Your message dated Sun, 06 Mar 2005 21:02:35 -0500
with message-id <[EMAIL PROTECTED]>
and subject line Bug#298233: fixed in kernel-patch-adamantix 1.7
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 5 Mar 2005 21:46:29 +0000
>From [EMAIL PROTECTED] Sat Mar 05 13:46:29 2005
Return-path: <[EMAIL PROTECTED]>
Received: from kitenet.net [64.62.161.42] (postfix)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1D7h6T-0006No-00; Sat, 05 Mar 2005 13:46:29 -0800
Received: from dragon.kitenet.net (n195-212.wireless.ubc.ca [128.189.195.212])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(Client CN "Joey Hess", Issuer "Joey Hess" (verified OK))
by kitenet.net (Postfix) with ESMTP id D33B817F9A
for <[EMAIL PROTECTED]>; Sat, 5 Mar 2005 21:46:28 +0000 (GMT)
Received: by dragon.kitenet.net (Postfix, from userid 1000)
id C91346E0D3; Sat, 5 Mar 2005 13:49:18 -0800 (PST)
Date: Sat, 5 Mar 2005 13:49:17 -0800
From: Joey Hess <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: PaX privilege elevation security bug
Message-ID: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="jI8keyz6grp/JLjh"
Content-Disposition: inline
User-Agent: Mutt/1.5.6+20040907i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
--jI8keyz6grp/JLjh
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Package: kernel-patch-adamantix
Version: 1.6
Severity: grave
Tags: security
PaX is included in kernel-patch-adamantix.
----- Forwarded message from [EMAIL PROTECTED] -----
=46rom: [EMAIL PROTECTED]
Date: Sat, 05 Mar 2005 01:43:44 +0100
To: bugtraq@securityfocus.com
Cc: full-disclosure@lists.netsys.com
Subject: PaX privilege elevation security bug
Reply-To: [EMAIL PROTECTED]
X-mailer: Pegasus Mail for Windows (4.21c)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
PaX privilege elevation security bug
Severity: critical
Description: unprivileged users can execute arbitrary code with
the privileges of the target in any program they or
other users can execute
it is definitely exploitable for local users,
remote exploitability depends on how much control
one can have over executable file mappings in the
target
Affected
versions: all releases since 2003 September
(when vma mirroring was introduced)
Affected
configurations: anyone having SEGMEXEC or RANDEXEC (vma mirroring)
in the kernel's .config file
Fixed versions: patches released today, see http://pax.grsecurity.net
Mitigation: echo "0 0" > /proc/sys/vm/pagetable_cache
this will eliminate the obvious exploit vector only,
patching is still unavoidable
Technical details will be posted to the dailydave mailing list,
probably early next week.
This is a spectacular fuckup, it pretty much destroys what PaX has
always stood and been trusted for. For this and other reasons, PaX
will be terminated on 1st April, 2005, a fitting date... Brad Spengler
offered to take it up but if you're interested in helping as well,
contact [EMAIL PROTECTED]
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
iQA/AwUBQikAPJVtI2Y58IG/EQJbjQCfe0KzZvFRQhzIImxBsbaOBvmQOTcAoIwk
0mFNuwmsx2F3efahYd3bU3mT
=3DyPeF
-----END PGP SIGNATURE-----
----- End forwarded message -----
--=20
see shy jo
--jI8keyz6grp/JLjh
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
iD8DBQFCKildd8HHehbQuO8RAqFrAJ9Fh/5aZiTQhklXwy4+en2F8u5b1wCeNiGk
2w2t7lMK1YDIk01zVKVpBP0=
=OV7Y
-----END PGP SIGNATURE-----
--jI8keyz6grp/JLjh--
---------------------------------------
Received: (at 298233-close) by bugs.debian.org; 7 Mar 2005 02:09:12 +0000
>From [EMAIL PROTECTED] Sun Mar 06 18:09:12 2005
Return-path: <[EMAIL PROTECTED]>
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1D87gG-0000Q4-00; Sun, 06 Mar 2005 18:09:12 -0800
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1D87Zr-0001WF-00; Sun, 06 Mar 2005 21:02:35 -0500
From: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.55 $
Subject: Bug#298233: fixed in kernel-patch-adamantix 1.7
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Sun, 06 Mar 2005 21:02:35 -0500
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Source: kernel-patch-adamantix
Source-Version: 1.7
We believe that the bug you reported is fixed in the latest version of
kernel-patch-adamantix, which is due to be installed in the Debian FTP archive:
kernel-patch-adamantix_1.7.dsc
to pool/main/k/kernel-patch-adamantix/kernel-patch-adamantix_1.7.dsc
kernel-patch-adamantix_1.7.tar.gz
to pool/main/k/kernel-patch-adamantix/kernel-patch-adamantix_1.7.tar.gz
kernel-patch-adamantix_1.7_all.deb
to pool/main/k/kernel-patch-adamantix/kernel-patch-adamantix_1.7_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> (supplier of updated
kernel-patch-adamantix package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 7 Mar 2005 01:05:55 +0100
Source: kernel-patch-adamantix
Binary: kernel-patch-adamantix
Architecture: source all
Version: 1.7
Distribution: unstable
Urgency: high
Maintainer: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]>
Changed-By: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]>
Description:
kernel-patch-adamantix - Kernel patches introduced in Adamantix
Closes: 298233
Changes:
kernel-patch-adamantix (1.7) unstable; urgency=high
.
* Fix privilege escalation bug in PaX (Closes: #298233)
For more information
http://seclists.org/lists/bugtraq/2005/Mar/0106.html
This is [BID-12729] (no CVE reference assigned yet)
This is a deviation from upstream since Adamantix does
not yet provide the patch. This issue is tracked in Adamantix
as Issue #413. For more information see:
http://www.adamantix.org/wiki/IssueNo0413PaXPrivilegeElevationSecurityBug
IMPORTANT NOTE: This is also an _UNTESTED_ patch, I had to
manually derive this by comparing the patchset
pax-linux-2.4.29-200503050030.patch
vs pax-linux-2.4.29-200502120800.patch and the changes I might
have introduced might not be accurate. Please provide feedback
in the BTS.
* For those that do not want to use this patch and would rather use
upstream's:
- Provide the original PaX patchset in the Debian sources and as
a kpatch file. These are only available for 2.4.29, though.
- Provide the original RSBAC patch (version 1.2.4 plus bugfixes
-1 and -2) also in the Debian sources and as a kpatch file. These
are only available for 2.4.29
[ I'm actually considering changing this package's patch into
a number of patches (instead of a unified single patch) to make
it easier to update upstream's patches. ]
Files:
41885ded94d76722e51b2d297e8c1125 687 devel extra kernel-patch-adamantix_1.7.dsc
923cbaebce5312b936908762a66c0569 3176874 devel extra
kernel-patch-adamantix_1.7.tar.gz
b0245798bb2c3b37e38c29ee9920d786 2504610 devel extra
kernel-patch-adamantix_1.7_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
iQCVAwUBQiuu8vtEPvakNq0lAQIakgQAmju1pNk5KBizMvqCnR+EF1/jnsCptmkF
OgbYqNaUgZ6UryNq4xSltdxbc3Tzyxmf9r74Ic2We7V40DQ1XsHMektatvLGzXX7
pkaxVcN5iEGhkAGshCifsvyaV5UHHmypWiVllYhCWILOYL5gFGjnroJ5K4tcg6g2
JeWJ2gpISeM=
=MmZC
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
