diff options
author | Andrew Ross <aross@gentoo.org> | 2006-12-16 03:55:01 +0000 |
---|---|---|
committer | Andrew Ross <aross@gentoo.org> | 2006-12-16 03:55:01 +0000 |
commit | c4ddd7e779497e5c675096cf027f7696b1183920 (patch) | |
tree | 7684ac730a65c0b2ab2ec4fa395f4ead0a620ec9 /sys-kernel/xen-sources | |
parent | Remove due to CVE-2006-3745 (bug #144820), which doesn't affect 2.6.16.28 (diff) | |
download | gentoo-2-c4ddd7e779497e5c675096cf027f7696b1183920.tar.gz gentoo-2-c4ddd7e779497e5c675096cf027f7696b1183920.tar.bz2 gentoo-2-c4ddd7e779497e5c675096cf027f7696b1183920.zip |
Fix CVE-2006-6333 (bug #157186).
(Portage version: 2.1.1-r2)
Diffstat (limited to 'sys-kernel/xen-sources')
4 files changed, 91 insertions, 4 deletions
diff --git a/sys-kernel/xen-sources/ChangeLog b/sys-kernel/xen-sources/ChangeLog index eaf51cee3963..32fd570db7d6 100644 --- a/sys-kernel/xen-sources/ChangeLog +++ b/sys-kernel/xen-sources/ChangeLog @@ -1,15 +1,22 @@ # ChangeLog for sys-kernel/xen-sources # Copyright 1999-2006 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/xen-sources/ChangeLog,v 1.35 2006/12/16 03:32:41 aross Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/xen-sources/ChangeLog,v 1.36 2006/12/16 03:55:01 aross Exp $ - 16 Dec 2006; <aross@gentoo.org> +*xen-sources-2.6.16.28-r1 (16 Dec 2006) + + 16 Dec 2006; Andrew Ross <aross@gentoo.org> + +files/xen-sources-2.6.16.28-CVE-2006-6333.patch, + +xen-sources-2.6.16.28-r1.ebuild: + Fix CVE-2006-6333 (bug #157186). + + 16 Dec 2006; Andrew Ross <aross@gentoo.org> -files/xen-sources-2.6.16.26-CVE-2006-2935.patch, -xen-sources-2.6.16.26.ebuild, -xen-sources-2.6.16.26-r1.ebuild: Remove due to CVE-2006-3745 (bug #144820), which doesn't affect 2.6.16.28 *xen-sources-2.6.16.28 (10 Sep 2006) - 10 Sep 2006; <aross@gentoo.org> + 10 Sep 2006; Andrew Ross <aross@gentoo.org> +files/xen-sources-2.6.16.28-CVE-2006-3468.patch, +xen-sources-2.6.16.28.ebuild: Version bump to fix bugs #143538 (CVE-2006-4145), #139641 (CVE-2006-2936), and @@ -17,7 +24,7 @@ *xen-sources-2.6.16.26-r1 (26 Aug 2006) - 26 Aug 2006; <aross@gentoo.org> + 26 Aug 2006; Andrew Ross <aross@gentoo.org> +files/xen-sources-2.6.16.26-CVE-2006-2935.patch, +xen-sources-2.6.16.26-r1.ebuild: Fix possible buffer overflow (CVE-2006-2935), bug #139321 diff --git a/sys-kernel/xen-sources/files/digest-xen-sources-2.6.16.28-r1 b/sys-kernel/xen-sources/files/digest-xen-sources-2.6.16.28-r1 new file mode 100644 index 000000000000..30347f3d6d5e --- /dev/null +++ b/sys-kernel/xen-sources/files/digest-xen-sources-2.6.16.28-r1 @@ -0,0 +1,9 @@ +MD5 9a91b2719949ff0856b40bc467fd47be linux-2.6.16.tar.bz2 40845005 +RMD160 af5c2f55733fadd2fdf8b00da55e7b31d516d4e8 linux-2.6.16.tar.bz2 40845005 +SHA256 1200dcc7e60fcdaf68618dba991917a47e41e67099e8b22143976ec972e2cad7 linux-2.6.16.tar.bz2 40845005 +MD5 736e7d741c0650c320c2b37bf6de3c0b patch-2.6.16.28.bz2 76693 +RMD160 5235c0b5f9665a279f5bf5d42f942cef215e822f patch-2.6.16.28.bz2 76693 +SHA256 6b05fd7121a86a5a6cfd0177200259eeb9a3d276a3cb16ba8cf2acdd747fa6be patch-2.6.16.28.bz2 76693 +MD5 544eab940a0734a55459d648e5c3b224 xen-3.0.2-src.tgz 4933621 +RMD160 34e4431a981891319f8a5ea0c3f604e7d8d7d7af xen-3.0.2-src.tgz 4933621 +SHA256 f18ffab16a457fa721d11933c75f8288f6958c88c2669857c7c11d5107ba2951 xen-3.0.2-src.tgz 4933621 diff --git a/sys-kernel/xen-sources/files/xen-sources-2.6.16.28-CVE-2006-6333.patch b/sys-kernel/xen-sources/files/xen-sources-2.6.16.28-CVE-2006-6333.patch new file mode 100644 index 000000000000..66445efea449 --- /dev/null +++ b/sys-kernel/xen-sources/files/xen-sources-2.6.16.28-CVE-2006-6333.patch @@ -0,0 +1,28 @@ +From: Al Viro <viro@hera.kernel.org> +Date: Mon, 4 Dec 2006 22:05:09 +0000 (+0000) +Subject: [PATCH] remote memory corruptor in ibmtr.c +X-Git-Url: http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=ee28b0da1069ced1688aa9d0b7b378353b988321 + +[PATCH] remote memory corruptor in ibmtr.c + +ip_summed changes last summer had missed that one. As the result, +we have ip_summed interpreted as CHECKSUM_PARTIAL now. IOW, +->csum is interpreted as offset of checksum in the packet. net/core/* +will both read and modify the value as that offset, with obvious +reasons. At the very least it's a remote memory corruptor. + +Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> +Signed-off-by: Linus Torvalds <torvalds@osdl.org> +--- + +--- a/drivers/net/tokenring/ibmtr.c ++++ b/drivers/net/tokenring/ibmtr.c +@@ -1826,7 +1826,7 @@ static void tr_rx(struct net_device *dev + skb->protocol = tr_type_trans(skb, dev); + if (IPv4_p) { + skb->csum = chksum; +- skb->ip_summed = 1; ++ skb->ip_summed = CHECKSUM_COMPLETE; + } + netif_rx(skb); + dev->last_rx = jiffies; diff --git a/sys-kernel/xen-sources/xen-sources-2.6.16.28-r1.ebuild b/sys-kernel/xen-sources/xen-sources-2.6.16.28-r1.ebuild new file mode 100644 index 000000000000..fb30f6258a2b --- /dev/null +++ b/sys-kernel/xen-sources/xen-sources-2.6.16.28-r1.ebuild @@ -0,0 +1,43 @@ +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/xen-sources/xen-sources-2.6.16.28-r1.ebuild,v 1.1 2006/12/16 03:55:01 aross Exp $ + +ETYPE="sources" +inherit kernel-2 eutils +detect_arch +detect_version +[ "${PR}" == "r0" ] && KV=${PV/_/-}-xen || KV=${PV/_/-}-xen-${PR} + +DESCRIPTION="Full sources for a dom0/domU Linux kernel to run under Xen" +HOMEPAGE="http://www.cl.cam.ac.uk/Research/SRG/netos/xen/index.html" +XEN_VERSION="3.0.2" +MY_P="xen-${XEN_VERSION}" +SRC_URI="${KERNEL_URI} mirror://kernel/linux/kernel/v${KV_MAJOR}.${KV_MINOR}/patch-${PV}.bz2 http://www.cl.cam.ac.uk/Research/SRG/netos/xen/downloads/xen-${XEN_VERSION}-src.tgz" + +KEYWORDS="~x86 ~amd64" +S="${WORKDIR}" +RESTRICT="nostrip" +XEN_KV=${KV_MAJOR}.${KV_MINOR}.${KV_PATCH} + +src_unpack() { + unpack ${A} + cd ${MY_P} + mv "${WORKDIR}"/patch-${PV} patches/linux-${XEN_KV}/linux-${PV}.patch \ + || die "failed to mv ${WORKDIR}/patch-${PV}" + sed -e 's:relative_lndir \([^(].*\):cp -dpPR \1/* .:' \ + -i linux-2.6-xen-sparse/mkbuildtree || die + + # No need to run oldconfig + sed -e 's:$(MAKE) -C $(LINUX_DIR) ARCH=$(LINUX_ARCH) oldconfig::' \ + -i buildconfigs/mk.linux-2.6-xen + + make LINUX_SRC_PATH=${DISTDIR} -f buildconfigs/mk.linux-2.6-xen \ + linux-${XEN_KV}-xen/include/linux/autoconf.h || die + mv linux-${XEN_KV}-xen "${WORKDIR}"/linux-${KV} || die + rm -rf "${WORKDIR}"/linux-${XEN_KV} || die + rm -rf "${WORKDIR}/${MY_P}" || die + + cd "${WORKDIR}"/linux-${KV} + epatch "${FILESDIR}/${P}"-CVE-2006-3468.patch + epatch "${FILESDIR}/${P}"-CVE-2006-6333.patch +} |