Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/sys-kernel
diff options
context:
space:
mode:
authorNed Ludd <solar@gentoo.org>2004-06-17 14:52:48 +0000
committerNed Ludd <solar@gentoo.org>2004-06-17 14:52:48 +0000
commited826bf23901ce7dc1c4cbc1d317940be10299b0 (patch)
treea1bf432f804fa83726453823eaa054d54f4194d2 /sys-kernel
parentstable on x86. (diff)
downloadhistorical-ed826bf23901ce7dc1c4cbc1d317940be10299b0.tar.gz
historical-ed826bf23901ce7dc1c4cbc1d317940be10299b0.tar.bz2
historical-ed826bf23901ce7dc1c4cbc1d317940be10299b0.zip
fix i2c integer overflow vulnerability during the allocation of memory. bug #54164. PaX force randomization to always at least PAGE_SIZE big. Allows glibc to be compiled with binutils-2.15 and USE=hardened
Diffstat (limited to 'sys-kernel')
-rw-r--r--sys-kernel/grsec-sources/ChangeLog11
-rw-r--r--sys-kernel/grsec-sources/Manifest12
-rw-r--r--sys-kernel/grsec-sources/files/2.4.26-i2cproc_bus_read.patch12
-rw-r--r--sys-kernel/grsec-sources/files/2.4.26-pax-binfmt_elf-page-size.patch11
-rw-r--r--sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.26.2.0-r4 (renamed from sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.26.2.0-r2)0
-rw-r--r--sys-kernel/grsec-sources/grsec-sources-2.4.26.2.0-r4.ebuild (renamed from sys-kernel/grsec-sources/grsec-sources-2.4.26.2.0-r2.ebuild)23
6 files changed, 49 insertions, 20 deletions
diff --git a/sys-kernel/grsec-sources/ChangeLog b/sys-kernel/grsec-sources/ChangeLog
index b106a20a71ea..4f404f8655da 100644
--- a/sys-kernel/grsec-sources/ChangeLog
+++ b/sys-kernel/grsec-sources/ChangeLog
@@ -1,6 +1,15 @@
# ChangeLog for sys-kernel/grsec-sources
# Copyright 2000-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/ChangeLog,v 1.22 2004/06/15 17:03:18 solar Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/ChangeLog,v 1.23 2004/06/17 14:52:48 solar Exp $
+
+*grsec-sources-2.4.26.2.0-r4 (17 Jun 2004)
+
+ 17 Jun 2004; <solar@gentoo.org> grsec-sources-2.4.26.2.0-r2.ebuild,
+ grsec-sources-2.4.26.2.0-r4.ebuild, files/2.4.26-i2cproc_bus_read.patch,
+ files/2.4.26-pax-binfmt_elf-page-size.patch:
+ fix i2c integer overflow vulnerability during the allocation of memory. bug
+ #54164. PaX force randomization to always at least PAGE_SIZE big. Allows glibc
+ to be compiled with binutils-2.15 and USE=hardened
*grsec-sources-2.4.26.2.0-r3 (15 Jun 2004)
diff --git a/sys-kernel/grsec-sources/Manifest b/sys-kernel/grsec-sources/Manifest
index 66b5ef2a12a1..e2a88922fa21 100644
--- a/sys-kernel/grsec-sources/Manifest
+++ b/sys-kernel/grsec-sources/Manifest
@@ -1,9 +1,11 @@
-MD5 e9e4228b4f1044ce22cac07989d15baf ChangeLog 4701
-MD5 55be93f702aaba60b28237ed053d0321 grsec-sources-2.4.26.2.0-r2.ebuild 3321
+MD5 184911b0310e8cc34f9cc3efe296e634 ChangeLog 5150
MD5 570f1e3dd02711fa0b8137580ad1cec4 grsec-sources-2.4.26.2.0-r3.ebuild 2826
+MD5 b9eaa8d4a30d59e6d2f9d64cbd3563be grsec-sources-2.4.26.2.0-r4.ebuild 3066
MD5 140d8af1d66f9f6cd030e7d9902f38d9 metadata.xml 478
-MD5 67eb43cb5340a7a671c2d375c0516888 files/digest-grsec-sources-2.4.26.2.0-r2 143
-MD5 3dac23b6e285462a7cda41505cc698e1 files/2.4.26-CAN-2004-0394.patch 319
+MD5 b293289df61d6f42ff54e4e0ceae53cf files/2.4.24-x86.config 2397
MD5 c47b7075dd1e065b09bb08936c1901a1 files/2.4.26-signal-race.patch 365
+MD5 3dac23b6e285462a7cda41505cc698e1 files/2.4.26-CAN-2004-0394.patch 319
MD5 67eb43cb5340a7a671c2d375c0516888 files/digest-grsec-sources-2.4.26.2.0-r3 143
-MD5 b293289df61d6f42ff54e4e0ceae53cf files/2.4.24-x86.config 2397
+MD5 9d8a823d0e0ada1ec1e84305d1698afa files/2.4.26-i2cproc_bus_read.patch 512
+MD5 36615aa14e3aed91008beeeb406693bf files/2.4.26-pax-binfmt_elf-page-size.patch 427
+MD5 67eb43cb5340a7a671c2d375c0516888 files/digest-grsec-sources-2.4.26.2.0-r4 143
diff --git a/sys-kernel/grsec-sources/files/2.4.26-i2cproc_bus_read.patch b/sys-kernel/grsec-sources/files/2.4.26-i2cproc_bus_read.patch
new file mode 100644
index 000000000000..2f7de0dbe5b3
--- /dev/null
+++ b/sys-kernel/grsec-sources/files/2.4.26-i2cproc_bus_read.patch
@@ -0,0 +1,12 @@
+diff -Nrup linux-2.4.26-grsec-2.0/drivers/i2c/i2c-core.c linux/drivers/i2c/i2c-core.c
+--- linux-2.4.26-grsec-2.0/drivers/i2c/i2c-core.c 2004-02-18 08:36:31.000000000 -0500
++++ linux/drivers/i2c/i2c-core.c 2004-06-17 10:27:36.000000000 -0400
+@@ -625,7 +625,7 @@ ssize_t i2cproc_bus_read(struct file * f
+ size_t len_total;
+ int order[I2C_CLIENT_MAX];
+
+- if (count > 4000)
++ if ((count > 4000) || (count < 0))
+ return -EINVAL;
+ len_total = file->f_pos + count;
+ /* Too bad if this gets longer (unlikely) */
diff --git a/sys-kernel/grsec-sources/files/2.4.26-pax-binfmt_elf-page-size.patch b/sys-kernel/grsec-sources/files/2.4.26-pax-binfmt_elf-page-size.patch
new file mode 100644
index 000000000000..09f39733e90a
--- /dev/null
+++ b/sys-kernel/grsec-sources/files/2.4.26-pax-binfmt_elf-page-size.patch
@@ -0,0 +1,11 @@
+--- linux-2.4.26-grsec-2.0/fs/binfmt_elf.c 2004-06-16 16:38:15.000000000 -0400
++++ linux/fs/binfmt_elf.c 2004-06-17 10:31:21.000000000 -0400
+@@ -1055,7 +1055,7 @@ static int load_elf_binary(struct linux_
+ #endif
+
+ if (current->flags & PF_PAX_RANDMMAP)
+- elf_brk += pax_delta_mask(get_random_long(), 4, PAGE_SHIFT);
++ elf_brk += PAGE_SIZE + pax_delta_mask(get_random_long(), 4, PAGE_SHIFT);
+ #undef pax_delta_mask
+ #endif
+
diff --git a/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.26.2.0-r2 b/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.26.2.0-r4
index 6952b0eafedc..6952b0eafedc 100644
--- a/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.26.2.0-r2
+++ b/sys-kernel/grsec-sources/files/digest-grsec-sources-2.4.26.2.0-r4
diff --git a/sys-kernel/grsec-sources/grsec-sources-2.4.26.2.0-r2.ebuild b/sys-kernel/grsec-sources/grsec-sources-2.4.26.2.0-r4.ebuild
index 15bd9b72e771..a5bff8541039 100644
--- a/sys-kernel/grsec-sources/grsec-sources-2.4.26.2.0-r2.ebuild
+++ b/sys-kernel/grsec-sources/grsec-sources-2.4.26.2.0-r4.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2004 Gentoo Technologies, Inc.
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/grsec-sources-2.4.26.2.0-r2.ebuild,v 1.2 2004/06/17 01:48:57 mr_bones_ Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/grsec-sources/grsec-sources-2.4.26.2.0-r4.ebuild,v 1.1 2004/06/17 14:52:48 solar Exp $
# We control what versions of what we download based on the KEYWORDS we
# are using for the various arches. Thus if we want grsec1 stable we run
@@ -8,7 +8,7 @@
# grsec-2.0-preX which has alot more features.
# the only thing that should ever differ in one of these 1.9.x ebuilds
-# and 2.x of the same kernel version is the KEYWORDS and header.
+# and 2.x of the same kernel version is the KEYWORDS and header.
# shame cvs symlinks don't exist
ETYPE="sources"
@@ -26,8 +26,7 @@ KV="${OKV}${EXTRAVERSION}"
PATCH_SRC_BASE="grsecurity-${PATCH_BASE}-${OKV}.patch.bz2"
# hppa takes a special patch and usually has play catch up between
-# versions of this package we.
-
+# versions of this package.
HPPA_SRC_URI=""
if [ "${ARCH}" == "hppa" ]; then
PARISC_KERNEL_VERSION="pa1"
@@ -39,16 +38,6 @@ fi
DESCRIPTION="Vanilla sources of the linux kernel with the grsecurity ${PATCH_BASE} patch"
-#DYSFUNCTIONAL_SRC_URI="hppa? ( $HPPA_SRC_URI ) \
-# !hppa? ( http://grsecurity.net/grsecurity-${PATCH_BASE}-${OKV}.patch \
-# http://grsecurity.net/grsecurity-${PATCH_BASE}-${OKV}.patch.sign ) \
-# http://www.kernel.org/pub/linux/kernel/v2.4/linux-${OKV}.tar.bz2"
-
-# grr... gotta love it when upstream changes a patch without rolling a revision number.
-#SRC_URI="http://grsecurity.net/grsecurity-${PATCH_BASE}-${OKV}.patch \
-# http://grsecurity.net/grsecurity-${PATCH_BASE}-${OKV}.patch.sign \
-# http://www.kernel.org/pub/linux/kernel/v2.4/linux-${OKV}.tar.bz2"
-
SRC_URI="mirror://gentoo/grsecurity-${PATCH_BASE}-${OKV}.patch.bz2 \
http://www.kernel.org/pub/linux/kernel/v2.4/linux-${OKV}.tar.bz2"
@@ -80,6 +69,12 @@ src_unpack() {
# fix format string problem in panic()
epatch ${FILESDIR}/2.4.26-CAN-2004-0394.patch
+ # Fix local DoS bug #53804
+ epatch ${FILESDIR}/2.4.26-signal-race.patch
+ # i2c integer overflow vulnerability during the allocation of memory
+ epatch ${FILESDIR}/2.4.26-i2cproc_bus_read.patch
+ # patch to force randomization to always at least PAGE_SIZE big.
+ epatch ${FILESDIR}/2.4.26-pax-binfmt_elf-page-size.patch
mkdir docs
touch docs/patches.txt