[Glibc-bsd-commits] r5405 - in branches/wheezy/kfreebsd-8/debian: . patches
stevenc-guest at alioth.debian.org
stevenc-guest at alioth.debian.org
Fri Jan 31 03:37:57 UTC 2014
Author: stevenc-guest
Date: 2014-01-31 03:37:56 +0000 (Fri, 31 Jan 2014)
New Revision: 5405
Added:
branches/wheezy/kfreebsd-8/debian/patches/SA-13_09.ip_multicast.diff
Modified:
branches/wheezy/kfreebsd-8/debian/changelog
branches/wheezy/kfreebsd-8/debian/patches/SA-13_10.sctp.diff
branches/wheezy/kfreebsd-8/debian/patches/series
Log:
Split out patch which was already applied by mistake:
* Apply upstream SA-13_09.ip_multicast patch (CVE-2013-3077).
(Closes: #720470)
Modified: branches/wheezy/kfreebsd-8/debian/changelog
===================================================================
--- branches/wheezy/kfreebsd-8/debian/changelog 2014-01-31 03:16:42 UTC (rev 5404)
+++ branches/wheezy/kfreebsd-8/debian/changelog 2014-01-31 03:37:56 UTC (rev 5405)
@@ -5,6 +5,8 @@
(Closes: #717959)
[ Steven Chamberlain ]
+ * Apply upstream SA-13_09.ip_multicast patch (CVE-2013-3077).
+ (Closes: #720470)
* Apply upstream SA-13_10.sctp patch (CVE-2013-5209).
(Closes: #720476)
* Apply upstream SA-13_12.ifioctl patch (CVE-2013-5691).
Added: branches/wheezy/kfreebsd-8/debian/patches/SA-13_09.ip_multicast.diff
===================================================================
--- branches/wheezy/kfreebsd-8/debian/patches/SA-13_09.ip_multicast.diff (rev 0)
+++ branches/wheezy/kfreebsd-8/debian/patches/SA-13_09.ip_multicast.diff 2014-01-31 03:37:56 UTC (rev 5405)
@@ -0,0 +1,31 @@
+Description:
+ Fix an integer overflow in computing the size of a temporary buffer
+ can result in a buffer which is too small for the requested
+ operation. [13:09] (CVE-2013-3077)
+Origin: vendor, http://security.FreeBSD.org/patches/SA-13:09/ip_multicast.patch
+Bug: http://www.freebsd.org/security/advisories/FreeBSD-SA-13:09.ip_multicast.asc
+Bug-Debian: http://bugs.debian.org/720470
+Applied-Upstream: http://svnweb.freebsd.org/base?view=revision&revision=254629
+
+--- kfreebsd-8-8.3.orig/sys/netinet/in_mcast.c
++++ kfreebsd-8-8.3/sys/netinet/in_mcast.c
+@@ -1613,6 +1613,8 @@
+ * has asked for, but we always tell userland how big the
+ * buffer really needs to be.
+ */
++ if (msfr.msfr_nsrcs > in_mcast_maxsocksrc)
++ msfr.msfr_nsrcs = in_mcast_maxsocksrc;
+ tss = NULL;
+ if (msfr.msfr_srcs != NULL && msfr.msfr_nsrcs > 0) {
+ tss = malloc(sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs,
+--- kfreebsd-8-8.3.orig/sys/netinet6/in6_mcast.c
++++ kfreebsd-8-8.3/sys/netinet6/in6_mcast.c
+@@ -1624,6 +1624,8 @@
+ * has asked for, but we always tell userland how big the
+ * buffer really needs to be.
+ */
++ if (msfr.msfr_nsrcs > in6_mcast_maxsocksrc)
++ msfr.msfr_nsrcs = in6_mcast_maxsocksrc;
+ tss = NULL;
+ if (msfr.msfr_srcs != NULL && msfr.msfr_nsrcs > 0) {
+ tss = malloc(sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs,
Modified: branches/wheezy/kfreebsd-8/debian/patches/SA-13_10.sctp.diff
===================================================================
--- branches/wheezy/kfreebsd-8/debian/patches/SA-13_10.sctp.diff 2014-01-31 03:16:42 UTC (rev 5404)
+++ branches/wheezy/kfreebsd-8/debian/patches/SA-13_10.sctp.diff 2014-01-31 03:37:56 UTC (rev 5405)
@@ -6,17 +6,6 @@
Bug-Debian: http://bugs.debian.org/720476
Applied-Upstream: http://svnweb.freebsd.org/base?view=revision&revision=254632
---- kfreebsd-8-8.3.orig/sys/netinet/in_mcast.c
-+++ kfreebsd-8-8.3/sys/netinet/in_mcast.c
-@@ -1613,6 +1613,8 @@
- * has asked for, but we always tell userland how big the
- * buffer really needs to be.
- */
-+ if (msfr.msfr_nsrcs > in_mcast_maxsocksrc)
-+ msfr.msfr_nsrcs = in_mcast_maxsocksrc;
- tss = NULL;
- if (msfr.msfr_srcs != NULL && msfr.msfr_nsrcs > 0) {
- tss = malloc(sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs,
--- kfreebsd-8-8.3.orig/sys/netinet/sctp_output.c
+++ kfreebsd-8-8.3/sys/netinet/sctp_output.c
@@ -5456,6 +5456,14 @@
@@ -34,14 +23,3 @@
/* the time I built cookie */
(void)SCTP_GETTIME_TIMEVAL(&stc.time_entered);
---- kfreebsd-8-8.3.orig/sys/netinet6/in6_mcast.c
-+++ kfreebsd-8-8.3/sys/netinet6/in6_mcast.c
-@@ -1624,6 +1624,8 @@
- * has asked for, but we always tell userland how big the
- * buffer really needs to be.
- */
-+ if (msfr.msfr_nsrcs > in6_mcast_maxsocksrc)
-+ msfr.msfr_nsrcs = in6_mcast_maxsocksrc;
- tss = NULL;
- if (msfr.msfr_srcs != NULL && msfr.msfr_nsrcs > 0) {
- tss = malloc(sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs,
Modified: branches/wheezy/kfreebsd-8/debian/patches/series
===================================================================
--- branches/wheezy/kfreebsd-8/debian/patches/series 2014-01-31 03:16:42 UTC (rev 5404)
+++ branches/wheezy/kfreebsd-8/debian/patches/series 2014-01-31 03:37:56 UTC (rev 5405)
@@ -14,6 +14,7 @@
SCTP_DOS_svn239447.diff
SA-12_08.linux.patch
SA-13_08.nfsserver.diff
+SA-13_09.ip_multicast.diff
SA-13_10.sctp.diff
SA-13_12.ifioctl.diff
SA-13_13.nullfs.diff
More information about the Glibc-bsd-commits
mailing list