[kernel] r8378 - in dists/etch/linux-2.6/debian: . patches/bugfix patches/series

[Dann Frazier]

Author: dannf
Date: Thu Mar 22 00:05:32 2007
New Revision: 8378

Added:
   dists/etch/linux-2.6/debian/patches/bugfix/ipv6_getsockopt_sticky-null-opt.patch
      - copied unchanged from r8377, dists/etch-security/linux-2.6/debian/patches/bugfix/ipv6_getsockopt_sticky-null-opt.patch
   dists/etch/linux-2.6/debian/patches/bugfix/ipv6_setsockopt-NULL-deref.patch
      - copied unchanged from r8377, dists/etch-security/linux-2.6/debian/patches/bugfix/ipv6_setsockopt-NULL-deref.patch
   dists/etch/linux-2.6/debian/patches/bugfix/keys-serial-num-collision.patch
      - copied unchanged from r8377, dists/etch-security/linux-2.6/debian/patches/bugfix/keys-serial-num-collision.patch
   dists/etch/linux-2.6/debian/patches/bugfix/listxattr-mem-corruption.patch
      - copied unchanged from r8377, dists/etch-security/linux-2.6/debian/patches/bugfix/listxattr-mem-corruption.patch
Modified:
   dists/etch/linux-2.6/debian/changelog
   dists/etch/linux-2.6/debian/patches/series/12
Log:
merge the changes from the etch-security branch as of r8377 - requested by vorlon, in case of potential update prior to 4.0r0

Modified: dists/etch/linux-2.6/debian/changelog
==============================================================================
--- dists/etch/linux-2.6/debian/changelog	(original)
+++ dists/etch/linux-2.6/debian/changelog	Thu Mar 22 00:05:32 2007
@@ -23,7 +23,26 @@
     Thanks to Doug Nazar for the patch and to Daniel J. Priem for testing.
     Closes: #409313.
 
- -- Steve Langasek <vorlon at debian.org>  Mon,  5 Mar 2007 00:25:35 -0800
+  [ dann frazier ]
+  * bugfix/keys-serial-num-collision.patch
+    [SECURITY] Fix the key serial number collision avoidance code in
+    key_alloc_serial() that could lead to a local DoS (oops).
+    (closes: #398470)
+    See CVE-2007-0006
+  * bugfix/ipv6_getsockopt_sticky-null-opt.patch
+    [SECURITY] Fix NULL dereference in ipv6_setsockopt that could lead
+    to a local DoS (oops).
+    See CVE-2007-1388
+  * bugfix/ipv6_getsockopt_sticky-null-opt.patch
+    [SECURITY] Fix kernel memory leak vulnerability in
+    ipv6_getsockopt_sticky() which can be triggered by passing a len < 0.
+    See CVE-2007-1000
+  * bugfix/listxattr-mem-corruption.patch
+    [SECURITY] Fix userspace corruption vulnerability caused by
+    incorrectly promoted return values in bad_inode_ops
+    See CVE-2006-5753
+
+ -- dann frazier <dannf at debian.org>  Wed, 21 Mar 2007 18:03:28 -0600
 
 linux-2.6 (2.6.18.dfsg.1-11) unstable; urgency=low
 

Modified: dists/etch/linux-2.6/debian/patches/series/12
==============================================================================
--- dists/etch/linux-2.6/debian/patches/series/12	(original)
+++ dists/etch/linux-2.6/debian/patches/series/12	Thu Mar 22 00:05:32 2007
@@ -2,3 +2,7 @@
 + bugfix/sparc/eth1394-unaligned-access.patch
 + bugfix/sparc/kenvctrld-cpu-consumption.patch
 + bugfix/sparc/ip_rcv-unaligned-access.patch
++ bugfix/keys-serial-num-collision.patch
++ bugfix/ipv6_setsockopt-NULL-deref.patch
++ bugfix/ipv6_getsockopt_sticky-null-opt.patch
++ bugfix/listxattr-mem-corruption.patch