個人的なメモを記していくためのページです。
CAN-2004-0003 (under review)
Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related to "R128 DRI limits checking."
linux-2.4.25/drivers/char/drm/r128_state.c
linux-2.4.26/drivers/char/drm/r128_state.c
linux-2.4.26/drivers/char/drm-4.0/r128_state.c
で修正。ただしdebianの方がチェック厳しい?。
CAN-2004-0010 (under review)
Stack-based buffer overflow in the ncp_lookup function for ncpfs in Linux kernel 2.4.x allows local users to gain privileges.
linux-2.4.25/fs/ncpfs/dir.c で修正。
CAN-2004-0109 (under review)
Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x , allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry.
linux-2.4.26/fs/isofs/rock.c で修正。
CAN-2004-0177 (under review)
The ext3 code in Linux 2.4.x does not properly initialize journal descriptor blocks, which causes an information leak in which in-memory data is written to the device for an ext3 file system, which allows local users to obtain sensitive information by reading the raw device.
linux-2.4.26/fs/jbd/journal.c で修正。
CAN-2004-0178 (under review)
Unknown vulnerability in the OSS code for the Sound Blaster driver in Linux 2.4.x allows local users to cause a denial of service (crash).
linux-2.4.26/drivers/sound/sb_audio.c で修正。
The Microsoft Visual C++ Toolkit 2003 includes the core tools developers need to compile and link C++-based applications for Windows and the .NET Common Language Runtime:Q&Aによると "The Visual C++ Toolkit is a free edition of ..."で"Are there any restrictions on how I use the Visual C++ Toolkit? In general, no."だそうな。ただダウンロードしないと"Please read the End User License Agreement (EULA), included with the Toolkit, for complete details. "ライセンスが読めないのはやめて欲しいが。
クラシック・ドーム
ソフト・ドーム
ソフト・リム