[kernel] r12571 - in dists/etch-security/linux-2.6.24/debian: . patches/bugfix/all patches/series
Dann Frazier
dannf at alioth.debian.org
Wed Jan 14 05:09:25 UTC 2009
Author: dannf
Date: Wed Jan 14 05:09:14 2009
New Revision: 12571
Log:
* sctp: Fix memory overflow (CVE-2009-0065)
* nfs: Fix fcntl/close race (CVE-2008-4307)
Added:
dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/nfs-remove-buggy-lock-if-signalled-case.patch
Modified:
dists/etch-security/linux-2.6.24/debian/changelog
dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.7etch1
Modified: dists/etch-security/linux-2.6.24/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/changelog (original)
+++ dists/etch-security/linux-2.6.24/debian/changelog Wed Jan 14 05:09:14 2009
@@ -5,9 +5,10 @@
* Fix buffer underflow in the ib700wdt watchdog driver (CVE-2008-5702)
* Set a minimum timeout for SG_IO requests (CVE-2008-5700)
* [mips] Fix potential DOS by untrusted user app (CVE-2008-5701)
- * sctp: fix memory overflow (CVE-2009-0065)
+ * sctp: Fix memory overflow (CVE-2009-0065)
+ * nfs: Fix fcntl/close race (CVE-2008-4307)
- -- dann frazier <dannf at debian.org> Mon, 12 Jan 2009 23:01:24 -0700
+ -- dann frazier <dannf at debian.org> Tue, 13 Jan 2009 21:56:46 -0700
linux-2.6.24 (2.6.24-6~etchnhalf.7) stable-security; urgency=high
Added: dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/nfs-remove-buggy-lock-if-signalled-case.patch
==============================================================================
--- (empty file)
+++ dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/nfs-remove-buggy-lock-if-signalled-case.patch Wed Jan 14 05:09:14 2009
@@ -0,0 +1,36 @@
+commit c4d7c402b788b73dc24f1e54a57f89d3dc5eb7bc
+Author: Trond Myklebust <Trond.Myklebust at netapp.com>
+Date: Tue Apr 1 20:26:52 2008 -0400
+
+ NFS: Remove the buggy lock-if-signalled case from do_setlk()
+
+ Both NLM and NFSv4 should be able to clean up adequately in the case where
+ the user interrupts the RPC call...
+
+ Signed-off-by: Trond Myklebust <Trond.Myklebust at netapp.com>
+
+Adjusted to apply to Debian's 2.6.24 by dann frazier <dannf at debian.org>
+
+diff -urpN linux-source-2.6.24.orig/fs/nfs/file.c linux-source-2.6.24/fs/nfs/file.c
+--- linux-source-2.6.24.orig/fs/nfs/file.c 2008-01-24 15:58:37.000000000 -0700
++++ linux-source-2.6.24/fs/nfs/file.c 2009-01-13 21:52:35.000000000 -0700
+@@ -578,17 +578,9 @@ static int do_setlk(struct file *filp, i
+
+ lock_kernel();
+ /* Use local locking if mounted with "-onolock" */
+- if (!(NFS_SERVER(inode)->flags & NFS_MOUNT_NONLM)) {
++ if (!(NFS_SERVER(inode)->flags & NFS_MOUNT_NONLM))
+ status = NFS_PROTO(inode)->lock(filp, cmd, fl);
+- /* If we were signalled we still need to ensure that
+- * we clean up any state on the server. We therefore
+- * record the lock call as having succeeded in order to
+- * ensure that locks_remove_posix() cleans it out when
+- * the process exits.
+- */
+- if (status == -EINTR || status == -ERESTARTSYS)
+- do_vfs_lock(filp, fl);
+- } else
++ else
+ status = do_vfs_lock(filp, fl);
+ unlock_kernel();
+ if (status < 0)
Modified: dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.7etch1
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.7etch1 (original)
+++ dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.7etch1 Wed Jan 14 05:09:14 2009
@@ -3,3 +3,4 @@
+ bugfix/all/enforce-minimum-SG_IO-timeout.patch
+ bugfix/mips/fix-potential-dos.patch
+ bugfix/all/sctp-avoid-memory-overflow.patch
++ bugfix/all/nfs-remove-buggy-lock-if-signalled-case.patch
More information about the Kernel-svn-changes
mailing list