From 068d78e25b44a31ca47cff82bb9685e47fd07d72 Mon Sep 17 00:00:00 2001 From: Daniel Gryniewicz Date: Wed, 3 Jan 2007 04:32:05 +0000 Subject: [PATCH] Oops, fix for bug #154327 too Package-Manager: portage-2.1.2_rc4-r4 --- sys-kernel/usermode-sources/ChangeLog | 7 +- sys-kernel/usermode-sources/Manifest | 26 +++-- ...mode-sources-2.6.18-r1-CVE-2006-4572.patch | 109 ++++++++++++++++++ .../usermode-sources-2.6.18-r1.ebuild | 5 +- 4 files changed, 133 insertions(+), 14 deletions(-) create mode 100644 sys-kernel/usermode-sources/files/usermode-sources-2.6.18-r1-CVE-2006-4572.patch diff --git a/sys-kernel/usermode-sources/ChangeLog b/sys-kernel/usermode-sources/ChangeLog index 528616f6f6ce..b3950b14793b 100644 --- a/sys-kernel/usermode-sources/ChangeLog +++ b/sys-kernel/usermode-sources/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for sys-kernel/usermode-sources # Copyright 2002-2007 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/usermode-sources/ChangeLog,v 1.85 2007/01/03 03:59:08 dang Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/usermode-sources/ChangeLog,v 1.86 2007/01/03 04:32:05 dang Exp $ + + 03 Jan 2007; Daniel Gryniewicz + +files/usermode-sources-2.6.18-r1-CVE-2006-4572.patch, + usermode-sources-2.6.18-r1.ebuild: + Oops, fix for bug #154327 too *usermode-sources-2.6.18-r1 (03 Jan 2007) diff --git a/sys-kernel/usermode-sources/Manifest b/sys-kernel/usermode-sources/Manifest index 954b5a652490..206d5cce02d5 100644 --- a/sys-kernel/usermode-sources/Manifest +++ b/sys-kernel/usermode-sources/Manifest @@ -21,6 +21,10 @@ AUX usermode-sources-2.6.16-CVE-2006-4145.patch 3586 RMD160 ccf1179aeab055f2e408 MD5 4b3491d14a0b79b71f9a3029718df69d files/usermode-sources-2.6.16-CVE-2006-4145.patch 3586 RMD160 ccf1179aeab055f2e408225bc0e2026fb3ce7328 files/usermode-sources-2.6.16-CVE-2006-4145.patch 3586 SHA256 e9c50befb4e9157cabc94f76c9ca0a7e80422d82d4c3280d8f852673f669adf1 files/usermode-sources-2.6.16-CVE-2006-4145.patch 3586 +AUX usermode-sources-2.6.18-r1-CVE-2006-4572.patch 4192 RMD160 5522cf0607475788bc40bf3d23140fb9ea80149d SHA1 4ab0dabda3c086565bbca2680ca11ea1e2b1be95 SHA256 dc6efb9d1617e109945c36b8dac7c14eb7df43b6f3bbdeebcaa1b7067c3fd781 +MD5 a8ae4d41e9513925ba02e10813f68c79 files/usermode-sources-2.6.18-r1-CVE-2006-4572.patch 4192 +RMD160 5522cf0607475788bc40bf3d23140fb9ea80149d files/usermode-sources-2.6.18-r1-CVE-2006-4572.patch 4192 +SHA256 dc6efb9d1617e109945c36b8dac7c14eb7df43b6f3bbdeebcaa1b7067c3fd781 files/usermode-sources-2.6.18-r1-CVE-2006-4572.patch 4192 DIST genpatches-2.6.16-13.base.tar.bz2 98287 RMD160 55e01ae4090fdbb65c2033d7df3f6d667bcd874f SHA1 0d5bc13616264f0e58c67337dafe72e92a7b7025 SHA256 3bfa570f10939a838a3d460563f30b429d227e9f5b4cd0bd6b448a22bdb63858 DIST genpatches-2.6.16-15.base.tar.bz2 98632 RMD160 46e8cfcae8fea262d7599c2e4d3e7fbc8af239b2 SHA1 e0f253ad01a4da388675af4b90223289d9bcd578 SHA256 fb78f2a4d32d1770a34d9ee254686a6a12102fa99c1bb73e9c282ab5f82dddaa DIST genpatches-2.6.18-1.base.tar.bz2 2397 RMD160 1b02d9e5adba7a9a17f85691f312ee2c870c9a48 SHA1 790186d9d44c358d05489cdff417beab03124708 SHA256 e87db440591d48f74b8d50f47bde55a1652c969626befa94aba48cee57aa5da8 @@ -42,18 +46,18 @@ EBUILD usermode-sources-2.6.16-r5.ebuild 1048 RMD160 3d16510ec77d98dd389df63a222 MD5 e1d1ee47b1cc11e17ad384ad6ce293bc usermode-sources-2.6.16-r5.ebuild 1048 RMD160 3d16510ec77d98dd389df63a222c55e0e84298b3 usermode-sources-2.6.16-r5.ebuild 1048 SHA256 c41f8ca0d95b147c26cab5158c58744a345ed14610052956a4b54895bdc9ee18 usermode-sources-2.6.16-r5.ebuild 1048 -EBUILD usermode-sources-2.6.18-r1.ebuild 970 RMD160 3418d148ecfff79f3a3d5279d9190e4fd144284d SHA1 5383316b0f3b722078a0592993011d8a51fc3f90 SHA256 e6fe8e9d0544ef6f2d97cf82437a6d5328e1d2593e2eb390585869db60b97672 -MD5 ad5c249aaf59e69b64129fc97aeaa140 usermode-sources-2.6.18-r1.ebuild 970 -RMD160 3418d148ecfff79f3a3d5279d9190e4fd144284d usermode-sources-2.6.18-r1.ebuild 970 -SHA256 e6fe8e9d0544ef6f2d97cf82437a6d5328e1d2593e2eb390585869db60b97672 usermode-sources-2.6.18-r1.ebuild 970 +EBUILD usermode-sources-2.6.18-r1.ebuild 1009 RMD160 e0bac77c7776dfbaa506767af62d2e213cb746f3 SHA1 fc8650dd9ebbebf0909aeb1a3068a3d3571a7e7e SHA256 b2429ddd86eeab6168edd80c446ba1beb0d5cec7371dbb7033ae1b4d22e5f490 +MD5 7baf7387a1b63224d1a3befe7e3970dd usermode-sources-2.6.18-r1.ebuild 1009 +RMD160 e0bac77c7776dfbaa506767af62d2e213cb746f3 usermode-sources-2.6.18-r1.ebuild 1009 +SHA256 b2429ddd86eeab6168edd80c446ba1beb0d5cec7371dbb7033ae1b4d22e5f490 usermode-sources-2.6.18-r1.ebuild 1009 EBUILD usermode-sources-2.6.18.ebuild 919 RMD160 2d409c33d4e75ada220c339ddb887ac6cdae521c SHA1 47bcb8a03fce0c8bf006728e578c73111e358858 SHA256 a936b615f74f3af610e5bbb43eeec34b74bb088a6433e744bf935c9ac1df5cf2 MD5 80ad0f13a00939853185c632c423fd4c usermode-sources-2.6.18.ebuild 919 RMD160 2d409c33d4e75ada220c339ddb887ac6cdae521c usermode-sources-2.6.18.ebuild 919 SHA256 a936b615f74f3af610e5bbb43eeec34b74bb088a6433e744bf935c9ac1df5cf2 usermode-sources-2.6.18.ebuild 919 -MISC ChangeLog 23737 RMD160 d5147ee802d0e63b0b5ee51877fe22a684bb6bb8 SHA1 29f84175a92e781a9355b3bbbf16650f6cd6ba0e SHA256 54da62f19f6dbf48b5ea7c27a63f164e9dda639bb5a90c5be2d6f2af24c161c6 -MD5 1ac69f46fe24da890862892b3f6f3352 ChangeLog 23737 -RMD160 d5147ee802d0e63b0b5ee51877fe22a684bb6bb8 ChangeLog 23737 -SHA256 54da62f19f6dbf48b5ea7c27a63f164e9dda639bb5a90c5be2d6f2af24c161c6 ChangeLog 23737 +MISC ChangeLog 23915 RMD160 3e0546eb02ce0bf8ab273741fac273d854dc5a86 SHA1 14f94632732a0023a7e10b8671dedd4719d5bc24 SHA256 64f245e96a8463cc022f957d1dc4ee932f3e32522be5400bf58ac3fc2a237b9a +MD5 e89e45d56526a7214432a7dfe29e6d5f ChangeLog 23915 +RMD160 3e0546eb02ce0bf8ab273741fac273d854dc5a86 ChangeLog 23915 +SHA256 64f245e96a8463cc022f957d1dc4ee932f3e32522be5400bf58ac3fc2a237b9a ChangeLog 23915 MISC metadata.xml 250 RMD160 9657d63a141d387fa3a42ef4087ee0ed3757cf67 SHA1 7a59aecd3ddaed1b49f15c552a7893929b5155ed SHA256 c1aa14289c2eb84cdf6c739f3d48b122a09d4c99de38bd22ae558ac47be0cf90 MD5 5811f74eb87a97c082114675db0ef41b metadata.xml 250 RMD160 9657d63a141d387fa3a42ef4087ee0ed3757cf67 metadata.xml 250 @@ -76,7 +80,7 @@ SHA256 f3424bc44e5d7f5e8b016bfb117b6bb2fea5d20d7cc997cdce3012b1baa6c6f1 files/di -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.1 (GNU/Linux) -iD8DBQFFmyn0omPajV0RnrERAoEYAJ9K4UfDSSA0cpuKYAAmMF1gsvtrpQCeK0+G -iauSIVOBLy+YTs0rNMJ7adA= -=NIi0 +iD8DBQFFmzGjomPajV0RnrERAtckAJ9iHmVYBNkaInctZOEC1/2YjT7xkACaAla4 +tW8r7oPBjIkCWesimiqrzJc= +=e5Fw -----END PGP SIGNATURE----- diff --git a/sys-kernel/usermode-sources/files/usermode-sources-2.6.18-r1-CVE-2006-4572.patch b/sys-kernel/usermode-sources/files/usermode-sources-2.6.18-r1-CVE-2006-4572.patch new file mode 100644 index 000000000000..633b37586e00 --- /dev/null +++ b/sys-kernel/usermode-sources/files/usermode-sources-2.6.18-r1-CVE-2006-4572.patch @@ -0,0 +1,109 @@ +diff --exclude-from=/home/dang/.diffrc -up -ruN linux-2.6.18-usermode-r1.orig/net/ipv6/netfilter/ip6_tables.c linux-2.6.18-usermode-r1/net/ipv6/netfilter/ip6_tables.c +--- linux-2.6.18-usermode-r1.orig/net/ipv6/netfilter/ip6_tables.c 2007-01-02 21:03:01.000000000 -0500 ++++ linux-2.6.18-usermode-r1/net/ipv6/netfilter/ip6_tables.c 2007-01-02 23:02:56.000000000 -0500 +@@ -1445,6 +1445,9 @@ static void __exit ip6_tables_fini(void) + * If target header is found, its offset is set in *offset and return protocol + * number. Otherwise, return -1. + * ++ * If the first fragment doesn't contain the final protocol header or ++ * NEXTHDR_NONE it is considered invalid. ++ * + * Note that non-1st fragment is special case that "the protocol number + * of last header" is "next header" field in Fragment header. In this case, + * *offset is meaningless and fragment offset is stored in *fragoff if fragoff +@@ -1468,12 +1471,12 @@ int ipv6_find_hdr(const struct sk_buff * + if ((!ipv6_ext_hdr(nexthdr)) || nexthdr == NEXTHDR_NONE) { + if (target < 0) + break; +- return -1; ++ return -ENOENT; + } + + hp = skb_header_pointer(skb, start, sizeof(_hdr), &_hdr); + if (hp == NULL) +- return -1; ++ return -EBADMSG; + if (nexthdr == NEXTHDR_FRAGMENT) { + unsigned short _frag_off, *fp; + fp = skb_header_pointer(skb, +@@ -1482,7 +1485,7 @@ int ipv6_find_hdr(const struct sk_buff * + sizeof(_frag_off), + &_frag_off); + if (fp == NULL) +- return -1; ++ return -EBADMSG; + + _frag_off = ntohs(*fp) & ~0x7; + if (_frag_off) { +@@ -1493,7 +1496,7 @@ int ipv6_find_hdr(const struct sk_buff * + *fragoff = _frag_off; + return hp->nexthdr; + } +- return -1; ++ return -ENOENT; + } + hdrlen = 8; + } else if (nexthdr == NEXTHDR_AUTH) +diff --exclude-from=/home/dang/.diffrc -up -ruN linux-2.6.18-usermode-r1.orig/net/ipv6/netfilter/ip6t_ah.c linux-2.6.18-usermode-r1/net/ipv6/netfilter/ip6t_ah.c +--- linux-2.6.18-usermode-r1.orig/net/ipv6/netfilter/ip6t_ah.c 2006-09-19 23:42:06.000000000 -0400 ++++ linux-2.6.18-usermode-r1/net/ipv6/netfilter/ip6t_ah.c 2007-01-02 23:03:50.000000000 -0500 +@@ -54,9 +54,14 @@ match(const struct sk_buff *skb, + const struct ip6t_ah *ahinfo = matchinfo; + unsigned int ptr; + unsigned int hdrlen = 0; +- +- if (ipv6_find_hdr(skb, &ptr, NEXTHDR_AUTH, NULL) < 0) +- return 0; ++ int err; ++ ++ err = ipv6_find_hdr(skb, &ptr, NEXTHDR_AUTH, NULL); ++ if (err < 0) { ++ if (err != -ENOENT) ++ *hotdrop = 1; ++ return 0; ++ } + + ah = skb_header_pointer(skb, ptr, sizeof(_ah), &_ah); + if (ah == NULL) { +diff --exclude-from=/home/dang/.diffrc -up -ruN linux-2.6.18-usermode-r1.orig/net/ipv6/netfilter/ip6t_frag.c linux-2.6.18-usermode-r1/net/ipv6/netfilter/ip6t_frag.c +--- linux-2.6.18-usermode-r1.orig/net/ipv6/netfilter/ip6t_frag.c 2006-09-19 23:42:06.000000000 -0400 ++++ linux-2.6.18-usermode-r1/net/ipv6/netfilter/ip6t_frag.c 2007-01-02 23:04:29.000000000 -0500 +@@ -52,9 +52,14 @@ match(const struct sk_buff *skb, + struct frag_hdr _frag, *fh; + const struct ip6t_frag *fraginfo = matchinfo; + unsigned int ptr; +- +- if (ipv6_find_hdr(skb, &ptr, NEXTHDR_FRAGMENT, NULL) < 0) +- return 0; ++ int err; ++ ++ err = ipv6_find_hdr(skb, &ptr, NEXTHDR_FRAGMENT, NULL); ++ if (err < 0) { ++ if (err != -ENOENT) ++ *hotdrop = 1; ++ return 0; ++ } + + fh = skb_header_pointer(skb, ptr, sizeof(_frag), &_frag); + if (fh == NULL) { +diff --exclude-from=/home/dang/.diffrc -up -ruN linux-2.6.18-usermode-r1.orig/net/ipv6/netfilter/ip6t_rt.c linux-2.6.18-usermode-r1/net/ipv6/netfilter/ip6t_rt.c +--- linux-2.6.18-usermode-r1.orig/net/ipv6/netfilter/ip6t_rt.c 2006-09-19 23:42:06.000000000 -0400 ++++ linux-2.6.18-usermode-r1/net/ipv6/netfilter/ip6t_rt.c 2007-01-02 23:04:53.000000000 -0500 +@@ -58,9 +58,14 @@ match(const struct sk_buff *skb, + unsigned int hdrlen = 0; + unsigned int ret = 0; + struct in6_addr *ap, _addr; +- +- if (ipv6_find_hdr(skb, &ptr, NEXTHDR_ROUTING, NULL) < 0) +- return 0; ++ int err; ++ ++ err = ipv6_find_hdr(skb, &ptr, NEXTHDR_ROUTING, NULL); ++ if (err < 0) { ++ if (err != -ENOENT) ++ *hotdrop = 1; ++ return 0; ++ } + + rh = skb_header_pointer(skb, ptr, sizeof(_route), &_route); + if (rh == NULL) { diff --git a/sys-kernel/usermode-sources/usermode-sources-2.6.18-r1.ebuild b/sys-kernel/usermode-sources/usermode-sources-2.6.18-r1.ebuild index 958c701b336c..2f2440221e63 100644 --- a/sys-kernel/usermode-sources/usermode-sources-2.6.18-r1.ebuild +++ b/sys-kernel/usermode-sources/usermode-sources-2.6.18-r1.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2007 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/usermode-sources/usermode-sources-2.6.18-r1.ebuild,v 1.1 2007/01/03 03:59:08 dang Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/usermode-sources/usermode-sources-2.6.18-r1.ebuild,v 1.2 2007/01/03 04:32:05 dang Exp $ ETYPE="sources" K_WANT_GENPATCHES="base" @@ -10,7 +10,8 @@ detect_version UML_VER="uml-2.6.18.1-bb2" UNIPATCH_LIST="${FILESDIR}/uml-2.6.18-genpatches-8-prep.patch - ${DISTDIR}/${UML_VER}.patch.bz2" + ${DISTDIR}/${UML_VER}.patch.bz2 + ${FILESDIR}/${PF}-CVE-2006-4572.patch" UNIPATCH_STRICTORDER="yes" DESCRIPTION="Full sources for the User Mode Linux kernel" -- 2.26.2