[kernel] r13414 - in dists/etch-security/linux-2.6/debian: . patches/bugfix/all patches/series

Dann Frazier dannf at alioth.debian.org
Mon Apr 13 01:31:03 UTC 2009 

Author: dannf
Date: Mon Apr 13 01:31:02 2009
New Revision: 13414

Log:
* af_rose/x25: Sanity check the maximum user frame size
   - bugfix/all/af_rose+x25-sanity-check-the-max-user-frame-size.patch
  See CVE-2009-1265

Added:
   dists/etch-security/linux-2.6/debian/patches/bugfix/all/af_rose+x25-sanity-check-the-max-user-frame-size.patch
      - copied, changed from r13406, dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/af_rose+x25-sanity-check-the-max-user-frame-size.patch
Modified:
   dists/etch-security/linux-2.6/debian/changelog
   dists/etch-security/linux-2.6/debian/patches/series/24etch1

Modified: dists/etch-security/linux-2.6/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6/debian/changelog	Mon Apr 13 01:26:46 2009	(r13413)
+++ dists/etch-security/linux-2.6/debian/changelog	Mon Apr 13 01:31:02 2009	(r13414)
@@ -44,6 +44,9 @@
   * copy_process: fix CLONE_PARENT && parent_exec_id interaction
      - bugfix/all/copy_process-fix-CLONE_PARENT-and-parent_exec_id-interaction.patch
     See CVE-2009-0028
+  * af_rose/x25: Sanity check the maximum user frame size
+     - bugfix/all/af_rose+x25-sanity-check-the-max-user-frame-size.patch
+    See CVE-2009-1265
 
  -- dann frazier <dannf at debian.org>  Tue, 24 Feb 2009 23:49:22 -0700
 

Copied and modified: dists/etch-security/linux-2.6/debian/patches/bugfix/all/af_rose+x25-sanity-check-the-max-user-frame-size.patch (from r13406, dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/af_rose+x25-sanity-check-the-max-user-frame-size.patch)
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/af_rose+x25-sanity-check-the-max-user-frame-size.patch	Sun Apr 12 22:42:16 2009	(r13406, copy source)
+++ dists/etch-security/linux-2.6/debian/patches/bugfix/all/af_rose+x25-sanity-check-the-max-user-frame-size.patch	Mon Apr 13 01:31:02 2009	(r13414)
@@ -11,12 +11,12 @@
     Signed-off-by: Alan Cox <alan at lxorguk.ukuu.org.uk>
     Signed-off-by: David S. Miller <davem at davemloft.net>
 
-Adjusted to apply to Debian's 2.6.24 by dann frazier <dannf at debian.org>
+Adjusted to apply to Debian's 2.6.18 by dann frazier <dannf at debian.org>
 
 diff -urpN a/net/netrom/af_netrom.c b/net/netrom/af_netrom.c
---- a/net/netrom/af_netrom.c	2008-01-24 15:58:37.000000000 -0700
-+++ b/net/netrom/af_netrom.c	2009-04-07 23:56:09.000000000 -0600
-@@ -1074,7 +1074,11 @@ static int nr_sendmsg(struct kiocb *iocb
+--- a/net/netrom/af_netrom.c	2006-09-19 21:42:06.000000000 -0600
++++ b/net/netrom/af_netrom.c	2009-04-12 19:28:16.000000000 -0600
+@@ -1066,7 +1066,11 @@ static int nr_sendmsg(struct kiocb *iocb
  
  	SOCK_DEBUG(sk, "NET/ROM: sendto: Addresses built.\n");
  
@@ -30,9 +30,9 @@
  	size = len + NR_NETWORK_LEN + NR_TRANSPORT_LEN;
  
 diff -urpN a/net/rose/af_rose.c b/net/rose/af_rose.c
---- a/net/rose/af_rose.c	2008-01-24 15:58:37.000000000 -0700
-+++ b/net/rose/af_rose.c	2009-04-07 23:56:09.000000000 -0600
-@@ -1100,6 +1100,10 @@ static int rose_sendmsg(struct kiocb *io
+--- a/net/rose/af_rose.c	2006-09-19 21:42:06.000000000 -0600
++++ b/net/rose/af_rose.c	2009-04-12 19:28:16.000000000 -0600
+@@ -1069,6 +1069,10 @@ static int rose_sendmsg(struct kiocb *io
  
  	/* Build a packet */
  	SOCK_DEBUG(sk, "ROSE: sendto: building packet.\n");
@@ -44,9 +44,9 @@
  
  	if ((skb = sock_alloc_send_skb(sk, size, msg->msg_flags & MSG_DONTWAIT, &err)) == NULL)
 diff -urpN a/net/x25/af_x25.c b/net/x25/af_x25.c
---- a/net/x25/af_x25.c	2008-01-24 15:58:37.000000000 -0700
-+++ b/net/x25/af_x25.c	2009-04-07 23:56:09.000000000 -0600
-@@ -1042,6 +1042,12 @@ static int x25_sendmsg(struct kiocb *ioc
+--- a/net/x25/af_x25.c	2006-09-19 21:42:06.000000000 -0600
++++ b/net/x25/af_x25.c	2009-04-12 19:28:16.000000000 -0600
+@@ -1019,6 +1019,12 @@ static int x25_sendmsg(struct kiocb *ioc
  		sx25.sx25_addr   = x25->dest_addr;
  	}
  

Modified: dists/etch-security/linux-2.6/debian/patches/series/24etch1
==============================================================================
--- dists/etch-security/linux-2.6/debian/patches/series/24etch1	Mon Apr 13 01:26:46 2009	(r13413)
+++ dists/etch-security/linux-2.6/debian/patches/series/24etch1	Mon Apr 13 01:31:02 2009	(r13414)
@@ -74,3 +74,4 @@
 + bugfix/syscall-audit-fix-32+64-syscall-hole.patch
 + bugfix/all/shm-fix-shmctl-SHM_INFO-lockup-without-CONFIG_SHMEM.patch
 + bugfix/all/copy_process-fix-CLONE_PARENT-and-parent_exec_id-interaction.patch
++ bugfix/all/af_rose+x25-sanity-check-the-max-user-frame-size.patch

More information about the Kernel-svn-changes mailing list