[kernel] r12739 - in dists/sid/linux-2.6/debian: . patches/bugfix/all patches/series
Dann Frazier
dannf at alioth.debian.org
Tue Feb 10 04:35:35 UTC 2009
Author: dannf
Date: Tue Feb 10 04:35:33 2009
New Revision: 12739
Log:
security: introduce missing kfree (CVE-2009-0031)
Added:
dists/sid/linux-2.6/debian/patches/bugfix/all/security-keyctl-missing-kfree.patch
Modified:
dists/sid/linux-2.6/debian/changelog
dists/sid/linux-2.6/debian/patches/series/14
Modified: dists/sid/linux-2.6/debian/changelog
==============================================================================
--- dists/sid/linux-2.6/debian/changelog (original)
+++ dists/sid/linux-2.6/debian/changelog Tue Feb 10 04:35:33 2009
@@ -20,6 +20,7 @@
* Fix sign-extend ABI issue w/ system calls on various 64-bit architectures
(CVE-2009-0029)
* Fix softlockups in sungem driver (Closes: #514624)
+ * security: introduce missing kfree (CVE-2009-0031)
[ Martin Michlmayr ]
* rt2x00: Fix VGC lower bound initialization. (Closes: #510607)
@@ -30,7 +31,7 @@
* [sparc] Revert: Reintroduce dummy PCI host controller to workaround broken
X.org. Not supportable and breaks to many things.
- -- dann frazier <dannf at debian.org> Mon, 09 Feb 2009 11:14:31 -0700
+ -- dann frazier <dannf at debian.org> Mon, 09 Feb 2009 21:32:48 -0700
linux-2.6 (2.6.26-13) unstable; urgency=high
Added: dists/sid/linux-2.6/debian/patches/bugfix/all/security-keyctl-missing-kfree.patch
==============================================================================
--- (empty file)
+++ dists/sid/linux-2.6/debian/patches/bugfix/all/security-keyctl-missing-kfree.patch Tue Feb 10 04:35:33 2009
@@ -0,0 +1,26 @@
+commit 0d54ee1c7850a954026deec4cd4885f331da35cc
+Author: Vegard Nossum <vegard.nossum at gmail.com>
+Date: Sat Jan 17 17:45:45 2009 +0100
+
+ security: introduce missing kfree
+
+ Plug this leak.
+
+ Acked-by: David Howells <dhowells at redhat.com>
+ Cc: James Morris <jmorris at namei.org>
+ Cc: <stable at kernel.org>
+ Signed-off-by: Vegard Nossum <vegard.nossum at gmail.com>
+ Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
+
+diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c
+index e9335e1..b1ec3b4 100644
+--- a/security/keys/keyctl.c
++++ b/security/keys/keyctl.c
+@@ -270,6 +270,7 @@ long keyctl_join_session_keyring(const char __user *_name)
+
+ /* join the session */
+ ret = join_session_keyring(name);
++ kfree(name);
+
+ error:
+ return ret;
Modified: dists/sid/linux-2.6/debian/patches/series/14
==============================================================================
--- dists/sid/linux-2.6/debian/patches/series/14 (original)
+++ dists/sid/linux-2.6/debian/patches/series/14 Tue Feb 10 04:35:33 2009
@@ -61,3 +61,4 @@
+ bugfix/x86/alsa-hda-support-ecs-chips-with-sigmatel-codecs.patch
+ bugfix/x86/alsa-hda-add-support-for-toshiba-l305.patch
+ bugfix/sparc/sungem-soft-lockup-fix.patch
++ bugfix/all/security-keyctl-missing-kfree.patch
More information about the Kernel-svn-changes
mailing list