Processed: Re: Bug#811281: kfreebsd-10: filemon and bmake meta-mode stability issues [EN-16:01]
Processing commands for cont...@bugs.debian.org:
> notfound 811281 kfreebsd-10/10.1~svn274115-4+kbsd8u1
Bug #811281 {Done: Steven Chamberlain } [src:kfreebsd-10]
kfreebsd-10: filemon and bmake meta-mode stability issues [EN-16:01]
No longer marked as found in versions kfreebsd-10/10.1~svn274115-4+kbsd8u1.
> notfound 811281 kfreebsd-10/10.1~svn274115-10
Bug #811281 {Done: Steven Chamberlain } [src:kfreebsd-10]
kfreebsd-10: filemon and bmake meta-mode stability issues [EN-16:01]
No longer marked as found in versions kfreebsd-10/10.1~svn274115-10.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
811281: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=811281
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Bug#811281: marked as done (kfreebsd-10: filemon and bmake meta-mode stability issues [EN-16:01])
Your message dated Mon, 18 Jan 2016 02:23:10 + with message-id <20160118022309.gd17...@pyro.eu.org> and subject line Re: Bug#811281: kfreebsd-10: filemon and bmake meta-mode stability issues [EN-16:01] has caused the Debian Bug report #811281, regarding kfreebsd-10: filemon and bmake meta-mode stability issues [EN-16:01] to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 811281: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=811281 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:kfreebsd-10 Version: 10.1~svn274115-4+kbsd8u1 Severity: important Tags: upstream Control: found -1 10.1~svn274115-10 kfreebsd's filemon.ko kernel module, not loaded by default and likely not being used yet, has bugs that can cause kernel panics if used: https://security.FreeBSD.org/advisories/FreeBSD-EN-16:01.filemon.asc This affects kfreebsd-10, possibly also kfreebsd-9 in wheezy but we likely won't backport this fix as kfreebsd-9 is near end-of-life. --- End Message --- --- Begin Message --- Source-Version: 10.1~svn274115-4+kbsd8u1 Control: notfound -1 10.1~svn274115-10 Steven Chamberlain wrote: > kfreebsd's filemon.ko kernel module, not loaded by default and > likely not being used yet, has bugs that can cause kernel panics > if used: > > https://security.FreeBSD.org/advisories/FreeBSD-EN-16:01.filemon.asc > > This affects kfreebsd-10, possibly also kfreebsd-9 in wheezy but we > likely won't backport this fix as kfreebsd-9 is near end-of-life. Actually, upstream only released patches for 10.2, so never mind about this bug. Regards, -- Steven Chamberlain ste...@pyro.eu.org signature.asc Description: Digital signature --- End Message ---
Bug#811315: getdns: FTBFS[kfreebsd]: needs getentropy implementation
Package: getdns
Version: 0.9.0-1
Severity: normal
Tags: patch
Hi,
getdns FTBFS on kfreebsd because it lacks a getentropy implementation
for the FreeBSD kernel. But there is one already in LibreSSL Portable
we can use, and works fine here.
Please find patch attached. Thanks!
-- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: kfreebsd-amd64 (x86_64)
Kernel: kFreeBSD 10.1-0-amd64
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
From: Steven Chamberlain
Date: Sun, 17 Jan 2016 21:25:04 +
Subject: Add GNU/kFreeBSD support
Import getentropy_freebsd.c from LibreSSL Portable, an implementation of
getentropy(2) that uses FreeBSD's kern.random sysctl.
Add support for GNU/kFreeBSD by matching *FreeBSD in configure.ac
and building getentropy_freebsd in that case. This hasn't been
tested yet on regular FreeBSD, which may require extra libs.
--- a/configure.ac
+++ b/configure.ac
@@ -988,6 +988,10 @@
fi
AC_SEARCH_LIBS([clock_gettime], [rt])
;;
+ *FreeBSD)
+ AC_LIBOBJ(getentropy_freebsd)
+ AC_CHECK_HEADERS([sys/sysctl.h],,, [AC_INCLUDES_DEFAULT])
+ ;;
Linux|*)
AC_LIBOBJ(getentropy_linux)
dnl AC_CHECK_FUNCS([SHA512_Update],,[
--- /dev/null
+++ b/src/compat/getentropy_freebsd.c
@@ -0,0 +1,62 @@
+/* $OpenBSD: getentropy_freebsd.c,v 1.1 2014/11/03 06:23:30 bcook Exp $ */
+
+/*
+ * Copyright (c) 2014 Pawel Jakub Dawidek
+ * Copyright (c) 2014 Brent Cook
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Emulation of getentropy(2) as documented at:
+ * http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/getentropy.2
+ */
+
+#include
+#include
+
+#include
+#include
+
+/*
+ * Derived from lib/libc/gen/arc4random.c from FreeBSD.
+ */
+static size_t
+getentropy_sysctl(u_char *buf, size_t size)
+{
+ int mib[2];
+ size_t len, done;
+
+ mib[0] = CTL_KERN;
+ mib[1] = KERN_ARND;
+ done = 0;
+
+ do {
+ len = size;
+ if (sysctl(mib, 2, buf, &len, NULL, 0) == -1)
+ return (done);
+ done += len;
+ buf += len;
+ size -= len;
+ } while (size > 0);
+
+ return (done);
+}
+
+int
+getentropy(void *buf, size_t len)
+{
+ if (len <= 256 && getentropy_sysctl(buf, len) == len)
+ return (0);
+
+ errno = EIO;
+ return (-1);
+}
Bug#811238: FTBFS: error: ld returned 1 exit status
Martin Michlmayr wrote: > > --- libutil-freebsd.so.9 --- > > building shared library libutil-freebsd.so.9 > > fparseln.So: In function `fparseln': > > /<>/lib/libutil/fparseln.c:115: warning: This functions cannot > > be safely ported, use getline(3) instead, as it is supported by GNU and > > POSIX.1-2008. > > collect2: error: ld returned 1 exit status > > *** [libutil-freebsd.so.9] Error code 1 The package build unfortunately does not show the linker invocation, but here it is: | cc -fstack-protector -shared -Wl,-x -Wl,--fatal-warnings -Wl,--warn-shared-textrel -o libutil-freebsd.so.9 -Wl,-soname,libutil-freebsd.so.9 auth.So expand_number.So fparseln.So gr_util.So hexdump.So humanize_number.So login_class.So pidfile.So stub.So trimdomain.So uucplock.So login_cap.So flopen.So _secure_path.So -lbsd -lfreebsd-glue | fparseln.So: In function `fparseln': | lib/libutil/fparseln.c:115: warning: This functions cannot be safely ported, use getline(3) instead, as it is supported by GNU and POSIX.1-2008. | collect2: error: ld returned 1 exit status The warning is fatal due to -Wl,--fatal-warnings, and is coming from libbsd-dev; this should be fairly straightforward to fix. Thanks for the report, Regards, -- Steven Chamberlain ste...@pyro.eu.org signature.asc Description: Digital signature
Re: Bug#811063: gcc-6: FTBFS on kfreebsd-amd64 and kfreebsd-i386
Hi, Svante Signell wrote: > I think the same patch applies to the kfreebsd-* builds as well. Adding the > kfreebsd usertag to this bug. Thank you very much, Svante! The attached inter-diff against ada-kfreebsd.diff fixes this for kfreebsd also. Regards, -- Steven Chamberlain ste...@pyro.eu.org --- debian/patches/ada-kfreebsd.diff.orig 2016-01-16 23:04:12.0 + +++ debian/patches/ada-kfreebsd.diff 2016-01-17 03:03:11.705211634 + @@ -234,7 +234,17 @@ function To_Duration (TS : timespec) return Duration; pragma Inline (To_Duration); -@@ -437,31 +441,25 @@ package System.OS_Interface is +@@ -330,8 +334,7 @@ package System.OS_Interface is +-- returns the stack base of the specified thread. Only call this function +-- when Stack_Base_Available is True. + +- function Get_Page_Size return size_t; +- function Get_Page_Size return Address; ++ function Get_Page_Size return int; +pragma Import (C, Get_Page_Size, "getpagesize"); +-- Returns the size of a page + +@@ -437,31 +440,25 @@ package System.OS_Interface is PTHREAD_PRIO_PROTECT : constant := 2; PTHREAD_PRIO_INHERIT : constant := 1; @@ -270,7 +280,7 @@ type struct_sched_param is record sched_priority : int; -- scheduling priority -@@ -588,8 +586,8 @@ private +@@ -588,8 +585,8 @@ private -- #define sa_handler __sigaction_u._handler -- #define sa_sigaction __sigaction_u._sigaction @@ -281,7 +291,7 @@ -- sigcontext type is opaque, so it is architecturally neutral. -- It is always passed as an access type, so define it as an empty record -- since the contents are not used anywhere. -@@ -606,9 +604,6 @@ private +@@ -606,9 +603,6 @@ private end record; pragma Convention (C, timespec); signature.asc Description: Digital signature
Processed: Re: Bug#811278: kfreebsd-10: CVE-2016-1880: Linux compatibility layer incorrect futex handling [SA-16:03]
Processing commands for cont...@bugs.debian.org: > retitle 811278 kfreebsd-10: CVE-2016-1880: Linux compatibility layer > incorrect futex handling [SA-16:03] Bug #811278 [src:kfreebsd-10] kfreebsd-10: CVE-2016-1880: Linux compatibility layer incorrect futex handling [SA-16:02] Changed Bug title to 'kfreebsd-10: CVE-2016-1880: Linux compatibility layer incorrect futex handling [SA-16:03]' from 'kfreebsd-10: CVE-2016-1880: Linux compatibility layer incorrect futex handling [SA-16:02]' > thanks Stopping processing here. Please contact me if you need assistance. -- 811278: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=811278 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#811282: kfreebsd-10: Invalid TCP checksums with pf(4) [EN-16:02]
Package: src:kfreebsd-10 Version: 10.1~svn274115-4+kbsd8u1 Severity: important Tags: upstream Control: found -1 10.1~svn274115-10 kfreebsd's implementation of PF packet filter can generate wrong TCP checksum on outgoing packets, when used with certain NICs, likely causing connection problems or reduced performance: https://www.freebsd.org/security/advisories/FreeBSD-EN-16:02.pf.asc This affects kfreebsd-10, and kfreebsd-9 in wheezy.
Processed: kfreebsd-10: Invalid TCP checksums with pf(4) [EN-16:02]
Processing control commands: > found -1 10.1~svn274115-10 Bug #811282 [src:kfreebsd-10] kfreebsd-10: Invalid TCP checksums with pf(4) [EN-16:02] Marked as found in versions kfreebsd-10/10.1~svn274115-10. -- 811282: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=811282 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: kfreebsd-10: filemon and bmake meta-mode stability issues [EN-16:01]
Processing control commands: > found -1 10.1~svn274115-10 Bug #811281 [src:kfreebsd-10] kfreebsd-10: filemon and bmake meta-mode stability issues [EN-16:01] Marked as found in versions kfreebsd-10/10.1~svn274115-10. -- 811281: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=811281 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#811281: kfreebsd-10: filemon and bmake meta-mode stability issues [EN-16:01]
Package: src:kfreebsd-10 Version: 10.1~svn274115-4+kbsd8u1 Severity: important Tags: upstream Control: found -1 10.1~svn274115-10 kfreebsd's filemon.ko kernel module, not loaded by default and likely not being used yet, has bugs that can cause kernel panics if used: https://security.FreeBSD.org/advisories/FreeBSD-EN-16:01.filemon.asc This affects kfreebsd-10, possibly also kfreebsd-9 in wheezy but we likely won't backport this fix as kfreebsd-9 is near end-of-life.
Bug#811280: kfreebsd-10: CVE-2016-1882: TCP MD5 signature denial of service [SA-16:05]
Package: src:kfreebsd-10 Version: 10.1~svn274115-4+kbsd8u1 Severity: grave Tags: security upstream Control: found -1 10.1~svn274115-10 kfreebsd's TCP stack is vulnerable to local (and possibly remote under extreme conditions) denial of service (kernel panic). https://security.FreeBSD.org/advisories/FreeBSD-SA-16:05.tcp.asc This affects kfreebsd-10, and also kfreebsd-9 in wheezy.
Processed: kfreebsd-10: CVE-2016-1882: TCP MD5 signature denial of service [SA-16:05]
Processing control commands: > found -1 10.1~svn274115-10 Bug #811280 [src:kfreebsd-10] kfreebsd-10: CVE-2016-1882: TCP MD5 signature denial of service [SA-16:05] Marked as found in versions kfreebsd-10/10.1~svn274115-10. -- 811280: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=811280 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#811279: kfreebsd-10: CVE-2016-1881: Linux compatibility layer setgroups(2) system call vulnerability [SA-16:04]
Package: src:kfreebsd-10 Version: 10.1~svn274115-4+kbsd8u1 Severity: grave Tags: security upstream Control: found -1 10.1~svn274115-10 kfreebsd's Linux binary compatibility layer (linux.ko module) may vulnerable to local privilege escalation or denial of service (kernel panic). This module is typically not used by Debian GNU/kFreeBSD unless the system administrator has enabled it. https://security.FreeBSD.org/advisories/FreeBSD-SA-16:04.linux.asc This affects kfreebsd-10, and also kfreebsd-9 in wheezy.
Processed: kfreebsd-10: CVE-2016-1881: Linux compatibility layer setgroups(2) system call vulnerability [SA-16:04]
Processing control commands: > found -1 10.1~svn274115-10 Bug #811279 [src:kfreebsd-10] kfreebsd-10: CVE-2016-1881: Linux compatibility layer setgroups(2) system call vulnerability [SA-16:04] Marked as found in versions kfreebsd-10/10.1~svn274115-10. -- 811279: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=811279 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#811278: kfreebsd-10: CVE-2016-1880: Linux compatibility layer incorrect futex handling [SA-16:02]
Package: src:kfreebsd-10 Version: 10.1~svn274115-4+kbsd8u1 Severity: grave Tags: security upstream Control: found -1 10.1~svn274115-10 kfreebsd's Linux binary compatibility layer (linux.ko module) may be vulnerable to local privilege escalation. This module is typically not used by Debian GNU/kFreeBSD unless the system administrator has enabled it. https://security.FreeBSD.org/advisories/FreeBSD-SA-16:03.linux.asc This affects kfreebsd-10, and also kfreebsd-9 in wheezy.
Processed: kfreebsd-10: CVE-2016-1880: Linux compatibility layer incorrect futex handling [SA-16:02]
Processing control commands: > found -1 10.1~svn274115-10 Bug #811278 [src:kfreebsd-10] kfreebsd-10: CVE-2016-1880: Linux compatibility layer incorrect futex handling [SA-16:02] Marked as found in versions kfreebsd-10/10.1~svn274115-10. -- 811278: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=811278 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: kfreebsd-10: CVE-2016-1879: SCTP ICMPv6 error message vulnerability [SA-16:01]
Processing control commands: > found -1 10.1~svn274115-10 Bug #811277 [src:kfreebsd-10] kfreebsd-10: CVE-2016-1879: SCTP ICMPv6 error message vulnerability [SA-16:01] Marked as found in versions kfreebsd-10/10.1~svn274115-10. -- 811277: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=811277 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#811277: kfreebsd-10: CVE-2016-1879: SCTP ICMPv6 error message vulnerability [SA-16:01]
Package: src:kfreebsd-10 Version: 10.1~svn274115-4+kbsd8u1 Severity: grave Tags: security upstream Control: found -1 10.1~svn274115-10 Specially crafted SCTP packets via IPv6 can trigger remote denial of service in kfreebsd-10, even if SCTP sockets are not used. https://security.FreeBSD.org/advisories/FreeBSD-SA-16:01.sctp.asc SCTP is disabled in wheezy's latest kfreebsd-9 package, otherwise it would have been affected by this too.
