Bug#694109: marked as done (unblock: kfreebsd-9/9.0-10)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Sun, 09 Dec 2012 13:24:29 +0100
with message-id <50C482FD.7070800@thykier.net>
and subject line Re: Bug#694109: Make that kfreebsd-9_9.0-10
has caused the Debian Bug report #694109,
regarding unblock: kfreebsd-9/9.0-10
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
694109: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694109
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: unblock: kfreebsd-9/9.0-9
• From: Christoph Egger <christoph@debian.org>
• Date: Sat, 24 Nov 2012 00:16:18 +0100
• Message-id: <20121123231618.66793.38761.reportbug@hel.hosts.sieglitzhof.net>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package kfreebsd-9

  Same security update as for -8

  I can revert the other change, though it's usefull to have in the
  source for our users

unblock kfreebsd-9/9.0-9

dpkg-source: warning: extracting unsigned source package (/home/christoph/debian/kfreebsd-9_9.0-9.dsc)
diff -Nru kfreebsd-9-9.0/debian/changelog kfreebsd-9-9.0/debian/changelog
--- kfreebsd-9-9.0/debian/changelog	  2012-10-29 12:10:41.000000000 -0700
+++ kfreebsd-9-9.0/debian/changelog	  2012-11-23 13:59:41.000000000 -0800
@@ -1,9 +1,19 @@
-kfreebsd-9 (9.0-8) unstable; urgency=low
+kfreebsd-9 (9.0-9) unstable; urgency=medium
 
-  * Build source package on a kfreebsd system
-    * This should bring back the udebs lost in -7
+  * Apply patch for SA-12:08 / CVE-2012-4576:
+    memory access without proper validation in linux compat system
+    (Closes: #694097)
+  * Touch conf/DEBIAN to avoid build failures in case someone wants to build the
+    kernel with firmware included.
+
+ -- Christoph Egger <christoph@debian.org>  Fri, 23 Nov 2012 13:45:15 -0800
 
- -- Christoph Egger <christoph@debian.org>  Mon, 29 Oct 2012 12:04:47 -0700
+kfreebsd-9 (9.0-8) unstable; urgency=low
+  
+  * Build source package on a kfreebsd system
+  * This should bring back the udebs lost in -7
+  
+ -- Christoph Egger <christoph@debian.org>  Mon, 29 Oct 2012 12:04:47 -0700 
 
 kfreebsd-9 (9.0-7) unstable; urgency=medium
 
diff -Nru kfreebsd-9-9.0/debian/patches/SA-12_08.linux.patch kfreebsd-9-9.0/debian/patches/SA-12_08.linux.patch
--- kfreebsd-9-9.0/debian/patches/SA-12_08.linux.patch	     1969-12-31 16:00:00.000000000 -0800
+++ kfreebsd-9-9.0/debian/patches/SA-12_08.linux.patch	     2012-11-23 13:48:51.000000000 -0800
@@ -0,0 +1,16 @@
+Index: sys/compat/linux/linux_ioctl.c
+===================================================================
+--- a/sys/compat/linux/linux_ioctl.c	(revision 242578)
++++ b/sys/compat/linux/linux_ioctl.c	(working copy)
+@@ -2260,8 +2260,9 @@ again:
+ 
+	ifc.ifc_len = valid_len; 
+ 	sbuf_finish(sb);
+-	memcpy(PTRIN(ifc.ifc_buf), sbuf_data(sb), ifc.ifc_len);
+-	error = copyout(&ifc, uifc, sizeof(ifc));
++	error = copyout(sbuf_data(sb), PTRIN(ifc.ifc_buf), ifc.ifc_len);
++	if (error == 0)
++	   error = copyout(&ifc, uifc, sizeof(ifc));
+ 	   sbuf_delete(sb);
+ 	   CURVNET_RESTORE();
+ 
diff -Nru kfreebsd-9-9.0/debian/patches/series kfreebsd-9-9.0/debian/patches/series
--- kfreebsd-9-9.0/debian/patches/series       2012-10-29 12:03:47.000000000 -0700
+++ kfreebsd-9-9.0/debian/patches/series       2012-11-23 13:44:03.000000000 -0800
@@ -7,6 +7,7 @@
 fix_VOP_VPTOCNP_bypass_for_nullfs.diff
 pf_counter_initialization_SVN236364.diff
 svn239447_SCTP_DoS.patch
+SA-12_08.linux.patch
 
 # Other patches that might or might not be mergeable
 001_misc.diff
diff -Nru kfreebsd-9-9.0/debian/rules kfreebsd-9-9.0/debian/rules
--- kfreebsd-9-9.0/debian/rules	      2012-10-29 12:03:47.000000000 -0700
+++ kfreebsd-9-9.0/debian/rules	      2012-11-23 13:58:59.000000000 -0800
@@ -179,6 +179,11 @@
   # Configure the kernel
   cp debian/arch/$(cpu)/$*.config $(FLAVOR_DIR)-$*/sys/$(kfreebsd_cpu)/conf/
   ln -sf $*.config $(FLAVOR_DIR)-$*/sys/$(kfreebsd_cpu)/conf/$(configfile)
+  # this file is generated by 999_firmware.patch. However, pretending
+  # someone wants to build a custom kernel with firmware included this
+  # yields to a build failure if the file does not exist. It can be empty,
+  # however.
+  touch $(FLAVOR_DIR)-$*/sys/$(kfreebsd_cpu)/conf/DEBIAN
   cd $(FLAVOR_DIR)-$*/sys/$(kfreebsd_cpu)/conf \
      && config $(configfile)

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing'), (500, 'stable')
Architecture: kfreebsd-amd64 (x86_64)

Kernel: kFreeBSD 9.0-2-amd64
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

--- End Message ---

--- Begin Message ---

• To: Cyril Brulebois <kibi@debian.org>, 694109-done@bugs.debian.org
• Cc: Christoph Egger <christoph@debian.org>
• Subject: Re: Bug#694109: Make that kfreebsd-9_9.0-10
• From: Niels Thykier <niels@thykier.net>
• Date: Sun, 09 Dec 2012 13:24:29 +0100
• Message-id: <50C482FD.7070800@thykier.net>
• In-reply-to: <[🔎] 20121209121956.GD27646@mraw.org>
• References: <87vccvtwnn.fsf@mitoraj.siccegge.de> <50B084BA.1040602@thykier.net> <[🔎] 20121209121956.GD27646@mraw.org>

On 2012-12-09 13:19, Cyril Brulebois wrote:
> Niels Thykier <niels@thykier.net> (24/11/2012):
>> Ack from release, now just waiting for d-i approval.
> 
> Interesting output in 'd'…
> 
> Anyway, d-i ack, with apologies for the delay.
> 
> Mraw,
> KiBi.

Unblocked, thanks.

~Niels

--- End Message ---