Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/trunk/2.6.18/00000_README
diff options
context:
space:
mode:
Diffstat (limited to 'trunk/2.6.18/00000_README')
-rw-r--r--trunk/2.6.18/00000_README87
1 files changed, 87 insertions, 0 deletions
diff --git a/trunk/2.6.18/00000_README b/trunk/2.6.18/00000_README
index 3eae5d1..9202654 100644
--- a/trunk/2.6.18/00000_README
+++ b/trunk/2.6.18/00000_README
@@ -196,9 +196,96 @@ Patches
fix for CVE-2007-2242. Thanks to Brian Haley for the patch.
(closes: Debian #440127)
+/* This is already in Xen 3.2
30042_reset-pdeathsig-on-suid-upstream.patch
Update fix for CVE-2007-3848 with the patch accepted upstream
(formerly 30013_reset-pdeathsig-on-suid.patch)
+*/
+
+30043_don-t-leak-nt-bit-into-next-task-xen.patch
+ [SECURITY] Don't leak NT bit into next task (Xen).
+ See CVE-2006-5755
+
+30044_cifs-better-failed-mount-errors.patch,
+30045_cifs-corrupt-server-response-overflow.patch
+ [SECURITY][CIFS] Fix multiple overflows that can be remotely triggered
+ by a server sending a corrupt response.
+ See CVE-2007-5904
+
+30046_wait_task_stopped-hang.patch
+ [SECURITY] wait_task_stopped was incorrectly testing for TASK_TRACED -
+ check p->exit_state instead avoiding a potential system hang
+ See CVE-2007-5500
+
+30047_ieee80211-underflow.patch
+ [SECURITY] Fix integer overflow in ieee80211 which makes it possible
+ for a malicious frame to crash a system using a driver built on top of
+ the Linux 802.11 wireless code.
+ See CVE-2007-4997
+
+30048_sysfs_readdir-NULL-deref-1.patch,
+30049_sysfs_readdir-NULL-deref-2.patch,
+30050_sysfs-fix-condition-check.patch
+ [SECURITY] Fix potential NULL pointer dereference which can lead to
+ a local DoS (kernel oops)
+ See CVE-2007-3104
+
+30051_tmpfs-restore-clear_highpage.patch
+ [SECURITY] Fix a theoretical kernel memory leak in the tmpfs filesystem
+ See CVE-2007-6417
+
+30052_minixfs-printk-hang.patch
+ [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs
+ filesystem that would otherwise cause a system to hang (printk storm)
+ See CVE-2006-6058
+
+30053_hrtimer-large-relative-timeouts-overflow.patch
+ [SECURITY] Avoid overflow in hrtimers due to large relative timeouts
+ See CVE-2007-5966
+
+30054_coredump-only-to-same-uid.patch
+ [SECURITY] Fix an issue where core dumping over a file that
+ already exists retains the ownership of the original file
+ See CVE-2007-6206
+
+30055_isdn-net-overflow.patch
+ [SECURITY] Fix potential overflows in the ISDN subsystem
+ See CVE-2007-6063
+
+30056_proc-snd-page-alloc-mem-leak.patch
+ [SECURITY][ABI Changer] Fix an issue in the alsa subsystem that allows a
+ local user to read potentially sensitive kernel memory from the proc
+ filesystem
+ See CVE-2007-4571
+
+30057_fat-move-ioctl-compat-code.patch
+30058_bugfix/fat-fix-compat-ioctls.patch
+ [SECURITY][ABI Changer] Fix kernel_dirent corruption in the compat layer
+ for fat ioctls
+ See CVE-2007-2878
+
+30059_vfs-use-access-mode-flag.patch
+ [SECURITY] Use the access mode flag instead of the open flag when
+ testing access mode for a directory. Modify
+ features/all/vserver/vs2.0.2.2-rc9.patch to apply on top of this
+ See CVE-2008-0001
+
+30060_i4l-isdn_ioctl-mem-overrun.patch
+ [SECURITY] Fix potential isdn ioctl memory overrun
+ See CVE-2007-6151
+
+30061_vmsplice-security.patch
+ [SECURITY] Fix missing access check in vmsplice.
+ See CVE-2008-0010, CVE-2008-0600
+
+30062_clear-spurious-irq.patch
+ Fix a minor denial of service issue that allows local users to disable
+ an interrupt by causing an interrupt handler to be quickly inserted/removed.
+ This has only been shown to happen with certain serial devices so can only
+ be triggered by a user who already has additional priveleges (dialout
+ group). (closes: Debian #404815)
+
+
50009_gentooify-tls-warning.patch
Change tls warning instructions to apply directly to Gentoo.