Lucid update to 2.6.32.63 stable release
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Lucid |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from Linus' tree or in a minimally
backported form of that patch. The 2.6.32.63 upstream stable
patch set is now available. It should be included in the Ubuntu
kernel as well.
TEST CASE: TBD
The following patches are in the 2.6.32.63 stable release:
Linux 2.6.32.63
net: fix regression introduced in 2.6.32.62 by sysctl fixes
auditsc: audit_krule mask accesses need bounds checking
futex: Prevent attaching to kernel threads
ethtool: Report link-down while interface is down
The following patches from 2.6.32.63 were not applied as they were already present in the Lucid kernel:
futex: Make lookup_pi_state more robust
futex: Always cleanup owner tid in unlock_pi
futex: Validate atomic acquisition in futex_lock_
futex-prevent-
The following patch from 2.6.32.63 was dropped as one of futex patches in Lucid seem to implement a slightly different security fix that prevents it from being applied:
futex: Add another early deadlock detection check
tags: | added: kernel-stable-tracking-bug |
description: | updated |
Changed in linux (Ubuntu Lucid): | |
status: | New → Fix Committed |
Changed in linux (Ubuntu): | |
status: | New → Invalid |
This bug was fixed in the package linux - 2.6.32-64.128
---------------
linux (2.6.32-64.128) lucid; urgency=low
[ Upstream Kernel Changes ]
* l2tp: Privilege escalation in ppp over l2tp sockets
- LP: #1341472
- CVE-2014-4943
linux (2.6.32-64.127) lucid; urgency=low
[ Luis Henriques ]
* Merged back Ubuntu- 2.6.32- 62.126 security release
* Revert "x86_64,ptrace: Enforce RIP <= TASK_SIZE_MAX (CVE-2014-4699)"
- LP: #1337339
* Release Tracking Bug
- LP: #1338946
[ Upstream Kernel Changes ]
* ptrace,x86: force IRET path after a ptrace_stop()
- LP: #1337339
- CVE-2014-4699
linux (2.6.32-63.126) lucid; urgency=low
[ Luis Henriques ]
* Release Tracking Bug
- LP: #1335875
[ Upstream Kernel Changes ]
* net: check net.core.somaxconn sysctl values s_safe. c
- LP: #1321293
* sysctl net: Keep tcp_syn_retries inside the boundary
- LP: #1321293
* ethtool: Report link-down while interface is down
- LP: #1335049
* futex: Prevent attaching to kernel threads
- LP: #1335049
* auditsc: audit_krule mask accesses need bounds checking
- LP: #1335049
* net: fix regression introduced in 2.6.32.62 by sysctl fixes
- LP: #1335049
* Linux 2.6.32.63
- LP: #1335049
* lib/lzo: Rename lzo1x_decompress.c to lzo1x_decompres
- LP: #1335313
- CVE-2014-4608
* lib/lzo: Update LZO compression to current upstream version
- LP: #1335313
- CVE-2014-4608
* lzo: properly check for overruns
- LP: #1335313
- CVE-2014-4608
-- Luis Henriques <email address hidden> Mon, 14 Jul 2014 16:33:33 +0100