Re: Java defaults for kfreebsd-amd64

2013-06-20 Thread Steven Chamberlain
Hi Rene, On 19/06/13 10:57, Rene Engelhard wrote: > [...] fail > on the kfreebsd-amd64 porterbox as it did on the buildd (yes, I tried > actually I saw that failure mode *before* I uploaded and hoped it would > be just a local problem [...] FYI I've had slightly more luck building this locally on

Re: unblock request for kfreebsd-downloader 9.0-3+deb70.1

2013-06-20 Thread Robert Millan
2013/6/20 Adam D. Barratt : > Out of interest, where did you get the version scheme "+deb70.1" from? I > don't think I've seen that one before (our suggested version would have been > +deb7u1, as per dev-ref). Steven just pointed out (correctly). I take note that +deb7u1 is preferred. Hopefully I

Re: Bug#712848: FTBFS on kfreebsd-*: test-suite hangs and is killed after a timeout

2013-06-20 Thread Petr Salinger
The test-suite for glib2.0 fails to complete on kfreebsd-* as can be seen at [1]. On both kfreebsd-amd64 and kfreebsd-i386 the test-suite is killed after 150 min of inactivity. We would appreciate any help and insight from the kfreebsd to fix those failures on kfreebsd-*. Some observations (k

Processed: Re: Bug#712664: Info received (Bug#712664: kfreebsd-9: CVE-2013-2171: Privilege escalation via mmap)

2013-06-20 Thread Debian Bug Tracking System
Processing commands for cont...@bugs.debian.org: > # grrr > notfound 712664 10.0~svn242489-1 Bug #712664 [src:kfreebsd-9] kfreebsd-9: CVE-2013-2171: Privilege escalation via mmap The source 'kfreebsd-9' and version '10.0~svn242489-1' do not appear to match any binary packages No longer marked as

Processed: Re: Bug#712664: Info received (Bug#712664: kfreebsd-9: CVE-2013-2171: Privilege escalation via mmap)

2013-06-20 Thread Debian Bug Tracking System
Processing commands for cont...@bugs.debian.org: > found 712664 10.0~svn242489-1 Bug #712664 [src:kfreebsd-9] kfreebsd-9: CVE-2013-2171: Privilege escalation via mmap The source 'kfreebsd-9' and version '10.0~svn242489-1' do not appear to match any binary packages Marked as found in versions kfr

Processed: Re: Bug#712664: Info received (Bug#712664: kfreebsd-9: CVE-2013-2171: Privilege escalation via mmap)

2013-06-20 Thread Debian Bug Tracking System
Processing commands for cont...@bugs.debian.org: > forwarded 712664 > http://security.freebsd.org/advisories/FreeBSD-SA-13:06.mmap.asc Bug #712664 [src:kfreebsd-9] kfreebsd-9: CVE-2013-2171: Privilege escalation via mmap Set Bug forwarded-to-address to 'http://security.freebsd.org/advisories/Fr

Bug#712664: kfreebsd-9: CVE-2013-2171: Privilege escalation via mmap

2013-06-20 Thread Steven Chamberlain
A suggested workaround on vulnerable systems is: sysctl security.bsd.unprivileged_proc_debug=0 (which works by disabling some functionality of GDB to non-root users) Also the use of jails or securelevel could reduce the potential damage. Regards, -- Steven Chamberlain ste...@pyro.eu.org -- T

[Debian RT] Bug#712664: kfreebsd-9: CVE-2013-2171: Privilege escalation via mmap

2013-06-20 Thread Steven Chamberlain
Dear Security Team, Please could we upload to wheezy-security with the attached debdiff. A bug allows local privilege escalation, from any non-privileged user to root. I've verified it myself on Debian GNU/kFreeBSD (and that the fix works) with a test procedure in [1], but already a more 'weapon

Re: unblock request for kfreebsd-downloader 9.0-3+deb70.1

2013-06-20 Thread Steven Chamberlain
On 20/06/13 13:06, Adam D. Barratt wrote: > On 2013-06-20 0:25, Robert Millan wrote: >> +kfreebsd-downloader (9.0-3+deb70.1) stable; urgency=low >> + >> + * Switch to people.debian.org URL for kernel.txz download. >> +(Closes: #712816) > > Out of interest, where did you get the version scheme

Re: unblock request for kfreebsd-downloader 9.0-3+deb70.1

2013-06-20 Thread Adam D. Barratt
On 2013-06-20 0:25, Robert Millan wrote: +kfreebsd-downloader (9.0-3+deb70.1) stable; urgency=low + + * Switch to people.debian.org URL for kernel.txz download. +(Closes: #712816) Out of interest, where did you get the version scheme "+deb70.1" from? I don't think I've seen that one befor