Dear maintainer, I've prepared an NMU for lvm2 (versioned as 2.02.66-2.2) and uploaded it to DELAYED/1. Please feel free to tell me if I should delay it longer.
Regards.
diff -Nru lvm2-2.02.66/debian/changelog lvm2-2.02.66/debian/changelog --- lvm2-2.02.66/debian/changelog 2010-08-19 11:56:57.000000000 +0200 +++ lvm2-2.02.66/debian/changelog 2010-08-19 13:48:52.000000000 +0200 @@ -1,3 +1,10 @@ +lvm2 (2.02.66-2.2) unstable; urgency=high + + * Non-maintainer upload by the Security Team. + * CVE-2010-2526: Also check permission on restart. + + -- Giuseppe Iuculano <iucul...@debian.org> Thu, 19 Aug 2010 13:47:47 +0200 + lvm2 (2.02.66-2.1) unstable; urgency=high * Non-maintainer upload by the Security Team. diff -Nru lvm2-2.02.66/debian/patches/CVE-2010-2526.patch lvm2-2.02.66/debian/patches/CVE-2010-2526.patch --- lvm2-2.02.66/debian/patches/CVE-2010-2526.patch 2010-08-19 11:56:57.000000000 +0200 +++ lvm2-2.02.66/debian/patches/CVE-2010-2526.patch 2010-08-19 13:48:52.000000000 +0200 @@ -38,7 +38,7 @@ int main(int argc, char *argv[]) { int local_sock; -@@ -316,6 +325,7 @@ int main(int argc, char *argv[]) +@@ -316,9 +325,11 @@ int main(int argc, char *argv[]) exit(0); case 'R': @@ -46,7 +46,11 @@ return refresh_clvmd(1)==1?0:1; case 'S': -@@ -364,6 +374,8 @@ int main(int argc, char *argv[]) ++ check_permissions(); + return restart_clvmd(clusterwide_opt)==1?0:1; + + case 'C': +@@ -364,6 +375,8 @@ int main(int argc, char *argv[]) } } @@ -55,7 +59,7 @@ /* Setting debug options on an existing clvmd */ if (debug_opt && !check_local_clvmd()) { -@@ -524,6 +536,7 @@ int main(int argc, char *argv[]) +@@ -524,6 +537,7 @@ int main(int argc, char *argv[]) /* Do some work */ main_loop(local_sock, cmd_timeout); @@ -63,7 +67,7 @@ destroy_lvm(); return 0; -@@ -867,7 +880,6 @@ static void main_loop(int local_sock, in +@@ -867,7 +881,6 @@ static void main_loop(int local_sock, in closedown: clops->cluster_closedown(); @@ -71,7 +75,7 @@ } static __attribute__ ((noreturn)) void wait_for_child(int c_pipe, int timeout) -@@ -1966,20 +1978,30 @@ static int check_local_clvmd(void) +@@ -1966,20 +1979,30 @@ static int check_local_clvmd(void) return ret; } @@ -106,7 +110,7 @@ } /* Set Close-on-exec & non-blocking */ -@@ -1992,18 +2014,19 @@ static int open_local_sock() +@@ -1992,18 +2015,19 @@ static int open_local_sock() sockaddr.sun_family = AF_UNIX; if (bind(local_socket, (struct sockaddr *) &sockaddr, sizeof(sockaddr))) { log_error("can't bind local socket: %m");
signature.asc
Description: Digital signature