[kernel] r12744 - in dists/etch-security/linux-2.6.24/debian: . patches/bugfix/all patches/series
Dann Frazier
dannf at alioth.debian.org
Tue Feb 10 06:08:18 UTC 2009
Author: dannf
Date: Tue Feb 10 06:08:16 2009
New Revision: 12744
Log:
eCryptfs: check readlink result for error before use (CVE-2009-0269)
Added:
dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/ecryptfs-check-readlink-result-before-use.patch (contents, props changed)
- copied, changed from r12740, /dists/sid/linux-2.6/debian/patches/bugfix/all/ecryptfs-check-readlink-result-before-use.patch
Modified:
dists/etch-security/linux-2.6.24/debian/changelog
dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.8etch1
Modified: dists/etch-security/linux-2.6.24/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/changelog (original)
+++ dists/etch-security/linux-2.6.24/debian/changelog Tue Feb 10 06:08:16 2009
@@ -10,8 +10,9 @@
* Fix sign-extend ABI issue w/ system calls on various 64-bit architectures
(CVE-2009-0029)
* security: introduce missing kfree (CVE-2009-0031)
+ * eCryptfs: check readlink result for error before use (CVE-2009-0269)
- -- dann frazier <dannf at debian.org> Mon, 09 Feb 2009 22:49:26 -0700
+ -- dann frazier <dannf at debian.org> Mon, 09 Feb 2009 22:58:36 -0700
linux-2.6.24 (2.6.24-6~etchnhalf.8) stable; urgency=high
Copied: dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/ecryptfs-check-readlink-result-before-use.patch (from r12740, /dists/sid/linux-2.6/debian/patches/bugfix/all/ecryptfs-check-readlink-result-before-use.patch)
==============================================================================
--- /dists/sid/linux-2.6/debian/patches/bugfix/all/ecryptfs-check-readlink-result-before-use.patch (original)
+++ dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/ecryptfs-check-readlink-result-before-use.patch Tue Feb 10 06:08:16 2009
@@ -16,12 +16,12 @@
Acked-by: Tyler Hicks <tyhicks at linux.vnet.ibm.com>
Signed-off-by: Al Viro <viro at zeniv.linux.org.uk>
-Adjusted to apply to Debian's 2.6.26 by dann frazier <dannf at debian.org>
+Adjusted to apply to Debian's 2.6.24 by dann frazier <dannf at debian.org>
-diff -urpN linux-source-2.6.26.orig/fs/ecryptfs/inode.c linux-source-2.6.26/fs/ecryptfs/inode.c
---- linux-source-2.6.26.orig/fs/ecryptfs/inode.c 2008-07-13 15:51:29.000000000 -0600
-+++ linux-source-2.6.26/fs/ecryptfs/inode.c 2009-02-09 21:38:06.000000000 -0700
-@@ -654,10 +654,11 @@ static void *ecryptfs_follow_link(struct
+diff -urpN linux-source-2.6.24.orig/fs/ecryptfs/inode.c linux-source-2.6.24/fs/ecryptfs/inode.c
+--- linux-source-2.6.24.orig/fs/ecryptfs/inode.c 2008-01-24 15:58:37.000000000 -0700
++++ linux-source-2.6.24/fs/ecryptfs/inode.c 2009-02-09 22:57:01.000000000 -0700
+@@ -660,10 +660,11 @@ static void *ecryptfs_follow_link(struct
ecryptfs_printk(KERN_DEBUG, "Calling readlink w/ "
"dentry->d_name.name = [%s]\n", dentry->d_name.name);
rc = dentry->d_inode->i_op->readlink(dentry, (char __user *)buf, len);
Modified: dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.8etch1
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.8etch1 (original)
+++ dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.8etch1 Tue Feb 10 06:08:16 2009
@@ -56,3 +56,4 @@
+ bugfix/all/CVE-2009-0029/0043-System-call-wrappers-part-33.patch
+ bugfix/all/CVE-2009-0029/0044-s390-specific-system-call-wrappers.patch
+ bugfix/all/security-keyctl-missing-kfree.patch
++ bugfix/all/ecryptfs-check-readlink-result-before-use.patch
More information about the Kernel-svn-changes
mailing list