r3783 - in
trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian: .
patches patches/series
Simon Horman
horms at costa.debian.org
Tue Aug 9 09:39:14 UTC 2005
Author: horms
Date: 2005-08-09 09:39:13 +0000 (Tue, 09 Aug 2005)
New Revision: 3783
Added:
trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/178_fs_ext2_ext3_xattr-sharing.diff
Modified:
trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-11
Log:
[Security] Xattr sharing bug
Modified: trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
===================================================================
--- trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog 2005-08-09 09:13:12 UTC (rev 3782)
+++ trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog 2005-08-09 09:39:13 UTC (rev 3783)
@@ -37,7 +37,6 @@
* 174_net-ipv4-netfilter-nat-mem.diff
Fix potential memory corruption in NAT code (aka memory NAT)
- (Simon Horman)
* 175-net-ipv6-netfilter-deadlock.diff
Fix deadlock in ip6_queue
@@ -49,8 +48,12 @@
* 177_rocket_c-fix-ldisc-ref-count.diff
Fix ldisc ref count handling in rocketport driver
- -- Simon Horman <horms at debian.org> Tue, 9 Aug 2005 15:01:20 +0900
+ * 178_fs_ext2_ext3_xattr-sharing.diff
+ [Security] Xattr sharing bug
+ See http://lists.debian.org/debian-kernel/2005/08/msg00238.html
+ -- Simon Horman <horms at debian.org> Tue, 9 Aug 2005 18:32:45 +0900
+
kernel-source-2.4.27 (2.4.27-10) unstable; urgency=low
* 155_net-bluetooth-signdness-fix.diff:
Added: trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/178_fs_ext2_ext3_xattr-sharing.diff
===================================================================
--- trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/178_fs_ext2_ext3_xattr-sharing.diff 2005-08-09 09:13:12 UTC (rev 3782)
+++ trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/178_fs_ext2_ext3_xattr-sharing.diff 2005-08-09 09:39:13 UTC (rev 3783)
@@ -0,0 +1,27 @@
+# Source: Andreas Gruenbacher agruen at suse.de
+# Desritiption: [Security] Long-standing xattr sharing bug
+# Upstream: Included
+# Revision Date: Tue, 09 Aug 2005 18:30:56 +0900
+# Ref: http://acl.bestbits.at/pipermail/acl-devel/2005-February/001848.html
+# Ref: http://www.novell.com/linux/security/advisories/2005_18_kernel.html
+# Ref: http://lists.debian.org/debian-kernel/2005/08/msg00238.html
+--- fs/ext2/xattr.c.orig 2005-08-09 17:59:44.000000000 +0900
++++ fs/ext2/xattr.c 2005-08-09 17:59:46.000000000 +0900
+@@ -977,6 +977,7 @@
+ if (IS_LAST_ENTRY(entry2))
+ return 1;
+ if (entry1->e_hash != entry2->e_hash ||
++ entry1->e_name_index != entry2->e_name_index ||
+ entry1->e_name_len != entry2->e_name_len ||
+ entry1->e_value_size != entry2->e_value_size ||
+ memcmp(entry1->e_name, entry2->e_name, entry1->e_name_len))
+--- fs/ext3/xattr.c.orig 2005-08-09 17:58:31.000000000 +0900
++++ fs/ext3/xattr.c 2005-08-09 17:58:50.000000000 +0900
+@@ -1025,6 +1025,7 @@
+ if (IS_LAST_ENTRY(entry2))
+ return 1;
+ if (entry1->e_hash != entry2->e_hash ||
++ entry1->e_name_index != entry2->e_name_index ||
+ entry1->e_name_len != entry2->e_name_len ||
+ entry1->e_value_size != entry2->e_value_size ||
+ memcmp(entry1->e_name, entry2->e_name, entry1->e_name_len))
Modified: trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-11
===================================================================
--- trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-11 2005-08-09 09:13:12 UTC (rev 3782)
+++ trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-11 2005-08-09 09:39:13 UTC (rev 3783)
@@ -10,3 +10,4 @@
+ 175-net-ipv6-netfilter-deadlock.diff
+ 176_ipsec-array-overflow.diff
+ 177_rocket_c-fix-ldisc-ref-count.diff
++ 178_fs_ext2_ext3_xattr-sharing.diff
More information about the Kernel-svn-changes
mailing list