This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, xen-legacy-kernel has been updated via ed51f88e6f14c83af271a646da7a425de50f8e0e (commit) from b6c72b947753d41a9d691462b7afc34852a8b4b2 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit ed51f88e6f14c83af271a646da7a425de50f8e0e Author: Arne Fitzenreiter arne_f@ipfire.org Date: Wed May 14 08:41:30 2014 +0200
xen-kernel: add patch for CVE_2014_0196.
-----------------------------------------------------------------------
Summary of changes: lfs/linux2 | 7 +++++-- make.sh | 2 +- src/patches/linux-2.6.32.61_CVE-2014-0196.patch | 13 +++++++++++++ 3 files changed, 19 insertions(+), 3 deletions(-) create mode 100644 src/patches/linux-2.6.32.61_CVE-2014-0196.patch
Difference in files: diff --git a/lfs/linux2 b/lfs/linux2 index 76e31a9..57e4b0b 100644 --- a/lfs/linux2 +++ b/lfs/linux2 @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2013 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2014 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -34,7 +34,7 @@ DIR_APP = $(DIR_SRC)/$(THISAPP) CFLAGS = CXXFLAGS =
-PAK_VER = 29 +PAK_VER = 30 DEPS = ""
# Normal build or XEN build. @@ -163,6 +163,9 @@ endif # Fix mv_cesa cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-2.6.32-crypto-mv_cesa.patch
+ # Fix for CVE-2014-0196 + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-2.6.32.61_CVE-2014-0196.patch + ifeq "$(KCFG)" "-kirkwood" # Add dreamplug,guruplug and icy 62x0 support on ARM-kirkwood cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-2.6.32.57-arm_kirkwood_setups.patch diff --git a/make.sh b/make.sh index 0e20908..d2200a9 100755 --- a/make.sh +++ b/make.sh @@ -32,7 +32,7 @@ SLOGAN="www.ipfire.org" # Software slogan CONFIG_ROOT=/var/ipfire # Configuration rootdir NICE=10 # Nice level MAX_RETRIES=1 # prefetch/check loop -BUILD_IMAGES=1 # Build USB, Flash and Xen Images +BUILD_IMAGES=0 # Build USB, Flash and Xen Images KVER=`grep --max-count=1 VER lfs/linux | awk '{ print $3 }'` MACHINE=`uname -m` GIT_TAG=$(git tag | tail -1) # Git Tag diff --git a/src/patches/linux-2.6.32.61_CVE-2014-0196.patch b/src/patches/linux-2.6.32.61_CVE-2014-0196.patch new file mode 100644 index 0000000..081c134 --- /dev/null +++ b/src/patches/linux-2.6.32.61_CVE-2014-0196.patch @@ -0,0 +1,13 @@ +diff -Naur linux-2.6.32.61.org/drivers/char/n_tty.c linux-2.6.32.61/drivers/char/n_tty.c +--- linux-2.6.32.61.org/drivers/char/n_tty.c 2013-06-10 11:43:48.000000000 +0200 ++++ linux-2.6.32.61/drivers/char/n_tty.c 2014-05-13 16:10:01.906566307 +0200 +@@ -1969,7 +1969,9 @@ + tty->ops->flush_chars(tty); + } else { + while (nr > 0) { ++ mutex_lock(&tty->output_lock); + c = tty->ops->write(tty, b, nr); ++ mutex_unlock(&tty->output_lock); + if (c < 0) { + retval = c; + goto break_out;
hooks/post-receive -- IPFire 2.x development tree