r4650 - dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series dists/sid/linux-2.6/debian/patches-debian people/horms/patch_notes/cve

Dann Frazier dannf at costa.debian.org
Mon Oct 24 21:03:05 UTC 2005 

Author: dannf
Date: 2005-10-24 21:03:02 +0000 (Mon, 24 Oct 2005)
New Revision: 4650

Added:
   dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/195_net-ipv6-udp_v6_get_port-loop.diff
   dists/sid/linux-2.6/debian/patches-debian/mempolicy-check-mode.patch
   people/horms/patch_notes/cve/195_net-ipv6-udp_v6_get_port-loop.diff
Modified:
   dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
   dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2
   people/horms/patch_notes/cve/net-ipv6-udp_v6_get_port-loop.patch
Log:
incorporate net-ipv6-udp_v6_get_port-loop patch (aka CAN-2005-2973) into 2.4.27
and update status


Modified: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
===================================================================
--- dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog	2005-10-24 20:39:00 UTC (rev 4649)
+++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog	2005-10-24 21:03:02 UTC (rev 4650)
@@ -40,8 +40,11 @@
      CAN-NOMATCH
      Links in Patch file
 
+  [ dann frazier ]
+  * 195_net-ipv6-udp_v6_get_port-loop.diff
+    [SECURITY] Fix infinite loop in udp_v6_get_port().  See CVE-2005-2973
 
- -- Simon Horman <horms at debian.org>  Fri, 14 Oct 2005 16:28:37 +0900
+ -- dann frazier <dannf at debian.org>  Mon, 24 Oct 2005 13:36:59 -0600
 
 kernel-source-2.4.27 (2.4.27-10sarge1) stable-security; urgency=high
 

Copied: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/195_net-ipv6-udp_v6_get_port-loop.diff (from rev 4647, dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/net-ipv6-udp_v6_get_port-loop.dpatch)

Modified: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2
===================================================================
--- dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2	2005-10-24 20:39:00 UTC (rev 4649)
+++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2	2005-10-24 21:03:02 UTC (rev 4650)
@@ -4,3 +4,4 @@
 + 192_orinoco-info-leak.diff
 + 193_plug-names_cache-memleak.diff
 + 194_xfs-inode-race.diff
++ 195_net-ipv6-udp_v6_get_port-loop.diff

Copied: dists/sid/linux-2.6/debian/patches-debian/mempolicy-check-mode.patch (from rev 4294, dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/mempolicy-check-mode.dpatch)

Added: people/horms/patch_notes/cve/195_net-ipv6-udp_v6_get_port-loop.diff
===================================================================
--- people/horms/patch_notes/cve/195_net-ipv6-udp_v6_get_port-loop.diff	2005-10-24 20:39:00 UTC (rev 4649)
+++ people/horms/patch_notes/cve/195_net-ipv6-udp_v6_get_port-loop.diff	2005-10-24 21:03:02 UTC (rev 4650)
@@ -0,0 +1 @@
+link net-ipv6-udp_v6_get_port-loop.patch
\ No newline at end of file


Property changes on: people/horms/patch_notes/cve/195_net-ipv6-udp_v6_get_port-loop.diff
___________________________________________________________________
Name: svn:special
   + *

Modified: people/horms/patch_notes/cve/net-ipv6-udp_v6_get_port-loop.patch
===================================================================
--- people/horms/patch_notes/cve/net-ipv6-udp_v6_get_port-loop.patch	2005-10-24 20:39:00 UTC (rev 4649)
+++ people/horms/patch_notes/cve/net-ipv6-udp_v6_get_port-loop.patch	2005-10-24 21:03:02 UTC (rev 4650)
@@ -7,8 +7,7 @@
  Fix infinite loop in udp_v6_get_port().
 
 Bug:
-fixed-upstream:
-2.6.13:
-2.6.12:
-2.6.8-sarge-security:
-2.4.27-sarge-security:
+fixed-upstream: pending (2.6.14-rc4)
+2.6.13: released (2.6.13+2.6.14-rc4-0experimental.1)
+2.6.8-sarge-security: pending (2.6.8-16sarge2)
+2.4.27-sarge-security: pending (2.4.27-10sarge2)

More information about the Kernel-svn-changes mailing list