[kernel] r13519 - in dists/etch-security/linux-2.6.24/debian: . patches/bugfix/all patches/series
Dann Frazier
dannf at alioth.debian.org
Wed Apr 29 07:09:15 UTC 2009
Author: dannf
Date: Wed Apr 29 07:09:13 2009
New Revision: 13519
Log:
cifs: Fix memory overwrite when saving nativeFileSystem field during mount
(CVE-2009-1439)
Added:
dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/cifs-fix-buffer-size-for-tcon-nativeFileSystem-field.patch
- copied, changed from r13464, dists/lenny-security/linux-2.6/debian/patches/bugfix/all/cifs-fix-buffer-size-for-tcon-nativeFileSystem-field.patch
dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/cifs-fix-memory-overwrite-when-saving-nativeFileSystem-field-during-mount.patch
- copied, changed from r13464, dists/lenny-security/linux-2.6/debian/patches/bugfix/all/cifs-fix-memory-overwrite-when-saving-nativeFileSystem-field-during-mount.patch
dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/cifs-remove-unneeded-bcc_ptr-update-in-CIFSTCon.patch
- copied, changed from r13464, dists/lenny-security/linux-2.6/debian/patches/bugfix/all/cifs-remove-unneeded-bcc_ptr-update-in-CIFSTCon.patch
Modified:
dists/etch-security/linux-2.6.24/debian/changelog
dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.8etch1
Modified: dists/etch-security/linux-2.6.24/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/changelog Tue Apr 28 14:57:51 2009 (r13518)
+++ dists/etch-security/linux-2.6.24/debian/changelog Wed Apr 29 07:09:13 2009 (r13519)
@@ -1,4 +1,4 @@
-linux-2.6.24 (2.6.24-6~etchnhalf.8etch1) UNRELEASED; urgency=high
+linux-2.6.24 (2.6.24-6~etchnhalf.8etch1) oldstable-security; urgency=high
* Fix DoS when calling svc_listen twice on the same socket while reading
/proc/net/atm/*vc (CVE-2008-5079)
@@ -29,8 +29,10 @@
* exit_notify: kill the wrong capable(CAP_KILL) check (CVE-2009-1337)
* Make 'kill sig -1' only apply to caller's namespace (CVE-2009-1338)
* agp: zero pages before sending to userspace (CVE-2009-1192)
+ * cifs: Fix memory overwrite when saving nativeFileSystem field during mount
+ (CVE-2009-1439)
- -- dann frazier <dannf at debian.org> Tue, 24 Feb 2009 23:25:36 -0700
+ -- dann frazier <dannf at debian.org> Wed, 29 Apr 2009 01:03:37 -0600
linux-2.6.24 (2.6.24-6~etchnhalf.8) stable; urgency=high
Copied and modified: dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/cifs-fix-buffer-size-for-tcon-nativeFileSystem-field.patch (from r13464, dists/lenny-security/linux-2.6/debian/patches/bugfix/all/cifs-fix-buffer-size-for-tcon-nativeFileSystem-field.patch)
==============================================================================
--- dists/lenny-security/linux-2.6/debian/patches/bugfix/all/cifs-fix-buffer-size-for-tcon-nativeFileSystem-field.patch Tue Apr 21 04:48:26 2009 (r13464, copy source)
+++ dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/cifs-fix-buffer-size-for-tcon-nativeFileSystem-field.patch Wed Apr 29 07:09:13 2009 (r13519)
@@ -16,12 +16,12 @@
Signed-off-by: Jeff Layton <jlayton at redhat.com>
Signed-off-by: Steve French <sfrench at us.ibm.com>
-Adjusted to apply to Debian's 2.6.26 by dann frazier <dannf at debian.org>
+Adjusted to apply to Debian's 2.6.24 by dann frazier <dannf at debian.org>
-diff -urpN linux-source-2.6.26.orig/fs/cifs/connect.c linux-source-2.6.26/fs/cifs/connect.c
---- linux-source-2.6.26.orig/fs/cifs/connect.c 2009-04-20 21:58:14.000000000 -0600
-+++ linux-source-2.6.26/fs/cifs/connect.c 2009-04-20 22:06:23.000000000 -0600
-@@ -3466,16 +3466,13 @@ CIFSTCon(unsigned int xid, struct cifsSe
+diff -urpN linux-source-2.6.24.orig/fs/cifs/connect.c linux-source-2.6.24/fs/cifs/connect.c
+--- linux-source-2.6.24.orig/fs/cifs/connect.c 2009-04-29 00:57:48.000000000 -0600
++++ linux-source-2.6.24/fs/cifs/connect.c 2009-04-29 00:59:27.000000000 -0600
+@@ -3421,16 +3421,13 @@ CIFSTCon(unsigned int xid, struct cifsSe
BCC(smb_buffer_response)) {
kfree(tcon->nativeFileSystem);
tcon->nativeFileSystem =
Copied and modified: dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/cifs-fix-memory-overwrite-when-saving-nativeFileSystem-field-during-mount.patch (from r13464, dists/lenny-security/linux-2.6/debian/patches/bugfix/all/cifs-fix-memory-overwrite-when-saving-nativeFileSystem-field-during-mount.patch)
==============================================================================
--- dists/lenny-security/linux-2.6/debian/patches/bugfix/all/cifs-fix-memory-overwrite-when-saving-nativeFileSystem-field-during-mount.patch Tue Apr 21 04:48:26 2009 (r13464, copy source)
+++ dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/cifs-fix-memory-overwrite-when-saving-nativeFileSystem-field-during-mount.patch Wed Apr 29 07:09:13 2009 (r13519)
@@ -13,12 +13,12 @@
CC: Stable <stable at kernel.org>
Signed-off-by: Steve French <sfrench at us.ibm.com>
-Adjusted to apply to Debian's 2.6.26 by dann frazier <dannf at debian.org>
+Adjusted to apply to Debian's 2.6.24 by dann frazier <dannf at debian.org>
-diff -urpN linux-source-2.6.26.orig/fs/cifs/connect.c linux-source-2.6.26/fs/cifs/connect.c
---- linux-source-2.6.26.orig/fs/cifs/connect.c 2008-07-13 15:51:29.000000000 -0600
-+++ linux-source-2.6.26/fs/cifs/connect.c 2009-04-20 21:58:14.000000000 -0600
-@@ -3466,7 +3466,7 @@ CIFSTCon(unsigned int xid, struct cifsSe
+diff -urpN linux-source-2.6.24.orig/fs/cifs/connect.c linux-source-2.6.24/fs/cifs/connect.c
+--- linux-source-2.6.24.orig/fs/cifs/connect.c 2008-01-24 15:58:37.000000000 -0700
++++ linux-source-2.6.24/fs/cifs/connect.c 2009-04-29 00:57:48.000000000 -0600
+@@ -3421,7 +3421,7 @@ CIFSTCon(unsigned int xid, struct cifsSe
BCC(smb_buffer_response)) {
kfree(tcon->nativeFileSystem);
tcon->nativeFileSystem =
Copied and modified: dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/cifs-remove-unneeded-bcc_ptr-update-in-CIFSTCon.patch (from r13464, dists/lenny-security/linux-2.6/debian/patches/bugfix/all/cifs-remove-unneeded-bcc_ptr-update-in-CIFSTCon.patch)
==============================================================================
--- dists/lenny-security/linux-2.6/debian/patches/bugfix/all/cifs-remove-unneeded-bcc_ptr-update-in-CIFSTCon.patch Tue Apr 21 04:48:26 2009 (r13464, copy source)
+++ dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/cifs-remove-unneeded-bcc_ptr-update-in-CIFSTCon.patch Wed Apr 29 07:09:13 2009 (r13519)
@@ -11,12 +11,12 @@
Signed-off-by: Jeff Layton <jlayton at redhat.com>
Signed-off-by: Steve French <sfrench at us.ibm.com>
-Backported to Debian's 2.6.26 by dann frazier <dannf at debian.org>
+Backported to Debian's 2.6.24 by dann frazier <dannf at debian.org>
-diff -urpN linux-source-2.6.26.orig/fs/cifs/connect.c linux-source-2.6.26/fs/cifs/connect.c
---- linux-source-2.6.26.orig/fs/cifs/connect.c 2009-04-20 22:23:20.000000000 -0600
-+++ linux-source-2.6.26/fs/cifs/connect.c 2009-04-20 22:22:19.000000000 -0600
-@@ -3472,7 +3472,6 @@ CIFSTCon(unsigned int xid, struct cifsSe
+diff -urpN linux-source-2.6.24.orig/fs/cifs/connect.c linux-source-2.6.24/fs/cifs/connect.c
+--- linux-source-2.6.24.orig/fs/cifs/connect.c 2009-04-29 00:59:27.000000000 -0600
++++ linux-source-2.6.24/fs/cifs/connect.c 2009-04-29 01:00:34.000000000 -0600
+@@ -3427,7 +3427,6 @@ CIFSTCon(unsigned int xid, struct cifsSe
tcon->nativeFileSystem,
(__le16 *) bcc_ptr,
length, nls_codepage);
Modified: dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.8etch1
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.8etch1 Tue Apr 28 14:57:51 2009 (r13518)
+++ dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.8etch1 Wed Apr 29 07:09:13 2009 (r13519)
@@ -83,3 +83,6 @@
+ bugfix/all/limit_kill_sig_-1_to_callers_namespace.patch
+ bugfix/all/pid-extend+fix-pid_vnr.patch
+ bugfix/all/agp-zero-pages-before-sending-to-userspace.patch
++ bugfix/all/cifs-fix-memory-overwrite-when-saving-nativeFileSystem-field-during-mount.patch
++ bugfix/all/cifs-fix-buffer-size-for-tcon-nativeFileSystem-field.patch
++ bugfix/all/cifs-remove-unneeded-bcc_ptr-update-in-CIFSTCon.patch
More information about the Kernel-svn-changes
mailing list