[kernel] r5301 - patch-tracking
Dann Frazier
dannf at costa.debian.org
Fri Jan 6 05:32:42 UTC 2006
Author: dannf
Date: Fri Jan 6 05:32:38 2006
New Revision: 5301
Modified:
patch-tracking/CVE-2003-0464
Log:
include link to patch; note that this is N/A for 2.6
Modified: patch-tracking/CVE-2003-0464
==============================================================================
--- patch-tracking/CVE-2003-0464 (original)
+++ patch-tracking/CVE-2003-0464 Fri Jan 6 05:32:38 2006
@@ -7,12 +7,19 @@
which could allow local users to bind to UDP ports that are used by privileged
services such as nfsd.
Notes:
+ I couldn't locate the patches RedHat & SuSE used, but Connectiva apparently
+ just #if 0'd out the sock->sk->reuse = 1; line in svcsock.c:svc_create_socket.
+ Upstream didn't disable it altogether; just for UDP
+ http://linux.bkbits.net:8080/linux-2.4/cset@3f1bdcc9r8An_GKkjlXeHBYDYOY11A?nav=index.html|src/|src/net|src/net/sunrpc|related/net/sunrpc/svcsock.c
+ I'm guessing this is a UDP-only problem, so that is probably the fix we want.
+ .
+ This fix was in before 2.6.0.
Bugs:
upstream: released (2.4.22-pre8)
-linux-2.6:
-2.6.8-sarge-security:
+linux-2.6: N/A
+2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
-2.6.8:
+2.6.8: N/A
2.4.19-woody-security:
2.4.18-woody-security:
2.4.17-woody-security:
More information about the Kernel-svn-changes
mailing list