[kernel] r4777 - people/dannf/patchinfo

Thu Nov 10 07:31:44 UTC 2005

Author: dannf
Date: Thu Nov 10 07:31:42 2005
New Revision: 4777

Added:
   people/dannf/patchinfo/CAN-2005-2555
      - copied, changed from r4774, people/dannf/patchinfo/00boilerplate
Modified:
   people/dannf/patchinfo/00boilerplate
   people/dannf/patchinfo/CAN-2005-2457
   people/dannf/patchinfo/CAN-2005-2459
   people/dannf/patchinfo/fix-dst-leak-in-icmp_push_reply
   people/dannf/patchinfo/nptl-signal-delivery-deadlock-fix
Log:
various updates

Modified: people/dannf/patchinfo/00boilerplate
==============================================================================

--- people/dannf/patchinfo/00boilerplate	(original)
+++ people/dannf/patchinfo/00boilerplate	Thu Nov 10 07:31:42 2005
@@ -4,9 +4,9 @@
 Notes: 
 Bugs: 
 upstream: 
-2.6.14: pending
-2.6.8-sarge-security: released (2.6.8-16sarge1) [patchname.patch, prerequisite.dpatch, prerequisite2.dpatch]
-2.4.27-sarge-security: needed
+2.6.14: 
+2.6.8-sarge-security: 
+2.4.27-sarge-security: 
 2.6.8: 
 2.4.19-woody-security: 
 2.4.18-woody-security: 

Modified: people/dannf/patchinfo/CAN-2005-2457
==============================================================================
--- people/dannf/patchinfo/CAN-2005-2457	(original)
+++ people/dannf/patchinfo/CAN-2005-2457	Thu Nov 10 07:31:42 2005
@@ -1,12 +1,6 @@
 Candidate: CAN-2005-2457
 References: 
- URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2457
- Final-Decision:
- Interim-Decision:
- Modified:
- Proposed:
- Assigned: 20050804
- Category: SF
+ URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2457
  CONFIRM:http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5
  UBUNTU:USN-169-1
  URL:http://www.ubuntulinux.org/support/documentation/usn/usn-169-1
@@ -23,9 +17,9 @@
 2.6.13: N/A
 2.6.12: released (2.6.12-3) [linux-2.6.12.5.patch]
 2.6.8-sarge: pending [zisofs.dpatch]
-2.6.8-sarge-security: pending [zisofs.diff]
+2.6.8-sarge-security: pending (2.6.8-16sarge2) [zisofs.diff]
 2.4.27-sid/sarge: pending [187_zisofs-2.diff]
-2.4.27-sarge-security: pending [187_zisofs-2.diff]
+2.4.27-sarge-security: pending (2.4.27-10sarge2) [187_zisofs-2.diff]
 2.6.14: 
 2.6.8: 
 2.4.19-woody-security: 

Modified: people/dannf/patchinfo/CAN-2005-2459
==============================================================================
--- people/dannf/patchinfo/CAN-2005-2459	(original)
+++ people/dannf/patchinfo/CAN-2005-2459	Thu Nov 10 07:31:42 2005
@@ -1,12 +1,6 @@
 Candidate: CAN-2005-2459
 References: 
  URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2459
- Final-Decision:
- Interim-Decision:
- Modified:
- Proposed:
- Assigned: 20050805
- Category: SF
  MISC:http://bugs.gentoo.org/show_bug.cgi?id=94584
  CONFIRM:http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5
  UBUNTU:USN-169-1
@@ -22,13 +16,14 @@
 Notes: 
  This is a bogus fix that was applied in 2.6.12.5 and reverted in 2.6.12.6
  http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.6
+ We included the broken fix in the sarge1 releases, so this backs it out.
 upstream: released (2.6.12.6)
 2.6.13: N/A
 2.6.12: N/A
 2.6.8-sarge: N/A
-2.6.8-sarge-security: N/A
+2.6.8-sarge-security: pending (2.6.8-16sarge2)
 2.4.27-sid/sarge: N/A
-2.4.27-sarge-security: N/A
+2.4.27-sarge-security: ending (2.6.8-16sarge2)
 2.6.14: 
 2.6.8: 
 2.4.19-woody-security: 

Copied: people/dannf/patchinfo/CAN-2005-2555 (from r4774, people/dannf/patchinfo/00boilerplate)
==============================================================================
--- people/dannf/patchinfo/00boilerplate	(original)
+++ people/dannf/patchinfo/CAN-2005-2555	Thu Nov 10 07:31:42 2005
@@ -1,12 +1,17 @@
-Candidate: 
+Candidate: CAN-2005-2555
 References: 
+ URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2555
 Description: 
+ Linux kernel 2.6.x does not properly restrict socket policy access to users
+ with the CAP_NET_ADMIN capability, which could allow local users to conduct
+ unauthorized activities via (1) ipv4/ip_sockglue.c and
+ (2) ipv6/ipv6_sockglue.c.
 Notes: 
 Bugs: 
-upstream: 
+upstream: released (2.6.13)
 2.6.14: pending
-2.6.8-sarge-security: released (2.6.8-16sarge1) [patchname.patch, prerequisite.dpatch, prerequisite2.dpatch]
-2.4.27-sarge-security: needed
+2.6.8-sarge-security: pending (2.6.8-16sarge2)
+2.4.27-sarge-security: pending (2.4.27-10sarge2)
 2.6.8: 
 2.4.19-woody-security: 
 2.4.18-woody-security: 

Modified: people/dannf/patchinfo/fix-dst-leak-in-icmp_push_reply
==============================================================================
--- people/dannf/patchinfo/fix-dst-leak-in-icmp_push_reply	(original)
+++ people/dannf/patchinfo/fix-dst-leak-in-icmp_push_reply	Thu Nov 10 07:31:42 2005
@@ -1,20 +1,29 @@
 Candidate: ##NEEDED##
 References: 
- URL:
- CONFIRM:http://lkml.org/lkml/2005/8/26/173
+ CONFIRM:http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=cb94c62c252796f42bb83fe40960d12f3ea5a82a
+ MISC:http://lkml.org/lkml/2005/8/26/173
 Description: 
-upstream: released (2.6.12.6)
+ Ollie Wild discovered a leak in the icmp_push_reply() function in Linux 2.6,
+ in which an ignored error returned by ip_append_data() would result in the
+ route and net_device not being freed.  A malicious remote user could exploit
+ this in order to initiate a denial of service attack.  This issue was fixed
+ in Linux 2.6.12.6 and 2.6.13.
+Notes:
+ This code looks completely different in 2.4; neither ip_append_data() (the
+ function that returns an error) nor icmp_push_reply() (the function that fails
+ to check this error) exist.  So, I'm marking 2.4 as unaffected.
+upstream: released (2.6.12.6, 2.6.13)
 2.6.13: 
 2.6.12: 
 2.6.8-sarge: 
 2.6.8-sarge-security: pending [fix-dst-leak-in-icmp_push_reply.dpatch]
-2.4.27-sid/sarge: 
-2.4.27-sarge-security: 
+2.4.27-sid/sarge: N/A
+2.4.27-sarge-security: N/A
 2.6.14: 
 2.6.8: 
-2.4.19-woody-security: 
-2.4.18-woody-security: 
-2.4.17-woody-security: 
-2.4.16-woody-security: 
-2.4.17-woody-security-hppa: 
-2.4.17-woody-security-ia64: 
+2.4.19-woody-security: N/A
+2.4.18-woody-security: N/A
+2.4.17-woody-security: N/A
+2.4.16-woody-security: N/A
+2.4.17-woody-security-hppa: N/A
+2.4.17-woody-security-ia64: N/A

Modified: people/dannf/patchinfo/nptl-signal-delivery-deadlock-fix
==============================================================================
--- people/dannf/patchinfo/nptl-signal-delivery-deadlock-fix	(original)
+++ people/dannf/patchinfo/nptl-signal-delivery-deadlock-fix	Thu Nov 10 07:31:42 2005
@@ -2,6 +2,7 @@
 References:
  CONFIRM:http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=dd12f48d4e8774415b528d3991ae47c28f26e1ac;hp=ade6648b3b11a5d81f6f28135193ab6d85d621db
  MISC:http://groups.google.com/group/linux.kernel/browse_thread/thread/74683bcc8dbf0df3/bf540370894d3de0%23bf540370894d3de0?sa=X&oi=groupsr&start=0&num=3
+ MISC:http://svn.debian.org/wsvn/kernel/dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/nptl-signal-delivery-deadlock-fix.dpatch?op=file&rev=4458&sc=0
 Description:
  Bhavesh P. Davda reported a race condition that exists in Linux 2.6 kernels prior to
  2.6.13 and 2.6.12.6.  A deadlock can occur when a SIGKILL signal is sent to a real-time

