Debian Bug report logs -
#811277
kfreebsd-10: CVE-2016-1879: SCTP ICMPv6 error message vulnerability [SA-16:01]
Reported by: Steven Chamberlain <steven@pyro.eu.org>
Date: Sun, 17 Jan 2016 15:45:02 UTC
Severity: grave
Tags: security, upstream
Found in versions kfreebsd-10/10.1~svn274115-10, kfreebsd-10/10.1~svn274115-4+kbsd8u1
Fixed in version kfreebsd-10/10.1~svn274115-4+kbsd8u2
Done: Steven Chamberlain <steven@pyro.eu.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>:
Bug#811277; Package src:kfreebsd-10.
(Sun, 17 Jan 2016 15:45:06 GMT) (full text, mbox, link).
Acknowledgement sent
to Steven Chamberlain <steven@pyro.eu.org>:
New Bug report received and forwarded. Copy sent to GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>.
(Sun, 17 Jan 2016 15:45:06 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: src:kfreebsd-10
Version: 10.1~svn274115-4+kbsd8u1
Severity: grave
Tags: security upstream
Control: found -1 10.1~svn274115-10
Specially crafted SCTP packets via IPv6 can trigger remote denial of
service in kfreebsd-10, even if SCTP sockets are not used.
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:01.sctp.asc
SCTP is disabled in wheezy's latest kfreebsd-9 package, otherwise it
would have been affected by this too.
Marked as found in versions kfreebsd-10/10.1~svn274115-10.
Request was from Steven Chamberlain <steven@pyro.eu.org>
to submit@bugs.debian.org.
(Sun, 17 Jan 2016 15:45:06 GMT) (full text, mbox, link).
Reply sent
to Steven Chamberlain <steven@pyro.eu.org>:
You have taken responsibility.
(Tue, 19 Jan 2016 01:42:18 GMT) (full text, mbox, link).
Notification sent
to Steven Chamberlain <steven@pyro.eu.org>:
Bug acknowledged by developer.
(Tue, 19 Jan 2016 01:42:18 GMT) (full text, mbox, link).
Message #12 received at 811277-close@bugs.debian.org (full text, mbox, reply):
Source: kfreebsd-10
Source-Version: 10.1~svn274115-4+kbsd8u2
We believe that the bug you reported is fixed in the latest version of
kfreebsd-10, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 811277@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Steven Chamberlain <steven@pyro.eu.org> (supplier of updated kfreebsd-10 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Mon, 18 Jan 2016 02:35:16 +0000
Source: kfreebsd-10
Binary: kfreebsd-source-10.1 kfreebsd-headers-10.1-0 kfreebsd-image-10.1-0-amd64 kfreebsd-image-10-amd64 kfreebsd-headers-10.1-0-amd64 kfreebsd-headers-10-amd64 kernel-image-10.1-0-amd64-di nic-modules-10.1-0-amd64-di nic-wireless-modules-10.1-0-amd64-di nic-shared-modules-10.1-0-amd64-di serial-modules-10.1-0-amd64-di usb-serial-modules-10.1-0-amd64-di ppp-modules-10.1-0-amd64-di cdrom-modules-10.1-0-amd64-di scsi-core-modules-10.1-0-amd64-di scsi-modules-10.1-0-amd64-di scsi-extra-modules-10.1-0-amd64-di plip-modules-10.1-0-amd64-di floppy-modules-10.1-0-amd64-di loop-modules-10.1-0-amd64-di ipv6-modules-10.1-0-amd64-di nls-core-modules-10.1-0-amd64-di ext2-modules-10.1-0-amd64-di isofs-modules-10.1-0-amd64-di reiserfs-modules-10.1-0-amd64-di fat-modules-10.1-0-amd64-di zfs-modules-10.1-0-amd64-di nfs-modules-10.1-0-amd64-di nullfs-modules-10.1-0-amd64-di md-modules-10.1-0-amd64-di parport-modules-10.1-0-amd64-di nic-usb-modules-10.1-0-amd64-di
sata-modules-10.1-0-amd64-di acpi-modules-10.1-0-amd64-di i2c-modules-10.1-0-amd64-di crypto-modules-10.1-0-amd64-di crypto-dm-modules-10.1-0-amd64-di mmc-core-modules-10.1-0-amd64-di mmc-modules-10.1-0-amd64-di sound-modules-10.1-0-amd64-di zlib-modules-10.1-0-amd64-di kfreebsd-image-10.1-0-486 kfreebsd-image-10-486 kfreebsd-headers-10.1-0-486 kfreebsd-headers-10-486 kfreebsd-image-10.1-0-686 kfreebsd-image-10-686 kfreebsd-headers-10.1-0-686 kfreebsd-headers-10-686 kfreebsd-image-10.1-0-xen kfreebsd-image-10-xen kfreebsd-headers-10.1-0-xen kfreebsd-headers-10-xen kernel-image-10.1-0-486-di nic-modules-10.1-0-486-di nic-wireless-modules-10.1-0-486-di nic-shared-modules-10.1-0-486-di serial-modules-10.1-0-486-di usb-serial-modules-10.1-0-486-di ppp-modules-10.1-0-486-di cdrom-modules-10.1-0-486-di scsi-core-modules-10.1-0-486-di scsi-modules-10.1-0-486-di scsi-extra-modules-10.1-0-486-di plip-modules-10.1-0-486-di floppy-modules-10.1-0-486-di
loop-modules-10.1-0-486-di ipv6-modules-10.1-0-486-di nls-core-modules-10.1-0-486-di ext2-modules-10.1-0-486-di isofs-modules-10.1-0-486-di reiserfs-modules-10.1-0-486-di fat-modules-10.1-0-486-di zfs-modules-10.1-0-486-di nfs-modules-10.1-0-486-di nullfs-modules-10.1-0-486-di md-modules-10.1-0-486-di parport-modules-10.1-0-486-di nic-usb-modules-10.1-0-486-di sata-modules-10.1-0-486-di acpi-modules-10.1-0-486-di i2c-modules-10.1-0-486-di crypto-modules-10.1-0-486-di crypto-dm-modules-10.1-0-486-di mmc-core-modules-10.1-0-486-di mmc-modules-10.1-0-486-di sound-modules-10.1-0-486-di
zlib-modules-10.1-0-486-di
Architecture: source all
Version: 10.1~svn274115-4+kbsd8u2
Distribution: jessie-kfreebsd
Urgency: high
Maintainer: GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>
Changed-By: Steven Chamberlain <steven@pyro.eu.org>
Description:
acpi-modules-10.1-0-486-di - ACPI support modules (udeb)
acpi-modules-10.1-0-amd64-di - ACPI support modules (udeb)
cdrom-modules-10.1-0-486-di - Esoteric CDROM drivers (udeb)
cdrom-modules-10.1-0-amd64-di - Esoteric CDROM drivers (udeb)
crypto-dm-modules-10.1-0-486-di - devicemapper crypto module (udeb)
crypto-dm-modules-10.1-0-amd64-di - devicemapper crypto module (udeb)
crypto-modules-10.1-0-486-di - crypto modules (udeb)
crypto-modules-10.1-0-amd64-di - crypto modules (udeb)
ext2-modules-10.1-0-486-di - EXT2 filesystem support (udeb)
ext2-modules-10.1-0-amd64-di - EXT2 filesystem support (udeb)
fat-modules-10.1-0-486-di - FAT filesystem support (udeb)
fat-modules-10.1-0-amd64-di - FAT filesystem support (udeb)
floppy-modules-10.1-0-486-di - Floppy driver (udeb)
floppy-modules-10.1-0-amd64-di - Floppy driver (udeb)
i2c-modules-10.1-0-486-di - i2c support modules (udeb)
i2c-modules-10.1-0-amd64-di - i2c support modules (udeb)
ipv6-modules-10.1-0-486-di - IPv6 driver (udeb)
ipv6-modules-10.1-0-amd64-di - IPv6 driver (udeb)
isofs-modules-10.1-0-486-di - ISOFS filesystem support (udeb)
isofs-modules-10.1-0-amd64-di - ISOFS filesystem support (udeb)
kernel-image-10.1-0-486-di - kFreeBSD binary image for the Debian installer (udeb)
kernel-image-10.1-0-amd64-di - kFreeBSD binary image for the Debian installer (udeb)
kfreebsd-headers-10-486 - header files for kernel of FreeBSD 10 (meta-package)
kfreebsd-headers-10-686 - header files for kernel of FreeBSD 10 (meta-package)
kfreebsd-headers-10-amd64 - header files for kernel of FreeBSD 10 (meta-package)
kfreebsd-headers-10-xen - header files for kernel of FreeBSD 10 (meta-package)
kfreebsd-headers-10.1-0 - Common architecture-specific header files for kernel of FreeBSD 1
kfreebsd-headers-10.1-0-486 - header files for kernel of FreeBSD 10.1
kfreebsd-headers-10.1-0-686 - header files for kernel of FreeBSD 10.1
kfreebsd-headers-10.1-0-amd64 - header files for kernel of FreeBSD 10.1
kfreebsd-headers-10.1-0-xen - header files for kernel of FreeBSD 10.1
kfreebsd-image-10-486 - kernel of FreeBSD 10 image (meta-package)
kfreebsd-image-10-686 - kernel of FreeBSD 10 image (meta-package)
kfreebsd-image-10-amd64 - kernel of FreeBSD 10 image (meta-package)
kfreebsd-image-10-xen - kernel of FreeBSD 10 image (meta-package)
kfreebsd-image-10.1-0-486 - kernel of FreeBSD 10.1 image
kfreebsd-image-10.1-0-686 - kernel of FreeBSD 10.1 image
kfreebsd-image-10.1-0-amd64 - kernel of FreeBSD 10.1 image
kfreebsd-image-10.1-0-xen - kernel of FreeBSD 10.1 image
kfreebsd-source-10.1 - source code for kernel of FreeBSD 10.1 with Debian patches
loop-modules-10.1-0-486-di - Loopback filesystem support (udeb)
loop-modules-10.1-0-amd64-di - Loopback filesystem support (udeb)
md-modules-10.1-0-486-di - RAID and LVM support (udeb)
md-modules-10.1-0-amd64-di - RAID and LVM support (udeb)
mmc-core-modules-10.1-0-486-di - MMC/SD/SDIO core modules (udeb)
mmc-core-modules-10.1-0-amd64-di - MMC/SD/SDIO core modules (udeb)
mmc-modules-10.1-0-486-di - MMC/SD card modules (udeb)
mmc-modules-10.1-0-amd64-di - MMC/SD card modules (udeb)
nfs-modules-10.1-0-486-di - NFS filesystem support (udeb)
nfs-modules-10.1-0-amd64-di - NFS filesystem support (udeb)
nic-modules-10.1-0-486-di - Common NIC drivers (udeb)
nic-modules-10.1-0-amd64-di - Common NIC drivers (udeb)
nic-shared-modules-10.1-0-486-di - Shared NIC drivers (udeb)
nic-shared-modules-10.1-0-amd64-di - Shared NIC drivers (udeb)
nic-usb-modules-10.1-0-486-di - USB NIC drivers (udeb)
nic-usb-modules-10.1-0-amd64-di - USB NIC drivers (udeb)
nic-wireless-modules-10.1-0-486-di - Wireless NIC drivers (udeb)
nic-wireless-modules-10.1-0-amd64-di - Wireless NIC drivers (udeb)
nls-core-modules-10.1-0-486-di - Core NLS support (udeb)
nls-core-modules-10.1-0-amd64-di - Core NLS support (udeb)
nullfs-modules-10.1-0-486-di - nullfs filesystem support (udeb)
nullfs-modules-10.1-0-amd64-di - nullfs filesystem support (udeb)
parport-modules-10.1-0-486-di - Parallel port support (udeb)
parport-modules-10.1-0-amd64-di - Parallel port support (udeb)
plip-modules-10.1-0-486-di - PLIP drivers (udeb)
plip-modules-10.1-0-amd64-di - PLIP drivers (udeb)
ppp-modules-10.1-0-486-di - PPP drivers (udeb)
ppp-modules-10.1-0-amd64-di - PPP drivers (udeb)
reiserfs-modules-10.1-0-486-di - Reiser filesystem support (udeb)
reiserfs-modules-10.1-0-amd64-di - Reiser filesystem support (udeb)
sata-modules-10.1-0-486-di - SATA drivers (udeb)
sata-modules-10.1-0-amd64-di - SATA drivers (udeb)
scsi-core-modules-10.1-0-486-di - Core SCSI subsystem (udeb)
scsi-core-modules-10.1-0-amd64-di - Core SCSI subsystem (udeb)
scsi-extra-modules-10.1-0-486-di - Uncommon SCSI drivers (udeb)
scsi-extra-modules-10.1-0-amd64-di - Uncommon SCSI drivers (udeb)
scsi-modules-10.1-0-486-di - SCSI drivers (udeb)
scsi-modules-10.1-0-amd64-di - SCSI drivers (udeb)
serial-modules-10.1-0-486-di - Serial drivers (udeb)
serial-modules-10.1-0-amd64-di - Serial drivers (udeb)
sound-modules-10.1-0-486-di - sound support (udeb)
sound-modules-10.1-0-amd64-di - sound support (udeb)
usb-serial-modules-10.1-0-486-di - USB serial drivers (udeb)
usb-serial-modules-10.1-0-amd64-di - USB serial drivers (udeb)
zfs-modules-10.1-0-486-di - ZFS filesystem support (udeb)
zfs-modules-10.1-0-amd64-di - ZFS filesystem support (udeb)
zlib-modules-10.1-0-486-di - zlib modules (udeb)
zlib-modules-10.1-0-amd64-di - zlib modules (udeb)
Closes: 811277 811278 811279 811280 811282
Changes:
kfreebsd-10 (10.1~svn274115-4+kbsd8u2) jessie-kfreebsd; urgency=high
.
* Pick SVN r293894 from FreeBSD 10.1-RELEASE:
- EN-16:02: Fix invalid TCP checksums with pf(4). (Closes: #811282)
- SA-16:01: Fix SCTP ICMPv6 error message vulnerability.
(CVE-2016-1879) (Closes: #811277)
- SA-16:03: Fix Linux compatibility layer incorrect futex handling.
(CVE-2016-1880) (Closes: #811278)
- SA-16:04: Fix Linux compatibility layer setgroups(2) system call.
(CVE-2016-1881) (Closes: #811279)
- SA-16:05: Fix TCP MD5 signature denial of service.
(CVE-2016-1882) (Closes: #811280)
Checksums-Sha1:
0af35c14941e7d06006f406a313f50e0ba651687 11391 kfreebsd-10_10.1~svn274115-4+kbsd8u2.dsc
f2bcafd92b3a9b7e5bac6c781ef459a404bd2765 152448 kfreebsd-10_10.1~svn274115-4+kbsd8u2.debian.tar.xz
4f92f76ad828e59547df1f9eaed47a46874ba3b3 26292838 kfreebsd-source-10.1_10.1~svn274115-4+kbsd8u2_all.deb
Checksums-Sha256:
d067ddb202bf69e531cb979d1995adbd736fc12491056b8b5b22f1d391d06635 11391 kfreebsd-10_10.1~svn274115-4+kbsd8u2.dsc
a017bf95001f973ded50194568915a384d9b7dd5c9acee3f027f6bcb40adaf4f 152448 kfreebsd-10_10.1~svn274115-4+kbsd8u2.debian.tar.xz
40371bad6815bce1c876eb1da02dbb0a527dc7b9a3e05a16b1b83f435cff30f1 26292838 kfreebsd-source-10.1_10.1~svn274115-4+kbsd8u2_all.deb
Files:
dca81b298029f74321e5809fd94f983f 11391 kernel optional kfreebsd-10_10.1~svn274115-4+kbsd8u2.dsc
8c381dd610b5e08bb234f5cb70d67e10 152448 kernel optional kfreebsd-10_10.1~svn274115-4+kbsd8u2.debian.tar.xz
51d8a5e5cd2988a24e47486e774377ba 26292838 kernel optional kfreebsd-source-10.1_10.1~svn274115-4+kbsd8u2_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBAgAGBQJWnYcsAAoJELrpzbaMAu5Tf4wIALioDmWhQS4H7gDX063e5ZWj
ckkJ+Q+Rjrkw6Fgb/ikOBYeTxbRHgG0GuJGmcSGkG8QItPlp9Y70yn0k1Eh4cCha
OSPcaIiZ7vCTYpelwnUIWH3+OSgIClXzkQSp1xUTw2T4hfwRWO1q7AevAT22ORuM
SfxcFvcyx+Bn1Sl2C1lAhTUJ+ZJrZsBtCDmqgcF/dLht4cRbxo+X6rRcKvH/NlEm
6XwEwFNaa6UdrFockYthZSS+hjG9rOmVAFNxbj0bvtYVAEPphMmKZdPVaBozhdWA
+/I9EaK6cJMhg5m0QI609wPvtrARwWfuEB7iZ37B6P87bg5/WWMqGbdeBeCPJtI=
=A+/W
-----END PGP SIGNATURE-----
Information forwarded
to debian-bugs-dist@lists.debian.org, GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>:
Bug#811277; Package src:kfreebsd-10.
(Wed, 26 Oct 2016 05:51:03 GMT) (full text, mbox, link).
Acknowledgement sent
to "FedEx 2Day A.M." <allan.berry@latexfetischboutique.de>:
Extra info received and forwarded to list. Copy sent to GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>.
(Wed, 26 Oct 2016 05:51:03 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>:
Bug#811277; Package src:kfreebsd-10.
(Wed, 02 Nov 2016 03:15:02 GMT) (full text, mbox, link).
Acknowledgement sent
to "FedEx International MailService" <jonathan.carpenter@novoform.com.ua>:
Extra info received and forwarded to list. Copy sent to GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>.
(Wed, 02 Nov 2016 03:15:02 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>:
Bug#811277; Package src:kfreebsd-10.
(Wed, 02 Nov 2016 16:27:03 GMT) (full text, mbox, link).
Acknowledgement sent
to "FedEx International Ground" <darrell.hurley@aumentareclienti.com>:
Extra info received and forwarded to list. Copy sent to GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>.
(Wed, 02 Nov 2016 16:27:03 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>:
Bug#811277; Package src:kfreebsd-10.
(Wed, 23 Nov 2016 03:36:03 GMT) (full text, mbox, link).
Acknowledgement sent
to "FedEx International MailService" <info@loansfast.ca>:
Extra info received and forwarded to list. Copy sent to GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>.
(Wed, 23 Nov 2016 03:36:03 GMT) (full text, mbox, link).
Message #32 received at 811277@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Hello,
Your parcel has arrived at 22.11.2016. Courier was unable to deliver the parcel to you. Delivery Label is attached to this email.
Ingaborg Reith - Area Manager FedEx , CA
Sincerely
[FedEx.doc (application/msword, attachment)]
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Thu, 29 Dec 2016 09:23:11 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 18:55:47 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon