diff options
| author |   Konstantin V. Arkhipov <voxus@gentoo.org> | 2004-11-25 14:59:37 +0000 |
|---|---|---|
| committer | Konstantin V. Arkhipov <voxus@gentoo.org> | 2004-11-25 14:59:37 +0000 |
| commit | 80de62c57efa1c3e496404ee5e64e8b17f3c1e6f (patch) | |
| tree | 47e2b5d970bb8afed9bfdaf02919e18b6be3cabe | |
| parent | Version bump (diff) | |
| download | historical-80de62c57efa1c3e496404ee5e64e8b17f3c1e6f.tar.gz historical-80de62c57efa1c3e496404ee5e64e8b17f3c1e6f.tar.bz2 historical-80de62c57efa1c3e496404ee5e64e8b17f3c1e6f.zip | |
closing #65877
| -rw-r--r-- | sys-kernel/openmosix-sources/ChangeLog | 13 | ||||
| -rw-r--r-- | sys-kernel/openmosix-sources/Manifest | 10 | ||||
| -rw-r--r-- | sys-kernel/openmosix-sources/files/digest-openmosix-sources-2.4.24-r8 | 5 | ||||
| -rw-r--r-- | sys-kernel/openmosix-sources/files/digest-openmosix-sources-2.4.27-r5 (renamed from sys-kernel/openmosix-sources/files/digest-openmosix-sources-2.4.27-r4) | 0 | ||||
| -rw-r--r-- | sys-kernel/openmosix-sources/files/openmosix-sources-2.4.24-smbfs.patch | 80 | ||||
| -rw-r--r-- | sys-kernel/openmosix-sources/files/openmosix-sources-2.4.27-smbfs.patch | 97 | ||||
| -rw-r--r-- | sys-kernel/openmosix-sources/openmosix-sources-2.4.24-r8.ebuild | 72 | ||||
| -rw-r--r-- | sys-kernel/openmosix-sources/openmosix-sources-2.4.27-r5.ebuild (renamed from sys-kernel/openmosix-sources/openmosix-sources-2.4.27-r4.ebuild) | 5 |
8 files changed, 276 insertions, 6 deletions
diff --git a/sys-kernel/openmosix-sources/ChangeLog b/sys-kernel/openmosix-sources/ChangeLog index 9cab0c1d1492..5e560c1de18a 100644 --- a/sys-kernel/openmosix-sources/ChangeLog +++ b/sys-kernel/openmosix-sources/ChangeLog @@ -1,6 +1,17 @@ # ChangeLog for sys-kernel/openmosix-sources # Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/openmosix-sources/ChangeLog,v 1.70 2004/11/16 11:49:08 voxus Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/openmosix-sources/ChangeLog,v 1.71 2004/11/25 14:59:37 voxus Exp $ + +*openmosix-sources-2.4.24-r8 (25 Nov 2004) +*openmosix-sources-2.4.27-r5 (25 Nov 2004) + + 25 Nov 2004; Konstantin Arkhipov <voxus@gentoo.org>: + +files/openmosix-sources-2.4.24-smbfs.patch, + +files/openmosix-sources-2.4.27-smbfs.patch, + -openmosix-sources-2.4.27-r4.ebuild, + +openmosix-sources-2.4.27-r5.ebuild, + +openmosix-sources-2.4.24-r8.ebuild: + Fixed smbfs vulnerability, closing #65877. *openmosix-sources-2.4.24-r7 (16 Nov 2004) diff --git a/sys-kernel/openmosix-sources/Manifest b/sys-kernel/openmosix-sources/Manifest index a6835910d3f5..abaa71d91ea2 100644 --- a/sys-kernel/openmosix-sources/Manifest +++ b/sys-kernel/openmosix-sources/Manifest @@ -1,6 +1,7 @@ -MD5 a0e9868f52a03a55050ab4e184b75fd2 openmosix-sources-2.4.27-r4.ebuild 1820 +MD5 d1606f018e7e4c41cef1c26a860d1612 openmosix-sources-2.4.24-r8.ebuild 3015 MD5 496d925424a1fa62617d6c740386e8b9 openmosix-sources-2.4.24-r7.ebuild 2935 -MD5 3e5ac92956f3e2c3399ca583abf9ee86 ChangeLog 13207 +MD5 2d42be9afaa678c28581ce436200923f openmosix-sources-2.4.27-r5.ebuild 1852 +MD5 a751e13610c65ca8ca41f0dd7d89483c ChangeLog 13606 MD5 beb9efce81ae2c582a621528fc783095 metadata.xml 373 MD5 de75cfa969ed092578d9ddda6c5be334 files/openmosix-sources.CAN-2004-0181.patch 1233 MD5 e77a93fdf26f06cf3ea5080b27211725 files/openmosix-sources.CAN-2003-0985.patch 414 @@ -9,12 +10,15 @@ MD5 147fec50180ad91b6260fc7201dcb90f files/openmosix-sources.CAN-2004-0010.patch MD5 3bdf00d5f80fe9dfbfe8220e076cd04c files/openmosix-sources.CAN-2004-0497.patch 707 MD5 eaeda68a619caaddd5b8fdc5e7c39932 files/openmosix-sources.CAN-2004-0177.patch 384 MD5 b5082064acd344757ff6362f7d60a881 files/digest-openmosix-sources-2.4.24-r7 359 -MD5 42009ab1ca8da78b30d2fcd15150f202 files/digest-openmosix-sources-2.4.27-r4 296 +MD5 b5082064acd344757ff6362f7d60a881 files/digest-openmosix-sources-2.4.24-r8 359 +MD5 42009ab1ca8da78b30d2fcd15150f202 files/digest-openmosix-sources-2.4.27-r5 296 MD5 21f3a4f186017d925067335e24db36a1 files/openmosix-sources.CAN-2004-0109.patch 1877 MD5 ac42024b6e6ee1e2165914db4b22a61c files/openmosix-sources.CAN-2004-0178.patch 424 MD5 60d25ff310fc6abfdce39ec9e47345af files/openmosix-sources.CAN-2004-0685.patch 2809 MD5 fa0b3a0117ce4a5701403bb7f1c5acdf files/openmosix-sources.CAN-2004-0841-fix_ldisc_switch.patch 878 MD5 24c53f49954dab29cfc172d4a3ba1a31 files/openmosix-sources-binfmt_elf.patch 1928 +MD5 1e1fe7bb98c80db4644f4b7fd7dd5d32 files/openmosix-sources-2.4.27-smbfs.patch 3434 MD5 bf2b609e8cab6460d220b1267db09826 files/openmosix-sources.CAN-2004-0001.patch 982 MD5 0f66013f643c79c97fda489618a4e2fd files/openmosix-sources.CAN-2004-0535.patch 476 +MD5 9971231cef0a944990e47a3c1e4b717c files/openmosix-sources-2.4.24-smbfs.patch 2790 MD5 dc18e982f8149588a291956481885a8c files/openmosix-sources.CAN-2004-0495.patch 17549 diff --git a/sys-kernel/openmosix-sources/files/digest-openmosix-sources-2.4.24-r8 b/sys-kernel/openmosix-sources/files/digest-openmosix-sources-2.4.24-r8 new file mode 100644 index 000000000000..e3b64d95ad6f --- /dev/null +++ b/sys-kernel/openmosix-sources/files/digest-openmosix-sources-2.4.24-r8 @@ -0,0 +1,5 @@ +MD5 1e055c42921b2396a559d84df4c3d9aa linux-2.4.24.tar.bz2 29837818 +MD5 1c9bc4f32a9fc793cb8f0a6d0f910cb7 openMosix-2.4.24-2.bz2 588330 +MD5 7e0e9f3d57bcc1b1bb7900ada383c129 linux-2.4.23-CAN-2004-0415.patch 89319 +MD5 d4c051e7c6062704be85192e25e2f5b2 linux-2.4.26-CAN-2004-0814.patch 81508 +MD5 5bbbb2201b338ebb74f0bf650b639475 linux-2.4.27-nfs3-xdr.patch.bz2 746 diff --git a/sys-kernel/openmosix-sources/files/digest-openmosix-sources-2.4.27-r4 b/sys-kernel/openmosix-sources/files/digest-openmosix-sources-2.4.27-r5 index b667a1620951..b667a1620951 100644 --- a/sys-kernel/openmosix-sources/files/digest-openmosix-sources-2.4.27-r4 +++ b/sys-kernel/openmosix-sources/files/digest-openmosix-sources-2.4.27-r5 diff --git a/sys-kernel/openmosix-sources/files/openmosix-sources-2.4.24-smbfs.patch b/sys-kernel/openmosix-sources/files/openmosix-sources-2.4.24-smbfs.patch new file mode 100644 index 000000000000..1d93802f03be --- /dev/null +++ b/sys-kernel/openmosix-sources/files/openmosix-sources-2.4.24-smbfs.patch @@ -0,0 +1,80 @@ +diff -ur linux-2.4.20/fs/smbfs/proc.c linux-2.4.20.plasmaroo/fs/smbfs/proc.c +--- linux-2.4.20/fs/smbfs/proc.c 2004-08-14 18:15:42.000000000 +0100 ++++ linux-2.4.20.plasmaroo/fs/smbfs/proc.c 2004-11-19 20:48:37.429884768 +0000 +@@ -1197,10 +1197,12 @@ + data_len = WVAL(buf, 1); + + /* we can NOT simply trust the data_len given by the server ... */ +- if (data_len > server->packet_size - (buf+3 - server->packet)) { +- printk(KERN_ERR "smb_proc_read: invalid data length!! " +- "%d > %d - (%p - %p)\n", +- data_len, server->packet_size, buf+3, server->packet); ++ if (data_len > count || ++ (buf+3 - server->packet) + data_len > server->packet_size) { ++ printk(KERN_ERR "smb_proc_read: invalid data length/offset!! " ++ "%d > %d || (%p - %p) + %d > %d\n", ++ data_len, count, ++ buf+3, server->packet, data_len, server->packet_size); + result = -EIO; + goto out; + } +diff -ur linux-2.4.20/fs/smbfs/sock.c linux-2.4.20.plasmaroo/fs/smbfs/sock.c +--- linux-2.4.20/fs/smbfs/sock.c 2004-08-14 18:15:42.000000000 +0100 ++++ linux-2.4.20.plasmaroo/fs/smbfs/sock.c 2004-11-19 20:48:37.431884464 +0000 +@@ -571,7 +571,11 @@ + parm_disp, parm_offset, parm_count, + data_disp, data_offset, data_count); + *parm = base + parm_offset; ++ if (*parm - inbuf + parm_tot > server->packet_size) ++ goto out_bad_parm; + *data = base + data_offset; ++ if (*data - inbuf + data_tot > server->packet_size) ++ goto out_bad_data; + goto success; + } + +@@ -591,6 +595,8 @@ + rcv_buf = smb_vmalloc(buf_len); + if (!rcv_buf) + goto out_no_mem; ++ memset(rcv_buf, 0, buf_len); ++ + *parm = rcv_buf; + *data = rcv_buf + total_p; + } else if (data_tot > total_d || parm_tot > total_p) +@@ -598,8 +604,12 @@ + + if (parm_disp + parm_count > total_p) + goto out_bad_parm; ++ if (parm_offset + parm_count > server->packet_size) ++ goto out_bad_parm; + if (data_disp + data_count > total_d) + goto out_bad_data; ++ if (data_offset + data_count > server->packet_size) ++ goto out_bad_data; + memcpy(*parm + parm_disp, base + parm_offset, parm_count); + memcpy(*data + data_disp, base + data_offset, data_count); + +@@ -610,8 +620,11 @@ + * Check whether we've received all of the data. Note that + * we use the packet totals -- total lengths might shrink! + */ +- if (data_len >= data_tot && parm_len >= parm_tot) ++ if (data_len >= data_tot && parm_len >= parm_tot) { ++ data_len = data_tot; ++ parm_len = parm_tot; + break; ++ } + } + + /* +@@ -625,6 +638,9 @@ + server->packet = rcv_buf; + rcv_buf = inbuf; + } else { ++ if (parm_len + data_len > buf_len) ++ goto out_data_grew; ++ + PARANOIA("copying data, old size=%d, new size=%u\n", + server->packet_size, buf_len); + memcpy(inbuf, rcv_buf, parm_len + data_len); diff --git a/sys-kernel/openmosix-sources/files/openmosix-sources-2.4.27-smbfs.patch b/sys-kernel/openmosix-sources/files/openmosix-sources-2.4.27-smbfs.patch new file mode 100644 index 000000000000..63c5ba30403f --- /dev/null +++ b/sys-kernel/openmosix-sources/files/openmosix-sources-2.4.27-smbfs.patch @@ -0,0 +1,97 @@ +diff -ur linux-2.4.27/fs/smbfs/proc.c linux-2.4.28/fs/smbfs/proc.c +--- linux-2.4.27/fs/smbfs/proc.c 2004-11-12 19:32:24.000000000 +0000 ++++ linux-2.4.28/fs/smbfs/proc.c 2004-11-19 20:18:27.000000000 +0000 +@@ -1289,10 +1289,12 @@ + data_len = WVAL(buf, 1); + + /* we can NOT simply trust the data_len given by the server ... */ +- if (data_len > server->packet_size - (buf+3 - server->packet)) { +- printk(KERN_ERR "smb_proc_read: invalid data length!! " +- "%d > %d - (%p - %p)\n", +- data_len, server->packet_size, buf+3, server->packet); ++ if (data_len > count || ++ (buf+3 - server->packet) + data_len > server->packet_size) { ++ printk(KERN_ERR "smb_proc_read: invalid data length/offset!! " ++ "%d > %d || (%p - %p) + %d > %d\n", ++ data_len, count, ++ buf+3, server->packet, data_len, server->packet_size); + result = -EIO; + goto out; + } +@@ -1378,10 +1380,12 @@ + buf = smb_base(server->packet) + data_off; + + /* we can NOT simply trust the info given by the server ... */ +- if (data_len > server->packet_size - (buf - server->packet)) { +- printk(KERN_ERR "smb_proc_read: invalid data length!! " +- "%d > %d - (%p - %p)\n", +- data_len, server->packet_size, buf, server->packet); ++ if (data_len > count || ++ (buf - server->packet) + data_len > server->packet_size) { ++ printk(KERN_ERR "smb_proc_readX: invalid data length/offset!! " ++ "%d > %d || (%p - %p) + %d > %d\n", ++ data_len, count, ++ buf, server->packet, data_len, server->packet_size); + result = -EIO; + goto out; + } +diff -ur linux-2.4.27/fs/smbfs/sock.c linux-2.4.28/fs/smbfs/sock.c +--- linux-2.4.27/fs/smbfs/sock.c 2004-11-12 19:32:24.000000000 +0000 ++++ linux-2.4.28/fs/smbfs/sock.c 2004-11-19 20:18:27.000000000 +0000 +@@ -571,7 +571,11 @@ + parm_disp, parm_offset, parm_count, + data_disp, data_offset, data_count); + *parm = base + parm_offset; ++ if (*parm - inbuf + parm_tot > server->packet_size) ++ goto out_bad_parm; + *data = base + data_offset; ++ if (*data - inbuf + data_tot > server->packet_size) ++ goto out_bad_data; + goto success; + } + +@@ -591,6 +595,8 @@ + rcv_buf = smb_vmalloc(buf_len); + if (!rcv_buf) + goto out_no_mem; ++ memset(rcv_buf, 0, buf_len); ++ + *parm = rcv_buf; + *data = rcv_buf + total_p; + } else if (data_tot > total_d || parm_tot > total_p) +@@ -598,8 +604,12 @@ + + if (parm_disp + parm_count > total_p) + goto out_bad_parm; ++ if (parm_offset + parm_count > server->packet_size) ++ goto out_bad_parm; + if (data_disp + data_count > total_d) + goto out_bad_data; ++ if (data_offset + data_count > server->packet_size) ++ goto out_bad_data; + memcpy(*parm + parm_disp, base + parm_offset, parm_count); + memcpy(*data + data_disp, base + data_offset, data_count); + +@@ -610,8 +620,11 @@ + * Check whether we've received all of the data. Note that + * we use the packet totals -- total lengths might shrink! + */ +- if (data_len >= data_tot && parm_len >= parm_tot) ++ if (data_len >= data_tot && parm_len >= parm_tot) { ++ data_len = data_tot; ++ parm_len = parm_tot; + break; ++ } + } + + /* +@@ -625,6 +638,9 @@ + server->packet = rcv_buf; + rcv_buf = inbuf; + } else { ++ if (parm_len + data_len > buf_len) ++ goto out_data_grew; ++ + PARANOIA("copying data, old size=%d, new size=%u\n", + server->packet_size, buf_len); + memcpy(inbuf, rcv_buf, parm_len + data_len); diff --git a/sys-kernel/openmosix-sources/openmosix-sources-2.4.24-r8.ebuild b/sys-kernel/openmosix-sources/openmosix-sources-2.4.24-r8.ebuild new file mode 100644 index 000000000000..c2cdcf7afddb --- /dev/null +++ b/sys-kernel/openmosix-sources/openmosix-sources-2.4.24-r8.ebuild @@ -0,0 +1,72 @@ +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/openmosix-sources/openmosix-sources-2.4.24-r8.ebuild,v 1.1 2004/11/25 14:59:37 voxus Exp $ +#OKV=original kernel version, KV=patched kernel version. They can be the same. + +ETYPE="sources" +inherit kernel eutils + +OKV="2.4.24" +OMV="2" +[ "${PR}" == "r0" ] && KV=${PV/_/-}-openmosix || KV=${PV/_/-}-openmosix-${PR} +S=${WORKDIR}/linux-${KV} + +# What's in this kernel? + +# INCLUDED: +# 2.4.22, plus: +# 2.4.22 openmosix-2.4.22-3 +# various security patches + +DESCRIPTION="Full sources for the Gentoo openMosix Linux kernel" +SRC_URI="mirror://kernel/linux/kernel/v2.4/linux-${OKV}.tar.bz2 +mirror://sourceforge/openmosix/openMosix-${OKV}-${OMV}.bz2 +http://dev.gentoo.org/~plasmaroo/patches/kernel/misc/security/linux-2.4.23-CAN-2004-0415.patch +http://dev.gentoo.org/~plasmaroo/patches/kernel/misc/security/linux-2.4.26-CAN-2004-0814.patch +mirror://gentoo/linux-2.4.27-nfs3-xdr.patch.bz2" + +PROVIDE="virtual/linux-sources" +HOMEPAGE="http://www.kernel.org/ http://www.gentoo.org/ http://www.openmosix.org/" +LICENSE="GPL-2" +SLOT="${KV}" +KEYWORDS="-* ~x86" +IUSE="" + +src_unpack() { + unpack linux-${OKV}.tar.bz2 + mv linux-${OKV} linux-${KV} || die + cd linux-${KV} + + epatch ${DISTDIR}/openMosix-${OKV}-${OMV}.bz2 || die "openMosix patch failed" + + epatch ${FILESDIR}/${PN}.CAN-2003-0985.patch || die "Security patch failed" + epatch ${FILESDIR}/${PN}.CAN-2004-0001.patch || die "Security patch failed" + epatch ${FILESDIR}/${PN}.CAN-2004-0010.patch || die "Security patch failed" + epatch ${FILESDIR}/${PN}.CAN-2004-0109.patch || die "Security patch failed" + epatch ${FILESDIR}/${PN}.CAN-2004-0177.patch || die "Security patch failed" + epatch ${FILESDIR}/${PN}.CAN-2004-0178.patch || die "Security patch failed" + epatch ${FILESDIR}/${PN}.CAN-2004-0181.patch || die "Security patch failed" + epatch ${FILESDIR}/${PN}.CAN-2004-0495.patch || die "Security patch failed" + epatch ${FILESDIR}/${PN}.CAN-2004-0497.patch || die "Security patch failed" + epatch ${FILESDIR}/${PN}.CAN-2004-0535.patch || die "Security patch failed" + epatch ${FILESDIR}/${PN}.CAN-2004-0685.patch || die "Security patch failed" + epatch ${FILESDIR}/cmdline-proc-fix.patch || die "Security patch failed" + epatch ${FILESDIR}/${PN}-binfmt_elf.patch || die "Security patch failed" + + epatch ${DISTDIR}/linux-2.4.23-CAN-2004-0415.patch || die "Failed to add CAN-2004-0415" + epatch ${DISTDIR}/linux-2.4.26-CAN-2004-0814.patch || die "Failed to add CAN-2004-0814" + epatch ${FILESDIR}/${PN}.CAN-2004-0841-fix_ldisc_switch.patch || die "Antipatch failed." + epatch ${DISTDIR}/linux-2.4.27-nfs3-xdr.patch.bz2 || die "Failed to add nfs3-xdk patch" + epatch ${FILESDIR}/${PN}-${PV}-smbfs.patch || die "Failed to add smbfs patch" + + kernel_universal_unpack +} + +pkg_postinst() { + [ "$ETYPE" = "headers" ] && return + if [ ! -e ${ROOT}usr/src/linux ] + then + rm -f ${ROOT}usr/src/linux + ln -sf linux-${KV} ${ROOT}/usr/src/linux + fi +} diff --git a/sys-kernel/openmosix-sources/openmosix-sources-2.4.27-r4.ebuild b/sys-kernel/openmosix-sources/openmosix-sources-2.4.27-r5.ebuild index 0c84a87c97a1..cd662434d6bf 100644 --- a/sys-kernel/openmosix-sources/openmosix-sources-2.4.27-r4.ebuild +++ b/sys-kernel/openmosix-sources/openmosix-sources-2.4.27-r5.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/openmosix-sources/openmosix-sources-2.4.27-r4.ebuild,v 1.2 2004/11/16 11:49:08 voxus Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/openmosix-sources/openmosix-sources-2.4.27-r5.ebuild,v 1.1 2004/11/25 14:59:37 voxus Exp $ #OKV=original kernel version, KV=patched kernel version. They can be the same. ETYPE="sources" @@ -39,6 +39,7 @@ src_unpack() { epatch ${DISTDIR}/linux-${PV}-CAN-2004-0814.patch || die "security patch for CAN-2004-0814 failed." epatch ${FILESDIR}/${PN}.CAN-2004-0841-fix_ldisc_switch.patch || die "fix for CAN-2004-0814 patch failed." epatch ${DISTDIR}/linux-${PV}-nfs3-xdr.patch.bz2 || die "security patch for nfs3-xdk failed." - epatch ${FILESDIR}/openmosix-sources-binfmt_elf.patch || die "Security patch for binfmt_elf failed." + epatch ${FILESDIR}/${PN}-binfmt_elf.patch || die "Security patch for binfmt_elf failed." + epatch ${FILESDIR}/${PN}-${PV}-smbfs.patch kernel_universal_unpack } |