# do not edit -- automatically generated by arch changelog # arch-tag: automatic-ChangeLog--dilinger@voxel.net--2005-public/linux--dilinger--0 # 2005-01-13 05:11:26 GMT Andres Salomon patch-34 Summary: 035-do_brk_security_fixes-2.patch Revision: linux--dilinger--0--patch-34 [SECURITY] Further do_brk fixes; just to be safe, lock everywhere do_brk is used. 2005-01-13 05:06:40 GMT Andres Salomon patch-33 Summary: 034-stack_resize_exploit.patch Revision: linux--dilinger--0--patch-33 [SECURITY] Fix exploitable race condition on SMP and HT systems where two threads attempt to expand the stack at the same time. This is CAN-2005-0001 (happy new year!). 2005-01-13 04:55:09 GMT Andres Salomon patch-32 Summary: 033-rlimit_memlock_check.patch Revision: linux--dilinger--0--patch-32 [SECURITY] RLIMIT_MEMLOCK isn't checked properly, allowing for a DoS attack. See http://seclists.org/lists/fulldisclosure/2005/Jan/0270.html for more details. This patch fixes it, and all reorganizes the stack resize stuff a bit (*sigh*). 2005-01-13 04:12:47 GMT Andres Salomon patch-31 Summary: 031-sg_scsi_ioctl_int_overflows.dpatch Revision: linux--dilinger--0--patch-31 SG ioctl stuff doesn't actually check whether the scsi command length is positive. #5 on the above advisory. 2005-01-13 04:12:08 GMT Andres Salomon patch-30 Summary: 030-moxa_user_copy_checking.dpatch Revision: linux--dilinger--0--patch-30 [SECURITY] The moxa driver does some ugly things w/ signed integers. This fixes #4 on Brad Spengler's advisory. 2005-01-13 04:10:13 GMT Andres Salomon patch-29 Summary: 029-random_poolsize_overflow.dpatch Revision: linux--dilinger--0--patch-29 [SECURITY] drivers/char/random allows you to set the poolsize; its sanity checking on that input isn's very good. We fix that here. See http://seclists.org/lists/fulldisclosure/2005/Jan/0270.html for more details. This fixes #3 on that list. 2005-01-13 04:04:00 GMT Andres Salomon patch-28 Summary: 028-do_brk_security_fixes.patch Revision: linux--dilinger--0--patch-28 Fix local root vulnerability for various do_brk() calls; ensure an exclusive lock on memory while modifying it; CAN-2004-1235. 2005-01-13 04:02:58 GMT Andres Salomon patch-27 Summary: 027-track_dummy_capability-2.patch Revision: linux--dilinger--0--patch-27 Fix patch 025-track_dummy_capability.patch 2005-01-13 04:02:33 GMT Andres Salomon patch-26 Summary: 026-nfs_o_direct_error.patch Revision: linux--dilinger--0--patch-26 In case of failure, nfs_get_user_pages should set pages to NULL. 2005-01-13 04:02:18 GMT Andres Salomon patch-25 Summary: 025-track_dummy_capability.patch Revision: linux--dilinger--0--patch-25 [SECURITY] The dummy capabilities module wasn't keeping track of processes capabilities; so, when a capabilities module was loaded, all untracked processes would magically be given full capabilities. Here's the skinny: http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2004-12/0390.html 2005-01-13 04:01:50 GMT Andres Salomon patch-24 Summary: 024-nfs_incorrect_df_output.dpatch Revision: linux--dilinger--0--patch-24 NFS mounts were apparently causing 'df' to display incorrect information. 2005-01-13 04:01:23 GMT Andres Salomon patch-23 Summary: 023-nfs_dentry_refcount.dpatch Revision: linux--dilinger--0--patch-23 Fix dentry refcount accounting error. 2005-01-13 04:01:05 GMT Andres Salomon patch-22 Summary: 022-sunrpc_xdr_flush_pages.dpatch Revision: linux--dilinger--0--patch-22 Flush pages when shifting them. 2005-01-13 04:00:44 GMT Andres Salomon patch-21 Summary: 021-sunrpc_check_before_kill.dpatch Revision: linux--dilinger--0--patch-21 Let's not add uninitialized tasks to the rpc task list, as that's just asking for trouble. 2005-01-13 04:00:22 GMT Andres Salomon patch-20 Summary: 020-clear_cyrix_mii_ecx_reg.dpatch Revision: linux--dilinger--0--patch-20 Cyrix MIIs don't clear %ecx when calling cpuid(); so we had stale data in there. 2005-01-13 03:59:36 GMT Andres Salomon patch-19 Summary: 019-conntrack_tcp_RST_handling.dpatch Revision: linux--dilinger--0--patch-19 ip_conntrack doesn't handle RST packets correctly. 2005-01-13 03:59:17 GMT Andres Salomon patch-18 Summary: 018-ipt_recent_proc_remove.dpatch Revision: linux--dilinger--0--patch-18 ipt_recent's init stuff wasn't properly cleaning up /proc entries upon failure. 2005-01-13 03:59:03 GMT Andres Salomon patch-17 Summary: 017-conntrack_sctp_sysctl.dpatch Revision: linux--dilinger--0--patch-17 Make sure we don't return 0 (ie, "everything's ok") if sysctl registration fails in ip_conntrack_proto_sctp. 2005-01-13 03:58:46 GMT Andres Salomon patch-16 Summary: 016-cs461x_gameport.dpatch Revision: linux--dilinger--0--patch-16 Fix Makefile to actually build cs461x.o. 2005-01-13 03:58:13 GMT Andres Salomon patch-15 Summary: 015-vmscan_total_scanned.dpatch Revision: linux--dilinger--0--patch-15 Keep total_scanned up to date in try_to_free_pages; not doing so was breaking some kswapd stuff. 2005-01-13 03:57:48 GMT Andres Salomon patch-14 Summary: 014-acpi_video_dev_slab_corruption.dpatch Revision: linux--dilinger--0--patch-14 Fix slab cache corruption caused by acpi video stuff. Fun, fun! 2005-01-13 03:57:02 GMT Andres Salomon patch-13 Summary: 013-conntrack_standalone_sysctl.dpatch Revision: linux--dilinger--0--patch-13 Properly clean up if sysctl registration fails in ip_conntrack_standalone. 2005-01-13 03:56:40 GMT Andres Salomon patch-12 Summary: 012-conntrack_standalone_proc_removal.dpatch Revision: linux--dilinger--0--patch-12 Properly remove /proc entry in ip_conntrack_standalone. 2005-01-13 03:56:16 GMT Andres Salomon patch-11 Summary: 011-parport_pc_module_parm_mixing.dpatch Revision: linux--dilinger--0--patch-11 Don't mix module_param() and MODULE_PARM(), or you'll go blind. 2005-01-13 03:54:13 GMT Andres Salomon patch-10 Summary: 010-sparc64_macro_pmd_offset.dpatch Revision: linux--dilinger--0--patch-10 [SPARC64] Safely use parens in a macro arg; this caused a warning. 2005-01-13 03:53:48 GMT Andres Salomon patch-9 Summary: 009-ipt_ecn_corrupt_chksum.dpatch Revision: linux--dilinger--0--patch-9 ipt_ECN checksum corruption (potentially) happens without this patch. 2005-01-13 03:53:16 GMT Andres Salomon patch-8 Summary: 008-sock_without_ipv6.dpatch Revision: linux--dilinger--0--patch-8 Fix net/core/sock.o build failure. 2005-01-13 03:52:33 GMT Andres Salomon patch-7 Summary: 007-pci_ide_no_reserve.dpatch Revision: linux--dilinger--0--patch-7 Make generic_init_one return proper error values, instead of true/false. This was causing pci devices to be reserved when they shouldn't have been. 2005-01-13 03:52:03 GMT Andres Salomon patch-6 Summary: 006-zatm_cast_fix_fix.dpatch Revision: linux--dilinger--0--patch-6 Fix a silly gcc4 "fix"; in an attempt to drop an lvalue cast, the wrong variable was assigned to (leaking memory, clobbering the variable, etc). 2005-01-13 03:51:33 GMT Andres Salomon patch-5 Summary: 005-sparc64_no_i_sock-2.dpatch Revision: linux--dilinger--0--patch-5 [SPARC64] s/IS_SOCK/S_ISSOCK/, from 004-sparc64_no_i_sock.dpatch. 2005-01-13 03:50:48 GMT Andres Salomon patch-4 Summary: 004-sparc64_no_i_sock.dpatch Revision: linux--dilinger--0--patch-4 [SPARC64] Don't reference ino->i_sock directly; instead, use the S_ISSOCK() macro. 2005-01-13 03:50:22 GMT Andres Salomon patch-3 Summary: 003-libata_alpha_build_fix.dpatch Revision: linux--dilinger--0--patch-3 [ALPHA] Rumor has it, linux/mm.h should be included. It certainly can't hurt. 2005-01-13 03:49:48 GMT Andres Salomon patch-2 Summary: 002-pio_err_handling.dpatch Revision: linux--dilinger--0--patch-2 Properly handle PIO errors. 2005-01-13 03:49:13 GMT Andres Salomon patch-1 Summary: 001-acpi_ibm_exit.dpatch Revision: linux--dilinger--0--patch-1 Make acpi_ibm_exit() not marked as __exit; it is called by __init functions. 2005-01-13 03:47:22 GMT Andres Salomon base-0 Summary: initial import Revision: linux--dilinger--0--base-0 (automatically generated log message)