[kernel] r17276 - in dists/lenny-security/linux-2.6/debian: . patches/features/all/vserver patches/series

Ben Hutchings benh at alioth.debian.org
Sat Apr 30 04:39:14 UTC 2011 

Author: benh
Date: Sat Apr 30 04:39:08 2011
New Revision: 17276

Log:
[vserver] Complete fix for CVE-2010-4243 (Closes: #618485)

Added:
   dists/lenny-security/linux-2.6/debian/patches/features/all/vserver/vserver-complete-fix-for-CVE-2010-4243.patch
   dists/lenny-security/linux-2.6/debian/patches/series/26lenny3-extra
Modified:
   dists/lenny-security/linux-2.6/debian/changelog

Modified: dists/lenny-security/linux-2.6/debian/changelog
==============================================================================
--- dists/lenny-security/linux-2.6/debian/changelog	Fri Apr 29 19:04:28 2011	(r17275)
+++ dists/lenny-security/linux-2.6/debian/changelog	Sat Apr 30 04:39:08 2011	(r17276)
@@ -18,6 +18,9 @@
   * ipv6: netfilter: ip6_tables: fix infoleak to userspace (CVE-2011-1172)
   * econet: 4 byte infoleak to the network (CVE-2011-1173)
 
+  [ Ben Hutchings ]
+  * [vserver] Complete fix for CVE-2010-4243 (Closes: #618485)
+
  -- dann frazier <dannf at debian.org>  Wed, 30 Mar 2011 22:46:26 -0600
 
 linux-2.6 (2.6.26-26lenny2) stable-security; urgency=high

Added: dists/lenny-security/linux-2.6/debian/patches/features/all/vserver/vserver-complete-fix-for-CVE-2010-4243.patch
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ dists/lenny-security/linux-2.6/debian/patches/features/all/vserver/vserver-complete-fix-for-CVE-2010-4243.patch	Sat Apr 30 04:39:08 2011	(r17276)
@@ -0,0 +1,19 @@
+From: Ben Hutchings <ben at decadent.org.uk>
+Subject: [PATCH] vserver: Complete fix for CVE-2010-4243
+
+VServer requires all adjustments to mm_struct::total_vm to be
+accounted to the server as well.
+
+Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
+---
+--- a/fs/exec.c
++++ b/fs/exec.c
+@@ -169,7 +169,7 @@
+ 		return;
+ 
+ 	down_write(&mm->mmap_sem);
+-	mm->total_vm += diff;
++	vx_vmpages_add(mm, diff);
+ 	up_write(&mm->mmap_sem);
+ }
+ 

Added: dists/lenny-security/linux-2.6/debian/patches/series/26lenny3-extra
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ dists/lenny-security/linux-2.6/debian/patches/series/26lenny3-extra	Sat Apr 30 04:39:08 2011	(r17276)
@@ -0,0 +1 @@
++ features/all/vserver/vserver-complete-fix-for-CVE-2010-4243.patch featureset=vserver

More information about the Kernel-svn-changes mailing list