[Secure-testing-team] Re: 2.6.12.6

Horms horms at debian.org
Thu Sep 1 07:31:32 UTC 2005 

On Wed, Aug 31, 2005 at 06:24:32PM +0900, Horms wrote:
> Hi,
> 
> I have put 2.6.12.6 into the 2.6.12 tree in SVN (currently
> dists/sid/kernel/linux-2.6) and manually merged the changes into the
> 2.6.8 sarge tree in SVN (currently
> dists/sarge/kernel/source/kernel-source-2.6.8) I will look into which
> parts are applicable to 2.4.27, but this will probably not be today.
> 
> Below is a summary of the changes. The ones that I think are security
> bugs are labeld Maybe both in this list and in the changlog in SVN.
> Feedback on if we think these are security bugs, and CAN numbers,
> please.

Here is an updated version of the list I published yesterday,
mainly annotating 2.4.27 and sarge-security fixes.

-- 
Horms

SOURCE: 2.6.12.6
PATCH: ipsec-socket-policy-use-cap.patch
SECURITY: Yes - CAN-2005-2555
2.6.8-sarge: Applied as net-sockglue-cap.dpatch
2.6.8-sarge-security: Applied as net-sockglue-cap.dpatch
2.6.12-sid:  Applied
2.4.27-trunk: Applied as 185_net-sockglue-cap.diff
2.4.27-sarge-security: Applied as 185_net-sockglue-cap.diff
URL: http://www.kernel.org/git/?p=linux/kernel/git/chrisw/stable-queue.git;a=blob;h=929a1a4ec9623c7e48ce6c3f2f85e39c0f41a700;hb=9c5fcb99af7c157be45e9d53aeb857ded5211fcd;f=2.6.12.6/ipsec-socket-policy-use-cap.patch

SOURCE: 2.6.12.6
PATCH: nptl-signal-delivery-deadlock-fix.patch
SECURITY: Maybe - seems like a local DoS
2.6.8-sarge: Applied
2.6.8-sarge-security: Will add iff classified as security
2.6.12-sid:  Applied
2.4.27-trunk: Will add if classified as security
URL: http://www.kernel.org/git/?p=linux/kernel/git/chrisw/stable-queue.git;a=blob;h=f6cc7e101c49f356e4c4df5cca1ff352a0f01dd5;hb=9c5fcb99af7c157be45e9d53aeb857ded5211fcd;f=2.6.12.6/nptl-signal-delivery-deadlock-fix.patch

SOURCE: 2.6.12.6
PATCH: zlib-revert-broken-change.patch
SECURITY: Yes - Part of CAN-2005-2458 (revert)
2.6.8-sarge: Applied
2.6.8-sarge-security: Applied
2.6.12-sid:  Applied
2.4.27-trunk: Applied as part of 186_linux-zlib-fixes-2.diff
2.4.27-sarge-security: Applied as zlib-revert-broken-change.patch
URL: http://www.kernel.org/git/?p=linux/kernel/git/chrisw/stable-queue.git;a=blob;h=5c7eb14921a1111a50938a98f17dd22fbca13a40;hb=9c5fcb99af7c157be45e9d53aeb857ded5211fcd;f=2.6.12.6/zlib-revert-broken-change.patch

SOURCE: 2.6.12.6
PATCH: fix-dst-leak-in-icmp_push_reply.patch
SECURITY: Maybe - Can remote traffic trigger this
2.6.8-sarge: Applied
2.6.12-sid:  Applied
2.4.27-trunk: Applied as 188_fix-dst-leak-in-icmp_push_reply.diff
URL: http://www.kernel.org/git/?p=linux/kernel/git/chrisw/stable-queue.git;a=blob;h=1cf41a8a8db3080c9a9243e77c5c447c8e694f87;hb=9c5fcb99af7c157be45e9d53aeb857ded5211fcd;f=2.6.12.6/fix-dst-leak-in-icmp_push_reply.patch

SOURCE: 2.6.12.6
PATCH: genelink-usbnet-skb-typo.patch
SECURITY: No - Doesn't seem to be externally trigerable
2.6.8-sarge: Applied
2.6.8-sarge-security: Non-Security, not added
2.6.12-sid:  Applied
2.4.27-trunk: Not applicable
2.4.27-sarge-security: Not applicable
URL: http://www.kernel.org/git/?p=linux/kernel/git/chrisw/stable-queue.git;a=blob;h=c774c9a6168b33cef4ee56db15f69127997f0f0e;hb=9c5fcb99af7c157be45e9d53aeb857ded5211fcd;f=2.6.12.6/genelink-usbnet-skb-typo.patch

SOURCE: 2.6.12.6
PATCH: fix-memory-leak-in-sg.c-seq_file.patch
SECURITY: Maybe - Seems like a local DoS
2.6.8-sarge: Applied
2.6.8-sarge-security: Will add if classified as security
2.6.12-sid:  Applied
2.4.27-trunk: Not applicable
2.4.27-sarge-security: Not applicable
URL: http://www.kernel.org/git/?p=linux/kernel/git/chrisw/stable-queue.git;a=blob;h=74cbe696af3e2d95a7b1e848898a8d9abb0bb2ea;hb=9c5fcb99af7c157be45e9d53aeb857ded5211fcd;f=2.6.12.6/fix-memory-leak-in-sg.c-seq_file.patch

SOURCE: 2.6.12.6
PATCH: ipv6-skb-leak.patch
SECURITY: Maybe - Seems like a local DoS
2.6.8-sarge: Applied
2.6.8-sarge-security: Will add if classified as security
2.6.12-sid:  Applied
2.4.27-trunk: Applied as 189_ipv6-skb-leak.diff
2.4.27-trunk: Will add if classified as security
URL: http://www.kernel.org/git/?p=linux/kernel/git/chrisw/stable-queue.git;a=blob;h=01e3aa130e88a3715b915b6e9f20abc3f6024eb0;hb=9c5fcb99af7c157be45e9d53aeb857ded5211fcd;f=2.6.12.6/ipv6-skb-leak.patch

More information about the Secure-testing-team mailing list