Bug#928989: linux-image-4.19.0-4-amd64: CVE-2019-11815

2019-05-14 Thread Jeff Cliff 
Package: src:linux
Version: 4.19.28-2
Severity: grave
Tags: security
Justification: user security hole

Dear Maintainer,

An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux 
kernel before 5.0.8. 
There is a race condition leading to a use-after-free, related to net namespace 
cleanup.

the security-tracker is tracking this issue but there does not seem to be a bug 
report for it

https://security-tracker.debian.org/tracker/CVE-2019-11815

Fixed by: https://git.kernel.org/linus/cb66ddd156203daefb8d71158036b27b0e2caf63

currently affects: buster/testing, stable
currently does not affect: sid


-- Package-specific info:
** Version:
Linux version 4.19.0-4-amd64 (debian-ker...@lists.debian.org) (gcc version 
8.3.0 (Debian 8.3.0-2)) #1 SMP Debian 4.19.28-2 (2019-03-15)

** Command line:
BOOT_IMAGE=/boot/vmlinuz-4.19.0-4-amd64 
root=UUID=6fa86bad-c261-44db-8fc0-f7bd76dc2be3 ro quiet

** Not tainted

** Kernel log:
Unable to read kernel log; any relevant messages should be attached

-- System Information:
Debian Release: buster/sid
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_CA:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages linux-image-4.19.0-4-amd64 depends on:
ii  initramfs-tools [linux-initramfs-tool]  0.133
ii  kmod26-1
ii  linux-base  4.5

Versions of packages linux-image-4.19.0-4-amd64 recommends:
ii  apparmor 2.13.2-10
ii  firmware-linux-free  3.4
ii  irqbalance   1.5.0-3

Versions of packages linux-image-4.19.0-4-amd64 suggests:
ii  debian-kernel-handbook  1.0.19
ii  grub-pc 2.02+dfsg1-16
pn  linux-doc-4.19  

Versions of packages linux-image-4.19.0-4-amd64 is related to:
pn  firmware-amd-graphics 
pn  firmware-atheros  
pn  firmware-bnx2 
pn  firmware-bnx2x
pn  firmware-brcm80211
pn  firmware-cavium   
pn  firmware-intel-sound  
pn  firmware-intelwimax   
pn  firmware-ipw2x00  
pn  firmware-ivtv 
pn  firmware-iwlwifi  
pn  firmware-libertas 
pn  firmware-linux-nonfree
pn  firmware-misc-nonfree 
pn  firmware-myricom  
pn  firmware-netxen   
pn  firmware-qlogic   
pn  firmware-realtek  
pn  firmware-samsung  
pn  firmware-siano
pn  firmware-ti-connectivity  
pn  xen-hypervisor

-- debconf-show failed

Bug#887765: python3-coverage: FTBFS

2018-01-19 Thread Jeff Cliff 
Package: python3-coverage
Version: FTBFS ImportError: No module named sphinx_rtd_theme
Severity: serious
Justification: fails to build from source

Dear Maintainer,

from debuild -us -uc -b :

x86_64-linux-gnu-gcc -pthread -shared -Wl,-O1 -Wl,-Bsymbolic-functions 
-Wl,-z,relro -Wl,-z,relro -Wl,-z,now -g -O2 
-fdebug-prefix-map=/home/themusicgod1/python/python-coverage-4.2+dfsg.1=. 
-fstack-protector-strong -Wformat -Werror=format-security -Wdate-time 
-D_FORTIFY_SOURCE=2 build/temp.linux-amd64-3.5/coverage/ctracer/datastack.o 
build/temp.linux-amd64-3.5/coverage/ctracer/filedisp.o 
build/temp.linux-amd64-3.5/coverage/ctracer/module.o 
build/temp.linux-amd64-3.5/coverage/ctracer/tracer.o -o 
/home/themusicgod1/python/python-coverage-4.2+dfsg.1/.pybuild/pythonX.Y_3.5/build/coverage/tracer.cpython-35m-x86_64-linux-gnu.so
sphinx-build -N -bhtml doc/ \
 doc/_build/html/
 Running Sphinx v1.4.9
 making output directory...

Exception occurred:
  File "conf.py", line 107, in 
  ImportError: No module named sphinx_rtd_theme
  The full traceback has been saved in /tmp/sphinx-err-AINte2.log, if you want 
to report the issue to the developers.
  Please also report this if it was a user error, so that a better error 
message can be provided next time.
  A bug report can be filed in the tracker at 
<https://github.com/sphinx-doc/sphinx/issues>. Thanks!
  debian/rules:160: recipe for target 'override_dh_auto_build' failed
  make[1]: *** [override_dh_auto_build] Error 1
  make[1]: Leaving directory 
'/home/themusicgod1/python/python-coverage-4.2+dfsg.1'
  debian/rules:72: recipe for target 'build' failed
  make: *** [build] Error 2
  dpkg-buildpackage: error: debian/rules build gave error exit status 2
  debuild: fatal error at line 1116:
  dpkg-buildpackage -rfakeroot -us -uc -b failed

themusicgod1@wicksell:~/python/python-coverage-4.2+dfsg.1$ cat 
/tmp/sphinx-err-AINte2.log
  # Sphinx version: 1.4.9
  # Python version: 2.7.13 (CPython)
  # Docutils version: 0.13.1 release
  # Jinja2 version: 2.8
  # Last messages:

# Loaded extensions:
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/sphinx/cmdline.py", line 243, in main
opts.warningiserror, opts.tags, opts.verbosity, opts.jobs)
File "/usr/lib/python2.7/dist-packages/sphinx/application.py", line 137, in 
__init__
confoverrides or {}, self.tags)
File "/usr/lib/python2.7/dist-packages/sphinx/config.py", line 287, in __init__
execfile_(filename, config)
File "/usr/lib/python2.7/dist-packages/sphinx/util/pycompat.py", line 130, in 
execfile_
exec_(code, _globals)
File "/usr/lib/python2.7/dist-packages/six.py", line 699, in exec_
exec("""exec _code_ in _globs_, _locs_""")
File "", line 1, in 
File "conf.py", line 107, in 
ImportError: No module named sphinx_rtd_theme

This happens when installing via apt-src install python3-coverage on both 
debian stable as well as ubuntu artful/bionic ( see ubuntu bug : 
https://bugs.launchpad.net/ubuntu/+source/python-coverage/+bug/1744365 )

( In the case of ubuntu bionic, there is some complaining about 
python3-sphinxcontrib.spelling as well but that might be out of scope for this 
ticket, see launchpad for details )

Jeff Cliff


-- System Information:
Debian Release: 9.3
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-debug'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_CA:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages python3-coverage depends on:
ii  libc6  2.24-11+deb9u1
ii  python33.5.3-1
ii  python3-pkg-resources  33.1.1-1

Versions of packages python3-coverage recommends:
ii  libjs-jquery3.1.1-2
pn  libjs-jquery-hotkeys
pn  libjs-jquery-isonscreen 
ii  libjs-jquery-tablesorter11-3
pn  libjs-jquery-throttle-debounce  

Versions of packages python3-coverage suggests:
pn  python-coverage-doc