commit 21c3ed9b226c09e4401d299b4a83acfd140f6e8d Author: Greg KH Date: Mon Oct 10 11:54:29 2005 -0700 Linux 2.6.13.4 commit db5356da707a5e8414c6ea9e5d50ce3ef884afce Author: David Howells Date: Fri Oct 7 16:43:55 2005 -0700 [PATCH] key: plug request_key_auth memleak (CAN-2005-3119) Plug request_key_auth memleak. This can be triggered by unprivileged users, so is local DoS. Signed-off-by: Chris Wright Signed-Off-By: David Howells Signed-off-by: Greg Kroah-Hartman commit b17681a236a4f0faf237241dea833fc6ada997c0 Author: Dave Jones Date: Fri Oct 7 16:43:52 2005 -0700 [PATCH] Fix drm 'debug' sysfs permissions Please consider for next 2.6.13, it is a minor security issue allowing users to turn on drm debugging when they shouldn't... This fell through the cracks. Until Josh pointed me at http://bugs.gentoo.org/show_bug.cgi?id=107893 Signed-off-by: Chris Wright Signed-off-by: Greg Kroah-Hartman commit 5be2ff20d0750801919c784e10427ee98d6c5639 Author: Linus Torvalds Date: Fri Oct 7 16:43:54 2005 -0700 [PATCH] Avoid 'names_cache' memory leak with CONFIG_AUDITSYSCALL Avoid 'names_cache' memory leak with CONFIG_AUDITSYSCALL The nameidata "last.name" is always allocated with "__getname()", and should always be free'd with "__putname()". Using "putname()" without the underscores will leak memory, because the allocation will have been hidden from the AUDITSYSCALL code. Arguably the real bug is that the AUDITSYSCALL code is really broken, but in the meantime this fixes the problem people see. Reported by Robert Derr, patch by Rick Lindsley. Acked-by: Al Viro Signed-off-by: Linus Torvalds Signed-off-by: Chris Wright Signed-off-by: Greg Kroah-Hartman commit d7c6ec0fa0de0b99b3bb66cc0b63e1331ae76984 Author: David S. Miller Date: Fri Oct 7 16:43:53 2005 -0700 [PATCH] Fix userland FPU state corruption. We need to use stricter memory barriers around the block load and store instructions we use to save and restore the FPU register file. Signed-off-by: David S. Miller Signed-off-by: Chris Wright Signed-off-by: Greg Kroah-Hartman commit 1aa561c7dd019a6723deba2e0d408638e9172f01 Author: Stephen Hemminger Date: Fri Oct 7 16:43:51 2005 -0700 [PATCH] BIC coding bug in Linux 2.6.13 Please consider this change for 2.6.13-stable Since BIC is the default congestion control algorithm, this fix is quite important. Missing parenthesis in causes BIC to be slow in increasing congestion window. Spotted by Injong Rhee. Signed-off-by: Stephen Hemminger Signed-off-by: David S. Miller Signed-off-by: Chris Wright Signed-off-by: Greg Kroah-Hartman commit 28f2367459dea7e7d56f16b9528691797e9cbd88 Author: Pavel Roskin Date: Fri Oct 7 16:43:50 2005 -0700 [PATCH] orinoco: Information leakage due to incorrect padding The orinoco driver can send uninitialized data exposing random pieces of the system memory. This happens because data is not padded with zeroes when its length needs to be increased. Reported by Meder Kydyraliev Signed-off-by: Pavel Roskin Signed-off-by: Chris Wright Signed-off-by: Greg Kroah-Hartman commit 910573c7c4aced8fd5f45c334cc67862e3424d92 Author: Stefan Richter Date: Fri Oct 7 16:43:49 2005 -0700 [PATCH] ieee1394/sbp2: fixes for hot-unplug and module unloading Fixes for reference counting problems, deadlocks, and delays when SBP-2 devices are unplugged or unbound from sbp2, or when unloading of sbp2/ ohci1394/ pcilynx is attempted. Most often reported symptoms were hotplugs remaining undetected once a FireWire disk was unplugged since the knodemgrd kernel thread went to uninterruptible sleep, and "modprobe -r sbp2" being unable to complete because still being in use. Patch is equivalent to commit abd559b1052e28d8b9c28aabde241f18fa89090b in 2.6.14-rc3 plus a fix which is necessary together with 2.6.13's scsi core API (linux1394.org commit r1308 by Ben Collins). Signed-off-by: Stefan Richter Cc: Ben Collins Signed-off-by: Chris Wright Signed-off-by: Greg Kroah-Hartman