[kernel] r9154 - in dists/sid/linux-2.6/debian: . patches/bugfix patches/series

Tue, 17 Jul 2007 02:29:38 -0700 

Author: maks
Date: Tue Jul 17 09:29:33 2007
New Revision: 9154

Log:
2.6.22.1 aka refix CVE-2007-3642


Added:
   dists/sid/linux-2.6/debian/patches/bugfix/2.6.22.1
Modified:
   dists/sid/linux-2.6/debian/changelog
   dists/sid/linux-2.6/debian/patches/series/2

Modified: dists/sid/linux-2.6/debian/changelog
==============================================================================
--- dists/sid/linux-2.6/debian/changelog        (original)
+++ dists/sid/linux-2.6/debian/changelog        Tue Jul 17 09:29:33 2007
@@ -12,7 +12,12 @@
   * Enable INPUT_UINPUT on mac
   * Add 2.6.22 patches from linux-m68k CVS
 
- -- Christian T. Steigies <[EMAIL PROTECTED]>  Mon, 16 Jul 2007 23:10:23 +0200
+  [ maximilian attems ]
+  * Add stable release 2.6.22.1:
+    - nf_conntrack_h323: add checking of out-of-range on choices' index values
+      (CVE-2007-3642)
+
+ -- maximilian attems <[EMAIL PROTECTED]>  Tue, 17 Jul 2007 11:26:40 +0200
 
 linux-2.6 (2.6.22-1) unstable; urgency=low
 

Added: dists/sid/linux-2.6/debian/patches/bugfix/2.6.22.1
==============================================================================
--- (empty file)
+++ dists/sid/linux-2.6/debian/patches/bugfix/2.6.22.1  Tue Jul 17 09:29:33 2007
@@ -0,0 +1,14 @@
+diff --git a/net/netfilter/nf_conntrack_proto_sctp.c 
b/net/netfilter/nf_conntrack_proto_sctp.c
+index 0d3254b..6e41ba5 100644
+--- a/net/netfilter/nf_conntrack_proto_sctp.c
++++ b/net/netfilter/nf_conntrack_proto_sctp.c
+@@ -460,7 +460,8 @@ static int sctp_new(struct nf_conn *conntrack, const 
struct sk_buff *skb,
+                                        SCTP_CONNTRACK_NONE, sch->type);
+ 
+               /* Invalid: delete conntrack */
+-              if (newconntrack == SCTP_CONNTRACK_MAX) {
++              if (newconntrack == SCTP_CONNTRACK_NONE ||
++                  newconntrack == SCTP_CONNTRACK_MAX) {
+                       DEBUGP("nf_conntrack_sctp: invalid new deleting.\n");
+                       return 0;
+               }

Modified: dists/sid/linux-2.6/debian/patches/series/2
==============================================================================
--- dists/sid/linux-2.6/debian/patches/series/2 (original)
+++ dists/sid/linux-2.6/debian/patches/series/2 Tue Jul 17 09:29:33 2007
@@ -1 +1,2 @@
 + bugfix/alpha/request_irq-retval.patch
++ bugfix/2.6.22.1

_______________________________________________
Kernel-svn-changes mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/kernel-svn-changes

Reply via email to