debian-packaging
/
linux
8
0
Fork 0
Code Releases Activity

* bugfix/all/vserver/net-mount-fix.patch 

Fix mounting of network filesystems with VX_BINARY_MOUNT caps
  (closes: #418076)

svn path=/dists/etch/linux-2.6/; revision=8424
This commit is contained in:
dann frazier 2007-04-06 19:24:02 +00:00
parent ce3f97eb16
commit 0ccae21b22
3 changed files with 17 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
debian/changelog vendored
View File

@ -17,8 +17,11 @@ linux-2.6 (2.6.18.dfsg.1-13) UNRELEASED; urgency=low
[SECURITY] Fix a vulnerability that allows local users to read
otherwise unreadable (but executable) files by triggering a core dump.
See CVE-2007-0958
* bugfix/all/vserver/net-mount-fix.patch
Fix mounting of network filesystems with VX_BINARY_MOUNT caps
(closes: #418076)
-- dann frazier <dannf@debian.org> Wed, 04 Apr 2007 01:38:23 -0600
-- dann frazier <dannf@debian.org> Fri, 06 Apr 2007 13:16:08 -0600
linux-2.6 (2.6.18.dfsg.1-12) unstable; urgency=low

12
debian/patches/bugfix/all/vserver/net-mount-fix.patch vendored Normal file
View File

@ -0,0 +1,12 @@
diff -NurpP --minimal linux-2.6.18.5-vs2.0.2.2-rc9/fs/super.c linux-2.6.18.5-vs2.0.3-rc1/fs/super.c
--- linux-2.6.18.5-vs2.0.2.2-rc9/fs/super.c 2006-09-20 17:59:47 +0200
+++ linux-2.6.18.5-vs2.0.3-rc1/fs/super.c 2006-12-13 23:06:16 +0100
@@ -848,7 +848,7 @@ vfs_kern_mount(struct file_system_type *
sb = mnt->mnt_sb;
error = -EPERM;
- if (!capable(CAP_SYS_ADMIN) && !sb->s_bdev &&
+ if (!vx_capable(CAP_SYS_ADMIN, VXC_BINARY_MOUNT) && !sb->s_bdev &&
(sb->s_magic != PROC_SUPER_MAGIC) &&
(sb->s_magic != DEVPTS_SUPER_MAGIC))
goto out_sb;

1
debian/patches/series/13-extra vendored
View File

@ -1,2 +1,3 @@
+ bugfix/all/vserver/cacct-overflow.patch *_vserver *_xen-vserver
+ bugfix/all/vserver/locks.patch *_vserver *_xen-vserver
+ bugfix/all/vserver/net-mount-fix.patch *_vserver *_xen-vserver