r4115 - in
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian:
. patches patches/series
Simon Horman
horms at costa.debian.org
Thu Sep 1 07:02:26 UTC 2005
Author: horms
Date: 2005-09-01 07:02:24 +0000 (Thu, 01 Sep 2005)
New Revision: 4115
Added:
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/186_zlib-revert-broken-change.dpatch
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/187_zisofs-2.diff
Removed:
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/183_zisofs.diff
Modified:
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2
Log:
* 187_zisofs-2.diff
[Security] Check input buffer size in zisofs
From 2.6.12.5
Omitted from the previous release, as I wasn't sure that it was a
security bug. But now it has a CAN number, so its in.
See CAN-2005-2457
* 186_zlib-revert-broken-change.dpatch
[Security] Revert huft_build() function fix
From 2.6.12.6
See CAN-2005-2459
Modified: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
===================================================================
--- dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog 2005-09-01 07:00:49 UTC (rev 4114)
+++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog 2005-09-01 07:02:24 UTC (rev 4115)
@@ -4,13 +4,19 @@
* 185_net-sockglue-cap.diff
[Security] Restrict socket policy loading to CAP_NET_ADMIN.
See CAN-2005-2555.
- * 183_zisofs.diff
+
+ * 187_zisofs-2.diff
[Security] Check input buffer size in zisofs
From 2.6.12.5
Omitted from the previous release, as I wasn't sure that it was a
security bug. But now it has a CAN number, so its in.
See CAN-2005-2457
+ * 186_zlib-revert-broken-change.dpatch
+ [Security] Revert huft_build() function fix
+ From 2.6.12.6
+ See CAN-2005-2459
+
-- Simon Horman <horms at debian.org> Tue, 30 Aug 2005 17:16:47 +0900
kernel-source-2.4.27 (2.4.27-10sarge1) stable-security; urgency=high
Deleted: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/183_zisofs.diff
===================================================================
--- dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/183_zisofs.diff 2005-09-01 07:00:49 UTC (rev 4114)
+++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/183_zisofs.diff 2005-09-01 07:02:24 UTC (rev 4115)
@@ -1,99 +0,0 @@
-From security-bounces at linux.kernel.org Mon Jul 25 15:16:42 2005
-Date: Mon, 25 Jul 2005 23:16:13 +0100
-From: Tim Yamin <plasmaroo at gentoo.org>
-To: security at kernel.org
-Subject: [PATCH] Update in-kernel zlib routines (CAN-2005-2458, CAN-2005-2459)
-
-Fix outstanding security bugs in the Linux zlib implementations. See:
-
-a) http://sources.redhat.com/ml/bug-gnu-utils/1999-06/msg00183.html
-CAN-2005-2458
-
-b) http://bugs.gentoo.org/show_bug.cgi?id=94584
-CAN-2005-2459
-
-Signed-off-by: Tim Yamin <plasmaroo at gentoo.org>
-Signed-off-by: Tavis Ormandy <taviso at gentoo.org>
-Signed-off-by: Chris Wright <chrisw at osdl.org>
-Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
----
- arch/ppc64/boot/zlib.c | 3 ++-
- lib/inflate.c | 16 +++++++++-------
- lib/zlib_inflate/inftrees.c | 2 +-
- 3 files changed, 12 insertions(+), 9 deletions(-)
-
-Index: linux-2.6.12.y/lib/inflate.c
-===================================================================
---- linux-2.6.12.y.orig/lib/inflate.c
-+++ linux-2.6.12.y/lib/inflate.c
-@@ -326,7 +326,7 @@ DEBG("huft1 ");
- {
- *t = (struct huft *)NULL;
- *m = 0;
-- return 0;
-+ return 2;
- }
-
- DEBG("huft2 ");
-@@ -374,6 +374,7 @@ DEBG("huft5 ");
- if ((j = *p++) != 0)
- v[x[j]++] = i;
- } while (++i < n);
-+ n = x[g]; /* set n to length of v */
-
- DEBG("h6 ");
-
-@@ -410,12 +411,13 @@ DEBG1("1 ");
- DEBG1("2 ");
- f -= a + 1; /* deduct codes from patterns left */
- xp = c + k;
-- while (++j < z) /* try smaller tables up to z bits */
-- {
-- if ((f <<= 1) <= *++xp)
-- break; /* enough codes to use up j bits */
-- f -= *xp; /* else deduct codes from patterns */
-- }
-+ if (j < z)
-+ while (++j < z) /* try smaller tables up to z bits */
-+ {
-+ if ((f <<= 1) <= *++xp)
-+ break; /* enough codes to use up j bits */
-+ f -= *xp; /* else deduct codes from patterns */
-+ }
- }
- DEBG1("3 ");
- z = 1 << j; /* table entries for j-bit table */
-Index: linux-2.6.12.y/lib/zlib_inflate/inftrees.c
-===================================================================
---- linux-2.6.12.y.orig/lib/zlib_inflate/inftrees.c
-+++ linux-2.6.12.y/lib/zlib_inflate/inftrees.c
-@@ -141,7 +141,7 @@ static int huft_build(
- {
- *t = NULL;
- *m = 0;
-- return Z_OK;
-+ return Z_DATA_ERROR;
- }
-
-
-Index: linux-2.6.12.y/arch/ppc64/boot/zlib.c
-===================================================================
---- linux-2.6.12.y.orig/arch/ppc64/boot/zlib.c
-+++ linux-2.6.12.y/arch/ppc64/boot/zlib.c
-@@ -1307,7 +1307,7 @@ local int huft_build(
- {
- *t = (inflate_huft *)Z_NULL;
- *m = 0;
-- return Z_OK;
-+ return Z_DATA_ERROR;
- }
-
-
-@@ -1351,6 +1351,7 @@ local int huft_build(
- if ((j = *p++) != 0)
- v[x[j]++] = i;
- } while (++i < n);
-+ n = x[g]; /* set n to length of v */
-
-
- /* Generate the Huffman codes and for each, make the table entries */
Added: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/186_zlib-revert-broken-change.dpatch
===================================================================
--- dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/186_zlib-revert-broken-change.dpatch 2005-09-01 07:00:49 UTC (rev 4114)
+++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/186_zlib-revert-broken-change.dpatch 2005-09-01 07:02:24 UTC (rev 4115)
@@ -0,0 +1,37 @@
+From plasmaroo at gentoo.org Wed Aug 17 13:19:31 2005
+Date: Wed, 17 Aug 2005 21:19:24 +0100
+Subject: [PATCH] Revert unnecessary zlib_inflate/inftrees.c fix
+
+From: Linus Torvalds <torvalds at osdl.org>
+
+It turns out that empty distance code tables are not an error, and that
+a compressed block with only literals can validly have an empty table
+and should not be flagged as a data error.
+
+Some old versions of gzip had problems with this case, but it does not
+affect the zlib code in the kernel.
+
+Analysis and explanations thanks to Sergey Vlasov <vsu at altlinux.ru>
+
+Cc: Sergey Vlasov <vsu at altlinux.ru>
+Cc: Tavis Ormandy <taviso at gentoo.org>
+Cc: Tim Yamin <plasmaroo at gentoo.org>
+Signed-off-by: Linus Torvalds <torvalds at osdl.org>
+Signed-off-by: Chris Wright <chrisw at osdl.org>
+---
+ lib/zlib_inflate/inftrees.c | 2 +-
+ 1 files changed, 1 insertion(+), 1 deletion(-)
+
+Index: linux-2.6.12.y/lib/zlib_inflate/inftrees.c
+===================================================================
+--- linux-2.6.12.y.orig/lib/zlib_inflate/inftrees.c
++++ linux-2.6.12.y/lib/zlib_inflate/inftrees.c
+@@ -141,7 +141,7 @@ static int huft_build(
+ {
+ *t = NULL;
+ *m = 0;
+- return Z_DATA_ERROR;
++ return Z_OK;
+ }
+
+
Copied: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/187_zisofs-2.diff (from rev 4100, dists/trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/187_zisofs-2.diff)
Modified: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2
===================================================================
--- dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2 2005-09-01 07:00:49 UTC (rev 4114)
+++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2 2005-09-01 07:02:24 UTC (rev 4115)
@@ -1,2 +1,4 @@
+ 185_net-sockglue-cap.diff
-+ 183_zisofs.diff
++ 186_zlib-revert-broken-change.dpatch
++ 187_zisofs-2.diff
+
More information about the Kernel-svn-changes
mailing list