Hello,

In the past months, Sergey Bugaev has been working on fixing some
Hurd security vulnerabilities. This is now fixed in the latest Debian
packages, so please upgrade and reboot!

hurd >= 1:0.9.git20210404-9
libc0.3 >= 2.31-13+hurd.1
gnumach-image-1.8-* >= 2:1.8+git20210809-1


(A libc0.3 2.31-13+hurd.2 upload will also happen tomorrow, but that
will only be intended to fix builds)

Samuel

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEi6MnFvk67auaclLJ5pG0tXV4H2IFAmER3joACgkQ5pG0tXV4 H2KQcQ//Yfx8v9/oYqeDtUmgbkjtFXhglqColqThFowKsRnzbJxZ4wEDMULZG7Mc b7JNMgEaknc6xazzwbCF4ZwyOxjRbh1QOVL56cXrGj862WyUbn/tvcFJShV8/qsI ImhsO6TBaPgQ67XJOQl/yFo7PWkXfQa8Kbv/xONClB2/aHGCfVlqJCMcQv3+vwj8 yZIvCPtLRMbeAt0yrs395o4GVI3Q6w1BnPy/yXqWLZ10QAeh5RnlCX+rU1zQEvIN wtZa3WYqbxq4DvU3d2JkhiH7EO/tLAiKm4fU97DAQniFIdjzi63R8x1QRcw6ESEM TUn2rG2z7eKHaM9CUHZ79XkOjQylX+2zh3dw/k9t+ktQIibil8nL0468lJ6CF6wE WFpMAO+46RPaeUv3YZ/VSK5YnMGN2UHy82vG737zgifkn1IYcDEUggAhfTHOVLrY 2BJWRL3Bm5SBqgxVOm3PKCsr1FQOwwWe/vGsZWaqDMdcMnm08iwZMP9YOACfJaT5 oQOwn8R6tLSBcnlw9zMsVOK+bA2WPsPXWuKQEpK7TKLKNj28IoAOalgwVAMP5oS9 zo6wGv+/kWItUFzxCIeK5r7jhOd4US8WSIgb2b3P5PD4dbJ09RWorTPVDxiul45y zQ+rXLPzmmrlZKL1LBB8Mq6l2HDwa3iY00AnE6U13UELTYgZuc0=
=CmA8
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Tue, Aug 10, 2021 at 5:04 AM Samuel Thibault <sthibault@debian.org> wrote:

In the past months, Sergey Bugaev has been working on fixing some
Hurd security vulnerabilities.

Well I certainly wasn't doing it alone :)

Samuel and me have been working together over the past few months to
design and implement fixes for the several severe vulnerabilities in
the Hurd. (How many of those vulnerabilities we have fixed is hard to
quantify, but it's more than just the three I reported initially.)

I worked on:
- Actually finding the vulnerabilities and developing exploits for them
- Coming up with potential ways we could work towards fixing them
- Actually writing most of the code
- Testing it in a subhurd

Samuel helped with reviewing my changes and making design decisions;
towards the end he got some time and joined in with testing,
debugging, and writing code.

None of the vulnerabilities were as simple as an off-by-one error or a
missing check; they all had to do with certain mechanisms being
structured in a way that makes them subtly insecure, which is why
fixing them required a lot of design work. We ended up switching our
approach several times; I believe our final version is much better
than what we were trying to do initially. In the end, we managed to
make the changes way less invasive than it seemed they had to be, and
they complicate things much less than it initially appeared was
necessary. Still, the changes touch most of the components of the
Hurd.

We were aiming to make it in time for the upcoming Debian release, to
make sure it already contains the fixed versions. There were some
troubles and a change of approach and new bugs discovered (and fixed)
in the last few days, but apparently we did make it in time!

I urge everybody to upgrade (and reboot!) their systems as soon as
possible. I have already updated mine, and can confirm that all my
exploits fail now.

Sergey

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Hi Samuel,

In the past months, Sergey Bugaev has been working on fixing
some
Hurd security vulnerabilities. This is now fixed in the latest
Debian
packages, so please upgrade and reboot!

Thanks for the fixes and the heads-up!

hurd >= 1:0.9.git20210404-9
libc0.3 >= 2.31-13+hurd.1
gnumach-image-1.8-* >= 2:1.8+git20210809-1

I’m a little unclear on what this means for distributions like
Guix. Should we just update to the latest version from git? Are
there specific commits we should use if it’s not just the latest?

Thanks!

--
Ricardo

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Ricardo Wurmus, le mar. 10 août 2021 17:52:34 +0200, a ecrit:

I’m a little unclear on what this means for distributions like Guix. Should
we just update to the latest version from git? Are there specific commits
we should use if it’s not just the latest?

Since Sergey's copyright assignment is not complete yet, it's not
commited yet, so you have to pick up the patches from the debian
repository.

Samuel

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

I have used Debian/Hurd for 1 year on my real system - Celleron
400MHz, 0.5G RAM.
It stopped working yesterday after the last update:

start ext2fs: Hurd server bootstrap: ext2fs[device:hd2s2] exec
startupext2fs: Executing '/hurd/startup': (os/kern) protection failure

Could you help me?

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Hi Samuel,

Samuel Thibault <samuel.thibault@gnu.org> skribis:

Ricardo Wurmus, le mar. 10 août 2021 17:52:34 +0200, a ecrit:

I’m a little unclear on what this means for distributions like Guix. Should
we just update to the latest version from git? Are there specific commits >> we should use if it’s not just the latest?

Since Sergey's copyright assignment is not complete yet, it's not
commited yet, so you have to pick up the patches from the debian
repository.

It would be interesting to consider dropping the copyright assignment requirement for Hurd/Mach/MiG. For what remains primarily a hobby
project, this looks to me like a hindrance more than anything else.

Ludo’.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Hello!

(Please keep in mind I'm *not* subscribed to debian-hurd@, so I don't
see mail here unless you send it to me explicitly.)

start ext2fs: Hurd server bootstrap: ext2fs[device:hd2s2] exec
startupext2fs: Executing '/hurd/startup': (os/kern) protection failure

Could you help me?

This sounds like what would happen if you updated the Hurd and
gnumach, but not glibc. Since you can't boot the system, you'll have
to boot from an external medium and then either chroot, boot your
system as a subhurd, or ask the outer apt to operate on your system.

Sergey

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)