[kernel] r10128 - in dists/etch-security/linux-2.6/debian: . patches/features/all/vserver

Thu, 17 Jan 2008 10:34:27 -0800 

Author: dannf
Date: Thu Jan 17 18:33:50 2008
New Revision: 10128

Log:
hack vs2.0.2.2-rc9.patch so it will apply on top of the fix for CVE-2008-0001

Modified:
   dists/etch-security/linux-2.6/debian/changelog
   
dists/etch-security/linux-2.6/debian/patches/features/all/vserver/vs2.0.2.2-rc9.patch

Modified: dists/etch-security/linux-2.6/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6/debian/changelog      (original)
+++ dists/etch-security/linux-2.6/debian/changelog      Thu Jan 17 18:33:50 2008
@@ -5,7 +5,8 @@
     See CVE-2007-6151
   * bugfix/vfs-use-access-mode-flag.patch
     [SECURITY] Use the access mode flag instead of the open flag when
-    testing access mode for a directory.
+    testing access mode for a directory. Modify
+    features/all/vserver/vs2.0.2.2-rc9.patch to apply on top of this
     See CVE-2008-0001
   * bugfix/fat-move-ioctl-compat-code.patch, bugfix/fat-fix-compat-ioctls.patch
     [SECURITY][ABI Changer] Fix kernel_dirent corruption in the compat layer
@@ -17,7 +18,7 @@
     filesystem
     See CVE-2007-4571
 
- -- dann frazier <[EMAIL PROTECTED]>  Tue, 15 Jan 2008 16:44:15 -0700
+ -- dann frazier <[EMAIL PROTECTED]>  Thu, 17 Jan 2008 11:31:48 -0700
 
 linux-2.6 (2.6.18.dfsg.1-17) stable; urgency=high
 

Modified: 
dists/etch-security/linux-2.6/debian/patches/features/all/vserver/vs2.0.2.2-rc9.patch
==============================================================================
--- 
dists/etch-security/linux-2.6/debian/patches/features/all/vserver/vs2.0.2.2-rc9.patch
       (original)
+++ 
dists/etch-security/linux-2.6/debian/patches/features/all/vserver/vs2.0.2.2-rc9.patch
       Thu Jan 17 18:33:50 2008
@@ -4775,9 +4775,9 @@
                        return -EACCES;
  
                flag &= ~O_TRUNC;
--      } else if (IS_RDONLY(inode) && (flag & FMODE_WRITE))
+-      } else if (IS_RDONLY(inode) && (acc_mode & MAY_WRITE))
 +      } else if ((IS_RDONLY(inode) || MNT_IS_RDONLY(nd->mnt))
-+              && (flag & FMODE_WRITE))
++              && (acc_mode & MAY_WRITE))
                return -EROFS;
        /*
         * An append-only file must be opened in append mode for writing.

_______________________________________________
Kernel-svn-changes mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/kernel-svn-changes

Reply via email to