Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-current.git;a=commitdiff;h=b27b281c6278ccc4a4e5a8f3df93f567d2a730f0
commit b27b281c6278ccc4a4e5a8f3df93f567d2a730f0 Author: Miklos Vajna <vmik...@frugalware.org> Date: Mon May 3 19:30:42 2010 +0200 kernel-2.6.33-3-i686 - up to 2.6.33.3 - add CVE-2010-1148.patch - closes #4183 diff --git a/source/base/kernel/CVE-2010-1148.patch b/source/base/kernel/CVE-2010-1148.patch new file mode 100644 index 0000000..749d05a --- /dev/null +++ b/source/base/kernel/CVE-2010-1148.patch @@ -0,0 +1,106 @@ +Path: news.gmane.org!not-for-mail +From: shirishpargaon...@gmail.com +Newsgroups: gmane.linux.file-systems.cifs +Subject: [patch] skip posix open if nameidata is null +Date: Fri, 2 Apr 2010 12:32:58 -0500 +Lines: 29 +Approved: n...@gmane.org +Message-ID: <1270229578-14227-1-git-send-email-shirishpargaon...@gmail.com> +NNTP-Posting-Host: lo.gmane.org +Mime-Version: 1.0 +Content-Type: text/plain; charset="us-ascii" +Content-Transfer-Encoding: 7bit +X-Trace: dough.gmane.org 1270229774 20287 80.91.229.12 (2 Apr 2010 17:36:14 GMT) +X-Complaints-To: use...@dough.gmane.org +NNTP-Posting-Date: Fri, 2 Apr 2010 17:36:14 +0000 (UTC) +Cc: smfre...@gmail.com +To: linux-cifs-cli...@lists.samba.org +Original-X-From: linux-cifs-client-boun...@lists.samba.org Fri Apr 02 19:36:04 2010 +Return-path: <linux-cifs-client-boun...@lists.samba.org> +Envelope-to: glfc-linux-cifs-cli...@gmane.org +Original-Received: from fn.samba.org ([216.83.154.106] helo=lists.samba.org) + by lo.gmane.org with esmtp (Exim 4.69) + (envelope-from <linux-cifs-client-boun...@lists.samba.org>) + id 1Nxkmm-0008Vv-Dh + for glfc-linux-cifs-cli...@gmane.org; Fri, 02 Apr 2010 19:36:00 +0200 +Original-Received: from fn.samba.org (localhost [127.0.0.1]) + by lists.samba.org (Postfix) with ESMTP id 20565ACF41; + Fri, 2 Apr 2010 11:36:00 -0600 (MDT) +X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on fn.samba.org +X-Spam-Level: +X-Spam-Status: No, score=-4.1 required=3.8 tests=BAYES_00,SPF_PASS + autolearn=ham version=3.2.5 +X-Original-To: linux-cifs-cli...@lists.samba.org +Delivered-To: linux-cifs-cli...@lists.samba.org +Original-Received: from mail-pw0-f41.google.com (mail-pw0-f41.google.com + [209.85.160.41]) + by lists.samba.org (Postfix) with ESMTP id 1592FAC578 + for <linux-cifs-cli...@lists.samba.org>; + Fri, 2 Apr 2010 11:35:54 -0600 (MDT) +Original-Received: by pwi2 with SMTP id 2so1792354pwi.14 + for <linux-cifs-cli...@lists.samba.org>; + Fri, 02 Apr 2010 10:35:53 -0700 (PDT) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; + h=domainkey-signature:received:received:from:to:cc:subject:date + :message-id:x-mailer; + bh=TeMj3CmhDrsnbawtoaJ9u9p1XYH0LN69q0VkIZKCEAY=; + b=ga+HQwMOZF8VmFAGKnjWRnlcesBg6NB4dpGI+uIuhDqgWNv5aSH5H8XI5QkdPXgRGG + 8VPtyjXwNLkQvgox/mrYvW8RcuRdgHifskTbbsbS9f72NCf6X2c0zIvOH+sSWqxhArr0 + N/T4u0tgNh0bdpPAEWtL1/4pGInzsV658+0O0= +DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; + h=from:to:cc:subject:date:message-id:x-mailer; + b=j083wILNXB+ihO7kC5YWioLagZIh68I2WRt5+lq3TZcX3CrpO4IVUP3DQ6mMj1PBD4 + zkWBU8w0LQaBdLRIC9myXlg4SWUgF9ygRpPWbzVFlrywsBbdDoz05F/FbkLh/IGouKNg + cr9SdAhQwUe3Jo/TRPSPIP8xGBx8YE1P50UUo= +Original-Received: by 10.143.24.17 with SMTP id b17mr873342wfj.317.1270229753290; + Fri, 02 Apr 2010 10:35:53 -0700 (PDT) +Original-Received: from localhost ([32.97.110.58]) + by mx.google.com with ESMTPS id 21sm2063580iwn.11.2010.04.02.10.35.52 + (version=TLSv1/SSLv3 cipher=RC4-MD5); + Fri, 02 Apr 2010 10:35:52 -0700 (PDT) +X-Mailer: git-send-email 1.6.0.2 +X-BeenThere: linux-cifs-cli...@lists.samba.org +X-Mailman-Version: 2.1.12 +Precedence: list +List-Id: The Linux CIFS VFS client <linux-cifs-client.lists.samba.org> +List-Unsubscribe: <https://lists.samba.org/mailman/options/linux-cifs-client>, + <mailto:linux-cifs-client-requ...@lists.samba.org?subject=unsubscribe> +List-Archive: <http://lists.samba.org/pipermail/linux-cifs-client> +List-Post: <mailto:linux-cifs-cli...@lists.samba.org> +List-Help: <mailto:linux-cifs-client-requ...@lists.samba.org?subject=help> +List-Subscribe: <https://lists.samba.org/mailman/listinfo/linux-cifs-client>, + <mailto:linux-cifs-client-requ...@lists.samba.org?subject=subscribe> +Original-Sender: linux-cifs-client-boun...@lists.samba.org +Errors-To: linux-cifs-client-boun...@lists.samba.org +Xref: news.gmane.org gmane.linux.file-systems.cifs:5782 +Archived-At: <http://permalink.gmane.org/gmane.linux.file-systems.cifs/5782> + +While creating a file on a server which supports unix extensions +such as Samba, if a file is being created which does not supply +nameidata (i.e. nd is null), cifs client can oops when calling +cifs_posix_open. + +The simplest solution is, do not open a file using posix semantics +if nameidata parameter is NULL even if server supports posix semantics. + +I do not see a way to reach vfsmount (structure) field if nameidata +is not supplied to call posix open (cifs_posix_open). + + +Signed-off-by: Shirish Pargaonkar <shirishpargaon...@gmail.com> +Reported-by: Eugene Teo <eugene...@kernel.sg> +--- + +diff --git a/fs/cifs/dir.c b/fs/cifs/dir.c +index e9f7ecc..eef8d83 100644 +--- a/fs/cifs/dir.c ++++ b/fs/cifs/dir.c +@@ -317,7 +317,7 @@ cifs_create(struct inode *inode, struct dentry *direntry, int mode, + else + oflags = FMODE_READ; + +- if (tcon->unix_ext && (tcon->ses->capabilities & CAP_UNIX) && ++ if (nd && tcon->unix_ext && (tcon->ses->capabilities & CAP_UNIX) && + (CIFS_UNIX_POSIX_PATH_OPS_CAP & + le64_to_cpu(tcon->fsUnixInfo.Capability))) { + rc = cifs_posix_open(full_path, &newinode, nd->path.mnt, diff --git a/source/base/kernel/FrugalBuild b/source/base/kernel/FrugalBuild index eea69a5..bccc816 100644 --- a/source/base/kernel/FrugalBuild +++ b/source/base/kernel/FrugalBuild @@ -4,7 +4,7 @@ USE_DEVEL=${USE_DEVEL:-"n"} # See http://bugs.freedesktop.org/show_bug.cgi?id=25417 -_F_kernel_patches=(fdo-25417.patch CVE-2010-1146.patch) +_F_kernel_patches=(fdo-25417.patch CVE-2010-1146.patch CVE-2010-1148.patch) if Fuse $USE_DEVEL; then # example for a tagged rc release: 2.6.32.rc5 diff --git a/source/include/kernel-version.sh b/source/include/kernel-version.sh index 5c85304..da0e92e 100644 --- a/source/include/kernel-version.sh +++ b/source/include/kernel-version.sh @@ -16,8 +16,8 @@ # * _F_kernelver_stable: the number of the -stable patch to use (if any) ### _F_kernelver_ver=2.6.33 -_F_kernelver_rel=2 -_F_kernelver_stable=2 +_F_kernelver_rel=3 +_F_kernelver_stable=3 ### # == APPENDED VALUES _______________________________________________ Frugalware-git mailing list Frugalware-git@frugalware.org http://frugalware.org/mailman/listinfo/frugalware-git