r3903 - in
trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian: .
patches patches/series
Simon Horman
horms at costa.debian.org
Tue Aug 16 04:54:47 UTC 2005
Author: horms
Date: 2005-08-16 04:54:46 +0000 (Tue, 16 Aug 2005)
New Revision: 3903
Added:
trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/182_linux-zlib-fixes.diff
Modified:
trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-11
Log:
[Security] Fix security bugs in the Linux zlib implementations.
See CAN-2005-2458, CAN-2005-2459
From 2.6.12.5
http://sources.redhat.com/ml/bug-gnu-utils/1999-06/msg00183.html
http://bugs.gentoo.org/show_bug.cgi?id=94584
Modified: trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
===================================================================
--- trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog 2005-08-16 00:21:17 UTC (rev 3902)
+++ trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog 2005-08-16 04:54:46 UTC (rev 3903)
@@ -23,7 +23,7 @@
Build with gcc-3.3, as gcc-4.0, now the dedault in unstable,
fails to build this source. Upstream has stated that they
have no intention making the 2.4 kernel compile with gcc-4
- (closes: #320256)
+ (closes: #320256, #323318)
* 171_arch-ia64-x86_64-execve-overflow.diff
[Security, ia64, x86_64] Fix overflow in 32bit execve
@@ -60,11 +60,17 @@
isofs ignores any mount parameters after iocharset, map or session.
* 181_arch-x86_64-kernel-stack-faults.diff
- [Security, x86_64] Disable exception stack for stack faults
+ [Security, x86_64] Disable exception stack for stack faults
See CAN-2005-1767
+ * 182_linux-zlib-fixes.diff
+ [Security] Fix security bugs in the Linux zlib implementations.
+ See CAN-2005-2458, CAN-2005-2459
+ From 2.6.12.5
+ http://sources.redhat.com/ml/bug-gnu-utils/1999-06/msg00183.html
+ http://bugs.gentoo.org/show_bug.cgi?id=94584
- -- Simon Horman <horms at debian.org> Mon, 15 Aug 2005 15:18:03 +0900
+ -- Simon Horman <horms at debian.org> Tue, 16 Aug 2005 13:53:08 +0900
kernel-source-2.4.27 (2.4.27-10) unstable; urgency=low
Added: trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/182_linux-zlib-fixes.diff
===================================================================
--- trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/182_linux-zlib-fixes.diff 2005-08-16 00:21:17 UTC (rev 3902)
+++ trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/182_linux-zlib-fixes.diff 2005-08-16 04:54:46 UTC (rev 3903)
@@ -0,0 +1,99 @@
+From security-bounces at linux.kernel.org Mon Jul 25 15:16:42 2005
+Date: Mon, 25 Jul 2005 23:16:13 +0100
+From: Tim Yamin <plasmaroo at gentoo.org>
+To: security at kernel.org
+Subject: [PATCH] Update in-kernel zlib routines (CAN-2005-2458, CAN-2005-2459)
+
+Fix outstanding security bugs in the Linux zlib implementations. See:
+
+a) http://sources.redhat.com/ml/bug-gnu-utils/1999-06/msg00183.html
+CAN-2005-2458
+
+b) http://bugs.gentoo.org/show_bug.cgi?id=94584
+CAN-2005-2459
+
+Signed-off-by: Tim Yamin <plasmaroo at gentoo.org>
+Signed-off-by: Tavis Ormandy <taviso at gentoo.org>
+Signed-off-by: Chris Wright <chrisw at osdl.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
+---
+ arch/ppc64/boot/zlib.c | 3 ++-
+ lib/inflate.c | 16 +++++++++-------
+ lib/zlib_inflate/inftrees.c | 2 +-
+ 3 files changed, 12 insertions(+), 9 deletions(-)
+
+Index: linux-2.6.12.y/lib/inflate.c
+===================================================================
+--- linux-2.6.12.y.orig/lib/inflate.c
++++ linux-2.6.12.y/lib/inflate.c
+@@ -326,7 +326,7 @@ DEBG("huft1 ");
+ {
+ *t = (struct huft *)NULL;
+ *m = 0;
+- return 0;
++ return 2;
+ }
+
+ DEBG("huft2 ");
+@@ -374,6 +374,7 @@ DEBG("huft5 ");
+ if ((j = *p++) != 0)
+ v[x[j]++] = i;
+ } while (++i < n);
++ n = x[g]; /* set n to length of v */
+
+ DEBG("h6 ");
+
+@@ -410,12 +411,13 @@ DEBG1("1 ");
+ DEBG1("2 ");
+ f -= a + 1; /* deduct codes from patterns left */
+ xp = c + k;
+- while (++j < z) /* try smaller tables up to z bits */
+- {
+- if ((f <<= 1) <= *++xp)
+- break; /* enough codes to use up j bits */
+- f -= *xp; /* else deduct codes from patterns */
+- }
++ if (j < z)
++ while (++j < z) /* try smaller tables up to z bits */
++ {
++ if ((f <<= 1) <= *++xp)
++ break; /* enough codes to use up j bits */
++ f -= *xp; /* else deduct codes from patterns */
++ }
+ }
+ DEBG1("3 ");
+ z = 1 << j; /* table entries for j-bit table */
+Index: linux-2.6.12.y/lib/zlib_inflate/inftrees.c
+===================================================================
+--- linux-2.6.12.y.orig/lib/zlib_inflate/inftrees.c
++++ linux-2.6.12.y/lib/zlib_inflate/inftrees.c
+@@ -141,7 +141,7 @@ static int huft_build(
+ {
+ *t = NULL;
+ *m = 0;
+- return Z_OK;
++ return Z_DATA_ERROR;
+ }
+
+
+Index: linux-2.6.12.y/arch/ppc64/boot/zlib.c
+===================================================================
+--- linux-2.6.12.y.orig/arch/ppc64/boot/zlib.c
++++ linux-2.6.12.y/arch/ppc64/boot/zlib.c
+@@ -1307,7 +1307,7 @@ local int huft_build(
+ {
+ *t = (inflate_huft *)Z_NULL;
+ *m = 0;
+- return Z_OK;
++ return Z_DATA_ERROR;
+ }
+
+
+@@ -1351,6 +1351,7 @@ local int huft_build(
+ if ((j = *p++) != 0)
+ v[x[j]++] = i;
+ } while (++i < n);
++ n = x[g]; /* set n to length of v */
+
+
+ /* Generate the Huffman codes and for each, make the table entries */
Modified: trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-11
===================================================================
--- trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-11 2005-08-16 00:21:17 UTC (rev 3902)
+++ trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-11 2005-08-16 04:54:46 UTC (rev 3903)
@@ -14,3 +14,4 @@
+ 179_net-ipv4-netfilter-ip_recent-last_pkts.diff
+ 180_fs-isofs-ignored-parameters.diff
+ 181_arch-x86_64-kernel-stack-faults.diff
++ 182_linux-zlib-fixes.diff
More information about the Kernel-svn-changes
mailing list