Version bump for kernel attribute vulnerabilities, bug #56479.

author: Tim Yamin <plasmaroo@gentoo.org> 2004-07-09 16:25:39 +0000
committer: Tim Yamin <plasmaroo@gentoo.org> 2004-07-09 16:25:39 +0000
commit: c9e4c9786d9358302acbcd2b63dafd4c402e9e86 (patch)
tree: d35f1f2ae6bf65a03d6cd6a59a99cd200ae702c9 /sys-kernel
parent: Version bump for kernel attribute vulnerabilities, bug #56479. (diff)
download: historical-c9e4c9786d9358302acbcd2b63dafd4c402e9e86.tar.gz
historical-c9e4c9786d9358302acbcd2b63dafd4c402e9e86.tar.bz2
historical-c9e4c9786d9358302acbcd2b63dafd4c402e9e86.zip
8 files changed, 97 insertions, 8 deletions
diff --git a/sys-kernel/uclinux-sources/ChangeLog b/sys-kernel/uclinux-sources/ChangeLog
index 3cd8ae979f23..19024d990cd8 100644
--- a/sys-kernel/uclinux-sources/ChangeLog
+++ b/sys-kernel/uclinux-sources/ChangeLog
@@ -1,6 +1,15 @@
 # ChangeLog for sys-kernel/uclinux-sources
 # Copyright 2000-2004 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/uclinux-sources/ChangeLog,v 1.12 2004/06/30 17:51:14 plasmaroo Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/uclinux-sources/ChangeLog,v 1.13 2004/07/09 16:25:39 plasmaroo Exp $
+
+*uclinux-sources-2.6.7_p0-r2 (09 Jul 2004)
+
+  09 Jul 2004; <plasmaroo@gentoo.org> -uclinux-sources-2.4.26_p0-r2.ebuild,
+  +uclinux-sources-2.4.26_p0-r3.ebuild, -uclinux-sources-2.6.7_p0-r1.ebuild,
+  +uclinux-sources-2.6.7_p0-r2.ebuild,
+  +files/uclinux-sources-2.6.ProcPerms.patch,
+  +files/uclinux-sources.CAN-2004-0497.patch:
+  Version bump for kernel attribute vulnerabilities, bug #56479.
 
 *uclinux-sources-2.6.7_p0-r1 (30 Jun 2004)
 
diff --git a/sys-kernel/uclinux-sources/Manifest b/sys-kernel/uclinux-sources/Manifest
index 6a2de40fa922..244440f1c7b2 100644
--- a/sys-kernel/uclinux-sources/Manifest
+++ b/sys-kernel/uclinux-sources/Manifest
@@ -1,11 +1,13 @@
-MD5 36beb05088f17d40e8e2863b4525950f ChangeLog 3447
-MD5 137dde9541cab35af93d46d956668f64 uclinux-sources-2.6.7_p0-r1.ebuild 1367
+MD5 497cf727475cc11d018409591bc73927 ChangeLog 3841
+MD5 0e9d3aaad072e469b66534950b500f67 uclinux-sources-2.4.26_p0-r3.ebuild 1725
+MD5 c51d1945c4a97803521417cc86f6b75b uclinux-sources-2.6.7_p0-r2.ebuild 1570
 MD5 f3fa6c474b8727f8215534b7fc9c93ba metadata.xml 304
-MD5 761e2bd0885471c59fbe56d25276b798 uclinux-sources-2.4.26_p0-r2.ebuild 1631
 MD5 dc18e982f8149588a291956481885a8c files/uclinux-sources-2.4.26_p0.CAN-2004-0495.patch 17549
+MD5 62306f42a51f255b1d9cd1597cefa926 files/digest-uclinux-sources-2.4.26_p0-r3 139
 MD5 d4a740ae56c2049247083af387a22a85 files/uclinux-sources-2.4.26_p0.CAN-2004-0394.patch 350
-MD5 51b7d703355037eac400cf789769f9c7 files/digest-uclinux-sources-2.6.7_p0-r1 135
+MD5 51b7d703355037eac400cf789769f9c7 files/digest-uclinux-sources-2.6.7_p0-r2 135
 MD5 0f66013f643c79c97fda489618a4e2fd files/uclinux-sources-2.4.26_p0.CAN-2004-0535.patch 476
-MD5 62306f42a51f255b1d9cd1597cefa926 files/digest-uclinux-sources-2.4.26_p0-r2 139
+MD5 95708646470a95668e8789cd415844ed files/uclinux-sources.CAN-2004-0497.patch 846
 MD5 c9da1bc82b906f6abc648c056e7bf662 files/uclinux-sources-2.4.26_p0.FPULockup-53804.patch 354
 MD5 39361f8d16b1fe5891aab62e92f8cd30 files/uclinux-sources-2.6.IPTables-RDoS.patch 390
+MD5 b738cb0120a32aa92cfcfdbd564dd21f files/uclinux-sources-2.6.ProcPerms.patch 1368
diff --git a/sys-kernel/uclinux-sources/files/digest-uclinux-sources-2.4.26_p0-r2 b/sys-kernel/uclinux-sources/files/digest-uclinux-sources-2.4.26_p0-r3
index 130b229c980e..130b229c980e 100644
--- a/sys-kernel/uclinux-sources/files/digest-uclinux-sources-2.4.26_p0-r2
+++ b/sys-kernel/uclinux-sources/files/digest-uclinux-sources-2.4.26_p0-r3
diff --git a/sys-kernel/uclinux-sources/files/digest-uclinux-sources-2.6.7_p0-r1 b/sys-kernel/uclinux-sources/files/digest-uclinux-sources-2.6.7_p0-r2
index a0d14dcb41a9..a0d14dcb41a9 100644
--- a/sys-kernel/uclinux-sources/files/digest-uclinux-sources-2.6.7_p0-r1
+++ b/sys-kernel/uclinux-sources/files/digest-uclinux-sources-2.6.7_p0-r2
diff --git a/sys-kernel/uclinux-sources/files/uclinux-sources-2.6.ProcPerms.patch b/sys-kernel/uclinux-sources/files/uclinux-sources-2.6.ProcPerms.patch
new file mode 100644
index 000000000000..d90b8d1815d4
--- /dev/null
+++ b/sys-kernel/uclinux-sources/files/uclinux-sources-2.6.ProcPerms.patch
@@ -0,0 +1,49 @@
+# This is a BitKeeper generated diff -Nru style patch.
+#
+# ChangeSet
+#   2004/07/02 18:48:26-07:00 chrisw@osdl.org 
+#   [PATCH] check attr updates in /proc
+#   
+#   Any proc entry with default proc_file_inode_operations allow unauthorized
+#   attribute updates.  This is very dangerous for proc entries that rely
+#   solely on file permissions for open/read/write.
+#   
+#   Signed-off-by: Chris Wright <chrisw@osdl.org>
+#   Signed-off-by: Linus Torvalds <torvalds@osdl.org>
+# 
+# fs/proc/generic.c
+#   2004/07/02 15:47:55-07:00 chrisw@osdl.org +14 -7
+#   check attr updates in /proc
+# 
+diff -Nru a/fs/proc/generic.c b/fs/proc/generic.c
+--- a/fs/proc/generic.c	2004-07-08 17:03:20 -07:00
++++ b/fs/proc/generic.c	2004-07-08 17:03:20 -07:00
+@@ -231,14 +231,21 @@
+ static int proc_notify_change(struct dentry *dentry, struct iattr *iattr)
+ {
+ 	struct inode *inode = dentry->d_inode;
+-	int error = inode_setattr(inode, iattr);
+-	if (!error) {
+-		struct proc_dir_entry *de = PDE(inode);
+-		de->uid = inode->i_uid;
+-		de->gid = inode->i_gid;
+-		de->mode = inode->i_mode;
+-	}
++	struct proc_dir_entry *de = PDE(inode);
++	int error;
+ 
++	error = inode_change_ok(inode, iattr);
++	if (error)
++		goto out;
++
++	error = inode_setattr(inode, iattr);
++	if (error)
++		goto out;
++	
++	de->uid = inode->i_uid;
++	de->gid = inode->i_gid;
++	de->mode = inode->i_mode;
++out:
+ 	return error;
+ }
+ 
diff --git a/sys-kernel/uclinux-sources/files/uclinux-sources.CAN-2004-0497.patch b/sys-kernel/uclinux-sources/files/uclinux-sources.CAN-2004-0497.patch
new file mode 100644
index 000000000000..41b3196f84ea
--- /dev/null
+++ b/sys-kernel/uclinux-sources/files/uclinux-sources.CAN-2004-0497.patch
@@ -0,0 +1,26 @@
+# This is a BitKeeper generated diff -Nru style patch.
+#
+# ChangeSet
+#   2004/07/02 20:55:04-07:00 chrisw@osdl.org 
+#   [PATCH] chown permission check fix for ATTR_GID
+#   
+#   SuSE discovered this problem with chown and ATTR_GID.  Make sure user
+#   is authorized to change the group, CAN-2004-0497.
+# 
+# fs/attr.c
+#   2004/07/02 09:07:32-07:00 chrisw@osdl.org +2 -1
+#   chown permission check fix for ATTR_GID
+# 
+diff -Nru a/fs/attr.c b/fs/attr.c
+--- a/fs/attr.c	2004-07-08 16:35:57 -07:00
++++ b/fs/attr.c	2004-07-08 16:35:57 -07:00
+@@ -35,7 +35,8 @@
+ 
+ 	/* Make sure caller can chgrp. */
+ 	if ((ia_valid & ATTR_GID) &&
+-	    (!in_group_p(attr->ia_gid) && attr->ia_gid != inode->i_gid) &&
++	    (current->fsuid != inode->i_uid ||
++	    (!in_group_p(attr->ia_gid) && attr->ia_gid != inode->i_gid)) &&
+ 	    !capable(CAP_CHOWN))
+ 		goto error;
+ 
diff --git a/sys-kernel/uclinux-sources/uclinux-sources-2.4.26_p0-r2.ebuild b/sys-kernel/uclinux-sources/uclinux-sources-2.4.26_p0-r3.ebuild
index 641edc1dfd51..2620c467454c 100644
--- a/sys-kernel/uclinux-sources/uclinux-sources-2.4.26_p0-r2.ebuild
+++ b/sys-kernel/uclinux-sources/uclinux-sources-2.4.26_p0-r3.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2004 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/uclinux-sources/uclinux-sources-2.4.26_p0-r2.ebuild,v 1.1 2004/06/25 20:15:29 plasmaroo Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/uclinux-sources/uclinux-sources-2.4.26_p0-r3.ebuild,v 1.1 2004/07/09 16:25:39 plasmaroo Exp $
 
 IUSE=""
 
@@ -46,6 +46,7 @@ src_unpack() {
 
 	epatch ${FILESDIR}/${P}.CAN-2004-0394.patch || die "Failed to add the CAN-2004-0394 patch!"
 	epatch ${FILESDIR}/${P}.CAN-2004-0495.patch || die "Failed to add the CAN-2004-0495 patch!"
+	epatch ${FILESDIR}/${PN}.CAN-2004-0497.patch || die "Failed to add the CAN-2004-0497 patch!"
 	epatch ${FILESDIR}/${P}.CAN-2004-0535.patch || die "Failed to add the CAN-2004-0535 patch!"
 	epatch ${FILESDIR}/${P}.FPULockup-53804.patch || die "Failed to apply FPU-lockup patch!"
 
diff --git a/sys-kernel/uclinux-sources/uclinux-sources-2.6.7_p0-r1.ebuild b/sys-kernel/uclinux-sources/uclinux-sources-2.6.7_p0-r2.ebuild
index 10c3dca64c44..4441af2d82fe 100644
--- a/sys-kernel/uclinux-sources/uclinux-sources-2.6.7_p0-r1.ebuild
+++ b/sys-kernel/uclinux-sources/uclinux-sources-2.6.7_p0-r2.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2004 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/uclinux-sources/uclinux-sources-2.6.7_p0-r1.ebuild,v 1.1 2004/06/30 17:51:14 plasmaroo Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/uclinux-sources/uclinux-sources-2.6.7_p0-r2.ebuild,v 1.1 2004/07/09 16:25:39 plasmaroo Exp $
 
 IUSE=""
 
@@ -39,7 +39,9 @@ src_unpack() {
 
 	cd linux-${KV}
 	epatch ../${MY_P/linux/${base}}.${patch} || die "Failed to apply uClinux patch!"
+	epatch ${FILESDIR}/${PN}.CAN-2004-0497.patch || die "Failed to add the CAN-2004-0497 patch!"
 	epatch ${FILESDIR}/${PN}-2.6.IPTables-RDoS.patch || die "Failed to apply the IPTables RDoS security patch!"
+	epatch ${FILESDIR}/${PN}-2.6.ProcPerms.patch || die "Failed to apply the /proc permissions security patch!"
 
 	set MY_ARCH=${ARCH}
 	unset ARCH
author	Tim Yamin <plasmaroo@gentoo.org>	2004-07-09 16:25:39 +0000
committer	Tim Yamin <plasmaroo@gentoo.org>	2004-07-09 16:25:39 +0000
commit	c9e4c9786d9358302acbcd2b63dafd4c402e9e86 (patch)
tree	d35f1f2ae6bf65a03d6cd6a59a99cd200ae702c9 /sys-kernel
parent	Version bump for kernel attribute vulnerabilities, bug #56479. (diff)
download	historical-c9e4c9786d9358302acbcd2b63dafd4c402e9e86.tar.gz historical-c9e4c9786d9358302acbcd2b63dafd4c402e9e86.tar.bz2 historical-c9e4c9786d9358302acbcd2b63dafd4c402e9e86.zip