Bug#768104: marked as done (kfreebsd-9: CVE-2014-8476: getlogin kernel memory disclosure)

To: Steven Chamberlain <steven@pyro.eu.org>
Subject: Bug#768104: marked as done (kfreebsd-9: CVE-2014-8476: getlogin kernel memory disclosure)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Fri, 14 Nov 2014 13:15:13 +0000
Message-id: <[🔎] handler.768104.D768104.14159706958422.ackdone@bugs.debian.org>
References: <20141114131128.GD26844@squeeze.pyro.eu.org> <[🔎] 20141105010508.23768.54845.reportbug@sid.kfreebsd-amd64.pyro.eu.org>

Your message dated Fri, 14 Nov 2014 13:11:29 +0000
with message-id <20141114131128.GD26844@squeeze.pyro.eu.org>
and subject line Re: Bug#768104: kfreebsd-9: CVE-2014-8476: getlogin kernel memory disclosure
has caused the Debian Bug report #768104,
regarding kfreebsd-9: CVE-2014-8476: getlogin kernel memory disclosure
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
768104: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768104
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: kfreebsd-9: CVE-2014-8476: getlogin kernel memory disclosure

From: Steven Chamberlain <steven@pyro.eu.org>

Date: Wed, 05 Nov 2014 01:05:08 +0000

Message-id: <[🔎] 20141105010508.23768.54845.reportbug@sid.kfreebsd-amd64.pyro.eu.org>
Package: src:kfreebsd-9
Version: 9.0-10+deb70.7
Severity: grave
Tags: security patch upstream

Hi,

kfreebsd 9.0 (not officially supported upstream) seems vulnerable to an
issue just announced in 9.1 and later:

http://security.FreeBSD.org/advisories/FreeBSD-SA-14:25.setlogin.asc

kfreebsd-8 8.3 in wheezy, kfreebsd-10 in sid/jessie, and kfreebsd-11 in
experimental also seem to be affected by this.

-- System Information:
Debian Release: jessie/sid
Architecture: kfreebsd-amd64 (x86_64)

Kernel: kFreeBSD 9.0-2-amd64-xenhvm-ipsec
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--- End Message ---

--- Begin Message ---

To: 768104-done@bugs.debian.org

Subject: Re: Bug#768104: kfreebsd-9: CVE-2014-8476: getlogin kernel memory disclosure

From: Steven Chamberlain <steven@pyro.eu.org>

Date: Fri, 14 Nov 2014 13:11:29 +0000

Message-id: <20141114131128.GD26844@squeeze.pyro.eu.org>

In-reply-to: <[🔎] 20141105010508.23768.54845.reportbug@sid.kfreebsd-amd64.pyro.eu.org>

References: <[🔎] 20141105010508.23768.54845.reportbug@sid.kfreebsd-amd64.pyro.eu.org>
Source-Version: 9.0-10+deb70.8
--- End Message ---

Reply to:

References:
- Bug#768104: kfreebsd-9: CVE-2014-8476: getlogin kernel memory disclosure
  - From: Steven Chamberlain <steven@pyro.eu.org>

Prev by Date: [TODO] Bits from kfreebsd Maintainers
Next by Date: Re: jenkins kfreebsd jobs (Re: Plan B for kfreebsd)
Previous by thread: Bug#768104: kfreebsd-9: CVE-2014-8476: getlogin kernel memory disclosure
Next by thread: Processed (with 6 errors): Re: Bug#768104: kfreebsd-9: CVE-2014-8476: getlogin kernel memory disclosure
Index(es):
- Date
- Thread