Comment 3 for bug 1335313

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-ec2 - 2.6.32-368.84

---------------
linux-ec2 (2.6.32-368.84) lucid; urgency=low

  [ Andy Whitcroft ]

  * pull in missing CVE changelog
  * Ubuntu-2.6.32-368.84

  [ Ubuntu: 2.6.32-64.128 ]

  * l2tp: Privilege escalation in ppp over l2tp sockets
    - LP: #1341472
    - CVE-2014-4943

linux-ec2 (2.6.32-368.83) lucid; urgency=low

  [ Stefan Bader ]

  * Rebased to Ubuntu-2.6.32-64.127
  * Release Tracking Bug
    - LP: #1339215

  [ Ubuntu: 2.6.32-64.127 ]

  * Merged back Ubuntu-2.6.32-62.126 security release
  * Revert "x86_64,ptrace: Enforce RIP <= TASK_SIZE_MAX (CVE-2014-4699)"
    - LP: #1337339
  * ptrace,x86: force IRET path after a ptrace_stop()
    - LP: #1337339
    - CVE-2014-4699

linux-ec2 (2.6.32-367.82) lucid; urgency=low

  [ Stefan Bader ]

  * Rebased to Ubuntu-2.6.32-63.126
  * Release Tracking Bug
    - LP: #1336142

  [ Ubuntu: 2.6.32-63.126 ]

  * net: check net.core.somaxconn sysctl values
    - LP: #1321293
  * sysctl net: Keep tcp_syn_retries inside the boundary
    - LP: #1321293
  * ethtool: Report link-down while interface is down
    - LP: #1335049
  * futex: Prevent attaching to kernel threads
    - LP: #1335049
  * auditsc: audit_krule mask accesses need bounds checking
    - LP: #1335049
  * net: fix regression introduced in 2.6.32.62 by sysctl fixes
    - LP: #1335049
  * Linux 2.6.32.63
    - LP: #1335049
  * lib/lzo: Rename lzo1x_decompress.c to lzo1x_decompress_safe.c
    - LP: #1335313
    - CVE-2014-4608
  * lib/lzo: Update LZO compression to current upstream version
    - LP: #1335313
    - CVE-2014-4608
  * lzo: properly check for overruns
    - LP: #1335313
    - CVE-2014-4608
 -- Andy Whitcroft <email address hidden> Mon, 14 Jul 2014 17:31:51 +0100