[Glibc-bsd-commits] r2579 - in trunk/kfreebsd-7/debian: . patches

Petr Salinger ps-guest at alioth.debian.org
Thu Jun 11 09:49:57 UTC 2009 

Author: ps-guest
Date: 2009-06-11 09:49:57 +0000 (Thu, 11 Jun 2009)
New Revision: 2579

Added:
   trunk/kfreebsd-7/debian/patches/000_ipv6.diff
   trunk/kfreebsd-7/debian/patches/000_pipe.diff
Modified:
   trunk/kfreebsd-7/debian/changelog
   trunk/kfreebsd-7/debian/patches/series
Log:
add patches for FreeBSD-SA-09:09.pipe and FreeBSD-SA-09:10.ipv6



Modified: trunk/kfreebsd-7/debian/changelog
===================================================================
--- trunk/kfreebsd-7/debian/changelog	2009-06-11 09:39:30 UTC (rev 2578)
+++ trunk/kfreebsd-7/debian/changelog	2009-06-11 09:49:57 UTC (rev 2579)
@@ -5,6 +5,10 @@
     The original upstream change in 7.2 prevented 32-bit binaries to work.
     It broke biarch support on kfreebsd-amd64 and whole kfreebsd-i386.
     Closes: #532627.
+  * Fix local information disclosure via direct pipe writes
+    (FreeBSD-SA-09:09.pipe).
+  * Fix missing permission check on SIOCSIFINFO_IN6 ioctl
+    (FreeBSD-SA-09:10.ipv6).
 
  -- Aurelien Jarno <aurel32 at debian.org>  Sun, 31 May 2009 21:35:04 +0200
 

Added: trunk/kfreebsd-7/debian/patches/000_ipv6.diff
===================================================================
--- trunk/kfreebsd-7/debian/patches/000_ipv6.diff	                        (rev 0)
+++ trunk/kfreebsd-7/debian/patches/000_ipv6.diff	2009-06-11 09:49:57 UTC (rev 2579)
@@ -0,0 +1,23 @@
+Index: sys/netinet6/in6.c
+===================================================================
+RCS file: /home/ncvs/src/sys/netinet6/in6.c,v
+retrieving revision 1.109
+diff -p -u -I__FBSDID -I$FreeBSD -u -r1.109 in6.c
+--- a/sys/netinet6/in6.c	27 May 2009 14:11:23 -0000	1.109
++++ b/sys/netinet6/in6.c	8 Jun 2009 18:02:59 -0000
+@@ -215,6 +215,7 @@ in6_control(struct socket *so, u_long cm
+ 	case SIOCSRTRFLUSH_IN6:
+ 	case SIOCSDEFIFACE_IN6:
+ 	case SIOCSIFINFO_FLAGS:
++	case SIOCSIFINFO_IN6:
+ 		if (td != NULL) {
+ 			error = priv_check(td, PRIV_NETINET_ND6);
+ 			if (error)
+@@ -223,7 +224,6 @@ in6_control(struct socket *so, u_long cm
+ 		/* FALLTHROUGH */
+ 	case OSIOCGIFINFO_IN6:
+ 	case SIOCGIFINFO_IN6:
+-	case SIOCSIFINFO_IN6:
+ 	case SIOCGDRLST_IN6:
+ 	case SIOCGPRLST_IN6:
+ 	case SIOCGNBRINFO_IN6:

Added: trunk/kfreebsd-7/debian/patches/000_pipe.diff
===================================================================
--- trunk/kfreebsd-7/debian/patches/000_pipe.diff	                        (rev 0)
+++ trunk/kfreebsd-7/debian/patches/000_pipe.diff	2009-06-11 09:49:57 UTC (rev 2579)
@@ -0,0 +1,16 @@
+Index: sys/kern/sys_pipe.c
+===================================================================
+RCS file: /home/ncvs/src/sys/kern/sys_pipe.c,v
+retrieving revision 1.201
+diff -p -u -I__FBSDID -I$FreeBSD -r1.201 sys_pipe.c
+--- a/sys/kern/sys_pipe.c	10 Mar 2009 21:28:43 -0000	1.201
++++ b/sys/kern/sys_pipe.c	5 Jun 2009 07:53:01 -0000
+@@ -761,6 +761,8 @@ pipe_build_write_buffer(wpipe, uio)
+ 	pmap = vmspace_pmap(curproc->p_vmspace);
+ 	endaddr = round_page((vm_offset_t)uio->uio_iov->iov_base + size);
+ 	addr = trunc_page((vm_offset_t)uio->uio_iov->iov_base);
++	if (endaddr < addr)
++		return (EFAULT);
+ 	for (i = 0; addr < endaddr; addr += PAGE_SIZE, i++) {
+ 		/*
+ 		 * vm_fault_quick() can sleep.  Consequently,

Modified: trunk/kfreebsd-7/debian/patches/series
===================================================================
--- trunk/kfreebsd-7/debian/patches/series	2009-06-11 09:39:30 UTC (rev 2578)
+++ trunk/kfreebsd-7/debian/patches/series	2009-06-11 09:49:57 UTC (rev 2579)
@@ -1,3 +1,5 @@
+000_ipv6.diff
+000_pipe.diff
 001_misc.diff
 003_glibc_dev_aicasm.diff
 004_xargs.diff

More information about the Glibc-bsd-commits mailing list