r4118 - in dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian: . patches patches/series

Thu Sep 1 07:21:36 UTC 2005

Author: horms
Date: 2005-09-01 07:21:35 +0000 (Thu, 01 Sep 2005)
New Revision: 4118

Added:
   dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/zlib-revert-broken-change.dpatch
Modified:
   dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
   dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2
Log:
+  * zlib-revert-broken-change.dpatch
+    [Security] Revert huft_build() function fix
+    From 2.6.12.6
+    See CAN-2005-2459


Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
===================================================================

--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog	2005-09-01 07:21:25 UTC (rev 4117)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog	2005-09-01 07:21:35 UTC (rev 4118)
@@ -4,6 +4,7 @@
   * net-sockglue-cap.dpatch
     [Security] Restrict socket policy loading to CAP_NET_ADMIN.
     See CAN-2005-2555.
+
   * zisofs.diff
     [Security] Check input buffer size in zisofs
     From 2.6.12.5
@@ -11,6 +12,11 @@
     was a security bug. But now it has a CAN number, so its in.
     See CAN-2005-2457
 
+  * zlib-revert-broken-change.dpatch
+    [Security] Revert huft_build() function fix
+    From 2.6.12.6
+    See CAN-2005-2459
+
  -- Simon Horman <horms at debian.org>  Tue, 30 Aug 2005 17:32:47 +0900
 
 kernel-source-2.6.8 (2.6.8-16sarge1) stable-security; urgency=high

Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2
===================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2	2005-09-01 07:21:25 UTC (rev 4117)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2	2005-09-01 07:21:35 UTC (rev 4118)
@@ -1,2 +1,3 @@
 + net-sockglue-cap.dpatch
 + zisofs.diff
++ zlib-revert-broken-change.dpatch

Added: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/zlib-revert-broken-change.dpatch
===================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/zlib-revert-broken-change.dpatch	2005-09-01 07:21:25 UTC (rev 4117)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/zlib-revert-broken-change.dpatch	2005-09-01 07:21:35 UTC (rev 4118)
@@ -0,0 +1,37 @@
+From plasmaroo at gentoo.org  Wed Aug 17 13:19:31 2005
+Date: Wed, 17 Aug 2005 21:19:24 +0100
+Subject: [PATCH] Revert unnecessary zlib_inflate/inftrees.c fix
+
+From: Linus Torvalds <torvalds at osdl.org>
+
+It turns out that empty distance code tables are not an error, and that
+a compressed block with only literals can validly have an empty table
+and should not be flagged as a data error.
+
+Some old versions of gzip had problems with this case, but it does not
+affect the zlib code in the kernel.
+
+Analysis and explanations thanks to Sergey Vlasov <vsu at altlinux.ru>
+
+Cc: Sergey Vlasov <vsu at altlinux.ru>
+Cc: Tavis Ormandy <taviso at gentoo.org>
+Cc: Tim Yamin <plasmaroo at gentoo.org>
+Signed-off-by: Linus Torvalds <torvalds at osdl.org>
+Signed-off-by: Chris Wright <chrisw at osdl.org>
+---
+ lib/zlib_inflate/inftrees.c |    2 +-
+ 1 files changed, 1 insertion(+), 1 deletion(-)
+
+Index: linux-2.6.12.y/lib/zlib_inflate/inftrees.c
+===================================================================
+--- linux-2.6.12.y.orig/lib/zlib_inflate/inftrees.c
++++ linux-2.6.12.y/lib/zlib_inflate/inftrees.c
+@@ -141,7 +141,7 @@ static int huft_build(
+   {
+     *t = NULL;
+     *m = 0;
+-    return Z_DATA_ERROR;
++    return Z_OK;
+   }
+ 
+ 


