On Sunday August 20, [email protected] wrote:
> While going through patches for 2.6.16.x, I stumbled over the following
> regarding the "NFS export of ext2/ext3" security vulnerabilities (the
> ext3 one is CVE-2006-3468, I don't whether there's a number for the
> ext2 one):
>
> There are three patches available:
> have-ext2-reject-file-handles-with-bad-inode-numbers-early.patch
> have-ext3-reject-file-handles-with-bad-inode-numbers-early.patch
> ext3-avoid-triggering-ext3_error-on-bad-nfs-file-handle.patch
>
> The first two patches are except for a s/ext2/ext3/ identical.
>
> The two ext3 patches fix the same issue in slightly different ways.
>
> It seems there was already some agreement that the first of the two ext3
> patches should be preferred due to being more the same as the ext2 patch
> (see [1] and followups).
>
> But the only patch that is applied in 2.6.18-rc4 (and in 2.6.17.9) is
> the ext3 patch that is _not_ identical to the ext2 one.
>
> Is it the correct solution to revert this ext3 patch in both 2.6.18-rc
> and 2.6.17 and to apply the other two patches?
There is no point in reverting the ext3 patch. It is a good and
proper patch to have.
Apply the ext2 patch is definitely a good idea.
Applying the other ext3 patch is also a good idea.
NeilBrown
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]