Due to a recently announced security issue with the current kernel, we
(the -stable team) are announcing the release of the 2.6.11.10 kernel.
The diffstat and short summary of the fixes are below.
I'll also be replying to this message with a copy of the patch between
2.6.11.9 and 2.6.11.10, as it is small enough to do so.
Also, the 2.6.11.y tree is now being kept in git. It can be found at:
rsync://rsync.kernel.org/pub/scm/linux/kernel/git/gregkh/linux-2.6.11.y.git
and can be browsed at the normal kernel.org git web browser:
http://www.kernel.org/git/
thanks,
greg k-h
----------
Makefile | 2 +-
drivers/block/ioctl.c | 2 ++
drivers/block/pktcdvd.c | 4 ++--
drivers/char/raw.c | 2 +-
4 files changed, 6 insertions(+), 4 deletions(-)
Summary of changes from v2.6.11.9 to v2.6.11.10
==============================================
Dave Jones:
o Fix root hole in raw device
Greg Kroah-Hartman:
o Linux 2.6.11.10
Peter Osterlund:
o Fix root hole in pktcdvd
diff -Naur linux-2.6.11.9/Makefile linux-2.6.11.10/Makefile
--- linux-2.6.11.9/Makefile 2005-05-11 15:42:25.000000000 -0700
+++ linux-2.6.11.10/Makefile 2005-05-16 10:50:30.000000000 -0700
@@ -1,7 +1,7 @@
VERSION = 2
PATCHLEVEL = 6
SUBLEVEL = 11
-EXTRAVERSION = .9
+EXTRAVERSION = .10
NAME=Woozy Beaver
# *DOCUMENTATION*
diff -Naur linux-2.6.11.9/drivers/block/ioctl.c linux-2.6.11.10/drivers/block/ioctl.c
--- linux-2.6.11.9/drivers/block/ioctl.c 2005-05-11 15:41:10.000000000 -0700
+++ linux-2.6.11.10/drivers/block/ioctl.c 2005-05-16 10:50:31.000000000 -0700
@@ -237,3 +237,5 @@
}
return ret;
}
+
+EXPORT_SYMBOL_GPL(blkdev_ioctl);
diff -Naur linux-2.6.11.9/drivers/block/pktcdvd.c linux-2.6.11.10/drivers/block/pktcdvd.c
--- linux-2.6.11.9/drivers/block/pktcdvd.c 2005-05-11 15:41:09.000000000 -0700
+++ linux-2.6.11.10/drivers/block/pktcdvd.c 2005-05-16 10:50:31.000000000 -0700
@@ -2400,7 +2400,7 @@
case CDROM_LAST_WRITTEN:
case CDROM_SEND_PACKET:
case SCSI_IOCTL_SEND_COMMAND:
- return ioctl_by_bdev(pd->bdev, cmd, arg);
+ return blkdev_ioctl(pd->bdev->bd_inode, file, cmd, arg);
case CDROMEJECT:
/*
@@ -2408,7 +2408,7 @@
* have to unlock it or else the eject command fails.
*/
pkt_lock_door(pd, 0);
- return ioctl_by_bdev(pd->bdev, cmd, arg);
+ return blkdev_ioctl(pd->bdev->bd_inode, file, cmd, arg);
default:
printk("pktcdvd: Unknown ioctl for %s (%x)\n", pd->name, cmd);
diff -Naur linux-2.6.11.9/drivers/char/raw.c linux-2.6.11.10/drivers/char/raw.c
--- linux-2.6.11.9/drivers/char/raw.c 2005-05-11 15:42:19.000000000 -0700
+++ linux-2.6.11.10/drivers/char/raw.c 2005-05-16 10:50:31.000000000 -0700
@@ -122,7 +122,7 @@
{
struct block_device *bdev = filp->private_data;
- return ioctl_by_bdev(bdev, command, arg);
+ return blkdev_ioctl(bdev->bd_inode, filp, command, arg);
}
static void bind_device(struct raw_config_request *rq)
On Mon, May 16, 2005 at 11:25:45AM -0700, Greg KH wrote:
> Summary of changes from v2.6.11.9 to v2.6.11.10
> ==============================================
>
> Dave Jones:
> o Fix root hole in raw device
I was just the bringer of bad news this time ;-)
Stephen Tweedie spotted the real problem here, and based
his patch on one from Jan Glauber.
Dav
* Greg KH:
> Due to a recently announced security issue with the current kernel, we
> (the -stable team) are announcing the release of the 2.6.11.10 kernel.
Would it be possible to cross-reference the vulnerabilities in a
precise manner, maybe using CVE names?
* Florian Weimer ([email protected]) wrote:
> * Greg KH:
>
> > Due to a recently announced security issue with the current kernel, we
> > (the -stable team) are announcing the release of the 2.6.11.10 kernel.
>
> Would it be possible to cross-reference the vulnerabilities in a
> precise manner, maybe using CVE names?
The ChangeLog has this info (CVE CAN-2005-1264).
http://kernel.org/git/gitweb.cgi?p=linux%2Fkernel%2Fgit%2Fgregkh%2Flinux-2.6.11.y.git;a=log
But, it's reasonble to ask for these in announce email, thanks.
-chris
On Mon, May 16, 2005 at 10:58:09PM +0200, Florian Weimer wrote:
> * Greg KH:
>
> > Due to a recently announced security issue with the current kernel, we
> > (the -stable team) are announcing the release of the 2.6.11.10 kernel.
>
> Would it be possible to cross-reference the vulnerabilities in a
> precise manner, maybe using CVE names?
Sorry, I'll put the CVE names in the announce email from now on.
thanks,
greg k-h