diff options
| author |   Tim Yamin <plasmaroo@gentoo.org> | 2004-11-27 17:49:41 +0000 |
|---|---|---|
| committer | Tim Yamin <plasmaroo@gentoo.org> | 2004-11-27 17:49:41 +0000 |
| commit | b52637e128804c020d00f213717d2cfd2fb77e70 (patch) | |
| tree | 9ba572f9f19e1385f2af93b9bf026c2c229e0e78 /sys-kernel/ck-sources | |
| parent | removing old version (diff) | |
| download | historical-b52637e128804c020d00f213717d2cfd2fb77e70.tar.gz historical-b52637e128804c020d00f213717d2cfd2fb77e70.tar.bz2 historical-b52637e128804c020d00f213717d2cfd2fb77e70.zip | |
Version bump for the AF_UNIX and a.out security vulnerabilities; bugs #72452 and #72317.
Diffstat (limited to 'sys-kernel/ck-sources')
| -rw-r--r-- | sys-kernel/ck-sources/ChangeLog | 11 | ||||
| -rw-r--r-- | sys-kernel/ck-sources/Manifest | 19 | ||||
| -rw-r--r-- | sys-kernel/ck-sources/ck-sources-2.4.27-r4.ebuild (renamed from sys-kernel/ck-sources/ck-sources-2.4.27-r3.ebuild) | 6 | ||||
| -rw-r--r-- | sys-kernel/ck-sources/ck-sources-2.6.9-r3.ebuild | 6 | ||||
| -rw-r--r-- | sys-kernel/ck-sources/files/ck-sources-2.4.27.binfmt_a.out.patch | 63 | ||||
| -rw-r--r-- | sys-kernel/ck-sources/files/ck-sources-2.6.9.binfmt_a.out.patch | 63 | ||||
| -rw-r--r-- | sys-kernel/ck-sources/files/ck-sources.AF_UNIX.patch | 24 | ||||
| -rw-r--r-- | sys-kernel/ck-sources/files/digest-ck-sources-2.4.27-r4 (renamed from sys-kernel/ck-sources/files/digest-ck-sources-2.4.27-r3) | 0 |
8 files changed, 179 insertions, 13 deletions
diff --git a/sys-kernel/ck-sources/ChangeLog b/sys-kernel/ck-sources/ChangeLog index 0f5b12d3eb77..1b50cc81794f 100644 --- a/sys-kernel/ck-sources/ChangeLog +++ b/sys-kernel/ck-sources/ChangeLog @@ -1,6 +1,15 @@ # ChangeLog for sys-kernel/ck-sources # Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ck-sources/ChangeLog,v 1.69 2004/11/26 01:10:48 dsd Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ck-sources/ChangeLog,v 1.70 2004/11/27 17:49:41 plasmaroo Exp $ + +*ck-sources-2.4.27-r4 (27 Nov 2004) + + 27 Nov 2004; <plasmaroo@gentoo.org> -ck-sources-2.4.27-r3.ebuild, + +ck-sources-2.4.27-r4.ebuild, ck-sources-2.6.9-r3.ebuild, + +files/ck-sources-2.4.27.binfmt_a.out.patch, + +files/ck-sources-2.6.9.binfmt_a.out.patch, +files/ck-sources.AF_UNIX.patch: + Version bump for the AF_UNIX and a.out security vulnerabilities; bugs #72452 + and #72317. 26 Nov 2004; Daniel Drake <dsd@gentoo.org> ck-sources-2.4.27-r3.ebuild, ck-sources-2.6.9-r3.ebuild: diff --git a/sys-kernel/ck-sources/Manifest b/sys-kernel/ck-sources/Manifest index ea74d3520c81..3d198ca3249a 100644 --- a/sys-kernel/ck-sources/Manifest +++ b/sys-kernel/ck-sources/Manifest @@ -1,13 +1,16 @@ -MD5 e3d82c7bc7f28d9251a1b6e71d30d2ec ck-sources-2.6.9-r3.ebuild 727 -MD5 c0a5020d7c4da6e03b63a6291cb5699c ck-sources-2.4.27-r3.ebuild 1001 -MD5 8e0a4e3abccf30060988fa8e721d85a2 ChangeLog 13443 +MD5 85e9b2a9660d73af08e04ff088a74df3 ChangeLog 13834 +MD5 c6cc40a53406991a490e43897d5d3c04 ck-sources-2.6.9-r3.ebuild 803 +MD5 467750a99a7e23aac6f007d29c5f122b ck-sources-2.4.27-r4.ebuild 1077 MD5 7187b8c28501f454a2412c9e4a7fcf53 metadata.xml 421 +MD5 2b3ddb8b8b15f8da35ade38544b57857 files/ck-sources-2.4.27.XDRWrapFix.patch 1499 +MD5 b0a1f80aff51d6601e8924329023b241 files/ck-sources.AF_UNIX.patch 515 MD5 d1ccc2047be533c992f67270a150a210 files/ck-sources-2.4.27.cmdlineLeak.patch 388 MD5 53fe3d26f6fc45487d69895fc07770cb files/ck-sources-2.6.9.binfmt_elf.patch 2350 -MD5 1e1fe7bb98c80db4644f4b7fd7dd5d32 files/ck-sources-2.4.27.smbfs.patch 3434 -MD5 8812f60b8d02b0b3b4c46a3311ddd851 files/ck-sources-2.6.9.smbfs.patch 2662 -MD5 915e8d7a0618736caa44d96968015467 files/ck-sources-2.4.27.binfmt_elf.patch 2346 -MD5 2b3ddb8b8b15f8da35ade38544b57857 files/ck-sources-2.4.27.XDRWrapFix.patch 1499 +MD5 b9a94233e1457787352e5f85e3e3582d files/ck-sources-2.4.27.binfmt_a.out.patch 2009 +MD5 025c80544aef14ce3a49024d791c5596 files/ck-sources-2.6.9.binfmt_a.out.patch 1763 MD5 7f0579764a55a43256ce069632e0373e files/digest-ck-sources-2.6.9-r3 129 -MD5 cc2afc76adbf81038af8a5f262ed5174 files/digest-ck-sources-2.4.27-r3 214 +MD5 915e8d7a0618736caa44d96968015467 files/ck-sources-2.4.27.binfmt_elf.patch 2346 +MD5 8812f60b8d02b0b3b4c46a3311ddd851 files/ck-sources-2.6.9.smbfs.patch 2662 MD5 d4a740ae56c2049247083af387a22a85 files/ck-sources-2.4.27.CAN-2004-0394.patch 350 +MD5 cc2afc76adbf81038af8a5f262ed5174 files/digest-ck-sources-2.4.27-r4 214 +MD5 1e1fe7bb98c80db4644f4b7fd7dd5d32 files/ck-sources-2.4.27.smbfs.patch 3434 diff --git a/sys-kernel/ck-sources/ck-sources-2.4.27-r3.ebuild b/sys-kernel/ck-sources/ck-sources-2.4.27-r4.ebuild index 492de11c5741..22bd9b4cfcc0 100644 --- a/sys-kernel/ck-sources/ck-sources-2.4.27-r3.ebuild +++ b/sys-kernel/ck-sources/ck-sources-2.4.27-r4.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ck-sources/ck-sources-2.4.27-r3.ebuild,v 1.3 2004/11/26 01:10:48 dsd Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ck-sources/ck-sources-2.4.27-r4.ebuild,v 1.1 2004/11/27 17:49:41 plasmaroo Exp $ ETYPE="sources" inherit kernel-2 @@ -18,7 +18,9 @@ UNIPATCH_LIST="${DISTDIR}/patch-${PV}-lck${CKV}.bz2 ${FILESDIR}/${P}.cmdlineLeak.patch ${FILESDIR}/${P}.XDRWrapFix.patch ${FILESDIR}/${P}.binfmt_elf.patch - ${FILESDIR}/${P}.smbfs.patch" + ${FILESDIR}/${P}.smbfs.patch + ${FILESDIR}/${PN}.AF_UNIX.patch + ${FILESDIR}/${P}.binfmt_a.out.patch" DESCRIPTION="Full sources for the Stock Linux kernel Con Kolivas's high performance patchset" HOMEPAGE="http://members.optusnet.com.au/ckolivas/kernel/" diff --git a/sys-kernel/ck-sources/ck-sources-2.6.9-r3.ebuild b/sys-kernel/ck-sources/ck-sources-2.6.9-r3.ebuild index 637ef212255a..3ce69ae0d82a 100644 --- a/sys-kernel/ck-sources/ck-sources-2.6.9-r3.ebuild +++ b/sys-kernel/ck-sources/ck-sources-2.6.9-r3.ebuild @@ -1,9 +1,11 @@ # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ck-sources/ck-sources-2.6.9-r3.ebuild,v 1.4 2004/11/26 01:10:48 dsd Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ck-sources/ck-sources-2.6.9-r3.ebuild,v 1.5 2004/11/27 17:49:41 plasmaroo Exp $ UNIPATCH_LIST="${DISTDIR}/patch-${KV}.bz2 - ${FILESDIR}/${P}.binfmt_elf.patch" + ${FILESDIR}/${P}.binfmt_elf.patch + ${FILESDIR}/${P}.binfmt_a.out.patch + ${FILESDIR}/${PN}.AF_UNIX.patch" K_PREPATCHED="yes" UNIPATCH_STRICTORDER="yes" diff --git a/sys-kernel/ck-sources/files/ck-sources-2.4.27.binfmt_a.out.patch b/sys-kernel/ck-sources/files/ck-sources-2.4.27.binfmt_a.out.patch new file mode 100644 index 000000000000..4644ae28bce4 --- /dev/null +++ b/sys-kernel/ck-sources/files/ck-sources-2.4.27.binfmt_a.out.patch @@ -0,0 +1,63 @@ +diff -Nru linux-2.4.28/fs/exec.c linux-2.4.28.plasmaroo/fs/exec.c +--- linux-2.4.28/fs/exec.c 2004-04-15 10:44:45 -07:00 ++++ linux-2.4.28.plasmaroo/fs/exec.c 2004-11-12 12:02:40 -08:00 +@@ -342,6 +342,7 @@ int setup_arg_pages(struct linux_binprm + + down_write(¤t->mm->mmap_sem); + { ++ struct vm_area_struct *vma; + mpnt->vm_mm = current->mm; + mpnt->vm_start = PAGE_MASK & (unsigned long) bprm->p; + mpnt->vm_end = STACK_TOP; +@@ -351,6 +352,12 @@ int setup_arg_pages(struct linux_binprm + mpnt->vm_pgoff = 0; + mpnt->vm_file = NULL; + mpnt->vm_private_data = (void *) 0; ++ vma = find_vma(current->mm, mpnt->vm_start); ++ if (vma) { ++ up_write(¤t->mm->mmap_sem); ++ kmem_cache_free(vm_area_cachep, mpnt); ++ return -ENOMEM; ++ } + insert_vm_struct(current->mm, mpnt); + current->mm->total_vm = (mpnt->vm_end - mpnt->vm_start) >> PAGE_SHIFT; + } +diff -Nru linux-2.4.28/fs/exec.c linux-2.4.28.plasmaroo/fs/exec.c +--- linux-2.4.28/fs/binfmt_aout.c 2002-02-04 23:54:04 -08:00 ++++ linux-2.4.28.plasmaroo/fs/binfmt_aout.c 2004-11-12 11:55:14 -08:00 +@@ -39,13 +39,18 @@ static struct linux_binfmt aout_format = + NULL, THIS_MODULE, load_aout_binary, load_aout_library, aout_core_dump, PAGE_SIZE + }; + +-static void set_brk(unsigned long start, unsigned long end) ++#define BAD_ADDR(x) ((unsigned long)(x) >= TASK_SIZE) ++ ++static int set_brk(unsigned long start, unsigned long end) + { + start = PAGE_ALIGN(start); + end = PAGE_ALIGN(end); +- if (end <= start) +- return; +- do_brk(start, end - start); ++ if (end > start) { ++ unsigned long addr = do_brk(start, end - start); ++ if (BAD_ADDR(addr)) ++ return addr; ++ } ++ return 0; + } + + /* +@@ -405,7 +410,11 @@ static int load_aout_binary(struct linux + beyond_if: + set_binfmt(&aout_format); + +- set_brk(current->mm->start_brk, current->mm->brk); ++ retval = set_brk(current->mm->start_brk, current->mm->brk); ++ if (retval < 0) { ++ send_sig(SIGKILL, current, 0); ++ return retval; ++ } + + retval = setup_arg_pages(bprm); + if (retval < 0) { diff --git a/sys-kernel/ck-sources/files/ck-sources-2.6.9.binfmt_a.out.patch b/sys-kernel/ck-sources/files/ck-sources-2.6.9.binfmt_a.out.patch new file mode 100644 index 000000000000..89665ce8db42 --- /dev/null +++ b/sys-kernel/ck-sources/files/ck-sources-2.6.9.binfmt_a.out.patch @@ -0,0 +1,63 @@ +diff -Nru linux-2.6.9/fs/exec.c linux-2.6.9.plasmaroo/fs/exec.c +--- linux-2.6.9/fs/exec.c 2004-11-27 08:30:03 -08:00 ++++ linux-2.6.9.plasmaroo/fs/exec.c 2004-11-27 08:30:03 -08:00 +@@ -413,6 +413,7 @@ + + down_write(&mm->mmap_sem); + { ++ struct vm_area_struct *vma; + mpnt->vm_mm = mm; + #ifdef CONFIG_STACK_GROWSUP + mpnt->vm_start = stack_base; +@@ -433,6 +434,12 @@ + mpnt->vm_flags = VM_STACK_FLAGS; + mpnt->vm_flags |= mm->def_flags; + mpnt->vm_page_prot = protection_map[mpnt->vm_flags & 0x7]; ++ vma = find_vma(mm, mpnt->vm_start); ++ if (vma) { ++ up_write(&mm->mmap_sem); ++ kmem_cache_free(vm_area_cachep, mpnt); ++ return -ENOMEM; ++ } + insert_vm_struct(mm, mpnt); + mm->stack_vm = mm->total_vm = vma_pages(mpnt); + } +diff -Nru linux-2.6.9/fs/binfmt_aout.c linux-2.6.9.plasmaroo/fs/binfmt_aout.c +--- linux-2.6.9/fs/binfmt_aout.c 2004-11-27 08:31:43 -08:00 ++++ linux-2.6.9.plasmaroo/fs/binfmt_aout.c 2004-11-27 08:31:43 -08:00 +@@ -43,13 +43,18 @@ + .min_coredump = PAGE_SIZE + }; + +-static void set_brk(unsigned long start, unsigned long end) ++#define BAD_ADDR(x) ((unsigned long)(x) >= TASK_SIZE) ++ ++static int set_brk(unsigned long start, unsigned long end) + { + start = PAGE_ALIGN(start); + end = PAGE_ALIGN(end); +- if (end <= start) +- return; +- do_brk(start, end - start); ++ if (end > start) { ++ unsigned long addr = do_brk(start, end - start); ++ if (BAD_ADDR(addr)) ++ return addr; ++ } ++ return 0; + } + + /* +@@ -413,7 +418,11 @@ + beyond_if: + set_binfmt(&aout_format); + +- set_brk(current->mm->start_brk, current->mm->brk); ++ retval = set_brk(current->mm->start_brk, current->mm->brk); ++ if (retval < 0) { ++ send_sig(SIGKILL, current, 0); ++ return retval; ++ } + + retval = setup_arg_pages(bprm, EXSTACK_DEFAULT); + if (retval < 0) { diff --git a/sys-kernel/ck-sources/files/ck-sources.AF_UNIX.patch b/sys-kernel/ck-sources/files/ck-sources.AF_UNIX.patch new file mode 100644 index 000000000000..6ced78404a2d --- /dev/null +++ b/sys-kernel/ck-sources/files/ck-sources.AF_UNIX.patch @@ -0,0 +1,24 @@ +--- linux-2.4.27/net/unix/af_unix.c 2004-11-24 08:23:21 -08:00 ++++ linux-2.4.28/net/unix/af_unix.c 2004-11-24 08:23:21 -08:00 +@@ -1403,9 +1403,11 @@ + + msg->msg_namelen = 0; + ++ down(&sk->protinfo.af_unix.readsem); ++ + skb = skb_recv_datagram(sk, flags, noblock, &err); + if (!skb) +- goto out; ++ goto out_unlock; + + wake_up_interruptible(&sk->protinfo.af_unix.peer_wait); + +@@ -1449,6 +1451,8 @@ + + out_free: + skb_free_datagram(sk,skb); ++out_unlock: ++ up(&sk->protinfo.af_unix.readsem); + out: + return err; + } diff --git a/sys-kernel/ck-sources/files/digest-ck-sources-2.4.27-r3 b/sys-kernel/ck-sources/files/digest-ck-sources-2.4.27-r4 index e7725e697778..e7725e697778 100644 --- a/sys-kernel/ck-sources/files/digest-ck-sources-2.4.27-r3 +++ b/sys-kernel/ck-sources/files/digest-ck-sources-2.4.27-r4 |