Your message dated Fri, 15 Apr 2005 10:17:17 -0400
with message-id <[EMAIL PROTECTED]>
and subject line Bug#304766: fixed in kfreebsd5-source 5.3-9
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 15 Apr 2005 10:58:37 +0000
>From [EMAIL PROTECTED] Fri Apr 15 03:58:37 2005
Return-path: <[EMAIL PROTECTED]>
Received: from 216.red-62-57-140.user.auna.net (aragorn) [62.57.140.216]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DMOWy-0007Am-00; Fri, 15 Apr 2005 03:58:36 -0700
Received: from rmh by aragorn with local (Exim 4.50)
id 1DMOWx-0003EI-GM
for [EMAIL PROTECTED]; Fri, 15 Apr 2005 12:58:35 +0200
Date: Fri, 15 Apr 2005 12:58:35 +0200
From: Robert Millan <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Fwd: FreeBSD Security Advisory FreeBSD-SA-05:04.ifconf
Message-ID: <[EMAIL PROTECTED]>
References: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <[EMAIL PROTECTED]>
Sender: Robert Millan <[EMAIL PROTECTED]>
Organisation: free as in freedom
User-Agent: Mutt/1.5.9i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: kfreebsd5-source
Severity: grave
Tags: security patch
On Fri, Apr 15, 2005 at 01:58:06AM +0000, FreeBSD Security Advisories wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> =============================================================================
> FreeBSD-SA-05:04.ifconf Security Advisory
> The FreeBSD Project
>
> Topic: Kernel memory disclosure in ifconf()
>
> Category: core
> Module: sys_net
> Announced: 2005-04-15
> Credits: Ilja van Sprundel
> Affects: All FreeBSD 4.x releases
> All FreeBSD 5.x releases prior to 5.4-RELEASE
> Corrected: 2005-04-15 01:51:44 UTC (RELENG_5, 5.4-STABLE)
> 2005-04-15 01:52:03 UTC (RELENG_5_4, 5.4-RELEASE)
> 2005-04-15 01:52:25 UTC (RELENG_5_3, 5.3-RELEASE-p9)
> 2005-04-15 01:52:40 UTC (RELENG_4, 4.11-STABLE)
> 2005-04-15 01:52:57 UTC (RELENG_4_11, 4.11-RELEASE-p3)
> 2005-04-15 01:53:14 UTC (RELENG_4_10, 4.10-RELEASE-p8)
>
> For general information regarding FreeBSD Security Advisories,
> including descriptions of the fields above, security branches, and the
> following sections, please visit
> <URL:http://www.freebsd.org/security/>.
>
> I. Background
>
> The SIOCGIFCONF ioctl allows a user process to ask the kernel to produce
> a list of the existing network interfaces and copy it into a buffer
> provided by the user process.
>
> II. Problem Description
>
> In generating the list of network interfaces, the kernel writes into a
> portion of a buffer without first zeroing it. As a result, the prior
> contents of the buffer will be disclosed to the calling process.
>
> III. Impact
>
> Up to 12 bytes of kernel memory may be disclosed to the user process.
> Such memory might contain sensitive information, such as portions of
> the file cache or terminal buffers. This information might be directly
> useful, or it might be leveraged to obtain elevated privileges in some
> way. For example, a terminal buffer might include a user-entered
> password.
>
> IV. Workaround
>
> No known workaround.
>
> V. Solution
>
> Perform one of the following:
>
> 1) Upgrade your vulnerable system to 4-STABLE or 5-STABLE, or to the
> RELENG_5_3, RELENG_4_11, or RELENG_4_10 security branch dated after the
> correction date.
>
> 2) To patch your present system:
>
> The following patches have been verified to apply to FreeBSD 4.10, 4.11,
> and 5.3 systems.
>
> a) Download the relevant patch from the location below, and verify the
> detached PGP signature using your PGP utility.
>
> [FreeBSD 4.x]
> # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:04/ifconf4.patch
> # fetch
> ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:04/ifconf4.patch.asc
>
> [FreeBSD 5.3]
> # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:04/ifconf5.patch
> # fetch
> ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:04/ifconf5.patch.asc
>
> b) Apply the patch.
>
> # cd /usr/src
> # patch < /path/to/patch
>
> c) Recompile your kernel as described in
> <URL:http://www.freebsd.org/handbook/kernelconfig.html> and reboot the
> system.
>
> VI. Correction details
>
> The following list contains the revision numbers of each file that was
> corrected in FreeBSD.
>
> Branch Revision
> Path
> - -------------------------------------------------------------------------
> RELENG_4
> src/sys/net/if.c 1.85.2.29
> RELENG_4_11
> src/UPDATING 1.73.2.91.2.4
> src/sys/conf/newvers.sh 1.44.2.39.2.7
> src/sys/net/if.c 1.85.2.28.2.1
> RELENG_4_10
> src/UPDATING 1.73.2.90.2.9
> src/sys/conf/newvers.sh 1.44.2.34.2.10
> src/sys/net/if.c 1.85.2.25.2.1
> RELENG_5
> src/sys/net/if.c 1.199.2.15
> RELENG_5_4
> src/UPDATING 1.342.2.24.2.3
> src/sys/net/if.c 1.199.2.14.2.1
> RELENG_5_3
> src/UPDATING 1.342.2.13.2.12
> src/sys/conf/newvers.sh 1.62.2.15.2.14
> src/sys/net/if.c 1.199.2.7.2.3
> - -------------------------------------------------------------------------
>
> The latest revision of this advisory is available at
> ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:04.ifconf.asc
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.0 (FreeBSD)
>
> iD8DBQFCXx8LFdaIBMps37IRAgEiAKCYfnAMPrVe72OPJMWtzMNrYmlPNgCfXRNe
> RYDaRrNgFPGsFWTuVujelco=
> =xLuH
> -----END PGP SIGNATURE-----
> _______________________________________________
> [EMAIL PROTECTED] mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security-notifications
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
--
.''`. Proudly running Debian GNU/kFreeBSD unstable/unreleased (on UFS2+S)
: :' :
`. `' http://www.debian.org/ports/kfreebsd-gnu
`-
---------------------------------------
Received: (at 304766-close) by bugs.debian.org; 15 Apr 2005 14:28:37 +0000
>From [EMAIL PROTECTED] Fri Apr 15 07:28:37 2005
Return-path: <[EMAIL PROTECTED]>
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DMRoD-00044E-00; Fri, 15 Apr 2005 07:28:37 -0700
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1DMRdF-00033d-00; Fri, 15 Apr 2005 10:17:17 -0400
From: Robert Millan <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.55 $
Subject: Bug#304766: fixed in kfreebsd5-source 5.3-9
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Fri, 15 Apr 2005 10:17:17 -0400
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Source: kfreebsd5-source
Source-Version: 5.3-9
We believe that the bug you reported is fixed in the latest version of
kfreebsd5-source, which is due to be installed in the Debian FTP archive:
kfreebsd5-source_5.3-9.diff.gz
to pool/main/k/kfreebsd5-source/kfreebsd5-source_5.3-9.diff.gz
kfreebsd5-source_5.3-9.dsc
to pool/main/k/kfreebsd5-source/kfreebsd5-source_5.3-9.dsc
kfreebsd5-source_5.3-9_all.deb
to pool/main/k/kfreebsd5-source/kfreebsd5-source_5.3-9_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Robert Millan <[EMAIL PROTECTED]> (supplier of updated kfreebsd5-source package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 15 Apr 2005 12:59:58 +0200
Source: kfreebsd5-source
Binary: kfreebsd5-source
Architecture: source all
Version: 5.3-9
Distribution: unstable
Urgency: low
Maintainer: Robert Millan <[EMAIL PROTECTED]>
Changed-By: Robert Millan <[EMAIL PROTECTED]>
Description:
kfreebsd5-source - source code for kernel of FreeBSD 5.3
Closes: 304766
Changes:
kfreebsd5-source (5.3-9) unstable; urgency=low
.
* Fix memory leak in ifconf (FreeBSD-SA-05:04.ifconf / Closes: #304766).
- patches/009_ifconf_memleak.diff: New. Patch from upstream.
Files:
21a6d968af338efcb7f4061d6561755c 684 devel optional kfreebsd5-source_5.3-9.dsc
bda9d7fcd4e4eb78e636298d5d1055de 78149 devel optional
kfreebsd5-source_5.3-9.diff.gz
99a9924b6ebfd4704ee38836ded791d1 13070006 devel optional
kfreebsd5-source_5.3-9_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
iD8DBQFCX6ZhC19io6rUCv8RAjK/AKCIpcqTDTUNmbLmcqnugtE0/Xd0LQCfbRV7
gqHTLMM4+jGjiegF0+yByTY=
=XZns
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
