diff options
| author |   Tim Yamin <plasmaroo@gentoo.org> | 2004-07-09 14:18:39 +0000 |
|---|---|---|
| committer | Tim Yamin <plasmaroo@gentoo.org> | 2004-07-09 14:18:39 +0000 |
| commit | 87a64b99de18b4c8a661aede4b4f18d92ec6c6f2 (patch) | |
| tree | 4f948c517953599070a9fb94b3bb2c0f6c66311e /sys-kernel/alpha-sources | |
| parent | initial ebuild, closes #49912 (diff) | |
| download | historical-87a64b99de18b4c8a661aede4b4f18d92ec6c6f2.tar.gz historical-87a64b99de18b4c8a661aede4b4f18d92ec6c6f2.tar.bz2 historical-87a64b99de18b4c8a661aede4b4f18d92ec6c6f2.zip | |
Patched for attribute vulnerabilities, bug #56479.
Diffstat (limited to 'sys-kernel/alpha-sources')
| -rw-r--r-- | sys-kernel/alpha-sources/ChangeLog | 9 | ||||
| -rw-r--r-- | sys-kernel/alpha-sources/alpha-sources-2.4.21-r7.ebuild | 86 | ||||
| -rw-r--r-- | sys-kernel/alpha-sources/alpha-sources-2.4.21-r9.ebuild (renamed from sys-kernel/alpha-sources/alpha-sources-2.4.21-r8.ebuild) | 7 | ||||
| -rw-r--r-- | sys-kernel/alpha-sources/files/alpha-sources.CAN-2004-0497.patch | 23 | ||||
| -rw-r--r-- | sys-kernel/alpha-sources/files/digest-alpha-sources-2.4.21-r8 | 2 | ||||
| -rw-r--r-- | sys-kernel/alpha-sources/files/digest-alpha-sources-2.4.21-r9 (renamed from sys-kernel/alpha-sources/files/digest-alpha-sources-2.4.21-r7) | 0 |
6 files changed, 35 insertions, 92 deletions
diff --git a/sys-kernel/alpha-sources/ChangeLog b/sys-kernel/alpha-sources/ChangeLog index 8b1900b7f382..e4873552c0fa 100644 --- a/sys-kernel/alpha-sources/ChangeLog +++ b/sys-kernel/alpha-sources/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for sys-kernel/alpha-sources # Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/alpha-sources/ChangeLog,v 1.29 2004/06/24 22:55:21 agriffis Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/alpha-sources/ChangeLog,v 1.30 2004/07/09 14:13:59 plasmaroo Exp $ + +*alpha-sources-2.4.21-r9 (09 Jul 2004) + + 09 Jul 2004; <plasmaroo@gentoo.org> -alpha-sources-2.4.21-r7.ebuild, + -alpha-sources-2.4.21-r8.ebuild, +alpha-sources-2.4.21-r9.ebuild, + +files/alpha-sources.CAN-2004-0497.patch: + Patched for attribute vulnerabilities, bug #56479. *alpha-sources-2.4.21-r8 (24 Jun 2004) diff --git a/sys-kernel/alpha-sources/alpha-sources-2.4.21-r7.ebuild b/sys-kernel/alpha-sources/alpha-sources-2.4.21-r7.ebuild deleted file mode 100644 index a426499ccbcf..000000000000 --- a/sys-kernel/alpha-sources/alpha-sources-2.4.21-r7.ebuild +++ /dev/null @@ -1,86 +0,0 @@ -# Copyright 1999-2004 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/alpha-sources/alpha-sources-2.4.21-r7.ebuild,v 1.4 2004/06/24 22:55:21 agriffis Exp $ - -# OKV=original kernel version, KV=patched kernel version. They can be the same. - -IUSE="build crypt usagi" -ETYPE="sources" -inherit kernel eutils -OKV="`echo ${PV}|sed -e 's:^\([0-9]\+\.[0-9]\+\.[0-9]\+\).*:\1:'`" -EXTRAVERSION="-${PN/-*/}" -[ ! "${PR}" == "r0" ] && EXTRAVERSION="${EXTRAVERSION}-${PR}" -KV="${OKV}${EXTRAVERSION}" - -S=${WORKDIR}/linux-${KV} - -DESCRIPTION="Full sources for the Gentoo Linux Alpha kernel" -SRC_URI="mirror://kernel/linux/kernel/v2.4/linux-${OKV}.tar.bz2 - mirror://gentoo/patches-${KV/7/3}.tar.bz2" -SLOT="${KV}" -KEYWORDS="alpha -sparc -x86 -ppc -hppa -mips" - -src_unpack() { - unpack ${A} - mv linux-${OKV} linux-${KV} || die - cd ${WORKDIR}/${KV/7/1} - - # This is the crypt USE flag, keeps {USAGI/superfreeswan/patch-int/loop-jari} - if ! use crypt; then - einfo "No Cryptographic support, dropping patches..." - for file in 6* 8* ;do - einfo "Dropping ${file}..." - rm -f ${file} - done - else - einfo "Cryptographic patches will be applied" - fi - - # This is the usagi USE flag, keeps USAGI, drops - # {superfreeswan/patch-int/loop-jari} - # Using USAGI will also cause you to drop all iptables ipv6 - # patches. - if ! use usagi; then - einfo "Keeping {superfreeswan/patch-int/loop-jari} patches, dropping USAGI" - for file in 6* ;do - einfo "Dropping ${file}..." - rm -f ${file} - done - else - einfo "Keeping USAGI patch, dropping {superfreeswan/patch-int/loop-jari}" - for file in *.ipv6 8* ;do - einfo "Dropping ${file}..." - rm -f ${file} - done - fi - - kernel_src_unpack - - cd ${S} - epatch ${FILESDIR}/do_brk_fix.patch || die "Failed to patch the do_brk() vulnerability!" - epatch ${FILESDIR}/${PN}.CAN-2003-0985.patch || die "Failed to patch mremap() vulnerability!" - epatch ${FILESDIR}/${PN}.CAN-2004-0010.patch || die "Failed to add the CAN-2004-0010 patch!" - epatch ${FILESDIR}/${PN}.CAN-2004-0075.patch || die "Failed to add the CAN-2004-0075 patch!" - epatch ${FILESDIR}/${PN}.CAN-2004-0109.patch || die "Failed to patch CAN-2004-0109 vulnerability!" - epatch ${FILESDIR}/${PN}.CAN-2004-0133.patch || die "Failed to add the CAN-2004-0133 patch!" - epatch ${FILESDIR}/${PN}.CAN-2004-0177.patch || die "Failed to add the CAN-2004-0177 patch!" - epatch ${FILESDIR}/${PN}.CAN-2004-0178.patch || die "Failed to add the CAN-2004-0178 patch!" - epatch ${FILESDIR}/${PN}.CAN-2004-0181.patch || die "Failed to add the CAN-2004-0181 patch!" - epatch ${FILESDIR}/${PN}.CAN-2004-0394.patch || die "Failed to add the CAN-2004-0394 patch!" - epatch ${FILESDIR}/${PN}.CAN-2004-0427.patch || die "Failed to add the CAN-2004-0427 patch!" - epatch ${FILESDIR}/${PN}.rtc_fix.patch || die "Failed to patch RTC vulnerabilities!" - epatch ${FILESDIR}/${PN}.munmap.patch || die "Failed to apply munmap patch!" - - # Fix multi-line literal in include/asm-alpha/xor.h -- see bug 38354 - # If this script "dies" then that means it's no longer applicable. - mv include/asm-alpha/xor.h{,.multiline} - awk 'BEGIN { addnl=0; exitstatus=1 } - /^asm\("/ { addnl=1 } - /^"\)/ { addnl=0 } - addnl && !/\\n\\$/ { sub("$", " \\n\\", $0); exitstatus=0 } - { print } - END { exit exitstatus }' \ - <include/asm-alpha/xor.h.multiline >include/asm-alpha/xor.h - assert "awk script failed, probably doesn't apply to ${KV}" - rm -f include/asm-alpha/xor.h.multiline -} diff --git a/sys-kernel/alpha-sources/alpha-sources-2.4.21-r8.ebuild b/sys-kernel/alpha-sources/alpha-sources-2.4.21-r9.ebuild index 0e68c1d97182..3b658c20d0aa 100644 --- a/sys-kernel/alpha-sources/alpha-sources-2.4.21-r8.ebuild +++ b/sys-kernel/alpha-sources/alpha-sources-2.4.21-r9.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/alpha-sources/alpha-sources-2.4.21-r8.ebuild,v 1.2 2004/06/24 22:55:21 agriffis Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/alpha-sources/alpha-sources-2.4.21-r9.ebuild,v 1.1 2004/07/09 14:13:59 plasmaroo Exp $ # OKV=original kernel version, KV=patched kernel version. They can be the same. @@ -16,14 +16,14 @@ S=${WORKDIR}/linux-${KV} DESCRIPTION="Full sources for the Gentoo Linux Alpha kernel" SRC_URI="mirror://kernel/linux/kernel/v2.4/linux-${OKV}.tar.bz2 - mirror://gentoo/patches-${KV/8/3}.tar.bz2" + mirror://gentoo/patches-${KV/9/3}.tar.bz2" SLOT="${KV}" KEYWORDS="alpha -sparc -x86 -ppc -hppa -mips" src_unpack() { unpack ${A} mv linux-${OKV} linux-${KV} || die - cd ${WORKDIR}/${KV/8/1} + cd ${WORKDIR}/${KV/9/1} # This is the crypt USE flag, keeps {USAGI/superfreeswan/patch-int/loop-jari} if ! use crypt; then @@ -69,6 +69,7 @@ src_unpack() { epatch ${FILESDIR}/${PN}.CAN-2004-0394.patch || die "Failed to add the CAN-2004-0394 patch!" epatch ${FILESDIR}/${PN}.CAN-2004-0427.patch || die "Failed to add the CAN-2004-0427 patch!" epatch ${FILESDIR}/${PN}.CAN-2004-0495.patch || die "Failed to add the CAN-2004-0495 patch!" + epatch ${FILESDIR}/${PN}.CAN-2004-0497.patch || die "Failed to add the CAN-2004-0497 patch!" epatch ${FILESDIR}/${PN}.CAN-2004-0535.patch || die "Failed to add the CAN-2004-0535 patch!" epatch ${FILESDIR}/${PN}.rtc_fix.patch || die "Failed to patch RTC vulnerabilities!" epatch ${FILESDIR}/${PN}.munmap.patch || die "Failed to apply munmap patch!" diff --git a/sys-kernel/alpha-sources/files/alpha-sources.CAN-2004-0497.patch b/sys-kernel/alpha-sources/files/alpha-sources.CAN-2004-0497.patch new file mode 100644 index 000000000000..9503e9efe57b --- /dev/null +++ b/sys-kernel/alpha-sources/files/alpha-sources.CAN-2004-0497.patch @@ -0,0 +1,23 @@ +# ChangeSet +# +# fs/attr.c +# 2004/07/03 18:28:30-03:00 marcelo@logos.cnet +1 -0 +# Thomas Biege: Fix missing DAC check on sys_chown +# +# fs/attr.c +# 2004/07/03 19:28:29-03:00 marcelo@logos.cnet +1 -1 +# Add missing bracket to inode_change_ok() fix +# +diff -Nru a/fs/attr.c b.plasmaroo/fs/attr.c +--- a/fs/attr.c 2004-07-08 17:05:20 -07:00 ++++ b.plasmaroo/fs/attr.c 2004-07-08 17:05:20 -07:00 +@@ -35,7 +35,8 @@ + + /* Make sure caller can chgrp. */ + if ((ia_valid & ATTR_GID) && +- (!in_group_p(attr->ia_gid) && attr->ia_gid != inode->i_gid) && ++ (current->fsuid != inode->i_uid || ++ (!in_group_p(attr->ia_gid) && attr->ia_gid != inode->i_gid)) && + !capable(CAP_CHOWN)) + goto error; + diff --git a/sys-kernel/alpha-sources/files/digest-alpha-sources-2.4.21-r8 b/sys-kernel/alpha-sources/files/digest-alpha-sources-2.4.21-r8 deleted file mode 100644 index a17dcc489c19..000000000000 --- a/sys-kernel/alpha-sources/files/digest-alpha-sources-2.4.21-r8 +++ /dev/null @@ -1,2 +0,0 @@ -MD5 f51e12efa18bb828cf57d9d4a81b2fb1 linux-2.4.21.tar.bz2 28533733 -MD5 28094d6a3d68f228bda98af459ad1310 patches-2.4.21-alpha-r3.tar.bz2 1696825 diff --git a/sys-kernel/alpha-sources/files/digest-alpha-sources-2.4.21-r7 b/sys-kernel/alpha-sources/files/digest-alpha-sources-2.4.21-r9 index a17dcc489c19..a17dcc489c19 100644 --- a/sys-kernel/alpha-sources/files/digest-alpha-sources-2.4.21-r7 +++ b/sys-kernel/alpha-sources/files/digest-alpha-sources-2.4.21-r9 |