[kernel] r8424 - in dists/etch/linux-2.6/debian: .
patches/bugfix/all/vserver patches/series
Dann Frazier
dannf at alioth.debian.org
Fri Apr 6 19:24:03 UTC 2007
Author: dannf
Date: Fri Apr 6 19:24:02 2007
New Revision: 8424
Added:
dists/etch/linux-2.6/debian/patches/bugfix/all/vserver/net-mount-fix.patch
Modified:
dists/etch/linux-2.6/debian/changelog
dists/etch/linux-2.6/debian/patches/series/13-extra
Log:
* bugfix/all/vserver/net-mount-fix.patch
Fix mounting of network filesystems with VX_BINARY_MOUNT caps
(closes: #418076)
Modified: dists/etch/linux-2.6/debian/changelog
==============================================================================
--- dists/etch/linux-2.6/debian/changelog (original)
+++ dists/etch/linux-2.6/debian/changelog Fri Apr 6 19:24:02 2007
@@ -17,8 +17,11 @@
[SECURITY] Fix a vulnerability that allows local users to read
otherwise unreadable (but executable) files by triggering a core dump.
See CVE-2007-0958
+ * bugfix/all/vserver/net-mount-fix.patch
+ Fix mounting of network filesystems with VX_BINARY_MOUNT caps
+ (closes: #418076)
- -- dann frazier <dannf at debian.org> Wed, 04 Apr 2007 01:38:23 -0600
+ -- dann frazier <dannf at debian.org> Fri, 06 Apr 2007 13:16:08 -0600
linux-2.6 (2.6.18.dfsg.1-12) unstable; urgency=low
Added: dists/etch/linux-2.6/debian/patches/bugfix/all/vserver/net-mount-fix.patch
==============================================================================
--- (empty file)
+++ dists/etch/linux-2.6/debian/patches/bugfix/all/vserver/net-mount-fix.patch Fri Apr 6 19:24:02 2007
@@ -0,0 +1,12 @@
+diff -NurpP --minimal linux-2.6.18.5-vs2.0.2.2-rc9/fs/super.c linux-2.6.18.5-vs2.0.3-rc1/fs/super.c
+--- linux-2.6.18.5-vs2.0.2.2-rc9/fs/super.c 2006-09-20 17:59:47 +0200
++++ linux-2.6.18.5-vs2.0.3-rc1/fs/super.c 2006-12-13 23:06:16 +0100
+@@ -848,7 +848,7 @@ vfs_kern_mount(struct file_system_type *
+
+ sb = mnt->mnt_sb;
+ error = -EPERM;
+- if (!capable(CAP_SYS_ADMIN) && !sb->s_bdev &&
++ if (!vx_capable(CAP_SYS_ADMIN, VXC_BINARY_MOUNT) && !sb->s_bdev &&
+ (sb->s_magic != PROC_SUPER_MAGIC) &&
+ (sb->s_magic != DEVPTS_SUPER_MAGIC))
+ goto out_sb;
Modified: dists/etch/linux-2.6/debian/patches/series/13-extra
==============================================================================
--- dists/etch/linux-2.6/debian/patches/series/13-extra (original)
+++ dists/etch/linux-2.6/debian/patches/series/13-extra Fri Apr 6 19:24:02 2007
@@ -1,2 +1,3 @@
+ bugfix/all/vserver/cacct-overflow.patch *_vserver *_xen-vserver
+ bugfix/all/vserver/locks.patch *_vserver *_xen-vserver
++ bugfix/all/vserver/net-mount-fix.patch *_vserver *_xen-vserver
More information about the Kernel-svn-changes
mailing list