[kernel] r12744 - in dists/etch-security/linux-2.6.24/debian: . patches/bugfix/all patches/series

Dann Frazier dannf at alioth.debian.org
Tue Feb 10 06:08:18 UTC 2009 

Author: dannf
Date: Tue Feb 10 06:08:16 2009
New Revision: 12744

Log:
eCryptfs: check readlink result for error before use (CVE-2009-0269)

Added:
   dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/ecryptfs-check-readlink-result-before-use.patch   (contents, props changed)
      - copied, changed from r12740, /dists/sid/linux-2.6/debian/patches/bugfix/all/ecryptfs-check-readlink-result-before-use.patch
Modified:
   dists/etch-security/linux-2.6.24/debian/changelog
   dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.8etch1

Modified: dists/etch-security/linux-2.6.24/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/changelog	(original)
+++ dists/etch-security/linux-2.6.24/debian/changelog	Tue Feb 10 06:08:16 2009
@@ -10,8 +10,9 @@
   * Fix sign-extend ABI issue w/ system calls on various 64-bit architectures
     (CVE-2009-0029)
   * security: introduce missing kfree (CVE-2009-0031)
+  * eCryptfs: check readlink result for error before use (CVE-2009-0269)
 
- -- dann frazier <dannf at debian.org>  Mon, 09 Feb 2009 22:49:26 -0700
+ -- dann frazier <dannf at debian.org>  Mon, 09 Feb 2009 22:58:36 -0700
 
 linux-2.6.24 (2.6.24-6~etchnhalf.8) stable; urgency=high
 

Copied: dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/ecryptfs-check-readlink-result-before-use.patch (from r12740, /dists/sid/linux-2.6/debian/patches/bugfix/all/ecryptfs-check-readlink-result-before-use.patch)
==============================================================================
--- /dists/sid/linux-2.6/debian/patches/bugfix/all/ecryptfs-check-readlink-result-before-use.patch	(original)
+++ dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/ecryptfs-check-readlink-result-before-use.patch	Tue Feb 10 06:08:16 2009
@@ -16,12 +16,12 @@
     Acked-by: Tyler Hicks <tyhicks at linux.vnet.ibm.com>
     Signed-off-by: Al Viro <viro at zeniv.linux.org.uk>
 
-Adjusted to apply to Debian's 2.6.26 by dann frazier <dannf at debian.org>
+Adjusted to apply to Debian's 2.6.24 by dann frazier <dannf at debian.org>
 
-diff -urpN linux-source-2.6.26.orig/fs/ecryptfs/inode.c linux-source-2.6.26/fs/ecryptfs/inode.c
---- linux-source-2.6.26.orig/fs/ecryptfs/inode.c	2008-07-13 15:51:29.000000000 -0600
-+++ linux-source-2.6.26/fs/ecryptfs/inode.c	2009-02-09 21:38:06.000000000 -0700
-@@ -654,10 +654,11 @@ static void *ecryptfs_follow_link(struct
+diff -urpN linux-source-2.6.24.orig/fs/ecryptfs/inode.c linux-source-2.6.24/fs/ecryptfs/inode.c
+--- linux-source-2.6.24.orig/fs/ecryptfs/inode.c	2008-01-24 15:58:37.000000000 -0700
++++ linux-source-2.6.24/fs/ecryptfs/inode.c	2009-02-09 22:57:01.000000000 -0700
+@@ -660,10 +660,11 @@ static void *ecryptfs_follow_link(struct
  	ecryptfs_printk(KERN_DEBUG, "Calling readlink w/ "
  			"dentry->d_name.name = [%s]\n", dentry->d_name.name);
  	rc = dentry->d_inode->i_op->readlink(dentry, (char __user *)buf, len);

Modified: dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.8etch1
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.8etch1	(original)
+++ dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.8etch1	Tue Feb 10 06:08:16 2009
@@ -56,3 +56,4 @@
 + bugfix/all/CVE-2009-0029/0043-System-call-wrappers-part-33.patch
 + bugfix/all/CVE-2009-0029/0044-s390-specific-system-call-wrappers.patch
 + bugfix/all/security-keyctl-missing-kfree.patch
++ bugfix/all/ecryptfs-check-readlink-result-before-use.patch

More information about the Kernel-svn-changes mailing list