[Secure-testing-team] 2.6.13.2

Horms horms at debian.org
Tue Sep 20 09:22:00 UTC 2005


Hi, 

Here is a breakdown of 2.6.13.1 as relevant to 2.6.12 in SVN.
I'll go over each of the patches for 2.4.27, 2.6.8 and add the
whole thing to 2.6.13. But first I will go over 2.6.13.2.

Two of the bugs already have can numbers.
One other I have labeled as Security: Maybe
All the rest seem begnign. Feedback welcome.

-- 
Horms


2.6.13.1
URL: http://www.kernel.org/git/?p=linux/kernel/git/chrisw/stable-queue.git;a=tree;h=202331d4d642e1a5062afb067b81211bf1b6c8cf;hb=f15e7ac28ffe32c1e0e07d41fe792bac02913713;f=2.6.13.1

Description: Kconfig: saa7134-dvb must select tda1004x
File: saa7134-dvb-must-select-tda1004x.patch
Security: No
2.6.12: applied

Description: aacraid bad BUG_ON fix
File: aacraid-bad-BUG_ON-fix.patch
Security: No
2.6.12: applied

Description: Fix PCI ROM mapping
File: fix-pci-rom-mapping.patch
Security: No
2.6.12: applied

Description: [i386] pci_assign_unassigned_resources() update
File: pci_assign_unassigned_resources-update.patch
Security: No
2.6.12: not relevant - introduced between 2.6.12 and 2.6.13

Description: 2.6.13 breaks libpcap (and tcpdump)
File: fix-socket-filter-regression.patch
Security: No
2.6.12: applied rediff

Description: [SECURITY] Fix boundary check in standard multi-block cipher processors
File: ipsec-oops-fix.patch
Security: Maybe; Could be a local DoS
Reference: http://bugzilla.kernel.org/show_bug.cgi?id=5194 (down)
2.6.12: not relevant - introduced between 2.6.12 and 2.6.13

Description: Use SA_SHIRQ in sparc specific code.
File: sparc-request_irq-in-RTC-fix.patch
Security: No
2.6.12: applied

Description: Reassembly trim not clearing CHECKSUM_HW
File: ipv4-fragmentation-csum-handling.patch
Security: No
2.6.12: applied

Description: [SECURITY] 32bit sendmsg() flaw. 
             See CAN-2005-2490
File: sendmsg-stackoverflow.patch
Security: Yes; CAN-2005-2490
2.6.12: applied

Description: [SECURITY] raw_sendmsg DoS. 
             See CAN-2005-2492
File: sendmsg-DoS.patch
Security: Yes; CAN-2005-2492
2.6.12: applied




More information about the Secure-testing-team mailing list