Date: Thursday, February 28, 2013 @ 19:41:03
Author: tpowa
Revision: 178913
upgpkg: linux 3.8.1-1
bump to latest version
Modified:
linux/trunk/PKGBUILD
linux/trunk/linux.install
Deleted:
linux/trunk/CVE-2013-1763.patch
linux/trunk/fat-3.6.x.patch
---------------------+
CVE-2013-1763.patch | 35 -----------------------------------
PKGBUILD | 27 +++++++++++----------------
fat-3.6.x.patch | 33 ---------------------------------
linux.install | 2 +-
4 files changed, 12 insertions(+), 85 deletions(-)
Deleted: CVE-2013-1763.patch
===================================================================
--- CVE-2013-1763.patch 2013-02-28 18:37:56 UTC (rev 178912)
+++ CVE-2013-1763.patch 2013-02-28 18:41:03 UTC (rev 178913)
@@ -1,35 +0,0 @@
-From 6e601a53566d84e1ffd25e7b6fe0b6894ffd79c0 Mon Sep 17 00:00:00 2001
-From: Mathias Krause <mini...@googlemail.com>
-Date: Sat, 23 Feb 2013 01:13:47 +0000
-Subject: [PATCH] sock_diag: Fix out-of-bounds access to sock_diag_handlers[]
-
-Userland can send a netlink message requesting SOCK_DIAG_BY_FAMILY
-with a family greater or equal then AF_MAX -- the array size of
-sock_diag_handlers[]. The current code does not test for this
-condition therefore is vulnerable to an out-of-bound access opening
-doors for a privilege escalation.
-
-Signed-off-by: Mathias Krause <mini...@googlemail.com>
-Acked-by: Eric Dumazet <eduma...@google.com>
-Signed-off-by: David S. Miller <da...@davemloft.net>
----
- net/core/sock_diag.c | 3 +++
- 1 files changed, 3 insertions(+), 0 deletions(-)
-
-diff --git a/net/core/sock_diag.c b/net/core/sock_diag.c
-index 602cd63..750f44f 100644
---- a/net/core/sock_diag.c
-+++ b/net/core/sock_diag.c
-@@ -121,6 +121,9 @@ static int __sock_diag_rcv_msg(struct sk_buff *skb, struct
nlmsghdr *nlh)
- if (nlmsg_len(nlh) < sizeof(*req))
- return -EINVAL;
-
-+ if (req->sdiag_family >= AF_MAX)
-+ return -EINVAL;
-+
- hndl = sock_diag_lock_handler(req->sdiag_family);
- if (hndl == NULL)
- err = -ENOENT;
---
-1.7.6.5
-
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2013-02-28 18:37:56 UTC (rev 178912)
+++ PKGBUILD 2013-02-28 18:41:03 UTC (rev 178913)
@@ -5,27 +5,20 @@
pkgbase=linux # Build stock -ARCH kernel
#pkgbase=linux-custom # Build kernel with a different name
_srcname=linux-3.8
-pkgver=3.8
-pkgrel=2
+pkgver=3.8.1
+pkgrel=1
arch=('i686' 'x86_64')
url="http://www.kernel.org/";
license=('GPL2')
makedepends=('xmlto' 'docbook-xsl')
options=('!strip')
source=("http://www.kernel.org/pub/linux/kernel/v3.x/${_srcname}.tar.xz";
- #"http://www.kernel.org/pub/linux/kernel/v3.x/patch-${pkgver}.xz";
+ "http://www.kernel.org/pub/linux/kernel/v3.x/patch-${pkgver}.xz";
# the main kernel config files
'config' 'config.x86_64'
# standard config files for mkinitcpio ramdisk
'linux.preset'
- 'change-default-console-loglevel.patch'
- 'CVE-2013-1763.patch')
-md5sums=('1c738edfc54e7c65faeb90c436104e2f'
- '9710fb1b1e08eb1fc5214dc2fb34ebcc'
- '03b1dad90f3558dba3031901398c1ca4'
- 'eb14dcfd80c00852ef81ded6e826826a'
- '9d3c56a4b999c8bfbd4018089a62f662'
- '420991808fe4cba143013427c0737aa9')
+ 'change-default-console-loglevel.patch')
_kernelname=${pkgbase#linux}
@@ -33,15 +26,11 @@
cd "${srcdir}/${_srcname}"
# add upstream patch
- # patch -p1 -i "${srcdir}/patch-${pkgver}"
+ patch -p1 -i "${srcdir}/patch-${pkgver}"
# add latest fixes from stable queue, if needed
# http://git.kernel.org/?p=linux/kernel/git/stable/stable-queue.git
- # Fix security vulnetability CVE-2013-1763.patch
- # https://bugs.archlinux.org/task/34005
- patch -Np1 -i "${srcdir}/CVE-2013-1763.patch"
-
# set DEFAULT_CONSOLE_LOGLEVEL to 4 (same value as the 'quiet' kernel param)
# remove this when a Kconfig knob is made available by upstream
# (relevant patch sent upstream: https://lkml.org/lkml/2011/7/26/227)
@@ -321,3 +310,9 @@
done
# vim:set ts=8 sts=2 sw=2 et:
+md5sums=('1c738edfc54e7c65faeb90c436104e2f'
+ '50a68679086c346dddb34dedccfae7ee'
+ '307107a8b15060e6fc0e48bdaacaed06'
+ '03b1dad90f3558dba3031901398c1ca4'
+ 'eb14dcfd80c00852ef81ded6e826826a'
+ '9d3c56a4b999c8bfbd4018089a62f662')
Deleted: fat-3.6.x.patch
===================================================================
--- fat-3.6.x.patch 2013-02-28 18:37:56 UTC (rev 178912)
+++ fat-3.6.x.patch 2013-02-28 18:41:03 UTC (rev 178913)
@@ -1,33 +0,0 @@
-From: Dave Reisner <dreis...@archlinux.org>
-Date: Thu, 29 Nov 2012 03:18:52 +0000 (+1100)
-Subject: fs/fat: strip "cp" prefix from codepage in display
-X-Git-Tag: next-20121130~1^2~97
-X-Git-Url:
http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Fnext%2Flinux-next.git;a=commitdiff_plain;h=f15914873184cc3f2a8d590fa4f7e32ab0a8a405
-
-fs/fat: strip "cp" prefix from codepage in display
-
-Option parsing code expects an unsigned integer for the codepage option,
-but prefixes and stores this option with "cp" before passing to
-load_nls(). This makes the displayed option in /proc an invalid one.
-Strip the prefix when printing so that the displayed option is valid for
-reuse.
-
-Signed-off-by: Dave Reisner <dreis...@archlinux.org>
-Acked-by: OGAWA Hirofumi <hirof...@mail.parknet.co.jp>
-Signed-off-by: Andrew Morton <a...@linux-foundation.org>
----
-
-diff --git a/fs/fat/inode.c b/fs/fat/inode.c
-index 3b733a7..3580681 100644
---- a/fs/fat/inode.c
-+++ b/fs/fat/inode.c
-@@ -726,7 +726,8 @@ static int fat_show_options(struct seq_file *m, struct
dentry *root)
- if (opts->allow_utime)
- seq_printf(m, ",allow_utime=%04o", opts->allow_utime);
- if (sbi->nls_disk)
-- seq_printf(m, ",codepage=%s", sbi->nls_disk->charset);
-+ /* strip "cp" prefix from displayed option */
-+ seq_printf(m, ",codepage=%s", &sbi->nls_disk->charset[2]);
- if (isvfat) {
- if (sbi->nls_io)
- seq_printf(m, ",iocharset=%s", sbi->nls_io->charset);
Modified: linux.install
===================================================================
--- linux.install 2013-02-28 18:37:56 UTC (rev 178912)
+++ linux.install 2013-02-28 18:41:03 UTC (rev 178913)
@@ -2,7 +2,7 @@
# arg 2: the old package version
KERNEL_NAME=
-KERNEL_VERSION=3.8.0-2-ARCH
+KERNEL_VERSION=3.8.1-1-ARCH
# set a sane PATH to ensure that critical utils like depmod will be found
export PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
