[kernel] r17986 - in dists/lenny-security/linux-2.6/debian: . patches/bugfix/all patches/series
Dann Frazier
dannf at alioth.debian.org
Mon Aug 22 06:09:29 UTC 2011
Author: dannf
Date: Mon Aug 22 06:09:27 2011
New Revision: 17986
Log:
net_sched: Fix qdisc_notify() (CVE-2011-2525)
Added:
dists/lenny-security/linux-2.6/debian/patches/bugfix/all/net_sched-Fix-qdisc_notify.patch
- copied, changed from r17980, dists/squeeze-security/linux-2.6/debian/patches/bugfix/all/net_sched-Fix-qdisc_notify.patch
Modified:
dists/lenny-security/linux-2.6/debian/changelog
dists/lenny-security/linux-2.6/debian/patches/series/26lenny4
Modified: dists/lenny-security/linux-2.6/debian/changelog
==============================================================================
--- dists/lenny-security/linux-2.6/debian/changelog Mon Aug 22 02:49:30 2011 (r17985)
+++ dists/lenny-security/linux-2.6/debian/changelog Mon Aug 22 06:09:27 2011 (r17986)
@@ -7,6 +7,7 @@
* proc: restrict access to /proc/PID/io (CVE-2011-2495)
* vm: fix vm_pgoff wrap in up/down stack expansions (CVE-2011-2496)
* Bluetooth: Prevent buffer overflow in l2cap config request (CVE-2011-2497)
+ * net_sched: Fix qdisc_notify() (CVE-2011-2525)
[ Moritz Muehlenhoff ]
* ALSA: caiaq - Fix possible string-buffer overflow (CVE-2011-0712)
Copied and modified: dists/lenny-security/linux-2.6/debian/patches/bugfix/all/net_sched-Fix-qdisc_notify.patch (from r17980, dists/squeeze-security/linux-2.6/debian/patches/bugfix/all/net_sched-Fix-qdisc_notify.patch)
==============================================================================
--- dists/squeeze-security/linux-2.6/debian/patches/bugfix/all/net_sched-Fix-qdisc_notify.patch Sun Aug 21 15:20:47 2011 (r17980, copy source)
+++ dists/lenny-security/linux-2.6/debian/patches/bugfix/all/net_sched-Fix-qdisc_notify.patch Mon Aug 22 06:09:27 2011 (r17986)
@@ -18,13 +18,13 @@
Reported-by: Ben Pfaff <blp at nicira.com>
Signed-off-by: Eric Dumazet <eric.dumazet at gmail.com>
Signed-off-by: David S. Miller <davem at davemloft.net>
- [dannf: backported to Debian's 2.6.32]
+ [dannf: backported to Debian's 2.6.26]
diff --git a/net/sched/sch_api.c b/net/sched/sch_api.c
-index 903e418..7c8c4b1 100644
+index 2761cf4..93cbd8e 100644
--- a/net/sched/sch_api.c
+++ b/net/sched/sch_api.c
-@@ -1195,6 +1195,11 @@ nla_put_failure:
+@@ -867,6 +867,11 @@ nla_put_failure:
return -1;
}
@@ -36,7 +36,7 @@
static int qdisc_notify(struct sk_buff *oskb, struct nlmsghdr *n,
u32 clid, struct Qdisc *old, struct Qdisc *new)
{
-@@ -1205,11 +1210,11 @@ static int qdisc_notify(struct sk_buff *oskb, struct nlmsghdr *n,
+@@ -877,11 +882,11 @@ static int qdisc_notify(struct sk_buff *oskb, struct nlmsghdr *n,
if (!skb)
return -ENOBUFS;
@@ -50,15 +50,3 @@
if (tc_fill_qdisc(skb, new, clid, pid, n->nlmsg_seq, old ? NLM_F_REPLACE : 0, RTM_NEWQDISC) < 0)
goto err_out;
}
-@@ -1222,11 +1227,6 @@ err_out:
- return -EINVAL;
- }
-
--static bool tc_qdisc_dump_ignore(struct Qdisc *q)
--{
-- return (q->flags & TCQ_F_BUILTIN) ? true : false;
--}
--
- static int tc_dump_qdisc_root(struct Qdisc *root, struct sk_buff *skb,
- struct netlink_callback *cb,
- int *q_idx_p, int s_q_idx)
Modified: dists/lenny-security/linux-2.6/debian/patches/series/26lenny4
==============================================================================
--- dists/lenny-security/linux-2.6/debian/patches/series/26lenny4 Mon Aug 22 02:49:30 2011 (r17985)
+++ dists/lenny-security/linux-2.6/debian/patches/series/26lenny4 Mon Aug 22 06:09:27 2011 (r17986)
@@ -11,3 +11,4 @@
+ bugfix/all/vm-fix-vm_pgoff-wrap-in-stack-expansion.patch
+ bugfix/all/vm-fix-vm_pgoff-wrap-in-upward-expansion.patch
+ bugfix/all/bluetooth-prevent-buffer-overflow-in-l2cap-config-request.patch
++ bugfix/all/net_sched-Fix-qdisc_notify.patch
More information about the Kernel-svn-changes
mailing list