Your message dated Wed, 14 Dec 2005 19:47:14 -0800 with message-id <[EMAIL PROTECTED]> and subject line Bug#311164: fixed in kernel-source-2.4.27 2.4.27-10sarge1 has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -------------------------------------- Received: (at submit) by bugs.debian.org; 29 May 2005 13:47:01 +0000 >From [EMAIL PROTECTED] Sun May 29 06:47:00 2005 Return-path: <[EMAIL PROTECTED]> Received: from inutil.org (vserver151.vserver151.serverflex.de) [193.22.164.111] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DcO84-0004x1-00; Sun, 29 May 2005 06:47:00 -0700 Received: from p54893b55.dip.t-dialin.net ([84.137.59.85] helo=localhost.localdomain) by vserver151.vserver151.serverflex.de with esmtpsa (TLS-1.0:RSA_AES_256_CBC_SHA:32) (Exim 4.50) id 1DcO5T-0003P6-PV for [EMAIL PROTECTED]; Sun, 29 May 2005 15:44:20 +0200 Received: from jmm by localhost.localdomain with local (Exim 4.50) id 1DcO7q-0001Xl-Nx; Sun, 29 May 2005 15:46:46 +0200 Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: Moritz Muehlenhoff <[EMAIL PROTECTED]> To: Debian Bug Tracking System <[EMAIL PROTECTED]> Subject: CAN-2005-0757: DoS possibility in xattrs handling on 64 bits archs X-Mailer: reportbug 3.12 Date: Sun, 29 May 2005 15:46:46 +0200 Message-Id: <[EMAIL PROTECTED]> X-SA-Exim-Connect-IP: 84.137.59.85 X-SA-Exim-Mail-From: [EMAIL PROTECTED] X-SA-Exim-Scanned: No (on vserver151.vserver151.serverflex.de); SAEximRunCond expanded to false Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: Package: kernel-source-2.4.27 Severity: important Tags: security Quoting from http://rhn.redhat.com/errata/RHSA-2005-294.html: A flaw in offset handling in the xattr file system code backported to Red Hat Enterprise Linux 3 was fixed. On 64-bit systems, a user who can access an ext3 extended-attribute-enabled file system could cause a denial of service (system crash). This issue is rated as having a moderate security impact (CAN-2005-0757). I couldn't find further information on whether this is already fixed in 2.4.27, do you have further information? Cheers, Moritz -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.12-rc5 Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15) --------------------------------------- Received: (at 311164-close) by bugs.debian.org; 15 Dec 2005 03:51:37 +0000 >From [EMAIL PROTECTED] Wed Dec 14 19:51:37 2005 Return-path: <[EMAIL PROTECTED]> Received: from katie by spohr.debian.org with local (Exim 4.50) id 1Emk5K-0006AC-WD; Wed, 14 Dec 2005 19:47:15 -0800 From: Simon Horman <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] X-Katie: $Revision: 1.60 $ Subject: Bug#311164: fixed in kernel-source-2.4.27 2.4.27-10sarge1 Message-Id: <[EMAIL PROTECTED]> Sender: Archive Administrator <[EMAIL PROTECTED]> Date: Wed, 14 Dec 2005 19:47:14 -0800 X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Level: X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER autolearn=no version=2.60-bugs.debian.org_2005_01_02 Source: kernel-source-2.4.27 Source-Version: 2.4.27-10sarge1 We believe that the bug you reported is fixed in the latest version of kernel-source-2.4.27, which is due to be installed in the Debian FTP archive: kernel-doc-2.4.27_2.4.27-10sarge1_all.deb to pool/main/k/kernel-source-2.4.27/kernel-doc-2.4.27_2.4.27-10sarge1_all.deb kernel-patch-debian-2.4.27_2.4.27-10sarge1_all.deb to pool/main/k/kernel-source-2.4.27/kernel-patch-debian-2.4.27_2.4.27-10sarge1_all.deb kernel-source-2.4.27_2.4.27-10sarge1.diff.gz to pool/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge1.diff.gz kernel-source-2.4.27_2.4.27-10sarge1.dsc to pool/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge1.dsc kernel-source-2.4.27_2.4.27-10sarge1_all.deb to pool/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge1_all.deb kernel-tree-2.4.27_2.4.27-10sarge1_all.deb to pool/main/k/kernel-source-2.4.27/kernel-tree-2.4.27_2.4.27-10sarge1_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Simon Horman <[EMAIL PROTECTED]> (supplier of updated kernel-source-2.4.27 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Wed, 17 Aug 2005 15:45:20 +0900 Source: kernel-source-2.4.27 Binary: kernel-tree-2.4.27 kernel-source-2.4.27 kernel-patch-debian-2.4.27 kernel-doc-2.4.27 Architecture: source all Version: 2.4.27-10sarge1 Distribution: stable-security Urgency: high Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org> Changed-By: Simon Horman <[EMAIL PROTECTED]> Description: kernel-doc-2.4.27 - Linux kernel specific documentation for version 2.4.27 kernel-patch-debian-2.4.27 - Debian patches to Linux 2.4.27 kernel-source-2.4.27 - Linux kernel source for version 2.4.27 with Debian patches kernel-tree-2.4.27 - Linux kernel source tree for building Debian kernel images Closes: 311164 319629 320256 323318 Changes: kernel-source-2.4.27 (2.4.27-10sarge1) stable-security; urgency=high . [ Simon Horman ] * 184_arch-x86_64-ia32-ptrace32-oops.diff [Security, x86_64] 32 bit ltrace oops when tracing 64 bit executable http://lkml.org/lkml/2005/1/5/245 http://linux.bkbits.net:8080/linux-2.4/[EMAIL PROTECTED] . == Patches from 2.4.27-11 == . [ Simon Horman ] * 167_arch-ia64-x86_64_execve.diff: Race condition in the ia32 compatibility code for the execve system call See CAN-2005-1768. (closes: #319629). . * 168_fs_ext3_64bit_offset.diff: Incorrect offset checks for ext3 xattr on 64 bit architectures can lead to a local DoS. See CAN-2005-0757. (closes: #311164). . * 169_arch-x86_64-kernel-ptrace-canonical-rip-1.dpatch [Security, x86_64] This works around an AMD Erratum by checking if the ptrace RIP is canonical. See CAN-2005-1762 . * 169_arch-x86_64-kernel-ptrace-canonical-rip-2.dpatch [Security, x86_64] Fix canonical checking for segment registers in ptrace See CAN-2005-0756 . # Excluded from Security Update # * Makefile-gcc-3.3.dpatch, control # Build with gcc-3.3, as gcc-4.0, now the dedault in unstable, # fails to build this source. Upstream has stated that they # have no intention making the 2.4 kernel compile with gcc-4 # (closes: #320256, #323318) . * 171_arch-ia64-x86_64-execve-overflow.diff [Security, ia64, x86_64] Fix overflow in 32bit execve See CAN-2005-1768 . * 172_ppc32-time_offset-misuse.diff [ppc32] stop misusing ntps time_offset value . # Excluded from Security Update # * 173_tty_ldisc_ref-return-null-check.diff # tty_ldisc_ref return null check . * 174_net-ipv4-netfilter-nat-mem.diff [Security] Fix potential memory corruption in NAT code (aka memory NAT) . # Excluded from Security Update # * 175-net-ipv6-netfilter-deadlock.diff # Fix deadlock in ip6_queue . * 176_ipsec-array-overflow.diff [Security] Fix possible overflow of sock->sk_policy See CAN-2005-2456 (See: #321401) . # Excluded from Security Update # * 177_rocket_c-fix-ldisc-ref-count.diff # Fix ldisc ref count handling in rocketport driver . * 178_fs_ext2_ext3_xattr-sharing.diff [Security] Xattr sharing bug See http://lists.debian.org/debian-kernel/2005/08/msg00238.html . * 179_net-ipv4-netfilter-ip_recent-last_pkts.diff [Security] Fixes remote DoS when using ipt_recent on a 64 bit machine. (See: #322237) . * 181_arch-x86_64-kernel-stack-faults.diff [Security, x86_64] Disable exception stack for stack faults See CAN-2005-1767 . * 182_linux-zlib-fixes.diff [Security] Fix security bugs in the Linux zlib implementations. See CAN-2005-2458, CAN-2005-2459 From 2.6.12.5 http://sources.redhat.com/ml/bug-gnu-utils/1999-06/msg00183.html http://bugs.gentoo.org/show_bug.cgi?id=94584 . # Excluded from Security Update # * zisofs.dpatch # Check input buffer size in zisofs # From 2.6.12.5 Files: 9f709ab218f6a0ce6e5886174f74c8cb 900 devel optional kernel-source-2.4.27_2.4.27-10sarge1.dsc 3b26bc94e734e3e9c7de8851e9e308b7 699494 devel optional kernel-source-2.4.27_2.4.27-10sarge1.diff.gz 2cfb0a84539c910e596abba17e7d8d48 650880 devel optional kernel-patch-debian-2.4.27_2.4.27-10sarge1_all.deb 3a2c82fcc546bee30fb522f28193f3e7 3577464 doc optional kernel-doc-2.4.27_2.4.27-10sarge1_all.deb 857f97955b1c7d145990f28581731fb7 31026166 devel optional kernel-source-2.4.27_2.4.27-10sarge1_all.deb c346db9cb71c6e39328d49318a2f2ed4 24418 devel optional kernel-tree-2.4.27_2.4.27-10sarge1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFDoOUFA8ACPgVBDpcRAqNkAJ0aj0eRUgtH4BqaEDsRSbte488iKwCcDi0Z ccPuxUN3Emt1BqnY/GFzGpU= =5XAz -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]