r3763 - trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian

Simon Horman horms at costa.debian.org
Tue Aug 9 00:41:29 UTC 2005 

Author: horms
Date: 2005-08-09 00:41:28 +0000 (Tue, 09 Aug 2005)
New Revision: 3763

Modified:
   trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
Log:
CAN-2005-2456 annotation

Modified: trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
===================================================================
--- trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog	2005-08-09 00:37:27 UTC (rev 3762)
+++ trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog	2005-08-09 00:41:28 UTC (rev 3763)
@@ -1,148 +1,126 @@
 kernel-source-2.6.8 (2.6.8-17) UNRELEASED; urgency=low
 
-  [ Simon Horman ]
+  [ Dann Frazier ]
   * mckinley_icache.dpatch:
     Fix a cache coherency bug unearthed by a new ia64 processor, codenamed
     Montecito.  This bug causes data corruption that has manifested itself
     in kernel hangs and userspace crashes, and causes d-i to fail.
     Reference: http://www.intel.com/cd/ids/developer/asmo-na/eng/215766.htm
-    (Dann Frazier)
 
+  [ Simon Horman ]
   * drivers-net-via-rhine-wol-oops.dpatch (removed):
     This patch breaks the via-rhine driver and 2.6.8 and is
     completely bogus for this version of the kernel
-    (Simon Horman) (closes: #311357)
+    (closes: #311357)
 
   * arch-x86_64-kernel-ptrace-boundary-check.dpatch
     [Security, x86_64] Don't allow accesses below register frame in ptrace
     See CAN-2005-1763.
-    (Simon Horman)
 
   * arch-x86_64-kernel-ptrace-canonical-rip-1.dpatch
     [Security, x86_64] This works around an AMD Erratum by
     checking if the ptrace RIP is canonical.
     See CAN-2005-1762
-    (Simon Horman)
 
   * arch-x86_64-kernel-ptrace-canonical-rip-2.dpatch
     [Security, x86_64] Fix canonical checking for segment registers in ptrace
     See CAN-2005-0756
-    (Simon Horman)
 
   * arch-x86_64-kernel-smp-boot-race.dpatch
     [Security, x86_64] Keep interrupts disabled during smp bootup
     This avoids a race that breaks SMP bootup on some machines.
-    (Simon Horman)
 
   * arch-x86_64-mm-ioremap-page-lookup.dpatch
     [Security, x86_64] Don't look up struct page pointer of physical address
     in iounmap as it may be in a memory hole not mapped in mem_map and that
     causes the hash lookup to go off to nirvana.
-    (Simon Horman)
 
   * drivers-media-vidio-bttv-vc100xp-detect.dpatch
     Allow Leadtek WinFast VC100 XP cards to work.
-    (Simon Horman)
 
   * fs-exec-ptrace-core-exec-race.dpatch
     [Security] Fix race between core dumping and exec with shared mm
-    (Simon Horman)
 
   * fs-exec-ptrace-deadlock.dpatch
     [Security] Fix coredump_wait deadlock with ptracer & tracee on shared mm
-    (Simon Horman)
 
   * fs-exec-posix-timers-leak-1.dpatch,
     [Security] fs-exec-posix-timers-leak-2.dpatch
     Make exec clean up posix timers.
-    (Simon Horman)
 
   * fs-hfs-oops-and-leak.dpatch
     Fix a leak in HFS and HFS+
     Fix an oops that occurs when an attempt is made to
     mount a non-hfs filesystem as HFS+.
-    (Simon Horman)
 
   * fs-jbd-checkpoint-assertion.dpatch
     Fix possible false assertion failure in log_do_checkpoint(). We might fail
     to detect that we actually made a progress when cleaning up the checkpoint
     lists if we don't retry after writing something to disk.
-    (Simon Horman)
 
   * mm-mmap-range-test.dpatch
     [Security] Make sure get_unmapped_area sanity tests are done regardless of
     wheater MAP_FIXED is set or not.
     See CAN-2005-1265
-    (Simon Horman)
 
   * mm-rmap-out-of-bounds-pte.dpatch
     Stop try_to_unmap_cluster() passing out-of-bounds pte to pte_unmap()
-    (Simon Horman)
 
   * net-bridge-netfilter-etables-smp-race.dpatch
     [Security] The patch below fixes an smp race that happens on such
     systems under heavy load.
-    (Simon Horman)
 
   * net-bridge-mangle-oops-1.dpatch, net-bridge-mangle-oops-2.dpatch
     Fix oops when mangling and brouting and tcpdumping packets
     Needed for net-bridge-forwarding-poison-1.dpatch
-    (Simon Horman)
 
   * net-bridge-forwarding-poison-2.dpatch,
     net-bridge-forwarding-poison-2.dpatch:
     [Security] Avoid poisoning of the bridge forwarding table by frames that
     have been dropped by filtering. This prevents spoofed source addresses on
     hostile side of bridge from causing packet leakage, a small but possible
-    security risk. (Simon Horman)
+    security risk.
 
   * net-ipv4-netfilter-ip_queue-deadlock.dpatch
     Fix deadlock with ip_queue and tcp local input path.
-    (Simon Horman)
 
   * [Security] net-rose-ndigis-verify.dpatch
     Verify ndigis argument of a new route.
-    (Simon Horman)
 
   * sound-usb-usbaudio-unplug-oops.dpatch
     Prevent oops & dead keyboard on usb unplugging while the device is being
     used.
-    (Simon Horman)
 
   * net-ipv4-ipvs-conn_tab-race.dpatch
     [Security] Fix race condition on ip_vs_conn_tab list modification
-    (Simon Horman)
 
   * asm-i386-mem-clobber.dpatch:
     Make sure gcc doesn't reorder memory accesses in strncmp and friends on
     i386.
-    (Simon Horman)
 
   * drivers-acpi-pci_irq-elcr.dpatch:
     Make sure we call acpi_register_gsi() even for default PCI interrupt
     assignment. That's the part that keeps track of the ELCR register, and we
     want to make sure that the PCI interrupts are properly marked level/low.
-    (Simon Horman)
 
   * asm-i386-mem-clobber.dpatch:
     Make sure netlink_autobind() propagates the error return from
     netlink_insert().  Otherwise, callers will not see the error as they
     should and thus try to operate on a socket with a zero pid, which is very
     bad.
-    (Simon Horman)
 
   * fs-ext3-64bit-offset.dpatch
     [Security] Incorrect offset checks for ext3 xattr on 64 bit architectures
     an lead to a local DoS.
-    See CAN-2005-0757. (see: #311164). (Simon Horman)
+    See CAN-2005-0757. (see: #311164).
 
   * arch-x86_64-mm-mmap.dpatch
     [Security, x86_64] Compat mode program can hang kernel
-    See CAN-2005-1765. (Simon Horman)
+    See CAN-2005-1765.
 
   * arch-ia64-ptrace-getregs-putregs.dpatch
     [Security, ia64] Fix unchecked user-memory accesses in ptrage_getregs()
-    and ptrace_setregs. (Simon Horman)
+    and ptrace_setregs.
 
   * arch-ia64-ptrace-restore_sigcontext.dpatch
     [Security, ia64] Fix to prevent users from using ptrace to set the pl field
@@ -150,7 +128,7 @@
     ability to overwrite kernel memory.
     Note, this patch requires the arch-ia64-ptrace-getregs-putregs.dpatch
     patch to apply cleanly.
-    See CAN-2005-1761. (Simon Horman)
+    See CAN-2005-1761.
 
   * Makefile-gcc-3.3.dpatch, control
     Build with gcc-3.3, as gcc-4.0, now the dedault in unstable,
@@ -158,7 +136,6 @@
     intended for use with sarge, there seems little point
     in putting in gcc-4.0 fixes, but at the same time,
     there is some value in being able to use it with unstable.
-    (Simon Horman)
 
   * Merge in applicable fixes from 2.6.12.3
      - ppc32-time_offset-misuse.dpatch
@@ -169,7 +146,7 @@
   * Merge in applicable fixes from 2.6.12.4
      - netfilter-NAT-memory-corruption.dpatch
      - netfilter-deadlock-ip6_queue.dpatch
-     - ipsec-array-overflow.dpatch
+     - [Security] ipsec-array-overflow.dpatch See CAN-2005-2456 (See: #321401)
      - netfilter-ip_conntrack_untracked-refcount.dpatch
      - sys_get_thread_area-leak.dpatch
      - rocket_c-fix-ldisc-ref-count.dpatch

More information about the Kernel-svn-changes mailing list