Hi,
Michael Gilbert wrote:
> Please consider unblocking kfreebsd-10. It fixes 2 security issues:
> https://security-tracker.debian.org/kfreebsd-10
A debdiff is attached.
The other change is to limit the arch-dep packages to kfreebsd-any
(which was forgotten in the previous upload).
Thanks,
Regards,
--
Steven Chamberlain
ste...@pyro.eu.org
diff -Nru kfreebsd-10-10.1~svn274115/debian/changelog
kfreebsd-10-10.1~svn274115/debian/changelog
--- kfreebsd-10-10.1~svn274115/debian/changelog 2014-12-28 11:41:23.0
+
+++ kfreebsd-10-10.1~svn274115/debian/changelog 2015-01-28 01:18:06.0
+
@@ -1,3 +1,16 @@
+kfreebsd-10 (10.1~svn274115-2) unstable; urgency=high
+
+ * Pick SVN r277808 from FreeBSD 10.1-RELEASE to fix:
+- SA-15:02: SCTP SCTP_SS_VALUE kernel memory corruption and
+ disclosure vulnerability (CVE-2014-8612) (Closes: #776415)
+- SA-15:03: SCTP stream reset vulnerability (CVE-2014-8613)
+ (Closes: #776416)
+ * Build kernel images only on kfreebsd-any arches, so that any
+security or other RC-severity kernel bugs will not affect the
+official jessie release
+
+ -- Steven Chamberlain Tue, 27 Jan 2015 20:02:52 +
+
kfreebsd-10 (10.1~svn274115-1) unstable; urgency=medium
[ Steven Chamberlain ]
@@ -6,9 +19,6 @@
(CVE-2014-8476) (Closes: #768108)
* Replace non-DFSG-free ar9300_devid.h with a 3-clause BSD substitute
derived from Linux ath9k driver (Closes: #767583)
- * Build kernel images only on kfreebsd-any arches, so that any
-security or other RC-severity kernel bugs will not affect the
-official jessie release
[ Christoph Egger ]
* Upload to unstable
diff -Nru kfreebsd-10-10.1~svn274115/debian/control
kfreebsd-10-10.1~svn274115/debian/control
--- kfreebsd-10-10.1~svn274115/debian/control 2014-10-20 22:19:28.0
+0100
+++ kfreebsd-10-10.1~svn274115/debian/control 2015-01-27 20:40:49.0
+
@@ -51,7 +51,7 @@
Package: kfreebsd-image-10.1-0-amd64
-Architecture: any-amd64
+Architecture: kfreebsd-amd64
Depends: ${misc:Depends},
freebsd-utils (>= 8.1-5) [kfreebsd-any], kldutils (>= 7.1) [kfreebsd-any],
devd [kfreebsd-any] | freebsd-utils (<< 8.2+ds2-9) [kfreebsd-any],
@@ -79,7 +79,7 @@
This package is compiled for a amd64-class machine.
Package: kfreebsd-image-10-amd64
-Architecture: any-amd64
+Architecture: kfreebsd-amd64
Depends: kfreebsd-image-10.1-0-amd64, ${misc:Depends}
Description: kernel of FreeBSD 10 image (meta-package)
This package depends on the latest binary image for kernel of FreeBSD 10 on
@@ -496,7 +496,7 @@
This package contains zlib modules.
Package: kfreebsd-image-10.1-0-486
-Architecture: any-i386
+Architecture: kfreebsd-i386
Depends: ${misc:Depends},
freebsd-utils (>= 8.1-5) [kfreebsd-any], kldutils (>= 7.1) [kfreebsd-any],
devd [kfreebsd-any] | freebsd-utils (<< 8.2+ds2-9) [kfreebsd-any],
@@ -524,7 +524,7 @@
This package is compiled for a 486-class machine.
Package: kfreebsd-image-10-486
-Architecture: any-i386
+Architecture: kfreebsd-i386
Depends: kfreebsd-image-10.1-0-486, ${misc:Depends}
Description: kernel of FreeBSD 10 image (meta-package)
This package depends on the latest binary image for kernel of FreeBSD 10 on
@@ -549,7 +549,7 @@
486-class machines.
Package: kfreebsd-image-10.1-0-686
-Architecture: any-i386
+Architecture: kfreebsd-i386
Depends: ${misc:Depends},
freebsd-utils (>= 8.1-5) [kfreebsd-any], kldutils (>= 7.1) [kfreebsd-any],
devd [kfreebsd-any] | freebsd-utils (<< 8.2+ds2-9) [kfreebsd-any],
@@ -577,7 +577,7 @@
This package is compiled for a 686-class machine.
Package: kfreebsd-image-10-686
-Architecture: any-i386
+Architecture: kfreebsd-i386
Depends: kfreebsd-image-10.1-0-686, ${misc:Depends}
Description: kernel of FreeBSD 10 image (meta-package)
This package depends on the latest binary image for kernel of FreeBSD 10 on
@@ -602,7 +602,7 @@
686-class machines.
Package: kfreebsd-image-10.1-0-xen
-Architecture: any-i386
+Architecture: kfreebsd-i386
Depends: ${misc:Depends},
freebsd-utils (>= 8.1-5) [kfreebsd-any], kldutils (>= 7.1) [kfreebsd-any],
devd [kfreebsd-any] | freebsd-utils (<< 8.2+ds2-9) [kfreebsd-any],
@@ -630,7 +630,7 @@
This package is compiled for a xen-class machine.
Package: kfreebsd-image-10-xen
-Architecture: any-i386
+Architecture: kfreebsd-i386
Depends: kfreebsd-image-10.1-0-xen, ${misc:Depends}
Description: kernel of FreeBSD 10 image (meta-package)
This package depends on the latest binary image for kernel of FreeBSD 10 on
diff -Nru kfreebsd-10-10.1~svn274115/debian/patches/SA-15_02.kmem.patch
kfreebsd-10-10.1~svn274115/debian/patches/SA-15_02.kmem.patch
--- kfreebsd-10-10.1~svn274115/debian/patches/SA-15_02.kmem.patch
1970-01-01 01:00:00.0 +0100
+++ kfreebsd-10-10.1~svn274115/debian/patches/SA-15_02.kmem.patch
2015-01-27 20:37:34.0 +
@@ -0,0 +1,51 @@
+Description:
+ Fix SCTP SCTP_SS_VALUE kernel memory corruption and
+ disclosur