From b4ae8c73ffe7872792fd7ed4125e963da6519c9b Mon Sep 17 00:00:00 2001 From: Brian Jackson Date: Tue, 2 Dec 2003 03:37:32 +0000 Subject: fix do_brk vuln --- sys-kernel/hardened-sources/ChangeLog | 8 +++++++- sys-kernel/hardened-sources/Manifest | 13 +++++++------ sys-kernel/hardened-sources/files/do_brk_fix.patch | 12 ++++++++++++ .../hardened-sources/hardened-sources-2.4.20-r2.ebuild | 4 +++- .../hardened-sources/hardened-sources-2.4.20-r3.ebuild | 4 +++- .../hardened-sources/hardened-sources-2.4.20-r4.ebuild | 4 +++- sys-kernel/hardened-sources/hardened-sources-2.4.21.ebuild | 4 +++- sys-kernel/hardened-sources/hardened-sources-2.4.22.ebuild | 4 +++- 8 files changed, 41 insertions(+), 12 deletions(-) create mode 100644 sys-kernel/hardened-sources/files/do_brk_fix.patch (limited to 'sys-kernel/hardened-sources') diff --git a/sys-kernel/hardened-sources/ChangeLog b/sys-kernel/hardened-sources/ChangeLog index 6fd1b4a463fd..a2458febf2d6 100644 --- a/sys-kernel/hardened-sources/ChangeLog +++ b/sys-kernel/hardened-sources/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for sys-kernel/hardened-sources # Copyright 2000-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.14 2003/11/04 03:39:40 frogger Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.15 2003/12/02 03:33:43 iggy Exp $ + + 01 Dec 2003; Brian Jackson + hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild, + hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild, + hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch: + fix do_brk vuln 03 Nov 2003; Matthew Rickard hardened-sources-2.4.22.ebuild: diff --git a/sys-kernel/hardened-sources/Manifest b/sys-kernel/hardened-sources/Manifest index ff26b5fc49e1..db3bd92b1012 100644 --- a/sys-kernel/hardened-sources/Manifest +++ b/sys-kernel/hardened-sources/Manifest @@ -1,10 +1,11 @@ -MD5 b5a1c56ff94472c026d1437a5f6662e6 hardened-sources-2.4.20-r4.ebuild 2145 -MD5 ae1155a815e026d482cbdc45697da6e9 hardened-sources-2.4.22.ebuild 2198 -MD5 1b321c5f39f11f56a77118555670747c hardened-sources-2.4.20-r3.ebuild 2145 -MD5 8d8b5683212f6ef7e251bc6abb028266 hardened-sources-2.4.21.ebuild 2404 -MD5 2f36b8424662bc0ef54482e4b9e4b9a9 ChangeLog 4496 +MD5 e9c0aa77cea4cab0053913d6241e1a62 hardened-sources-2.4.20-r4.ebuild 2220 +MD5 8cb999656e1d3b855adb13a56f9e1d61 hardened-sources-2.4.22.ebuild 2274 +MD5 4e6ec0e040985b2bf3bd10c66e92eeda hardened-sources-2.4.20-r3.ebuild 2220 +MD5 5bd722c8fee20760ec3f679e0edc0053 hardened-sources-2.4.21.ebuild 2480 +MD5 a357a534f1b1127470849e6d588422d7 ChangeLog 4758 MD5 724c01628b1dd03c8bfe196f0ae31368 metadata.xml 558 -MD5 c7e011900c8c6ea5dc332d2f10c25733 hardened-sources-2.4.20-r2.ebuild 2227 +MD5 638b95442feba0a7c21a0088d4a65c14 hardened-sources-2.4.20-r2.ebuild 2302 +MD5 e637c6fa41097ea2c4693d0766f2e1c5 files/do_brk_fix.patch 242 MD5 e8b051baa93e07c4185474fb0e94e3af files/digest-hardened-sources-2.4.20-r2 147 MD5 58eba2e705c5a3f06366c1da54194deb files/digest-hardened-sources-2.4.20-r3 147 MD5 c0df3343880221029deebeb9498dee44 files/digest-hardened-sources-2.4.20-r4 147 diff --git a/sys-kernel/hardened-sources/files/do_brk_fix.patch b/sys-kernel/hardened-sources/files/do_brk_fix.patch new file mode 100644 index 000000000000..fef1f1e981e2 --- /dev/null +++ b/sys-kernel/hardened-sources/files/do_brk_fix.patch @@ -0,0 +1,12 @@ +--- a/mm/mmap.c Fri Sep 12 06:44:06 2003 ++++ b/mm/mmap.c Thu Oct 2 01:18:19 2003 +@@ -1041,6 +1041,9 @@ + if (!len) + return addr; + ++ if ((addr + len) > TASK_SIZE || (addr + len) < addr) ++ return -EINVAL; ++ + /* + * mlock MCL_FUTURE? + */ diff --git a/sys-kernel/hardened-sources/hardened-sources-2.4.20-r2.ebuild b/sys-kernel/hardened-sources/hardened-sources-2.4.20-r2.ebuild index 2ecc318f5e96..f51009e011ab 100644 --- a/sys-kernel/hardened-sources/hardened-sources-2.4.20-r2.ebuild +++ b/sys-kernel/hardened-sources/hardened-sources-2.4.20-r2.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2003 Gentoo Technologies, Inc. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.4.20-r2.ebuild,v 1.5 2003/09/10 04:33:03 msterret Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.4.20-r2.ebuild,v 1.6 2003/12/02 03:33:44 iggy Exp $ IUSE="build selinux" @@ -44,6 +44,8 @@ src_unpack() { done fi + epatch ${FILESDIR}/do_brk_fix.patch || die "failed to patch for do_brk vuln" + kernel_src_unpack } diff --git a/sys-kernel/hardened-sources/hardened-sources-2.4.20-r3.ebuild b/sys-kernel/hardened-sources/hardened-sources-2.4.20-r3.ebuild index cdc3a2bd62d9..aaa46b8fa45e 100644 --- a/sys-kernel/hardened-sources/hardened-sources-2.4.20-r3.ebuild +++ b/sys-kernel/hardened-sources/hardened-sources-2.4.20-r3.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2003 Gentoo Technologies, Inc. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.4.20-r3.ebuild,v 1.6 2003/09/10 04:33:03 msterret Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.4.20-r3.ebuild,v 1.7 2003/12/02 03:33:44 iggy Exp $ IUSE="build selinux" @@ -44,6 +44,8 @@ src_unpack() { done fi + epatch ${FILESDIR}/do_brk_fix.patch || die "failed to patch for do_brk vuln" + kernel_src_unpack } diff --git a/sys-kernel/hardened-sources/hardened-sources-2.4.20-r4.ebuild b/sys-kernel/hardened-sources/hardened-sources-2.4.20-r4.ebuild index baea44af05e0..3cfef053e6fb 100644 --- a/sys-kernel/hardened-sources/hardened-sources-2.4.20-r4.ebuild +++ b/sys-kernel/hardened-sources/hardened-sources-2.4.20-r4.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2003 Gentoo Technologies, Inc. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.4.20-r4.ebuild,v 1.4 2003/09/10 04:33:03 msterret Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.4.20-r4.ebuild,v 1.5 2003/12/02 03:33:44 iggy Exp $ IUSE="build selinux" @@ -44,6 +44,8 @@ src_unpack() { done fi + epatch ${FILESDIR}/do_brk_fix.patch || die "failed to patch for do_brk vuln" + kernel_src_unpack } diff --git a/sys-kernel/hardened-sources/hardened-sources-2.4.21.ebuild b/sys-kernel/hardened-sources/hardened-sources-2.4.21.ebuild index afea33f7bac5..20348462fc57 100644 --- a/sys-kernel/hardened-sources/hardened-sources-2.4.21.ebuild +++ b/sys-kernel/hardened-sources/hardened-sources-2.4.21.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2003 Gentoo Technologies, Inc. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.4.21.ebuild,v 1.1 2003/09/14 18:07:06 frogger Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.4.21.ebuild,v 1.2 2003/12/02 03:33:44 iggy Exp $ IUSE="build selinux" @@ -44,6 +44,8 @@ src_unpack() { done fi + epatch ${FILESDIR}/do_brk_fix.patch || die "failed to patch for do_brk vuln" + kernel_src_unpack } diff --git a/sys-kernel/hardened-sources/hardened-sources-2.4.22.ebuild b/sys-kernel/hardened-sources/hardened-sources-2.4.22.ebuild index da5df8a164d6..6954a122fdad 100644 --- a/sys-kernel/hardened-sources/hardened-sources-2.4.22.ebuild +++ b/sys-kernel/hardened-sources/hardened-sources-2.4.22.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2003 Gentoo Technologies, Inc. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.4.22.ebuild,v 1.2 2003/11/04 03:39:40 frogger Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/hardened-sources-2.4.22.ebuild,v 1.3 2003/12/02 03:33:44 iggy Exp $ IUSE="build selinux" @@ -44,6 +44,8 @@ src_unpack() { done fi + epatch ${FILESDIR}/do_brk_fix.patch || die "failed to patch for do_brk vuln" + kernel_src_unpack } -- cgit v1.2.3-65-gdbad