gmane.linux.debian.devel.security

Re: [SECURITY] [DSA 2692-1] libxxf86vm security update

Diamondra RAKOTOMAMONJY — 2013-05-23T20:30:39

Hi Moritz,

Thanks for the long update, I guess it would better if you send one mail
with libx*.
:) smile

Regards,
Diamondra


2013/5/23 Moritz Muehlenhoff <jmm< at >debian.org>

Re: [SECURITY] [DSA 2692-1] libxxf86vm security update

col — 2013-05-23T18:37:02

just the one, long, email would have been perfectly acceptable i feel.

On 23/05/13 17:27, Moritz Muehlenhoff wrote:

Re: [SECURITY] [DSA 2692-1] libxxf86vm security update

Dan Borello — 2013-05-23T18:30:07

UNSUBSCRIBE

---------------------------------------------------------
Daniel J. Borello, E.I.T., LEED® AP
Ph.D. Candidate
University of Illinois at Urbana-Champaign
Email: dborello< at >illinois.edu
Website: http://www.DanielJBorello.com
Telephone: (847) 877-6287
---------------------------------------------------------


On Thu, May 23, 2013 at 11:27 AM, Moritz Muehlenhoff <jmm< at >debian.org> wrote:

RE: [SECURITY] [DSA 2676-1] libxfixes security update

Robin Abrahams — 2013-05-23T17:50:38

This has been sent about 6 times now

-------------------------------------------------------------------------
-------------------------------------------------------------------------
multiple
conversions,
to
version
version
version 1:5.0-
listmaster< at >lists.debian.org





This email, including attachments may be privileged, confidential and is intended exclusively for the addressee. The views expressed may not be official policy, but the personal views of the originator. If you have received this email in error please notify the sender and delete it from your system.  Emails are not secure and may contain viruses.  No liability can be accepted for viruses that might be transferred by this email or any attachment.

servicios de Diseño Web, programación, Posicionamiento Web Dominios y Hosting

Servicios WEB — 2013-05-23T06:37:12

Estimados Sres /as, 
 
Tenemos el agrado de comunicarnos para ofrecerles nuestros servicios de Diseño Web, programación, Posicionamiento Web Dominios y Hosting. Contamos con la experiencia de 11 años en el mercado. 
- Diseño Web 
- Rediseño Web 
- Posicionamiento en buscadores. 
- Alojamiento Web 
- Registros de Dominios 
- Programación de Intranet y Extranet 
- Tiendas Virtuales con Pasarela de Pagos 
- Catálogos de Productos 
- E-learnings 
- Social Media 
Chats (Istalación gratis por 14 dias) 
- Y más. 
Desarrollamos sitios administrables por el usuario, logrando que usted tenga el total dominio y libertad del uso de su Web. Junto con cada Página desarrollada entregamos un Administrador para que pueda cargar datos, fotos, videos y todo el contenido necesario para mantener su Web actualizada. 
Atendemos agencias para reventa de productos y/o servicios / Marca Blanca / Distribuidores 
Estos son algunos de los clientes que han confiado en nosotros de "Madrid, Valencia, Burgos, Sevilla, Barcelona, G

Re: [SECURITY] [DSA 2669-1] linux security update

Andrew S. Zbikowski — 2013-05-20T17:28:18

unsubscribe

Re: Wheezy is vulnerable to CVE-2013-2094

Riku Valli — 2013-05-15T14:02:48


Bug is in 2.6.37-3.8.8, fixed in 3.8.9 and kernel must be compiled with
PERF_EVENTS (default on most modern distros). Bug fixed in 3.8.10.

ref: https://news.ycombinator.com/item?id=5703758

Hope at this help

Regards, Riku

Re: Wheezy is vulnerable to CVE-2013-2094

Gavin — 2013-05-15T11:32:47

Hi Kees,

I grabbed the source from here:-
http://packetstormsecurity.com/files/121616/semtex.c

Compiled it like so:-

gavin< at >caelyn:~$ gcc -O2 semtex.c && ./a.out

As soon as I hit enter my kernel panics:-

" BUG: unable to handle kernel paging request at xxxxxxxxxxxxx. "

gavin< at >caelyn:~$ uname -a
Linux caelyn 3.2.0-4-amd64 #1 SMP Debian 3.2.41-2 x86_64 GNU/Linux

gavin< at >caelyn:~$ gcc -v
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/4.7/lto-wrapper
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Debian
4.7.2-5' --with-bugurl=file:///usr/share/doc/gcc-4.7/README.Bugs
--enable-languages=c,c++,go,fortran,objc,obj-c++ --prefix=/usr
--program-suffix=-4.7 --enable-shared --enable-linker-build-id
--with-system-zlib --libexecdir=/usr/lib --without-included-gettext
--enable-threads=posix --with-gxx-include-dir=/usr/include/c++/4.7
--libdir=/usr/lib --enable-nls --with-sysroot=/ --enable-clocale=gnu
--enable-libstdcxx-debug --enable-libstdcxx-

Re: Wheezy is vulnerable to CVE-2013-2094

Kees de Jong — 2013-05-15T10:50:14

Gavin, did you use the right exploit? The output looks like it's designed
for a 2.6.37 kernel. I don't have a computer near me to check the exploit
myself. Could you please verify you used the right exploit? Thanks!

Re: Wheezy is vulnerable to CVE-2013-2094

nnex — 2013-05-15T03:58:22

Hi all.
I'm confirm exploit is working on Debian wheezy with kernel 
3.2.0-4-rt-amd64 with gcc -O2 options

On 05/15/2013 12:20 AM, Gavin wrote:

Re: [SECURITY] [DSA 2668-1] linux-2.6 security update

Jon Marshall — 2013-05-14T20:21:05

Apologies, hit the wrong reply to! Please ignore and thanks for all the good
work.

On Tue, May 14, 2013 at 09:15:48PM +0100, Jon Marshall wrote:

Re: [SECURITY] [DSA 2668-1] linux-2.6 security update

Jon Marshall — 2013-05-14T20:15:48

Saw this earlier, apparently there is a serious issue that affects all of the
kernels up to 3.8

Will do a security thing tomorrow, if I get a chance, but it has been a while
since we've had a look at it, my fault.

Will update once I've reviewed.

On Tue, May 14, 2013 at 01:14:29PM -0600, dann frazier wrote:

Re: Wheezy is vulnerable to CVE-2013-2094

Gavin — 2013-05-14T18:20:25

Ok, if I compile with the -O2 then I don't get a root shell, however
my kernel panics with:-

BUG: unable to handle kernel paging request at xxxxxxxxxxxxx.

Still not ideal.

Thanks for the heads-up!

Re: Wheezy is vulnerable to CVE-2013-2094

Gerald Turner — 2013-05-14T17:41:19

At first I thought the same thing, however compile with -O2:

$ gcc -O2 semtex.c && ./a.out
2.6.37-3.x x86_64
sd< at >fucksheep.org 2010
root< at >xo-laptop:/tmp# uname -a
Linux xo-laptop 3.2.0-4-amd64 #1 SMP Debian 3.2.41-2 x86_64 GNU/Linux

Re: Wheezy is vulnerable to CVE-2013-2094

John Andreasson — 2013-05-14T17:43:13


Hi.

 I'm on the same kernel version/arch. Did you compile with -O2? I had to
compile with that flag for it to work.

Re: Wheezy is vulnerable to CVE-2013-2094

dann frazier — 2013-05-14T17:29:05

We're investigating it now and will provide a fix ASAP.

      -dann

Re: Wheezy is vulnerable to CVE-2013-2094

Gavin — 2013-05-14T17:29:10

Hi John,

I'm unable to replicate this 'issue' on my up to date Wheezy laptop.

gavin< at >caelyn:~$ uname -a
Linux caelyn 3.2.0-4-amd64 #1 SMP Debian 3.2.41-2 x86_64 GNU/Linux

When I run the compiled binary of this exploit as my unprivileged user
I get the following error:-

gavin< at >caelyn:~$ ./getroot
2.6.37-3.x x86_64
sd< at >f***sheep.org 2010
getroot: getroot.c:81: main: Assertion `p = memmem(code, 1024,
&needle, 8)' failed.
Aborted

What kernel are you able to replicate this bug with ?

Wheezy is vulnerable to CVE-2013-2094

John Andreasson — 2013-05-14T16:36:12

Hi.

Was just alerted of a kernel bug in RHEL [1], but when testing the sample
code on Wheezy as an unprivileged user it successfully gives me a root
prompt. Kind of suboptimal. :-(

Any idea when this is fixed?

[1] https://bugzilla.redhat.com/show_bug.cgi?id=962792

10 mai 2013 - Eclipse du Soleil

Clara V.S — 2013-05-08T09:45:02



To unsubscribe copy and paste this link into a browser window - http://www.kiomail.com/sys/cremovecust.php?email=debian-security< at >lists.debian.org&list_id=5

Re: About adding security.debian.org ipv6 to iptables, which range should we add?

Stephen Gran — 2013-05-07T19:07:07

Hello,

This one time, at band camp, Stefan Eriksson said:

security.debian.org is a set of mirrors, but what answer you get
depends on where in the world you appear to be coming from, and
maintenance periods and so on.

You can look here: http://db.debian.org/machines.cgi for all the
machines with a 'purpose' field set to 'security.debian.org mirror', and
hope that you can keep up to date, or you can use a web proxy for
outbound access.

Cheersm

Re: About adding security.debian.org ipv6 to iptables, which range should we add?

Florian Weimer — 2013-05-06T18:22:30

* Stefan Eriksson:


The IPv6 addresses change as well.  You should use a
tightly-controlled proxy or an internal mirror.