[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[plamo:28274] linux-2.6.22.1が出ていました。



  名倉 です。

 朝おきたらlinux-2.6.22.1でした。
 以下はChangeLogのコピーです。

 commit f44bba1a92e01bbab6ca9817b86ddf9e1744a616
 Author: Greg Kroah-Hartman <gregkh@xxxxxxx>
 Date:   Tue Jul 10 11:56:30 2007 -0700

    Linux 2.6.22.1
    
    Ok, so it was more than just 5 minutes for the first exploit to be
    found, nothing to be ashamed about :)
    
    Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxx>

 commit 8b1d585987bbac55cde85650b47b8eaebce54e13
 Author: Patrick McHardy <kaber@xxxxxxxxx>
 Date:   Tue Jun 5 14:14:22 2007 +0200

    NETFILTER: {ip, nf}_conntrack_sctp: fix remotely triggerable NULL ptr dereference (CVE-2007-2876)
    
    When creating a new connection by sending an unknown chunk type, we
    don't transition to a valid state, causing a NULL pointer dereference in
    sctp_packet when accessing sctp_timeouts[SCTP_CONNTRACK_NONE].
    
    Fix by don't creating new conntrack entry if initial state is invalid.
    
    Noticed by Vilmos Nebehaj <vilmos.nebehaj@xxxxxxxxx>
    
    CC: Kiran Kumar Immidi <immidi_kiran@xxxxxxxxx>
    Cc: David Miller <davem@xxxxxxxxxxxxx>
    Signed-off-by: Patrick McHardy <kaber@xxxxxxxxx>
    Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxx>
    Signed-off-by: Chris Wright <chrisw@xxxxxxxxxxxx>

 今のところlinux-2.6.21.y linux-2.6.20.y はlinux-2.6.21.6,2.6.20.15で変化ないようです。




Follow-Ups
[plamo:28279] Re: linux-2.6.22.1が出ていました。, KOJIMA Mitsuhiro

[検索ページ] [メール一覧]
Plamo ML 公開システム