diff options
| author |   Tim Yamin <plasmaroo@gentoo.org> | 2004-10-21 18:26:55 +0000 |
|---|---|---|
| committer | Tim Yamin <plasmaroo@gentoo.org> | 2004-10-21 18:26:55 +0000 |
| commit | 6fb5d99dc8321b1f09965904384a90b41066af56 (patch) | |
| tree | 1234820a834b9ccd01771aee74daba99beddb2c9 /sys-kernel/uclinux-sources | |
| parent | Version bump - closes bug #68278. Old version removed due to security issues,... (diff) | |
| download | historical-6fb5d99dc8321b1f09965904384a90b41066af56.tar.gz historical-6fb5d99dc8321b1f09965904384a90b41066af56.tar.bz2 historical-6fb5d99dc8321b1f09965904384a90b41066af56.zip | |
Version bumped to address CAN-2004-0816; bug #68375.
Diffstat (limited to 'sys-kernel/uclinux-sources')
| -rw-r--r-- | sys-kernel/uclinux-sources/ChangeLog | 9 | ||||
| -rw-r--r-- | sys-kernel/uclinux-sources/Manifest | 7 | ||||
| -rw-r--r-- | sys-kernel/uclinux-sources/files/digest-uclinux-sources-2.6.7_p0-r6 (renamed from sys-kernel/uclinux-sources/files/digest-uclinux-sources-2.6.7_p0-r5) | 0 | ||||
| -rw-r--r-- | sys-kernel/uclinux-sources/files/uclinux-sources-2.6.CAN-2004-0816.patch | 43 | ||||
| -rw-r--r-- | sys-kernel/uclinux-sources/uclinux-sources-2.6.7_p0-r6.ebuild (renamed from sys-kernel/uclinux-sources/uclinux-sources-2.6.7_p0-r5.ebuild) | 3 |
5 files changed, 57 insertions, 5 deletions
diff --git a/sys-kernel/uclinux-sources/ChangeLog b/sys-kernel/uclinux-sources/ChangeLog index 2b935e8f8a2b..250804f32f5d 100644 --- a/sys-kernel/uclinux-sources/ChangeLog +++ b/sys-kernel/uclinux-sources/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for sys-kernel/uclinux-sources # Copyright 2000-2004 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/uclinux-sources/ChangeLog,v 1.18 2004/08/10 00:21:58 plasmaroo Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/uclinux-sources/ChangeLog,v 1.19 2004/10/21 18:26:55 plasmaroo Exp $ + +*uclinux-sources-2.6.7_p0-r6 (21 Oct 2004) + + 21 Oct 2004; <plasmaroo@gentoo.org> -uclinux-sources-2.6.7_p0-r5.ebuild, + +uclinux-sources-2.6.7_p0-r6.ebuild, + +files/uclinux-sources-2.6.CAN-2004-0816.patch: + Version bumped to address CAN-2004-0816; bug #68375. *uclinux-sources-2.6.7_p0-r5 (10 Aug 2004) diff --git a/sys-kernel/uclinux-sources/Manifest b/sys-kernel/uclinux-sources/Manifest index 7a3f7a9f365a..71b0d8e78d59 100644 --- a/sys-kernel/uclinux-sources/Manifest +++ b/sys-kernel/uclinux-sources/Manifest @@ -1,17 +1,18 @@ -MD5 128ce9667c6adead71700c5f6d098f94 ChangeLog 5124 +MD5 3230d51f1d8b876f1f7a8edcdb453d66 ChangeLog 5388 MD5 f3fa6c474b8727f8215534b7fc9c93ba metadata.xml 304 -MD5 aa64086b97b9042bea8cf8cca8da487b uclinux-sources-2.6.7_p0-r5.ebuild 1973 MD5 6338c28a13241723e68a16b683b1ee85 uclinux-sources-2.4.26_p0-r6.ebuild 2114 +MD5 3bf0e352a2d08503e6adc21f074cd057 uclinux-sources-2.6.7_p0-r6.ebuild 2073 MD5 dc18e982f8149588a291956481885a8c files/uclinux-sources-2.4.26_p0.CAN-2004-0495.patch 17549 MD5 c2510fe1891f5a9effb12c2196922206 files/uclinux-sources-2.6.cmdlineLeak.patch 281 +MD5 c72fc64f2fd878daf2c62d998239c803 files/digest-uclinux-sources-2.6.7_p0-r6 211 MD5 60d25ff310fc6abfdce39ec9e47345af files/uclinux-sources-2.4.26_p0.CAN-2004-0685.patch 2809 MD5 d4a740ae56c2049247083af387a22a85 files/uclinux-sources-2.4.26_p0.CAN-2004-0394.patch 350 MD5 68a561b1216380268e96d2fcea905cd2 files/digest-uclinux-sources-2.4.26_p0-r6 225 MD5 0f66013f643c79c97fda489618a4e2fd files/uclinux-sources-2.4.26_p0.CAN-2004-0535.patch 476 MD5 95708646470a95668e8789cd415844ed files/uclinux-sources.CAN-2004-0497.patch 846 MD5 c9da1bc82b906f6abc648c056e7bf662 files/uclinux-sources-2.4.26_p0.FPULockup-53804.patch 354 -MD5 c72fc64f2fd878daf2c62d998239c803 files/digest-uclinux-sources-2.6.7_p0-r5 211 MD5 39361f8d16b1fe5891aab62e92f8cd30 files/uclinux-sources-2.6.IPTables-RDoS.patch 390 +MD5 aa595005721b58929ee55e2e8f4b6ba0 files/uclinux-sources-2.6.CAN-2004-0816.patch 1693 MD5 b738cb0120a32aa92cfcfdbd564dd21f files/uclinux-sources-2.6.ProcPerms.patch 1368 MD5 8204afea1d572b49a4a80d8da4eef0c9 files/uclinux-sources-2.6.CAN-2004-0596.patch 1033 MD5 d1ccc2047be533c992f67270a150a210 files/uclinux-sources-2.4.26_p0.cmdlineLeak.patch 388 diff --git a/sys-kernel/uclinux-sources/files/digest-uclinux-sources-2.6.7_p0-r5 b/sys-kernel/uclinux-sources/files/digest-uclinux-sources-2.6.7_p0-r6 index 2f8ad3b4942c..2f8ad3b4942c 100644 --- a/sys-kernel/uclinux-sources/files/digest-uclinux-sources-2.6.7_p0-r5 +++ b/sys-kernel/uclinux-sources/files/digest-uclinux-sources-2.6.7_p0-r6 diff --git a/sys-kernel/uclinux-sources/files/uclinux-sources-2.6.CAN-2004-0816.patch b/sys-kernel/uclinux-sources/files/uclinux-sources-2.6.CAN-2004-0816.patch new file mode 100644 index 000000000000..13a9ea2f5aa4 --- /dev/null +++ b/sys-kernel/uclinux-sources/files/uclinux-sources-2.6.CAN-2004-0816.patch @@ -0,0 +1,43 @@ +Subject: Prevent ICMP crash in netfilter logging +From: Olaf Kirch <okir@suse.de> +References: 46016 + +This patch fixes a remotely triggerable crash in the netfilter code +when looking at ICMP unreachables. It dies when trying to copy +BIGNUM bytes... + +Index: linux-2.6.5/net/ipv4/netfilter/ipt_LOG.c +=================================================================== +--- linux-2.6.5.orig/net/ipv4/netfilter/ipt_LOG.c 2004-02-19 11:36:37.000000000 +0100 ++++ linux-2.6.5/net/ipv4/netfilter/ipt_LOG.c 2004-09-24 15:48:54.000000000 +0200 +@@ -71,7 +71,7 @@ + printk("FRAG:%u ", ntohs(iph.frag_off) & IP_OFFSET); + + if ((info->logflags & IPT_LOG_IPOPT) +- && iph.ihl * 4 != sizeof(struct iphdr)) { ++ && iph.ihl * 4 > sizeof(struct iphdr)) { + unsigned char opt[4 * 15 - sizeof(struct iphdr)]; + unsigned int i, optsize; + +@@ -138,7 +138,7 @@ + printk("URGP=%u ", ntohs(tcph.urg_ptr)); + + if ((info->logflags & IPT_LOG_TCPOPT) +- && tcph.doff * 4 != sizeof(struct tcphdr)) { ++ && tcph.doff * 4 > sizeof(struct tcphdr)) { + unsigned char opt[4 * 15 - sizeof(struct tcphdr)]; + unsigned int i, optsize; + +Index: linux-2.6.5/net/ipv6/netfilter/ip6t_LOG.c +=================================================================== +--- linux-2.6.5.orig/net/ipv6/netfilter/ip6t_LOG.c 2004-09-24 15:47:00.000000000 +0200 ++++ linux-2.6.5/net/ipv6/netfilter/ip6t_LOG.c 2004-09-24 15:48:35.000000000 +0200 +@@ -188,7 +188,7 @@ + printk("URGP=%u ", ntohs(tcph->urg_ptr)); + + if ((info->logflags & IP6T_LOG_TCPOPT) +- && tcph->doff * 4 != sizeof(struct tcphdr)) { ++ && tcph->doff * 4 > sizeof(struct tcphdr)) { + unsigned int i; + + /* Max length: 127 "OPT (" 15*4*2chars ") " */ diff --git a/sys-kernel/uclinux-sources/uclinux-sources-2.6.7_p0-r5.ebuild b/sys-kernel/uclinux-sources/uclinux-sources-2.6.7_p0-r6.ebuild index 3d8674d5f61b..45a52b61a43b 100644 --- a/sys-kernel/uclinux-sources/uclinux-sources-2.6.7_p0-r5.ebuild +++ b/sys-kernel/uclinux-sources/uclinux-sources-2.6.7_p0-r6.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/uclinux-sources/uclinux-sources-2.6.7_p0-r5.ebuild,v 1.1 2004/08/10 00:21:58 plasmaroo Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/uclinux-sources/uclinux-sources-2.6.7_p0-r6.ebuild,v 1.1 2004/10/21 18:26:55 plasmaroo Exp $ IUSE="" @@ -46,6 +46,7 @@ src_unpack() { epatch ${FILESDIR}/${PN}-2.6.IPTables-RDoS.patch || die "Failed to apply the IPTables RDoS security patch!" epatch ${FILESDIR}/${PN}-2.6.ProcPerms.patch || die "Failed to apply the /proc permissions security patch!" epatch ${FILESDIR}/${PN}-2.6.cmdlineLeak.patch || die "Failed to apply the /proc/cmdline patch!" + epatch ${FILESDIR}/${PN}-2.6.CAN-2004-0816.patch || die "Failed to apply the CAN-2004-0816 patch!" set MY_ARCH=${ARCH} unset ARCH |