Bug#818423: marked as done (kfreebsd-10: CVE-2016-1883: Linux compatibility layer issetugid(2) system call vulnerability)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Thu, 17 Mar 2016 03:59:34 +0000
with message-id <E1agP5y-0007sz-7t@franck.debian.org>
and subject line Bug#818423: fixed in kfreebsd-10 10.1~svn274115-4+kbsd8u3
has caused the Debian Bug report #818423,
regarding kfreebsd-10: CVE-2016-1883: Linux compatibility layer issetugid(2) system call vulnerability
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
818423: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818423
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: kfreebsd-10: CVE-2016-1883: Linux compatibility layer issetugid(2) system call vulnerability
• From: Steven Chamberlain <steven@pyro.eu.org>
• Date: Wed, 16 Mar 2016 23:11:26 +0000
• Message-id: <[🔎] 145816988643.84275.1851780611342799556.reportbug@sid.kfreebsd-amd64.pyro.eu.org>

Package: src:kfreebsd-10
Version: 10.1~svn274115-4+kbsd8u2
Severity: important
Tags: security upstream

kfreebsd's Linux binary compatibility layer (linux.ko module) has a
programming error that could allow for privilege esclation to happen.
Although, this feature is not typically used by Debian GNU/kFreeBSD
unless the system administrator has enabled it.

https://security.FreeBSD.org/advisories/FreeBSD-SA-16:10.linux.asc

This affects kfreebsd-10, and also kfreebsd-9 in wheezy.

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: kfreebsd-amd64 (x86_64)

Kernel: kFreeBSD 10.1-0-amd64
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

--- End Message ---

--- Begin Message ---

• To: 818423-close@bugs.debian.org
• Subject: Bug#818423: fixed in kfreebsd-10 10.1~svn274115-4+kbsd8u3
• From: Steven Chamberlain <steven@pyro.eu.org>
• Date: Thu, 17 Mar 2016 03:59:34 +0000
• Message-id: <E1agP5y-0007sz-7t@franck.debian.org>

Source: kfreebsd-10
Source-Version: 10.1~svn274115-4+kbsd8u3

We believe that the bug you reported is fixed in the latest version of
kfreebsd-10, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 818423@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Steven Chamberlain <steven@pyro.eu.org> (supplier of updated kfreebsd-10 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Wed, 16 Mar 2016 23:16:33 +0000
Source: kfreebsd-10
Binary: kfreebsd-source-10.1 kfreebsd-headers-10.1-0 kfreebsd-image-10.1-0-amd64 kfreebsd-image-10-amd64 kfreebsd-headers-10.1-0-amd64 kfreebsd-headers-10-amd64 kernel-image-10.1-0-amd64-di nic-modules-10.1-0-amd64-di nic-wireless-modules-10.1-0-amd64-di nic-shared-modules-10.1-0-amd64-di serial-modules-10.1-0-amd64-di usb-serial-modules-10.1-0-amd64-di ppp-modules-10.1-0-amd64-di cdrom-modules-10.1-0-amd64-di scsi-core-modules-10.1-0-amd64-di scsi-modules-10.1-0-amd64-di scsi-extra-modules-10.1-0-amd64-di plip-modules-10.1-0-amd64-di floppy-modules-10.1-0-amd64-di loop-modules-10.1-0-amd64-di ipv6-modules-10.1-0-amd64-di nls-core-modules-10.1-0-amd64-di ext2-modules-10.1-0-amd64-di isofs-modules-10.1-0-amd64-di reiserfs-modules-10.1-0-amd64-di fat-modules-10.1-0-amd64-di zfs-modules-10.1-0-amd64-di nfs-modules-10.1-0-amd64-di nullfs-modules-10.1-0-amd64-di md-modules-10.1-0-amd64-di parport-modules-10.1-0-amd64-di nic-usb-modules-10.1-0-amd64-di
 sata-modules-10.1-0-amd64-di acpi-modules-10.1-0-amd64-di i2c-modules-10.1-0-amd64-di crypto-modules-10.1-0-amd64-di crypto-dm-modules-10.1-0-amd64-di mmc-core-modules-10.1-0-amd64-di mmc-modules-10.1-0-amd64-di sound-modules-10.1-0-amd64-di zlib-modules-10.1-0-amd64-di kfreebsd-image-10.1-0-486 kfreebsd-image-10-486 kfreebsd-headers-10.1-0-486 kfreebsd-headers-10-486 kfreebsd-image-10.1-0-686 kfreebsd-image-10-686 kfreebsd-headers-10.1-0-686 kfreebsd-headers-10-686 kfreebsd-image-10.1-0-xen kfreebsd-image-10-xen kfreebsd-headers-10.1-0-xen kfreebsd-headers-10-xen kernel-image-10.1-0-486-di nic-modules-10.1-0-486-di nic-wireless-modules-10.1-0-486-di nic-shared-modules-10.1-0-486-di serial-modules-10.1-0-486-di usb-serial-modules-10.1-0-486-di ppp-modules-10.1-0-486-di cdrom-modules-10.1-0-486-di scsi-core-modules-10.1-0-486-di scsi-modules-10.1-0-486-di scsi-extra-modules-10.1-0-486-di plip-modules-10.1-0-486-di floppy-modules-10.1-0-486-di
 loop-modules-10.1-0-486-di ipv6-modules-10.1-0-486-di nls-core-modules-10.1-0-486-di ext2-modules-10.1-0-486-di isofs-modules-10.1-0-486-di reiserfs-modules-10.1-0-486-di fat-modules-10.1-0-486-di zfs-modules-10.1-0-486-di nfs-modules-10.1-0-486-di nullfs-modules-10.1-0-486-di md-modules-10.1-0-486-di parport-modules-10.1-0-486-di nic-usb-modules-10.1-0-486-di sata-modules-10.1-0-486-di acpi-modules-10.1-0-486-di i2c-modules-10.1-0-486-di crypto-modules-10.1-0-486-di crypto-dm-modules-10.1-0-486-di mmc-core-modules-10.1-0-486-di mmc-modules-10.1-0-486-di sound-modules-10.1-0-486-di
 zlib-modules-10.1-0-486-di
Architecture: source all
Version: 10.1~svn274115-4+kbsd8u3
Distribution: jessie-kfreebsd
Urgency: high
Maintainer: GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>
Changed-By: Steven Chamberlain <steven@pyro.eu.org>
Description:
 acpi-modules-10.1-0-486-di - ACPI support modules (udeb)
 acpi-modules-10.1-0-amd64-di - ACPI support modules (udeb)
 cdrom-modules-10.1-0-486-di - Esoteric CDROM drivers (udeb)
 cdrom-modules-10.1-0-amd64-di - Esoteric CDROM drivers (udeb)
 crypto-dm-modules-10.1-0-486-di - devicemapper crypto module (udeb)
 crypto-dm-modules-10.1-0-amd64-di - devicemapper crypto module (udeb)
 crypto-modules-10.1-0-486-di - crypto modules (udeb)
 crypto-modules-10.1-0-amd64-di - crypto modules (udeb)
 ext2-modules-10.1-0-486-di - EXT2 filesystem support (udeb)
 ext2-modules-10.1-0-amd64-di - EXT2 filesystem support (udeb)
 fat-modules-10.1-0-486-di - FAT filesystem support (udeb)
 fat-modules-10.1-0-amd64-di - FAT filesystem support (udeb)
 floppy-modules-10.1-0-486-di - Floppy driver (udeb)
 floppy-modules-10.1-0-amd64-di - Floppy driver (udeb)
 i2c-modules-10.1-0-486-di - i2c support modules (udeb)
 i2c-modules-10.1-0-amd64-di - i2c support modules (udeb)
 ipv6-modules-10.1-0-486-di - IPv6 driver (udeb)
 ipv6-modules-10.1-0-amd64-di - IPv6 driver (udeb)
 isofs-modules-10.1-0-486-di - ISOFS filesystem support (udeb)
 isofs-modules-10.1-0-amd64-di - ISOFS filesystem support (udeb)
 kernel-image-10.1-0-486-di - kFreeBSD binary image for the Debian installer (udeb)
 kernel-image-10.1-0-amd64-di - kFreeBSD binary image for the Debian installer (udeb)
 kfreebsd-headers-10-486 - header files for kernel of FreeBSD 10 (meta-package)
 kfreebsd-headers-10-686 - header files for kernel of FreeBSD 10 (meta-package)
 kfreebsd-headers-10-amd64 - header files for kernel of FreeBSD 10 (meta-package)
 kfreebsd-headers-10-xen - header files for kernel of FreeBSD 10 (meta-package)
 kfreebsd-headers-10.1-0 - Common architecture-specific header files for kernel of FreeBSD 1
 kfreebsd-headers-10.1-0-486 - header files for kernel of FreeBSD 10.1
 kfreebsd-headers-10.1-0-686 - header files for kernel of FreeBSD 10.1
 kfreebsd-headers-10.1-0-amd64 - header files for kernel of FreeBSD 10.1
 kfreebsd-headers-10.1-0-xen - header files for kernel of FreeBSD 10.1
 kfreebsd-image-10-486 - kernel of FreeBSD 10 image (meta-package)
 kfreebsd-image-10-686 - kernel of FreeBSD 10 image (meta-package)
 kfreebsd-image-10-amd64 - kernel of FreeBSD 10 image (meta-package)
 kfreebsd-image-10-xen - kernel of FreeBSD 10 image (meta-package)
 kfreebsd-image-10.1-0-486 - kernel of FreeBSD 10.1 image
 kfreebsd-image-10.1-0-686 - kernel of FreeBSD 10.1 image
 kfreebsd-image-10.1-0-amd64 - kernel of FreeBSD 10.1 image
 kfreebsd-image-10.1-0-xen - kernel of FreeBSD 10.1 image
 kfreebsd-source-10.1 - source code for kernel of FreeBSD 10.1 with Debian patches
 loop-modules-10.1-0-486-di - Loopback filesystem support (udeb)
 loop-modules-10.1-0-amd64-di - Loopback filesystem support (udeb)
 md-modules-10.1-0-486-di - RAID and LVM support (udeb)
 md-modules-10.1-0-amd64-di - RAID and LVM support (udeb)
 mmc-core-modules-10.1-0-486-di - MMC/SD/SDIO core modules (udeb)
 mmc-core-modules-10.1-0-amd64-di - MMC/SD/SDIO core modules (udeb)
 mmc-modules-10.1-0-486-di - MMC/SD card modules (udeb)
 mmc-modules-10.1-0-amd64-di - MMC/SD card modules (udeb)
 nfs-modules-10.1-0-486-di - NFS filesystem support (udeb)
 nfs-modules-10.1-0-amd64-di - NFS filesystem support (udeb)
 nic-modules-10.1-0-486-di - Common NIC drivers (udeb)
 nic-modules-10.1-0-amd64-di - Common NIC drivers (udeb)
 nic-shared-modules-10.1-0-486-di - Shared NIC drivers (udeb)
 nic-shared-modules-10.1-0-amd64-di - Shared NIC drivers (udeb)
 nic-usb-modules-10.1-0-486-di - USB NIC drivers (udeb)
 nic-usb-modules-10.1-0-amd64-di - USB NIC drivers (udeb)
 nic-wireless-modules-10.1-0-486-di - Wireless NIC drivers (udeb)
 nic-wireless-modules-10.1-0-amd64-di - Wireless NIC drivers (udeb)
 nls-core-modules-10.1-0-486-di - Core NLS support (udeb)
 nls-core-modules-10.1-0-amd64-di - Core NLS support (udeb)
 nullfs-modules-10.1-0-486-di - nullfs filesystem support (udeb)
 nullfs-modules-10.1-0-amd64-di - nullfs filesystem support (udeb)
 parport-modules-10.1-0-486-di - Parallel port support (udeb)
 parport-modules-10.1-0-amd64-di - Parallel port support (udeb)
 plip-modules-10.1-0-486-di - PLIP drivers (udeb)
 plip-modules-10.1-0-amd64-di - PLIP drivers (udeb)
 ppp-modules-10.1-0-486-di - PPP drivers (udeb)
 ppp-modules-10.1-0-amd64-di - PPP drivers (udeb)
 reiserfs-modules-10.1-0-486-di - Reiser filesystem support (udeb)
 reiserfs-modules-10.1-0-amd64-di - Reiser filesystem support (udeb)
 sata-modules-10.1-0-486-di - SATA drivers (udeb)
 sata-modules-10.1-0-amd64-di - SATA drivers (udeb)
 scsi-core-modules-10.1-0-486-di - Core SCSI subsystem (udeb)
 scsi-core-modules-10.1-0-amd64-di - Core SCSI subsystem (udeb)
 scsi-extra-modules-10.1-0-486-di - Uncommon SCSI drivers (udeb)
 scsi-extra-modules-10.1-0-amd64-di - Uncommon SCSI drivers (udeb)
 scsi-modules-10.1-0-486-di - SCSI drivers (udeb)
 scsi-modules-10.1-0-amd64-di - SCSI drivers (udeb)
 serial-modules-10.1-0-486-di - Serial drivers (udeb)
 serial-modules-10.1-0-amd64-di - Serial drivers (udeb)
 sound-modules-10.1-0-486-di - sound support (udeb)
 sound-modules-10.1-0-amd64-di - sound support (udeb)
 usb-serial-modules-10.1-0-486-di - USB serial drivers (udeb)
 usb-serial-modules-10.1-0-amd64-di - USB serial drivers (udeb)
 zfs-modules-10.1-0-486-di - ZFS filesystem support (udeb)
 zfs-modules-10.1-0-amd64-di - ZFS filesystem support (udeb)
 zlib-modules-10.1-0-486-di - zlib modules (udeb)
 zlib-modules-10.1-0-amd64-di - zlib modules (udeb)
Closes: 818423 818426
Changes:
 kfreebsd-10 (10.1~svn274115-4+kbsd8u3) jessie-kfreebsd; urgency=high
 .
   * Pick SVN r294904 from FreeBSD 10.1-RELEASE:
     - SA-16:10: Fix Linux compatibility layer issetugid(2) system call
       vulnerability. (CVE-2016-1883) (Closes: #818423)
   * Pick SVN r296954 from FreeBSD 10.1-RELEASE:
     - SA-16:15: Fix incorrect argument validation in sysarch(2).
       (CVE-2016-1885) (Closes: #818426)
Checksums-Sha1:
 5bc01db8a3b2bd34b6b6915275048fd5f659e4a4 11391 kfreebsd-10_10.1~svn274115-4+kbsd8u3.dsc
 26ea51d1c7370fcff0228eefcc920b1fa2f8bac2 153204 kfreebsd-10_10.1~svn274115-4+kbsd8u3.debian.tar.xz
 b050acdcc8a01140e7e4003520b5d9e9d9baebdf 26285028 kfreebsd-source-10.1_10.1~svn274115-4+kbsd8u3_all.deb
Checksums-Sha256:
 e993048186436b840a34d41c8ff8b6cef4d63529cbbe0d7970b98bf9636bd76d 11391 kfreebsd-10_10.1~svn274115-4+kbsd8u3.dsc
 c4ce7057f3d5f9765fb319688d507480d7adf67c0200643adad4c28a5b3b1fd8 153204 kfreebsd-10_10.1~svn274115-4+kbsd8u3.debian.tar.xz
 a8fce04c33251825a6f20f33afee49a606ded91bfabd9f6bc53d790dc5f8a876 26285028 kfreebsd-source-10.1_10.1~svn274115-4+kbsd8u3_all.deb
Files:
 fb78bc1894b1d48b3c9a0c7ce40a7311 11391 kernel optional kfreebsd-10_10.1~svn274115-4+kbsd8u3.dsc
 a0e6d6c7fc95992df4026d775e27a1a5 153204 kernel optional kfreebsd-10_10.1~svn274115-4+kbsd8u3.debian.tar.xz
 99441c7acb533d18ce48ebbd95ac7e98 26285028 kernel optional kfreebsd-source-10.1_10.1~svn274115-4+kbsd8u3_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJW6gvTAAoJELrpzbaMAu5T18oH/A9kz1XJJKA5fWxEAMZPsJmQ
EH0qvcBZOcfnOw4ZctwQ/6mcIA67awX4Au3oDI2Sv98wbvTEoM7GgNR05X+Y2azK
r9jqoU9B8fZSxNV5WHzHuxdmwmpwH/Yzqtqie4cc65xagGv3LEQg/C5RWCFLpadM
j22+URXWA1uCE42cJ+386r5qeADhWoMkC03+UbnzIye0Vw+MNe0qMQO/ttL4jYKU
iSqTv8YHwJWi9BAjb+JLk27NqyCbNEnUvFUcLoqPWq3m4PWDYyy0jctxWndAp+Zh
SQUkRPzTGaivkf3y+XK5uTRMtghZnT+iFCw0iC+tct/vxZRxETl1u4QOz3PerBQ=
=0DPk
-----END PGP SIGNATURE-----

--- End Message ---