--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: unblock: kfreebsd-8/8.3-6
- From: Christoph Egger <christoph@debian.org>
- Date: Sat, 24 Nov 2012 00:14:21 +0100
- Message-id: <20121123231421.66646.39376.reportbug@hel.hosts.sieglitzhof.net>
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package kfreebsd-8
This is a security update.
unblock kfreebsd-8/8.3-6
dpkg-source: warning: extracting unsigned source package (/home/christoph/debian/kfreebsd-8_8.3-5.dsc)
diff -Nru kfreebsd-8-8.3/debian/changelog kfreebsd-8-8.3/debian/changelog
--- kfreebsd-8-8.3/debian/changelog 2012-11-02 13:44:03.000000000 -0700
+++ kfreebsd-8-8.3/debian/changelog 2012-11-23 14:13:01.000000000 -0800
@@ -1,3 +1,11 @@
+kfreebsd-8 (8.3-6) unstable; urgency=medium
+
+ * Apply patch for SA-12:08 / CVE-2012-4576:
+ memory access without proper validation in linux compat system
+ (Closes: #694096)
+
+ -- Christoph Egger <christoph@debian.org> Fri, 23 Nov 2012 14:10:40 -0800
+
kfreebsd-8 (8.3-5) unstable; urgency=medium
[ Robert Millan ]
diff -Nru kfreebsd-8-8.3/debian/patches/SA-12_08.linux.patch kfreebsd-8-8.3/debian/patches/SA-12_08.linux.patch
--- kfreebsd-8-8.3/debian/patches/SA-12_08.linux.patch 1969-12-31 16:00:00.000000000 -0800
+++ kfreebsd-8-8.3/debian/patches/SA-12_08.linux.patch 2012-11-23 14:11:22.000000000 -0800
@@ -0,0 +1,16 @@
+Index: sys/compat/linux/linux_ioctl.c
+===================================================================
+--- a/sys/compat/linux/linux_ioctl.c (revision 242578)
++++ b/sys/compat/linux/linux_ioctl.c (working copy)
+@@ -2260,8 +2260,9 @@ again:
+
+ ifc.ifc_len = valid_len;
+ sbuf_finish(sb);
+- memcpy(PTRIN(ifc.ifc_buf), sbuf_data(sb), ifc.ifc_len);
+- error = copyout(&ifc, uifc, sizeof(ifc));
++ error = copyout(sbuf_data(sb), PTRIN(ifc.ifc_buf), ifc.ifc_len);
++ if (error == 0)
++ error = copyout(&ifc, uifc, sizeof(ifc));
+ sbuf_delete(sb);
+ CURVNET_RESTORE();
+
diff -Nru kfreebsd-8-8.3/debian/patches/series kfreebsd-8-8.3/debian/patches/series
--- kfreebsd-8-8.3/debian/patches/series 2012-11-02 13:31:42.000000000 -0700
+++ kfreebsd-8-8.3/debian/patches/series 2012-11-23 14:11:38.000000000 -0800
@@ -12,6 +12,7 @@
SA-12_04.sysret.patch
EN-12_02.ipv6refcount.patch
SCTP_DOS_svn239447.diff
+SA-12_08.linux.patch
# Other patches that might or might not be mergeable
001_misc.diff
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (500, 'testing'), (500, 'stable')
Architecture: kfreebsd-amd64 (x86_64)
Kernel: kFreeBSD 9.0-2-amd64
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--- End Message ---