[kernel] r6771 - in dists/sid/linux-2.6/debian: patches patches/series

maximilian attems maks-guest at costa.debian.org
Wed May 31 21:35:24 UTC 2006


Author: maks-guest
Date: Wed May 31 21:35:21 2006
New Revision: 6771

Added:
   dists/sid/linux-2.6/debian/patches/2.6.16.19
Modified:
   dists/sid/linux-2.6/debian/changelog
   dists/sid/linux-2.6/debian/patches/series/15

Log:
add 2.6.16.19


Modified: dists/sid/linux-2.6/debian/changelog
==============================================================================
--- dists/sid/linux-2.6/debian/changelog	(original)
+++ dists/sid/linux-2.6/debian/changelog	Wed May 31 21:35:21 2006
@@ -3,6 +3,8 @@
   [ maximilian attems ]
   * Add stable release 2.6.16.18:
     - NETFILTER: SNMP NAT: fix memory corruption (CVE-2006-2444)
+  * Add stable release 2.6.16.19:
+    - NETFILTER: Fix small information leak in SO_ORIGINAL_DST (CVE-2006-1343)
 
   [ Christian T. Steigies ]
   * [m68k] Add mac via patch from Finn Thain.
@@ -31,7 +33,7 @@
   [ Bastian Blank ]
   * Update vserver patch to 2.0.2-rc21.
 
- -- Bastian Blank <waldi at debian.org>  Fri, 26 May 2006 14:59:27 +0200
+ -- maximilian attems <maks at sternwelten.at>  Wed, 31 May 2006 23:33:19 +0200
 
 linux-2.6 (2.6.16-14) unstable; urgency=low
 

Added: dists/sid/linux-2.6/debian/patches/2.6.16.19
==============================================================================
--- (empty file)
+++ dists/sid/linux-2.6/debian/patches/2.6.16.19	Wed May 31 21:35:21 2006
@@ -0,0 +1,24 @@
+diff --git a/net/ipv4/netfilter/ip_conntrack_core.c b/net/ipv4/netfilter/ip_conntrack_core.c
+index 84c66db..43f6b45 100644
+--- a/net/ipv4/netfilter/ip_conntrack_core.c
++++ b/net/ipv4/netfilter/ip_conntrack_core.c
+@@ -1318,6 +1318,7 @@ getorigdst(struct sock *sk, int optval, 
+ 			.tuple.dst.u.tcp.port;
+ 		sin.sin_addr.s_addr = ct->tuplehash[IP_CT_DIR_ORIGINAL]
+ 			.tuple.dst.ip;
++		memset(sin.sin_zero, 0, sizeof(sin.sin_zero));
+ 
+ 		DEBUGP("SO_ORIGINAL_DST: %u.%u.%u.%u %u\n",
+ 		       NIPQUAD(sin.sin_addr.s_addr), ntohs(sin.sin_port));
+diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
+index 6c8624a..62a0f52 100644
+--- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
++++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
+@@ -354,6 +354,7 @@ getorigdst(struct sock *sk, int optval, 
+ 			.tuple.dst.u.tcp.port;
+ 		sin.sin_addr.s_addr = ct->tuplehash[IP_CT_DIR_ORIGINAL]
+ 			.tuple.dst.u3.ip;
++		memset(sin.sin_zero, 0, sizeof(sin.sin_zero));
+ 
+ 		DEBUGP("SO_ORIGINAL_DST: %u.%u.%u.%u %u\n",
+ 		       NIPQUAD(sin.sin_addr.s_addr), ntohs(sin.sin_port));

Modified: dists/sid/linux-2.6/debian/patches/series/15
==============================================================================
--- dists/sid/linux-2.6/debian/patches/series/15	(original)
+++ dists/sid/linux-2.6/debian/patches/series/15	Wed May 31 21:35:21 2006
@@ -1,3 +1,4 @@
 + 2.6.16.18
 + mips-maxine-compile.patch
 + arm-rpc-initrd.patch
++ 2.6.16.19



More information about the Kernel-svn-changes mailing list