[kernel] r5475 - in
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian:
. patches patches/series
Dann Frazier
dannf at costa.debian.org
Mon Jan 16 23:02:37 UTC 2006
Author: dannf
Date: Mon Jan 16 23:02:36 2006
New Revision: 5475
Added:
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/202_sysctl-buffer-overflow.diff
Modified:
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2
Log:
[SECURITY] SDLA firmware upgrade should require CAP_SYS_RAWIO;
* [SECURITY] Fix a potential overflow in sysctl buffer termination code.
202_sysctl-buffer-overflow.diff
Modified: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
==============================================================================
--- dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog (original)
+++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog Mon Jan 16 23:02:36 2006
@@ -15,7 +15,7 @@
184_arch-x86_64-ia32-ptrace32-oops.diff, included in 2.4.27-10sarge1
* Errata for 2.4.27-8
- [SECURITY] SDLA firmware upgrade should require CAP_SYS_RAWIO;
+ [SECURITY] SDLA firmware upgrade should require CAP_SYS_RAWIO;
Local privelage escalation. See CVE-2006-0096
This was incorrectly annotated in 2.4.27-8 as an overflow
discovered using coverty, which is actually CVE-2004-2607
@@ -90,7 +90,10 @@
a local DoS (crash). See CVE-2005-3783
199_ptrace-fix_self-attach_rule.diff
- -- dann frazier <dannf at debian.org> Sun, 8 Jan 2006 14:07:11 -0700
+ * [SECURITY] Fix a potential overflow in sysctl buffer termination code.
+ 202_sysctl-buffer-overflow.diff
+
+ -- dann frazier <dannf at debian.org> Mon, 16 Jan 2006 15:59:44 -0700
kernel-source-2.4.27 (2.4.27-10sarge1) stable-security; urgency=high
Added: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/202_sysctl-buffer-overflow.diff
==============================================================================
--- (empty file)
+++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/202_sysctl-buffer-overflow.diff Mon Jan 16 23:02:36 2006
@@ -0,0 +1,18 @@
+--- kernel-source-2.4.27/kernel/sysctl.c.orig 2004-08-07 17:26:06.000000000 -0600
++++ kernel-source-2.4.27/kernel/sysctl.c 2006-01-16 15:56:36.000000000 -0700
+@@ -1348,14 +1348,12 @@
+ if (get_user(len, oldlenp))
+ return -EFAULT;
+ if (len) {
+- l = strlen(table->data);
++ l = strlen(table->data)+1;
+ if (len > l) len = l;
+ if (len >= table->maxlen)
+ len = table->maxlen;
+ if(copy_to_user(oldval, table->data, len))
+ return -EFAULT;
+- if(put_user(0, ((char *) oldval) + len))
+- return -EFAULT;
+ if(put_user(len, oldlenp))
+ return -EFAULT;
+ }
Modified: dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2
==============================================================================
--- dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2 (original)
+++ dists/sarge-security/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-10sarge2 Mon Jan 16 23:02:36 2006
@@ -15,3 +15,4 @@
+ 199_net-ipv6-flowlabel-refcnt.diff
+ 200_net_sdla_xfer_leak.diff
+ 201_ptrace-fix_self-attach_rule.diff
++ 202_sysctl-buffer-overflow.diff
More information about the Kernel-svn-changes
mailing list