Skip to content
Snippets Groups Projects
  1. Aug 12, 2013
  2. Aug 10, 2013
  3. Aug 06, 2013
  4. Aug 03, 2013
  5. Aug 02, 2013
    • David S. Miller's avatar
      Update manual/contrib.texi · db24e684
      David S. Miller authored
      	* manual/contrib.texi: Update entry for Siddhesh Poyarekar.  Add
      	entries for Will Newton, Andi Kleen, David Holsgrove, and Ondrej
      	Bilka.
      db24e684
  6. Jul 30, 2013
  7. Jul 28, 2013
  8. Jul 27, 2013
  9. Jul 26, 2013
  10. Jul 25, 2013
  11. Jul 24, 2013
  12. Jul 23, 2013
  13. Jul 22, 2013
  14. Jul 21, 2013
    • Carlos O'Donell's avatar
      CVE-2013-2207, BZ #15755: Disable pt_chown. · e4608715
      Carlos O'Donell authored
      The helper binary pt_chown tricked into granting access to another
      user's pseudo-terminal.
      
      Pre-conditions for the attack:
      
       * Attacker with local user account
       * Kernel with FUSE support
       * "user_allow_other" in /etc/fuse.conf
       * Victim with allocated slave in /dev/pts
      
      Using the setuid installed pt_chown and a weak check on whether a file
      descriptor is a tty, an attacker could fake a pty check using FUSE and
      trick pt_chown to grant ownership of a pty descriptor that the current
      user does not own.  It cannot access /dev/pts/ptmx however.
      
      In most modern distributions pt_chown is not needed because devpts
      is enabled by default. The fix for this CVE is to disable building
      and using pt_chown by default. We still provide a configure option
      to enable hte use of pt_chown but distributions do so at their own
      risk.
      e4608715
  15. Jul 20, 2013
  16. Jul 19, 2013
  17. Jul 16, 2013
    • Carlos O'Donell's avatar
      BZ #15711: Avoid circular dependency for syscall.h · d7e06450
      Carlos O'Donell authored
      The generated header is compiled with `-ffreestanding' to avoid any
      circular dependencies against the installed implementation headers.
      Such a dependency would require the implementation header to be
      installed before the generated header could be built (See bug 15711).
      In current practice the generated header dependencies do not include
      any of the implementation headers removed by the use of `-ffreestanding'.
      
      ---
      
      2013-07-15  Carlos O'Donell  <carlos@redhat.com>
      
      	[BZ #15711]
      	* sysdeps/unix/sysv/linux/Makefile ($(objpfx)bits/syscall%h):
      	Avoid system header dependency with -ffreestanding.
      	($(objpfx)bits/syscall%d): Likewise.
      d7e06450
  18. Jul 13, 2013
  19. Jul 12, 2013
  20. Jul 09, 2013
  21. Jul 08, 2013
  22. Jul 07, 2013
  23. Jul 05, 2013
  24. Jul 04, 2013
Loading