[kernel/f12/user/myoung/xendom0: 7/8] Merge branch 'f12/master' into f12/user/myoung/xendom0

myoung myoung at fedoraproject.org
Mon Sep 20 19:23:51 UTC 2010 

commit 2022e0a6403d563ac19d26335e6ca72e7a860a32
Merge: 8a139d8 55a7c98
Author: Michael Young <m.a.young at durham.ac.uk>
Date:   Mon Sep 20 20:03:58 2010 +0100

    Merge branch 'f12/master' into f12/user/myoung/xendom0
    
    Conflicts:
    	kernel.spec

 ...ser_space-incorporate-the-access_ok-check.patch |  198 ++++++
 ...st-rax-for-the-system-call-number-not-eax.patch |   97 +++
 ...cate-rax-after-ia32-syscall-entry-tracing.patch |   49 ++
 ...r-multiplication-overflow-in-do_io_submit.patch |   47 ++
 ...le-free-at-error-path-of-snd_seq_oss_open.patch |   53 ++
 ...mprove-interactivity-with-large-arguments.patch |   36 +
 ...esponsive-to-sigkill-with-large-arguments.patch |   51 ++
 kernel.spec                                        |   62 ++-
 ...o_parent-if-parent-has-no-session-keyring.patch |   52 ++
 ...-lock-warning-in-keyctl_session_to_parent.patch |   64 ++
 net-do-not-check-capable-if-kernel.patch           |  682 ++++++++++++++++++++
 ...rg_pages-diagnose-excessive-argument-size.patch |   42 ++
 ...-do-not-allow-llseek-to-set_ftrace_filter.patch |   51 ++
 13 files changed, 1483 insertions(+), 1 deletions(-)
---
diff --cc kernel.spec
index 797f477,a7b0070..e87e09e
--- a/kernel.spec
+++ b/kernel.spec
@@@ -842,10 -845,21 +847,25 @@@ Patch14141: hid-02-fix-suspend-crash-by
  
  Patch14150: irda-correctly-clean-up-self-ias_obj-on-irda_bind-failure.patch
  
+ Patch14200: net-do-not-check-capable-if-kernel.patch
+ 
+ # Mitigate DOS with large argument lists
+ Patch14210: execve-improve-interactivity-with-large-arguments.patch
+ Patch14211: execve-make-responsive-to-sigkill-with-large-arguments.patch
+ Patch14212: setup_arg_pages-diagnose-excessive-argument-size.patch
+ 
+ # CVE-2010-3080
+ Patch14220: alsa-seq-oss-fix-double-free-at-error-path-of-snd_seq_oss_open.patch
+ # CVE-2010-2960
+ Patch14230: keys-fix-bug-in-keyctl_session_to_parent-if-parent-has-no-session-keyring.patch
+ Patch14231: keys-fix-rcu-no-lock-warning-in-keyctl_session_to_parent.patch
+ # CVE-2010-3079
+ Patch14240: tracing-do-not-allow-llseek-to-set_ftrace_filter.patch
+ 
 +Patch19997: xen.pvops.pre.patch
 +Patch19998: xen.pvops.patch
 +Patch19999: xen.pvops.post.patch
 +
  # ==============================================================================
  %endif
  
@@@ -1556,10 -1576,22 +1582,26 @@@ ApplyPatch hid-02-fix-suspend-crash-by-
  # CVE-2010-2954
  ApplyPatch irda-correctly-clean-up-self-ias_obj-on-irda_bind-failure.patch
  
+ # rhbz #598796
+ ApplyPatch net-do-not-check-capable-if-kernel.patch
+ 
+ # Mitigate DOS with large argument lists
+ ApplyPatch execve-improve-interactivity-with-large-arguments.patch
+ ApplyPatch execve-make-responsive-to-sigkill-with-large-arguments.patch
+ ApplyPatch setup_arg_pages-diagnose-excessive-argument-size.patch
+ 
+ # CVE-2010-3080
+ ApplyPatch alsa-seq-oss-fix-double-free-at-error-path-of-snd_seq_oss_open.patch
+ # CVE-2010-2960
+ ApplyPatch keys-fix-bug-in-keyctl_session_to_parent-if-parent-has-no-session-keyring.patch
+ ApplyPatch keys-fix-rcu-no-lock-warning-in-keyctl_session_to_parent.patch
+ # CVE-2010-3079
+ ApplyPatch tracing-do-not-allow-llseek-to-set_ftrace_filter.patch
+ 
 +ApplyPatch xen.pvops.pre.patch
 +ApplyPatch xen.pvops.patch
 +ApplyPatch xen.pvops.post.patch
 +
  # END OF PATCH APPLICATIONS ====================================================
  %endif
  
@@@ -2212,10 -2244,24 +2254,28 @@@ f
  %kernel_variant_files -k vmlinux %{with_kdump} kdump
  
  %changelog
+ * Tue Sep 14 2010 Chuck Ebbert <cebbert at redhat.com> 2.6.32.21-168
+ - Fix three CVEs:
+   CVE-2010-3080: /dev/sequencer open failure is not handled correctly
+   CVE-2010-2960: keyctl_session_to_parent NULL deref system crash
+   CVE-2010-3079: ftrace NULL pointer dereference
+ 
+ * Tue Sep 14 2010 Chuck Ebbert <cebbert at redhat.com>
+ - Mitigate DOS with large argument lists.
+ 
+ * Tue Sep 14 2010 Kyle McMartin <kyle at redhat.com>
+ - x86_64: plug compat syscalls holes. (CVE-2010-3081, CVE-2010-3301)
+   upgrading is highly recommended.
+ - aio: check for multiplication overflow in do_io_submit. (CVE-2010-3067)
+ 
+ * Mon Sep 06 2010 Kyle McMartin <kyle at redhat.com>
+ - Backport two fixes from Eric Paris to resolve #598796 which avoids a
+   capability check if the request comes from the kernel.
+ 
 +* Fri Sep 03 2010 Michael Young <m.a.young at durham.ac.uk>
 +- update pvops to 2.6.32.21
 +- Set new dom0 related option CONFIG_NET_SCH_PLUG=m
 +
  * Thu Sep 02 2010 Chuck Ebbert <cebbert at redhat.com>  2.6.32.21-167
  - irda-correctly-clean-up-self-ias_obj-on-irda_bind-failure.patch (CVE-2010-2954)

More information about the scm-commits mailing list