[kernel] r9154 - in dists/sid/linux-2.6/debian: . patches/bugfix patches/series
Maximilian Attems
maks at alioth.debian.org
Tue Jul 17 09:29:34 UTC 2007
Author: maks
Date: Tue Jul 17 09:29:33 2007
New Revision: 9154
Log:
2.6.22.1 aka refix CVE-2007-3642
Added:
dists/sid/linux-2.6/debian/patches/bugfix/2.6.22.1
Modified:
dists/sid/linux-2.6/debian/changelog
dists/sid/linux-2.6/debian/patches/series/2
Modified: dists/sid/linux-2.6/debian/changelog
==============================================================================
--- dists/sid/linux-2.6/debian/changelog (original)
+++ dists/sid/linux-2.6/debian/changelog Tue Jul 17 09:29:33 2007
@@ -12,7 +12,12 @@
* Enable INPUT_UINPUT on mac
* Add 2.6.22 patches from linux-m68k CVS
- -- Christian T. Steigies <cts at debian.org> Mon, 16 Jul 2007 23:10:23 +0200
+ [ maximilian attems ]
+ * Add stable release 2.6.22.1:
+ - nf_conntrack_h323: add checking of out-of-range on choices' index values
+ (CVE-2007-3642)
+
+ -- maximilian attems <maks at debian.org> Tue, 17 Jul 2007 11:26:40 +0200
linux-2.6 (2.6.22-1) unstable; urgency=low
Added: dists/sid/linux-2.6/debian/patches/bugfix/2.6.22.1
==============================================================================
--- (empty file)
+++ dists/sid/linux-2.6/debian/patches/bugfix/2.6.22.1 Tue Jul 17 09:29:33 2007
@@ -0,0 +1,14 @@
+diff --git a/net/netfilter/nf_conntrack_proto_sctp.c b/net/netfilter/nf_conntrack_proto_sctp.c
+index 0d3254b..6e41ba5 100644
+--- a/net/netfilter/nf_conntrack_proto_sctp.c
++++ b/net/netfilter/nf_conntrack_proto_sctp.c
+@@ -460,7 +460,8 @@ static int sctp_new(struct nf_conn *conntrack, const struct sk_buff *skb,
+ SCTP_CONNTRACK_NONE, sch->type);
+
+ /* Invalid: delete conntrack */
+- if (newconntrack == SCTP_CONNTRACK_MAX) {
++ if (newconntrack == SCTP_CONNTRACK_NONE ||
++ newconntrack == SCTP_CONNTRACK_MAX) {
+ DEBUGP("nf_conntrack_sctp: invalid new deleting.\n");
+ return 0;
+ }
Modified: dists/sid/linux-2.6/debian/patches/series/2
==============================================================================
--- dists/sid/linux-2.6/debian/patches/series/2 (original)
+++ dists/sid/linux-2.6/debian/patches/series/2 Tue Jul 17 09:29:33 2007
@@ -1 +1,2 @@
+ bugfix/alpha/request_irq-retval.patch
++ bugfix/2.6.22.1
More information about the Kernel-svn-changes
mailing list