Lucid fsl-imx51: tracking bug, update to 2.6.31-608.22
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
| linux-fsl-imx51 (Ubuntu) |
Undecided
|
Unassigned | ||
| Lucid |
Undecided
|
Tim Gardner |
Bug Description
rebased to Karmic master branch 2.6.31-22.72 which contains many CVEs and stable updates.
CVE References
- 2009-4895
- 2010-2066
- 2010-2226
- 2010-2248
- 2010-2478
- 2010-2495
- 2010-2521
- 2010-2524
- 2010-2538
- 2010-2798
- 2010-2942
- 2010-2943
- 2010-2946
- 2010-2954
- 2010-2955
- 2010-2962
- 2010-2963
- 2010-3015
- 2010-3067
- 2010-3078
- 2010-3079
- 2010-3080
- 2010-3084
- 2010-3296
- 2010-3297
- 2010-3298
- 2010-3310
- 2010-3432
- 2010-3437
- 2010-3442
- 2010-3448
- 2010-3477
- 2010-3698
- 2010-3705
- 2010-3848
- 2010-3849
- 2010-3850
- 2010-3858
- 2010-3861
- 2010-3904
- 2010-4072
- 2010-4074
- 2010-4078
- 2010-4079
- 2010-4165
- 2010-4169
visibility: | private → public |
Changed in linux-fsl-imx51 (Ubuntu): | |
status: | New → Invalid |
Changed in linux-fsl-imx51 (Ubuntu Lucid): | |
assignee: | nobody → Tim Gardner (timg-tpi) |
status: | New → Fix Committed |
Tobin Davis (gruemaster) wrote : | #2 |
Tested on babbage, no errors in dmesg log and no issues during install.
tags: | added: verification-done |
tags: |
added: verification-done-lucid removed: verification-done |
tags: | added: verification-done |
Martin Pitt (pitti) wrote : | #3 |
Adding missing tracking bug tag, so that this appears correctly on the report pages.
tags: | added: kernel-tracking-bug |
Launchpad Janitor (janitor) wrote : | #4 |
This bug was fixed in the package linux-fsl-imx51 - 2.6.31-608.22
---------------
linux-fsl-imx51 (2.6.31-608.22) lucid; urgency=low
[ Tim Gardner ]
* rebased to 2.6.31-22.72
* Tracking bug
- LP: #713266
[ Upstream Kernel Changes ]
* Karmic SRU: thinkpad-acpi: lock down video output state access, CVE-2010-3448
- LP: #706999
- CVE-2010-3448
* USB: serial/mos*: prevent reading uninitialized stack memory,
CVE-2010-4074
- LP: #706149
- CVE-2010-4074
* KVM: Fix fs/gs reload oops with invalid ldt
- LP: #707000
- CVE-2010-3698
* drivers/
memory, CVE-2010-4078
- LP: #707579
- CVE-2010-4078
* V4L/DVB: ivtvfb: prevent reading uninitialized stack memory,
CVE-2010-4079
- LP: #707649
- CVE-2010-4079
[ Upstream Kernel Changes ]
* ipc: initialize structure memory to zero for compat functions
* tcp: Increase TCP_MAXSEG socket option minimum.
- CVE-2010-4165
* perf_events: Fix perf_counter_mmap() hook in mprotect()
- CVE-2010-4169
* af_unix: limit unix_tot_inflight
- CVE-2010-4249
linux-fsl-imx51 (2.6.31-608.21) lucid-proposed; urgency=low
[ Leann Ogasawara ]
* Rebased to 2.6.31-22.70
[ Ubuntu: 2.6.31-22.70 ]
- LP: #683474
* Revert "SAUCE: AF_ECONET saddr->cookie prevent NULL pointer
dereference"
* Revert "SAUCE: AF_ECONET SIOCSIFADDR ioctl does not check privileges"
* Revert "SAUCE: AF_ECONET prevent kernel stack overflow"
* Btrfs: fix checks in BTRFS_IOC_
- CVE-2010-2538
* xfs: validate untrusted inode numbers during lookup
- CVE-2010-2943
* xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED
- CVE-2010-2943
* xfs: remove block number from inode lookup code
- CVE-2010-2943
* xfs: fix untrusted inode number lookup
- CVE-2010-2943
* drm/i915: Sanity check pread/pwrite
- CVE-2010-2962
* drm/i915: Rephrase pwrite bounds checking to avoid any potential overflow
- CVE-2010-2962
* tracing: Do not allow llseek to set_ftrace_filter
- CVE-2010-3079
* drivers/
- CVE-2010-3296
* drivers/net/eql.c: prevent reading uninitialized stack memory
- CVE-2010-3297
* drivers/
- CVE-2010-3298
* setup_arg_pages: diagnose excessive argument size
- CVE-2010-3858
* net: clear heap allocation for ETHTOOL_GRXCLSRLALL
- CVE-2010-3861
* ipc: shm: fix information leak to userland
- CVE-2010-4072
* econet: disallow NULL remote addr for sendmsg(), fixes CVE-2010-3849
- CVE-2010-3849
* econet: fix CVE-2010-3850
- CVE-2010-3850
* econet: fix CVE-2010-3848
- CVE-2010-3848
[ Ubuntu: 2.6.31-22.69 ]
* SAUCE: AF_ECONET prevent kernel stack overflow
- CVE-2010-3848
* SAUCE: AF_ECONET SIOCSIFADDR ioctl does not check privileges
- CVE-2010-3850
* SAUCE: AF_ECONET saddr->cookie prevent NULL pointer dereference
- CVE-2010-3849
[ Ubuntu: 2.6.31-22.68 ]
* SAUCE: docs -- fix doc strings for fc_event_seq
* SAUCE: (no-up) Modularize vesafb -- fix initialization
- LP: #...
Changed in linux-fsl-imx51 (Ubuntu Lucid): | |
status: | Fix Committed → Fix Released |
Martin Pitt (pitti) wrote : | #5 |
Copied to -security, too.
Accepted linux-fsl-imx51 into lucid-proposed, the package will build now and be available in a few hours. Please test and give feedback here. See https:/ /wiki.ubuntu. com/Testing/ EnableProposed for documentation how to enable and use -proposed. Thank you in advance!