[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[plamo:28274] linux-2.6.22.1が出ていました。
-
From:名倉昭一
-
Date:Wed, 11 Jul 2007 08:00:12 +0900 (JST)
- Subject: [plamo:28274] linux-2.6.22.1が出ていました。
- From: 名倉昭一<nagura-s@xxxxxxxxxxxx>
- Date: Wed, 11 Jul 2007 08:00:10 +0900
名倉 です。
朝おきたらlinux-2.6.22.1でした。
以下はChangeLogのコピーです。
commit f44bba1a92e01bbab6ca9817b86ddf9e1744a616
Author: Greg Kroah-Hartman <gregkh@xxxxxxx>
Date: Tue Jul 10 11:56:30 2007 -0700
Linux 2.6.22.1
Ok, so it was more than just 5 minutes for the first exploit to be
found, nothing to be ashamed about :)
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxx>
commit 8b1d585987bbac55cde85650b47b8eaebce54e13
Author: Patrick McHardy <kaber@xxxxxxxxx>
Date: Tue Jun 5 14:14:22 2007 +0200
NETFILTER: {ip, nf}_conntrack_sctp: fix remotely triggerable NULL ptr dereference (CVE-2007-2876)
When creating a new connection by sending an unknown chunk type, we
don't transition to a valid state, causing a NULL pointer dereference in
sctp_packet when accessing sctp_timeouts[SCTP_CONNTRACK_NONE].
Fix by don't creating new conntrack entry if initial state is invalid.
Noticed by Vilmos Nebehaj <vilmos.nebehaj@xxxxxxxxx>
CC: Kiran Kumar Immidi <immidi_kiran@xxxxxxxxx>
Cc: David Miller <davem@xxxxxxxxxxxxx>
Signed-off-by: Patrick McHardy <kaber@xxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxx>
Signed-off-by: Chris Wright <chrisw@xxxxxxxxxxxx>
今のところlinux-2.6.21.y linux-2.6.20.y はlinux-2.6.21.6,2.6.20.15で変化ないようです。
- Follow-Ups
-
- [plamo:28279] Re: linux-2.6.22.1が出ていました。, KOJIMA Mitsuhiro
[検索ページ]
[メール一覧]
Plamo ML 公開システム