On Wed, Jun 29, 2005 at 06:23:38PM +0900, Horms wrote: > On Wed, Jun 29, 2005 at 11:14:20AM +0900, Horms wrote: > > On Tue, Jun 28, 2005 at 10:36:15PM +0200, Frederik Schueler wrote: > > > Hello, > > > > > > I would like to start preparing a seurity update for kernel-source-2.6.8 > > > in sarge, wich released with version 2.6.8-16. > > > > > > In sarge-security we have an old 2.6.15sarge1 wich never got released. > > > > > > Does anyone object if I update those sources to the revision in sarge, > > > and we start building 2.6.8-16sarge1 from it? > > > > > > I already got some patches from the ubuntu 2.6.8 kernel package > > > addressing > > > the following 5 issues: > > > > > > CAN-2005-0756 > > > CAN-2005-1265 > > > CAN-2005-1762 > > > CAN-2005-1763 > > > CAN-2005-1765 > > > > > > and these 3 still need to be addressed: > > > > > > CAN-2005-1764 > > > CAN-2005-0449 #295949 > > > CAN-2005-0356 #310804 > > > > > > > > > if nobody objects, I would like to commit my changes.
I would like to note that 2.6.8 does not seem to be vulnerable to CAN-2005-1913, as it does not include per-process timers, which was introduced by this patch http://linux.bkbits.net:8080/linux-2.6/[EMAIL PROTECTED] For refereance, the patch for CAN-2005-1913 is below: -- Horms commit fe3d5c8793fcaf33c5d3118a7f3ffc135eadaf4d tree 19fac0a8a24b4c106babdfee1e68b5e794ece216 parent 9ee1c939d1cb936b1f98e8d81aeffab57bae46ab author Linus Torvalds <[EMAIL PROTECTED]> 1119125869 -0700 committer Chris Wright <[EMAIL PROTECTED]> 1119468770 -0700 [PATCH] Clean up subthread exec (CAN-2005-1913) Make sure we re-parent itimers. If subthread exec's with timer pending, signal is delivered to old group-leader and can panic kernel. Signed-off-by: Linus Torvalds <[EMAIL PROTECTED]> Signed-off-by: Chris Wright <[EMAIL PROTECTED]> I:100644 100644 e56ee24370255e2ab4df9a3933ec03f0d07a2de3 422cc0ec5e366b846336a22398ddc019ca6212c2 M fs/exec.c Key: S: Skipped I: Included Included verbatim D: Deleted Manually deleted by subsequent user edit R: Revised Manually revised by subsequent user edit diff --git a/fs/exec.c b/fs/exec.c --- a/fs/exec.c +++ b/fs/exec.c @@ -649,6 +649,7 @@ static inline int de_thread(struct task_ } sig->group_exit_task = NULL; sig->notify_count = 0; + sig->real_timer.data = (unsigned long)current; spin_unlock_irq(lock); /* -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
