[kernel] r14485 - in dists/etch-security/linux-2.6.24/debian: . patches/bugfix/all patches/series
Dann Frazier
dannf at alioth.debian.org
Wed Oct 28 06:04:02 UTC 2009
Author: dannf
Date: Wed Oct 28 06:03:58 2009
New Revision: 14485
Log:
eCryptfs: Prevent lower dentry from going negative during unlink
(CVE-2009-2908)
Added:
dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/ecryptfs-prevent-lower-dentry-from-going-negative-during-unlink.patch
- copied, changed from r14470, dists/lenny-security/linux-2.6/debian/patches/bugfix/all/ecryptfs-prevent-lower-dentry-from-going-negative-during-unlink.patch
Modified:
dists/etch-security/linux-2.6.24/debian/changelog
dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.8etch4
Modified: dists/etch-security/linux-2.6.24/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/changelog Wed Oct 28 05:47:10 2009 (r14484)
+++ dists/etch-security/linux-2.6.24/debian/changelog Wed Oct 28 06:03:58 2009 (r14485)
@@ -8,6 +8,8 @@
attributes (CVE-2009-2849)
* appletalk: Fix skb leak when ipddp interface is not loaded
(CVE-2009-2903)
+ * eCryptfs: Prevent lower dentry from going negative during unlink
+ (CVE-2009-2908)
-- dann frazier <dannf at debian.org> Tue, 27 Oct 2009 22:41:25 -0600
Copied and modified: dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/ecryptfs-prevent-lower-dentry-from-going-negative-during-unlink.patch (from r14470, dists/lenny-security/linux-2.6/debian/patches/bugfix/all/ecryptfs-prevent-lower-dentry-from-going-negative-during-unlink.patch)
==============================================================================
--- dists/lenny-security/linux-2.6/debian/patches/bugfix/all/ecryptfs-prevent-lower-dentry-from-going-negative-during-unlink.patch Wed Oct 28 01:27:56 2009 (r14470, copy source)
+++ dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/ecryptfs-prevent-lower-dentry-from-going-negative-during-unlink.patch Wed Oct 28 06:03:58 2009 (r14485)
@@ -30,23 +30,23 @@
Cc: stable <stable at kernel.org>
Signed-off-by: Tyler Hicks <tyhicks at linux.vnet.ibm.com>
-Adjusted to apply to Debian's 2.6.26 by dann frazier <dannf at debian.org>
+Adjusted to apply to Debian's 2.6.24 by dann frazier <dannf at debian.org>
-diff -urpN linux-source-2.6.26.orig/fs/ecryptfs/inode.c linux-source-2.6.26/fs/ecryptfs/inode.c
---- linux-source-2.6.26.orig/fs/ecryptfs/inode.c 2009-08-18 23:15:12.000000000 -0600
-+++ linux-source-2.6.26/fs/ecryptfs/inode.c 2009-10-08 00:26:22.000000000 -0600
-@@ -422,6 +422,7 @@ static int ecryptfs_unlink(struct inode
+diff -urpN linux-source-2.6.24.orig/fs/ecryptfs/inode.c linux-source-2.6.24/fs/ecryptfs/inode.c
+--- linux-source-2.6.24.orig/fs/ecryptfs/inode.c 2008-01-24 15:58:37.000000000 -0700
++++ linux-source-2.6.24/fs/ecryptfs/inode.c 2009-10-27 23:52:07.000000000 -0600
+@@ -428,6 +428,7 @@ static int ecryptfs_unlink(struct inode
+ struct dentry *lower_dentry = ecryptfs_dentry_to_lower(dentry);
struct inode *lower_dir_inode = ecryptfs_inode_to_lower(dir);
- struct dentry *lower_dir_dentry;
+ dget(lower_dentry);
- lower_dir_dentry = lock_parent(lower_dentry);
+ lock_parent(lower_dentry);
rc = vfs_unlink(lower_dir_inode, lower_dentry);
if (rc) {
-@@ -435,6 +436,7 @@ static int ecryptfs_unlink(struct inode
+@@ -441,6 +442,7 @@ static int ecryptfs_unlink(struct inode
d_drop(dentry);
out_unlock:
- unlock_dir(lower_dir_dentry);
+ unlock_parent(lower_dentry);
+ dput(lower_dentry);
return rc;
}
Modified: dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.8etch4
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.8etch4 Wed Oct 28 05:47:10 2009 (r14484)
+++ dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.8etch4 Wed Oct 28 06:03:58 2009 (r14485)
@@ -4,3 +4,4 @@
+ bugfix/all/md-avoid-NULL-deref-with-suspend-sysfs-attribs.patch
+ bugfix/all/appletalk-use-correct-returns-for-atalk_rcv.patch
+ bugfix/all/appletalk-fix-skb-leak-when-ipddp-interface-is-not-loaded.patch
++ bugfix/all/ecryptfs-prevent-lower-dentry-from-going-negative-during-unlink.patch
More information about the Kernel-svn-changes
mailing list