Bug#152152: marked as done (boot-floppies: bf2.4 kernel may need an (security) update)
Your message dated Thu, 13 Oct 2005 16:20:32 -0400
with message-id <20051013202032.GA29224@kitenet.net>
and subject line boot-floppies end of life
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 9 May 2002 06:37:13 +0000
>From bunk@fs.tum.de Thu May 09 01:37:13 2002
Return-path: <bunk@fs.tum.de>
Received: from emailhub.stusta.mhn.de (mailhub.stusta.mhn.de) [141.84.69.5]
by master.debian.org with smtp (Exim 3.12 1 (Debian))
id 175hY7-0000PO-00; Thu, 09 May 2002 01:37:11 -0500
Received: (qmail 10951 invoked from network); 9 May 2002 06:37:09 -0000
Received: from r063144.stusta.swh.mhn.de (10.150.63.144)
by mailhub.stusta.mhn.de with SMTP; 9 May 2002 06:37:09 -0000
Received: from bunk by r063144.stusta.swh.mhn.de with local (Exim 3.35 #1 (Debian))
id 175hWj-0005pI-00; Thu, 09 May 2002 08:35:45 +0200
From: Adrian Bunk <bunk@fs.tum.de>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: kernel-image-2.4.18-*: Linux Netfilter NAT/ICMP code information leak
X-Mailer: reportbug 1.50
Date: Thu, 09 May 2002 08:35:44 +0200
Message-Id: <E175hWj-0005pI-00@r063144.stusta.swh.mhn.de>
Delivered-To: submit@bugs.debian.org
Package: kernel-image-2.4.18-k6
Version: 2.4.18-5
Severity: grave
Tags: security
Quoting from [1]:
<-- snip -->
Problem description
===================
The following bug exists in the netfilter NAT implementation: When the
first packet of a connection is hitting a NAT rule, and this packet
causes the NAT box itself to reply with an ICMP error message, the
inner IP packet inside the ICMP error message is not un-NAT'ed
correctly. This leads to the ability to discover which ports of a
host are NATed and where the packet will really go. This can also lead to
those ICMP error packets being dropped by stateful firewalls not
recognizing the related connection.
Vulnerable versions
===================
All kernel patches from iptables package < ipables-1.2.6a are vulnerable.
All versions of kernel >= 2.4.4 and up to (at least) 2.4.19-pre6 use a
vulnerable version.
<-- snip -->
[1] http://netfilter.samba.org/security/2002-04-02-icmp-dnat.html
---------------------------------------
Received: (at 152152-done) by bugs.debian.org; 13 Oct 2005 20:20:54 +0000
>From joey@kitenet.net Thu Oct 13 13:20:54 2005
Return-path: <joey@kitenet.net>
Received: from kitenet.net [64.62.161.42] (postfix)
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1EQ9ZL-0006Bs-00; Thu, 13 Oct 2005 13:20:51 -0700
Received: from dragon.kitenet.net (97-148-dial.xtn.net [66.118.97.148])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(Client CN "Joey Hess", Issuer "Joey Hess" (verified OK))
by kitenet.net (Postfix) with ESMTP id 4AB2C18617;
Thu, 13 Oct 2005 20:20:31 +0000 (GMT)
Received: by dragon.kitenet.net (Postfix, from userid 1000)
id A53A0BFA45; Thu, 13 Oct 2005 16:20:32 -0400 (EDT)
Date: Thu, 13 Oct 2005 16:20:32 -0400
From: Joey Hess <joey@kitenet.net>
To: 225693-done@bugs.debian.org, 225704-done@bugs.debian.org,
144067-done@bugs.debian.org, 148785-done@bugs.debian.org,
152152-done@bugs.debian.org, 156334-done@bugs.debian.org,
156704-done@bugs.debian.org, 158426-done@bugs.debian.org,
160532-done@bugs.debian.org, 161998-done@bugs.debian.org,
161999-done@bugs.debian.org, 163735-done@bugs.debian.org,
192792-done@bugs.debian.org, 192797-done@bugs.debian.org,
218360-done@bugs.debian.org, 241932-done@bugs.debian.org,
131709-done@bugs.debian.org, 131967-done@bugs.debian.org,
143620-done@bugs.debian.org, 96946-done@bugs.debian.org,
122738-done@bugs.debian.org, 122769-done@bugs.debian.org,
125895-done@bugs.debian.org, 126030-done@bugs.debian.org,
134970-done@bugs.debian.org, 136073-done@bugs.debian.org,
138282-done@bugs.debian.org, 141166-done@bugs.debian.org,
143404-done@bugs.debian.org, 144099-done@bugs.debian.org,
144245-done@bugs.debian.org, 144452-done@bugs.debian.org,
146132-done@bugs.debian.org, 146700-done@bugs.debian.org,
147122-done@bugs.debian.org, 147232-done@bugs.debian.org,
148962-done@bugs.debian.org, 149118-done@bugs.debian.org,
150333-done@bugs.debian.org, 150779-done@bugs.debian.org,
150790-done@bugs.debian.org, 150791-done@bugs.debian.org,
152863-done@bugs.debian.org, 153296-done@bugs.debian.org,
153861-done@bugs.debian.org, 154064-done@bugs.debian.org,
154284-done@bugs.debian.org, 155089-done@bugs.debian.org,
155379-done@bugs.debian.org, 155745-done@bugs.debian.org,
156015-done@bugs.debian.org, 156726-done@bugs.debian.org,
156748-done@bugs.debian.org, 157431-done@bugs.debian.org,
157815-done@bugs.debian.org, 158947-done@bugs.debian.org,
160223-done@bugs.debian.org, 160621-done@bugs.debian.org,
161074-done@bugs.debian.org, 161284-done@bugs.debian.org,
162387-done@bugs.debian.org, 163086-done@bugs.debian.org,
164007-done@bugs.debian.org, 164845-done@bugs.debian.org,
165345-done@bugs.debian.org, 170888-done@bugs.debian.org,
170904-done@bugs.debian.org, 170905-done@bugs.debian.org,
171027-done@bugs.debian.org, 173047-done@bugs.debian.org,
173899-done@bugs.debian.org, 174754-done@bugs.debian.org,
178832-done@bugs.debian.org, 180334-done@bugs.debian.org,
181119-done@bugs.debian.org, 181739-done@bugs.debian.org,
183811-done@bugs.debian.org, 184147-done@bugs.debian.org,
185111-done@bugs.debian.org, 185420-done@bugs.debian.org,
185610-done@bugs.debian.org, 186594-done@bugs.debian.org,
187486-done@bugs.debian.org, 187654-done@bugs.debian.org,
190358-done@bugs.debian.org, 192356-done@bugs.debian.org,
193029-done@bugs.debian.org, 194839-done@bugs.debian.org,
195251-done@bugs.debian.org, 195955-done@bugs.debian.org,
198864-done@bugs.debian.org, 205519-done@bugs.debian.org,
206056-done@bugs.debian.org, 208253-done@bugs.debian.org,
210825-done@bugs.debian.org, 210904-done@bugs.debian.org,
218514-done@bugs.debian.org, 223975-done@bugs.debian.org,
224469-done@bugs.debian.org, 224936-done@bugs.debian.org,
228848-done@bugs.debian.org, 231829-done@bugs.debian.org,
231896-done@bugs.debian.org, 237182-done@bugs.debian.org,
240201-done@bugs.debian.org, 245768-done@bugs.debian.org,
250735-done@bugs.debian.org, 255739-done@bugs.debian.org,
257451-done@bugs.debian.org, 261887-done@bugs.debian.org,
268103-done@bugs.debian.org, 268790-done@bugs.debian.org,
290239-done@bugs.debian.org, 304779-done@bugs.debian.org,
304780-done@bugs.debian.org, 304782-done@bugs.debian.org,
304783-done@bugs.debian.org, 304784-done@bugs.debian.org,
319391-done@bugs.debian.org, 110717-done@bugs.debian.org,
117319-done@bugs.debian.org, 129479-done@bugs.debian.org,
140305-done@bugs.debian.org, 145120-done@bugs.debian.org,
159887-done@bugs.debian.org, 163737-done@bugs.debian.org,
164460-done@bugs.debian.org, 164461-done@bugs.debian.org,
170764-done@bugs.debian.org, 174050-done@bugs.debian.org,
116583-done@bugs.debian.org, 137717-done@bugs.debian.org,
167240-done@bugs.debian.org, 313677-done@bugs.debian.org,
126370-done@bugs.debian.org, 127535-done@bugs.debian.org,
138467-done@bugs.debian.org, 142359-done@bugs.debian.org,
146713-done@bugs.debian.org, 156882-done@bugs.debian.org,
165156-done@bugs.debian.org, 131553-done@bugs.debian.org,
149275-done@bugs.debian.org, 113785-done@bugs.debian.org,
127677-done@bugs.debian.org, 154137-done@bugs.debian.org,
163386-done@bugs.debian.org, 57368-done@bugs.debian.org,
70639-done@bugs.debian.org, 136312-done@bugs.debian.org,
64571-done@bugs.debian.org, 69157-done@bugs.debian.org,
70944-done@bugs.debian.org, 82637-done@bugs.debian.org,
119753-done@bugs.debian.org, 127520-done@bugs.debian.org,
130893-done@bugs.debian.org, 140215-done@bugs.debian.org,
142669-done@bugs.debian.org, 143596-done@bugs.debian.org,
158422-done@bugs.debian.org, 165552-done@bugs.debian.org,
175686-done@bugs.debian.org, 175687-done@bugs.debian.org,
176881-done@bugs.debian.org, 190178-done@bugs.debian.org,
3905-done@bugs.debian.org, 19846-done@bugs.debian.org,
27004-done@bugs.debian.org, 29277-done@bugs.debian.org,
36071-done@bugs.debian.org, 48778-done@bugs.debian.org,
53940-done@bugs.debian.org, 59181-done@bugs.debian.org,
61065-done@bugs.debian.org, 64428-done@bugs.debian.org,
64430-done@bugs.debian.org, 64432-done@bugs.debian.org,
64569-done@bugs.debian.org, 64570-done@bugs.debian.org,
69150-done@bugs.debian.org, 69151-done@bugs.debian.org,
69153-done@bugs.debian.org, 74081-done@bugs.debian.org,
122741-done@bugs.debian.org, 127537-done@bugs.debian.org,
246443-done@bugs.debian.org, 144680-done@bugs.debian.org,
153854-done@bugs.debian.org, 156308-done@bugs.debian.org,
156710-done@bugs.debian.org, 120950-done@bugs.debian.org
Subject: boot-floppies end of life
Message-ID: <20051013202032.GA29224@kitenet.net>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="SUOF0GtieIMvvwua"
Content-Disposition: inline
User-Agent: Mutt/1.5.10i
Delivered-To: 152152-done@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no
version=2.60-bugs.debian.org_2005_01_02
X-CrossAssassin-Score: 55
--SUOF0GtieIMvvwua
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
I'm closing all bug reports filed on the boot-floppies since this
codebase has reached its end of life. boot-floppies is only in Debian
oldstable now (and temporarily in unstable because of bug #224469).
The new installer for sarge and beyond is of course, the
debian-installer. It solves a great many issues present in the
boot-floppies.
If you believe that your boot-floppies bug is still present in
debian-installer somehow, then please reopen the bug report and reassign
it there, or perhaps better, file a new bug report.
--=20
see shy jo
--SUOF0GtieIMvvwua
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDTsGQd8HHehbQuO8RAil3AKDfnY3wfJDkdHVbEnAoKeMupY8gTwCdEtIC
8hTPtIXG5jAc08y2yXWFJAg=
=+IWd
-----END PGP SIGNATURE-----
--SUOF0GtieIMvvwua--
Reply to: