Log of /dists/sarge-security
Directory Listing
Revision
5996 -
Directory Listing
Modified
Wed Mar 1 01:20:06 2006 UTC
(7 years, 2 months ago)
by
dannf
all known dependent packages are noted now
Revision
5876 -
Directory Listing
Modified
Tue Feb 14 04:13:25 2006 UTC
(7 years, 3 months ago)
by
dannf
initial commit; packages that might be rebuild triggered by updated kernel packages
Revision
5864 -
Directory Listing
Modified
Mon Feb 13 04:40:58 2006 UTC
(7 years, 3 months ago)
by
dannf
this should be under kernel-2.4
Revision
5863 -
Directory Listing
Modified
Mon Feb 13 04:18:46 2006 UTC
(7 years, 3 months ago)
by
dannf
update kernel-latest-* to use the new ABI
Revision
5862 -
Directory Listing
Modified
Mon Feb 13 02:08:40 2006 UTC
(7 years, 3 months ago)
by
dannf
s/2.4/2.6/
Revision
5861 -
Directory Listing
Modified
Mon Feb 13 02:08:18 2006 UTC
(7 years, 3 months ago)
by
dannf
add kernel-latest-2.6-alpha to the sarge-security branch
Revision
5855 -
Directory Listing
Modified
Mon Feb 13 01:55:37 2006 UTC
(7 years, 3 months ago)
by
dannf
add kernel-latest-powerpc to the sarge-security branch
Revision
5854 -
Directory Listing
Modified
Mon Feb 13 01:54:46 2006 UTC
(7 years, 3 months ago)
by
dannf
add kernel-latest-2.6-sparc to the sarge-security branch
Revision
5853 -
Directory Listing
Modified
Mon Feb 13 01:54:12 2006 UTC
(7 years, 3 months ago)
by
dannf
add kernel-latest-2.6-i386 to the sarge-security branch
Revision
5849 -
Directory Listing
Modified
Mon Feb 13 01:45:52 2006 UTC
(7 years, 3 months ago)
by
dannf
2.6, not 2.4
Revision
5848 -
Directory Listing
Modified
Mon Feb 13 01:44:31 2006 UTC
(7 years, 3 months ago)
by
dannf
add kernel-latest-2.6-hppa to the sarge-security branch
Revision
5844 -
Directory Listing
Modified
Mon Feb 13 01:36:44 2006 UTC
(7 years, 3 months ago)
by
dannf
add kernel-latest-2.6-amd64 to the sarge-security branch
Revision
5842 -
Directory Listing
Modified
Mon Feb 13 01:30:50 2006 UTC
(7 years, 3 months ago)
by
dannf
add kernel-latest-2.6-alpha to the sarge-security branch
Revision
5841 -
Directory Listing
Modified
Mon Feb 13 01:30:03 2006 UTC
(7 years, 3 months ago)
by
dannf
add kernel-latest-2.4-sparc to the sarge-security branch
Revision
5840 -
Directory Listing
Modified
Mon Feb 13 01:29:06 2006 UTC
(7 years, 3 months ago)
by
dannf
add kernel-latest-2.4-s390 to the sarge-security branch
Revision
5838 -
Directory Listing
Modified
Mon Feb 13 01:25:19 2006 UTC
(7 years, 3 months ago)
by
dannf
add kernel-latest-2.4-i386 to the sarge-security branch
Revision
5837 -
Directory Listing
Modified
Mon Feb 13 01:14:36 2006 UTC
(7 years, 3 months ago)
by
dannf
add kernel-latest-2.4-alpha to the sarge-security branch
Revision
5836 -
Directory Listing
Modified
Mon Feb 13 01:14:20 2006 UTC
(7 years, 3 months ago)
by
dannf
oops; branched at wrong level - reverting
Revision
5835 -
Directory Listing
Modified
Mon Feb 13 01:13:29 2006 UTC
(7 years, 3 months ago)
by
dannf
add kernel-latest-2.4-alpha to the sarge-security branch
Revision
5834 -
Directory Listing
Modified
Sun Feb 12 19:57:42 2006 UTC
(7 years, 3 months ago)
by
dannf
* Build fix for 206_s390-sacf-fix.diff (CAN-2004-0887) from new
kernel-tree.
Revision
5833 -
Directory Listing
Modified
Sun Feb 12 17:54:05 2006 UTC
(7 years, 3 months ago)
by
dannf
* Add an ABI string to the package name. Use -3 to be consistent with most
other architectures.
Revision
5832 -
Directory Listing
Modified
Sun Feb 12 17:37:47 2006 UTC
(7 years, 3 months ago)
by
dannf
some more abi addition fixes
Revision
5800 -
Directory Listing
Modified
Fri Feb 10 05:34:38 2006 UTC
(7 years, 3 months ago)
by
dannf
control is autogenerated; stop keeping it in svn
Revision
5799 -
Directory Listing
Modified
Fri Feb 10 05:21:40 2006 UTC
(7 years, 3 months ago)
by
dannf
-p0'ify
Revision
5798 -
Directory Listing
Modified
Fri Feb 10 04:59:12 2006 UTC
(7 years, 3 months ago)
by
dannf
make it a -p0 patch
Revision
5797 -
Directory Listing
Modified
Thu Feb 9 21:40:16 2006 UTC
(7 years, 3 months ago)
by
dannf
* Add missing build-dep on module-init-tools
Revision
5796 -
Directory Listing
Modified
Thu Feb 9 21:39:15 2006 UTC
(7 years, 3 months ago)
by
dannf
add abiname to kernel-headers deb
Revision
5795 -
Directory Listing
Modified
Thu Feb 9 21:27:48 2006 UTC
(7 years, 3 months ago)
by
dannf
make version string more consistent with previous releases & set urgency to high
Revision
5794 -
Directory Listing
Modified
Thu Feb 9 21:09:26 2006 UTC
(7 years, 3 months ago)
by
dannf
allow non-digits in kernel-tree ver; needed for "sargeN" substrings
Revision
5792 -
Directory Listing
Modified
Thu Feb 9 21:00:54 2006 UTC
(7 years, 3 months ago)
by
dannf
Load kernel-image-2.4.27-arm-2.4.27 into
dists/sarge-security/kernel-2.4/arm/kernel-image-2.4.27-arm-2.4.27.
Revision
5790 -
Directory Listing
Modified
Thu Feb 9 20:59:08 2006 UTC
(7 years, 3 months ago)
by
dannf
Load kernel-image-2.4.27-arm-2.4.27 into
dists/sarge-security/kernel-2.4/arm/kernel-image-2.4.27-arm-2.4.27.
Revision
5788 -
Directory Listing
Modified
Thu Feb 9 20:57:02 2006 UTC
(7 years, 3 months ago)
by
dannf
Load kernel-image-2.4.27-arm-2.4.27 into
dists/sarge-security/kernel-2.4/arm/kernel-image-2.4.27-arm-2.4.27.
Revision
5787 -
Directory Listing
Modified
Thu Feb 9 20:56:48 2006 UTC
(7 years, 3 months ago)
by
dannf
Create directories to load project into.
* dists/sarge-security/kernel-2.4/arm/kernel-image-2.4.27-arm-2.4.27:
New directory.
* releases/kernel-2.4/arm/kernel-image-2.4.27-arm-2.4.27: New
directory.
Revision
5785 -
Directory Listing
Modified
Thu Feb 9 20:52:58 2006 UTC
(7 years, 3 months ago)
by
dannf
Load kernel-patch-2.4.27-arm-2.4.27 into
dists/sarge-security/kernel-2.4/arm/kernel-patch-2.4.27-arm-2.4.27.
Revision
5783 -
Directory Listing
Modified
Thu Feb 9 20:49:31 2006 UTC
(7 years, 3 months ago)
by
dannf
Load kernel-patch-2.4.27-arm-2.4.27 into
dists/sarge-security/kernel-2.4/arm/kernel-patch-2.4.27-arm-2.4.27.
Revision
5782 -
Directory Listing
Modified
Thu Feb 9 20:49:17 2006 UTC
(7 years, 3 months ago)
by
dannf
Create directories to load project into.
* dists/sarge-security/kernel-2.4/arm: New directory.
* dists/sarge-security/kernel-2.4/arm/kernel-patch-2.4.27-arm-2.4.27:
New directory.
* releases/kernel-2.4/arm: New directory.
* releases/kernel-2.4/arm/kernel-patch-2.4.27-arm-2.4.27: New
directory.
Revision
5774 -
Directory Listing
Modified
Thu Feb 9 08:05:41 2006 UTC
(7 years, 3 months ago)
by
dannf
put the alpha image in a subdir that matches the kernel name, for consistency with other archs [3/3]
Revision
5773 -
Directory Listing
Modified
Thu Feb 9 08:05:27 2006 UTC
(7 years, 3 months ago)
by
dannf
put the alpha image in a subdir that matches the kernel name, for consistency with other archs [2/3]
Revision
5772 -
Directory Listing
Modified
Thu Feb 9 08:05:12 2006 UTC
(7 years, 3 months ago)
by
dannf
put the alpha image in a subdir that matches the kernel name, for consistency with other archs [1/3]
Revision
5770 -
Directory Listing
Modified
Thu Feb 9 07:19:37 2006 UTC
(7 years, 3 months ago)
by
horms
* Build against kernel source 2.4.27-10sarge2
* Use a build dependancy on kernel-tree-2.4.27-10sarge2 rather than
a versioned build dependancy on kernel-source-2.4.27
Revision
5768 -
Directory Listing
Modified
Thu Feb 9 07:18:26 2006 UTC
(7 years, 3 months ago)
by
horms
* Build against kernel source 2.4.27-10sarge2
* Use a build dependancy on kernel-tree-2.4.27-10sarge2 rather than
a versioned build dependancy on kernel-source-2.4.27
Revision
5752 -
Directory Listing
Modified
Wed Feb 8 10:58:58 2006 UTC
(7 years, 3 months ago)
by
horms
add ABI warning
Revision
5750 -
Directory Listing
Modified
Wed Feb 8 10:56:20 2006 UTC
(7 years, 3 months ago)
by
horms
199_ptrace-fix_self-attach_rule.diff -> 201_ptrace-fix_self-attach_rule.diff
Revision
5747 -
Directory Listing
Modified
Wed Feb 8 10:46:59 2006 UTC
(7 years, 3 months ago)
by
horms
cosmetics
Revision
5744 -
Directory Listing
Modified
Wed Feb 8 10:23:48 2006 UTC
(7 years, 3 months ago)
by
horms
orinoco.c not hermes.c
Revision
5743 -
Directory Listing
Modified
Wed Feb 8 10:22:52 2006 UTC
(7 years, 3 months ago)
by
horms
Actually remove 194_xfs-inode-race.diff from the series
Revision
5742 -
Directory Listing
Modified
Wed Feb 8 10:17:25 2006 UTC
(7 years, 3 months ago)
by
horms
192_orinoco-info-leak-2.diff was missing from the previous commit
Revision
5741 -
Directory Listing
Modified
Wed Feb 8 09:51:56 2006 UTC
(7 years, 3 months ago)
by
horms
Add 192_orinoco-info-leak-2.diff: See #344036
Revision
5735 -
Directory Listing
Modified
Wed Feb 8 04:12:14 2006 UTC
(7 years, 3 months ago)
by
horms
Minor changelog updates to bring into line with 2.4.27-13
Revision
5734 -
Directory Listing
Modified
Wed Feb 8 03:21:15 2006 UTC
(7 years, 3 months ago)
by
horms
Remove 194_xfs-inode-race.diff for now. Its an extensive patch. It has no CVE. And it causes at least one bug which requites another extensive patch to fix. (See: #343970)
Revision
5731 -
Directory Listing
Modified
Tue Feb 7 18:04:22 2006 UTC
(7 years, 3 months ago)
by
dannf
revert 5719; horms & moritz believe this fixes a problem that didn't exist till 2.6.12, and may actually cause additional problems in 2.6.8
Revision
5720 -
Directory Listing
Modified
Tue Feb 7 05:45:29 2006 UTC
(7 years, 3 months ago)
by
horms
kernel-patch-powerpc-2.4.27 2.4.27-10sarge2
Revision
5719 -
Directory Listing
Modified
Tue Feb 7 05:41:39 2006 UTC
(7 years, 3 months ago)
by
dannf
* ip_options_echo-extra-dst.dpatch
[SECURITY] Bypass ip_rt_put() call in icmp_send to fix a remote DoS
vulnerability.
See CVE-2006-0454
Revision
5715 -
Directory Listing
Modified
Tue Feb 7 02:39:50 2006 UTC
(7 years, 3 months ago)
by
horms
kernel-source-2.4.27 2.4.27-10sarge2
Revision
5711 -
Directory Listing
Modified
Mon Feb 6 06:58:37 2006 UTC
(7 years, 3 months ago)
by
dannf
fix backported patch; "nodes" was the bitmap prior to nodemap_t when it becames nodes->bits
Revision
5703 -
Directory Listing
Modified
Sat Feb 4 04:41:14 2006 UTC
(7 years, 3 months ago)
by
jurij-guest
Correct sparc64-clock-settime.dpatch to reference
only the compat_clock_* functions, not the
compat_sys_clock_* ones, as the latter are not
present in 2.6.8.
Revision
5690 -
Directory Listing
Modified
Thu Feb 2 16:41:01 2006 UTC
(7 years, 3 months ago)
by
dannf
fix builds by adding missing valid_signal() macro
Revision
5686 -
Directory Listing
Modified
Thu Feb 2 08:22:56 2006 UTC
(7 years, 3 months ago)
by
dannf
DEFINE_SPINLOCK macro didn't exist in 2.6.8
Revision
5685 -
Directory Listing
Modified
Thu Feb 2 04:56:55 2006 UTC
(7 years, 3 months ago)
by
dannf
s/\.patch/\.dpatch/
Revision
5679 -
Directory Listing
Modified
Wed Feb 1 07:46:28 2006 UTC
(7 years, 3 months ago)
by
dannf
* Build against 2.4.27-10sarge2
* Increment ABI to -3
Revision
5678 -
Directory Listing
Modified
Wed Feb 1 07:45:08 2006 UTC
(7 years, 3 months ago)
by
dannf
* Increment ABI to -3
Revision
5677 -
Directory Listing
Modified
Wed Feb 1 07:43:19 2006 UTC
(7 years, 3 months ago)
by
dannf
* Build against kernel-tree-2.4.27-10sarge2
* Increment ABI to -3
Revision
5676 -
Directory Listing
Modified
Wed Feb 1 07:42:19 2006 UTC
(7 years, 3 months ago)
by
dannf
* Build against kernel-tree-2.4.27-10sarge2
* Increment ABI to -3
Revision
5675 -
Directory Listing
Modified
Wed Feb 1 07:40:19 2006 UTC
(7 years, 3 months ago)
by
dannf
* Build against kernel-tree-2.4.27-10sarge2
* Increment ABI to -3
Revision
5674 -
Directory Listing
Modified
Wed Feb 1 07:39:07 2006 UTC
(7 years, 3 months ago)
by
dannf
* Rebuild against kernel-tree-2.6.8-16sarge2
* Increment ABI to -3
Revision
5673 -
Directory Listing
Modified
Wed Feb 1 07:36:46 2006 UTC
(7 years, 3 months ago)
by
dannf
* Use kernel-tree-2.6.8-16sarge2.
* Increment ABI to -3
Revision
5672 -
Directory Listing
Modified
Wed Feb 1 07:34:47 2006 UTC
(7 years, 3 months ago)
by
dannf
* Build against kernel-tree-2.6.8-16sarge1
* Add an ABI string to the package name
Revision
5671 -
Directory Listing
Modified
Wed Feb 1 07:05:32 2006 UTC
(7 years, 3 months ago)
by
dannf
prepare for sarge2 build
Revision
5670 -
Directory Listing
Modified
Wed Feb 1 07:04:33 2006 UTC
(7 years, 3 months ago)
by
dannf
* Build against kernel-tree-2.6.8-16sarge2
* Increment ABI to -3
Revision
5669 -
Directory Listing
Modified
Wed Feb 1 07:03:35 2006 UTC
(7 years, 3 months ago)
by
dannf
* Rebuild against kernel-tree-2.6.8-16sarge2
* Increment ABI to -3
Revision
5668 -
Directory Listing
Modified
Wed Feb 1 07:01:57 2006 UTC
(7 years, 3 months ago)
by
dannf
* Rebuild against kernel-tree-2.6.8-16sarge2
* Increment ABI to -12
Revision
5667 -
Directory Listing
Modified
Wed Feb 1 06:56:37 2006 UTC
(7 years, 3 months ago)
by
dannf
* Built against kernel-tree 2.6.8-16sarge2
* Increment ABI to -3
Revision
5664 -
Directory Listing
Modified
Wed Feb 1 05:48:13 2006 UTC
(7 years, 3 months ago)
by
dannf
* sparc64-clock-settime.dpatch
[SECURITY] Remove unnecessary sign-extension in compat_sys_clock_settime,
fixing a DoS vulnerability on sparc systems.
See CVE-2006-0482
Revision
5644 -
Directory Listing
Modified
Tue Jan 31 06:02:13 2006 UTC
(7 years, 3 months ago)
by
dannf
* Non-maintainer upload by the Security Team
* Use kernel-tree-2.4.27-10sarge2
* Use kernel-patch-2.4.27-s390 (>= 2.4.27-2sarge1)
Revision
5643 -
Directory Listing
Modified
Tue Jan 31 05:58:10 2006 UTC
(7 years, 3 months ago)
by
dannf
* Non-maintainer upload by the Security Team
* Use kernel-tree-2.4.27-10sarge2
* Regenerate linux-2.4.27-s390.diff to apply to updated source tree
Revision
5639 -
Directory Listing
Modified
Tue Jan 31 05:44:26 2006 UTC
(7 years, 3 months ago)
by
dannf
Load kernel-patch-2.4.27-s390-2.4.27 into
dists/sarge-security/kernel-2.4/s390/kernel-patch-2.4.27-s390.
Revision
5634 -
Directory Listing
Modified
Mon Jan 30 06:15:38 2006 UTC
(7 years, 3 months ago)
by
dannf
* [SECURITY] s390: Fix for local root exploit: Force user process back to
home space mode in space switch event exception handler. See CAN-2004-0887.
206_s390-sacf-fix.diff
Revision
5632 -
Directory Listing
Modified
Mon Jan 30 04:59:27 2006 UTC
(7 years, 3 months ago)
by
dannf
* Fix unchecked user-memory accesses in ptrage_getregs() and ptrace_setregs.
This is a dependency for the CAN-2005-1761 fix.
204_arch-ia64-ptrace-getregs-putregs.diff
* [SECURITY] Fix to prevent users from using ptrace to set the pl field
of the ar.rsc reginster to any value, leading to the ability to overwrite
kernel memory. See CAN-2005-1761.
205_arch-ia64-ptrace-restore_sigcontext.diff
Revision
5486 -
Directory Listing
Modified
Tue Jan 17 03:51:03 2006 UTC
(7 years, 4 months ago)
by
dannf
typo fix
Revision
5485 -
Directory Listing
Modified
Tue Jan 17 03:50:06 2006 UTC
(7 years, 4 months ago)
by
dannf
* [SECURITY] Fix a race condition that allows local users to view the
environment variables of another process.
203_proc_pic_cmdline_race.diff
Revision
5482 -
Directory Listing
Modified
Tue Jan 17 02:56:39 2006 UTC
(7 years, 4 months ago)
by
dannf
* Errata for 2.4.27-6
[SECURITY] 111-smb-client-overflow-fix-[1,2].diff also fixes an information
leak. See CVE-2004-0949.
Revision
5475 -
Directory Listing
Modified
Mon Jan 16 23:02:36 2006 UTC
(7 years, 4 months ago)
by
dannf
[SECURITY] SDLA firmware upgrade should require CAP_SYS_RAWIO;
* [SECURITY] Fix a potential overflow in sysctl buffer termination code.
202_sysctl-buffer-overflow.diff
Revision
5473 -
Directory Listing
Modified
Mon Jan 16 22:59:22 2006 UTC
(7 years, 4 months ago)
by
dannf
* sysctl-buffer-overflow.dpatch:
[SECURITY] Fix a potential overflow in sysctl buffer termination code.
See CVE-2005-4618
Revision
5471 -
Directory Listing
Modified
Mon Jan 16 22:32:25 2006 UTC
(7 years, 4 months ago)
by
dannf
[SECURITY] fix buffer overflow (underflow, really) that opens multiple
* mqueue-double-increment.dpatch:
[SECURITY] Fix double increment of mqueue_mnt->mnt_count in sys_mq_open.
See CVE-2005-3356
Revision
5376 -
Directory Listing
Modified
Mon Jan 9 07:02:18 2006 UTC
(7 years, 4 months ago)
by
dannf
annotate CVE-2006-0095
Revision
5370 -
Directory Listing
Modified
Mon Jan 9 01:11:25 2006 UTC
(7 years, 4 months ago)
by
dannf
* io_edgeport_overflow.dpatch:
[SECURITY] fix buffer overflow (underflow, really) that opens multiple
attack vectors.
See CVE-2004-1017
Revision
5366 -
Directory Listing
Modified
Sun Jan 8 23:56:48 2006 UTC
(7 years, 4 months ago)
by
dannf
* fs_coda_coverty.dpatch:
[SECURITY] Add bounds checking to coda fs.
See CVE-2005-0124
Revision
5364 -
Directory Listing
Modified
Sun Jan 8 22:45:30 2006 UTC
(7 years, 4 months ago)
by
dannf
add second part of the fix
Revision
5361 -
Directory Listing
Modified
Sun Jan 8 22:09:48 2006 UTC
(7 years, 4 months ago)
by
dannf
* async-urb-delivery-oops.dpatch:
[SECURITY] Fix oops that can result from a process terminating before
an issued URB request completes.
See CVE-2005-3055
Revision
5358 -
Directory Listing
Modified
Sun Jan 8 21:13:38 2006 UTC
(7 years, 4 months ago)
by
dannf
* [SECURITY] Use the thread group ID to check if it a self-attach. Fixes
a local DoS (crash). See CVE-2005-3783
199_ptrace-fix_self-attach_rule.diff
Revision
5357 -
Directory Listing
Modified
Sun Jan 8 21:02:01 2006 UTC
(7 years, 4 months ago)
by
dannf
* ptrace-fix_self-attach_rule.dpatch:
[SECURITY] Use the thread group ID to check if it a self-attach. Fixes
a local DoS (crash).
See CVE-2005-3783
Revision
5307 -
Directory Listing
Modified
Fri Jan 6 06:00:51 2006 UTC
(7 years, 4 months ago)
by
horms
Annotate CVE-2006-0096
Revision
5304 -
Directory Listing
Modified
Fri Jan 6 05:57:53 2006 UTC
(7 years, 4 months ago)
by
horms
* Errata for 2.4.27-8
[SECURITY] SDLA firmware upgrade should require CAP_SYS_RAWIO;
Local privelage escalation. See CVE-2006-0096
This was incorrectly annotated in 2.4.27-8 as an overflow
discovered using coverty, which is actually CVE-2004-2607
129_net_sdla_coverty.diff, included in 2.4.27-8
Revision
5271 -
Directory Listing
Modified
Thu Jan 5 08:56:06 2006 UTC
(7 years, 4 months ago)
by
dannf
typo: s/CVS/CVE/
Revision
5267 -
Directory Listing
Modified
Thu Jan 5 08:21:49 2006 UTC
(7 years, 4 months ago)
by
horms
* [SECURITY] Fix refcnt of struct ip6_flowlabel; Local DoS
From 2.6.14
See CVE-2005-3806
net-ipv6-flowlabel-refcnt.dpatch
* [SECURITY] Information leak in sdla
From 2.6.6
See CVE-2004-2607
200_net_sdla_xfer_leak.diff
Revision
5266 -
Directory Listing
Modified
Thu Jan 5 08:15:01 2006 UTC
(7 years, 4 months ago)
by
horms
Fix SECURITY annotation of CVE-2005-3784
Revision
5262 -
Directory Listing
Modified
Thu Jan 5 08:04:23 2006 UTC
(7 years, 4 months ago)
by
horms
net-sdla-coverty.dpatch was inadvertantly empty
Revision
5258 -
Directory Listing
Modified
Thu Jan 5 07:38:33 2006 UTC
(7 years, 4 months ago)
by
horms
* net-sdla-coverty.dpatch
[SECURITY] SDLA firmware upgrade should require CAP_SYS_RAWIO; Local DoS
CVE-NOMATCH
Revision
5256 -
Directory Listing
Modified
Thu Jan 5 06:46:41 2006 UTC
(7 years, 4 months ago)
by
horms
* kernel-dont-reap-traced.dpatch
[PATCH] Don't auto-reap traced children; Local DoS
See CVE-2005-3784
Revision
5249 -
Directory Listing
Modified
Thu Jan 5 03:32:30 2006 UTC
(7 years, 4 months ago)
by
horms
* net-ipv6-flowlabel-refcnt.dpatch
[SECURITY] Fix refcnt of struct ip6_flowlabel; Local DoS
From 2.6.14
See CVE-2005-3806
Revision
5246 -
Directory Listing
Modified
Thu Jan 5 03:16:38 2006 UTC
(7 years, 4 months ago)
by
horms
Missing security annotation for CVS-2005-4605
Revision
5245 -
Directory Listing
Modified
Thu Jan 5 03:16:15 2006 UTC
(7 years, 4 months ago)
by
horms
* dm-crypt-zero-key.dpatch
[SECURITY] drm-crypt: zero key berofe freeing it.
Potential local information leak
CVE-NOMATCH
Revision
5227 -
Directory Listing
Modified
Wed Jan 4 07:23:44 2006 UTC
(7 years, 4 months ago)
by
horms
* proc-legacy-loff-underflow.dpatch
Fix underflow in legacy proc interface; Local information leak
See CVS-2005-4605
From 2.6.15
Revision
5223 -
Directory Listing
Modified
Wed Jan 4 06:56:36 2006 UTC
(7 years, 4 months ago)
by
horms
* mempolicy-undefined-nodes.dpatch
[SECURITY] Make sure interleave masks have at least one node set;
Local Dos
See CVE-2005-3358
From 2.6.15
Revision
5222 -
Directory Listing
Modified
Wed Jan 4 06:53:14 2006 UTC
(7 years, 4 months ago)
by
dannf
* [SECURITY] Fix a potential local root exploit in the
/proc/sys/net/ipv4/conf interface. See CVE-2005-2709
196_sysctl-unregistration-oops.diff
****CHANGES ABI****
setkeys-needs-root-1.diff, setkeys-needs-root-2.
* 150_private_fragment_queues-1.diff, 150_private_fragment_queues-2.diff:
Keep fragment queues private to each user. See CAN-2005-0449 and
http://oss.sgi.com/archives/netdev/2005-01/msg01048.html
Revision
5219 -
Directory Listing
Modified
Wed Jan 4 06:41:26 2006 UTC
(7 years, 4 months ago)
by
dannf
* sysctl-unregistration-oops.dpatch
[SECURITY] Fix a potential local root exploit in the
/proc/sys/net/ipv4/conf interface. See CVE-2005-2709
****CHANGES ABI****
* ipv4-fragment-queues-2.1.dpatch, ipv4-fragment-queues-3.dpatch,
ipv4-fragment-queues-4.dpatch:
[SECURITY] Re-apply the -3 and -4 patches, which were dropped in 2.6.8-15
to avoid an ABI change. Unapply the -2.1 patch which is superseded by -3.
See CVE-2005-0449
****CHANGES ABI****
Revision
5084 -
Directory Listing
Modified
Sun Dec 25 06:51:31 2005 UTC
(7 years, 5 months ago)
by
dannf
* Turn off CONFIG_PREEMPT, and change the ABI number to reflect the
change. This disables a potential DoS attack vector (which is not
reproducible in later 2.6 kernels).
Revision
5083 -
Directory Listing
Modified
Sun Dec 25 06:49:31 2005 UTC
(7 years, 5 months ago)
by
dannf
Preparation for a sarge2 build
Revision
5058 -
Directory Listing
Modified
Tue Dec 20 02:45:15 2005 UTC
(7 years, 5 months ago)
by
horms
Annotate CVE-2005-3858
Revision
5057 -
Directory Listing
Modified
Tue Dec 20 02:43:21 2005 UTC
(7 years, 5 months ago)
by
horms
Annotate CVE-2005-3848
Revision
5055 -
Directory Listing
Modified
Tue Dec 20 02:37:51 2005 UTC
(7 years, 5 months ago)
by
horms
patch -> diff
Revision
5054 -
Directory Listing
Modified
Tue Dec 20 02:33:51 2005 UTC
(7 years, 5 months ago)
by
horms
Revamped changelog
Revision
5051 -
Directory Listing
Modified
Tue Dec 20 02:05:51 2005 UTC
(7 years, 5 months ago)
by
horms
* [SECURITY] IPV4: Fix DST leak in icmp_push_reply(). Remote DoS.
See CVE-2005-3848.
188_fix-dst-leak-in-icmp_push_reply.diff
* [SECURITY] IPV6: Fix SKB leak in ip6_input_finish. Remote DoS.
See CVE-2005-3858.
189_ipv6-skb-leak.diff
Revision
5043 -
Directory Listing
Modified
Mon Dec 19 10:13:19 2005 UTC
(7 years, 5 months ago)
by
horms
[SECURITY] VFS: local denial-of-service with file leases. See CVE-2005-3857
Revision
5041 -
Directory Listing
Modified
Mon Dec 19 09:52:51 2005 UTC
(7 years, 5 months ago)
by
horms
[SECURITY] VFS: local denial-of-service with file leases. See CVE-2005-3857
Revision
4927 -
Directory Listing
Modified
Mon Nov 28 01:08:41 2005 UTC
(7 years, 5 months ago)
by
dannf
add CVE reference
Revision
4874 -
Directory Listing
Modified
Wed Nov 23 21:01:00 2005 UTC
(7 years, 6 months ago)
by
dannf
start a sarge-security branch at 2.6.8-12, which is what shipped in sarge
Revision
4873 -
Directory Listing
Modified
Wed Nov 23 20:57:16 2005 UTC
(7 years, 6 months ago)
by
dannf
this was against the sid version of 2.6.8-powerpc; i'll copy the sarge tag in instead
Revision
4871 -
Directory Listing
Modified
Tue Nov 22 17:00:17 2005 UTC
(7 years, 6 months ago)
by
dannf
correct target distribution
Revision
4852 -
Directory Listing
Modified
Sun Nov 20 08:08:02 2005 UTC
(7 years, 6 months ago)
by
dannf
typo fix
Revision
4851 -
Directory Listing
Modified
Sun Nov 20 08:07:12 2005 UTC
(7 years, 6 months ago)
by
dannf
* setkeys-needs-root-1.diff, setkeys-needs-root-2.diff:
[SECURITY] Require root privilege to write the current
function key string entry of other user's terminals.
See CVE-2005-3257
Revision
4850 -
Directory Listing
Modified
Sun Nov 20 07:34:24 2005 UTC
(7 years, 6 months ago)
by
dannf
* setkeys-needs-root-1.patch, setkeys-needs-root-2.patch:
[SECURITY] Require root privilege to write the current
function key string entry of other user's terminals.
See CVE-2005-3257
Revision
4846 -
Directory Listing
Modified
Sun Nov 20 05:12:26 2005 UTC
(7 years, 6 months ago)
by
dannf
disabling ABI-changing CVE-2005-2709 for now
Revision
4839 -
Directory Listing
Modified
Fri Nov 18 18:08:04 2005 UTC
(7 years, 6 months ago)
by
dannf
* 196_sysctl-unregistration-oops.patch
[SECURITY] Fix a potential local root exploit in the
/proc/sys/net/ipv4/conf interface. See CVE-2005-2709
Revision
4838 -
Directory Listing
Modified
Fri Nov 18 06:56:07 2005 UTC
(7 years, 6 months ago)
by
dannf
add fix for CVE-2005-2709 to 2.6.8 sarge-security
Revision
4697 -
Directory Listing
Modified
Mon Oct 31 09:47:15 2005 UTC
(7 years, 6 months ago)
by
horms
CAN-2005-3181 is not in 2.4 as AUDITSYSCALL doesn't exist
Revision
4680 -
Directory Listing
Modified
Fri Oct 28 09:23:59 2005 UTC
(7 years, 6 months ago)
by
horms
CVE-2005-3181
Revision
4663 -
Directory Listing
Modified
Thu Oct 27 06:23:29 2005 UTC
(7 years, 7 months ago)
by
horms
Ignore previous commit, I was reading 2.4.27-10sarge1 instead of 2.4.27-10sarge2
Revision
4662 -
Directory Listing
Modified
Thu Oct 27 06:22:27 2005 UTC
(7 years, 7 months ago)
by
horms
Add missing patches to serires
Revision
4650 -
Directory Listing
Modified
Mon Oct 24 21:03:02 2005 UTC
(7 years, 7 months ago)
by
dannf
incorporate net-ipv6-udp_v6_get_port-loop patch (aka CAN-2005-2973) into 2.4.27
and update status
Revision
4647 -
Directory Listing
Modified
Mon Oct 24 19:07:02 2005 UTC
(7 years, 7 months ago)
by
dannf
fix CAN-2005-2973
Revision
4458 -
Directory Listing
Modified
Fri Oct 14 09:52:37 2005 UTC
(7 years, 7 months ago)
by
horms
Backport was wrong
Revision
4451 -
Directory Listing
Modified
Fri Oct 14 07:29:26 2005 UTC
(7 years, 7 months ago)
by
horms
[SECURITY] XFS: Handle inode creation race
Revision
4450 -
Directory Listing
Modified
Fri Oct 14 07:29:15 2005 UTC
(7 years, 7 months ago)
by
horms
[SECURITY] XFS: Handle inode creation race
Revision
4442 -
Directory Listing
Modified
Thu Oct 13 12:34:15 2005 UTC
(7 years, 7 months ago)
by
horms
Fixed annotations for CAN-2005-3110 CAN-2005-3109 CAN-2005-3107 CAN-2005-3106
Revision
4428 -
Directory Listing
Modified
Wed Oct 12 09:50:44 2005 UTC
(7 years, 7 months ago)
by
horms
Annotate CAN-2005-3179 and CAN-2005-3180
Revision
4415 -
Directory Listing
Modified
Tue Oct 11 10:48:53 2005 UTC
(7 years, 7 months ago)
by
horms
[SECURITY] Avoid 'names_cache' memory leak with CONFIG_AUDITSYSCALL
Revision
4411 -
Directory Listing
Modified
Tue Oct 11 10:46:44 2005 UTC
(7 years, 7 months ago)
by
horms
[SECURITY] Avoid 'names_cache' memory leak with CONFIG_AUDITSYSCALL
Revision
4410 -
Directory Listing
Modified
Tue Oct 11 10:44:53 2005 UTC
(7 years, 7 months ago)
by
horms
* plug-names_cache-memleak.dpatch
Avoid 'names_cache' memory leak with CONFIG_AUDITSYSCALL
Revision
4407 -
Directory Listing
Modified
Tue Oct 11 10:36:18 2005 UTC
(7 years, 7 months ago)
by
horms
[SECURITY] orinoco: Information leakage due to incorrect padding
Revision
4405 -
Directory Listing
Modified
Tue Oct 11 10:28:05 2005 UTC
(7 years, 7 months ago)
by
horms
* orinoco-info-leak.patch
[SECURITY] orinoco: Information leakage due to incorrect padding
From 2.6.13.4
Revision
4349 -
Directory Listing
Modified
Fri Oct 7 10:15:23 2005 UTC
(7 years, 7 months ago)
by
horms
Annotate CAN-2005-3053 CAN-2005-3044 CAN-2005-3105 CAN-2005-3106 CAN-2005-3107 CAN-2005-2553
Revision
4340 -
Directory Listing
Modified
Fri Oct 7 04:50:45 2005 UTC
(7 years, 7 months ago)
by
horms
Annotate CAN-2005-3110 and CAN-2005-3108
Revision
4316 -
Directory Listing
Modified
Thu Oct 6 09:55:04 2005 UTC
(7 years, 7 months ago)
by
horms
* lost-fput-in-32bit-ioctl-on-x86-64.patch
[SECURITY] lost fput in 32bit ioctl on x86-6; local DoS4
From 2.6.13.2
* lost-sockfd_put-in-32bit-compat-routing_ioctl.patch
[SECURITY] lost sockfd_put() in routing_ioctl(); local DoS
From 2.6.13.2
Revision
4307 -
Directory Listing
Modified
Wed Oct 5 14:34:10 2005 UTC
(7 years, 7 months ago)
by
ths-guest
Mips/mipsel kernel for sarge-security.
Revision
4296 -
Directory Listing
Modified
Tue Sep 27 21:23:19 2005 UTC
(7 years, 7 months ago)
by
dannf
s/Can/CAN/
Revision
4294 -
Directory Listing
Modified
Tue Sep 27 21:19:13 2005 UTC
(7 years, 7 months ago)
by
dannf
* mempolicy-check-mode.dpatch
[SECURITY] Input validation in sys_set_mempolicy(); local DoS.
See Can-2005-3053
Revision
4292 -
Directory Listing
Modified
Tue Sep 27 13:53:19 2005 UTC
(7 years, 7 months ago)
by
maks-guest
fix series s/diff/dpatch/
sarge branch fine.
Revision
4180 -
Directory Listing
Modified
Mon Sep 12 08:13:16 2005 UTC
(7 years, 8 months ago)
by
horms
Fix CAN-2005-2872 annotation
Revision
4178 -
Directory Listing
Modified
Mon Sep 12 08:10:52 2005 UTC
(7 years, 8 months ago)
by
horms
Fix CAN-2005-2872 annotation
Revision
4148 -
Directory Listing
Modified
Fri Sep 9 02:55:55 2005 UTC
(7 years, 8 months ago)
by
horms
* Fix security annotations
* fix-dst-leak-in-icmp_push_reply.dpatch
[SECURITY] Fix DST leak in icmp_push_reply(). Possible remote DoS?
From 2.6.12.6
* nptl-signal-delivery-deadlock-fix.dpatch
[SECURITY] NPTL signal delivery deadlock fix; Possible local DoS?
Backported From 2.6.12.6
* fix-memory-leak-in-sg.c-seq_file.dpatch
[SECURITY] fix a memory leak in devices seq_file implementation;
local DoS. From 2.6.12.6
See CAN-2005-2800
* ipv6-skb-leak.dpatch
[SECURITY] Fix SKB leak in ip6_input_finish(); local DoS.
From 2.6.12.6
Revision
4143 -
Directory Listing
Modified
Fri Sep 9 02:16:31 2005 UTC
(7 years, 8 months ago)
by
horms
net-bridge-forwarding-poison-1.dpatch was not annotated correctly
Revision
4140 -
Directory Listing
Modified
Wed Sep 7 08:36:47 2005 UTC
(7 years, 8 months ago)
by
horms
Annotate CAN-2005-2801 and CAN-2005-2802
Revision
4138 -
Directory Listing
Modified
Wed Sep 7 08:31:11 2005 UTC
(7 years, 8 months ago)
by
horms
Annotate CAN-2005-2801 and CAN-2005-2802
Revision
4118 -
Directory Listing
Modified
Thu Sep 1 07:21:35 2005 UTC
(7 years, 8 months ago)
by
horms
+ * zlib-revert-broken-change.dpatch
+ [Security] Revert huft_build() function fix
+ From 2.6.12.6
+ See CAN-2005-2459
Revision
4117 -
Directory Listing
Modified
Thu Sep 1 07:21:25 2005 UTC
(7 years, 8 months ago)
by
horms
fix patch name
Revision
4116 -
Directory Listing
Modified
Thu Sep 1 07:18:29 2005 UTC
(7 years, 8 months ago)
by
horms
fix patch name
Revision
4115 -
Directory Listing
Modified
Thu Sep 1 07:02:24 2005 UTC
(7 years, 8 months ago)
by
horms
* 187_zisofs-2.diff
[Security] Check input buffer size in zisofs
From 2.6.12.5
Omitted from the previous release, as I wasn't sure that it was a
security bug. But now it has a CAN number, so its in.
See CAN-2005-2457
* 186_zlib-revert-broken-change.dpatch
[Security] Revert huft_build() function fix
From 2.6.12.6
See CAN-2005-2459
Revision
4073 -
Directory Listing
Modified
Tue Aug 30 08:33:33 2005 UTC
(7 years, 8 months ago)
by
horms
Original Path:
branches/dist/sarge-security
* zisofs.diff
[Security] Check input buffer size in zisofs
From 2.6.12.5
Omitted from the previous release, as I wasn't sure that it
was a security bug. But now it has a CAN number, so its in.
See CAN-2005-2457
Revision
4067 -
Directory Listing
Modified
Tue Aug 30 08:19:26 2005 UTC
(7 years, 8 months ago)
by
horms
Original Path:
branches/dist/sarge-security
* 183_zisofs.diff
[Security] Check input buffer size in zisofs
From 2.6.12.5
Omitted from the previous release, as I wasn't sure that it was a
security bug. But now it has a CAN number, so its in.
See CAN-2005-2457
Revision
4058 -
Directory Listing
Modified
Fri Aug 26 17:15:28 2005 UTC
(7 years, 9 months ago)
by
waldi
Original Path:
branches/dist/sarge-security
/branches/dist/sarge-security/kernel-2.4/s390/kernel-image-2.4.27-s390,
/branches/dist/sarge-security/kernel-2.4/s390/kernel-patch-2.4.27-s390: Import.
Revision
4019 -
Directory Listing
Modified
Mon Aug 22 06:52:11 2005 UTC
(7 years, 9 months ago)
by
horms
Original Path:
branches/dist/sarge-security
+ * 185_net-sockglue-cap.diff
+ [Security] Restrict socket policy loading to CAP_NET_ADMIN.
+ See CAN-2005-2555.
Revision
4017 -
Directory Listing
Modified
Mon Aug 22 06:41:47 2005 UTC
(7 years, 9 months ago)
by
horms
Original Path:
branches/dist/sarge-security
+ * net-sockglue-cap.dpatch
+ [Security] Restrict socket policy loading to CAP_NET_ADMIN.
+ See CAN-2005-2555.
