[kernel] r6478 - in dists/sid/linux-2.6/debian: . patches
patches/series
maximilian attems
maks-guest at costa.debian.org
Mon Apr 24 23:11:06 UTC 2006
Author: maks-guest
Date: Mon Apr 24 23:11:04 2006
New Revision: 6478
Added:
dists/sid/linux-2.6/debian/patches/2.6.16.11
Modified:
dists/sid/linux-2.6/debian/changelog
dists/sid/linux-2.6/debian/patches/series/10
Log:
add 2.6.16.11
Modified: dists/sid/linux-2.6/debian/changelog
==============================================================================
--- dists/sid/linux-2.6/debian/changelog (original)
+++ dists/sid/linux-2.6/debian/changelog Mon Apr 24 23:11:04 2006
@@ -27,7 +27,11 @@
- 3ware 9000 disable local irqs during kmap_atomic
- 3ware: kmap_atomic() fix
- -- Norbert Tretkowski <nobse at debian.org> Mon, 24 Apr 2006 20:46:11 +0200
+ [ maximilian attems ]
+ * Add stable release 2.6.16.11:
+ - Don't allow a backslash in a path component (CVE-2006-1863)
+
+ -- maximilian attems <maks at sternwelten.at> Tue, 25 Apr 2006 01:07:09 +0200
linux-2.6 (2.6.16-9) unstable; urgency=low
Added: dists/sid/linux-2.6/debian/patches/2.6.16.11
==============================================================================
--- (empty file)
+++ dists/sid/linux-2.6/debian/patches/2.6.16.11 Mon Apr 24 23:11:04 2006
@@ -0,0 +1,25 @@
+diff --git a/fs/cifs/dir.c b/fs/cifs/dir.c
+index fed55e3..5e562bc 100644
+--- a/fs/cifs/dir.c
++++ b/fs/cifs/dir.c
+@@ -441,6 +441,20 @@ cifs_lookup(struct inode *parent_dir_ino
+ cifs_sb = CIFS_SB(parent_dir_inode->i_sb);
+ pTcon = cifs_sb->tcon;
+
++ /*
++ * Don't allow the separator character in a path component.
++ * The VFS will not allow "/", but "\" is allowed by posix.
++ */
++ if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_POSIX_PATHS)) {
++ int i;
++ for (i = 0; i < direntry->d_name.len; i++)
++ if (direntry->d_name.name[i] == '\\') {
++ cFYI(1, ("Invalid file name"));
++ FreeXid(xid);
++ return ERR_PTR(-EINVAL);
++ }
++ }
++
+ /* can not grab the rename sem here since it would
+ deadlock in the cases (beginning of sys_rename itself)
+ in which we already have the sb rename sem */
Modified: dists/sid/linux-2.6/debian/patches/series/10
==============================================================================
--- dists/sid/linux-2.6/debian/patches/series/10 (original)
+++ dists/sid/linux-2.6/debian/patches/series/10 Mon Apr 24 23:11:04 2006
@@ -1,2 +1,3 @@
+ alpha-build-fix.patch
+ 2.6.16.10
++ 2.6.16.11
More information about the Kernel-svn-changes
mailing list