Version bump for the /proc/cmdline leak vulnerability; bug #59905.

5 files changed, 26 insertions, 7 deletions

diff --git a/sys-kernel/gs-sources/ChangeLog b/sys-kernel/gs-sources/ChangeLog
index d782e3103d4d..6f3cb28f34d1 100644
--- a/sys-kernel/gs-sources/ChangeLog
+++ b/sys-kernel/gs-sources/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for sys-kernel/gs-sources
 # Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/gs-sources/ChangeLog,v 1.49 2004/08/08 18:47:27 plasmaroo Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/gs-sources/ChangeLog,v 1.50 2004/08/09 23:38:45 plasmaroo Exp $
+
+*gs-sources-2.4.25_pre7-r11 (10 Aug 2004)
+
+  10 Aug 2004; <plasmaroo@gentoo.org> -gs-sources-2.4.25_pre7-r10.ebuild,
+  +gs-sources-2.4.25_pre7-r11.ebuild, +files/gs-sources.cmdlineLeak.patch:
+  Version bump for the /proc/cmdline leak vulnerability; bug #59905.
 
 *gs-sources-2.4.25_pre7-r10 (08 Aug 2004)
 
diff --git a/sys-kernel/gs-sources/Manifest b/sys-kernel/gs-sources/Manifest
index a19845aff8a4..80463de6bc35 100644
--- a/sys-kernel/gs-sources/Manifest
+++ b/sys-kernel/gs-sources/Manifest
@@ -1,8 +1,9 @@
-MD5 f087478c39f62d6914a83e64fa3d0865 ChangeLog 9352
+MD5 a5287c535ba2ed169a05ca943bbc15f9 ChangeLog 9614
 MD5 4df72e65b139d3e4c18bec81f3a561df metadata.xml 227
-MD5 f3f8ac3914ac60e0ac53a8e780a9e933 gs-sources-2.4.25_pre7-r10.ebuild 3463
+MD5 786b51a8bb6f88ead71a1ca63c9a73c5 gs-sources-2.4.25_pre7-r11.ebuild 3557
 MD5 517fc1b71501382d041ce0bdfe304511 files/00_3.5-useraddress.patch 7247
 MD5 21f3a4f186017d925067335e24db36a1 files/gs-sources.CAN-2004-0109.patch 1877
+MD5 d1ccc2047be533c992f67270a150a210 files/gs-sources.cmdlineLeak.patch 388
 MD5 174438d215b70cad5ffb00ca8123c062 files/gs-sources.munmap.patch 837
 MD5 d4a740ae56c2049247083af387a22a85 files/gs-sources.CAN-2004-0394.patch 350
 MD5 60d25ff310fc6abfdce39ec9e47345af files/gs-sources.CAN-2004-0685.patch 2809
@@ -14,8 +15,8 @@ MD5 3bdf00d5f80fe9dfbfe8220e076cd04c files/gs-sources.CAN-2004-0497.patch 707
 MD5 a3ec1083055b245758b2262dd2245145 files/pci.ids.patch 3376
 MD5 e77a93fdf26f06cf3ea5080b27211725 files/gs-sources.CAN-2003-0985.patch 414
 MD5 5bf9836a632a861728d33f9736bb7431 files/gs-sources.CAN-2004-0133.patch 427
-MD5 351ec4910935b0191a59117f1ecfa561 files/digest-gs-sources-2.4.25_pre7-r10 223
 MD5 c460ea130cb4ae84a5063ba044e3ce72 files/gs-sources.CAN-2004-0427.patch 460
 MD5 ac42024b6e6ee1e2165914db4b22a61c files/gs-sources.CAN-2004-0178.patch 424
 MD5 b1a5808ce9f7266bcca1f8de769ac9ac files/gs-sources.MKI.CompileFix.patch 445
+MD5 351ec4910935b0191a59117f1ecfa561 files/digest-gs-sources-2.4.25_pre7-r11 223
 MD5 c9da1bc82b906f6abc648c056e7bf662 files/gs-sources.FPULockup-53804.patch 354
diff --git a/sys-kernel/gs-sources/files/digest-gs-sources-2.4.25_pre7-r10 b/sys-kernel/gs-sources/files/digest-gs-sources-2.4.25_pre7-r11
index 6e0a8e42bbb2..6e0a8e42bbb2 100644
--- a/sys-kernel/gs-sources/files/digest-gs-sources-2.4.25_pre7-r10
+++ b/sys-kernel/gs-sources/files/digest-gs-sources-2.4.25_pre7-r11
diff --git a/sys-kernel/gs-sources/files/gs-sources.cmdlineLeak.patch b/sys-kernel/gs-sources/files/gs-sources.cmdlineLeak.patch
new file mode 100644
index 000000000000..5f26f7f388f6
--- /dev/null
+++ b/sys-kernel/gs-sources/files/gs-sources.cmdlineLeak.patch
@@ -0,0 +1,11 @@
+--- linux-2.4/fs/proc/base.c	2004-04-15 07:09:32.000000000 +0100
++++ linux-2.4/fs/proc/base.c.plasmaroo	2004-08-09 23:30:43.869195800 +0100
+@@ -187,7 +187,7 @@ static int proc_pid_cmdline(struct task_
+ 	if (mm)
+ 		atomic_inc(&mm->mm_users);
+ 	task_unlock(task);
+-	if (mm) {
++	if (mm && mm->arg_end) {
+ 		int len = mm->arg_end - mm->arg_start;
+ 		if (len > PAGE_SIZE)
+ 			len = PAGE_SIZE;
diff --git a/sys-kernel/gs-sources/gs-sources-2.4.25_pre7-r10.ebuild b/sys-kernel/gs-sources/gs-sources-2.4.25_pre7-r11.ebuild
index 514970868063..e0e7e55a175c 100644
--- a/sys-kernel/gs-sources/gs-sources-2.4.25_pre7-r10.ebuild
+++ b/sys-kernel/gs-sources/gs-sources-2.4.25_pre7-r11.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2004 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/gs-sources/gs-sources-2.4.25_pre7-r10.ebuild,v 1.1 2004/08/08 18:47:27 plasmaroo Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/gs-sources/gs-sources-2.4.25_pre7-r11.ebuild,v 1.1 2004/08/09 23:38:45 plasmaroo Exp $
 
 IUSE="crypt"
 
@@ -30,7 +30,7 @@ S=${WORKDIR}/linux-${KV}
 DESCRIPTION="This kernel stays up to date with current kernel -pre's, with recent ACPI,
 	EVMS, Win4Lin, aic79xx, Super FreeS/WAN, preempt, and various hardware fixes."
 SRC_URI="mirror://kernel/linux/kernel/v2.4/linux-${OKV}.tar.bz2
-	 mirror://gentoo/patches-${KV/r10/r1}.tar.bz2
+	 mirror://gentoo/patches-${KV/r11/r1}.tar.bz2
 	 http://dev.gentoo.org/~plasmaroo/patches/kernel/misc/security/linux-2.4.26-CAN-2004-0415.patch"
 KEYWORDS="x86 -ppc -sparc"
 SLOT="${KV}"
@@ -38,7 +38,7 @@ SLOT="${KV}"
 src_unpack() {
 	unpack ${A}
 	mv linux-${OKV} linux-${KV} || die
-	cd ${KV/r10/r1} || die
+	cd ${KV/r11/r1} || die
 	# Kill patches we aren't suppposed to use, don't worry about
 	# failures, if they aren't there that is a good thing!
 	# This is the ratified crypt USE flag, enables IPSEC and patch-int
@@ -68,4 +68,5 @@ src_unpack() {
 	epatch ${FILESDIR}/${PN}.CAN-2004-0685.patch || die "Failed to add the CAN-2004-0685 patch!"
 	epatch ${FILESDIR}/${PN}.FPULockup-53804.patch || die "Failed to apply FPU-lockup patch!"
 	epatch ${FILESDIR}/${PN}.MKI.CompileFix.patch || die "Failed to apply MKI compilefix patch!"
+	epatch ${FILESDIR}/${PN}.cmdlineLeak.patch || die "Failed to apply the /proc/cmdline patch!"
 }