[kernel] r14108 - in dists/sid/linux-2.6/debian: . patches/bugfix/all patches/series
Dann Frazier
dannf at alioth.debian.org
Fri Aug 14 22:08:19 UTC 2009
Author: dannf
Date: Fri Aug 14 22:08:17 2009
New Revision: 14108
Log:
Make sock_sendpage() use kernel_sendpage() (CVE-2009-2692)
Added:
dists/sid/linux-2.6/debian/patches/bugfix/all/make-sock_sendpage-use-kernel_sendpage.patch
- copied unchanged from r14104, dists/lenny-security/linux-2.6/debian/patches/bugfix/all/make-sock_sendpage-use-kernel_sendpage.patch
dists/sid/linux-2.6/debian/patches/series/6
Modified:
dists/sid/linux-2.6/debian/changelog
Modified: dists/sid/linux-2.6/debian/changelog
==============================================================================
--- dists/sid/linux-2.6/debian/changelog Fri Aug 14 21:56:25 2009 (r14107)
+++ dists/sid/linux-2.6/debian/changelog Fri Aug 14 22:08:17 2009 (r14108)
@@ -1,7 +1,11 @@
linux-2.6 (2.6.30-6) UNRELEASED; urgency=high
+ [ Bastian Blank ]
* Set low address space to protection to default value.
+ [ dann frazier ]
+ * Make sock_sendpage() use kernel_sendpage() (CVE-2009-2692)
+
-- Bastian Blank <waldi at debian.org> Fri, 14 Aug 2009 23:50:45 +0200
linux-2.6 (2.6.30-5) unstable; urgency=high
Copied: dists/sid/linux-2.6/debian/patches/bugfix/all/make-sock_sendpage-use-kernel_sendpage.patch (from r14104, dists/lenny-security/linux-2.6/debian/patches/bugfix/all/make-sock_sendpage-use-kernel_sendpage.patch)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ dists/sid/linux-2.6/debian/patches/bugfix/all/make-sock_sendpage-use-kernel_sendpage.patch Fri Aug 14 22:08:17 2009 (r14108, copy of r14104, dists/lenny-security/linux-2.6/debian/patches/bugfix/all/make-sock_sendpage-use-kernel_sendpage.patch)
@@ -0,0 +1,34 @@
+commit e694958388c50148389b0e9b9e9e8945cf0f1b98
+Author: Linus Torvalds <torvalds at linux-foundation.org>
+Date: Thu Aug 13 08:28:36 2009 -0700
+
+ Make sock_sendpage() use kernel_sendpage()
+
+ kernel_sendpage() does the proper default case handling for when the
+ socket doesn't have a native sendpage implementation.
+
+ Now, arguably this might be something that we could instead solve by
+ just specifying that all protocols should do it themselves at the
+ protocol level, but we really only care about the common protocols.
+ Does anybody really care about sendpage on something like Appletalk? Not
+ likely.
+
+ Acked-by: David S. Miller <davem at davemloft.net>
+ Acked-by: Julien TINNES <julien at cr0.org>
+ Acked-by: Tavis Ormandy <taviso at sdf.lonestar.org>
+ Cc: stable at kernel.org
+ Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
+
+diff --git a/net/socket.c b/net/socket.c
+index 791d71a..6d47165 100644
+--- a/net/socket.c
++++ b/net/socket.c
+@@ -736,7 +736,7 @@ static ssize_t sock_sendpage(struct file *file, struct page *page,
+ if (more)
+ flags |= MSG_MORE;
+
+- return sock->ops->sendpage(sock, page, offset, size, flags);
++ return kernel_sendpage(sock, page, offset, size, flags);
+ }
+
+ static ssize_t sock_splice_read(struct file *file, loff_t *ppos,
Added: dists/sid/linux-2.6/debian/patches/series/6
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ dists/sid/linux-2.6/debian/patches/series/6 Fri Aug 14 22:08:17 2009 (r14108)
@@ -0,0 +1 @@
++ bugfix/all/make-sock_sendpage-use-kernel_sendpage.patch
More information about the Kernel-svn-changes
mailing list