Jan L�hr <[EMAIL PROTECTED]> writes: > Greetings, > > Am Mittwoch, 14. April 2004 16:52 schrieb Martin Schulze: > > -------------------------------------------------------------------------- > > Debian Security Advisory DSA 479-1 [EMAIL PROTECTED] > > http://www.debian.org/security/ Martin Schulze > > April 14th, 2004 http://www.debian.org/security/faq > > -------------------------------------------------------------------------- > > > > Package : kernel-source-2.4.18 kernel-image-2.4.18-1-alpha > > kernel-image-2.4.18-1-i386 kernel-image-2.4.18-i386bf > > kernel-patch-2.4.18-powerpc Vulnerability : several vulnerabilities > > Problem-Type : local > > Debian-specific: no > > CVE ID : CAN-2004-0003 CAN-2004-0010 CAN-2004-0109 CAN-2004-0177 > > CAN-2004-0178 > > puh - synchronised with the realese 2.4.26 and no warnings of > bugtraq or fd... Good work. I imagine that everything is fixed in > 2.4.26. Does someone know if 2.4.26 is a bugfix pre-release? I'm > getting a little bit confused right know, if there are serious issue > with the kernel, why wasn't there any earlier release of 2.4.26?
Okay... This is the result of a cursory check, do your homework, yada, yada... CAN-2004-0003 According to the patch in http://www.uwsg.iu.edu/hypermail/linux/kernel/0403.1/0360.html 2.4.26 contains the fix. CAN-2004-0010 I don't use ncpfs, and I do not care. I could not find anything about this either CAN-2004-0109 The patch in <[EMAIL PROTECTED]> is in 2.4.26. CAN-2004-0177 A diff of fs/ext3 between 2.4.25 and 2.4.26 yields nothing. The same for JBD yields: --- linux-2.4.25/fs/jbd/journal.c Wed Feb 18 05:36:31 2004 +++ linux-2.4.26/fs/jbd/journal.c Wed Apr 14 06:05:40 2004 @@ -671,6 +671,7 @@ bh = getblk(journal->j_dev, blocknr, journal->j_blocksize); lock_buffer(bh); + memset(bh->b_data, 0, journal->j_blocksize); BUFFER_TRACE(bh, "return this buffer"); return journal_add_journal_head(bh); } And the changelog mentions: Theodore Y. T'so: o zerout JBD journal descriptor blocks So I think that's it: the fix CAN-2004-0177 is in the kernel. CAN-2004-0178 A diff of drivers/sound between 2.4.25 and 2.4.26 yields some new PCI ids for i810_audio.c as well as: --- linux-2.4.25/drivers/sound/sb_audio.c Mon Feb 25 11:38:06 2002 +++ linux-2.4.26/drivers/sound/sb_audio.c Wed Apr 14 06:05:32 2004 @@ -879,7 +879,7 @@ c -= locallen; p += locallen; } /* used = ( samples * 16 bits size ) */ - *used = len << 1; + *used = max_in > ( max_out << 1) ? (max_out << 1) : max_in; /* returned = ( samples * 8 bits size ) */ *returned = len; } That must be it. The snippet appeared in pre3, the changelog says: <andikies:t-online.de>: o sb16 sample size fix And the Debian advisory mentions Andi Kies. SUMMARY Except for CAN-2004-0010 (ncpfs), 2.4.26 contains all the security fixes from DSA 479-1. Phil.
