8A4wogA+bY8Glp/69xMmsaMjCX6jTL9VvQRxlTVFf3CwQ4U1kaYU4Ephyw878850
ILAERnuy7Jg9i5xwImAAJPzdaQB0MyPnrTCvduUDUIOlvem+QGllOhpSwclVk/Yo
P4Ca5SDYg4VZxofi49qU6bPjA2LP660gOQBDpItbhV8nmZ5O75XF6DKthJLB/cGH
rhUbjUbejy8c+iPdHlVNmeOkzczd/YnuBx+mWhtrTSG8ctgxyArfwkNR7jMpbCYV
Z2d97scnkIIkAzq9ejrwPdUZDH/0G475vUV7k6+6gRdyVMuMhxfGt97KQY0QCv9r
+1ao0juAAre+CWXGylGAvaRyUzk1nAKQ9TUbdzZZgmNRJ1NtrDM=
=gsAo
-----END PGP SIGNATURE-----

--- End Message ---

Reply to: