diff options
author | Tim Yamin <plasmaroo@gentoo.org> | 2004-04-17 11:44:12 +0000 |
---|---|---|
committer | Tim Yamin <plasmaroo@gentoo.org> | 2004-04-17 11:44:12 +0000 |
commit | c188fbbbdd3c731738a662ab245fbc8cb5f13e73 (patch) | |
tree | e33cfbf3135de3147e269f0e250568e58d4727ef /sys-kernel | |
parent | Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178 vulnerab... (diff) | |
download | gentoo-2-c188fbbbdd3c731738a662ab245fbc8cb5f13e73.tar.gz gentoo-2-c188fbbbdd3c731738a662ab245fbc8cb5f13e73.tar.bz2 gentoo-2-c188fbbbdd3c731738a662ab245fbc8cb5f13e73.zip |
Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178 vulnerabilities.
Diffstat (limited to 'sys-kernel')
-rw-r--r-- | sys-kernel/ia64-sources/ChangeLog | 13 | ||||
-rw-r--r-- | sys-kernel/ia64-sources/files/digest-ia64-sources-2.4.24-r1 | 2 | ||||
-rw-r--r-- | sys-kernel/ia64-sources/files/digest-ia64-sources-2.4.24-r2 | 2 | ||||
-rw-r--r-- | sys-kernel/ia64-sources/files/digest-ia64-sources-2.4.24-r3 (renamed from sys-kernel/ia64-sources/files/digest-ia64-sources-2.4.24) | 0 | ||||
-rw-r--r-- | sys-kernel/ia64-sources/files/ia64-sources-2.4.24.CAN-2004-0010.patch | 200 | ||||
-rw-r--r-- | sys-kernel/ia64-sources/files/ia64-sources-2.4.24.CAN-2004-0177.patch | 10 | ||||
-rw-r--r-- | sys-kernel/ia64-sources/files/ia64-sources-2.4.24.CAN-2004-0178.patch | 11 | ||||
-rw-r--r-- | sys-kernel/ia64-sources/ia64-sources-2.4.24-r1.ebuild | 62 | ||||
-rw-r--r-- | sys-kernel/ia64-sources/ia64-sources-2.4.24-r3.ebuild (renamed from sys-kernel/ia64-sources/ia64-sources-2.4.24-r2.ebuild) | 5 | ||||
-rw-r--r-- | sys-kernel/ia64-sources/ia64-sources-2.4.24.ebuild | 61 |
10 files changed, 237 insertions, 129 deletions
diff --git a/sys-kernel/ia64-sources/ChangeLog b/sys-kernel/ia64-sources/ChangeLog index e2dc68095c65..782401f907a9 100644 --- a/sys-kernel/ia64-sources/ChangeLog +++ b/sys-kernel/ia64-sources/ChangeLog @@ -1,6 +1,17 @@ # ChangeLog for sys-kernel/ia64-sources # Copyright 2002-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ia64-sources/ChangeLog,v 1.12 2004/04/15 09:09:33 plasmaroo Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ia64-sources/ChangeLog,v 1.13 2004/04/17 11:44:12 plasmaroo Exp $ + +*ia64-sources-2.4.24-r3 (17 Apr 2004) + + 17 Apr 2004; <plasmaroo@gentoo.org> + +files/ia64-sources-2.4.24.CAN-2004-0010.patch, + +files/ia64-sources-2.4.24.CAN-2004-0177.patch, + +files/ia64-sources-2.4.24.CAN-2004-0178.patch, + -ia64-sources-2.4.24-r1.ebuild, -ia64-sources-2.4.24-r2.ebuild, + +ia64-sources-2.4.24-r3.ebuild, -ia64-sources-2.4.24.ebuild: + Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178 + vulnerabilities. Old revisions removed. *ia64-sources-2.4.24-r2 (15 Apr 2004) diff --git a/sys-kernel/ia64-sources/files/digest-ia64-sources-2.4.24-r1 b/sys-kernel/ia64-sources/files/digest-ia64-sources-2.4.24-r1 deleted file mode 100644 index 2af043964e41..000000000000 --- a/sys-kernel/ia64-sources/files/digest-ia64-sources-2.4.24-r1 +++ /dev/null @@ -1,2 +0,0 @@ -MD5 1e055c42921b2396a559d84df4c3d9aa linux-2.4.24.tar.bz2 29837818 -MD5 e62d6b4be335b6dbafc535c59833cd1e linux-2.4.24-ia64-040109.diff.bz2 69525 diff --git a/sys-kernel/ia64-sources/files/digest-ia64-sources-2.4.24-r2 b/sys-kernel/ia64-sources/files/digest-ia64-sources-2.4.24-r2 deleted file mode 100644 index 2af043964e41..000000000000 --- a/sys-kernel/ia64-sources/files/digest-ia64-sources-2.4.24-r2 +++ /dev/null @@ -1,2 +0,0 @@ -MD5 1e055c42921b2396a559d84df4c3d9aa linux-2.4.24.tar.bz2 29837818 -MD5 e62d6b4be335b6dbafc535c59833cd1e linux-2.4.24-ia64-040109.diff.bz2 69525 diff --git a/sys-kernel/ia64-sources/files/digest-ia64-sources-2.4.24 b/sys-kernel/ia64-sources/files/digest-ia64-sources-2.4.24-r3 index 2af043964e41..2af043964e41 100644 --- a/sys-kernel/ia64-sources/files/digest-ia64-sources-2.4.24 +++ b/sys-kernel/ia64-sources/files/digest-ia64-sources-2.4.24-r3 diff --git a/sys-kernel/ia64-sources/files/ia64-sources-2.4.24.CAN-2004-0010.patch b/sys-kernel/ia64-sources/files/ia64-sources-2.4.24.CAN-2004-0010.patch new file mode 100644 index 000000000000..6b4b1cefa49e --- /dev/null +++ b/sys-kernel/ia64-sources/files/ia64-sources-2.4.24.CAN-2004-0010.patch @@ -0,0 +1,200 @@ +diff -urN linux-2.4.25-pre6/fs/ncpfs/dir.c linux-2.4.25-pre7/fs/ncpfs/dir.c +--- linux-2.4.25-pre6/fs/ncpfs/dir.c 2002-11-28 15:53:15.000000000 -0800 ++++ linux-2.4.25-pre7/fs/ncpfs/dir.c 2004-01-23 10:53:26.000000000 -0800 +@@ -266,8 +266,8 @@ + struct ncp_server *server; + struct inode *dir = dentry->d_parent->d_inode; + struct ncp_entry_info finfo; +- int res, val = 0, len = dentry->d_name.len + 1; +- __u8 __name[len]; ++ int res, val = 0, len; ++ __u8 __name[NCP_MAXPATHLEN + 1]; + + if (!dentry->d_inode || !dir) + goto finished; +@@ -291,14 +291,15 @@ + dentry->d_parent->d_name.name, dentry->d_name.name, + NCP_GET_AGE(dentry)); + ++ len = sizeof(__name); + if (ncp_is_server_root(dir)) { + res = ncp_io2vol(server, __name, &len, dentry->d_name.name, +- len-1, 1); ++ dentry->d_name.len, 1); + if (!res) + res = ncp_lookup_volume(server, __name, &(finfo.i)); + } else { + res = ncp_io2vol(server, __name, &len, dentry->d_name.name, +- len-1, !ncp_preserve_case(dir)); ++ dentry->d_name.len, !ncp_preserve_case(dir)); + if (!res) + res = ncp_obtain_info(server, dir, __name, &(finfo.i)); + } +@@ -548,9 +549,9 @@ + int valid = 0; + int hashed = 0; + ino_t ino = 0; +- __u8 __name[256]; ++ __u8 __name[NCP_MAXPATHLEN + 1]; + +- qname.len = 256; ++ qname.len = sizeof(__name); + if (ncp_vol2io(NCP_SERVER(inode), __name, &qname.len, + entry->i.entryName, entry->i.nameLen, + !ncp_preserve_entry_case(inode, entry->i.NSCreator))) +@@ -705,16 +706,19 @@ + { + struct ncp_server* server = NCP_SBP(sb); + struct nw_info_struct i; +- int result, len = strlen(server->m.mounted_vol) + 1; +- __u8 __name[len]; ++ int result; + + if (ncp_single_volume(server)) { ++ int len; + struct dentry* dent; ++ __u8 __name[NCP_MAXPATHLEN + 1]; + +- result = -ENOENT; +- if (ncp_io2vol(server, __name, &len, server->m.mounted_vol, +- len-1, 1)) ++ len = sizeof(__name); ++ result = ncp_io2vol(server, __name, &len, server->m.mounted_vol, ++ strlen(server->m.mounted_vol), 1); ++ if (result) + goto out; ++ result = -ENOENT; + if (ncp_lookup_volume(server, __name, &i)) { + PPRINTK("ncp_conn_logged_in: %s not found\n", + server->m.mounted_vol); +@@ -745,8 +749,8 @@ + struct ncp_server *server = NCP_SERVER(dir); + struct inode *inode = NULL; + struct ncp_entry_info finfo; +- int error, res, len = dentry->d_name.len + 1; +- __u8 __name[len]; ++ int error, res, len; ++ __u8 __name[NCP_MAXPATHLEN + 1]; + + error = -EIO; + if (!ncp_conn_valid(server)) +@@ -755,14 +759,15 @@ + PPRINTK("ncp_lookup: server lookup for %s/%s\n", + dentry->d_parent->d_name.name, dentry->d_name.name); + ++ len = sizeof(__name); + if (ncp_is_server_root(dir)) { + res = ncp_io2vol(server, __name, &len, dentry->d_name.name, +- len-1, 1); ++ dentry->d_name.len, 1); + if (!res) + res = ncp_lookup_volume(server, __name, &(finfo.i)); + } else { + res = ncp_io2vol(server, __name, &len, dentry->d_name.name, +- len-1, !ncp_preserve_case(dir)); ++ dentry->d_name.len, !ncp_preserve_case(dir)); + if (!res) + res = ncp_obtain_info(server, dir, __name, &(finfo.i)); + } +@@ -825,9 +830,9 @@ + { + struct ncp_server *server = NCP_SERVER(dir); + struct ncp_entry_info finfo; +- int error, result, len = dentry->d_name.len + 1; ++ int error, result, len; + int opmode; +- __u8 __name[len]; ++ __u8 __name[NCP_MAXPATHLEN + 1]; + + PPRINTK("ncp_create_new: creating %s/%s, mode=%x\n", + dentry->d_parent->d_name.name, dentry->d_name.name, mode); +@@ -836,8 +841,9 @@ + goto out; + + ncp_age_dentry(server, dentry); ++ len = sizeof(__name); + error = ncp_io2vol(server, __name, &len, dentry->d_name.name, +- len-1, !ncp_preserve_case(dir)); ++ dentry->d_name.len, !ncp_preserve_case(dir)); + if (error) + goto out; + +@@ -880,8 +886,8 @@ + { + struct ncp_entry_info finfo; + struct ncp_server *server = NCP_SERVER(dir); +- int error, len = dentry->d_name.len + 1; +- __u8 __name[len]; ++ int error, len; ++ __u8 __name[NCP_MAXPATHLEN + 1]; + + DPRINTK("ncp_mkdir: making %s/%s\n", + dentry->d_parent->d_name.name, dentry->d_name.name); +@@ -890,8 +896,9 @@ + goto out; + + ncp_age_dentry(server, dentry); ++ len = sizeof(__name); + error = ncp_io2vol(server, __name, &len, dentry->d_name.name, +- len-1, !ncp_preserve_case(dir)); ++ dentry->d_name.len, !ncp_preserve_case(dir)); + if (error) + goto out; + +@@ -909,8 +916,8 @@ + static int ncp_rmdir(struct inode *dir, struct dentry *dentry) + { + struct ncp_server *server = NCP_SERVER(dir); +- int error, result, len = dentry->d_name.len + 1; +- __u8 __name[len]; ++ int error, result, len; ++ __u8 __name[NCP_MAXPATHLEN + 1]; + + DPRINTK("ncp_rmdir: removing %s/%s\n", + dentry->d_parent->d_name.name, dentry->d_name.name); +@@ -923,8 +930,9 @@ + if (!d_unhashed(dentry)) + goto out; + ++ len = sizeof(__name); + error = ncp_io2vol(server, __name, &len, dentry->d_name.name, +- len-1, !ncp_preserve_case(dir)); ++ dentry->d_name.len, !ncp_preserve_case(dir)); + if (error) + goto out; + +@@ -1022,9 +1030,8 @@ + { + struct ncp_server *server = NCP_SERVER(old_dir); + int error; +- int old_len = old_dentry->d_name.len + 1; +- int new_len = new_dentry->d_name.len + 1; +- __u8 __old_name[old_len], __new_name[new_len]; ++ int old_len, new_len; ++ __u8 __old_name[NCP_MAXPATHLEN + 1], __new_name[NCP_MAXPATHLEN + 1]; + + DPRINTK("ncp_rename: %s/%s to %s/%s\n", + old_dentry->d_parent->d_name.name, old_dentry->d_name.name, +@@ -1037,15 +1044,17 @@ + ncp_age_dentry(server, old_dentry); + ncp_age_dentry(server, new_dentry); + ++ old_len = sizeof(__old_name); + error = ncp_io2vol(server, __old_name, &old_len, +- old_dentry->d_name.name, old_len-1, +- !ncp_preserve_case(old_dir)); ++ old_dentry->d_name.name, old_dentry->d_name.len, ++ !ncp_preserve_case(old_dir)); + if (error) + goto out; + ++ new_len = sizeof(__new_name); + error = ncp_io2vol(server, __new_name, &new_len, +- new_dentry->d_name.name, new_len-1, +- !ncp_preserve_case(new_dir)); ++ new_dentry->d_name.name, new_dentry->d_name.len, ++ !ncp_preserve_case(new_dir)); + if (error) + goto out; + + diff --git a/sys-kernel/ia64-sources/files/ia64-sources-2.4.24.CAN-2004-0177.patch b/sys-kernel/ia64-sources/files/ia64-sources-2.4.24.CAN-2004-0177.patch new file mode 100644 index 000000000000..da6b7e190685 --- /dev/null +++ b/sys-kernel/ia64-sources/files/ia64-sources-2.4.24.CAN-2004-0177.patch @@ -0,0 +1,10 @@ +--- linux-2.4.26-pre3/fs/jbd/journal.c 2004-02-18 05:36:31.000000000 -0800 ++++ linux-2.4.26-pre4/fs/jbd/journal.c 2004-03-16 09:59:36.000000000 -0800 +@@ -671,6 +671,7 @@ + + bh = getblk(journal->j_dev, blocknr, journal->j_blocksize); + lock_buffer(bh); ++ memset(bh->b_data, 0, journal->j_blocksize); + BUFFER_TRACE(bh, "return this buffer"); + return journal_add_journal_head(bh); + } diff --git a/sys-kernel/ia64-sources/files/ia64-sources-2.4.24.CAN-2004-0178.patch b/sys-kernel/ia64-sources/files/ia64-sources-2.4.24.CAN-2004-0178.patch new file mode 100644 index 000000000000..19e57268c2fa --- /dev/null +++ b/sys-kernel/ia64-sources/files/ia64-sources-2.4.24.CAN-2004-0178.patch @@ -0,0 +1,11 @@ +--- linux-2.4.26-pre2/drivers/sound/sb_audio.c 2002-02-25 11:38:06.000000000 -0800 ++++ linux-2.4.26-pre3/drivers/sound/sb_audio.c 2004-03-13 07:43:23.000000000 -0800 +@@ -879,7 +879,7 @@ + c -= locallen; p += locallen; + } + /* used = ( samples * 16 bits size ) */ +- *used = len << 1; ++ *used = max_in > ( max_out << 1) ? (max_out << 1) : max_in; + /* returned = ( samples * 8 bits size ) */ + *returned = len; + } diff --git a/sys-kernel/ia64-sources/ia64-sources-2.4.24-r1.ebuild b/sys-kernel/ia64-sources/ia64-sources-2.4.24-r1.ebuild deleted file mode 100644 index c7f5fd7ebd01..000000000000 --- a/sys-kernel/ia64-sources/ia64-sources-2.4.24-r1.ebuild +++ /dev/null @@ -1,62 +0,0 @@ -# Copyright 1999-2004 Gentoo Technologies, Inc. -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ia64-sources/ia64-sources-2.4.24-r1.ebuild,v 1.2 2004/04/12 16:36:22 aliz Exp $ - -IUSE="" - -# OKV=original kernel version, KV=patched kernel version. They can be the same. - -# Kernel ebuilds using the kernel.eclass can remove any patch that you -# do not want to apply by simply setting the KERNEL_EXCLUDE shell -# variable to the string you want to exclude (for instance -# KERNEL_EXCLUDE="evms" would not patch any patches whose names match -# *evms*). Kernels are only tested in the default configuration, but -# this may be useful if you know that a particular patch is causing a -# conflict with a patch you personally want to apply, or some other -# similar situation. - -ETYPE="sources" - -inherit kernel eutils -OKV="`echo ${PV}|sed -e 's:^\([0-9]\+\.[0-9]\+\.[0-9]\+\).*:\1:'`" -EXTRAVERSION="-${PN/-*/}" -[ ! "${PR}" == "r0" ] && EXTRAVERSION="${EXTRAVERSION}-${PR}" -KV="${OKV}${EXTRAVERSION}" - -S=${WORKDIR}/linux-${KV} - -# Documentation on the patches contained in this kernel will be installed -# to /usr/share/doc/gentoo-sources-${PV}/patches.txt.gz - -#MYCSET="1.1063.2.37-to-1.1088" -MYSNAPSHOT="040109" -DESCRIPTION="Full sources for the Gentoo Kernel." -SRC_URI="mirror://kernel/linux/kernel/v2.4/linux-${OKV}.tar.bz2 -mirror://kernel/linux/kernel/ports/ia64/v2.4/linux-${OKV}-ia64-${MYSNAPSHOT}.diff.bz2" - -HOMEPAGE="http://www.gentoo.org/ http://www.kernel.org/" -LICENSE="GPL-2" -KEYWORDS="-* ~ia64" -SLOT="${KV}" - -src_unpack() { - - unpack linux-${OKV}.tar.bz2 - cd ${WORKDIR} - mv linux-${OKV} linux-${KV} || die "Error moving kernel source tree to linux-${KV}" - cd ${WORKDIR}/linux-${KV} -# [ ! -e ${DISTDIR}/cset-${MYCSET}.txt.gz ] && die "patch file not found" -# cat ${DISTDIR}/cset-${MYCSET}.txt.gz | gzip -d | patch -f -p1 - [ ! -e ${DISTDIR}/linux-${OKV}-ia64-${MYSNAPSHOT}.diff.bz2 ] && die "patch not found" - cat ${DISTDIR}/linux-${OKV}-ia64-${MYSNAPSHOT}.diff.bz2 | bzip2 -d | patch -f -p1 - - # 2.4.24 includes the do_brk, mremap and rtc fixes, so those - # patches aren't needed (29 Jan 2004 agriffis) - - epatch ${FILESDIR}/${P}.munmap.patch || die "Failed to apply munmap patch!" - kernel_universal_unpack -} - -pkg_postinst() { - kernel_pkg_postinst -} diff --git a/sys-kernel/ia64-sources/ia64-sources-2.4.24-r2.ebuild b/sys-kernel/ia64-sources/ia64-sources-2.4.24-r3.ebuild index ea55837e6299..a6c51d08ae0c 100644 --- a/sys-kernel/ia64-sources/ia64-sources-2.4.24-r2.ebuild +++ b/sys-kernel/ia64-sources/ia64-sources-2.4.24-r3.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2004 Gentoo Technologies, Inc. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ia64-sources/ia64-sources-2.4.24-r2.ebuild,v 1.1 2004/04/15 09:09:33 plasmaroo Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ia64-sources/ia64-sources-2.4.24-r3.ebuild,v 1.1 2004/04/17 11:44:12 plasmaroo Exp $ IUSE="" @@ -54,7 +54,10 @@ src_unpack() { # patches aren't needed (29 Jan 2004 agriffis) epatch ${FILESDIR}/${P}.munmap.patch || die "Failed to apply munmap patch!" + epatch ${FILESDIR}/${P}.CAN-2004-0010.patch || die "Failed to add the CAN-2004-0010 patch!" epatch ${FILESDIR}/${P}.CAN-2004-0109.patch || die "Failed to patch CAN-2004-0109 vulnerability!" + epatch ${FILESDIR}/${P}.CAN-2004-0177.patch || die "Failed to add the CAN-2004-0177 patch!" + epatch ${FILESDIR}/${P}.CAN-2004-0178.patch || die "Failed to add the CAN-2004-0178 patch!" kernel_universal_unpack } diff --git a/sys-kernel/ia64-sources/ia64-sources-2.4.24.ebuild b/sys-kernel/ia64-sources/ia64-sources-2.4.24.ebuild deleted file mode 100644 index 9dce468e00e9..000000000000 --- a/sys-kernel/ia64-sources/ia64-sources-2.4.24.ebuild +++ /dev/null @@ -1,61 +0,0 @@ -# Copyright 1999-2004 Gentoo Technologies, Inc. -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ia64-sources/ia64-sources-2.4.24.ebuild,v 1.1 2004/01/29 23:15:52 agriffis Exp $ - -IUSE="" - -# OKV=original kernel version, KV=patched kernel version. They can be the same. - -# Kernel ebuilds using the kernel.eclass can remove any patch that you -# do not want to apply by simply setting the KERNEL_EXCLUDE shell -# variable to the string you want to exclude (for instance -# KERNEL_EXCLUDE="evms" would not patch any patches whose names match -# *evms*). Kernels are only tested in the default configuration, but -# this may be useful if you know that a particular patch is causing a -# conflict with a patch you personally want to apply, or some other -# similar situation. - -ETYPE="sources" - -inherit kernel -OKV="`echo ${PV}|sed -e 's:^\([0-9]\+\.[0-9]\+\.[0-9]\+\).*:\1:'`" -EXTRAVERSION="-${PN/-*/}" -[ ! "${PR}" == "r0" ] && EXTRAVERSION="${EXTRAVERSION}-${PR}" -KV="${OKV}${EXTRAVERSION}" - -S=${WORKDIR}/linux-${KV} - -# Documentation on the patches contained in this kernel will be installed -# to /usr/share/doc/gentoo-sources-${PV}/patches.txt.gz - -#MYCSET="1.1063.2.37-to-1.1088" -MYSNAPSHOT="040109" -DESCRIPTION="Full sources for the Gentoo Kernel." -SRC_URI="mirror://kernel/linux/kernel/v2.4/linux-${OKV}.tar.bz2 -mirror://kernel/linux/kernel/ports/ia64/v2.4/linux-${OKV}-ia64-${MYSNAPSHOT}.diff.bz2" - -HOMEPAGE="http://www.gentoo.org/ http://www.kernel.org/" -LICENSE="GPL-2" -KEYWORDS="-* ~ia64" -SLOT="${KV}" - -src_unpack() { - - unpack linux-${OKV}.tar.bz2 - cd ${WORKDIR} - mv linux-${OKV} linux-${KV} || die "Error moving kernel source tree to linux-${KV}" - cd ${WORKDIR}/linux-${KV} -# [ ! -e ${DISTDIR}/cset-${MYCSET}.txt.gz ] && die "patch file not found" -# cat ${DISTDIR}/cset-${MYCSET}.txt.gz | gzip -d | patch -f -p1 - [ ! -e ${DISTDIR}/linux-${OKV}-ia64-${MYSNAPSHOT}.diff.bz2 ] && die "patch not found" - cat ${DISTDIR}/linux-${OKV}-ia64-${MYSNAPSHOT}.diff.bz2 | bzip2 -d | patch -f -p1 - - # 2.4.24 includes the do_brk, mremap and rtc fixes, so those - # patches aren't needed (29 Jan 2004 agriffis) - - kernel_universal_unpack -} - -pkg_postinst() { - kernel_pkg_postinst -} |