Package: firmware-brcm80211
Version: 0.43
Severity: critical
Tags: security upstream
Justification: root security hole

Dear Maintainer,

CVE-2017-8386 "BroadPwn" has been around for a while.

It seems Debian ships the relevant firmware in this package.

Could I impose on you to ensure that all is as it should be?

Many thanks.
Mark

https://nvd.nist.gov/vuln/detail/CVE-2017-8386
https://security-tracker.debian.org/tracker/CVE-2017-9417
https://packages.debian.org/search?keywords=firmware-brcm80211
http://boosterok.com/blog/broadpwn/

-- System Information:
Debian Release: 8.9
  APT prefers testing
  APT policy: (1000, 'testing'), (1000, 'stable'), (1000, 'oldstable'), (500, 
'oldstable-updates'), (500, 'oldstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_NZ.UTF-8, LC_CTYPE=en_NZ.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Reply via email to