Bug#712664: kfreebsd-9: CVE-2013-2171: Privilege escalation via mmap
On Wed, Jun 19, 2013 at 09:23:49PM +0100, Steven Chamberlain wrote:
> Attached are proposed debdiffs for an upload to wheezy-security, based
> on the version currently in wheezy.
Thanks Steven and Christoph for working on this issue.
> The versioning scheme for the last security upload (with +deb70.$n)
> looks a bit weird to me (and it has lower value than the next changelog
> entry). So I also attach a second debdiff, proposing a different form.
Debdiff should be based on current wheezy(-security) version, so make
the debdiff part for the changelog (i.e. without the unstable
> diff -Nru kfreebsd-9-9.0/debian/changelog kfreebsd-9-9.0/debian/changelog
> --- kfreebsd-9-9.0/debian/changelog 2013-05-01 13:59:20.000000000 +0100
> +++ kfreebsd-9-9.0/debian/changelog 2013-06-19 20:49:15.000000000 +0100
> @@ -1,3 +1,17 @@
> +kfreebsd-9 (9.0-10+deb70.2) wheezy-security; urgency=high
> + * Team upload.
> + * Upload for wheezy-security
> + * Pick SVN 251902 from FreeBSD 9-STABLE to fix SA-13:06 / CVE-2013-2171:
> + Privilege escalation via mmap (Closes: #712664)
> + -- Steven Chamberlain <email@example.com> Wed, 19 Jun 2013 20:36:54 +0100
> kfreebsd-9 (9.0-10+deb70.1) wheezy-security; urgency=high
> * Upload for wheezy-security
The versioning is indeed a bit ugly (preferred would have beeen also
for the previous one +deb7uX, and incrementing X, there is a pending
update for dev-ref describing this, see ).
> Please could someone with the necessary access, open a security.d.o RT
> ticket asking permission to upload whichever one of these, and for a DSA
> to be issued?
Small remark on this one: You also can do that in every case, no
necessary permissions for RT are needed: write a mail to
firstname.lastname@example.org with subject containing [Debian RT], see .