[kernel] r7259 - in
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian:
patches patches/series
Dann Frazier
dannf at costa.debian.org
Tue Aug 29 05:17:45 UTC 2006
Author: dannf
Date: Tue Aug 29 05:17:44 2006
New Revision: 7259
Added:
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/230_sctp-priv-elevation-2.diff
Modified:
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge4
Log:
* 228_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff
Modified: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
==============================================================================
--- dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog (original)
+++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog Tue Aug 29 05:17:44 2006
@@ -25,14 +25,14 @@
* 227_kfree_skb.diff
[SECURITY] Fix race between kfree_skb and __skb_unlink
See CVE-2006-2446
- * 228_sctp-priv-elevation.diff
+ * 228_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff
[SECURITY] Fix SCTP privelege escalation
See CVE-2006-3745
* 229_udf-deadlock.diff
[SECURITY] Fix possible UDF deadlock and memory corruption
See CVE-2006-4145
- -- dann frazier <dannf at debian.org> Sun, 27 Aug 2006 18:05:54 -0600
+ -- dann frazier <dannf at debian.org> Mon, 28 Aug 2006 23:16:42 -0600
kernel-source-2.4.27 (2.4.27-10sarge3) stable-security; urgency=high
Added: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/230_sctp-priv-elevation-2.diff
==============================================================================
--- (empty file)
+++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/230_sctp-priv-elevation-2.diff Tue Aug 29 05:17:44 2006
@@ -0,0 +1,37 @@
+From: Sridhar Samudrala <sri at us.ibm.com>
+Date: Mon, 28 Aug 2006 20:53:01 +0000 (-0700)
+Subject: [SCTP]: Fix sctp_primitive_ABORT() call in sctp_close().
+X-Git-Url: http://www.kernel.org/git/?p=linux/kernel/git/davem/net-2.6.git;a=commitdiff;h=e12289f0bc673dabb22be32d2df54b0ebfc7cf2b
+
+[SCTP]: Fix sctp_primitive_ABORT() call in sctp_close().
+
+With the recent fix, the callers of sctp_primitive_ABORT()
+need to create an ABORT chunk and pass it as an argument rather
+than msghdr that was passed earlier.
+
+Signed-off-by: Sridhar Samudrala <sri at us.ibm.com>
+Signed-off-by: David S. Miller <davem at davemloft.net>
+---
+
+Backported to Debian's 2.4.27 by dann frazier <dannf at debian.org>
+
+diff -urpN kernel-source-2.4.27-2.4.27.orig/net/sctp/socket.c kernel-source-2.4.27-2.4.27/net/sctp/socket.c
+--- kernel-source-2.4.27-2.4.27.orig/net/sctp/socket.c 2006-08-28 23:09:09.204792250 -0600
++++ kernel-source-2.4.27-2.4.27/net/sctp/socket.c 2006-08-28 23:06:47.947964250 -0600
+@@ -912,9 +912,13 @@ SCTP_STATIC void sctp_close(struct sock
+ sctp_unhash_established(asoc);
+ sctp_association_free(asoc);
+
+- } else if (sk->linger && !sk->sk_lingertime)
+- sctp_primitive_ABORT(asoc, NULL);
+- else
++ } else if (sk->linger && !sk->sk_lingertime) {
++ struct sctp_chunk *chunk;
++
++ chunk = sctp_make_abort_user(asoc, NULL, 0);
++ if (chunk)
++ sctp_primitive_ABORT(asoc, NULL);
++ } else
+ sctp_primitive_SHUTDOWN(asoc, NULL);
+ } else
+ sctp_primitive_SHUTDOWN(asoc, NULL);
Modified: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge4
==============================================================================
--- dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge4 (original)
+++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge4 Tue Aug 29 05:17:44 2006
@@ -5,3 +5,4 @@
+ 227_kfree_skb.diff
+ 228_sctp-priv-elevation.diff
+ 229_udf-deadlock.diff
++ 230_sctp-priv-elevation-2.diff
More information about the Kernel-svn-changes
mailing list