Bug#323173: CAN-2005-245[89]: Two vulnerabilities in the kernel's zlib
Horms wrote: On Mon, Aug 15, 2005 at 10:24:51AM +0200, Moritz Muehlenhoff wrote: Package: linux-2.6 Severity: important Tags: security patch There are another two vulnerabilities fixed in 2.6.12.5, that might require backporting to 2.6.8 and 2.4.27. Please see http://kernel.org/git/?p=linux/kernel/git/chrisw/linux-2.6.12.y.git;a=commit;h=885605316d76c3fdce23dffe9c59e20539287c6b for descriptions, links and patches. I have added this to linux-2.6 (except the bit that updates the kernel version). For the record: zisofs.patch 2.6.8: Added as zisofs.dpatch This is now CAN-2005-2457, BTW. Cheers, Moritz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#323173: CAN-2005-245[89]: Two vulnerabilities in the kernel's zlib
Package: linux-2.6 Severity: important Tags: security patch There are another two vulnerabilities fixed in 2.6.12.5, that might require backporting to 2.6.8 and 2.4.27. Please see http://kernel.org/git/?p=linux/kernel/git/chrisw/linux-2.6.12.y.git;a=commit;h=885605316d76c3fdce23dffe9c59e20539287c6b for descriptions, links and patches. Cheers, Moritz -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.12-rc5 Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#323173: CAN-2005-245[89]: Two vulnerabilities in the kernel's zlib
On Mon, Aug 15, 2005 at 10:24:51AM +0200, Moritz Muehlenhoff wrote: Package: linux-2.6 Severity: important Tags: security patch There are another two vulnerabilities fixed in 2.6.12.5, that might require backporting to 2.6.8 and 2.4.27. Please see http://kernel.org/git/?p=linux/kernel/git/chrisw/linux-2.6.12.y.git;a=commit;h=885605316d76c3fdce23dffe9c59e20539287c6b for descriptions, links and patches. Thanks, I am going through 2.6.12.5. -- Horms -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#323173: CAN-2005-245[89]: Two vulnerabilities in the kernel's zlib
On Mon, Aug 15, 2005 at 10:24:51AM +0200, Moritz Muehlenhoff wrote: Package: linux-2.6 Severity: important Tags: security patch There are another two vulnerabilities fixed in 2.6.12.5, that might require backporting to 2.6.8 and 2.4.27. Please see http://kernel.org/git/?p=linux/kernel/git/chrisw/linux-2.6.12.y.git;a=commit;h=885605316d76c3fdce23dffe9c59e20539287c6b for descriptions, links and patches. I have added this to linux-2.6 (except the bit that updates the kernel version). For the record: sys_set_mempolicy-mode-check.patch 2.6.8: Does not appear to have this problem x86_64-srat-dual-core-amd.patch 2.6.8: Does not appear to have this problem x86_64-fix-smpboot-timing-problem.patch 2.6.8: Does not appear to have this problem linux-zlib-fixes.patch (CAN-2005-2458, CAN-2005-2459) 2.6.8: Added as linux-zlib-fixes.dpatch zisofs.patch 2.6.8: Added as zisofs.dpatch key-session-join.patch: CAN-2005-2098 2.6.8: Does not appear to have this problem failed-keyring-oops.patch: CAN-2005-2099 2.6.8: Does not appear to have this problem module-per-cpu-alignment-fix.patch 2.6.8: added as module-per-cpu-alignment-fix.dpatch I will try to get to 2.4.27 tomorrow. -- Horms -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#323173: CAN-2005-245[89]: Two vulnerabilities in the kernel's zlib
On Mon, Aug 15, 2005 at 07:53:03PM +0900, Horms wrote: On Mon, Aug 15, 2005 at 10:24:51AM +0200, Moritz Muehlenhoff wrote: Package: linux-2.6 Severity: important Tags: security patch There are another two vulnerabilities fixed in 2.6.12.5, that might require backporting to 2.6.8 and 2.4.27. Please see http://kernel.org/git/?p=linux/kernel/git/chrisw/linux-2.6.12.y.git;a=commit;h=885605316d76c3fdce23dffe9c59e20539287c6b for descriptions, links and patches. I have added this to linux-2.6 (except the bit that updates the kernel version). For the record: sys_set_mempolicy-mode-check.patch 2.6.8: Does not appear to have this problem 2.4.27: Does not appear to have this problem x86_64-srat-dual-core-amd.patch 2.6.8: Does not appear to have this problem 2.4.27: Does not appear to have this problem x86_64-fix-smpboot-timing-problem.patch 2.6.8: Does not appear to have this problem 2.4.27: Does not appear to have this problem linux-zlib-fixes.patch (CAN-2005-2458, CAN-2005-2459) 2.6.8: Added as linux-zlib-fixes.dpatch 2.4.27: Added as 182_linux-zlib-fixes.diff zisofs.patch 2.6.8: Added as zisofs.dpatch Added as 183_zisofs.diff This smells like something that averts an overrun to me key-session-join.patch: CAN-2005-2098 2.6.8: Does not appear to have this problem 2.4.27: Does not appear to have this problem failed-keyring-oops.patch: CAN-2005-2099 2.6.8: Does not appear to have this problem 2.4.27: Does not appear to have this problem module-per-cpu-alignment-fix.patch 2.6.8: added as module-per-cpu-alignment-fix.dpatch 2.4.27: Does not appear to have this problem I will try to get to 2.4.27 tomorrow. Done :) -- Horms -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]