Bug#722336: kfreebsd-9: CVE-2013-5666: sendfile kernel memory disclosure

To: submit@bugs.debian.org
Subject: Bug#722336: kfreebsd-9: CVE-2013-5666: sendfile kernel memory disclosure
From: Steven Chamberlain <steven@pyro.eu.org>
Date: Tue, 10 Sep 2013 12:31:05 +0100
Message-id: <[🔎] 522F02F9.1060902@pyro.eu.org>
Reply-to: Steven Chamberlain <steven@pyro.eu.org>, 722336@bugs.debian.org

Package: src:kfreebsd-9
Version: 9.2~svn253912-1
Severity: grave
Tags: security upstream

http://security.FreeBSD.org/advisories/FreeBSD-SA-13:11.sendfile.asc

This affects 9.2 only.  The advisory says this is fixed in r255444 but
I'm not sure if that's correct.  SA-13:12 and SA-13:13 are fixed in that
commit.

-- System Information:
Debian Release: 7.1
  APT prefers proposed-updates
  APT policy: (500, 'proposed-updates'), (500, 'stable')
Architecture: kfreebsd-amd64 (x86_64)

Kernel: kFreeBSD 9.0-2-amd64-xenhvm
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages kfreebsd-image-9.0-2-amd64-xenhvm depends on:
ii  devd           9.0-10+deb70.3
ii  freebsd-utils  9.0-10+deb70.3
ii  kbdcontrol     9.0-10+deb70.3
ii  kldutils       9.0-10+deb70.3

kfreebsd-image-9.0-2-amd64-xenhvm recommends no packages.

kfreebsd-image-9.0-2-amd64-xenhvm suggests no packages.

-- no debconf information

Reply to:

Follow-Ups:
- Bug#722336: kfreebsd-9: CVE-2013-5666: sendfile kernel memory disclosure
  - From: Ed Maste <emaste@freebsd.org>
- Bug#722336: marked as done (kfreebsd-9: CVE-2013-5666: sendfile kernel memory disclosure)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#644353: Enabling IPSEC
Next by Date: Bug#722337: kfreebsd-9: CVE-2013-5710: nullfs hardlinks across mounts
Previous by thread: Re: Bug#644353: Enabling IPSEC
Next by thread: Bug#722336: kfreebsd-9: CVE-2013-5666: sendfile kernel memory disclosure
Index(es):
- Date
- Thread