[kernel] r12747 - in dists/etch-security/linux-2.6/debian: . patches/bugfix/all patches/series
Dann Frazier
dannf at alioth.debian.org
Tue Feb 10 06:28:02 UTC 2009
Author: dannf
Date: Tue Feb 10 06:28:01 2009
New Revision: 12747
Log:
* dell_rbu: use scnprintf instead of less secure sprintf
- bugfix/all/dell_rbu-use-scnprintf-instead-of-sprintf.patch
See CVE-2009-0322
Added:
dists/etch-security/linux-2.6/debian/patches/bugfix/all/dell_rbu-use-scnprintf-instead-of-sprintf.patch
- copied, changed from r12745, /dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/dell_rbu-use-scnprintf-instead-of-sprintf.patch
Modified:
dists/etch-security/linux-2.6/debian/changelog
dists/etch-security/linux-2.6/debian/patches/series/24etch1
Modified: dists/etch-security/linux-2.6/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6/debian/changelog (original)
+++ dists/etch-security/linux-2.6/debian/changelog Tue Feb 10 06:28:01 2009
@@ -15,8 +15,11 @@
* security: introduce missing kfree
- bugfix/all/security-keyctl-missing-kfree.patch
See CVE-2009-0031
+ * dell_rbu: use scnprintf instead of less secure sprintf
+ - bugfix/all/dell_rbu-use-scnprintf-instead-of-sprintf.patch
+ See CVE-2009-0322
- -- dann frazier <dannf at debian.org> Mon, 09 Feb 2009 23:19:02 -0700
+ -- dann frazier <dannf at debian.org> Mon, 09 Feb 2009 23:25:32 -0700
linux-2.6 (2.6.18.dfsg.1-24) stable; urgency=high
Copied: dists/etch-security/linux-2.6/debian/patches/bugfix/all/dell_rbu-use-scnprintf-instead-of-sprintf.patch (from r12745, /dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/dell_rbu-use-scnprintf-instead-of-sprintf.patch)
==============================================================================
--- /dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/dell_rbu-use-scnprintf-instead-of-sprintf.patch (original)
+++ dists/etch-security/linux-2.6/debian/patches/bugfix/all/dell_rbu-use-scnprintf-instead-of-sprintf.patch Tue Feb 10 06:28:01 2009
@@ -11,12 +11,12 @@
Signed-off-by: Pavel Roskin <proski at gnu.org>
Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
-Adjusted to apply to Debian's 2.6.26 by dann frazier <dannf at debian.org>
+Adjusted to apply to Debian's 2.6.18 by dann frazier <dannf at debian.org>
-diff -urpN linux-source-2.6.26.orig/drivers/firmware/dell_rbu.c linux-source-2.6.26/drivers/firmware/dell_rbu.c
---- linux-source-2.6.26.orig/drivers/firmware/dell_rbu.c 2008-07-13 15:51:29.000000000 -0600
-+++ linux-source-2.6.26/drivers/firmware/dell_rbu.c 2009-02-09 21:44:12.000000000 -0700
-@@ -598,7 +598,7 @@ static ssize_t read_rbu_image_type(struc
+diff -urpN linux-source-2.6.18.orig/drivers/firmware/dell_rbu.c linux-source-2.6.18/drivers/firmware/dell_rbu.c
+--- linux-source-2.6.18.orig/drivers/firmware/dell_rbu.c 2006-09-19 21:42:06.000000000 -0600
++++ linux-source-2.6.18/drivers/firmware/dell_rbu.c 2009-02-09 23:23:28.000000000 -0700
+@@ -596,7 +596,7 @@ static ssize_t read_rbu_image_type(struc
{
int size = 0;
if (!pos)
@@ -25,7 +25,7 @@
return size;
}
-@@ -670,7 +670,7 @@ static ssize_t read_rbu_packet_size(stru
+@@ -666,7 +666,7 @@ static ssize_t read_rbu_packet_size(stru
int size = 0;
if (!pos) {
spin_lock(&rbu_data.lock);
Modified: dists/etch-security/linux-2.6/debian/patches/series/24etch1
==============================================================================
--- dists/etch-security/linux-2.6/debian/patches/series/24etch1 (original)
+++ dists/etch-security/linux-2.6/debian/patches/series/24etch1 Tue Feb 10 06:28:01 2009
@@ -54,3 +54,4 @@
+ bugfix/all/CVE-2009-0029/0090-i386-remove-sys_pipe-proto.patch
+ bugfix/all/CVE-2009-0029/0091-avoid-abi-change.patch
+ bugfix/all/security-keyctl-missing-kfree.patch
++ bugfix/all/dell_rbu-use-scnprintf-instead-of-sprintf.patch
More information about the Kernel-svn-changes
mailing list