[kernel] r12570 - in dists/etch-security/linux-2.6.24/debian: . patches/bugfix/all patches/series
Dann Frazier
dannf at alioth.debian.org
Tue Jan 13 06:07:17 UTC 2009
Author: dannf
Date: Tue Jan 13 06:07:16 2009
New Revision: 12570
Log:
sctp: fix memory overflow (CVE-2009-0065)
Added:
dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/sctp-avoid-memory-overflow.patch (contents, props changed)
- copied, changed from r12567, /dists/sid/linux-2.6/debian/patches/bugfix/all/sctp-avoid-memory-overflow.patch
Modified:
dists/etch-security/linux-2.6.24/debian/changelog
dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.7etch1
Modified: dists/etch-security/linux-2.6.24/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/changelog (original)
+++ dists/etch-security/linux-2.6.24/debian/changelog Tue Jan 13 06:07:16 2009
@@ -5,8 +5,9 @@
* Fix buffer underflow in the ib700wdt watchdog driver (CVE-2008-5702)
* Set a minimum timeout for SG_IO requests (CVE-2008-5700)
* [mips] Fix potential DOS by untrusted user app (CVE-2008-5701)
+ * sctp: fix memory overflow (CVE-2009-0065)
- -- dann frazier <dannf at debian.org> Mon, 12 Jan 2009 22:40:33 -0700
+ -- dann frazier <dannf at debian.org> Mon, 12 Jan 2009 23:01:24 -0700
linux-2.6.24 (2.6.24-6~etchnhalf.7) stable-security; urgency=high
Copied: dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/sctp-avoid-memory-overflow.patch (from r12567, /dists/sid/linux-2.6/debian/patches/bugfix/all/sctp-avoid-memory-overflow.patch)
==============================================================================
--- /dists/sid/linux-2.6/debian/patches/bugfix/all/sctp-avoid-memory-overflow.patch (original)
+++ dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/sctp-avoid-memory-overflow.patch Tue Jan 13 06:07:16 2009
@@ -25,28 +25,21 @@
Signed-off-by: Vlad Yasevich <vladislav.yasevich at hp.com>
Signed-off-by: David S. Miller <davem at davemloft.net>
-Adjusted to apply to Debian's 2.6.26 by dann frazier <dannf at debian.org>
+Adjusted to apply to Debian's 2.6.24 by dann frazier <dannf at debian.org>
-diff -urpN linux-source-2.6.26.orig/net/sctp/sm_statefuns.c linux-source-2.6.26/net/sctp/sm_statefuns.c
---- linux-source-2.6.26.orig/net/sctp/sm_statefuns.c 2009-01-08 16:43:13.000000000 -0700
-+++ linux-source-2.6.26/net/sctp/sm_statefuns.c 2009-01-10 10:15:32.000000000 -0700
-@@ -3641,6 +3641,7 @@ sctp_disposition_t sctp_sf_eat_fwd_tsn(c
+diff -urpN linux-source-2.6.24.orig/net/sctp/sm_statefuns.c linux-source-2.6.24/net/sctp/sm_statefuns.c
+--- linux-source-2.6.24.orig/net/sctp/sm_statefuns.c 2008-01-24 15:58:37.000000000 -0700
++++ linux-source-2.6.24/net/sctp/sm_statefuns.c 2009-01-12 22:57:05.000000000 -0700
+@@ -3629,6 +3629,8 @@ sctp_disposition_t sctp_sf_eat_fwd_tsn_f
{
struct sctp_chunk *chunk = arg;
struct sctp_fwdtsn_hdr *fwdtsn_hdr;
+ struct sctp_fwdtsn_skip *skip;
- __u16 len;
- __u32 tsn;
-
-@@ -3701,6 +3702,7 @@ sctp_disposition_t sctp_sf_eat_fwd_tsn_f
- {
- struct sctp_chunk *chunk = arg;
- struct sctp_fwdtsn_hdr *fwdtsn_hdr;
+ struct sctp_fwdtsn_skip *skip;
__u16 len;
__u32 tsn;
-@@ -3730,6 +3732,18 @@ sctp_disposition_t sctp_sf_eat_fwd_tsn_f
+@@ -3658,6 +3660,18 @@ sctp_disposition_t sctp_sf_eat_fwd_tsn_f
if (sctp_tsnmap_check(&asoc->peer.tsn_map, tsn) < 0)
goto gen_shutdown;
Modified: dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.7etch1
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.7etch1 (original)
+++ dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.7etch1 Tue Jan 13 06:07:16 2009
@@ -2,3 +2,4 @@
+ bugfix/all/watchdog-ib700wdt-buffer_underflow.patch
+ bugfix/all/enforce-minimum-SG_IO-timeout.patch
+ bugfix/mips/fix-potential-dos.patch
++ bugfix/all/sctp-avoid-memory-overflow.patch
More information about the Kernel-svn-changes
mailing list