Bug#776416: kfreebsd-10: CVE-2014-8613: SCTP stream reset vulnerability

[Steven Chamberlain <steven@pyro.eu.org>]

Package: kfreebsd-10
Version: 10.1~svn274115-1
Severity: grave
Tags: security patch

Hi,

A unprivileged local DoS was reported in the FreeBSD kernel
implementation of SCTP:
https://security.freebsd.org/advisories/FreeBSD-SA-15:03.sctp.asc

This only affects systems serving SCTP connections.  A patch from
upstream should be uploaded soon fixing this in kfreebsd-10.

kfreebsd-9 in stable is not affected, since the last security upload
9.0-10+deb70.8 disabled this protocol.

kfreebsd-8 does not receive regular security updates, but we may decide
to disable SCTP there too.  (It's expected nobody would be using SCTP in
GNU/kFreeBSD squeeze or prior, because no userland tools had been ported
yet).

-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable')
Architecture: kfreebsd-amd64 (x86_64)

Kernel: kFreeBSD 9.0-2-amd64-xenhvm-ipsec
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash