git.neil.brown.name Git - history.git/commit

author	Alan Cox <alan@lxorguk.ukuu.org.uk>
	Fri, 23 Nov 2007 20:24:52 +0000 (15:24 -0500)
committer	Alan Cox <alan@lxorguk.ukuu.org.uk>
	Fri, 23 Nov 2007 20:24:52 +0000 (15:24 -0500)
commit	002d3642bb024ab106e03a60f2b5105af65511a6
tree	2e81c18b9b7016533d53c8b745df000fffc1f60d	tree \| snapshot
parent	f86c6e18b7b1d43f1feacf9a7e5ef11ac4c4d77f	commit \| diff

Linux 2.2.27-rc1

o       CAN-2004-0497: fixed missing DAC check on sys_chown     (Thomas Biege)
o       CAN-2004-1016: fixed a buffer overflow vulnerability    (Paul Starzetz)
          in the "__scm_send" function which handles the sending
          of UDP network packets. A wrong validity check of the
          cmsghdr structure allowed a local attacker to modify
          kernel memory, thus causing an endless loop (DoS) or
          possibly even root privilege escalation.
o       CAN-2004-1333: fixed integer overflow in the vc_resize  (Georgi Guninski)
          function allows local users to cause a denial of
          service (kernel crash) via a short new screen value,
          which leads to a buffer overflow. Make sure VC
          resizing fits in s16.
o       If the user makes ip_cmsg_send call ip_options_get      (Georgi Guninski)
          multiple times, we leak kmalloced IP options data.
o       fixed moxa serial bound checking issue                  (Alan Cox)
o       menu cleanups                                           (Marc-Christian Petersen)

ChangeLog-2.2.27		diff \| blob \| history
Makefile		diff \| blob \| history
arch/alpha/config.in		diff \| blob \| history
arch/alpha/defconfig		diff \| blob \| history
arch/arm/config.in		diff \| blob \| history
arch/arm/defconfig		diff \| blob \| history
arch/i386/config.in		diff \| blob \| history
arch/i386/defconfig		diff \| blob \| history
arch/m68k/config.in		diff \| blob \| history
arch/m68k/defconfig		diff \| blob \| history
arch/mips/config.in		diff \| blob \| history
arch/mips/defconfig		diff \| blob \| history
arch/ppc/config.in		diff \| blob \| history
arch/ppc/defconfig		diff \| blob \| history
arch/s390/config.in		diff \| blob \| history
arch/sparc/config.in		diff \| blob \| history
arch/sparc/defconfig		diff \| blob \| history
arch/sparc64/config.in		diff \| blob \| history
drivers/acorn/scsi/Config.in		diff \| blob \| history
drivers/cdrom/Config.in		diff \| blob \| history
drivers/char/Config.in		diff \| blob \| history
drivers/char/console.c		diff \| blob \| history
drivers/char/drm/Config.in		diff \| blob \| history
drivers/char/ftape/Config.in		diff \| blob \| history
drivers/char/hfmodem/Config.in		diff \| blob \| history
drivers/char/moxa.c		diff \| blob \| history
drivers/net/Config.in		diff \| blob \| history
drivers/net/hamradio/Config.in		diff \| blob \| history
drivers/scsi/Config.in		diff \| blob \| history
drivers/sound/Config.in		diff \| blob \| history
drivers/sound/lowlevel/Config.in		diff \| blob \| history
drivers/telephony/Config.in		diff \| blob \| history
drivers/video/Config.in		diff \| blob \| history
fs/Config.in		diff \| blob \| history
fs/attr.c		diff \| blob \| history
fs/ncpfs/Config.in		diff \| blob \| history
include/linux/socket.h		diff \| blob \| history
net/Config.in		diff \| blob \| history
net/ax25/Config.in		diff \| blob \| history
net/core/scm.c		diff \| blob \| history
net/ipv4/Config.in		diff \| blob \| history
net/ipv4/ip_options.c		diff \| blob \| history
net/ipv4/ip_sockglue.c		diff \| blob \| history
net/ipv6/Config.in		diff \| blob \| history
net/ipv6/datagram.c		diff \| blob \| history
net/ipx/Config.in		diff \| blob \| history
net/sched/Config.in		diff \| blob \| history