[Bug 1713276] Re: CVE-2017-9417 “Broadpwn”
I'm closing this bug due to old age. Please open a new bug if you think the issue still exists. ** Changed in: linux-firmware (Ubuntu) Status: Confirmed => Expired -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1713276 Title: CVE-2017-9417 “Broadpwn” To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-firmware/+bug/1713276/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1713276] Re: CVE-2017-9417 “Broadpwn”
I guess this is fixed in 18.10 due to new firmware files. I've created a new bug on the missing brcmfmac43430-sdio.txt file https://bugs.launchpad.net/ubuntu/+source/linux-firmware/+bug/1799443 . In there I've put a link to a discussion on the license. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1713276 Title: CVE-2017-9417 “Broadpwn” To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-firmware/+bug/1713276/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1713276] Re: CVE-2017-9417 “Broadpwn”
Sorry, same problem as before. There's still no license information, and without that we cannot know if we are allowed to redistribute the firmware. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1713276 Title: CVE-2017-9417 “Broadpwn” To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-firmware/+bug/1713276/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1713276] Re: CVE-2017-9417 “Broadpwn”
New firmware https://www.raspberrypi.org/forums/viewtopic.php?f=63&t=203508 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1713276 Title: CVE-2017-9417 “Broadpwn” To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-firmware/+bug/1713276/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1713276] Re: CVE-2017-9417 “Broadpwn”
The file you linked to does not contain any license information, without that we cannot incorporate it into Ubuntu. In searching I can't find specific information about which firmware version has the fix, but even the RPi-Distro github trees do not seem to have been updated. So I haven't been able to find an updated version of the firmware that we will be able to distribute. Broadcom did push a version of the firmware to upstream linux-firmware at some point, and this is the version we have in Ubuntu's linux- firmware. The best case is for Broadcom to update the firmware there, then we can easily pull it into Ubuntu. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1713276 Title: CVE-2017-9417 “Broadpwn” To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-firmware/+bug/1713276/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1713276] Re: CVE-2017-9417 “Broadpwn”
** Changed in: linux-firmware (Ubuntu) Importance: Undecided => High ** Changed in: linux-firmware (Ubuntu) Status: New => Confirmed ** Changed in: linux-firmware (Ubuntu) Assignee: (unassigned) => Seth Forshee (sforshee) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1713276 Title: CVE-2017-9417 “Broadpwn” To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-firmware/+bug/1713276/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1713276] Re: CVE-2017-9417 “Broadpwn”
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-9417 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1713276 Title: CVE-2017-9417 “Broadpwn” To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-firmware/+bug/1713276/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs