diff options
author | Tim Yamin <plasmaroo@gentoo.org> | 2004-11-12 19:33:54 +0000 |
---|---|---|
committer | Tim Yamin <plasmaroo@gentoo.org> | 2004-11-12 19:33:54 +0000 |
commit | 06d19b90ad518d3278b6f22d527395bbfe21641c (patch) | |
tree | 457242e654fb208ba2dad7fa2c28067a05fd184f /sys-kernel/gentoo-sources | |
parent | masked nas and esd on ppc-macos until they are properly ported (diff) | |
download | gentoo-2-06d19b90ad518d3278b6f22d527395bbfe21641c.tar.gz gentoo-2-06d19b90ad518d3278b6f22d527395bbfe21641c.tar.bz2 gentoo-2-06d19b90ad518d3278b6f22d527395bbfe21641c.zip |
Version bump for the binfmt_elf security vulnerability, bug #70681.
Diffstat (limited to 'sys-kernel/gentoo-sources')
-rw-r--r-- | sys-kernel/gentoo-sources/ChangeLog | 13 | ||||
-rw-r--r-- | sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.20-r27 (renamed from sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.20-r26) | 0 | ||||
-rw-r--r-- | sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.22-r18 (renamed from sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.22-r17) | 0 | ||||
-rw-r--r-- | sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.25-r11 (renamed from sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.25-r10) | 0 | ||||
-rw-r--r-- | sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.26-r11 (renamed from sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.26-r10) | 0 | ||||
-rw-r--r-- | sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.27-r3 (renamed from sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.27-r2) | 0 | ||||
-rw-r--r-- | sys-kernel/gentoo-sources/files/gentoo-sources-2.4.binfmt_elf.patch | 84 | ||||
-rw-r--r-- | sys-kernel/gentoo-sources/gentoo-sources-2.4.20-r27.ebuild (renamed from sys-kernel/gentoo-sources/gentoo-sources-2.4.20-r26.ebuild) | 7 | ||||
-rw-r--r-- | sys-kernel/gentoo-sources/gentoo-sources-2.4.22-r18.ebuild (renamed from sys-kernel/gentoo-sources/gentoo-sources-2.4.22-r17.ebuild) | 9 | ||||
-rw-r--r-- | sys-kernel/gentoo-sources/gentoo-sources-2.4.25-r11.ebuild (renamed from sys-kernel/gentoo-sources/gentoo-sources-2.4.25-r10.ebuild) | 3 | ||||
-rw-r--r-- | sys-kernel/gentoo-sources/gentoo-sources-2.4.26-r11.ebuild (renamed from sys-kernel/gentoo-sources/gentoo-sources-2.4.26-r10.ebuild) | 7 | ||||
-rw-r--r-- | sys-kernel/gentoo-sources/gentoo-sources-2.4.27-r3.ebuild (renamed from sys-kernel/gentoo-sources/gentoo-sources-2.4.27-r2.ebuild) | 9 |
12 files changed, 116 insertions, 16 deletions
diff --git a/sys-kernel/gentoo-sources/ChangeLog b/sys-kernel/gentoo-sources/ChangeLog index 452853583ade..824f1b715a33 100644 --- a/sys-kernel/gentoo-sources/ChangeLog +++ b/sys-kernel/gentoo-sources/ChangeLog @@ -1,6 +1,17 @@ # ChangeLog for sys-kernel/gentoo-sources # Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/gentoo-sources/ChangeLog,v 1.91 2004/11/09 22:23:54 plasmaroo Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/gentoo-sources/ChangeLog,v 1.92 2004/11/12 19:33:54 plasmaroo Exp $ + +*gentoo-sources-2.4.22-r18 (12 Nov 2004) + + 12 Nov 2004; <plasmaroo@gentoo.org> -gentoo-sources-2.4.20-r26.ebuild, + +gentoo-sources-2.4.20-r27.ebuild, -gentoo-sources-2.4.22-r17.ebuild, + +gentoo-sources-2.4.22-r18.ebuild, -gentoo-sources-2.4.25-r10.ebuild, + +gentoo-sources-2.4.25-r11.ebuild, -gentoo-sources-2.4.26-r10.ebuild, + +gentoo-sources-2.4.26-r11.ebuild, -gentoo-sources-2.4.27-r2.ebuild, + +gentoo-sources-2.4.27-r3.ebuild, + +files/gentoo-sources-2.4.binfmt_elf.patch: + Version bump for the binfmt_elf security vulnerability, bug #70681. *gentoo-sources-2.4.26-r10 (09 Nov 2004) diff --git a/sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.20-r26 b/sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.20-r27 index bfe00db50fae..bfe00db50fae 100644 --- a/sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.20-r26 +++ b/sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.20-r27 diff --git a/sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.22-r17 b/sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.22-r18 index ae62b02192ec..ae62b02192ec 100644 --- a/sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.22-r17 +++ b/sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.22-r18 diff --git a/sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.25-r10 b/sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.25-r11 index ddf72226d1b3..ddf72226d1b3 100644 --- a/sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.25-r10 +++ b/sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.25-r11 diff --git a/sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.26-r10 b/sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.26-r11 index 33596a1b91ba..33596a1b91ba 100644 --- a/sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.26-r10 +++ b/sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.26-r11 diff --git a/sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.27-r2 b/sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.27-r3 index cb0002e288c5..cb0002e288c5 100644 --- a/sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.27-r2 +++ b/sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.27-r3 diff --git a/sys-kernel/gentoo-sources/files/gentoo-sources-2.4.binfmt_elf.patch b/sys-kernel/gentoo-sources/files/gentoo-sources-2.4.binfmt_elf.patch new file mode 100644 index 000000000000..bce026adf312 --- /dev/null +++ b/sys-kernel/gentoo-sources/files/gentoo-sources-2.4.binfmt_elf.patch @@ -0,0 +1,84 @@ +diff -ur linux-2.4.27-gentoo-r2/fs/binfmt_elf.c linux-2.4.27-gentoo-r3/fs/binfmt_elf.c +--- linux-2.4.27-gentoo-r2/fs/binfmt_elf.c 2004-11-10 20:43:18.000000000 +0000 ++++ linux-2.4.27-gentoo-r3/fs/binfmt_elf.c 2004-11-10 20:33:40.000000000 +0000 +@@ -308,9 +308,12 @@ + goto out; + + retval = kernel_read(interpreter,interp_elf_ex->e_phoff,(char *)elf_phdata,size); +- error = retval; +- if (retval < 0) ++ error = -EIO; ++ if (retval != size) { ++ if (retval < 0) ++ error = retval; + goto out_close; ++ } + + eppnt = elf_phdata; + for (i=0; i<interp_elf_ex->e_phnum; i++, eppnt++) { +@@ -686,8 +689,11 @@ + goto out; + + retval = kernel_read(bprm->file, elf_ex.e_phoff, (char *) elf_phdata, size); +- if (retval < 0) ++ if (retval != size) { ++ if (retval >= 0) ++ retval = -EIO; + goto out_free_ph; ++ } + + files = current->files; /* Refcounted so ok */ + retval = unshare_files(); +@@ -734,8 +740,14 @@ + retval = kernel_read(bprm->file, elf_ppnt->p_offset, + elf_interpreter, + elf_ppnt->p_filesz); +- if (retval < 0) ++ if (retval != elf_ppnt->p_filesz) { ++ if (retval >= 0) ++ retval = -EIO; + goto out_free_interp; ++ } ++ /* make sure path is NULL terminated */ ++ elf_interpreter[elf_ppnt->p_filesz - 1] = '\0'; ++ + /* If the program interpreter is one of these two, + * then assume an iBCS2 image. Otherwise assume + * a native linux image. +@@ -754,8 +766,11 @@ + if (IS_ERR(interpreter)) + goto out_free_interp; + retval = kernel_read(interpreter, 0, bprm->buf, BINPRM_BUF_SIZE); +- if (retval < 0) ++ if (retval != BINPRM_BUF_SIZE) { ++ if (retval >= 0) ++ retval = -EIO; + goto out_free_dentry; ++ } + + /* Get the exec headers */ + interp_ex = *((struct exec *) bprm->buf); +@@ -967,7 +982,10 @@ + #endif + + if (BAD_ADDR(error)) +- continue; ++ { ++ send_sig(SIGKILL, current, 0); ++ goto out_free_dentry; ++ } + + /* PaX: mirror at a randomized base */ + down_write(¤t->mm->mmap_sem); +@@ -1008,7 +1026,10 @@ + { + error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt, elf_prot, elf_flags); + if (BAD_ADDR(error)) +- continue; ++ { ++ send_sig(SIGKILL, current, 0); ++ goto out_free_dentry; ++ } + } + + if (!load_addr_set) { diff --git a/sys-kernel/gentoo-sources/gentoo-sources-2.4.20-r26.ebuild b/sys-kernel/gentoo-sources/gentoo-sources-2.4.20-r27.ebuild index a1ca235c5449..b3cb43ff4a32 100644 --- a/sys-kernel/gentoo-sources/gentoo-sources-2.4.20-r26.ebuild +++ b/sys-kernel/gentoo-sources/gentoo-sources-2.4.20-r27.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/gentoo-sources/gentoo-sources-2.4.20-r26.ebuild,v 1.1 2004/11/09 22:23:54 plasmaroo Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/gentoo-sources/gentoo-sources-2.4.20-r27.ebuild,v 1.1 2004/11/12 19:33:54 plasmaroo Exp $ IUSE="aavm crypt evms2 usagi" @@ -30,7 +30,7 @@ S=${WORKDIR}/linux-${KV} DESCRIPTION="Full sources for the Gentoo Kernel." SRC_URI="mirror://kernel/linux/kernel/v2.4/linux-${OKV}.tar.bz2 - http://dev.gentoo.org/~plasmaroo/patches/kernel/gentoo-sources/patches-${KV/r26/r14}.tar.bz2 + http://dev.gentoo.org/~plasmaroo/patches/kernel/gentoo-sources/patches-${KV/r27/r14}.tar.bz2 http://dev.gentoo.org/~plasmaroo/patches/kernel/misc/security/${P}-CAN-2004-0415.patch http://dev.gentoo.org/~plasmaroo/patches/kernel/misc/security/${P}-CAN-2004-0814.patch" HOMEPAGE="http://www.gentoo.org/ http://www.kernel.org/" @@ -42,7 +42,7 @@ src_unpack() { unpack ${A} mv linux-${OKV} linux-${KV} || die "Error moving kernel source tree to linux-${KV}" - cd ${WORKDIR}/${KV/r26/r14} + cd ${WORKDIR}/${KV/r27/r14} # This is the *ratified* aavm USE flag, enables aavm support in this kernel if ! use aavm; then @@ -149,6 +149,7 @@ src_unpack() { epatch ${FILESDIR}/${PN}-2.4.FPULockup-53804.patch || die "Failed to apply FPU-lockup patch!" epatch ${FILESDIR}/${PN}-2.4.cmdlineLeak.patch || die "Failed to apply the /proc/cmdline patch!" epatch ${FILESDIR}/${PN}-2.4.XDRWrapFix.patch || die "Failed to apply the kNFSd XDR patch!" + epatch ${FILESDIR}/${PN}-2.4.binfmt_elf.patch || die "Failed to apply the binfmt_elf patch!" } pkg_postinst() { diff --git a/sys-kernel/gentoo-sources/gentoo-sources-2.4.22-r17.ebuild b/sys-kernel/gentoo-sources/gentoo-sources-2.4.22-r18.ebuild index 2ff35f7e535c..832f0ace6329 100644 --- a/sys-kernel/gentoo-sources/gentoo-sources-2.4.22-r17.ebuild +++ b/sys-kernel/gentoo-sources/gentoo-sources-2.4.22-r18.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/gentoo-sources/gentoo-sources-2.4.22-r17.ebuild,v 1.1 2004/11/09 22:23:54 plasmaroo Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/gentoo-sources/gentoo-sources-2.4.22-r18.ebuild,v 1.1 2004/11/12 19:33:54 plasmaroo Exp $ ETYPE="sources" @@ -9,7 +9,7 @@ detect_version UNIPATCH_STRICTORDER='Y' UNIPATCH_LIST=" - ${DISTDIR}/gentoo-sources-${PVR/17/5}.patch.bz2 + ${DISTDIR}/gentoo-sources-${PVR/18/5}.patch.bz2 ${FILESDIR}/${PN}-2.4.munmap.patch ${FILESDIR}/${PN}-2.4.CAN-2004-0001.patch ${FILESDIR}/${PN}-2.4.CAN-2004-0010.patch @@ -29,13 +29,14 @@ UNIPATCH_LIST=" ${DISTDIR}/${P}-CAN-2004-0814.patch ${FILESDIR}/${PN}-2.4.FPULockup-53804.patch ${FILESDIR}/${PN}-2.4.cmdlineLeak.patch - ${FILESDIR}/${PN}-2.4.XDRWrapFix.patch" + ${FILESDIR}/${PN}-2.4.XDRWrapFix.patch + ${FILESDIR}/${PN}-2.4.binfmt_elf.patch" S=${WORKDIR}/linux-${KV} DESCRIPTION="Full sources for the Gentoo Kernel." SRC_URI="mirror://kernel/linux/kernel/v2.4/linux-${OKV}.tar.bz2 - http://dev.gentoo.org/~iggy/gentoo-sources-${PVR/17/5}.patch.bz2 + http://dev.gentoo.org/~iggy/gentoo-sources-${PVR/18/5}.patch.bz2 http://dev.gentoo.org/~plasmaroo/patches/kernel/misc/security/linux-${OKV}-CAN-2004-0415.patch http://dev.gentoo.org/~plasmaroo/patches/kernel/misc/security/${P}-CAN-2004-0814.patch" KEYWORDS="x86 -*" diff --git a/sys-kernel/gentoo-sources/gentoo-sources-2.4.25-r10.ebuild b/sys-kernel/gentoo-sources/gentoo-sources-2.4.25-r11.ebuild index 5ed98b8ac43b..d4f9094b55e8 100644 --- a/sys-kernel/gentoo-sources/gentoo-sources-2.4.25-r10.ebuild +++ b/sys-kernel/gentoo-sources/gentoo-sources-2.4.25-r11.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/gentoo-sources/gentoo-sources-2.4.25-r10.ebuild,v 1.1 2004/11/09 22:23:54 plasmaroo Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/gentoo-sources/gentoo-sources-2.4.25-r11.ebuild,v 1.1 2004/11/12 19:33:54 plasmaroo Exp $ ETYPE="sources" inherit kernel-2 @@ -26,6 +26,7 @@ UNIPATCH_LIST=" ${FILESDIR}/${PN}-2.4.FPULockup-53804.patch ${FILESDIR}/${PN}-2.4.cmdlineLeak.patch ${FILESDIR}/${PN}-2.4.XDRWrapFix.patch + ${FILESDIR}/${PN}-2.4.binfmt_elf.patch ${DISTDIR}/linux-2.4.26-CAN-2004-0415.patch ${DISTDIR}/${PN}-2.4.22-CAN-2004-0814.patch" diff --git a/sys-kernel/gentoo-sources/gentoo-sources-2.4.26-r10.ebuild b/sys-kernel/gentoo-sources/gentoo-sources-2.4.26-r11.ebuild index 2e0fdb8181af..4508020e48ef 100644 --- a/sys-kernel/gentoo-sources/gentoo-sources-2.4.26-r10.ebuild +++ b/sys-kernel/gentoo-sources/gentoo-sources-2.4.26-r11.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/gentoo-sources/gentoo-sources-2.4.26-r10.ebuild,v 1.1 2004/11/09 22:23:54 plasmaroo Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/gentoo-sources/gentoo-sources-2.4.26-r11.ebuild,v 1.1 2004/11/12 19:33:54 plasmaroo Exp $ ETYPE="sources" inherit kernel-2 @@ -11,7 +11,7 @@ IUSE='' UNIPATCH_STRICTORDER='Y' UNIPATCH_LIST=" - ${DISTDIR}/${PF/r10/r6}.tar.bz2 + ${DISTDIR}/${PF/r11/r6}.tar.bz2 ${FILESDIR}/${PN}-2.4.CAN-2004-0495.patch ${FILESDIR}/${PN}-2.4.CAN-2004-0497.patch ${FILESDIR}/${PN}-2.4.CAN-2004-0535.patch @@ -20,10 +20,11 @@ UNIPATCH_LIST=" ${FILESDIR}/${P}-OpenSWAN-CompileFix.patch ${FILESDIR}/${PN}-2.4.cmdlineLeak.patch ${FILESDIR}/${PN}-2.4.XDRWrapFix.patch + ${FILESDIR}/${PN}-2.4.binfmt_elf.patch ${DISTDIR}/linux-${OKV}-CAN-2004-0415.patch ${DISTDIR}/${PN}-2.4.22-CAN-2004-0814.patch" DESCRIPTION="Full sources including the Gentoo patchset for the ${KV_MAJOR}.${KV_MINOR} kernel tree" -SRC_URI="${KERNEL_URI} http://dev.gentoo.org/~plasmaroo/patches/kernel/gentoo-sources/${PF/r10/r6}.tar.bz2 +SRC_URI="${KERNEL_URI} http://dev.gentoo.org/~plasmaroo/patches/kernel/gentoo-sources/${PF/r11/r6}.tar.bz2 http://dev.gentoo.org/~plasmaroo/patches/kernel/misc/security/linux-${OKV}-CAN-2004-0415.patch http://dev.gentoo.org/~plasmaroo/patches/kernel/misc/security/${PN}-2.4.22-CAN-2004-0814.patch" diff --git a/sys-kernel/gentoo-sources/gentoo-sources-2.4.27-r2.ebuild b/sys-kernel/gentoo-sources/gentoo-sources-2.4.27-r3.ebuild index e25149303373..09dd30457817 100644 --- a/sys-kernel/gentoo-sources/gentoo-sources-2.4.27-r2.ebuild +++ b/sys-kernel/gentoo-sources/gentoo-sources-2.4.27-r3.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/gentoo-sources/gentoo-sources-2.4.27-r2.ebuild,v 1.1 2004/11/09 22:23:54 plasmaroo Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/gentoo-sources/gentoo-sources-2.4.27-r3.ebuild,v 1.1 2004/11/12 19:33:54 plasmaroo Exp $ ETYPE="sources" inherit kernel-2 @@ -10,12 +10,13 @@ KEYWORDS="~x86 -ppc" IUSE='' UNIPATCH_STRICTORDER='Y' -UNIPATCH_LIST="${DISTDIR}/${PF/r2/r1}.tar.bz2 +UNIPATCH_LIST="${DISTDIR}/${PF/r3/r1}.tar.bz2 ${DISTDIR}/${PN}-2.4.22-CAN-2004-0814.patch ${FILESDIR}/${PN}-2.4.cmdlineLeak.patch - ${FILESDIR}/${PN}-2.4.XDRWrapFix.patch" + ${FILESDIR}/${PN}-2.4.XDRWrapFix.patch + ${FILESDIR}/${PN}-2.4.binfmt_elf.patch" DESCRIPTION="Full sources including the Gentoo patchset for the ${KV_MAJOR}.${KV_MINOR} kernel tree" -SRC_URI="${KERNEL_URI} http://dev.gentoo.org/~plasmaroo/patches/kernel/gentoo-sources/${PF/r2/r1}.tar.bz2 +SRC_URI="${KERNEL_URI} http://dev.gentoo.org/~plasmaroo/patches/kernel/gentoo-sources/${PF/r3/r1}.tar.bz2 http://dev.gentoo.org/~plasmaroo/patches/kernel/misc/security/${PN}-2.4.22-CAN-2004-0814.patch" |