diff options
| author |   Tim Yamin <plasmaroo@gentoo.org> | 2004-04-17 15:23:34 +0000 |
|---|---|---|
| committer | Tim Yamin <plasmaroo@gentoo.org> | 2004-04-17 15:23:34 +0000 |
| commit | 20ebec765481549e826e9b0063ae3a4ba8c4f4d4 (patch) | |
| tree | f4508afcb1859751dbc56b10c6decb47b444b4ab /sys-kernel | |
| parent | stable on x86 (Manifest recommit) (diff) | |
| download | gentoo-2-20ebec765481549e826e9b0063ae3a4ba8c4f4d4.tar.gz gentoo-2-20ebec765481549e826e9b0063ae3a4ba8c4f4d4.tar.bz2 gentoo-2-20ebec765481549e826e9b0063ae3a4ba8c4f4d4.zip | |
Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178 vulnerabilities.
Diffstat (limited to 'sys-kernel')
| -rw-r--r-- | sys-kernel/wolk-sources/ChangeLog | 15 | ||||
| -rw-r--r-- | sys-kernel/wolk-sources/files/digest-wolk-sources-4.11-r3 (renamed from sys-kernel/wolk-sources/files/digest-wolk-sources-4.11-r2) | 0 | ||||
| -rw-r--r-- | sys-kernel/wolk-sources/files/digest-wolk-sources-4.9-r6 (renamed from sys-kernel/wolk-sources/files/digest-wolk-sources-4.9-r5) | 0 | ||||
| -rw-r--r-- | sys-kernel/wolk-sources/files/wolk-sources-4.9s.CAN-2004-0010.patch | 200 | ||||
| -rw-r--r-- | sys-kernel/wolk-sources/files/wolk-sources.CAN-2004-0177.patch | 10 | ||||
| -rw-r--r-- | sys-kernel/wolk-sources/files/wolk-sources.CAN-2004-0178.patch | 11 | ||||
| -rw-r--r-- | sys-kernel/wolk-sources/wolk-sources-4.11-r3.ebuild (renamed from sys-kernel/wolk-sources/wolk-sources-4.11-r2.ebuild) | 4 | ||||
| -rw-r--r-- | sys-kernel/wolk-sources/wolk-sources-4.9-r6.ebuild (renamed from sys-kernel/wolk-sources/wolk-sources-4.9-r5.ebuild) | 9 |
8 files changed, 243 insertions, 6 deletions
diff --git a/sys-kernel/wolk-sources/ChangeLog b/sys-kernel/wolk-sources/ChangeLog index e12c0f517bf4..2093ccc5dc22 100644 --- a/sys-kernel/wolk-sources/ChangeLog +++ b/sys-kernel/wolk-sources/ChangeLog @@ -1,10 +1,21 @@ # ChangeLog for sys-kernel/wolk-sources # Copyright 2002-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/wolk-sources/ChangeLog,v 1.40 2004/04/17 03:51:32 nerdboy Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/wolk-sources/ChangeLog,v 1.41 2004/04/17 15:23:34 plasmaroo Exp $ + +*wolk-sources-4.11-r3 (17 Apr 2004) + + 17 Apr 2004; <plasmaroo@gentoo.org> + +files/wolk-sources-4.9s.CAN-2004-0010.patch, + +files/wolk-sources.CAN-2004-0177.patch, + +files/wolk-sources.CAN-2004-0178.patch, -wolk-sources-4.11-r2.ebuild, + +wolk-sources-4.11-r3.ebuild, -wolk-sources-4.9-r5.ebuild, + +wolk-sources-4.9-r6.ebuild: + Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178 + vulnerabilities. Old revisions removed. 16 Apr 2004; <nerdboy@gentoo.org> wolk-sources-4.11-r2.ebuild, wolk-sources-4.9-r4.ebuild, wolk-sources-4.11-r1.ebuild: - removed older revs prior to security patches + Removed older revisions prior to security patches. *wolk-sources-4.9-r5 (15 Apr 2004) diff --git a/sys-kernel/wolk-sources/files/digest-wolk-sources-4.11-r2 b/sys-kernel/wolk-sources/files/digest-wolk-sources-4.11-r3 index c8b173eb8305..c8b173eb8305 100644 --- a/sys-kernel/wolk-sources/files/digest-wolk-sources-4.11-r2 +++ b/sys-kernel/wolk-sources/files/digest-wolk-sources-4.11-r3 diff --git a/sys-kernel/wolk-sources/files/digest-wolk-sources-4.9-r5 b/sys-kernel/wolk-sources/files/digest-wolk-sources-4.9-r6 index 1a638cec623d..1a638cec623d 100644 --- a/sys-kernel/wolk-sources/files/digest-wolk-sources-4.9-r5 +++ b/sys-kernel/wolk-sources/files/digest-wolk-sources-4.9-r6 diff --git a/sys-kernel/wolk-sources/files/wolk-sources-4.9s.CAN-2004-0010.patch b/sys-kernel/wolk-sources/files/wolk-sources-4.9s.CAN-2004-0010.patch new file mode 100644 index 000000000000..158c555eb25f --- /dev/null +++ b/sys-kernel/wolk-sources/files/wolk-sources-4.9s.CAN-2004-0010.patch @@ -0,0 +1,200 @@ +diff -urN linux-2.4.20-wolk4.9-r5/fs/ncpfs/dir.c linux-2.4.20-wolk4.9-r6/fs/ncpfs/dir.c +--- linux-2.4.20-wolk4.9-r5/fs/ncpfs/dir.c 2002-11-28 15:53:15.000000000 -0800 ++++ linux-2.4.20-wolk4.9-r6/fs/ncpfs/dir.c 2004-01-23 10:53:26.000000000 -0800 +@@ -266,8 +266,8 @@ + struct ncp_server *server; + struct inode *dir = dentry->d_parent->d_inode; + struct ncp_entry_info finfo; +- int res, val=1, len = dentry->d_name.len + 1; +- __u8 __name[len]; ++ int res, val=1, len; ++ __u8 __name[NCP_MAXPATHLEN + 1]; + + if (!dentry->d_inode || !dir) + goto bad; +@@ -291,14 +291,15 @@ + dentry->d_parent->d_name.name, dentry->d_name.name, + NCP_GET_AGE(dentry)); + ++ len = sizeof(__name); + if (ncp_is_server_root(dir)) { + res = ncp_io2vol(server, __name, &len, dentry->d_name.name, +- len-1, 1); ++ dentry->d_name.len, 1); + if (!res) + res = ncp_lookup_volume(server, __name, &(finfo.i)); + } else { + res = ncp_io2vol(server, __name, &len, dentry->d_name.name, +- len-1, !ncp_preserve_case(dir)); ++ dentry->d_name.len, !ncp_preserve_case(dir)); + if (!res) + res = ncp_obtain_info(server, dir, __name, &(finfo.i)); + } +@@ -548,9 +549,9 @@ + int valid = 0; + int hashed = 0; + ino_t ino = 0; +- __u8 __name[256]; ++ __u8 __name[NCP_MAXPATHLEN + 1]; + +- qname.len = 256; ++ qname.len = sizeof(__name); + if (ncp_vol2io(NCP_SERVER(inode), __name, &qname.len, + entry->i.entryName, entry->i.nameLen, + !ncp_preserve_entry_case(inode, entry->i.NSCreator))) +@@ -705,16 +706,19 @@ + { + struct ncp_server* server = NCP_SBP(sb); + struct nw_info_struct i; +- int result, len = strlen(server->m.mounted_vol) + 1; +- __u8 __name[len]; ++ int result; + + if (ncp_single_volume(server)) { ++ int len; + struct dentry* dent; ++ __u8 __name[NCP_MAXPATHLEN + 1]; + +- result = -ENOENT; +- if (ncp_io2vol(server, __name, &len, server->m.mounted_vol, +- len-1, 1)) ++ len = sizeof(__name); ++ result = ncp_io2vol(server, __name, &len, server->m.mounted_vol, ++ strlen(server->m.mounted_vol), 1); ++ if (result) + goto out; ++ result = -ENOENT; + if (ncp_lookup_volume(server, __name, &i)) { + PPRINTK("ncp_conn_logged_in: %s not found\n", + server->m.mounted_vol); +@@ -745,8 +749,8 @@ + struct ncp_server *server = NCP_SERVER(dir); + struct inode *inode = NULL; + struct ncp_entry_info finfo; +- int error, res, len = dentry->d_name.len + 1; +- __u8 __name[len]; ++ int error, res, len; ++ __u8 __name[NCP_MAXPATHLEN + 1]; + + error = -EIO; + if (!ncp_conn_valid(server)) +@@ -755,14 +759,15 @@ + PPRINTK("ncp_lookup: server lookup for %s/%s\n", + dentry->d_parent->d_name.name, dentry->d_name.name); + ++ len = sizeof(__name); + if (ncp_is_server_root(dir)) { + res = ncp_io2vol(server, __name, &len, dentry->d_name.name, +- len-1, 1); ++ dentry->d_name.len, 1); + if (!res) + res = ncp_lookup_volume(server, __name, &(finfo.i)); + } else { + res = ncp_io2vol(server, __name, &len, dentry->d_name.name, +- len-1, !ncp_preserve_case(dir)); ++ dentry->d_name.len, !ncp_preserve_case(dir)); + if (!res) + res = ncp_obtain_info(server, dir, __name, &(finfo.i)); + } +@@ -825,9 +830,9 @@ + { + struct ncp_server *server = NCP_SERVER(dir); + struct ncp_entry_info finfo; +- int error, result, len = dentry->d_name.len + 1; ++ int error, result, len; + int opmode; +- __u8 __name[len]; ++ __u8 __name[NCP_MAXPATHLEN + 1]; + + PPRINTK("ncp_create_new: creating %s/%s, mode=%x\n", + dentry->d_parent->d_name.name, dentry->d_name.name, mode); +@@ -836,8 +841,9 @@ + goto out; + + ncp_age_dentry(server, dentry); ++ len = sizeof(__name); + error = ncp_io2vol(server, __name, &len, dentry->d_name.name, +- len-1, !ncp_preserve_case(dir)); ++ dentry->d_name.len, !ncp_preserve_case(dir)); + if (error) + goto out; + +@@ -880,8 +886,8 @@ + { + struct ncp_entry_info finfo; + struct ncp_server *server = NCP_SERVER(dir); +- int error, len = dentry->d_name.len + 1; +- __u8 __name[len]; ++ int error, len; ++ __u8 __name[NCP_MAXPATHLEN + 1]; + + DPRINTK("ncp_mkdir: making %s/%s\n", + dentry->d_parent->d_name.name, dentry->d_name.name); +@@ -890,8 +896,9 @@ + goto out; + + ncp_age_dentry(server, dentry); ++ len = sizeof(__name); + error = ncp_io2vol(server, __name, &len, dentry->d_name.name, +- len-1, !ncp_preserve_case(dir)); ++ dentry->d_name.len, !ncp_preserve_case(dir)); + if (error) + goto out; + +@@ -909,8 +916,8 @@ + static int ncp_rmdir(struct inode *dir, struct dentry *dentry) + { + struct ncp_server *server = NCP_SERVER(dir); +- int error, result, len = dentry->d_name.len + 1; +- __u8 __name[len]; ++ int error, result, len; ++ __u8 __name[NCP_MAXPATHLEN + 1]; + + DPRINTK("ncp_rmdir: removing %s/%s\n", + dentry->d_parent->d_name.name, dentry->d_name.name); +@@ -923,8 +930,9 @@ + if (!d_unhashed(dentry)) + goto out; + ++ len = sizeof(__name); + error = ncp_io2vol(server, __name, &len, dentry->d_name.name, +- len-1, !ncp_preserve_case(dir)); ++ dentry->d_name.len, !ncp_preserve_case(dir)); + if (error) + goto out; + +@@ -1022,9 +1030,8 @@ + { + struct ncp_server *server = NCP_SERVER(old_dir); + int error; +- int old_len = old_dentry->d_name.len + 1; +- int new_len = new_dentry->d_name.len + 1; +- __u8 __old_name[old_len], __new_name[new_len]; ++ int old_len, new_len; ++ __u8 __old_name[NCP_MAXPATHLEN + 1], __new_name[NCP_MAXPATHLEN + 1]; + + DPRINTK("ncp_rename: %s/%s to %s/%s\n", + old_dentry->d_parent->d_name.name, old_dentry->d_name.name, +@@ -1037,15 +1044,17 @@ + ncp_age_dentry(server, old_dentry); + ncp_age_dentry(server, new_dentry); + ++ old_len = sizeof(__old_name); + error = ncp_io2vol(server, __old_name, &old_len, +- old_dentry->d_name.name, old_len-1, +- !ncp_preserve_case(old_dir)); ++ old_dentry->d_name.name, old_dentry->d_name.len, ++ !ncp_preserve_case(old_dir)); + if (error) + goto out; + ++ new_len = sizeof(__new_name); + error = ncp_io2vol(server, __new_name, &new_len, +- new_dentry->d_name.name, new_len-1, +- !ncp_preserve_case(new_dir)); ++ new_dentry->d_name.name, new_dentry->d_name.len, ++ !ncp_preserve_case(new_dir)); + if (error) + goto out; + + diff --git a/sys-kernel/wolk-sources/files/wolk-sources.CAN-2004-0177.patch b/sys-kernel/wolk-sources/files/wolk-sources.CAN-2004-0177.patch new file mode 100644 index 000000000000..da6b7e190685 --- /dev/null +++ b/sys-kernel/wolk-sources/files/wolk-sources.CAN-2004-0177.patch @@ -0,0 +1,10 @@ +--- linux-2.4.26-pre3/fs/jbd/journal.c 2004-02-18 05:36:31.000000000 -0800 ++++ linux-2.4.26-pre4/fs/jbd/journal.c 2004-03-16 09:59:36.000000000 -0800 +@@ -671,6 +671,7 @@ + + bh = getblk(journal->j_dev, blocknr, journal->j_blocksize); + lock_buffer(bh); ++ memset(bh->b_data, 0, journal->j_blocksize); + BUFFER_TRACE(bh, "return this buffer"); + return journal_add_journal_head(bh); + } diff --git a/sys-kernel/wolk-sources/files/wolk-sources.CAN-2004-0178.patch b/sys-kernel/wolk-sources/files/wolk-sources.CAN-2004-0178.patch new file mode 100644 index 000000000000..19e57268c2fa --- /dev/null +++ b/sys-kernel/wolk-sources/files/wolk-sources.CAN-2004-0178.patch @@ -0,0 +1,11 @@ +--- linux-2.4.26-pre2/drivers/sound/sb_audio.c 2002-02-25 11:38:06.000000000 -0800 ++++ linux-2.4.26-pre3/drivers/sound/sb_audio.c 2004-03-13 07:43:23.000000000 -0800 +@@ -879,7 +879,7 @@ + c -= locallen; p += locallen; + } + /* used = ( samples * 16 bits size ) */ +- *used = len << 1; ++ *used = max_in > ( max_out << 1) ? (max_out << 1) : max_in; + /* returned = ( samples * 8 bits size ) */ + *returned = len; + } diff --git a/sys-kernel/wolk-sources/wolk-sources-4.11-r2.ebuild b/sys-kernel/wolk-sources/wolk-sources-4.11-r3.ebuild index 3006de50d5f1..ca834cf02262 100644 --- a/sys-kernel/wolk-sources/wolk-sources-4.11-r2.ebuild +++ b/sys-kernel/wolk-sources/wolk-sources-4.11-r3.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2004 Gentoo Technologies, Inc. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/wolk-sources/wolk-sources-4.11-r2.ebuild,v 1.1 2004/04/15 15:25:04 plasmaroo Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/wolk-sources/wolk-sources-4.11-r3.ebuild,v 1.1 2004/04/17 15:23:34 plasmaroo Exp $ # OKV=original kernel version, KV=patched kernel version. They can be the same. @@ -34,6 +34,8 @@ src_unpack() { epatch ${FILESDIR}/${PN}.CAN-2003-0985.patch || die "Failed to patch mremap() vulnerability!" epatch ${FILESDIR}/${PN}.CAN-2004-0109.patch || die "Failed to patch CAN-2004-0109 vulnerability!" + epatch ${FILESDIR}/${PN}.CAN-2004-0177.patch || die "Failed to add the CAN-2004-0177 patch!" + epatch ${FILESDIR}/${PN}.CAN-2004-0178.patch || die "Failed to add the CAN-2004-0178 patch!" kernel_universal_unpack } diff --git a/sys-kernel/wolk-sources/wolk-sources-4.9-r5.ebuild b/sys-kernel/wolk-sources/wolk-sources-4.9-r6.ebuild index 167530bfc673..e1b263170d15 100644 --- a/sys-kernel/wolk-sources/wolk-sources-4.9-r5.ebuild +++ b/sys-kernel/wolk-sources/wolk-sources-4.9-r6.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2004 Gentoo Technologies, Inc. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/wolk-sources/wolk-sources-4.9-r5.ebuild,v 1.1 2004/04/15 15:25:04 plasmaroo Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/wolk-sources/wolk-sources-4.9-r6.ebuild,v 1.1 2004/04/17 15:23:34 plasmaroo Exp $ # OKV=original kernel version, KV=patched kernel version. They can be the same. @@ -73,10 +73,13 @@ src_unpack() { fi epatch ${FILESDIR}/do_brk_fix.patch || die "Failed to patch for do_brk() vulnerability!" + epatch ${FILESDIR}/${PN}-4.9s.munmap.patch || die "Failed to apply munmap patch!" + epatch ${FILESDIR}/${PN}-4.9s.rtc_fix.patch || die "Failed to patch RTC vulnerabilities!" + epatch ${FILESDIR}/${PN}-4.9s.CAN-2004-0010.patch || die "Failed to add the CAN-2004-0010 patch!" epatch ${FILESDIR}/${PN}.CAN-2003-0985.patch || die "Failed to patch mremap() vulnerability!" epatch ${FILESDIR}/${PN}.CAN-2004-0109.patch || die "Failed to patch CAN-2004-0109 vulnerability!" - epatch ${FILESDIR}/${PN}-4.9s.rtc_fix.patch || die "Failed to patch RTC vulnerabilities!" - epatch ${FILESDIR}/${PN}-4.9s.munmap.patch || die "Failed to apply munmap patch!" + epatch ${FILESDIR}/${PN}.CAN-2004-0177.patch || die "Failed to add the CAN-2004-0177 patch!" + epatch ${FILESDIR}/${PN}.CAN-2004-0178.patch || die "Failed to add the CAN-2004-0178 patch!" kernel_universal_unpack } |