Stefanos Harhalakis
2009-May-23 09:48 UTC
[Secure-testing-team] Bug#530245: udev: Fix of bug #462655 should be ported to lenny
Package: udev Version: 0.141-1 Severity: critical Tags: security Justification: root security hole Bug #462655 also affects lenny. I believe that it should be ported to lenny too since: a) It is security related b) Most aacraid-related controllers are on servers which tend to use stable -- Package-specific info: -- /etc/udev/rules.d/: /etc/udev/rules.d/: total 220 lrwxrwxrwx 1 root root 23 2008-09-17 17:34 010-no-legacy-ptys.rules -> ../no-legacy-ptys.rules lrwxrwxrwx 1 root root 20 2008-09-17 16:45 025_libchipcard.rules -> ../libchipcard.rules lrwxrwxrwx 1 root root 19 2008-09-17 16:45 025_libgphoto2.rules -> ../libgphoto2.rules lrwxrwxrwx 1 root root 15 2008-09-17 16:45 025_lomoco.rules -> ../lomoco.rules lrwxrwxrwx 1 root root 16 2008-09-17 16:45 030_ifplugd.rules -> ../ifplugd.rules lrwxrwxrwx 1 root root 13 2008-09-17 17:31 035_kino.rules -> ../kino.rules -rw-r--r-- 1 root root 1137 2008-10-01 17:33 65_dmsetup.rules -rw-r--r-- 1 root root 991 2008-09-17 16:45 65_mdadm.vol_id.rules -rw-r--r-- 1 root root 3436 2009-03-06 07:51 70-persistent-cd.rules -rw-r--r-- 1 root root 1652 2009-05-02 00:08 70-persistent-net.rules -rw-r--r-- 1 root root 283 2009-03-25 23:52 85_dmraid.rules lrwxrwxrwx 1 root root 16 2008-09-17 16:45 libmtp7.rules -> ../libmtp7.rules lrwxrwxrwx 1 root root 15 2008-09-17 16:45 libnjb.rules -> ../libnjb.rules -rw-r--r-- 1 root root 550 2008-09-18 16:21 xpp.rules -rw-r--r-- 1 root root 505 2008-09-17 16:45 xpp.rules.dpkg-old lrwxrwxrwx 1 root root 17 2008-09-17 16:45 z33_v.rules -> ../v-custom.rules lrwxrwxrwx 1 root root 30 2008-09-17 17:31 z55_alsa-firmware-loaders.rules -> ../alsa-firmware-loaders.rules lrwxrwxrwx 1 root root 19 2008-09-17 16:45 z60_alsa-utils.rules -> ../alsa-utils.rules -rw-r--r-- 1 root root 2079 2009-04-08 18:20 z60_gpsd.rules lrwxrwxrwx 1 root root 15 2008-09-17 16:45 z60_hdparm.rules -> ../hdparm.rules -rw-r--r-- 1 root root 5354 2009-03-17 12:09 z60_hplip.rules -rw-r--r-- 1 root root 590 2009-05-17 19:13 z60_iguanair.rules -rw-r--r-- 1 root root 1240 2009-04-06 21:06 z60_kpartx.rules -rw-r--r-- 1 root root 2589 2008-09-17 16:45 z60_libpisock9.rules -rw-r--r-- 1 root root 1152 2009-05-06 15:26 z60_libsane-extras.rules -rw-r--r-- 1 root root 72908 2009-03-04 12:03 z60_libsane.rules -rw-r--r-- 1 root root 72908 2008-09-17 16:45 z60_libsane.rules.dpkg-old -rw-r--r-- 1 root root 7117 2009-04-12 00:32 z60_xserver-xorg-input-wacom.rules -rw-r--r-- 1 root root 6661 2008-09-17 16:45 z60_xserver-xorg-input-wacom.rules.dpkg-old -rw-r--r-- 1 root root 217 2008-09-17 16:45 zaptel.perms -- /sys/: /sys/block/dm-0/dev /sys/block/dm-1/dev /sys/block/dm-2/dev /sys/block/dm-3/dev /sys/block/dm-4/dev /sys/block/fd0/dev /sys/block/md10/dev /sys/block/md11/dev /sys/block/md12/dev /sys/block/md13/dev /sys/block/md1/dev /sys/block/md5/dev /sys/block/md6/dev /sys/block/md7/dev /sys/block/md8/dev /sys/block/md9/dev /sys/block/nbd0/dev /sys/block/nbd10/dev /sys/block/nbd11/dev /sys/block/nbd12/dev /sys/block/nbd13/dev /sys/block/nbd14/dev /sys/block/nbd15/dev /sys/block/nbd1/dev /sys/block/nbd2/dev /sys/block/nbd3/dev /sys/block/nbd4/dev /sys/block/nbd5/dev /sys/block/nbd6/dev /sys/block/nbd7/dev /sys/block/nbd8/dev /sys/block/nbd9/dev /sys/block/ram0/dev /sys/block/ram10/dev /sys/block/ram11/dev /sys/block/ram12/dev /sys/block/ram13/dev /sys/block/ram14/dev /sys/block/ram15/dev /sys/block/ram1/dev /sys/block/ram2/dev /sys/block/ram3/dev /sys/block/ram4/dev /sys/block/ram5/dev /sys/block/ram6/dev /sys/block/ram7/dev /sys/block/ram8/dev /sys/block/ram9/dev /sys/block/sda/dev /sys/block/sda/sda10/dev /sys/block/sda/sda11/dev /sys/block/sda/sda12/dev /sys/block/sda/sda13/dev /sys/block/sda/sda1/dev /sys/block/sda/sda2/dev /sys/block/sda/sda3/dev /sys/block/sda/sda5/dev /sys/block/sda/sda6/dev /sys/block/sda/sda7/dev /sys/block/sda/sda8/dev /sys/block/sda/sda9/dev /sys/block/sdb/dev /sys/block/sdb/sdb10/dev /sys/block/sdb/sdb11/dev /sys/block/sdb/sdb12/dev /sys/block/sdb/sdb13/dev /sys/block/sdb/sdb1/dev /sys/block/sdb/sdb2/dev /sys/block/sdb/sdb3/dev /sys/block/sdb/sdb5/dev /sys/block/sdb/sdb6/dev /sys/block/sdb/sdb7/dev /sys/block/sdb/sdb8/dev /sys/block/sdb/sdb9/dev /sys/block/sdc/dev /sys/block/sdc/sdc10/dev /sys/block/sdc/sdc11/dev /sys/block/sdc/sdc12/dev /sys/block/sdc/sdc13/dev /sys/block/sdc/sdc1/dev /sys/block/sdc/sdc2/dev /sys/block/sdc/sdc3/dev /sys/block/sdc/sdc5/dev /sys/block/sdc/sdc6/dev /sys/block/sdc/sdc7/dev /sys/block/sdc/sdc8/dev /sys/block/sdc/sdc9/dev /sys/block/sdd/dev /sys/block/sdd/sdd10/dev /sys/block/sdd/sdd11/dev /sys/block/sdd/sdd12/dev /sys/block/sdd/sdd13/dev /sys/block/sdd/sdd1/dev /sys/block/sdd/sdd2/dev /sys/block/sdd/sdd3/dev /sys/block/sdd/sdd5/dev /sys/block/sdd/sdd6/dev /sys/block/sdd/sdd7/dev /sys/block/sdd/sdd8/dev /sys/block/sdd/sdd9/dev /sys/block/sde/dev /sys/block/sde/sde1/dev /sys/block/sdf/dev /sys/block/sdf/sdf1/dev /sys/block/sdf/sdf2/dev /sys/block/sdf/sdf3/dev /sys/block/sdf/sdf4/dev /sys/block/sdf/sdf5/dev /sys/block/sdf/sdf6/dev /sys/block/sdf/sdf7/dev /sys/block/sdg/dev /sys/block/sdh/dev /sys/block/sdi/dev /sys/block/sdj/dev /sys/block/sdk/dev /sys/block/sdk/sdk1/dev /sys/block/sdk/sdk2/dev /sys/block/sr0/dev /sys/block/sr1/dev /sys/class/bsg/0:0:0:0/dev /sys/class/bsg/1:0:0:0/dev /sys/class/bsg/2:0:0:0/dev /sys/class/bsg/3:0:0:0/dev /sys/class/bsg/4:0:0:0/dev /sys/class/bsg/5:0:0:0/dev /sys/class/bsg/6:0:0:0/dev /sys/class/bsg/7:0:0:0/dev /sys/class/bsg/8:0:0:0/dev /sys/class/bsg/8:0:0:1/dev /sys/class/bsg/8:0:0:2/dev /sys/class/bsg/8:0:0:3/dev /sys/class/bsg/9:0:0:0/dev /sys/class/graphics/fb0/dev /sys/class/hidraw/hidraw0/dev /sys/class/hidraw/hidraw1/dev /sys/class/i2c-dev/i2c-0/dev /sys/class/i2c-dev/i2c-1/dev /sys/class/input/input0/event0/dev /sys/class/input/input1/event1/dev /sys/class/input/input1/mouse0/dev /sys/class/input/input2/event2/dev /sys/class/input/input2/mouse1/dev /sys/class/input/input3/event3/dev /sys/class/input/input4/event4/dev /sys/class/input/input5/event5/dev /sys/class/input/input6/event6/dev /sys/class/input/input7/event7/dev /sys/class/input/mice/dev /sys/class/misc/cpu_dma_latency/dev /sys/class/misc/device-mapper/dev /sys/class/misc/fuse/dev /sys/class/misc/hpet/dev /sys/class/misc/kvm/dev /sys/class/misc/mcelog/dev /sys/class/misc/microcode/dev /sys/class/misc/network_latency/dev /sys/class/misc/network_throughput/dev /sys/class/misc/psaux/dev /sys/class/misc/snapshot/dev /sys/class/rtc/rtc0/dev /sys/class/scsi_generic/sg0/dev /sys/class/scsi_generic/sg10/dev /sys/class/scsi_generic/sg11/dev /sys/class/scsi_generic/sg12/dev /sys/class/scsi_generic/sg1/dev /sys/class/scsi_generic/sg2/dev /sys/class/scsi_generic/sg3/dev /sys/class/scsi_generic/sg4/dev /sys/class/scsi_generic/sg5/dev /sys/class/scsi_generic/sg6/dev /sys/class/scsi_generic/sg7/dev /sys/class/scsi_generic/sg8/dev /sys/class/scsi_generic/sg9/dev /sys/class/sound/adsp2/dev /sys/class/sound/adsp/dev /sys/class/sound/audio2/dev /sys/class/sound/audio3/dev /sys/class/sound/audio/dev /sys/class/sound/controlC0/dev /sys/class/sound/controlC1/dev /sys/class/sound/controlC2/dev /sys/class/sound/controlC3/dev /sys/class/sound/dsp2/dev /sys/class/sound/dsp3/dev /sys/class/sound/dsp/dev /sys/class/sound/mixer1/dev /sys/class/sound/mixer2/dev /sys/class/sound/mixer3/dev /sys/class/sound/mixer/dev /sys/class/sound/pcmC0D0c/dev /sys/class/sound/pcmC0D0p/dev /sys/class/sound/pcmC0D1c/dev /sys/class/sound/pcmC0D1p/dev /sys/class/sound/pcmC0D2c/dev /sys/class/sound/pcmC1D3p/dev /sys/class/sound/pcmC2D0c/dev /sys/class/sound/pcmC2D1c/dev /sys/class/sound/pcmC3D0c/dev /sys/class/sound/seq/dev /sys/class/sound/sequencer2/dev /sys/class/sound/sequencer/dev /sys/class/sound/timer/dev /sys/class/usb_device/usbdev10.1/dev /sys/class/usb_device/usbdev11.1/dev /sys/class/usb_device/usbdev1.1/dev /sys/class/usb_device/usbdev2.1/dev /sys/class/usb_device/usbdev3.10/dev /sys/class/usb_device/usbdev3.1/dev /sys/class/usb_device/usbdev3.2/dev /sys/class/usb_device/usbdev3.3/dev /sys/class/usb_device/usbdev3.4/dev /sys/class/usb_device/usbdev3.5/dev /sys/class/usb_device/usbdev3.6/dev /sys/class/usb_device/usbdev3.7/dev /sys/class/usb_device/usbdev3.8/dev /sys/class/usb_device/usbdev3.9/dev /sys/class/usb_device/usbdev4.1/dev /sys/class/usb_device/usbdev5.1/dev /sys/class/usb_device/usbdev6.1/dev /sys/class/usb_device/usbdev7.1/dev /sys/class/usb_device/usbdev8.1/dev /sys/class/usb_device/usbdev9.1/dev /sys/class/usb_endpoint/usbdev10.1_ep00/dev /sys/class/usb_endpoint/usbdev10.1_ep81/dev /sys/class/usb_endpoint/usbdev11.1_ep00/dev /sys/class/usb_endpoint/usbdev11.1_ep81/dev /sys/class/usb_endpoint/usbdev1.1_ep00/dev /sys/class/usb_endpoint/usbdev1.1_ep81/dev /sys/class/usb_endpoint/usbdev2.1_ep00/dev /sys/class/usb_endpoint/usbdev2.1_ep81/dev /sys/class/usb_endpoint/usbdev3.10_ep00/dev /sys/class/usb_endpoint/usbdev3.10_ep02/dev /sys/class/usb_endpoint/usbdev3.10_ep81/dev /sys/class/usb_endpoint/usbdev3.1_ep00/dev /sys/class/usb_endpoint/usbdev3.1_ep81/dev /sys/class/usb_endpoint/usbdev3.2_ep00/dev /sys/class/usb_endpoint/usbdev3.2_ep81/dev /sys/class/usb_endpoint/usbdev3.3_ep00/dev /sys/class/usb_endpoint/usbdev3.3_ep81/dev /sys/class/usb_endpoint/usbdev3.4_ep00/dev /sys/class/usb_endpoint/usbdev3.4_ep81/dev /sys/class/usb_endpoint/usbdev3.5_ep00/dev /sys/class/usb_endpoint/usbdev3.5_ep81/dev /sys/class/usb_endpoint/usbdev3.5_ep82/dev /sys/class/usb_endpoint/usbdev3.6_ep00/dev /sys/class/usb_endpoint/usbdev3.6_ep02/dev /sys/class/usb_endpoint/usbdev3.6_ep81/dev /sys/class/usb_endpoint/usbdev3.6_ep83/dev /sys/class/usb_endpoint/usbdev3.7_ep00/dev /sys/class/usb_endpoint/usbdev3.7_ep81/dev /sys/class/usb_endpoint/usbdev3.8_ep00/dev /sys/class/usb_endpoint/usbdev3.8_ep81/dev /sys/class/usb_endpoint/usbdev3.9_ep00/dev /sys/class/usb_endpoint/usbdev3.9_ep01/dev /sys/class/usb_endpoint/usbdev3.9_ep82/dev /sys/class/usb_endpoint/usbdev4.1_ep00/dev /sys/class/usb_endpoint/usbdev4.1_ep81/dev /sys/class/usb_endpoint/usbdev5.1_ep00/dev /sys/class/usb_endpoint/usbdev5.1_ep81/dev /sys/class/usb_endpoint/usbdev6.1_ep00/dev /sys/class/usb_endpoint/usbdev6.1_ep81/dev /sys/class/usb_endpoint/usbdev7.1_ep00/dev /sys/class/usb_endpoint/usbdev7.1_ep81/dev /sys/class/usb_endpoint/usbdev8.1_ep00/dev /sys/class/usb_endpoint/usbdev8.1_ep81/dev /sys/class/usb_endpoint/usbdev9.1_ep00/dev /sys/class/usb_endpoint/usbdev9.1_ep81/dev /sys/class/video4linux/radio0/dev /sys/class/video4linux/vbi0/dev /sys/class/video4linux/video0/dev /sys/class/video4linux/video1/dev /sys/dev /sys/devices/pci0000:00/0000:00:1a.0/usb4/dev /sys/devices/pci0000:00/0000:00:1a.1/usb5/dev /sys/devices/pci0000:00/0000:00:1a.2/usb6/dev /sys/devices/pci0000:00/0000:00:1a.7/usb1/dev /sys/devices/pci0000:00/0000:00:1d.0/usb7/dev /sys/devices/pci0000:00/0000:00:1d.1/usb8/dev /sys/devices/pci0000:00/0000:00:1d.2/usb9/dev /sys/devices/pci0000:00/0000:00:1d.7/usb2/dev /sys/devices/pci0000:00/0000:00:1e.0/0000:05:02.0/usb10/dev /sys/devices/pci0000:00/0000:00:1e.0/0000:05:02.1/usb11/dev /sys/devices/pci0000:00/0000:00:1e.0/0000:05:02.2/usb3/3-1/3-1.1/dev /sys/devices/pci0000:00/0000:00:1e.0/0000:05:02.2/usb3/3-1/3-1.4/dev /sys/devices/pci0000:00/0000:00:1e.0/0000:05:02.2/usb3/3-1/dev /sys/devices/pci0000:00/0000:00:1e.0/0000:05:02.2/usb3/3-2/3-2.1/dev /sys/devices/pci0000:00/0000:00:1e.0/0000:05:02.2/usb3/3-2/3-2.2/dev /sys/devices/pci0000:00/0000:00:1e.0/0000:05:02.2/usb3/3-2/dev /sys/devices/pci0000:00/0000:00:1e.0/0000:05:02.2/usb3/3-4/3-4.1/dev /sys/devices/pci0000:00/0000:00:1e.0/0000:05:02.2/usb3/3-4/3-4.2/dev /sys/devices/pci0000:00/0000:00:1e.0/0000:05:02.2/usb3/3-4/dev /sys/devices/pci0000:00/0000:00:1e.0/0000:05:02.2/usb3/dev -- Kernel configuration: isapnp_init not present. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (990, ''testing''), (500, ''unstable''), (500, ''stable''), (1, ''experimental'') Architecture: amd64 (x86_64) Kernel: Linux 2.6.30-rc6-v2-v (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages udev depends on: ii debconf [debconf-2.0] 1.5.26 Debian configuration management sy ii libc6 2.9-4 GNU C Library: Shared libraries ii libselinux1 2.0.71-1 SELinux shared libraries ii libvolume-id1 0.141-1 libvolume_id shared library ii lsb-base 3.2-22 Linux Standard Base 3.2 init scrip udev recommends no packages. udev suggests no packages. -- debconf-show failed