[kernel] r9342 - in dists/sid/linux-2.6/debian: . patches/bugfix patches/series

Tue, 21 Aug 2007 02:08:45 -0700 

Author: maks
Date: Tue Aug 21 09:08:41 2007
New Revision: 9342

Log:
add stable 2.6.22.4, .5 is pending


Added:
   dists/sid/linux-2.6/debian/patches/bugfix/2.6.22.4
Modified:
   dists/sid/linux-2.6/debian/changelog
   dists/sid/linux-2.6/debian/patches/series/4

Modified: dists/sid/linux-2.6/debian/changelog
==============================================================================
--- dists/sid/linux-2.6/debian/changelog        (original)
+++ dists/sid/linux-2.6/debian/changelog        Tue Aug 21 09:08:41 2007
@@ -113,11 +113,13 @@
     - ata_piix: update map 10b for ich8m
     - CPUFREQ: ondemand: fix tickless accounting and software coordination bug
     - CPUFREQ: ondemand: add a check to avoid negative load calculation
+  * Add stable release 2.6.22.4:
+    - Reset current->pdeath_signal on SUID binary execution (CVE-2007-3848)
 
   [ dann frazier ]
   * [ia64] Restore config cleanup now that its safe to break the ABI
 
- -- dann frazier <[EMAIL PROTECTED]>  Mon, 20 Aug 2007 16:21:10 -0600
+ -- maximilian attems <[EMAIL PROTECTED]>  Tue, 21 Aug 2007 11:03:41 +0200
 
 linux-2.6 (2.6.22-3) unstable; urgency=low
 

Added: dists/sid/linux-2.6/debian/patches/bugfix/2.6.22.4
==============================================================================
--- (empty file)
+++ dists/sid/linux-2.6/debian/patches/bugfix/2.6.22.4  Tue Aug 21 09:08:41 2007
@@ -0,0 +1,32 @@
+diff --git a/fs/exec.c b/fs/exec.c
+index f20561f..9a93770 100644
+--- a/fs/exec.c
++++ b/fs/exec.c
+@@ -890,9 +890,12 @@ int flush_old_exec(struct linux_binprm * bprm)
+        */
+       current->mm->task_size = TASK_SIZE;
+ 
+-      if (bprm->e_uid != current->euid || bprm->e_gid != current->egid || 
+-          file_permission(bprm->file, MAY_READ) ||
+-          (bprm->interp_flags & BINPRM_FLAGS_ENFORCE_NONDUMP)) {
++      if (bprm->e_uid != current->euid || bprm->e_gid != current->egid) {
++              suid_keys(current);
++              current->mm->dumpable = suid_dumpable;
++              current->pdeath_signal = 0;
++      } else if (file_permission(bprm->file, MAY_READ) ||
++                      (bprm->interp_flags & BINPRM_FLAGS_ENFORCE_NONDUMP)) {
+               suid_keys(current);
+               current->mm->dumpable = suid_dumpable;
+       }
+@@ -983,8 +986,10 @@ void compute_creds(struct linux_binprm *bprm)
+ {
+       int unsafe;
+ 
+-      if (bprm->e_uid != current->uid)
++      if (bprm->e_uid != current->uid) {
+               suid_keys(current);
++              current->pdeath_signal = 0;
++      }
+       exec_keys(current);
+ 
+       task_lock(current);

Modified: dists/sid/linux-2.6/debian/patches/series/4
==============================================================================
--- dists/sid/linux-2.6/debian/patches/series/4 (original)
+++ dists/sid/linux-2.6/debian/patches/series/4 Tue Aug 21 09:08:41 2007
@@ -30,3 +30,4 @@
 + bugfix/sparc/sun4u-pci-config-space.patch
 + bugfix/2.6.22.2
 + bugfix/2.6.22.3
++ bugfix/2.6.22.4

_______________________________________________
Kernel-svn-changes mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/kernel-svn-changes

Reply via email to