bump to latest version
This commit is contained in:
parent
98e672d298
commit
8021bd1421
@ -1,35 +0,0 @@
|
||||
From 6e601a53566d84e1ffd25e7b6fe0b6894ffd79c0 Mon Sep 17 00:00:00 2001
|
||||
From: Mathias Krause <minipli@googlemail.com>
|
||||
Date: Sat, 23 Feb 2013 01:13:47 +0000
|
||||
Subject: [PATCH] sock_diag: Fix out-of-bounds access to sock_diag_handlers[]
|
||||
|
||||
Userland can send a netlink message requesting SOCK_DIAG_BY_FAMILY
|
||||
with a family greater or equal then AF_MAX -- the array size of
|
||||
sock_diag_handlers[]. The current code does not test for this
|
||||
condition therefore is vulnerable to an out-of-bound access opening
|
||||
doors for a privilege escalation.
|
||||
|
||||
Signed-off-by: Mathias Krause <minipli@googlemail.com>
|
||||
Acked-by: Eric Dumazet <edumazet@google.com>
|
||||
Signed-off-by: David S. Miller <davem@davemloft.net>
|
||||
---
|
||||
net/core/sock_diag.c | 3 +++
|
||||
1 files changed, 3 insertions(+), 0 deletions(-)
|
||||
|
||||
diff --git a/net/core/sock_diag.c b/net/core/sock_diag.c
|
||||
index 602cd63..750f44f 100644
|
||||
--- a/net/core/sock_diag.c
|
||||
+++ b/net/core/sock_diag.c
|
||||
@@ -121,6 +121,9 @@ static int __sock_diag_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
|
||||
if (nlmsg_len(nlh) < sizeof(*req))
|
||||
return -EINVAL;
|
||||
|
||||
+ if (req->sdiag_family >= AF_MAX)
|
||||
+ return -EINVAL;
|
||||
+
|
||||
hndl = sock_diag_lock_handler(req->sdiag_family);
|
||||
if (hndl == NULL)
|
||||
err = -ENOENT;
|
||||
--
|
||||
1.7.6.5
|
||||
|
27
PKGBUILD
27
PKGBUILD
@ -4,27 +4,20 @@
|
||||
pkgbase=linux # Build stock -ARCH kernel
|
||||
#pkgbase=linux-custom # Build kernel with a different name
|
||||
_srcname=linux-3.8
|
||||
pkgver=3.8
|
||||
pkgrel=2
|
||||
pkgver=3.8.1
|
||||
pkgrel=1
|
||||
arch=('i686' 'x86_64')
|
||||
url="http://www.kernel.org/"
|
||||
license=('GPL2')
|
||||
makedepends=('xmlto' 'docbook-xsl')
|
||||
options=('!strip')
|
||||
source=("http://www.kernel.org/pub/linux/kernel/v3.x/${_srcname}.tar.xz"
|
||||
#"http://www.kernel.org/pub/linux/kernel/v3.x/patch-${pkgver}.xz"
|
||||
"http://www.kernel.org/pub/linux/kernel/v3.x/patch-${pkgver}.xz"
|
||||
# the main kernel config files
|
||||
'config' 'config.x86_64'
|
||||
# standard config files for mkinitcpio ramdisk
|
||||
'linux.preset'
|
||||
'change-default-console-loglevel.patch'
|
||||
'CVE-2013-1763.patch')
|
||||
md5sums=('1c738edfc54e7c65faeb90c436104e2f'
|
||||
'9710fb1b1e08eb1fc5214dc2fb34ebcc'
|
||||
'03b1dad90f3558dba3031901398c1ca4'
|
||||
'eb14dcfd80c00852ef81ded6e826826a'
|
||||
'9d3c56a4b999c8bfbd4018089a62f662'
|
||||
'420991808fe4cba143013427c0737aa9')
|
||||
'change-default-console-loglevel.patch')
|
||||
|
||||
_kernelname=${pkgbase#linux}
|
||||
|
||||
@ -32,15 +25,11 @@ build() {
|
||||
cd "${srcdir}/${_srcname}"
|
||||
|
||||
# add upstream patch
|
||||
# patch -p1 -i "${srcdir}/patch-${pkgver}"
|
||||
patch -p1 -i "${srcdir}/patch-${pkgver}"
|
||||
|
||||
# add latest fixes from stable queue, if needed
|
||||
# http://git.kernel.org/?p=linux/kernel/git/stable/stable-queue.git
|
||||
|
||||
# Fix security vulnetability CVE-2013-1763.patch
|
||||
# https://bugs.archlinux.org/task/34005
|
||||
patch -Np1 -i "${srcdir}/CVE-2013-1763.patch"
|
||||
|
||||
# set DEFAULT_CONSOLE_LOGLEVEL to 4 (same value as the 'quiet' kernel param)
|
||||
# remove this when a Kconfig knob is made available by upstream
|
||||
# (relevant patch sent upstream: https://lkml.org/lkml/2011/7/26/227)
|
||||
@ -320,3 +309,9 @@ for _p in ${pkgname[@]}; do
|
||||
done
|
||||
|
||||
# vim:set ts=8 sts=2 sw=2 et:
|
||||
md5sums=('1c738edfc54e7c65faeb90c436104e2f'
|
||||
'50a68679086c346dddb34dedccfae7ee'
|
||||
'307107a8b15060e6fc0e48bdaacaed06'
|
||||
'03b1dad90f3558dba3031901398c1ca4'
|
||||
'eb14dcfd80c00852ef81ded6e826826a'
|
||||
'9d3c56a4b999c8bfbd4018089a62f662')
|
||||
|
@ -1,33 +0,0 @@
|
||||
From: Dave Reisner <dreisner@archlinux.org>
|
||||
Date: Thu, 29 Nov 2012 03:18:52 +0000 (+1100)
|
||||
Subject: fs/fat: strip "cp" prefix from codepage in display
|
||||
X-Git-Tag: next-20121130~1^2~97
|
||||
X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Fnext%2Flinux-next.git;a=commitdiff_plain;h=f15914873184cc3f2a8d590fa4f7e32ab0a8a405
|
||||
|
||||
fs/fat: strip "cp" prefix from codepage in display
|
||||
|
||||
Option parsing code expects an unsigned integer for the codepage option,
|
||||
but prefixes and stores this option with "cp" before passing to
|
||||
load_nls(). This makes the displayed option in /proc an invalid one.
|
||||
Strip the prefix when printing so that the displayed option is valid for
|
||||
reuse.
|
||||
|
||||
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
|
||||
Acked-by: OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>
|
||||
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
|
||||
---
|
||||
|
||||
diff --git a/fs/fat/inode.c b/fs/fat/inode.c
|
||||
index 3b733a7..3580681 100644
|
||||
--- a/fs/fat/inode.c
|
||||
+++ b/fs/fat/inode.c
|
||||
@@ -726,7 +726,8 @@ static int fat_show_options(struct seq_file *m, struct dentry *root)
|
||||
if (opts->allow_utime)
|
||||
seq_printf(m, ",allow_utime=%04o", opts->allow_utime);
|
||||
if (sbi->nls_disk)
|
||||
- seq_printf(m, ",codepage=%s", sbi->nls_disk->charset);
|
||||
+ /* strip "cp" prefix from displayed option */
|
||||
+ seq_printf(m, ",codepage=%s", &sbi->nls_disk->charset[2]);
|
||||
if (isvfat) {
|
||||
if (sbi->nls_io)
|
||||
seq_printf(m, ",iocharset=%s", sbi->nls_io->charset);
|
@ -2,7 +2,7 @@
|
||||
# arg 2: the old package version
|
||||
|
||||
KERNEL_NAME=
|
||||
KERNEL_VERSION=3.8.0-2-ARCH
|
||||
KERNEL_VERSION=3.8.1-1-ARCH
|
||||
|
||||
# set a sane PATH to ensure that critical utils like depmod will be found
|
||||
export PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
|
||||
|
Loading…
Reference in New Issue
Block a user