[kernel] r9342 - in dists/sid/linux-2.6/debian: . patches/bugfix patches/series

Maximilian Attems maks at alioth.debian.org
Tue Aug 21 09:08:41 UTC 2007 

Author: maks
Date: Tue Aug 21 09:08:41 2007
New Revision: 9342

Log:
add stable 2.6.22.4, .5 is pending


Added:
   dists/sid/linux-2.6/debian/patches/bugfix/2.6.22.4
Modified:
   dists/sid/linux-2.6/debian/changelog
   dists/sid/linux-2.6/debian/patches/series/4

Modified: dists/sid/linux-2.6/debian/changelog
==============================================================================
--- dists/sid/linux-2.6/debian/changelog	(original)
+++ dists/sid/linux-2.6/debian/changelog	Tue Aug 21 09:08:41 2007
@@ -113,11 +113,13 @@
     - ata_piix: update map 10b for ich8m
     - CPUFREQ: ondemand: fix tickless accounting and software coordination bug
     - CPUFREQ: ondemand: add a check to avoid negative load calculation
+  * Add stable release 2.6.22.4:
+    - Reset current->pdeath_signal on SUID binary execution (CVE-2007-3848)
 
   [ dann frazier ]
   * [ia64] Restore config cleanup now that its safe to break the ABI
 
- -- dann frazier <dannf at debian.org>  Mon, 20 Aug 2007 16:21:10 -0600
+ -- maximilian attems <maks at debian.org>  Tue, 21 Aug 2007 11:03:41 +0200
 
 linux-2.6 (2.6.22-3) unstable; urgency=low
 

Added: dists/sid/linux-2.6/debian/patches/bugfix/2.6.22.4
==============================================================================
--- (empty file)
+++ dists/sid/linux-2.6/debian/patches/bugfix/2.6.22.4	Tue Aug 21 09:08:41 2007
@@ -0,0 +1,32 @@
+diff --git a/fs/exec.c b/fs/exec.c
+index f20561f..9a93770 100644
+--- a/fs/exec.c
++++ b/fs/exec.c
+@@ -890,9 +890,12 @@ int flush_old_exec(struct linux_binprm * bprm)
+ 	 */
+ 	current->mm->task_size = TASK_SIZE;
+ 
+-	if (bprm->e_uid != current->euid || bprm->e_gid != current->egid || 
+-	    file_permission(bprm->file, MAY_READ) ||
+-	    (bprm->interp_flags & BINPRM_FLAGS_ENFORCE_NONDUMP)) {
++	if (bprm->e_uid != current->euid || bprm->e_gid != current->egid) {
++		suid_keys(current);
++		current->mm->dumpable = suid_dumpable;
++		current->pdeath_signal = 0;
++	} else if (file_permission(bprm->file, MAY_READ) ||
++			(bprm->interp_flags & BINPRM_FLAGS_ENFORCE_NONDUMP)) {
+ 		suid_keys(current);
+ 		current->mm->dumpable = suid_dumpable;
+ 	}
+@@ -983,8 +986,10 @@ void compute_creds(struct linux_binprm *bprm)
+ {
+ 	int unsafe;
+ 
+-	if (bprm->e_uid != current->uid)
++	if (bprm->e_uid != current->uid) {
+ 		suid_keys(current);
++		current->pdeath_signal = 0;
++	}
+ 	exec_keys(current);
+ 
+ 	task_lock(current);

Modified: dists/sid/linux-2.6/debian/patches/series/4
==============================================================================
--- dists/sid/linux-2.6/debian/patches/series/4	(original)
+++ dists/sid/linux-2.6/debian/patches/series/4	Tue Aug 21 09:08:41 2007
@@ -30,3 +30,4 @@
 + bugfix/sparc/sun4u-pci-config-space.patch
 + bugfix/2.6.22.2
 + bugfix/2.6.22.3
++ bugfix/2.6.22.4

More information about the Kernel-svn-changes mailing list