Your message dated Sat, 6 Apr 2019 07:39:23 +0200
with message-id <307a4dc7-04f0-5715-553e-9dcf3d4f5...@debian.org>
and subject line kfreebsd-8 has been removed from Debian
has caused the Debian Bug report #779202,
regarding kfreebsd-8: CVE-2015-1414: DoS via IGMP packet
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
779202: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779202
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: src:kfreebsd-10
Version: 10.1~svn274115-2
Severity: grave
Tags: security upstream patch
Hi,
A remote DoS was reported in FreeBSD's IGMP packet handling:
https://www.freebsd.org/security/advisories/FreeBSD-SA-15:04.igmp.asc
This affects all our kfreebsd-8, -9, -10 and -11 packages.
I don't know yet if this can be exploited over the public Internet
or only on a local network segment.
As a mitigation, the PF firewall can probably be configured to block
'proto igmp' packets before the kernel processes them.
-- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'stable')
Architecture: kfreebsd-amd64 (x86_64)
Kernel: kFreeBSD 9.0-2-amd64-xenhvm-ipsec
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--- End Message ---
--- Begin Message ---
Version: 8.3-7+rm
kfreebsd-8 is no longer in Debian, I'm therefore closing the remaining
bug reports. If the bug is still present in the current versions
(kfreebsd-10 and kfreebsd-11), feel free to reopen and reassign or file
a new bug report.
Andreas
--- End Message ---
