[kernel] r5664 - in
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian:
. patches patches/series
Dann Frazier
dannf at costa.debian.org
Wed Feb 1 05:48:16 UTC 2006
Author: dannf
Date: Wed Feb 1 05:48:13 2006
New Revision: 5664
Added:
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/sparc64-clock-settime.dpatch
Modified:
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2
Log:
* sparc64-clock-settime.dpatch
[SECURITY] Remove unnecessary sign-extension in compat_sys_clock_settime,
fixing a DoS vulnerability on sparc systems.
See CVE-2006-0482
Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
==============================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog (original)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog Wed Feb 1 05:48:13 2006
@@ -1,4 +1,4 @@
-kernel-source-2.6.8 (2.6.8-16sarge2) UNRELEASED; urgency=low
+kernel-source-2.6.8 (2.6.8-16sarge2) stable-security; urgency=high
[ Simon Horman ]
* net-sockglue-cap.dpatch
@@ -173,8 +173,13 @@
* sysctl-buffer-overflow.dpatch:
[SECURITY] Fix a potential overflow in sysctl buffer termination code.
See CVE-2005-4618
+
+ * sparc64-clock-settime.dpatch
+ [SECURITY] Remove unnecessary sign-extension in compat_sys_clock_settime,
+ fixing a DoS vulnerability on sparc systems.
+ See CVE-2006-0482
- -- dann frazier <dannf at debian.org> Mon, 16 Jan 2006 15:52:11 -0700
+ -- dann frazier <dannf at debian.org> Tue, 31 Jan 2006 22:45:22 -0700
kernel-source-2.6.8 (2.6.8-16sarge1) stable-security; urgency=high
Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2
==============================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2 (original)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge2 Wed Feb 1 05:48:13 2006
@@ -32,3 +32,4 @@
+ io_edgeport_overflow.dpatch
+ mqueue-double-increment.dpatch
+ sysctl-buffer-overflow.dpatch
++ sparc64-clock-settime.dpatch
Added: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/sparc64-clock-settime.dpatch
==============================================================================
--- (empty file)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/sparc64-clock-settime.dpatch Wed Feb 1 05:48:13 2006
@@ -0,0 +1,23 @@
+diff -urN kernel-source-2.6.8-2.6.8.orig/arch/sparc64/kernel/sys32.S kernel-source-2.6.8-2.6.8/arch/sparc64/kernel/sys32.S
+--- kernel-source-2.6.8-2.6.8.orig/arch/sparc64/kernel/sys32.S 2006-01-31 22:37:41.000000000 -0700
++++ kernel-source-2.6.8-2.6.8/arch/sparc64/kernel/sys32.S 2006-01-31 22:38:59.000000000 -0700
+@@ -84,7 +84,6 @@
+ SIGN2(sys32_bdflush, sys_bdflush, %o0, %o1)
+ SIGN1(sys32_mlockall, sys_mlockall, %o0)
+ SIGN1(sys32_nfsservctl, compat_sys_nfsservctl, %o0)
+-SIGN1(sys32_clock_settime, compat_clock_settime, %o1)
+ SIGN1(sys32_clock_nanosleep, compat_clock_nanosleep, %o1)
+ SIGN1(sys32_timer_settime, compat_timer_settime, %o1)
+ SIGN1(sys32_io_submit, compat_sys_io_submit, %o1)
+diff -urN kernel-source-2.6.8-2.6.8.orig/arch/sparc64/kernel/systbls.S kernel-source-2.6.8-2.6.8/arch/sparc64/kernel/systbls.S
+--- kernel-source-2.6.8-2.6.8.orig/arch/sparc64/kernel/systbls.S 2004-08-13 23:36:56.000000000 -0600
++++ kernel-source-2.6.8-2.6.8/arch/sparc64/kernel/systbls.S 2006-01-31 22:41:14.000000000 -0700
+@@ -71,7 +71,7 @@
+ /*240*/ .word sys_munlockall, sys32_sched_setparam, sys32_sched_getparam, sys32_sched_setscheduler, sys32_sched_getscheduler
+ .word sys_sched_yield, sys32_sched_get_priority_max, sys32_sched_get_priority_min, sys32_sched_rr_get_interval, compat_sys_nanosleep
+ /*250*/ .word sys32_mremap, sys32_sysctl, sys32_getsid, sys_fdatasync, sys32_nfsservctl
+- .word sys_ni_syscall, sys32_clock_settime, compat_clock_gettime, compat_clock_getres, sys32_clock_nanosleep
++ .word sys_ni_syscall, compat_sys_clock_settime, compat_sys_clock_gettime, compat_sys_clock_getres, sys32_clock_nanosleep
+ /*260*/ .word compat_sys_sched_getaffinity, compat_sys_sched_setaffinity, sys32_timer_settime, compat_timer_gettime, sys_timer_getoverrun
+ .word sys_timer_delete, sys32_timer_create, sys_ni_syscall, compat_sys_io_setup, sys_io_destroy
+ /*270*/ .word sys32_io_submit, sys_io_cancel, compat_sys_io_getevents, sys32_mq_open, sys_mq_unlink
More information about the Kernel-svn-changes
mailing list