Your message dated Sat, 6 Apr 2019 07:39:11 +0200
with message-id <5e1c6c15-a00f-d2db-750e-6b70d950a...@debian.org>
and subject line kfreebsd-9 has been removed from Debian
has caused the Debian Bug report #796997,
regarding kfreebsd-9: CVE-2015-5675: IRET privilege escalation
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
796997: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796997
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: kfreebsd-10
Version: 10.1~svn274115-9
Severity: grave
Tags: security upstream patch
Hi,
Local users can trigger a kernel panic, or possibly escalate privileges,
by exploiting a flaw in the IRET handler in kfreebsd-9 and -10:
https://www.freebsd.org/security/advisories/FreeBSD-SA-15:21.amd64.asc
kfreebsd-8 may also be affected, but that release no longer
has security support.
kfreebsd-11 was fixed long ago in SVN r275833.
-- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: kfreebsd-amd64 (x86_64)
Kernel: kFreeBSD 9.0-2-amd64-xenhvm-ipsec
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--- End Message ---
--- Begin Message ---
Version: 9.2-2+rm
kfreebsd-9 is no longer in Debian, I'm therefore closing the remaining
bug reports. If the bug is still present in the current versions
(kfreebsd-10 and kfreebsd-11), feel free to reopen and reassign or file
a new bug report.
Andreas
--- End Message ---
