On Sun, Oct 09, 2005 at 12:18:54PM +0200, Moritz Muehlenhoff wrote: > Hi Horms / security team, > I found three more security related reports/patches on linux-kernel.
Below are my annotations of 2.6.13.4 for all sarge and beyond kernels. I'm particularly interested in someone checking my backports of the sparc64 problem (not security). The attached document currently resides in: http://svn.debian.org/wsvn/kernel/people/horms/patch_notes/2.6-stable/2.6.13.4?op=file&rev=0&sc=0 -- Horms
Version: 2.6.13.4 URL: http://www.kernel.org/git/?p=linux/kernel/git/chrisw/stable-queue.git;a=tree;f=2.6.13.4 * ieee1394/sbp2: fixes for hot-unplug and module unloading ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.patch Security: No 2.6.13: applied 2.6.12: added to svn; ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.patch 2.6.8-sarge: added to svn; ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.dpatch 2.6.8-sarge-security: not a security fix 2.4.27-sid/sarge: not vulnerable 2.4.27-sarge-security: not vulnerable; not a security fix * [SECURITY] orinoco: Information leakage due to incorrect padding orinoco-info-leak.patch Security: Yes; Should request CVE 2.6.13: applied 2.6.12: added to svn; orinoco-info-leak.patch 2.6.8-sarge: added to svn; backported; orinoco-info-leak.dpatch 2.6.8-sarge-security: added to svn; backported; orinoco-info-leak.dpatch 2.4.27-sid/sarge: added to svn; backported; 192_orinoco-info-leak.diff 2.4.27-sarge-security: added to svn; backported; 192_orinoco-info-leak.diff * [TCP]: BIC coding bug in Linux 2.6.13 tcp-congestion-control-bug.patch Security: pending examination: 2.6.13: applied 2.6.12: not vulnerable 2.6.8-sarge: not vulnerable 2.6.8-sarge-security: not vulnerable; not a security fix 2.4.27-sid/sarge: not vulnerable 2.4.27-sarge-security: not vulnerable; not a security fix * [SECURITY] Fix drm 'debug' sysfs permissions drm-module_param-permissions-fix.patch Security: Yes; Should request CVE 2.6.13: applied 2.6.12: added to svn; drm-module_param-permissions-fix.patch 2.6.8-sarge: not vulnerable 2.6.8-sarge-security: not vulnerable 2.4.27-sid/sarge: not vulnerable 2.4.27-sarge-security: not vulnerable * [SPARC64]: Fix userland FPU state corruption. fix-sparc64-fpu-register-corruption.patch Security: No 2.6.13: applied 2.6.12: added to svn; backport; fix-sparc64-fpu-register-corruption.patch 2.6.8-sarge: added to svn; backport; fix-sparc64-fpu-register-corruption.dpatch 2.6.8-sarge-security: not a security fix 2.4.27-sid/sarge: not vulnerable 2.4.27-sarge-security: not vulnerable N.B: Could someone please look at these backports. They were trivial enough, but I have no way of testing them, nor do I have a good grasp of sparc assembly. I know this bug was painful to find, so presumably a miss-fix would be simmilarly painful. -- Horms * Avoid 'names_cache' memory leak with CONFIG_AUDITSYSCALL plug-names_cache-memleak.patch Security: No 2.6.13: applied 2.6.12: added to svn; backport; plug-names_cache-memleak.dpatch 2.6.8-sarge: added to svn; backport; plug-names_cache-memleak.dpatch 2.6.8-sarge-security: not a security fix 2.4.27-sid/sarge: added to svn; backport; 193_plug-names_cache-memleak.diff 2.4.27-sarge-security: pending examination * [SECURITY] key: plug request_key_auth memleak See CAN-2005-3119 key-rka-memleak.patch Security: Yes; CAN-2005-3119 2.6.13: applied 2.6.12: not vulnerable 2.6.8-sarge: not vulnerable 2.6.8-sarge-security: not vulnerable 2.4.27-sid/sarge: not vulnerable 2.4.27-sarge-security: not vulnerable
