Bug#700277: pu: package kfreebsd-8/8.1+dfsg-8+squeeze4

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#700277: pu: package kfreebsd-8/8.1+dfsg-8+squeeze4
From: Steven Chamberlain <steven@pyro.eu.org>
Date: Sun, 10 Feb 2013 20:59:14 +0000
Message-id: <[🔎] 51180A22.5090300@pyro.eu.org>
Reply-to: Steven Chamberlain <steven@pyro.eu.org>, 700277@bugs.debian.org

Package: release.debian.org
User: release.debian.org@packages.debian.org
Usertags: pu
X-Debbugs-Cc: debian-bsd@lists.debian.org

Dear Release Team,

Please would it possible to fix #694096 / CVE-2012-4576 via
stable-proposed-updates.  It affects the linux.ko kernel module which is
shipped but not normally loaded/used.  This was already fixed in testing
via sid, and without a DSA.

A debdiff is attached of the changes staged in the glibc-bsd packaging
SVN;  I would ask a DD on the team to upload this if approved.

Thank you.

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing'), (1, 'experimental')
Architecture: kfreebsd-amd64 (x86_64)

Kernel: kFreeBSD 9.0-2-amd64-xenhvm
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

diff -u kfreebsd-8-8.1+dfsg/debian/changelog kfreebsd-8-8.1+dfsg/debian/changelog
--- kfreebsd-8-8.1+dfsg/debian/changelog
+++ kfreebsd-8-8.1+dfsg/debian/changelog
@@ -1,3 +1,12 @@
+kfreebsd-8 (8.1+dfsg-8+squeeze4) stable-proposed-updates; urgency=low
+
+  [ Steven Chamberlain ]
+  * Apply patch for SA-12:08 / CVE-2012-4576:
+    memory access without proper validation in linux compat system
+    (Closes: #694096)
+
+ -- GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>  Sun, 10 Feb 2013 19:30:43 +0000
+
 kfreebsd-8 (8.1+dfsg-8+squeeze3) stable-security; urgency=medium
 
   [ Steven Chamberlain ]
diff -u kfreebsd-8-8.1+dfsg/debian/patches/series kfreebsd-8-8.1+dfsg/debian/patches/series
--- kfreebsd-8-8.1+dfsg/debian/patches/series
+++ kfreebsd-8-8.1+dfsg/debian/patches/series
@@ -44,0 +45 @@
+SA-12_08.linux.patch
only in patch2:
unchanged:
--- kfreebsd-8-8.1+dfsg.orig/debian/patches/SA-12_08.linux.patch
+++ kfreebsd-8-8.1+dfsg/debian/patches/SA-12_08.linux.patch
@@ -0,0 +1,16 @@
+Index: kfreebsd-8-8.1+dfsg/sys/compat/linux/linux_ioctl.c
+===================================================================
+--- kfreebsd-8-8.1+dfsg.orig/sys/compat/linux/linux_ioctl.c	2009-09-17 12:03:37.000000000 +0100
++++ kfreebsd-8-8.1+dfsg/sys/compat/linux/linux_ioctl.c	2013-02-10 19:26:12.136388557 +0000
+@@ -2228,8 +2228,9 @@
+ 
+ 	ifc.ifc_len = valid_len; 
+ 	sbuf_finish(sb);
+-	memcpy(PTRIN(ifc.ifc_buf), sbuf_data(sb), ifc.ifc_len);
+-	error = copyout(&ifc, uifc, sizeof(ifc));
++	error = copyout(sbuf_data(sb), PTRIN(ifc.ifc_buf), ifc.ifc_len);
++	if (error == 0)
++		error = copyout(&ifc, uifc, sizeof(ifc));
+ 	sbuf_delete(sb);
+ 	CURVNET_RESTORE();
+

Reply to:

Prev by Date: Re: Bug#630723: misc regressions on GNU/kFreeBSD
Next by Date: Re: howto boot+preseed kfreebsd in qemu (was Re: netcfg: installation on kfreebsd maybe broken?
Previous by thread: Processed (with 2 errors): Security bugs affecting kfreebsd-8 in squeeze-backports
Next by thread: Bug#700124: fixed
Index(es):
- Date
- Thread