Home » Mailing list archives » linux-kernel » 2007 » November » 16

Linux 2.6.22.13

Previous thread: Linux 2.6.23.8 by Greg Kroah-Hartman on Friday, November 16, 2007 - 2:37 pm. (22 messages)

Next thread: [PATCH 0/9] cxgb3 - driver update by Divy Le Ray on Friday, November 16, 2007 - 3:19 pm. (1 message)
[view original message]
From: Greg Kroah-Hartman <gregkh@...>
To: <linux-kernel@...>, Andrew Morton <akpm@...>, <torvalds@...>, <stable@...>
Subject: Linux 2.6.22.13
Date: Friday, November 16, 2007 - 2:52 pm

We (the -stable team) are announcing the release of the 2.6.22.13 kernel.

If fixes some security issues and any user of the 2.6.22 series is

encouraged to upgrade.


I'll also be replying to this message with a copy of the patch between

2.6.22.12 and 2.6.22.13


The updated 2.6.22.y git tree can be found at:

        git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-2.6.22.y.git

and can be browsed at the normal kernel.org git web browser:

        http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.22.y.git;a=su...


thanks,


greg k-h


--------


 Makefile             |    2 +-

 kernel/exit.c        |    3 +--

 net/ipv4/tcp_input.c |    5 +++++

 3 files changed, 7 insertions(+), 3 deletions(-)


Summary of changes from v2.6.22.12 to v2.6.22.13

================================================


Greg Kroah-Hartman (1):

      Linux 2.6.22.13


Ilpo Järvinen (1):

      TCP: Make sure write_queue_from does not begin with NULL ptr (CVE-2007-5501)


Roland McGrath (1):

      wait_task_stopped: Check p->exit_state instead of TASK_TRACED (CVE-2007-5500)


-
[view original message]
From: Greg Kroah-Hartman <gregkh@...>
To: <linux-kernel@...>, Andrew Morton <akpm@...>, <torvalds@...>, <stable@...>
Subject: Re: Linux 2.6.22.13
Date: Friday, November 16, 2007 - 2:52 pm

diff --git a/Makefile b/Makefile

index b55f9bf..500f6a8 100644

--- a/Makefile

+++ b/Makefile

@@ -1,7 +1,7 @@

 VERSION = 2

 PATCHLEVEL = 6

 SUBLEVEL = 22

-EXTRAVERSION = .12

+EXTRAVERSION = .13

 NAME = Holy Dancing Manatees, Batman!


 # *DOCUMENTATION*

diff --git a/kernel/exit.c b/kernel/exit.c

index 5c8ecba..e3adc46 100644

--- a/kernel/exit.c

+++ b/kernel/exit.c

@@ -1336,8 +1336,7 @@ static int wait_task_stopped(struct task_struct *p, int delayed_group_leader,

 		int why = (p->ptrace & PT_PTRACED) ? CLD_TRAPPED : CLD_STOPPED;


 		exit_code = p->exit_code;

-		if (unlikely(!exit_code) ||

-		    unlikely(p->state & TASK_TRACED))

+		if (unlikely(!exit_code) || unlikely(p->exit_state))

 			goto bail_ref;

 		return wait_noreap_copyout(p, pid, uid,

 					   why, (exit_code << 8) | 0x7f,

diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c

index e33fb3d..2e1d8e7 100644

--- a/net/ipv4/tcp_input.c

+++ b/net/ipv4/tcp_input.c

@@ -994,6 +994,9 @@ tcp_sacktag_write_queue(struct sock *sk, struct sk_buff *ack_skb, u32 prior_snd_

 	if (before(TCP_SKB_CB(ack_skb)->ack_seq, prior_snd_una - tp->max_window))

 		return 0;


+	if (!tp->packets_out)

+		goto out;

+

 	/* SACK fastpath:

 	 * if the only SACK change is the increase of the end_seq of

 	 * the first block then only apply that SACK block

@@ -1262,6 +1265,8 @@ tcp_sacktag_write_queue(struct sock *sk, struct sk_buff *ack_skb, u32 prior_snd_

 	    (!tp->frto_highmark || after(tp->snd_una, tp->frto_highmark)))

 		tcp_update_reordering(sk, ((tp->fackets_out + 1) - reord), 0);


+out:

+

 #if FASTRETRANS_DEBUG > 0

 	BUG_TRAP((int)tp->sacked_out >= 0);

 	BUG_TRAP((int)tp->lost_out >= 0);

-
Previous thread: Linux 2.6.23.8 by Greg Kroah-Hartman on Friday, November 16, 2007 - 2:37 pm. (22 messages)

Next thread: [PATCH 0/9] cxgb3 - driver update by Divy Le Ray on Friday, November 16, 2007 - 3:19 pm. (1 message)