The Dell Mini Project

Update linux kernel to 2.6.24.24-53 in dell-mini

Bug #299708 reported by Nicola Ferralis
22
This bug affects 2 people
Affects Status Importance Assigned to Milestone
The Dell Mini Project
Fix Released
Undecided
Unassigned
linux (Ubuntu)
Invalid
High
Andy Whitcroft

Bug Description

The kernel in the current release of hardy for the dell-mini (2.6.24.19.21) is severely outdated (both for security bugs and stability) and should be updated to the newest available in hardy's main tree (2.6.24-24.53).

See original description
Revision history for this message
Nicola Ferralis (feranick) wrote :

Hardy's kernel has been further updated to fix some vulnerabilities listed in the following advisory:

http://www.ubuntu.com/usn/usn-679-1

An update should be promptly released for the Dell mini too, along with the several one already on the mainstream hardy kernel, but not yet ported to the mini (BTW: What are the developers WAITING FOR?)

Revision history for this message
yakker.yak (yakker-yak) wrote :

This also includes a bug that makes gdb unusable => Mini 9 unusable for C/C++ development:

https://bugs.launchpad.net/ubuntu/+source/gdb/+bug/230315

What are we waiting for? This bug report was originally added on Nov. 19, 2008!

Revision history for this message
Nicola Ferralis (feranick) wrote :

The new kernel would also fix:

https://bugs.launchpad.net/dell-mini/+bug/259816

Revision history for this message
yakker.yak (yakker-yak) wrote :

Is there any reason this bug report is not receiving any attention, even though it was originally filed Nov. 29, 2008?

Can someone please comment on the state of this or what the community do to help out?

Revision history for this message
yakker.yak (yakker-yak) wrote :

Hello! ... Hello! ......... Hello! .................. Hello! ..................................Hello!

Is anybody out there?

Can someone please comment on the state of this bug?

Revision history for this message
Andy Whitcroft (apw) wrote :

Seems it was filed against the wrong package for the kernel. Moving this to the kernel package.

Nicola Ferralis (feranick)
Changed in dell-mini:
status: New → Confirmed
Revision history for this message
Nicola Ferralis (feranick) wrote :

Kernel in generic hardy is currently in version 2.6.24.22.24.

I am sure Canonical has VERY good reasons to keep the current kernel in the mini in its outdated, insecure state. I'd love to hear them, though.

Andy Whitcroft (apw)
Changed in linux:
importance: Undecided → High
Revision history for this message
Nicola Ferralis (feranick) wrote :

In proposed repository.

Changed in dell-mini:
status: Confirmed → Fix Committed
Revision history for this message
Nicola Ferralis (feranick) wrote :

I have been running the new 2.6.24.22 kernel in the proposed repos for more than a week, and everything looks like is working perfectly.

Revision history for this message
Nicola Ferralis (feranick) wrote :

Generic Hardy has now the kernel in version 2.6.24.23.25. The current version of the kernel in dell-mini is 2.6.24.22.45 and it should be updated to match generic.

Revision history for this message
Nicola Ferralis (feranick) wrote :
Download full text (13.6 KiB)

Changelog from 2.6.24.22.45 (current in dell-mini) to 2.6.24.23.52 (in generic hardy)

http://changelogs.ubuntu.com/changelogs/pool/main/l/linux/linux_2.6.24-23.52/changelog

linux (2.6.24-23.52) hardy-security; urgency=low

  [Stefan Bader]

  * rt: Fix FTBS caused by shm changes
    - CVE-2009-0859

  [Steve Beattie]

  * fix apparmor memory leak on deleted file ops Bug: #329489
    - LP: #329489

  [Upstream Kernel Changes]

  * NFS: Remove the buggy lock-if-signalled case from do_setlk()
    - CVE-2008-4307
  * sctp: Avoid memory overflow while FWD-TSN chunk is received with bad
    stream ID
    - CVE-2009-0065
  * net: 4 bytes kernel memory disclosure in SO_BSDCOMPAT gsopt try #2
    - CVE-2009-0676
  * sparc: Fix mremap address range validation.
    - CVE-2008-6107
  * copy_process: fix CLONE_PARENT && parent_exec_id interaction
    - CVE-2009-0028
  * security: introduce missing kfree
    - CVE-2009-0031
  * eCryptfs: check readlink result was not an error before using it
    - CVE-2009-0269
  * dell_rbu: use scnprintf() instead of less secure sprintf()
    - CVE-2009-0322
  * drivers/net/skfp: if !capable(CAP_NET_ADMIN): inverted logic
    - CVE-2009-0675
  * Ext4: Fix online resize block group descriptor corruption
    - CVE-2009-0745
  * ext4: Initialize the new group descriptor when resizing the filesystem
    - CVE-2009-0745
  * ext4: Add sanity check to make_indexed_dir
    - CVE-2009-0746
  * x86-64: syscall-audit: fix 32/64 syscall hole
    - CVE-2009-0834
  * x86-64: seccomp: fix 32/64 syscall hole
    - CVE-2009-0835
  * shm: fix shmctl(SHM_INFO) lockup with !CONFIG_SHMEM
    - CVE-2009-0859
  * apparmor: Fix handling of larger number of profiles
    - LP: #345144
  * udf:SAUCE (drop after 2.6.30): Fix oops when invalid character in
    filename occurs
    - LP: #321606
  * Fix memory corruption in console selection
    - CVE-2009-1046
  * SPARC64: Loosen checks in exception table handling.
    - LP: #301608, #349655

 -- Stefan Bader <email address hidden> Mon, 16 Mar 2009 18:39:14 +0100

linux (2.6.24-23.48) hardy-security; urgency=low

  [Upstream Kernel Changes]

  * ATM: CVE-2008-5079: duplicate listen() on socket corrupts the vcc table
    - CVE-2008-5079
  * libertas: fix buffer overrun
    - CVE-2008-5134
  * Fix inotify watch removal/umount races
    - CVE-2008-5182
  * net: Fix soft lockups/OOM issues w/ unix garbage collector
    - CVE-2008-5300
  * Enforce a minimum SG_IO timeout
    - CVE-2008-5700
  * ib700wdt.c - fix buffer_underflow bug
    - CVE-2008-5702

 -- Stefan Bader <email address hidden> Wed, 14 Jan 2009 17:46:55 +0100

linux (2.6.24-23.46) hardy-proposed; urgency=low

  [Alessio Igor Bogani]

  * rt: Updated PREEMPT_RT support to rt21
    - LP: #302138

  [Amit Kucheria]

  * SAUCE: Update lpia patches from moblin tree
    - LP: #291457

  [Andy Whitcroft]

  * SAUCE: replace gfs2_bitfit with upstream version to prevent oops
    - LP: #276641

  [Colin Ian King]

  * isdn: Do not validate ISDN net device address prior to interface-up
    - LP: #237306
  * hwmon: (coretemp) Add Penryn CPU to coretemp
    - LP: #235119
  * USB: add support for Motorola ROKR Z6 cellphone in mass storage ...

Revision history for this message
Nicola Ferralis (feranick) wrote :

New release in generic hardy. Changelog below:

linux (2.6.24-24.53) hardy-proposed; urgency=low

  [Stefan Bader]

  * Rebuild of 2.6.24-24.51 with 2.6.24-23.52 security patches applied.

 -- Stefan Bader <email address hidden> Sun, 05 Apr 2009 08:23:06 -0400

linux (2.6.24-24.51) hardy-proposed; urgency=low

  [Alessio Igor Bogani]

  * rt: Updated PREEMPT_RT support to rt27
    - LP: #324275

  [Steve Beattie]

  * fix apparmor memory leak on deleted file ops
    - LP: #329489

  [Upstream Kernel Changes]

  * KVM: MMU: Add locking around kvm_mmu_slot_remove_write_access()
    - LP: #335097, #333409
  * serial: 8250: fix shared interrupts issues with SMP and RT kernels
    - LP: #280821
  * 8250.c: port.lock is irq-safe
    - LP: #280821
  * ACPI: Clear WAK_STS on resume
    - LP: #251338

 -- Stefan Bader <email address hidden> Wed, 25 Feb 2009 10:18:56 +0100

linux (2.6.24-24.50) hardy-proposed; urgency=low

  [Alok Kataria]

  * x86: add X86_FEATURE_HYPERVISOR feature bit
    - LP: #319945
  * x86: add a synthetic TSC_RELIABLE feature bit
    - LP: #319945
  * x86: vmware: look for DMI string in the product serial key
    - LP: #319945
  * x86: Hypervisor detection and get tsc_freq from hypervisor
    - LP: #319945
  * x86: Use the synthetic TSC_RELIABLE bit to workaround virtualization
    anomalies.
    - LP: #319945
  * x86: Skip verification by the watchdog for TSC clocksource.
    - LP: #319945
  * x86: Mark TSC synchronized on VMware.
    - LP: #319945

  [Colin Ian King]

  * SAUCE: Bluetooth USB: fix kernel panic during suspend while streaming
    audio to bluetooth headset
    - LP: #331106

  [James Troup]

  * XEN: Enable architecture specific get_unmapped_area_topdown
    - LP: #237724

  [Stefan Bader]

  * Xen: Fix FTBS after Vmware TSC updates.
    - LP: #319945

  [Upstream Kernel Changes]

  * r8169: fix RxMissed register access
    - LP: #324760
  * r8169: Tx performance tweak helper
    - LP: #326891
  * r8169: use pci_find_capability for the PCI-E features
    - LP: #326891
  * r8169: add 8168/8101 registers description
    - LP: #326891
  * r8169: add hw start helpers for the 8168 and the 8101
    - LP: #326891
  * r8169: additional 8101 and 8102 support
    - LP: #326891
  * Fix memory corruption in console selection
    - LP: #329007

 -- Stefan Bader <email address hidden> Fri, 30 Jan 2009 11:35:26 +0100

description: updated
summary: - Update linux kernel to 2.6.24.21.23 in dell-mini
+ Update linux kernel to 2.6.24.24-53 in dell-mini
Revision history for this message
Rich (rincebrain) wrote :

This seems clearly fixed. Can we close it?

Nicola Ferralis (feranick)
Changed in dell-mini:
status: Fix Committed → Fix Released
Revision history for this message
Andy Whitcroft (apw) wrote :

This kernel has now been released into the dell archive according to the OEM group. Closing out the linux task Invalid as our kernel is separate.

Changed in linux (Ubuntu):
assignee: nobody → Andy Whitcroft (apw)
status: New → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.