CVE-2014-{5471,5472} isofs: Fix unbounded recursion when processing relocated directories

2014-08-27 15:52:39 -05:00 · 2014-08-27 15:52:39 -05:00 · 0d360df2cd
commit 0d360df2cd
parent a3696887c0
2 changed files with 209 additions and 0 deletions
--- a/kernel.spec
+++ b/kernel.spec
@ -652,6 +652,9 @@ Patch25122: nfs3_list_one_acl-check-get_acl-result-with-IS_ERR_O.patch
 #rhbz 1132666
 Patch26016: xhci-Disable-streams-on-Via-XHCI-with-device-id-0x34.patch

+#CVE-2014-{5471,5472} rhbz 1134099 1134101
+Patch26017: isofs-Fix-unbounded-recursion-when-processing-relocated-directories.patch
+
 # git clone ssh://git.fedorahosted.org/git/kernel-arm64.git, git diff master...devel
 Patch30000: kernel-arm64.patch

@ -1388,6 +1391,9 @@ ApplyPatch nfs3_list_one_acl-check-get_acl-result-with-IS_ERR_O.patch
 #rhbz 1132666
 ApplyPatch xhci-Disable-streams-on-Via-XHCI-with-device-id-0x34.patch

+#CVE-2014-{5471,5472} rhbz 1134099 1134101
+ApplyPatch isofs-Fix-unbounded-recursion-when-processing-relocated-directories.patch
+
 %if 0%{?aarch64patches}
 ApplyPatch kernel-arm64.patch
 %ifnarch aarch64 # this is stupid, but i want to notice before secondary koji does.
@ -2270,6 +2276,10 @@ fi
 #                                    ||----w |
 #                                    ||     ||
 %changelog
+* Wed Aug 27 2014 Justin M. Forbes <jforbes@fedoraproject.org>
+- CVE-2014-{5471,5472} isofs: Fix unbounded recursion when processing relocated
+  directories (rhbz 1134099 1134101)
+
 * Wed Aug 27 2014 Josh Boyer <jwboyer@fedoraproject.org>
 - Disable streams on via XHCI (rhbz 1132666)