Debian Package Tracker - firmware-nonfree

general

source: firmware-nonfree (non-free)
version: 20180825+dfsg-1
maintainer: Debian Kernel Team (archive) [DMD]
uploaders: maximilian attems [DMD] – Ben Hutchings [DMD] – Steve Langasek [DMD] – Bastian Blank [DMD]
arch: all
std-ver: 4.0.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.36+wheezy.1
o-o-bpo: 0.43~bpo70+1
oldstable: 0.43
old-bpo: 20161130-3~bpo8+1
stable: 20161130-3
stable-bpo: 20180825+dfsg-1~bpo9+1
testing: 20180825+dfsg-1
unstable: 20180825+dfsg-1
NEW/stretch: 20161130-4

versioned links

0.36+wheezy.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.43~bpo70+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.43: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
20161130-3~bpo8+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
20161130-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
20180825+dfsg-1~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
20180825+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

firmware-adi
firmware-amd-graphics
firmware-atheros
firmware-bnx2
firmware-bnx2x
firmware-brcm80211
firmware-cavium
firmware-intel-sound
firmware-intelwimax
firmware-ipw2x00
firmware-ivtv
firmware-iwlwifi
firmware-libertas
firmware-linux
firmware-linux-nonfree
firmware-misc-nonfree
firmware-myricom
firmware-netronome
firmware-netxen
firmware-qcom-media
firmware-qlogic
firmware-ralink
firmware-realtek
firmware-samsung
firmware-siano
firmware-ti-connectivity

action needed

8 security issues in jessie high

There are 8 open security issues in jessie.

5 important issues:

CVE-2017-13081: Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.
CVE-2017-13078: Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.
CVE-2017-13079: Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.
CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
CVE-2017-13077: Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

3 issues skipped by the security teams:

CVE-2016-0801: The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25662029.
CVE-2017-0561: A remote code execution vulnerability in the Broadcom Wi-Fi firmware could enable a remote attacker to execute arbitrary code within the context of the Wi-Fi SoC. This issue is rated as Critical due to the possibility of remote code execution in the context of the Wi-Fi SoC. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34199105. References: B-RB#110814.
CVE-2017-9417: Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue.

Please fix them.

Created: 2017-09-25 Last update: 2018-10-14 12:58

4 bugs tagged help in the BTS normal

The BTS contains 4 bugs tagged help, please consider helping the maintainer in dealing with them.

Created: 2017-08-29 Last update: 2018-10-19 00:24

2 bugs tagged patch in the BTS normal

The BTS contains patches fixing 2 bugs (3 if counting merged bugs), consider including or untagging them.

Created: 2018-10-01 Last update: 2018-10-19 00:24

3 new commits since last upload, time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 20181001-1, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 51501a9430d1ddf61cc2063ed3841ada82fb3cbe
Author: Romain Perier <romain.perier@gmail.com>
Date:   Mon Oct 1 20:57:27 2018 +0200

    Update to commit 7c81f23ad903f72e87e2102d8f52408305c0f7a2, dated
    2018-10-01

commit 37ded1497c517388b45234aeb29e23a70d009169
Author: Romain Perier <romain.perier@gmail.com>
Date:   Tue Sep 18 19:19:47 2018 +0200

    Update to commit 44d4fca9922a252a0bd81f6307bcc072a78da54a dated 2018-09-13

commit 9e9aa3676653a26b5348da4ab2942fa7542bba0d
Author: Romain Perier <romain.perier@gmail.com>
Date:   Tue Sep 18 18:59:01 2018 +0200

    amd-graphics: Add AMD Vega M firmware (Closes #907598)

Created: 2018-09-19 Last update: 2018-10-18 14:40

lintian reports 1 warning normal

Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2018-09-25 Last update: 2018-09-25 08:15

AppStream hints: 22 warnings normal

AppStream found metadata issues for packages:

firmware-bnx2x: 1 warning
firmware-cavium: 1 warning
firmware-libertas: 1 warning
firmware-iwlwifi: 1 warning
firmware-intel-sound: 1 warning
firmware-qcom-media: 1 warning
firmware-brcm80211: 1 warning
firmware-intelwimax: 1 warning
firmware-ivtv: 1 warning
firmware-samsung: 1 warning
firmware-netronome: 1 warning
firmware-siano: 1 warning
firmware-ipw2x00: 1 warning
firmware-myricom: 1 warning
firmware-realtek: 1 warning
firmware-atheros: 1 warning
firmware-misc-nonfree: 1 warning
firmware-netxen: 1 warning
firmware-ti-connectivity: 1 warning
firmware-qlogic: 1 warning
firmware-bnx2: 1 warning
firmware-amd-graphics: 1 warning

You should get rid of them to provide more metadata about this software.

Created: 2018-06-04 Last update: 2018-07-27 14:02

8 ignored security issues in stretch low

There are 8 open security issues in stretch.

8 issues skipped by the security teams:

CVE-2017-13081: Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.
CVE-2017-13079: Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.
CVE-2017-9417: Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue.
CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
CVE-2017-13077: Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
CVE-2016-0801: The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25662029.
CVE-2017-13078: Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.
CVE-2017-0561: A remote code execution vulnerability in the Broadcom Wi-Fi firmware could enable a remote attacker to execute arbitrary code within the context of the Wi-Fi SoC. This issue is rated as Critical due to the possibility of remote code execution in the context of the Wi-Fi SoC. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34199105. References: B-RB#110814.

Please fix them.

Created: 2017-09-25 Last update: 2018-10-14 12:58

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.2.1 instead of 4.0.1).

Created: 2017-06-25 Last update: 2018-08-30 06:19

news

[rss feed]

[2018-09-16] Accepted firmware-nonfree 20180825+dfsg-1~bpo9+1 (all source) into stretch-backports, stretch-backports (Ben Hutchings)
[2018-09-04] firmware-nonfree 20180825+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-08-29] Accepted firmware-nonfree 20180825+dfsg-1 (source) into unstable (Ben Hutchings)
[2018-08-27] Accepted firmware-nonfree 20180825-1 (source all) into unstable, unstable (Ben Hutchings)
[2018-08-12] Accepted firmware-nonfree 20180518-1~bpo9+1 (all source) into stretch-backports, stretch-backports (Ben Hutchings)
[2018-08-01] firmware-nonfree 20180518-1 MIGRATED to testing (Debian testing watch)
[2018-07-27] Accepted firmware-nonfree 20180518-1 (all source) into unstable, unstable (Ben Hutchings)
[2017-10-25] Accepted firmware-nonfree 20170823-1~bpo9+1 (source all) into stretch-backports, stretch-backports (Ben Hutchings)
[2017-09-02] firmware-nonfree 20170823-1 MIGRATED to testing (Debian testing watch)
[2017-08-27] Accepted firmware-nonfree 20170823-1 (source) into unstable (Ben Hutchings)
[2017-06-24] Accepted firmware-nonfree 20161130-3~bpo8+1 (source all) into jessie-backports->backports-policy, jessie-backports (Ben Hutchings)
[2017-06-08] firmware-nonfree 20161130-3 MIGRATED to testing (Debian testing watch)
[2017-06-06] Accepted firmware-nonfree 20161130-3 (source) into unstable (Ben Hutchings)
[2017-01-15] Accepted firmware-nonfree 20161130-2~bpo8+1 (source all) into jessie-backports (Héctor Orón Martínez) (signed by: Hector Oron Martinez)
[2016-12-24] firmware-nonfree 20161130-2 MIGRATED to testing (Debian testing watch)
[2016-12-14] Accepted firmware-nonfree 20161130-2 (source) into unstable (Ben Hutchings)
[2016-12-03] Accepted firmware-nonfree 20161130-1 (source) into unstable (Ben Hutchings)
[2016-10-01] Accepted firmware-nonfree 20160824-1~bpo8+1 (all source) into jessie-backports (Ben Hutchings)
[2016-09-23] firmware-nonfree 20160824-1 MIGRATED to testing (Debian testing watch)
[2016-09-18] Accepted firmware-nonfree 20160824-1 (source) into unstable (Ben Hutchings)
[2016-02-24] Accepted firmware-nonfree 20160110-1~bpo8+1 (source all) into jessie-backports (Héctor Orón Martínez) (signed by: Hector Oron Martinez)
[2016-01-16] firmware-nonfree 20160110-1 MIGRATED to testing (Debian testing watch)
[2016-01-10] Accepted firmware-nonfree 20160110-1 (source) into unstable (Ben Hutchings)
[2015-12-28] Accepted firmware-nonfree 20151207-1~bpo8+1 (source all) into jessie-backports (Héctor Orón Martínez) (signed by: Hector Oron Martinez)
[2015-12-12] firmware-nonfree 20151207-1 MIGRATED to testing (Debian testing watch)
[2015-12-07] Accepted firmware-nonfree 20151207-1 (source) into unstable (Ben Hutchings)
[2015-10-25] firmware-nonfree 20151018-2 MIGRATED to testing (Britney)
[2015-10-19] Accepted firmware-nonfree 20151018-2 (source) into unstable (Ben Hutchings)
[2015-10-19] Accepted firmware-nonfree 20151018-1 (all source) into unstable, unstable (Ben Hutchings)
[2015-05-17] firmware-nonfree 0.44 MIGRATED to testing (Britney)

bugs [bug history graph]

all: 48 51
RC: 0
I&N: 33
M&W: 15 18
F&P: 0
patch: 2 3
help: 4

links

lintian (0, 1)
buildd: logs, clang
popcon
browse source code
edit tags
security tracker