CVE-2013-1059 libceph: Fix NULL pointer dereference in auth client code (rhbz 977356 980341)
This commit is contained in:
parent
d85f8a309c
commit
a80f0d14d2
|
@ -0,0 +1,24 @@
|
|||
diff --git a/net/ceph/auth_none.c b/net/ceph/auth_none.c
|
||||
index 925ca58..0ef2458 100644
|
||||
--- a/net/ceph/auth_none.c
|
||||
+++ b/net/ceph/auth_none.c
|
||||
@@ -39,6 +39,11 @@ static int should_authenticate(struct ceph_auth_client *ac)
|
||||
return xi->starting;
|
||||
}
|
||||
|
||||
+static int build_request(struct ceph_auth_client *ac, void *buf, void *end)
|
||||
+{
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
/*
|
||||
* the generic auth code decode the global_id, and we carry no actual
|
||||
* authenticate state, so nothing happens here.
|
||||
@@ -106,6 +111,7 @@ static const struct ceph_auth_client_ops ceph_auth_none_ops = {
|
||||
.destroy = destroy,
|
||||
.is_authenticated = is_authenticated,
|
||||
.should_authenticate = should_authenticate,
|
||||
+ .build_request = build_request,
|
||||
.handle_reply = handle_reply,
|
||||
.create_authorizer = ceph_auth_none_create_authorizer,
|
||||
.destroy_authorizer = ceph_auth_none_destroy_authorizer,
|
|
@ -794,6 +794,9 @@ Patch25057: iwl4965-better-skb-management-in-rx-path.patch
|
|||
#CVE-2013-2234 rhbz 980995 981007
|
||||
Patch25058: af_key-fix-info-leaks-in-notify-messages.patch
|
||||
|
||||
#CVE-2013-1059 rhbz 977356 980341
|
||||
Patch25059: ceph-fix.patch
|
||||
|
||||
# END OF PATCH DEFINITIONS
|
||||
|
||||
%endif
|
||||
|
@ -1526,6 +1529,9 @@ ApplyPatch iwl4965-better-skb-management-in-rx-path.patch
|
|||
#CVE-2013-2234 rhbz 980995 981007
|
||||
ApplyPatch af_key-fix-info-leaks-in-notify-messages.patch
|
||||
|
||||
#CVE-2013-1059 rhbz 977356 980341
|
||||
ApplyPatch ceph-fix.patch
|
||||
|
||||
# END OF PATCH APPLICATIONS
|
||||
|
||||
%endif
|
||||
|
@ -2372,6 +2378,7 @@ fi
|
|||
# || ||
|
||||
%changelog
|
||||
* Wed Jul 03 2013 Josh Boyer <jwboyer@redhat.com>
|
||||
- CVE-2013-1059 libceph: Fix NULL pointer dereference in auth client code (rhbz 977356 980341)
|
||||
- CVE-2013-2234 net: information leak in AF_KEY notify (rhbz 980995 981007)
|
||||
- Linux v3.9.9
|
||||
|
||||
|
|
Loading…
Reference in New Issue