[kernel] r7029 - in dists/trunk/linux-2.6/debian: . patches/series

Bastian Blank waldi at costa.debian.org
Sat Jul 15 19:49:33 UTC 2006 

Author: waldi
Date: Sat Jul 15 19:49:32 2006
New Revision: 7029

Added:
   dists/trunk/linux-2.6/debian/patches/2.6.17.5   (contents, props changed)
   dists/trunk/linux-2.6/debian/patches/2.6.17.6   (contents, props changed)
   dists/trunk/linux-2.6/debian/patches/series/4
Modified:
   dists/trunk/linux-2.6/debian/changelog

Log:
* Add stable release 2.6.17.5.
* Add stable release 2.6.17.6.

* debian/changelog: Update.
* debian/patches/series/4
  - Add 2.6.17.5.
  - Add 2.6.17.6.
* debian/patches/2.6.17.5, debian/patches/2.6.17.6: Add.


Modified: dists/trunk/linux-2.6/debian/changelog
==============================================================================
--- dists/trunk/linux-2.6/debian/changelog	(original)
+++ dists/trunk/linux-2.6/debian/changelog	Sat Jul 15 19:49:32 2006
@@ -1,3 +1,12 @@
+linux-2.6 (2.6.17-4) UNRELEASED; urgency=low
+
+  * Add stable release 2.6.17.5:
+    - Fix nasty /proc vulnerability (CVE-2006-3626)
+  * Add stable release 2.6.17.6:
+    - Relax /proc fix a bit
+
+ -- Bastian Blank <waldi at debian.org>  Sat, 15 Jul 2006 21:46:05 +0200
+
 linux-2.6 (2.6.17-3) unstable; urgency=low
 
   [ maximilian attems ]
@@ -33,8 +42,6 @@
   * Fix README.Debian: Correct svn location, remove old boot param bswap
     reference, the asfs patch is in the Debian kernel. Remove reference to
     AMD 768 erratum 10, it was solved in 2.6.12. Add wording corrections.
-  * Add 686-bigmem flavour with CONFIG_HIGHMEM64G=y and CONFIG_X86_PAE=y.
-    Set deadline as default iosched and CONFIG_NR_CPUS=32. (closes: 295680)
   * Set CONFIG_SERIAL_8250_RN_UARTS=16 for all archs beside mips/m68k unless
     explicitly set on a specific value. (closes: 377151)
   * Add stable release 2.6.17.4:

Added: dists/trunk/linux-2.6/debian/patches/2.6.17.5
==============================================================================
--- (empty file)
+++ dists/trunk/linux-2.6/debian/patches/2.6.17.5	Sat Jul 15 19:49:32 2006
@@ -0,0 +1,12 @@
+diff --git a/fs/proc/base.c b/fs/proc/base.c
+index 6cc77dc..5a8b89a 100644
+--- a/fs/proc/base.c
++++ b/fs/proc/base.c
+@@ -1404,6 +1404,7 @@ static int pid_revalidate(struct dentry 
+ 		} else {
+ 			inode->i_uid = 0;
+ 			inode->i_gid = 0;
++			inode->i_mode = 0;
+ 		}
+ 		security_task_to_inode(task, inode);
+ 		return 1;

Added: dists/trunk/linux-2.6/debian/patches/2.6.17.6
==============================================================================
--- (empty file)
+++ dists/trunk/linux-2.6/debian/patches/2.6.17.6	Sat Jul 15 19:49:32 2006
@@ -0,0 +1,22 @@
+diff --git a/fs/proc/base.c b/fs/proc/base.c
+index 5a8b89a..f801693 100644
+--- a/fs/proc/base.c
++++ b/fs/proc/base.c
+@@ -1404,8 +1404,8 @@ static int pid_revalidate(struct dentry 
+ 		} else {
+ 			inode->i_uid = 0;
+ 			inode->i_gid = 0;
+-			inode->i_mode = 0;
+ 		}
++		inode->i_mode &= ~(S_ISUID | S_ISGID);
+ 		security_task_to_inode(task, inode);
+ 		return 1;
+ 	}
+@@ -1433,6 +1433,7 @@ static int tid_fd_revalidate(struct dent
+ 				inode->i_uid = 0;
+ 				inode->i_gid = 0;
+ 			}
++			inode->i_mode &= ~(S_ISUID | S_ISGID);
+ 			security_task_to_inode(task, inode);
+ 			return 1;
+ 		}

Added: dists/trunk/linux-2.6/debian/patches/series/4
==============================================================================
--- (empty file)
+++ dists/trunk/linux-2.6/debian/patches/series/4	Sat Jul 15 19:49:32 2006
@@ -0,0 +1,2 @@
++ 2.6.17.5
++ 2.6.17.6

More information about the Kernel-svn-changes mailing list