Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/sys-kernel/aa-sources
diff options
context:
space:
mode:
authorTim Yamin <plasmaroo@gentoo.org>2004-10-21 18:10:11 +0000
committerTim Yamin <plasmaroo@gentoo.org>2004-10-21 18:10:11 +0000
commitaf8aba0f44c27c5f61ab3f6263470ed7d9b73f3b (patch)
treedfb5326397a817dc742fffcbc2382d7cd1088964 /sys-kernel/aa-sources
parentforce min versions of cvs (diff)
downloadhistorical-af8aba0f44c27c5f61ab3f6263470ed7d9b73f3b.tar.gz
historical-af8aba0f44c27c5f61ab3f6263470ed7d9b73f3b.tar.bz2
historical-af8aba0f44c27c5f61ab3f6263470ed7d9b73f3b.zip
Added a patch to address CAN-2004-0816; bug #68375.
Diffstat (limited to 'sys-kernel/aa-sources')
-rw-r--r--sys-kernel/aa-sources/ChangeLog6
-rw-r--r--sys-kernel/aa-sources/Manifest5
-rw-r--r--sys-kernel/aa-sources/aa-sources-2.6.5-r5.ebuild5
-rw-r--r--sys-kernel/aa-sources/files/aa-sources-2.6.5.CAN-2004-0816.patch43
4 files changed, 54 insertions, 5 deletions
diff --git a/sys-kernel/aa-sources/ChangeLog b/sys-kernel/aa-sources/ChangeLog
index d967c9cac14f..a4de129c71b8 100644
--- a/sys-kernel/aa-sources/ChangeLog
+++ b/sys-kernel/aa-sources/ChangeLog
@@ -1,6 +1,10 @@
# ChangeLog for sys-kernel/aa-sources
# Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/aa-sources/ChangeLog,v 1.51 2004/10/02 19:54:15 plasmaroo Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/aa-sources/ChangeLog,v 1.52 2004/10/21 18:10:10 plasmaroo Exp $
+
+ 21 Oct 2004; <plasmaroo@gentoo.org> aa-sources-2.6.5-r5.ebuild,
+ +files/aa-sources-2.6.5.CAN-2004-0816.patch:
+ Added a patch to address CAN-2004-0816; bug #68375.
02 Oct 2004; <plasmaroo@gentoo.org>:
Push an updated CAN-2004-0415 patch to the mirrors, bug #65482.
diff --git a/sys-kernel/aa-sources/Manifest b/sys-kernel/aa-sources/Manifest
index 39b836c7088a..f544e55b8b9d 100644
--- a/sys-kernel/aa-sources/Manifest
+++ b/sys-kernel/aa-sources/Manifest
@@ -1,6 +1,6 @@
-MD5 fa2361c43faacfaa66b0db4ec0d82758 ChangeLog 8467
+MD5 b2ece2c731fadb0884cf77357b008030 ChangeLog 8635
MD5 399eb7607b8f1f3f597e93566b1bda7c metadata.xml 453
-MD5 2db2b7ccb1ed17b5c0095f3d38ab8f75 aa-sources-2.6.5-r5.ebuild 1232
+MD5 f12484a011b847811a4043f950691aba aa-sources-2.6.5-r5.ebuild 1270
MD5 bc631b940195181e5d3217d8874edd49 aa-sources-2.4.23-r2.ebuild 4063
MD5 60d25ff310fc6abfdce39ec9e47345af files/aa-sources-2.4.23.CAN-2004-0685.patch 2809
MD5 eaeda68a619caaddd5b8fdc5e7c39932 files/aa-sources-2.4.23.CAN-2004-0177.patch 384
@@ -33,5 +33,6 @@ MD5 21f3a4f186017d925067335e24db36a1 files/aa-sources-2.4.23.CAN-2004-0109.patch
MD5 eb70acb35ba13daa4b1fda53cb61fc01 files/aa-sources-2.6.5.CAN-2004-0495-0496.patch 23861
MD5 ac42024b6e6ee1e2165914db4b22a61c files/aa-sources-2.4.23.CAN-2004-0178.patch 424
MD5 fcfb3fc100621b77d191f86b66dd810a files/aa-sources-2.4.22-ide-scsi-missing-sym-fix.patch 465
+MD5 aa595005721b58929ee55e2e8f4b6ba0 files/aa-sources-2.6.5.CAN-2004-0816.patch 1693
MD5 c460ea130cb4ae84a5063ba044e3ce72 files/aa-sources-2.4.23.CAN-2004-0427.patch 460
MD5 e637c6fa41097ea2c4693d0766f2e1c5 files/do_brk_fix.patch 242
diff --git a/sys-kernel/aa-sources/aa-sources-2.6.5-r5.ebuild b/sys-kernel/aa-sources/aa-sources-2.6.5-r5.ebuild
index a6b5ca31043c..ec26aa038d6d 100644
--- a/sys-kernel/aa-sources/aa-sources-2.6.5-r5.ebuild
+++ b/sys-kernel/aa-sources/aa-sources-2.6.5-r5.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2004 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/aa-sources/aa-sources-2.6.5-r5.ebuild,v 1.12 2004/08/09 22:45:11 plasmaroo Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/aa-sources/aa-sources-2.6.5-r5.ebuild,v 1.13 2004/10/21 18:10:10 plasmaroo Exp $
ETYPE="sources"
K_NOUSENAME="yes"
@@ -22,7 +22,8 @@ UNIPATCH_LIST="
${FILESDIR}/${P}.ProcPerms.patch
${FILESDIR}/${P}.CAN-2004-0596.patch
${FILESDIR}/${P}.CAN-2004-0495-0496.patch
- ${FILESDIR}/${P}.cmdlineLeak.patch"
+ ${FILESDIR}/${P}.cmdlineLeak.patch
+ ${FILESDIR}/${P}.CAN-2004-0816.patch"
K_PREPATCHED="yes"
UNIPATCH_STRICTORDER="yes"
diff --git a/sys-kernel/aa-sources/files/aa-sources-2.6.5.CAN-2004-0816.patch b/sys-kernel/aa-sources/files/aa-sources-2.6.5.CAN-2004-0816.patch
new file mode 100644
index 000000000000..13a9ea2f5aa4
--- /dev/null
+++ b/sys-kernel/aa-sources/files/aa-sources-2.6.5.CAN-2004-0816.patch
@@ -0,0 +1,43 @@
+Subject: Prevent ICMP crash in netfilter logging
+From: Olaf Kirch <okir@suse.de>
+References: 46016
+
+This patch fixes a remotely triggerable crash in the netfilter code
+when looking at ICMP unreachables. It dies when trying to copy
+BIGNUM bytes...
+
+Index: linux-2.6.5/net/ipv4/netfilter/ipt_LOG.c
+===================================================================
+--- linux-2.6.5.orig/net/ipv4/netfilter/ipt_LOG.c 2004-02-19 11:36:37.000000000 +0100
++++ linux-2.6.5/net/ipv4/netfilter/ipt_LOG.c 2004-09-24 15:48:54.000000000 +0200
+@@ -71,7 +71,7 @@
+ printk("FRAG:%u ", ntohs(iph.frag_off) & IP_OFFSET);
+
+ if ((info->logflags & IPT_LOG_IPOPT)
+- && iph.ihl * 4 != sizeof(struct iphdr)) {
++ && iph.ihl * 4 > sizeof(struct iphdr)) {
+ unsigned char opt[4 * 15 - sizeof(struct iphdr)];
+ unsigned int i, optsize;
+
+@@ -138,7 +138,7 @@
+ printk("URGP=%u ", ntohs(tcph.urg_ptr));
+
+ if ((info->logflags & IPT_LOG_TCPOPT)
+- && tcph.doff * 4 != sizeof(struct tcphdr)) {
++ && tcph.doff * 4 > sizeof(struct tcphdr)) {
+ unsigned char opt[4 * 15 - sizeof(struct tcphdr)];
+ unsigned int i, optsize;
+
+Index: linux-2.6.5/net/ipv6/netfilter/ip6t_LOG.c
+===================================================================
+--- linux-2.6.5.orig/net/ipv6/netfilter/ip6t_LOG.c 2004-09-24 15:47:00.000000000 +0200
++++ linux-2.6.5/net/ipv6/netfilter/ip6t_LOG.c 2004-09-24 15:48:35.000000000 +0200
+@@ -188,7 +188,7 @@
+ printk("URGP=%u ", ntohs(tcph->urg_ptr));
+
+ if ((info->logflags & IP6T_LOG_TCPOPT)
+- && tcph->doff * 4 != sizeof(struct tcphdr)) {
++ && tcph->doff * 4 > sizeof(struct tcphdr)) {
+ unsigned int i;
+
+ /* Max length: 127 "OPT (" 15*4*2chars ") " */