Bug#714745:
can confirm this bug in debian stretch still exists. the bug is more broad than the description provided by the original poster. in appears that ANY package that is a dependency of a package to be upgraded can block the security update of the parent package. as such, the package continues to remain vulnerable and exploitable. https://security-tracker.debian.org/tracker/CVE-2017-5019 notice that stretch and sid are still vulnerable. the fix has only been deployed to stable (as a side note, this is also one example of why you SHOULD NOT be running testing or sid as you main distro, as Micah Lee, famed Snowden journalist, does and can be targeted as such because fixes go into stable, sometimes long before sid and testing). so, i wouldn't recommend a "YOLO" approach to running debian sid as your main distro [1] exactly for that reason. if you are running testing or sid, here is a snapshot of the updated packages as of today showing that you are still vulnerable. similar problems apply to other more important packages, like libc, openssl, kernels, etc. jessie (security) 56.0.2924.76-1~deb8u1 fixed stretch 55.0.2883.75-3 vulnerable sid 55.0.2883.75-6 vulnerable anyway, this is also a great confirmation of the bug because the chromium update is blocked on libpng12-0, which is required for the update to proceed. $ apt-cache policy chromium chromium: Installed: 55.0.2883.75-3 Candidate: 56.0.2924.76-1~deb8u1 Version table: 56.0.2924.76-1~deb8u1 500 500 https://deb.debian.org/debian-security stable/updates/main amd64 Packages ... $ cat /etc/apt/apt.conf.d/50unattended-upgrades | egrep -i security "label=Debian-Security"; $ apt list --upgradable Listing... Done chromium/stable 56.0.2924.76-1~deb8u1 amd64 [upgradable from: 55.0.2883.75-3] ... $ sudo unattended-upgrade -d --dry-run ... Starting unattended upgrades script Allowed origins are: ['label=Debian-Security'] Checking: chromium ([]) pkg 'libpng12-0' not in allowed origin sanity check failed see above the the update to chromium is blocked on libpng12-0, which was not required in the prior release $ msg="Requires libpgn12-0?:"; apt show chromium=55.0.2883.75-3 2>/dev/null | egrep -q libpng12-0; if [[ $? -eq 0 ]]; then echo "${msg} YES"; else echo "${msg} NO"; fi Requires libpgn12-0?: NO $ msg="Requires libpgn12-0?:"; apt show chromium=56.0.2924.76-1~deb8u1 2>/dev/null | egrep -q libpng12-0; if [[ $? -eq 0 ]]; then echo "${msg} YES"; else echo "${msg} NO"; fi Requires libpgn12-0?: YES why is it such a big deal? because "yolo"s get pwned, so stay safe... [$8837][671102] High CVE-2017-5007: Universal XSS in Blink. Credit to Mariusz Mlynski [$8000][673170] High CVE-2017-5006: Universal XSS in Blink. Credit to Mariusz Mlynski [$8000][668552] High CVE-2017-5008: Universal XSS in Blink. Credit to Mariusz Mlynski [$7500][663476] High CVE-2017-5010: Universal XSS in Blink. Credit to Mariusz Mlynski [$3000][662859] High CVE-2017-5011: Unauthorised file access in Devtools. Credit to Khalil Zhani [$3000][667504] High CVE-2017-5009: Out of bounds memory access in WebRTC. Credit to Sean Stanek and Chip Bradford [$5500][681843] High CVE-2017-5012: Heap overflow in V8. Credit to Gergely Nagy (Tresorit) [$2000][677716] Medium CVE-2017-5013: Address spoofing in Omnibox. Credit to Haosheng Wang (@gnehsoah) [$2000][675332] Medium CVE-2017-5014: Heap overflow in Skia. Credit to sweetchip [$2000][673971] Medium CVE-2017-5015: Address spoofing in Omnibox. Credit to Armin Razmdjou [$2000][666714] Medium CVE-2017-5019: Use after free in Renderer. Credit to Wadih Matar [$1000][673163] Medium CVE-2017-5016: UI spoofing in Blink. Credit to Haosheng Wang (@gnehsoah) [$500][676975] Medium CVE-2017-5017: Uninitialised memory access in webm video. Credit to danberm [$500][668665] Medium CVE-2017-5018: Universal XSS in chrome://apps. Credit to Rob Wu [$TBD][668653] Medium CVE-2017-5020: Universal XSS in chrome://downloads. Credit to Rob Wu [$N/A][663726] Low CVE-2017-5021: Use after free in Extensions. Credit to Rob Wu [$N/A][663620] Low CVE-2017-5022: Bypass of Content Security Policy in Blink. Credit to 李普君 of 无声信息技术PKAV Team [$N/A][651443] Low CVE-2017-5023: Type confusion in metrics. Credit to the UK's National Cyber Security Centre (NCSC) [$N/A][643951] Low CVE-2017-5024: Heap overflow in FFmpeg. Credit to Paul Mehta [$N/A][643950] Low CVE-2017-5025: Heap overflow in FFmpeg. Credit to Paul Mehta [$500][634108] Low CVE-2017-5026: UI spoofing. Credit to Ronni Skansing [1] https://micahflee.com/2016/01/debian-grsecurity/
Bug#849330: Info received ()
also affects kernel 4.9. 1768 /* 1769 * allocate dram shared table, it is an aligned memory 1770 * block of ICT_SIZE. 1771 * also reset all data related to ICT table interrupt. 1772 */ 1773 int iwl_pcie_alloc_ict(struct iwl_trans *trans) 1774 { 1775 struct iwl_trans_pcie *trans_pcie = IWL_TRANS_GET_PCIE_TRANS(trans); 1776 1777 trans_pcie->ict_tbl = 1778 dma_zalloc_coherent(trans->dev, ICT_SIZE, 1779 &trans_pcie->ict_tbl_dma, 1780 GFP_KERNEL); 1781 if (!trans_pcie->ict_tbl) 1782 return -ENOMEM; 1783 1784 /* just an API sanity check ... it is guaranteed to be aligned */ 1785 if (WARN_ON(trans_pcie->ict_tbl_dma & (ICT_SIZE - 1))) { 1786 iwl_pcie_free_ict(trans); 1787 return -EINVAL; 1788 } 1789 1790 return 0; 1791 } the bug appears at: 1784 /* just an API sanity check ... it is guaranteed to be aligned */ so in fact it does NOT appear to be "guaranteed to be aligned". the assumption may be wrong some other debug / error data: [ 3564.850843] iwlwifi: unknown parameter 'mac80211' ignored ... [ 3574.279039] thermal thermal_zone2: failed to read out thermal zone (-5) ... [ 3578.745673] iwlwifi :03:00.0: Microcode SW error detected. Restarting 0x200. ... [ 3578.746307] 8b928b84 8d4e937a0018 a88b070cf400 [ 3578.746309] c0ad296d 8d4e 8d4e92c570c0 8b6b8ca0 [ 3578.746310] a88b070cf390 a88b070cf390 c3fd1710 a88b070cf400 [ 3578.746312] Call Trace: [ 3578.746315] [] ? dump_stack+0x5c/0x78 [ 3578.746320] [] ? iwl_trans_pcie_send_hcmd+0x3cd/0x4e0 [iwlwifi] [ 3578.746322] [] ? prepare_to_wait_event+0xf0/0xf0 [ 3578.746327] [] ? iwl_mvm_send_cmd+0x23/0x80 [iwlmvm] [ 3578.746330] [] ? iwl_mvm_send_cmd_pdu+0x4f/0x70 [iwlmvm] [ 3578.746332] [] ? iwl_send_paging_cmd.isra.16+0xf4/0x120 [iwlmvm] [ 3578.746334] [] ? iwl_mvm_load_ucode_wait_alive+0x641/0x7a0 [iwlmvm] [ 3578.746335] [] ? 0xc0f41000 [ 3578.746338] [] ? iwl_trans_pcie_start_hw+0xf2/0x2d0 [iwlwifi] [ 3578.746340] [] ? iwl_mvm_up+0x12b/0x5f0 [iwlmvm] [ 3578.746342] [] ? skb_dequeue+0x52/0x60 [ 3578.746344] [] ? wireless_nlevent_flush+0x4f/0x90 [ 3578.746359] [] ? __iwl_mvm_mac_start+0x207/0x310 [iwlmvm] [ 3578.746361] [] ? update_sd_lb_stats+0xe6/0x4b0 [ 3578.746363] [] ? iwl_mvm_mac_start+0x46/0x110 [iwlmvm] [ 3578.746374] [] ? drv_start+0x3a/0xf0 [mac80211] [ 3578.746381] [] ? ieee80211_do_open+0x295/0x980 [mac80211] [ 3578.746389] [] ? ieee80211_check_concurrent_iface+0x11a/0x1e0 [mac80211] [ 3578.746391] [] ? __dev_open+0xc2/0x140 [ 3578.746393] [] ? __dev_change_flags+0x96/0x150 [ 3578.746394] [] ? dev_change_flags+0x23/0x60 [ 3578.746395] [] ? do_setlink+0x30e/0xd20 [ 3578.746397] [] ? __nla_reserve+0x38/0x50 [ 3578.746398] [] ? __nla_put+0xc/0x20 [ 3578.746399] [] ? inet6_fill_ifla6_attrs+0x416/0x430 [ 3578.746401] [] ? inet6_fill_link_af+0x16/0x30 [ 3578.746402] [] ? rtnl_fill_ifinfo+0xac2/0xf50 [ 3578.746403] [] ? rtnl_newlink+0x5c6/0x870 [ 3578.746404] [] ? __netlink_sendskb+0x38/0x60 [ 3578.746406] [] ? fib6_clean_node+0x85/0x170 [ 3578.746408] [] ? security_capable+0x41/0x60 [ 3578.746409] [] ? rtnetlink_rcv_msg+0xe1/0x220 [ 3578.746410] [] ? rtnl_newlink+0x870/0x870 [ 3578.746412] [] ? netlink_rcv_skb+0xa1/0xc0 [ 3578.746413] [] ? rtnetlink_rcv+0x24/0x30 [ 3578.746414] [] ? netlink_unicast+0x184/0x230 [ 3578.746415] [] ? netlink_sendmsg+0x2f8/0x3b0 [ 3578.746416] [] ? sock_sendmsg+0x30/0x40 [ 3578.746417] [] ? ___sys_sendmsg+0x2c2/0x2d0 [ 3578.746419] [] ? proc_get_long.constprop.13+0x11d/0x1b0 [ 3578.746420] [] ? __do_proc_dointvec+0x33d/0x400 [ 3578.746421] [] ? do_proc_douintvec_conv+0x30/0x30 [ 3578.746422] [] ? __do_proc_dointvec+0x33d/0x400 [ 3578.746424] [] ? lockref_put_or_lock+0x5a/0x80 [ 3578.746425] [] ? dput+0x175/0x250 [ 3578.746426] [] ? __sys_sendmsg+0x51/0x90 [ 3578.746428] [] ? system_call_fast_compare_end+0xc/0x9b ... [ 3579.369654] WARNING: CPU: 5 PID: 6215 at /build/linux-fgnWKv/linux-4.9.2/drivers/net/wireless/intel/iwlwifi/pcie/rx.c:1784 iwl_pcie_alloc_ict+0xde/0x100 [iwlwifi]
Bug#849330:
can confirm this bug. removing 8000-C ucode 22 firmware stub works. before removing, you will get errors 99% of the time upon driver load similar to below: "pcie/rx.c iwl_pcie_alloc_ict" "iwlwifi: probe of" "failed with error -22" in rx.c in function iwl_pcie_alloc_ict around line ~1700 (1747?) could be a memory alignment issue with zalloc upon loading the newer (broken) firmware for the 8260 (rev3a)? just some thoughts again, to reiterate the temporary workaround, just: $ sudo rm /lib/firmware/iwlwifi-8000C-22.ucode and then ensure this gets fixed upstream in iwlwifi-8000C-22.ucode before installing any firmware-iwlwifi updates or hold the package: $ sudo apt-mark hold firmware-iwlwifi remove the hold if / when it gets fixed in debian later: $ sudo apt-mark unhold firmware-iwlwifi
Bug#672449: x11vnc: Option -no6 and -noipv6 do not seem to have effect
This bug is STILL present. Also, using the proposed workaround "-rfbportv6 -1" does not seem to have any effect. Is the Debian maintainer active with the upstream developers and looking into a fix? The proper solution is to actually make the "-no6" option NOT bind to any IPv6 / tcp6 interface. For instance, in order to fix this bug and verify it, please ensure the following behavior is corrected: Example: """ # x11vnc -safer -listen 127.0.0.1 -no6 -bg -display :0 2>&1 | egrep -i 'tcp6' 23/07/2014 14:48:42 Autoprobing TCP6 port 23/07/2014 14:48:42 Autoprobing selected TCP6 port 5900 # netstat -plnt | egrep '^tcp6.*/x11vnc' && echo ' THIS HERE MEANS THE "-no6" OPTION IS NOT WORKING' tcp6 0 0 :::5900 :::* LISTEN 9045/x11vnc THIS HERE MEANS THE "-no6" OPTION IS NOT WORKING """ -- Regards, Kristian Erik Hermansen https://www.linkedin.com/in/kristianhermansen https://google.com/+KristianHermansen -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#634930: gpa: GPA unusable due to "General Assuan error"
I was able to compile my own version that works fine. Here is how Debian -- or anyone else that wants to -- can fix the error. There are two options: Option 1: * Debian / Ubuntu need to reintroduce gpa into the repos again, but make gpa depend on libassuan-dev (v1 only -- not v2). * libassuan-dev was recently upgraded to v2, so this broke gpa. * To build properly, the config script MUST be set to assuan API v1, not v2 (should be already). Option 2: * Allow gpa to depend on libassuan-dev v2. * However, to do this, gpa MUST use the new assuan v2 API and change a few function call stubs which violate the new v2 API (using v1 API call stubs). * Then gpa should build fine using the new assuan v2 API. Cheers, -- Kristian Erik Hermansen https://profiles.google.com/kristian.hermansen -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#498020:
Yes, please send the patch to the nmap debian package maintainer!!! Thanks :-) -- Kristian Erik Hermansen -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#406569:
Has this been fixed? I would like to confirm this bug is still present as of today's stable release :-( -- Kristian Erik Hermansen \xeb\xfe -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#323420: Metasploit 3.2 will have new BSD license
On Thu, Nov 6, 2008 at 1:22 AM, Luciano Bello <[EMAIL PROTECTED]> wrote: > Kristian, anarcat and James, >It looks that you are interested in help with this package. Are you > agree if we wait to 3.2 release to start packaging it? Agreed. We will begin after 3.2 is out. Regards... -- Kristian Erik Hermansen http://kristian-hermansen.blogspot.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#323420: Metasploit 3.2 will have new BSD license
On Wed, Nov 5, 2008 at 10:05 AM, Luciano Bello <[EMAIL PROTECTED]> wrote: > El Vie 10 Oct 2008, Kristian Erik Hermansen escribió: >> Please be advised that inclusion of Metasploit 3.2 will be much easier >> given the news that a BSD licensed release of Metasploit 3.2 will be >> available soon! >> http://www.metasploit.com/blog/#blog-0 > > Sorry for the delay, I'm VACed these days (until mid-november). > > IIRC, the problem is with the copyright in the payloads and shellcodes. Can > you check it? I don't believe that is an issue any longer. Could someone from the metasploit legal/dev team please comment on allowing Luciano to pull MSF 3.2 sources into Debian given the new BSD license? Please advise. Thanks! -- Kristian Erik Hermansen http://kristian-hermansen.blogspot.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#323420: Metasploit 3.2 will have new BSD license
Please be advised that inclusion of Metasploit 3.2 will be much easier given the news that a BSD licensed release of Metasploit 3.2 will be available soon! http://www.metasploit.com/blog/#blog-0 -- Kristian Erik Hermansen http://kristian-hermansen.blogspot.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#311505: xmlstarlet doesn't encode double quotes in XPath expressions
This bug still seems present :-( -- Kristian Erik Hermansen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#361001: ITP: eiffelstudio -- Eiffel Development Framework (IDE and Compiler)
Any progress made on getting Eiffel 6.1 GPL into Debian? https://www2.eiffel.com/download/ -- Kristian Erik Hermansen "Know something about everything and everything about something." -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]