[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[plamo:28268] Re: linux-2.6.22が出ました。(追記)
-
From:名倉昭一
-
Date:Tue, 10 Jul 2007 09:20:54 +0900 (JST)
- Subject: [plamo:28268] Re: linux-2.6.22が出ました。(追記)
- From: 名倉昭一<nagura-s@xxxxxxxxxxxx>
- Date: Tue, 10 Jul 2007 09:20:52 +0900
名倉@自己レス です。
> linux-2.6.22が出ました。
>
> 以下ChangeLogの抜粋ですが
>
> commit 5afeb104e7901168b21aad0437fb51dc620dfdd3
> Author: Oliver Neukum <oneukum@xxxxxxx>
> Date: Mon Jun 11 15:36:02 2007 +0200
>
> USB: usblcd doesn't limit memory consumption during write
>
> usblcd currently has no way to limit memory consumption by fast writers.
> This is a security problem, as it allows users with write access to this
> device to drive the system into oom despite resource limits.
> Here's the fix taken from the modern skeleton driver.
>
> Signed-off-by: Oliver Neukum <oneukum@xxxxxxx>
> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxx>
>
> http://secunia.com/advisories/25895/
> http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3513
> の修正のようです?
>
以下は
http://secunia.com/advisories/25955/
の修正のようです。
commit 25845b5155b55cd77e42655ec24161ba3feffa47
Author: Jing Min Zhao <zhaojingmin@xxxxxxxxxxxx>
Date: Thu Jul 5 17:05:01 2007 -0700
[NETFILTER]: nf_conntrack_h323: add checking of out-of-range on choices' index values
Choices' index values may be out of range while still encoded in the fixed
length bit-field. This bug may cause access to undefined types (NULL
pointers) and thus crashes (Reported by Zhongling Wen).
This patch also adds checking of decode flag when decoding SEQUENCEs.
Signed-off-by: Jing Min Zhao <zhaojingmin@xxxxxxxxxxxx>
Signed-off-by: Patrick McHardy <kaber@xxxxxxxxx>
Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
linux-2.6.20.y linux-2.6.21.y にも http://secunia.com/advisories/25955/ に;
対応した。linux-2.6.20.15 linux-2.6.21.6が出ています。
- References
-
- [plamo:28267] linux-2.6.22が出ました。, 名倉昭一
[検索ページ]
[メール一覧]
Plamo ML 公開システム