[kernel] r7011 - in dists/sid/linux-2.6.16/debian: . patches

Martin Michlmayr tbm at costa.debian.org
Sat Jul 15 10:25:09 UTC 2006


Author: tbm
Date: Sat Jul 15 10:25:06 2006
New Revision: 7011

Added:
   dists/sid/linux-2.6.16/debian/patches/2.6.16.25
   dists/sid/linux-2.6.16/debian/patches/relax-proc-fix.patch
Modified:
   dists/sid/linux-2.6.16/debian/changelog
   dists/sid/linux-2.6.16/debian/patches/series/17

Log:
Fix /proc vulnerability (CVE-2006-3626)


Modified: dists/sid/linux-2.6.16/debian/changelog
==============================================================================
--- dists/sid/linux-2.6.16/debian/changelog	(original)
+++ dists/sid/linux-2.6.16/debian/changelog	Sat Jul 15 10:25:06 2006
@@ -17,9 +17,12 @@
   * Add stable release 2.6.16.23:
     - revert PARPORT_SERIAL should depend on SERIAL_8250_PCI patch
     - NETFILTER: SCTP conntrack: fix crash triggered by packet without
-      chunks [CVE-2006-2934]
+      chunks (CVE-2006-2934)
   * Add stable release 2.6.16.24:
     - fix prctl privilege escalation and suid_dumpable (CVE-2006-2451)
+  * Add stable release 2.6.16.25:
+    - Fix nasty /proc vulnerability (CVE-2006-3626)
+  * Relax /proc fix a bit (Linus Torvalds)
 
   * [arm/nslu2] Unset CONFIG_USB_STORAGE_DEBUG.  Closes: #377853.
   * [mips] SGI ip22 RTC was broken, fixed thanks to Julien Blache.

Added: dists/sid/linux-2.6.16/debian/patches/2.6.16.25
==============================================================================
--- (empty file)
+++ dists/sid/linux-2.6.16/debian/patches/2.6.16.25	Sat Jul 15 10:25:06 2006
@@ -0,0 +1,11 @@
+--- a/fs/proc/base.c
++++ b/fs/proc/base.c
+@@ -1366,6 +1366,7 @@ static int pid_revalidate(struct dentry 
+ 		} else {
+ 			inode->i_uid = 0;
+ 			inode->i_gid = 0;
++			inode->i_mode = 0;
+ 		}
+ 		security_task_to_inode(task, inode);
+ 		return 1;
+

Added: dists/sid/linux-2.6.16/debian/patches/relax-proc-fix.patch
==============================================================================
--- (empty file)
+++ dists/sid/linux-2.6.16/debian/patches/relax-proc-fix.patch	Sat Jul 15 10:25:06 2006
@@ -0,0 +1,33 @@
+From: Linus Torvalds <torvalds at g5.osdl.org>
+Date: Sat, 15 Jul 2006 04:48:03 +0000 (-0700)
+Subject: Relax /proc fix a bit
+X-Git-Url: http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=9ee8ab9fbf21e6b87ad227cd46c0a4be41ab749b
+
+Relax /proc fix a bit
+
+Clearign all of i_mode was a bit draconian. We only really care about
+S_ISUID/ISGID, after all.
+
+Signed-off-by: Linus Torvalds <torvalds at osdl.org>
+---
+
+--- a/fs/proc/base.c
++++ b/fs/proc/base.c
+@@ -1338,8 +1338,8 @@ static int pid_revalidate(struct dentry 
+ 		} else {
+ 			inode->i_uid = 0;
+ 			inode->i_gid = 0;
+-			inode->i_mode = 0;
+ 		}
++		inode->i_mode &= ~(S_ISUID | S_ISGID);
+ 		security_task_to_inode(task, inode);
+ 		put_task_struct(task);
+ 		return 1;
+@@ -1390,6 +1390,7 @@ static int tid_fd_revalidate(struct dent
+ 					inode->i_uid = 0;
+ 					inode->i_gid = 0;
+ 				}
++				inode->i_mode &= ~(S_ISUID | S_ISGID);
+ 				security_task_to_inode(task, inode);
+ 				put_task_struct(task);
+ 				return 1;

Modified: dists/sid/linux-2.6.16/debian/patches/series/17
==============================================================================
--- dists/sid/linux-2.6.16/debian/patches/series/17	(original)
+++ dists/sid/linux-2.6.16/debian/patches/series/17	Sat Jul 15 10:25:06 2006
@@ -4,3 +4,5 @@
 + 2.6.16.24
 + mips-ip22-rtcfix.patch
 + mips-ip22-serial-fix.patch
++ 2.6.16.25
++ relax-proc-fix.patch



More information about the Kernel-svn-changes mailing list