[plamo:28268] Re: linux-2.6.22が出ました。(追記)

[名倉昭一]

  　名倉@自己レス です。
 
> 　　linux-2.6.22が出ました。
> 
> 　　以下ChangeLogの抜粋ですが
> 
> 　　commit 5afeb104e7901168b21aad0437fb51dc620dfdd3
> 　　Author: Oliver Neukum <oneukum@xxxxxxx>
> 　　Date:   Mon Jun 11 15:36:02 2007 +0200
> 
> 　    USB: usblcd doesn't limit memory consumption during write
>     
>   　  usblcd currently has no way to limit memory consumption by fast writers.
>     　This is a security problem, as it allows users with write access to this
>     　device to drive the system into oom despite resource limits.
>     　Here's the fix taken from the modern skeleton driver.
>     
>     Signed-off-by: Oliver Neukum <oneukum@xxxxxxx>
>     Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxx>
> 
> 　　http://secunia.com/advisories/25895/
> 　　http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3513
> 　　の修正のようです?
> 
      以下は
　　　http://secunia.com/advisories/25955/
　　　の修正のようです。

　　　commit 25845b5155b55cd77e42655ec24161ba3feffa47
　　　Author: Jing Min Zhao <zhaojingmin@xxxxxxxxxxxx>
　　　Date:   Thu Jul 5 17:05:01 2007 -0700

　　    [NETFILTER]: nf_conntrack_h323: add checking of out-of-range on choices' index values
    
    　　Choices' index values may be out of range while still encoded in the fixed
    　　length bit-field. This bug may cause access to undefined types (NULL
    　　pointers) and thus crashes (Reported by Zhongling Wen).
    
   　　 This patch also adds checking of decode flag when decoding SEQUENCEs.
    
    　Signed-off-by: Jing Min Zhao <zhaojingmin@xxxxxxxxxxxx>
    　Signed-off-by: Patrick McHardy <kaber@xxxxxxxxx>
    　Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>

　　　linux-2.6.20.y linux-2.6.21.y にも　http://secunia.com/advisories/25955/　に;
　　　対応した。linux-2.6.20.15 linux-2.6.21.6が出ています。