git.neil.brown.name Git - history.git/commit

author	Alan Cox <alan@lxorguk.ukuu.org.uk>
	Fri, 23 Nov 2007 20:24:54 +0000 (15:24 -0500)
committer	Alan Cox <alan@lxorguk.ukuu.org.uk>
	Fri, 23 Nov 2007 20:24:54 +0000 (15:24 -0500)
commit	04c91a30f078eb1559325c84dec803d231929d83
tree	92f5dd5b7f627159868f5f38ca9473c8ab5f03fa	tree \| snapshot
parent	002d3642bb024ab106e03a60f2b5105af65511a6	commit \| diff

Linux 2.2.27-rc2

o       CAN-2005-0001: fixed expand_stack() SMP race            (Redhat)
o       CAN-2004-0883, CAN-2004-0949: smbfs: fixed client       (Stefan Esser)
          overflow. There are two bugs in the handling of SMB
          responses that result in remote kernel overflows. Due
          to the nature of the bugs both seem to be very hard
          to exploit (in the sense of remote code execution or
          local privilege escalation) but are trivial remote
          kernel crashes.
o       rose_rt_ioctl: lack of bounds checking                  (Coverity)
o       sdla_xfer: lack of bounds checking                      (Coverity)
o       coda: bounds checking for tainted scalars               (Coverity)
o       sendmsg compat wrapper fixes for 64bit compat mode      (Olaf Kirch)

ChangeLog-2.2.27		diff \| blob \| history
MAINTAINERS		diff \| blob \| history
Makefile		diff \| blob \| history
arch/sparc64/kernel/sys_sparc32.c		diff \| blob \| history
fs/coda/upcall.c		diff \| blob \| history
fs/smbfs/proc.c		diff \| blob \| history
fs/smbfs/sock.c		diff \| blob \| history
include/linux/coda.h		diff \| blob \| history
include/linux/mm.h		diff \| blob \| history
net/rose/rose_route.c		diff \| blob \| history