Summary: | sys-kernel/*: file offset pointer handling vulnerability | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Carsten Lohrke (RETIRED) <carlo> |
Component: | Kernel | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | gregkh, hanno, hp-cluster |
Priority: | High | Flags: | plasmaroo:
Assigned_To?
(plasmaroo) |
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
URL: | http://isec.pl/vulnerabilities/isec-0016-procleaks.txt | ||
Whiteboard: | A4 [kernel] | ||
Package list: | Runtime testing required: | --- |
Description
Carsten Lohrke (RETIRED)
2004-08-04 04:34:37 UTC
CAN-2004-0415 Patched in grsec-sources-2.4.26.2.0-r7.ebuild with http://dev.gentoo.org/~plasmaroo/patches/kernel/misc/security/linux-2.4.26-CAN-2004-0415.patch Note to other kernel maintainers. This patch is 80k and thus to large for ${FILESDIR} so please use the SRC_URI= Patches for 2.4.{19, 2[0123456]} as well as 2.6.7 are also there at http://dev.gentoo.org/~plasmaroo/patches/kernel/misc/security/... hardened-sources patched (2.4.26-r4). rsbac-(dev-)sources patched All done, everything should now be patched. The following sources remain, and I'm adding their maintainers to the CC list: gentoo-dev-sources: Adding gregkh... hardened-dev-sources: hardened@gentoo.org is already on the list... hppa-(dev-)sources: Adding GMSoft... mips-sources: Adding `Kumba... openmosix-sources: Adding cluster herd... {ppc, pegasos(dev-)}-sources: Adding dholm... sparc-sources: Adding Joker... selinux-sources: Ading pebenito... openmosix-sources patched mips-sources fixed. gentoo-dev-sources fixed in release 2.6.7-r12 Fixed in hardened-dev-sources. ppc-sources, pegasos-sources, and pegasos-dev-sources have been fixed. Removing hardened@ but leaving pebenito@ on the list for selinux-sources Fixed on hppa. sparc-sources-2.4.27 is out and stable courtesy of Joker, fixed. Joker: i'm just removing sparc@ from this, feel free to remove yourself. sparc-sources-2.4.27 released selinux-src fixed GLSA 200408-24. |