[kernel] r15079 - in dists/etch-security/linux-2.6.24/debian: . patches/bugfix/all patches/series

Dann Frazier dannf at alioth.debian.org
Mon Feb 1 04:47:00 UTC 2010 

Author: dannf
Date: Mon Feb  1 04:46:57 2010
New Revision: 15079

Log:
ext4: Avoid null pointer dereference when decoding EROFS w/o a journal
(CVE-2009-4308)

Added:
   dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/ext4-avoid-null-pointer-deref-when-decoding-EROFS-wo-a-journal.patch
      - copied, changed from r15068, dists/lenny-security/linux-2.6/debian/patches/bugfix/all/ext4-avoid-null-pointer-deref-when-decoding-EROFS-wo-a-journal.patch
Modified:
   dists/etch-security/linux-2.6.24/debian/changelog
   dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.9etch2

Modified: dists/etch-security/linux-2.6.24/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/changelog	Mon Feb  1 04:43:12 2010	(r15078)
+++ dists/etch-security/linux-2.6.24/debian/changelog	Mon Feb  1 04:46:57 2010	(r15079)
@@ -14,6 +14,8 @@
   * fuse: prevent fuse_put_request on invalid pointer (CVE-2009-4021)
   * firewire: ohci: handle receive packets with a data length of zero
     (CVE-2009-4138)
+  * ext4: Avoid null pointer dereference when decoding EROFS w/o a journal
+    (CVE-2009-4308)
 
  -- dann frazier <dannf at debian.org>  Sun, 31 Jan 2010 17:17:52 -0700
 

Copied and modified: dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/ext4-avoid-null-pointer-deref-when-decoding-EROFS-wo-a-journal.patch (from r15068, dists/lenny-security/linux-2.6/debian/patches/bugfix/all/ext4-avoid-null-pointer-deref-when-decoding-EROFS-wo-a-journal.patch)
==============================================================================
--- dists/lenny-security/linux-2.6/debian/patches/bugfix/all/ext4-avoid-null-pointer-deref-when-decoding-EROFS-wo-a-journal.patch	Sun Jan 31 21:26:06 2010	(r15068, copy source)
+++ dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/ext4-avoid-null-pointer-deref-when-decoding-EROFS-wo-a-journal.patch	Mon Feb  1 04:46:57 2010	(r15079)
@@ -10,11 +10,12 @@
     Signed-off-by: Eric Sesterhenn <eric.sesterhenn at lsexperts.de>
     Signed-off-by: "Theodore Ts'o" <tytso at mit.edu>
 
-diff --git a/fs/ext4/super.c b/fs/ext4/super.c
-index 8f4f079..fe3f376 100644
---- a/fs/ext4/super.c
-+++ b/fs/ext4/super.c
-@@ -344,7 +344,8 @@ static const char *ext4_decode_error(struct super_block *sb, int errno,
+Adjusted to apply to Debian's 2.6.24 by dann frazier <dannf at debian.org>
+
+diff -urpN linux-source-2.6.24.orig/fs/ext4/super.c linux-source-2.6.24/fs/ext4/super.c
+--- linux-source-2.6.24.orig/fs/ext4/super.c	2008-01-24 15:58:37.000000000 -0700
++++ linux-source-2.6.24/fs/ext4/super.c	2010-01-31 21:44:20.000000000 -0700
+@@ -256,7 +256,8 @@ static const char *ext4_decode_error(str
  		errstr = "Out of memory";
  		break;
  	case -EROFS:

Modified: dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.9etch2
==============================================================================
--- dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.9etch2	Mon Feb  1 04:43:12 2010	(r15078)
+++ dists/etch-security/linux-2.6.24/debian/patches/series/6~etchnhalf.9etch2	Mon Feb  1 04:46:57 2010	(r15079)
@@ -12,3 +12,4 @@
 + bugfix/all/hfs-fix-a-potential-buffer-overflow.patch
 + bugfix/all/fuse-prevent-fuse_put_request-on-invalid-pointer.patch
 + bugfix/all/firewire-ohci-handle-receive-packets-with-a-data-length-of-zero.patch
++ bugfix/all/ext4-avoid-null-pointer-deref-when-decoding-EROFS-wo-a-journal.patch

More information about the Kernel-svn-changes mailing list