Bug#633561: pu: package kfreebsd-8/8.1+dfsg-8+squeeze1
tags 633561 + moreinfo squeeze
Apologies for letting this fall between the cracks for so long.
On Mon, 2011-07-11 at 17:46 +0200, Robert Millan wrote:
> Please consider this update for kfreebsd-8 in squeeze. It fixes a security
> bug, a kernel panic condition in if_msk driver, and disables a buggy patch
> which disabled 58 kernel modules (including many drivers for USB devices
> and a few network cards) from the build system.
> * Fix net802.11 stack kernel memory disclosure (CVE-2011-2480).
> (Closes: #631160)
> - 000_net80211_disclosure.diff
This looks okay, although I think you meant #631161. Your last message
in the log there says "uploaded to unstable, but the bug is still open
with no fixed versions recorded. Please could you clarify the status
> * Merge backported if_msk driver from 8-STABLE. (Closes: #628954)
> - 000_msk_backport.diff
This should be okay, assuming that the resulting driver has been tested
on Squeeze systems. A targetted fix would be preferable, but it sounds
from the upstream report as if that's not particularly easy to
> * Disable buggy 009_disable_duped_modules.diff. It was disabling many
> more modules than built into kernel (e.g. all USB modules).
A few queries here, I'm afraid.
- What's the effect of re-enabling the (duplicate) building of the
modules which were intended to be disabled?
- Does this affect which modules end up in the udebs?
- The changelog comment from when the patch was introduced says that it
made a ~4MB difference to the size of the image. As that was 2007, I'm
assuming that the size difference is a fair bit larger now?
- If the impact of the patch was to disable all USB modules, why was it
not disabled sooner?