[paketler-commits] r26462 - in devel: . kernel/kernel/files/CVE
paketler-commits at pardus.org.tr
paketler-commits at pardus.org.tr
4 Haz 2007 Pzt 00:42:37 EEST
Author: caglar
Date: Mon Jun 4 00:42:36 2007
New Revision: 26462
Modified:
devel/ (props changed)
devel/kernel/kernel/files/CVE/CVE-2006-5701.patch
devel/kernel/kernel/files/CVE/CVE-2006-5749.patch
devel/kernel/kernel/files/CVE/CVE-2006-5753.patch
devel/kernel/kernel/files/CVE/CVE-2006-5823.patch
devel/kernel/kernel/files/CVE/CVE-2006-6053.patch
devel/kernel/kernel/files/CVE/CVE-2006-6054.patch
devel/kernel/kernel/files/CVE/CVE-2006-6333.patch
devel/kernel/kernel/files/CVE/CVE-2007-0005.patch
devel/kernel/kernel/files/CVE/CVE-2007-0006.patch
devel/kernel/kernel/files/CVE/CVE-2007-0958.patch
devel/kernel/kernel/files/CVE/CVE-2007-1000.patch
devel/kernel/kernel/files/CVE/CVE-2007-1217.patch
devel/kernel/kernel/files/CVE/CVE-2007-1357.patch
devel/kernel/kernel/files/CVE/CVE-2007-1388.patch
devel/kernel/kernel/files/CVE/CVE-2007-1496.patch
devel/kernel/kernel/files/CVE/CVE-2007-1497.patch
devel/kernel/kernel/files/CVE/CVE-2007-1592.patch
devel/kernel/kernel/files/CVE/CVE-2007-1861.patch
devel/kernel/kernel/files/CVE/CVE-2007-2172.patch
devel/kernel/kernel/files/CVE/CVE-2007-2242.patch
devel/kernel/kernel/files/CVE/CVE-2007-2453.patch
devel/kernel/kernel/files/CVE/CVE-2007-2525.patch
Log:
r16948 at zangetsu: caglar | 2007-06-04 00:43:20 +0300
svn:ignore hunk cleanup
Modified: devel/kernel/kernel/files/CVE/CVE-2006-5701.patch
=================================================================
--- devel/kernel/kernel/files/CVE/CVE-2006-5701.patch (original)
+++ devel/kernel/kernel/files/CVE/CVE-2006-5701.patch Mon Jun 4 00:42:36 2007
@@ -1,8 +1,8 @@
Index: linux-2.6.18/fs/squashfs/inode.c
===================================================================
---- linux-2.6.18.orig/fs/squashfs/inode.c 2007-05-17 23:48:57.332308752 +0300
-+++ linux-2.6.18/fs/squashfs/inode.c 2007-05-17 23:49:14.829639426 +0300
-@@ -173,14 +173,15 @@
+--- linux-2.6.18.orig/fs/squashfs/inode.c
++++ linux-2.6.18/fs/squashfs/inode.c
+@@ -173,14 +173,15 @@ out:
SQSH_EXTERN unsigned int squashfs_read_data(struct super_block *s, char *buffer,
long long index, unsigned int length,
@@ -20,7 +20,7 @@
char *c_buffer;
unsigned int compressed;
unsigned int c_byte = length;
-@@ -191,8 +192,11 @@
+@@ -191,8 +192,11 @@ SQSH_EXTERN unsigned int squashfs_read_d
c_buffer = compressed ? msblk->read_data : buffer;
c_byte = SQUASHFS_COMPRESSED_SIZE_BLOCK(c_byte);
@@ -34,7 +34,7 @@
if (!(bh[0] = sb_getblk(s, cur_index)))
goto block_release;
-@@ -204,6 +208,9 @@
+@@ -204,6 +208,9 @@ SQSH_EXTERN unsigned int squashfs_read_d
}
ll_rw_block(READ, b, bh);
} else {
@@ -44,7 +44,7 @@
if (!(bh[0] = get_block_length(s, &cur_index, &offset,
&c_byte)))
goto read_failure;
-@@ -216,6 +223,9 @@
+@@ -216,6 +223,9 @@ SQSH_EXTERN unsigned int squashfs_read_d
TRACE("Block @ 0x%llx, %scompressed size %d\n", index, compressed
? "" : "un", (unsigned int) c_byte);
@@ -54,7 +54,7 @@
for (b = 1; bytes < c_byte; b++) {
if (!(bh[b] = sb_getblk(s, ++cur_index)))
goto block_release;
-@@ -227,7 +237,7 @@
+@@ -227,7 +237,7 @@ SQSH_EXTERN unsigned int squashfs_read_d
if (compressed)
down(&msblk->read_data_mutex);
@@ -63,7 +63,7 @@
avail_bytes = (c_byte - bytes) > (msblk->devblksize - offset) ?
msblk->devblksize - offset :
c_byte - bytes;
-@@ -249,7 +259,7 @@
+@@ -249,7 +259,7 @@ SQSH_EXTERN unsigned int squashfs_read_d
msblk->stream.next_in = c_buffer;
msblk->stream.avail_in = c_byte;
msblk->stream.next_out = buffer;
@@ -72,7 +72,7 @@
if (((zlib_err = zlib_inflateInit(&msblk->stream)) != Z_OK) ||
((zlib_err = zlib_inflate(&msblk->stream, Z_FINISH))
-@@ -271,8 +281,8 @@
+@@ -271,8 +281,8 @@ SQSH_EXTERN unsigned int squashfs_read_d
return bytes;
block_release:
@@ -83,7 +83,7 @@
read_failure:
ERROR("sb_bread failed reading block 0x%x\n", cur_index);
-@@ -336,14 +346,20 @@
+@@ -336,14 +346,20 @@ SQSH_EXTERN int squashfs_get_cached_bloc
msblk->block_cache[i].block = SQUASHFS_USED_BLK;
up(&msblk->block_cache_mutex);
@@ -112,7 +112,7 @@
down(&msblk->block_cache_mutex);
wake_up(&msblk->waitq);
-@@ -357,7 +373,11 @@
+@@ -357,7 +373,11 @@ SQSH_EXTERN int squashfs_get_cached_bloc
continue;
}
@@ -125,7 +125,7 @@
if (buffer)
memcpy(buffer, msblk->block_cache[i].data +
offset, length);
-@@ -442,6 +462,7 @@
+@@ -442,6 +462,7 @@ SQSH_EXTERN struct squashfs_fragment_cac
{
int i, n;
struct squashfs_sb_info *msblk = s->s_fs_info;
@@ -133,7 +133,7 @@
while ( 1 ) {
down(&msblk->fragment_mutex);
-@@ -487,7 +508,8 @@
+@@ -487,7 +508,8 @@ SQSH_EXTERN struct squashfs_fragment_cac
if (!(msblk->fragment[i].length = squashfs_read_data(s,
msblk->fragment[i].data,
@@ -143,7 +143,7 @@
ERROR("Unable to read fragment cache block "
"[%llx]\n", start_block);
msblk->fragment[i].locked = 0;
-@@ -876,6 +898,10 @@
+@@ -876,6 +898,10 @@ static int read_fragment_index_table(str
{
struct squashfs_sb_info *msblk = s->s_fs_info;
struct squashfs_super_block *sblk = &msblk->sblk;
@@ -154,7 +154,7 @@
/* Allocate fragment index table */
if (!(msblk->fragment_index = kmalloc(SQUASHFS_FRAGMENT_INDEX_BYTES
-@@ -884,13 +910,9 @@
+@@ -884,13 +910,9 @@ static int read_fragment_index_table(str
return 0;
}
@@ -171,7 +171,7 @@
ERROR("unable to read fragment index table\n");
return 0;
}
-@@ -982,9 +1004,11 @@
+@@ -982,9 +1004,11 @@ static int squashfs_fill_super(struct su
init_waitqueue_head(&msblk->waitq);
init_waitqueue_head(&msblk->fragment_wait_queue);
@@ -184,7 +184,7 @@
SERROR("unable to read superblock\n");
goto failed_mount;
}
-@@ -1012,6 +1036,15 @@
+@@ -1012,6 +1036,15 @@ static int squashfs_fill_super(struct su
if(!supported_squashfs_filesystem(msblk, silent))
goto failed_mount;
@@ -200,7 +200,7 @@
TRACE("Found valid superblock on %s\n", bdevname(s->s_bdev, b));
TRACE("Inodes are %scompressed\n",
SQUASHFS_UNCOMPRESSED_INODES
-@@ -1081,7 +1114,9 @@
+@@ -1081,7 +1114,9 @@ static int squashfs_fill_super(struct su
if (!squashfs_read_data(s, (char *) &suid, sblk->uid_start,
((sblk->no_uids + sblk->no_guids) *
sizeof(unsigned int)) |
@@ -211,7 +211,7 @@
ERROR("unable to read uid/gid table\n");
goto failed_mount;
}
-@@ -1092,7 +1127,9 @@
+@@ -1092,7 +1127,9 @@ static int squashfs_fill_super(struct su
if (!squashfs_read_data(s, (char *) msblk->uid, sblk->uid_start,
((sblk->no_uids + sblk->no_guids) *
sizeof(unsigned int)) |
@@ -222,7 +222,7 @@
ERROR("unable to read uid/gid table\n");
goto failed_mount;
}
-@@ -1518,7 +1555,8 @@
+@@ -1518,7 +1555,8 @@ static int squashfs_readpage(struct file
down(&msblk->read_page_mutex);
if (!(bytes = squashfs_read_data(inode->i_sb, msblk->read_page,
@@ -232,7 +232,7 @@
ERROR("Unable to read page, block %llx, size %x\n", block,
bsize);
up(&msblk->read_page_mutex);
-@@ -1618,15 +1656,12 @@
+@@ -1618,15 +1656,12 @@ static int squashfs_readpage4K(struct fi
if (page->index >= ((i_size_read(inode) + PAGE_CACHE_SIZE - 1) >>
PAGE_CACHE_SHIFT)) {
@@ -248,7 +248,7 @@
goto skip_read;
}
-@@ -1638,11 +1673,12 @@
+@@ -1638,11 +1673,12 @@ static int squashfs_readpage4K(struct fi
down(&msblk->read_page_mutex);
bytes = squashfs_read_data(inode->i_sb, msblk->read_page, block,
@@ -265,7 +265,7 @@
ERROR("Unable to read page, block %llx, size %x\n",
block, bsize);
up(&msblk->read_page_mutex);
-@@ -1652,11 +1688,12 @@
+@@ -1652,11 +1688,12 @@ static int squashfs_readpage4K(struct fi
SQUASHFS_I(inode)->
u.s1.fragment_start_block,
SQUASHFS_I(inode)-> u.s1.fragment_size);
@@ -279,7 +279,7 @@
release_cached_fragment(msblk, fragment);
} else
ERROR("Unable to read page, block %llx, size %x\n",
-@@ -1666,6 +1703,7 @@
+@@ -1666,6 +1703,7 @@ static int squashfs_readpage4K(struct fi
}
skip_read:
@@ -289,9 +289,9 @@
flush_dcache_page(page);
Index: linux-2.6.18/fs/squashfs/squashfs2_0.c
===================================================================
---- linux-2.6.18.orig/fs/squashfs/squashfs2_0.c 2007-05-17 23:48:57.332308752 +0300
-+++ linux-2.6.18/fs/squashfs/squashfs2_0.c 2007-05-17 23:49:14.829639426 +0300
-@@ -73,12 +73,13 @@
+--- linux-2.6.18.orig/fs/squashfs/squashfs2_0.c
++++ linux-2.6.18/fs/squashfs/squashfs2_0.c
+@@ -73,12 +73,13 @@ static int read_fragment_index_table_2(s
}
if (SQUASHFS_FRAGMENT_INDEX_BYTES_2(sblk->fragments) &&
@@ -313,9 +313,9 @@
}
Index: linux-2.6.18/fs/squashfs/squashfs.h
===================================================================
---- linux-2.6.18.orig/fs/squashfs/squashfs.h 2007-05-17 23:48:57.332308752 +0300
-+++ linux-2.6.18/fs/squashfs/squashfs.h 2007-05-17 23:49:14.829639426 +0300
-@@ -49,7 +49,7 @@
+--- linux-2.6.18.orig/fs/squashfs/squashfs.h
++++ linux-2.6.18/fs/squashfs/squashfs.h
+@@ -49,7 +49,7 @@ static inline struct squashfs_inode_info
#define SQSH_EXTERN
extern unsigned int squashfs_read_data(struct super_block *s, char *buffer,
long long index, unsigned int length,
Modified: devel/kernel/kernel/files/CVE/CVE-2006-5749.patch
=================================================================
--- devel/kernel/kernel/files/CVE/CVE-2006-5749.patch (original)
+++ devel/kernel/kernel/files/CVE/CVE-2006-5749.patch Mon Jun 4 00:42:36 2007
@@ -1,6 +1,8 @@
---- linux-2.6.18.orig/drivers/isdn/i4l/isdn_ppp.c 2006-09-20 06:42:06.000000000 +0300
-+++ linux-2.6.18/drivers/isdn/i4l/isdn_ppp.c 2007-02-08 09:49:40.287796616 +0200
-@@ -2345,6 +2345,7 @@
+Index: linux-2.6.18/drivers/isdn/i4l/isdn_ppp.c
+===================================================================
+--- linux-2.6.18.orig/drivers/isdn/i4l/isdn_ppp.c
++++ linux-2.6.18/drivers/isdn/i4l/isdn_ppp.c
+@@ -2345,6 +2345,7 @@ static struct ippp_ccp_reset_state *isdn
rs->state = CCPResetIdle;
rs->is = is;
rs->id = id;
@@ -8,4 +10,3 @@
rs->timer.data = (unsigned long)rs;
rs->timer.function = isdn_ppp_ccp_timer_callback;
is->reset->rs[id] = rs;
-
Modified: devel/kernel/kernel/files/CVE/CVE-2006-5753.patch
=================================================================
--- devel/kernel/kernel/files/CVE/CVE-2006-5753.patch (original)
+++ devel/kernel/kernel/files/CVE/CVE-2006-5753.patch Mon Jun 4 00:42:36 2007
@@ -54,8 +54,8 @@
Index: linux-2.6.18/fs/bad_inode.c
===================================================================
---- linux-2.6.18.orig/fs/bad_inode.c 2007-05-17 23:48:29.836503411 +0300
-+++ linux-2.6.18/fs/bad_inode.c 2007-05-17 23:49:15.829486892 +0300
+--- linux-2.6.18.orig/fs/bad_inode.c
++++ linux-2.6.18/fs/bad_inode.c
@@ -14,61 +14,318 @@
#include <linux/time.h>
#include <linux/smp_lock.h>
@@ -417,7 +417,7 @@
};
-@@ -90,7 +347,7 @@
+@@ -90,7 +347,7 @@ static struct inode_operations bad_inode
* on it to fail from this point on.
*/
@@ -426,7 +426,7 @@
{
remove_inode_hash(inode);
-@@ -115,9 +372,9 @@
+@@ -115,9 +372,9 @@ EXPORT_SYMBOL(make_bad_inode);
* Returns true if the inode in question has been marked as bad.
*/
Modified: devel/kernel/kernel/files/CVE/CVE-2006-5823.patch
=================================================================
--- devel/kernel/kernel/files/CVE/CVE-2006-5823.patch (original)
+++ devel/kernel/kernel/files/CVE/CVE-2006-5823.patch Mon Jun 4 00:42:36 2007
@@ -24,9 +24,9 @@
Signed-off-by: Linus Torvalds <torvalds at osdl.org>
Index: linux-2.6.18/fs/cramfs/inode.c
===================================================================
---- linux-2.6.18.orig/fs/cramfs/inode.c 2007-05-17 23:48:29.836503411 +0300
-+++ linux-2.6.18/fs/cramfs/inode.c 2007-05-17 23:49:15.829486892 +0300
-@@ -483,6 +483,8 @@
+--- linux-2.6.18.orig/fs/cramfs/inode.c
++++ linux-2.6.18/fs/cramfs/inode.c
+@@ -483,6 +483,8 @@ static int cramfs_readpage(struct file *
pgdata = kmap(page);
if (compr_len == 0)
; /* hole */
Modified: devel/kernel/kernel/files/CVE/CVE-2006-6053.patch
=================================================================
--- devel/kernel/kernel/files/CVE/CVE-2006-6053.patch (original)
+++ devel/kernel/kernel/files/CVE/CVE-2006-6053.patch Mon Jun 4 00:42:36 2007
@@ -46,9 +46,9 @@
Signed-off-by: Linus Torvalds <torvalds at osdl.org>
Index: linux-2.6.18/fs/ext3/dir.c
===================================================================
---- linux-2.6.18.orig/fs/ext3/dir.c 2007-05-17 23:48:30.336427144 +0300
-+++ linux-2.6.18/fs/ext3/dir.c 2007-05-17 23:49:15.329563159 +0300
-@@ -151,6 +151,9 @@
+--- linux-2.6.18.orig/fs/ext3/dir.c
++++ linux-2.6.18/fs/ext3/dir.c
+@@ -151,6 +151,9 @@ static int ext3_readdir(struct file * fi
ext3_error (sb, "ext3_readdir",
"directory #%lu contains a hole at offset %lu",
inode->i_ino, (unsigned long)filp->f_pos);
@@ -60,9 +60,9 @@
}
Index: linux-2.6.18/fs/ext3/namei.c
===================================================================
---- linux-2.6.18.orig/fs/ext3/namei.c 2007-05-17 23:48:30.336427144 +0300
-+++ linux-2.6.18/fs/ext3/namei.c 2007-05-17 23:49:15.329563159 +0300
-@@ -551,6 +551,15 @@
+--- linux-2.6.18.orig/fs/ext3/namei.c
++++ linux-2.6.18/fs/ext3/namei.c
+@@ -551,6 +551,15 @@ static int htree_dirblock_to_tree(struct
dir->i_sb->s_blocksize -
EXT3_DIR_REC_LEN(0));
for (; de < top; de = ext3_next_entry(de)) {
Modified: devel/kernel/kernel/files/CVE/CVE-2006-6054.patch
=================================================================
--- devel/kernel/kernel/files/CVE/CVE-2006-6054.patch (original)
+++ devel/kernel/kernel/files/CVE/CVE-2006-6054.patch Mon Jun 4 00:42:36 2007
@@ -31,9 +31,9 @@
Index: linux-2.6.18/fs/ext2/dir.c
===================================================================
---- linux-2.6.18.orig/fs/ext2/dir.c 2007-05-17 23:48:29.836503411 +0300
-+++ linux-2.6.18/fs/ext2/dir.c 2007-05-17 23:49:15.329563159 +0300
-@@ -368,6 +368,14 @@
+--- linux-2.6.18.orig/fs/ext2/dir.c
++++ linux-2.6.18/fs/ext2/dir.c
+@@ -368,6 +368,14 @@ struct ext2_dir_entry_2 * ext2_find_entr
}
if (++n >= npages)
n = 0;
Modified: devel/kernel/kernel/files/CVE/CVE-2006-6333.patch
=================================================================
--- devel/kernel/kernel/files/CVE/CVE-2006-6333.patch (original)
+++ devel/kernel/kernel/files/CVE/CVE-2006-6333.patch Mon Jun 4 00:42:36 2007
@@ -16,9 +16,9 @@
Signed-off-by: Linus Torvalds <torvalds at osdl.org>
Index: linux-2.6.18/drivers/net/tokenring/ibmtr.c
===================================================================
---- linux-2.6.18.orig/drivers/net/tokenring/ibmtr.c 2007-05-17 23:48:29.836503411 +0300
-+++ linux-2.6.18/drivers/net/tokenring/ibmtr.c 2007-05-17 23:49:16.329410627 +0300
-@@ -1826,7 +1826,7 @@
+--- linux-2.6.18.orig/drivers/net/tokenring/ibmtr.c
++++ linux-2.6.18/drivers/net/tokenring/ibmtr.c
+@@ -1826,7 +1826,7 @@ static void tr_rx(struct net_device *dev
skb->protocol = tr_type_trans(skb, dev);
if (IPv4_p) {
skb->csum = chksum;
Modified: devel/kernel/kernel/files/CVE/CVE-2007-0005.patch
=================================================================
--- devel/kernel/kernel/files/CVE/CVE-2007-0005.patch (original)
+++ devel/kernel/kernel/files/CVE/CVE-2007-0005.patch Mon Jun 4 00:42:36 2007
@@ -18,13 +18,11 @@
Signed-off-by: Harald Welte <laforge at gnumonks.org>
Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
-diff --git a/drivers/char/pcmcia/cm4040_cs.c b/drivers/char/pcmcia/cm4040_cs.c
-index 0e82968..f2e4ec4 100644
Index: linux-2.6.18/drivers/char/pcmcia/cm4040_cs.c
===================================================================
---- linux-2.6.18.orig/drivers/char/pcmcia/cm4040_cs.c 2007-05-17 23:48:29.836503411 +0300
-+++ linux-2.6.18/drivers/char/pcmcia/cm4040_cs.c 2007-05-17 23:49:16.829334360 +0300
-@@ -273,6 +273,7 @@
+--- linux-2.6.18.orig/drivers/char/pcmcia/cm4040_cs.c
++++ linux-2.6.18/drivers/char/pcmcia/cm4040_cs.c
+@@ -273,6 +273,7 @@ static ssize_t cm4040_read(struct file *
DEBUGP(6, dev, "BytesToRead=%lu\n", bytes_to_read);
min_bytes_to_read = min(count, bytes_to_read + 5);
@@ -32,7 +30,7 @@
DEBUGP(6, dev, "Min=%lu\n", min_bytes_to_read);
-@@ -340,7 +341,7 @@
+@@ -340,7 +341,7 @@ static ssize_t cm4040_write(struct file
return 0;
}
Modified: devel/kernel/kernel/files/CVE/CVE-2007-0006.patch
=================================================================
--- devel/kernel/kernel/files/CVE/CVE-2007-0006.patch (original)
+++ devel/kernel/kernel/files/CVE/CVE-2007-0006.patch Mon Jun 4 00:42:36 2007
@@ -24,9 +24,9 @@
Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
Index: linux-2.6.18/security/keys/key.c
===================================================================
---- linux-2.6.18.orig/security/keys/key.c 2007-05-17 23:48:29.836503411 +0300
-+++ linux-2.6.18/security/keys/key.c 2007-05-17 23:49:16.329410627 +0300
-@@ -188,6 +188,7 @@
+--- linux-2.6.18.orig/security/keys/key.c
++++ linux-2.6.18/security/keys/key.c
+@@ -188,6 +188,7 @@ static inline void key_alloc_serial(stru
spin_lock(&key_serial_lock);
@@ -34,7 +34,7 @@
parent = NULL;
p = &key_serial_tree.rb_node;
-@@ -202,39 +203,33 @@
+@@ -202,39 +203,33 @@ static inline void key_alloc_serial(stru
else
goto serial_exists;
}
Modified: devel/kernel/kernel/files/CVE/CVE-2007-0958.patch
=================================================================
--- devel/kernel/kernel/files/CVE/CVE-2007-0958.patch (original)
+++ devel/kernel/kernel/files/CVE/CVE-2007-0958.patch Mon Jun 4 00:42:36 2007
@@ -26,13 +26,11 @@
Signed-off-by: Andrew Morton <akpm at osdl.org>
Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
-diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
-index 90461f4..669dbe5 100644
Index: linux-2.6.18/fs/binfmt_elf.c
===================================================================
---- linux-2.6.18.orig/fs/binfmt_elf.c 2007-05-17 23:48:29.336579678 +0300
-+++ linux-2.6.18/fs/binfmt_elf.c 2007-05-17 23:49:17.829181827 +0300
-@@ -683,6 +683,15 @@
+--- linux-2.6.18.orig/fs/binfmt_elf.c
++++ linux-2.6.18/fs/binfmt_elf.c
+@@ -683,6 +683,15 @@ static int load_elf_binary(struct linux_
retval = PTR_ERR(interpreter);
if (IS_ERR(interpreter))
goto out_free_interp;
@@ -50,9 +48,9 @@
if (retval != BINPRM_BUF_SIZE) {
Index: linux-2.6.18/fs/binfmt_elf_fdpic.c
===================================================================
---- linux-2.6.18.orig/fs/binfmt_elf_fdpic.c 2007-05-17 23:48:29.336579678 +0300
-+++ linux-2.6.18/fs/binfmt_elf_fdpic.c 2007-05-17 23:49:17.829181827 +0300
-@@ -237,6 +237,14 @@
+--- linux-2.6.18.orig/fs/binfmt_elf_fdpic.c
++++ linux-2.6.18/fs/binfmt_elf_fdpic.c
+@@ -237,6 +237,14 @@ static int load_elf_fdpic_binary(struct
goto error;
}
Modified: devel/kernel/kernel/files/CVE/CVE-2007-1000.patch
=================================================================
--- devel/kernel/kernel/files/CVE/CVE-2007-1000.patch (original)
+++ devel/kernel/kernel/files/CVE/CVE-2007-1000.patch Mon Jun 4 00:42:36 2007
@@ -6,11 +6,11 @@
Signed-off-by: David S. Miller <davem at davemloft.net>
-diff --git a/net/ipv6/ipv6_sockglue.c b/net/ipv6/ipv6_sockglue.c
-index 286c867..4e0561a 100644
---- a/net/ipv6/ipv6_sockglue.c
-+++ b/net/ipv6/ipv6_sockglue.c
-@@ -795,11 +795,15 @@ int compat_ipv6_setsockopt(struct sock *sk, int level, int optname,
+Index: linux-2.6.18/net/ipv6/ipv6_sockglue.c
+===================================================================
+--- linux-2.6.18.orig/net/ipv6/ipv6_sockglue.c
++++ linux-2.6.18/net/ipv6/ipv6_sockglue.c
+@@ -782,11 +782,15 @@ int compat_ipv6_setsockopt(struct sock *
EXPORT_SYMBOL(compat_ipv6_setsockopt);
#endif
@@ -28,7 +28,7 @@
len = min_t(int, len, ipv6_optlen(hdr));
if (copy_to_user(optval, hdr, ipv6_optlen(hdr)))
return -EFAULT;
-@@ -940,7 +944,7 @@ static int do_ipv6_getsockopt(struct sock *sk, int level, int optname,
+@@ -926,7 +930,7 @@ static int do_ipv6_getsockopt(struct soc
{
lock_sock(sk);
Modified: devel/kernel/kernel/files/CVE/CVE-2007-1217.patch
=================================================================
--- devel/kernel/kernel/files/CVE/CVE-2007-1217.patch (original)
+++ devel/kernel/kernel/files/CVE/CVE-2007-1217.patch Mon Jun 4 00:42:36 2007
@@ -1,8 +1,8 @@
Index: linux-2.6.18/drivers/isdn/capi/capidrv.c
===================================================================
---- linux-2.6.18.orig/drivers/isdn/capi/capidrv.c 2007-05-17 23:48:44.334291682 +0300
-+++ linux-2.6.18/drivers/isdn/capi/capidrv.c 2007-05-17 23:49:19.328953028 +0300
-@@ -993,6 +993,7 @@
+--- linux-2.6.18.orig/drivers/isdn/capi/capidrv.c
++++ linux-2.6.18/drivers/isdn/capi/capidrv.c
+@@ -993,6 +993,7 @@ static void handle_plci(_cmsg * cmsg)
capidrv_contr *card = findcontrbynumber(cmsg->adr.adrController & 0x7f);
capidrv_plci *plcip;
isdn_ctrl cmd;
@@ -10,7 +10,7 @@
if (!card) {
printk(KERN_ERR "capidrv: %s from unknown controller 0x%x\n",
-@@ -1125,8 +1126,15 @@
+@@ -1125,8 +1126,15 @@ static void handle_plci(_cmsg * cmsg)
break;
}
}
@@ -28,7 +28,7 @@
break;
case CAPI_CONNECT_ACTIVE_CONF: /* plci */
-@@ -1374,10 +1382,18 @@
+@@ -1374,10 +1382,18 @@ static _cmsg s_cmsg;
static void capidrv_recv_message(struct capi20_appl *ap, struct sk_buff *skb)
{
capi_message2cmsg(&s_cmsg, skb->data);
@@ -53,9 +53,9 @@
handle_data(&s_cmsg, skb);
Index: linux-2.6.18/drivers/isdn/capi/capiutil.c
===================================================================
---- linux-2.6.18.orig/drivers/isdn/capi/capiutil.c 2007-05-17 23:48:28.836655943 +0300
-+++ linux-2.6.18/drivers/isdn/capi/capiutil.c 2007-05-17 23:49:19.328953028 +0300
-@@ -648,6 +648,9 @@
+--- linux-2.6.18.orig/drivers/isdn/capi/capiutil.c
++++ linux-2.6.18/drivers/isdn/capi/capiutil.c
+@@ -648,6 +648,9 @@ char *capi_cmd2str(u8 cmd, u8 subcmd)
/*-------------------------------------------------------*/
@@ -65,7 +65,7 @@
/*-------------------------------------------------------*/
static char *pnames[] =
-@@ -703,44 +706,77 @@
+@@ -703,44 +706,77 @@ static char *pnames[] =
};
@@ -155,7 +155,7 @@
if (m[0] != 0xff) {
len = m[0];
m += 1;
-@@ -748,42 +784,45 @@
+@@ -748,42 +784,45 @@ static void printstruct(u8 * m)
len = ((u16 *) (m + 1))[0];
m += 3;
}
@@ -212,7 +212,7 @@
if (cmsg->m[cmsg->l] != 0xff)
cmsg->l += 1 + cmsg->m[cmsg->l];
else
-@@ -794,61 +833,184 @@
+@@ -794,61 +833,184 @@ static void protocol_message_2_pars(_cms
case _CMSTRUCT:
/*----- Metastruktur 0 -----*/
if (cmsg->m[cmsg->l] == '\0') {
@@ -423,9 +423,9 @@
EXPORT_SYMBOL(capi_cmsg_header);
Index: linux-2.6.18/drivers/isdn/capi/kcapi.c
===================================================================
---- linux-2.6.18.orig/drivers/isdn/capi/kcapi.c 2007-05-17 23:48:28.836655943 +0300
-+++ linux-2.6.18/drivers/isdn/capi/kcapi.c 2007-05-17 23:49:19.328953028 +0300
-@@ -274,10 +274,17 @@
+--- linux-2.6.18.orig/drivers/isdn/capi/kcapi.c
++++ linux-2.6.18/drivers/isdn/capi/kcapi.c
+@@ -274,10 +274,17 @@ void capi_ctr_handle_message(struct capi
int showctl = 0;
u8 cmd, subcmd;
unsigned long flags;
@@ -445,7 +445,7 @@
goto error;
}
-@@ -293,15 +300,21 @@
+@@ -293,15 +300,21 @@ void capi_ctr_handle_message(struct capi
showctl |= (card->traceflag & 1);
if (showctl & 2) {
if (showctl & 1) {
@@ -473,7 +473,7 @@
}
}
-@@ -310,8 +323,15 @@
+@@ -310,8 +323,15 @@ void capi_ctr_handle_message(struct capi
ap = get_capi_appl_by_nr(CAPIMSG_APPID(skb->data));
if ((!ap) || (ap->release_in_progress)) {
read_unlock_irqrestore(&application_lock, flags);
@@ -491,7 +491,7 @@
goto error;
}
skb_queue_tail(&ap->recv_queue, skb);
-@@ -330,7 +350,7 @@
+@@ -330,7 +350,7 @@ void capi_ctr_ready(struct capi_ctr * ca
{
card->cardstate = CARD_RUNNING;
@@ -500,7 +500,7 @@
card->cnr, card->name);
notify_push(KCI_CONTRUP, card->cnr, 0, 0);
-@@ -362,7 +382,7 @@
+@@ -362,7 +382,7 @@ void capi_ctr_reseted(struct capi_ctr *
capi_ctr_put(card);
}
@@ -509,7 +509,7 @@
notify_push(KCI_CONTRDOWN, card->cnr, 0, 0);
}
-@@ -372,7 +392,7 @@
+@@ -372,7 +392,7 @@ EXPORT_SYMBOL(capi_ctr_reseted);
void capi_ctr_suspend_output(struct capi_ctr *card)
{
if (!card->blocked) {
@@ -518,7 +518,7 @@
card->blocked = 1;
}
}
-@@ -382,7 +402,7 @@
+@@ -382,7 +402,7 @@ EXPORT_SYMBOL(capi_ctr_suspend_output);
void capi_ctr_resume_output(struct capi_ctr *card)
{
if (card->blocked) {
@@ -527,7 +527,7 @@
card->blocked = 0;
}
}
-@@ -430,7 +450,7 @@
+@@ -430,7 +450,7 @@ attach_capi_ctr(struct capi_ctr *card)
}
ncards++;
@@ -536,7 +536,7 @@
card->cnr, card->name);
return 0;
}
-@@ -449,7 +469,7 @@
+@@ -449,7 +469,7 @@ int detach_capi_ctr(struct capi_ctr *car
card->procent = NULL;
}
capi_cards[card->cnr - 1] = NULL;
@@ -545,7 +545,7 @@
card->cnr, card->name);
return 0;
-@@ -621,17 +641,25 @@
+@@ -621,17 +641,25 @@ u16 capi20_put_message(struct capi20_app
showctl |= (card->traceflag & 1);
if (showctl & 2) {
if (showctl & 1) {
@@ -576,7 +576,7 @@
}
return card->send_message(card, skb);
}
-@@ -892,7 +920,7 @@
+@@ -892,7 +920,7 @@ int capi20_manufacturer(unsigned int cmd
return -ESRCH;
card->traceflag = fdef.flag;
@@ -585,7 +585,7 @@
card->cnr, card->traceflag);
return 0;
}
-@@ -965,7 +993,11 @@
+@@ -965,7 +993,11 @@ static int __init kcapi_init(void)
{
char *p;
char rev[32];
@@ -597,7 +597,7 @@
kcapi_proc_init();
if ((p = strchr(revision, ':')) != 0 && p[1]) {
-@@ -986,6 +1018,7 @@
+@@ -986,6 +1018,7 @@ static void __exit kcapi_exit(void)
/* make sure all notifiers are finished */
flush_scheduled_work();
@@ -607,8 +607,8 @@
module_init(kcapi_init);
Index: linux-2.6.18/drivers/isdn/capi/Kconfig
===================================================================
---- linux-2.6.18.orig/drivers/isdn/capi/Kconfig 2007-05-17 23:48:28.836655943 +0300
-+++ linux-2.6.18/drivers/isdn/capi/Kconfig 2007-05-17 23:49:19.328953028 +0300
+--- linux-2.6.18.orig/drivers/isdn/capi/Kconfig
++++ linux-2.6.18/drivers/isdn/capi/Kconfig
@@ -2,13 +2,25 @@
# Config.in for the CAPI subsystem
#
@@ -639,9 +639,9 @@
depends on ISDN_CAPI && EXPERIMENTAL
Index: linux-2.6.18/include/linux/isdn/capiutil.h
===================================================================
---- linux-2.6.18.orig/include/linux/isdn/capiutil.h 2007-05-17 23:48:28.836655943 +0300
-+++ linux-2.6.18/include/linux/isdn/capiutil.h 2007-05-17 23:49:19.328953028 +0300
-@@ -174,9 +174,26 @@
+--- linux-2.6.18.orig/include/linux/isdn/capiutil.h
++++ linux-2.6.18/include/linux/isdn/capiutil.h
+@@ -174,9 +174,26 @@ char *capi_info2str(__u16 reason);
/*
* Debugging / Tracing functions
*/
Modified: devel/kernel/kernel/files/CVE/CVE-2007-1357.patch
=================================================================
--- devel/kernel/kernel/files/CVE/CVE-2007-1357.patch (original)
+++ devel/kernel/kernel/files/CVE/CVE-2007-1357.patch Mon Jun 4 00:42:36 2007
@@ -71,9 +71,9 @@
Signed-off-by: Adrian Bunk <bunk at stusta.de>
Index: linux-2.6.18/net/appletalk/ddp.c
===================================================================
---- linux-2.6.18.orig/net/appletalk/ddp.c 2007-05-17 23:48:29.336579678 +0300
-+++ linux-2.6.18/net/appletalk/ddp.c 2007-05-17 23:49:18.329105560 +0300
-@@ -1420,10 +1420,13 @@
+--- linux-2.6.18.orig/net/appletalk/ddp.c
++++ linux-2.6.18/net/appletalk/ddp.c
+@@ -1420,10 +1420,13 @@ static int atalk_rcv(struct sk_buff *skb
/*
* Size check to see if ddp->deh_len was crap
* (Otherwise we'll detonate most spectacularly
Modified: devel/kernel/kernel/files/CVE/CVE-2007-1388.patch
=================================================================
--- devel/kernel/kernel/files/CVE/CVE-2007-1388.patch (original)
+++ devel/kernel/kernel/files/CVE/CVE-2007-1388.patch Mon Jun 4 00:42:36 2007
@@ -10,13 +10,11 @@
Acked-by: YOSHIFUJI Hideaki <yoshfuji at linux-ipv6.org>
Signed-off-by: David S. Miller <davem at davemloft.net>
-diff --git a/net/ipv6/ipv6_sockglue.c b/net/ipv6/ipv6_sockglue.c
-index 4e0561a..b82333b 100644
Index: linux-2.6.18/net/ipv6/ipv6_sockglue.c
===================================================================
---- linux-2.6.18.orig/net/ipv6/ipv6_sockglue.c 2007-05-17 23:49:17.329258093 +0300
-+++ linux-2.6.18/net/ipv6/ipv6_sockglue.c 2007-05-17 23:49:17.829181827 +0300
-@@ -408,7 +408,7 @@
+--- linux-2.6.18.orig/net/ipv6/ipv6_sockglue.c
++++ linux-2.6.18/net/ipv6/ipv6_sockglue.c
+@@ -408,7 +408,7 @@ static int do_ipv6_setsockopt(struct soc
}
/* routing header option needs extra check */
Modified: devel/kernel/kernel/files/CVE/CVE-2007-1496.patch
=================================================================
--- devel/kernel/kernel/files/CVE/CVE-2007-1496.patch (original)
+++ devel/kernel/kernel/files/CVE/CVE-2007-1496.patch Mon Jun 4 00:42:36 2007
@@ -1,7 +1,7 @@
Index: linux-2.6.18/net/netfilter/nfnetlink_log.c
===================================================================
---- linux-2.6.18.orig/net/netfilter/nfnetlink_log.c 2007-05-17 23:48:29.836503411 +0300
-+++ linux-2.6.18/net/netfilter/nfnetlink_log.c 2007-05-17 23:49:16.829334360 +0300
+--- linux-2.6.18.orig/net/netfilter/nfnetlink_log.c
++++ linux-2.6.18/net/netfilter/nfnetlink_log.c
@@ -491,7 +491,7 @@ __build_packet_message(struct nfulnl_ins
* for physical device (when called from ipv4) */
NFA_PUT(inst->skb, NFULA_IFINDEX_OUTDEV,
@@ -11,7 +11,7 @@
tmp_uint =
htonl(skb->nf_bridge->physoutdev->ifindex);
NFA_PUT(inst->skb, NFULA_IFINDEX_PHYSOUTDEV,
-@@ -566,6 +566,7 @@
+@@ -566,6 +566,7 @@ __build_packet_message(struct nfulnl_ins
}
nlh->nlmsg_len = inst->skb->tail - old_tail;
@@ -19,7 +19,7 @@
return 0;
nlmsg_failure:
-@@ -857,6 +858,9 @@
+@@ -857,6 +858,9 @@ nfulnl_recv_config(struct sock *ctnl, st
ret = -EINVAL;
break;
}
@@ -29,7 +29,7 @@
} else {
if (!inst) {
UDEBUG("no config command, and no instance for "
-@@ -910,6 +914,7 @@
+@@ -910,6 +914,7 @@ nfulnl_recv_config(struct sock *ctnl, st
out_put:
instance_put(inst);
Modified: devel/kernel/kernel/files/CVE/CVE-2007-1497.patch
=================================================================
--- devel/kernel/kernel/files/CVE/CVE-2007-1497.patch (original)
+++ devel/kernel/kernel/files/CVE/CVE-2007-1497.patch Mon Jun 4 00:42:36 2007
@@ -16,13 +16,11 @@
Signed-off-by: Patrick McHardy <kaber at trash.net>
Signed-off-by: David S. Miller <davem at davemloft.net>
-diff --git a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
-index 6f19c4a..d110245 100644
Index: linux-2.6.18/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
===================================================================
---- linux-2.6.18.orig/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c 2007-05-17 23:48:29.836503411 +0300
-+++ linux-2.6.18/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c 2007-05-17 23:49:17.329258093 +0300
-@@ -264,6 +264,7 @@
+--- linux-2.6.18.orig/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
++++ linux-2.6.18/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
+@@ -264,6 +264,7 @@ static unsigned int ipv6_conntrack_in(un
}
nf_conntrack_get(reasm->nfct);
(*pskb)->nfct = reasm->nfct;
Modified: devel/kernel/kernel/files/CVE/CVE-2007-1592.patch
=================================================================
--- devel/kernel/kernel/files/CVE/CVE-2007-1592.patch (original)
+++ devel/kernel/kernel/files/CVE/CVE-2007-1592.patch Mon Jun 4 00:42:36 2007
@@ -1,8 +1,8 @@
Index: linux-2.6.18/net/ipv6/tcp_ipv6.c
===================================================================
---- linux-2.6.18.orig/net/ipv6/tcp_ipv6.c 2007-05-17 23:48:44.834215415 +0300
-+++ linux-2.6.18/net/ipv6/tcp_ipv6.c 2007-05-17 23:49:17.829181827 +0300
-@@ -966,6 +966,7 @@
+--- linux-2.6.18.orig/net/ipv6/tcp_ipv6.c
++++ linux-2.6.18/net/ipv6/tcp_ipv6.c
+@@ -966,6 +966,7 @@ static struct sock * tcp_v6_syn_recv_soc
First: no IPv4 options.
*/
newinet->opt = NULL;
Modified: devel/kernel/kernel/files/CVE/CVE-2007-1861.patch
=================================================================
--- devel/kernel/kernel/files/CVE/CVE-2007-1861.patch (original)
+++ devel/kernel/kernel/files/CVE/CVE-2007-1861.patch Mon Jun 4 00:42:36 2007
@@ -1,8 +1,8 @@
Index: linux-2.6.18/net/ipv4/fib_frontend.c
===================================================================
---- linux-2.6.18.orig/net/ipv4/fib_frontend.c 2007-05-17 23:48:29.336579678 +0300
-+++ linux-2.6.18/net/ipv4/fib_frontend.c 2007-05-17 23:49:18.829029293 +0300
-@@ -524,6 +524,11 @@
+--- linux-2.6.18.orig/net/ipv4/fib_frontend.c
++++ linux-2.6.18/net/ipv4/fib_frontend.c
+@@ -527,6 +527,11 @@ static void nl_fib_lookup(struct fib_res
.fwmark = frn->fl_fwmark,
.tos = frn->fl_tos,
.scope = frn->fl_scope } } };
@@ -14,7 +14,7 @@
if (tb) {
local_bh_disable();
-@@ -535,6 +540,7 @@
+@@ -538,6 +543,7 @@ static void nl_fib_lookup(struct fib_res
frn->nh_sel = res.nh_sel;
frn->type = res.type;
frn->scope = res.scope;
@@ -22,7 +22,7 @@
}
local_bh_enable();
}
-@@ -549,6 +555,9 @@
+@@ -552,6 +558,9 @@ static void nl_fib_input(struct sock *sk
struct fib_table *tb;
skb = skb_dequeue(&sk->sk_receive_queue);
@@ -32,7 +32,7 @@
nlh = (struct nlmsghdr *)skb->data;
if (skb->len < NLMSG_SPACE(0) || skb->len < nlh->nlmsg_len ||
nlh->nlmsg_len < NLMSG_LENGTH(sizeof(*frn))) {
-@@ -561,7 +570,7 @@
+@@ -564,7 +573,7 @@ static void nl_fib_input(struct sock *sk
nl_fib_lookup(frn, tb);
Modified: devel/kernel/kernel/files/CVE/CVE-2007-2172.patch
=================================================================
--- devel/kernel/kernel/files/CVE/CVE-2007-2172.patch (original)
+++ devel/kernel/kernel/files/CVE/CVE-2007-2172.patch Mon Jun 4 00:42:36 2007
@@ -1,8 +1,8 @@
-Index: linux-2.6.18.noarch/net/ipv4/fib_frontend.c
+Index: linux-2.6.18/net/ipv4/fib_frontend.c
===================================================================
---- linux-2.6.18.noarch.orig/net/ipv4/fib_frontend.c 2007-05-02 22:06:12.000000000 +0200
-+++ linux-2.6.18.noarch/net/ipv4/fib_frontend.c 2007-05-02 22:34:55.000000000 +0200
-@@ -308,6 +308,9 @@ static int inet_check_attr(struct rtmsg
+--- linux-2.6.18.orig/net/ipv4/fib_frontend.c
++++ linux-2.6.18/net/ipv4/fib_frontend.c
+@@ -288,6 +288,9 @@ static int inet_check_attr(struct rtmsg
{
int i;
@@ -12,10 +12,10 @@
for (i=1; i<=RTA_MAX; i++, rta++) {
struct rtattr *attr = *rta;
if (attr) {
-Index: linux-2.6.18.noarch/net/ipv4/fib_semantics.c
+Index: linux-2.6.18/net/ipv4/fib_semantics.c
===================================================================
---- linux-2.6.18.noarch.orig/net/ipv4/fib_semantics.c 2007-05-02 22:06:12.000000000 +0200
-+++ linux-2.6.18.noarch/net/ipv4/fib_semantics.c 2007-05-02 22:30:05.000000000 +0200
+--- linux-2.6.18.orig/net/ipv4/fib_semantics.c
++++ linux-2.6.18/net/ipv4/fib_semantics.c
@@ -88,7 +88,7 @@ static const struct
{
int error;
@@ -25,4 +25,3 @@
{
.error = 0,
.scope = RT_SCOPE_NOWHERE,
-
Modified: devel/kernel/kernel/files/CVE/CVE-2007-2242.patch
=================================================================
--- devel/kernel/kernel/files/CVE/CVE-2007-2242.patch (original)
+++ devel/kernel/kernel/files/CVE/CVE-2007-2242.patch Mon Jun 4 00:42:36 2007
@@ -16,9 +16,9 @@
Index: linux-2.6.18/Documentation/networking/ip-sysctl.txt
===================================================================
---- linux-2.6.18.orig/Documentation/networking/ip-sysctl.txt 2007-05-17 23:48:29.336579678 +0300
-+++ linux-2.6.18/Documentation/networking/ip-sysctl.txt 2007-05-17 23:49:18.829029293 +0300
-@@ -775,6 +775,15 @@
+--- linux-2.6.18.orig/Documentation/networking/ip-sysctl.txt
++++ linux-2.6.18/Documentation/networking/ip-sysctl.txt
+@@ -775,6 +775,15 @@ accept_redirects - BOOLEAN
Functional default: enabled if local forwarding is disabled.
disabled if local forwarding is enabled.
@@ -36,9 +36,9 @@
Advertisements.
Index: linux-2.6.18/include/linux/ipv6.h
===================================================================
---- linux-2.6.18.orig/include/linux/ipv6.h 2007-05-17 23:48:29.336579678 +0300
-+++ linux-2.6.18/include/linux/ipv6.h 2007-05-17 23:49:18.829029293 +0300
-@@ -153,6 +153,7 @@
+--- linux-2.6.18.orig/include/linux/ipv6.h
++++ linux-2.6.18/include/linux/ipv6.h
+@@ -153,6 +153,7 @@ struct ipv6_devconf {
__s32 accept_ra_rt_info_max_plen;
#endif
#endif
@@ -46,7 +46,7 @@
void *sysctl;
};
-@@ -180,6 +181,9 @@
+@@ -180,6 +181,9 @@ enum {
DEVCONF_ACCEPT_RA_RTR_PREF,
DEVCONF_RTR_PROBE_INTERVAL,
DEVCONF_ACCEPT_RA_RT_INFO_MAX_PLEN,
@@ -58,9 +58,9 @@
Index: linux-2.6.18/include/linux/sysctl.h
===================================================================
---- linux-2.6.18.orig/include/linux/sysctl.h 2007-05-17 23:49:10.330325824 +0300
-+++ linux-2.6.18/include/linux/sysctl.h 2007-05-17 23:49:18.829029293 +0300
-@@ -555,6 +555,7 @@
+--- linux-2.6.18.orig/include/linux/sysctl.h
++++ linux-2.6.18/include/linux/sysctl.h
+@@ -555,6 +555,7 @@ enum {
NET_IPV6_ACCEPT_RA_RTR_PREF=20,
NET_IPV6_RTR_PROBE_INTERVAL=21,
NET_IPV6_ACCEPT_RA_RT_INFO_MAX_PLEN=22,
@@ -70,9 +70,9 @@
Index: linux-2.6.18/net/ipv6/addrconf.c
===================================================================
---- linux-2.6.18.orig/net/ipv6/addrconf.c 2007-05-17 23:48:29.336579678 +0300
-+++ linux-2.6.18/net/ipv6/addrconf.c 2007-05-17 23:49:18.829029293 +0300
-@@ -164,6 +164,7 @@
+--- linux-2.6.18.orig/net/ipv6/addrconf.c
++++ linux-2.6.18/net/ipv6/addrconf.c
+@@ -164,6 +164,7 @@ struct ipv6_devconf ipv6_devconf = {
.max_desync_factor = MAX_DESYNC_FACTOR,
#endif
.max_addresses = IPV6_MAX_ADDRESSES,
@@ -80,7 +80,7 @@
.accept_ra_defrtr = 1,
.accept_ra_pinfo = 1,
#ifdef CONFIG_IPV6_ROUTER_PREF
-@@ -194,6 +195,7 @@
+@@ -194,6 +195,7 @@ static struct ipv6_devconf ipv6_devconf_
.max_desync_factor = MAX_DESYNC_FACTOR,
#endif
.max_addresses = IPV6_MAX_ADDRESSES,
@@ -88,7 +88,7 @@
.accept_ra_defrtr = 1,
.accept_ra_pinfo = 1,
#ifdef CONFIG_IPV6_ROUTER_PREF
-@@ -3320,6 +3322,7 @@
+@@ -3320,6 +3322,7 @@ static void inline ipv6_store_devconf(st
array[DEVCONF_MAX_DESYNC_FACTOR] = cnf->max_desync_factor;
#endif
array[DEVCONF_MAX_ADDRESSES] = cnf->max_addresses;
@@ -96,7 +96,7 @@
array[DEVCONF_ACCEPT_RA_DEFRTR] = cnf->accept_ra_defrtr;
array[DEVCONF_ACCEPT_RA_PINFO] = cnf->accept_ra_pinfo;
#ifdef CONFIG_IPV6_ROUTER_PREF
-@@ -3798,6 +3801,14 @@
+@@ -3798,6 +3801,14 @@ static struct addrconf_sysctl_table
.proc_handler = &proc_dointvec,
},
{
@@ -113,9 +113,9 @@
.data = &ipv6_devconf.accept_ra_defrtr,
Index: linux-2.6.18/net/ipv6/exthdrs.c
===================================================================
---- linux-2.6.18.orig/net/ipv6/exthdrs.c 2007-05-17 23:48:29.336579678 +0300
-+++ linux-2.6.18/net/ipv6/exthdrs.c 2007-05-17 23:49:18.829029293 +0300
-@@ -221,10 +221,28 @@
+--- linux-2.6.18.orig/net/ipv6/exthdrs.c
++++ linux-2.6.18/net/ipv6/exthdrs.c
+@@ -221,10 +221,28 @@ static int ipv6_rthdr_rcv(struct sk_buff
struct inet6_skb_parm *opt = IP6CB(skb);
struct in6_addr *addr;
struct in6_addr daddr;
@@ -144,7 +144,7 @@
if (!pskb_may_pull(skb, (skb->h.raw-skb->data)+8) ||
!pskb_may_pull(skb, (skb->h.raw-skb->data)+((skb->h.raw[1]+1)<<3))) {
-@@ -235,6 +253,18 @@
+@@ -235,6 +253,18 @@ static int ipv6_rthdr_rcv(struct sk_buff
hdr = (struct ipv6_rt_hdr *) skb->h.raw;
@@ -163,7 +163,7 @@
if (ipv6_addr_is_multicast(&skb->nh.ipv6h->daddr) ||
skb->pkt_type != PACKET_HOST) {
IP6_INC_STATS_BH(IPSTATS_MIB_INADDRERRORS);
-@@ -253,12 +283,6 @@
+@@ -253,12 +283,6 @@ looped_back:
return 1;
}
Modified: devel/kernel/kernel/files/CVE/CVE-2007-2453.patch
=================================================================
--- devel/kernel/kernel/files/CVE/CVE-2007-2453.patch (original)
+++ devel/kernel/kernel/files/CVE/CVE-2007-2453.patch Mon Jun 4 00:42:36 2007
@@ -1,6 +1,8 @@
---- a/drivers/char/random.c 2007-05-30 20:15:00.931938453 +0300
-+++ b/drivers/char/random.c 2007-05-30 20:15:03.431557119 +0300
-@@ -757,7 +757,7 @@
+Index: linux-2.6.18/drivers/char/random.c
+===================================================================
+--- linux-2.6.18.orig/drivers/char/random.c
++++ linux-2.6.18/drivers/char/random.c
+@@ -757,7 +757,7 @@ static size_t account(struct entropy_sto
static void extract_buf(struct entropy_store *r, __u8 *out)
{
@@ -9,7 +11,7 @@
__u32 data[16], buf[5 + SHA_WORKSPACE_WORDS];
sha_init(buf);
-@@ -769,9 +769,11 @@
+@@ -769,9 +769,11 @@ static void extract_buf(struct entropy_s
* attempts to find previous ouputs), unless the hash
* function can be inverted.
*/
@@ -24,7 +26,7 @@
}
/*
-@@ -779,7 +781,7 @@
+@@ -779,7 +781,7 @@ static void extract_buf(struct entropy_s
* portion of the pool while mixing, and hash one
* final time.
*/
@@ -33,7 +35,7 @@
sha_transform(buf, (__u8 *)data, buf + 5);
/*
-@@ -1017,37 +1019,44 @@
+@@ -1017,37 +1019,44 @@ random_poll(struct file *file, poll_tabl
return mask;
}
@@ -102,7 +104,7 @@
}
static int
-@@ -1086,8 +1095,8 @@
+@@ -1086,8 +1095,8 @@ random_ioctl(struct inode * inode, struc
return -EINVAL;
if (get_user(size, p++))
return -EFAULT;
Modified: devel/kernel/kernel/files/CVE/CVE-2007-2525.patch
=================================================================
--- devel/kernel/kernel/files/CVE/CVE-2007-2525.patch (original)
+++ devel/kernel/kernel/files/CVE/CVE-2007-2525.patch Mon Jun 4 00:42:36 2007
@@ -24,13 +24,11 @@
Acked-by: Michal Ostrowski <mostrows at earthlink.net>
Signed-off-by: David S. Miller <davem at davemloft.net>
-diff --git a/drivers/net/pppox.c b/drivers/net/pppox.c
-index 9315046..3f8115d 100644
Index: linux-2.6.18/drivers/net/pppox.c
===================================================================
---- linux-2.6.18.orig/drivers/net/pppox.c 2007-05-17 23:48:28.836655943 +0300
-+++ linux-2.6.18/drivers/net/pppox.c 2007-05-17 23:49:19.828876761 +0300
-@@ -58,7 +58,7 @@
+--- linux-2.6.18.orig/drivers/net/pppox.c
++++ linux-2.6.18/drivers/net/pppox.c
+@@ -58,7 +58,7 @@ void pppox_unbind_sock(struct sock *sk)
{
/* Clear connection to ppp device, if attached. */
Paketler-commits mesaj listesiyle ilgili
daha fazla bilgi