summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobert Buchholz <rbu@gentoo.org>2007-09-08 17:41:26 +0000
committerRobert Buchholz <rbu@gentoo.org>2007-09-08 17:41:26 +0000
commit2fd03079ac1a1451e96b28fa0ee30169996a989d (patch)
tree2efbc5a826423bda40b11f8be7ef4fc16814c263 /trunk/2.6.18/00000_README
parentReleasing 2.6.20-2 (diff)
downloadxen-2fd03079ac1a1451e96b28fa0ee30169996a989d.tar.gz
xen-2fd03079ac1a1451e96b28fa0ee30169996a989d.tar.bz2
xen-2fd03079ac1a1451e96b28fa0ee30169996a989d.zip
New 2.6.18 security patches for testing
svn path=/patches/; revision=41
Diffstat (limited to 'trunk/2.6.18/00000_README')
-rw-r--r--trunk/2.6.18/00000_README25
1 files changed, 25 insertions, 0 deletions
diff --git a/trunk/2.6.18/00000_README b/trunk/2.6.18/00000_README
index 2cd2f31..905c7e4 100644
--- a/trunk/2.6.18/00000_README
+++ b/trunk/2.6.18/00000_README
@@ -136,6 +136,31 @@ Patches
30024_drm-i965.patch
Dependency for 30022_i965-secure-batchbuffer.patch
+30025_ipv4-fib_props-out-of-bounds.patch
+ [SECURITY] Fix a typo which caused fib_props[] to be of the wrong size
+ and check for out of bounds condition in index provided by userspace
+ See CVE-2007-2172
+
+30027_cpuset_tasks-underflow.patch
+ [SECURITY] Fix integer underflow in /dev/cpuset/tasks which could allow
+ local attackers to read sensitive kernel memory if the cpuset filesystem
+ is mounted.
+ See CVE-2007-2875
+
+30028_random-bound-check-ordering.patch
+ [SECURITY] Fix stack-based buffer overflow in the random number
+ generator
+ See CVE-2007-3105
+
+30029_cifs-fix-sign-settings.patch
+ [SECURITY] Fix overriding the server to force signing on caused by
+ checking the wrong gloal variable.
+ See CVE-2007-3843
+
+30030_aacraid-ioctl-perm-check.patch
+ [SECURITY] Require admin capabilities to issue ioctls to aacraid devices
+ See CVE-2007-4308
+
50001_make-install.patch
Handle make install in a semi-sane way that plays nice with
split domU/dom0 kernels.