diff options
| author |   Tim Yamin <plasmaroo@gentoo.org> | 2004-11-06 23:53:39 +0000 |
|---|---|---|
| committer | Tim Yamin <plasmaroo@gentoo.org> | 2004-11-06 23:53:39 +0000 |
| commit | 2607ead1eb8f7cc7cff19c251a89f1c826db6ece (patch) | |
| tree | 425c98f9772b6e71eb032ce321939a20a36501af /sys-kernel | |
| parent | Initial import as per bug #13662. Ebuild and patches by Marien Zwart (diff) | |
| download | historical-2607ead1eb8f7cc7cff19c251a89f1c826db6ece.tar.gz historical-2607ead1eb8f7cc7cff19c251a89f1c826db6ece.tar.bz2 historical-2607ead1eb8f7cc7cff19c251a89f1c826db6ece.zip | |
Added a fix for the kNFSd security vulnerability, bug #62524 and the CAN-2004-0814 vulnerability, bug #68421.
Diffstat (limited to 'sys-kernel')
| -rw-r--r-- | sys-kernel/pac-sources/ChangeLog | 9 | ||||
| -rw-r--r-- | sys-kernel/pac-sources/Manifest | 7 | ||||
| -rw-r--r-- | sys-kernel/pac-sources/files/digest-pac-sources-2.4.23-r13 (renamed from sys-kernel/pac-sources/files/digest-pac-sources-2.4.23-r12) | 1 | ||||
| -rw-r--r-- | sys-kernel/pac-sources/files/pac-sources.XDRWrapFix.patch | 48 | ||||
| -rw-r--r-- | sys-kernel/pac-sources/pac-sources-2.4.23-r13.ebuild (renamed from sys-kernel/pac-sources/pac-sources-2.4.23-r12.ebuild) | 11 |
5 files changed, 69 insertions, 7 deletions
diff --git a/sys-kernel/pac-sources/ChangeLog b/sys-kernel/pac-sources/ChangeLog index 3716f8a10ca2..543b0f51ca31 100644 --- a/sys-kernel/pac-sources/ChangeLog +++ b/sys-kernel/pac-sources/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for sys-kernel/pac-sources # Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/pac-sources/ChangeLog,v 1.15 2004/08/09 23:56:59 plasmaroo Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/pac-sources/ChangeLog,v 1.16 2004/11/06 23:53:39 plasmaroo Exp $ + +*pac-sources-2.4.23-r13 (06 Nov 2004) + + 06 Nov 2004; <plasmaroo@gentoo.org> -pac-sources-2.4.23-r12.ebuild, + +pac-sources-2.4.23-r13.ebuild, +files/pac-sources.XDRWrapFix.patch: + Added a fix for the kNFSd security vulnerability, bug #62524 and the + CAN-2004-0814 vulnerability, bug #68421. *pac-sources-2.4.23-r12 (10 Aug 2004) diff --git a/sys-kernel/pac-sources/Manifest b/sys-kernel/pac-sources/Manifest index 02f0c342a17a..1b38c588e5a1 100644 --- a/sys-kernel/pac-sources/Manifest +++ b/sys-kernel/pac-sources/Manifest @@ -1,8 +1,10 @@ -MD5 d7bfaa88eb293ef56a0d8a0038df6af0 ChangeLog 3744 +MD5 909018be7b6e559e8b4cde27a8a62a08 ChangeLog 4039 +MD5 ab3e7dfb447a9b1e8dea9986fbfb3a95 pac-sources-2.4.23-r13.ebuild 4207 MD5 daa14c3311aff54352fca02cadfd84a4 metadata.xml 409 -MD5 8fc9d7ef17076e672e93e12ec053d3bf pac-sources-2.4.23-r12.ebuild 3758 MD5 21f3a4f186017d925067335e24db36a1 files/pac-sources.CAN-2004-0109.patch 1877 +MD5 2b3ddb8b8b15f8da35ade38544b57857 files/pac-sources.XDRWrapFix.patch 1499 MD5 e77a93fdf26f06cf3ea5080b27211725 files/pac-sources.CAN-2003-0985.patch 414 +MD5 13a86b9932fa79e86e6cd4f8cca70522 files/digest-pac-sources-2.4.23-r13 298 MD5 147fec50180ad91b6260fc7201dcb90f files/pac-sources.CAN-2004-0010.patch 6050 MD5 60d25ff310fc6abfdce39ec9e47345af files/pac-sources.CAN-2004-0685.patch 2809 MD5 0f66013f643c79c97fda489618a4e2fd files/pac-sources.CAN-2004-0535.patch 476 @@ -11,7 +13,6 @@ MD5 dc18e982f8149588a291956481885a8c files/pac-sources.CAN-2004-0495.patch 17549 MD5 d4a740ae56c2049247083af387a22a85 files/pac-sources.CAN-2004-0394.patch 350 MD5 c460ea130cb4ae84a5063ba044e3ce72 files/pac-sources.CAN-2004-0427.patch 460 MD5 d1ccc2047be533c992f67270a150a210 files/pac-sources.cmdlineLeak.patch 388 -MD5 ae3b97255b35efc458f85f881b1ed827 files/digest-pac-sources-2.4.23-r12 216 MD5 ac42024b6e6ee1e2165914db4b22a61c files/pac-sources.CAN-2004-0178.patch 424 MD5 3bdf00d5f80fe9dfbfe8220e076cd04c files/pac-sources.CAN-2004-0497.patch 707 MD5 032ff70c5895cc1a2dfbe2a58ebde1f7 files/pac-sources.munmap.patch 819 diff --git a/sys-kernel/pac-sources/files/digest-pac-sources-2.4.23-r12 b/sys-kernel/pac-sources/files/digest-pac-sources-2.4.23-r13 index 84606910d3f9..138559d404a9 100644 --- a/sys-kernel/pac-sources/files/digest-pac-sources-2.4.23-r12 +++ b/sys-kernel/pac-sources/files/digest-pac-sources-2.4.23-r13 @@ -1,3 +1,4 @@ MD5 642af5ab5e1fc63685fde85e9ae601e4 linux-2.4.23.tar.bz2 29832609 MD5 ad1985cdeb4499b2260d2c874e89feed patch-2.4.23-pac1.bz2 1671379 MD5 5e5f26ef680694cd3a542bfde7156887 pac-sources-2.4.23-CAN-2004-0415.patch 89626 +MD5 1b446be9b43d3156bc0ca04ab20188f5 pac-sources-2.4.23-CAN-2004-0814.patch 83206 diff --git a/sys-kernel/pac-sources/files/pac-sources.XDRWrapFix.patch b/sys-kernel/pac-sources/files/pac-sources.XDRWrapFix.patch new file mode 100644 index 000000000000..9a336ab7876a --- /dev/null +++ b/sys-kernel/pac-sources/files/pac-sources.XDRWrapFix.patch @@ -0,0 +1,48 @@ +# This is a BitKeeper generated diff -Nru style patch. +# +# ChangeSet +# 2004/08/16 14:50:04-03:00 neilb@cse.unsw.edu.au +# [PATCH] Fixed possibly xdr parsing error if write size exceed 2^31 +# +# xdr_argsize_check needs to cope with the possibility that the +# pointer has wrapped and could be below buf->base. +# +# Signed-off-by: Neil Brown <neilb@cse.unsw.edu.au> +# +# ### Diffstat output +# ./fs/nfsd/nfs3xdr.c | 2 +- +# ./include/linux/nfsd/xdr3.h | 2 +- +# 2 files changed, 2 insertions(+), 2 deletions(-) +# +# fs/nfsd/nfs3xdr.c +# 2004/08/14 00:23:06-03:00 neilb@cse.unsw.edu.au +1 -1 +# Fixed possibly xdr parsing error if write size exceed 2^31 +# +# include/linux/nfsd/xdr3.h +# 2004/08/15 20:48:43-03:00 neilb@cse.unsw.edu.au +1 -1 +# Fixed possibly xdr parsing error if write size exceed 2^31 +# +diff -Nru a/fs/nfsd/nfs3xdr.c b/fs/nfsd/nfs3xdr.c +--- a/fs/nfsd/nfs3xdr.c 2004-09-06 11:20:28 -07:00 ++++ b/fs/nfsd/nfs3xdr.c 2004-09-06 11:20:28 -07:00 +@@ -273,7 +273,7 @@ + { + struct svc_buf *buf = &rqstp->rq_argbuf; + +- return p - buf->base <= buf->buflen; ++ return p >= buf->base && p <= buf->base + buf->buflen ; + } + + static inline int +diff -Nru a/include/linux/nfsd/xdr3.h b/include/linux/nfsd/xdr3.h +--- a/include/linux/nfsd/xdr3.h 2004-09-06 11:20:28 -07:00 ++++ b/include/linux/nfsd/xdr3.h 2004-09-06 11:20:28 -07:00 +@@ -41,7 +41,7 @@ + __u32 count; + int stable; + __u8 * data; +- int len; ++ __u32 len; + }; + + struct nfsd3_createargs { diff --git a/sys-kernel/pac-sources/pac-sources-2.4.23-r12.ebuild b/sys-kernel/pac-sources/pac-sources-2.4.23-r13.ebuild index 4593a6715d69..37857ecf3f41 100644 --- a/sys-kernel/pac-sources/pac-sources-2.4.23-r12.ebuild +++ b/sys-kernel/pac-sources/pac-sources-2.4.23-r13.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/pac-sources/pac-sources-2.4.23-r12.ebuild,v 1.1 2004/08/09 23:56:59 plasmaroo Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/pac-sources/pac-sources-2.4.23-r13.ebuild,v 1.1 2004/11/06 23:53:39 plasmaroo Exp $ IUSE="" ETYPE="sources" @@ -32,12 +32,14 @@ if [ ${PRERC} ]; then SRC_URI="mirror://kernel/linux/kernel/v2.4/linux-${OURKERNEL}.tar.bz2 mirror://kernel/linux/kernel/people/bero/2.4/${OURKERNEL}/patch-${KV/-}.bz2 mirror://kernel/linux/kernel/v2.4/testing/patch-${PV/_/-}.bz2 - http://dev.gentoo.org/~plasmaroo/patches/kernel/misc/security/${P}-CAN-2004-0415.patch" + http://dev.gentoo.org/~plasmaroo/patches/kernel/misc/security/${P}-CAN-2004-0415.patch + http://dev.gentoo.org/~plasmaroo/patches/kernel/misc/security/${P}-CAN-2004-0814.patch" else OURKERNEL="2.4.${OKVLAST}" SRC_URI="mirror://kernel//linux/kernel/v2.4/linux-${OURKERNEL}.tar.bz2 mirror://kernel/linux/kernel/people/bero/2.4/${OURKERNEL}/patch-${KV}.bz2 - http://dev.gentoo.org/~plasmaroo/patches/kernel/misc/security/${P}-CAN-2004-0415.patch" + http://dev.gentoo.org/~plasmaroo/patches/kernel/misc/security/${P}-CAN-2004-0415.patch + http://dev.gentoo.org/~plasmaroo/patches/kernel/misc/security/${P}-CAN-2004-0814.patch" fi @@ -72,7 +74,10 @@ src_unpack() { epatch ${FILESDIR}/${PN}.CAN-2004-0495.patch || die "Failed to add the CAN-2004-0495 patch!" epatch ${FILESDIR}/${PN}.CAN-2004-0497.patch || die "Failed to add the CAN-2004-0497 patch!" epatch ${FILESDIR}/${PN}.CAN-2004-0535.patch || die "Failed to add the CAN-2004-0535 patch!" + epatch ${FILESDIR}/${PN}.CAN-2004-0685.patch || die "Failed to add the CAN-2004-0685 patch!" + epatch ${DISTDIR}/${P}-CAN-2004-0814.patch || die "Failed to add CAN-2004-0814 patch!" epatch ${FILESDIR}/${PN}.FPULockup-53804.patch || die "Failed to apply FPU-lockup patch!" epatch ${FILESDIR}/${PN}.cmdlineLeak.patch || die "Failed to apply the /proc/cmdline patch!" + epatch ${FILESDIR}/${PN}.XDRWrapFix.patch || die "Failed to apply the kNFSd XDR patch!" kernel_universal_unpack } |