This bug was fixed in the package linux - 2.6.32-64.128
--------------- linux (2.6.32-64.128) lucid; urgency=low
[ Upstream Kernel Changes ]
* l2tp: Privilege escalation in ppp over l2tp sockets - LP: #1341472 - CVE-2014-4943
linux (2.6.32-64.127) lucid; urgency=low
[ Luis Henriques ]
* Merged back Ubuntu-2.6.32-62.126 security release * Revert "x86_64,ptrace: Enforce RIP <= TASK_SIZE_MAX (CVE-2014-4699)" - LP: #1337339 * Release Tracking Bug - LP: #1338946
* ptrace,x86: force IRET path after a ptrace_stop() - LP: #1337339 - CVE-2014-4699
linux (2.6.32-63.126) lucid; urgency=low
* Release Tracking Bug - LP: #1335875
* net: check net.core.somaxconn sysctl values - LP: #1321293 * sysctl net: Keep tcp_syn_retries inside the boundary - LP: #1321293 * ethtool: Report link-down while interface is down - LP: #1335049 * futex: Prevent attaching to kernel threads - LP: #1335049 * auditsc: audit_krule mask accesses need bounds checking - LP: #1335049 * net: fix regression introduced in 2.6.32.62 by sysctl fixes - LP: #1335049 * Linux 2.6.32.63 - LP: #1335049 * lib/lzo: Rename lzo1x_decompress.c to lzo1x_decompress_safe.c - LP: #1335313 - CVE-2014-4608 * lib/lzo: Update LZO compression to current upstream version - LP: #1335313 - CVE-2014-4608 * lzo: properly check for overruns - LP: #1335313 - CVE-2014-4608 -- Luis Henriques <email address hidden> Mon, 14 Jul 2014 16:33:33 +0100
This bug was fixed in the package linux - 2.6.32-64.128
---------------
linux (2.6.32-64.128) lucid; urgency=low
[ Upstream Kernel Changes ]
* l2tp: Privilege escalation in ppp over l2tp sockets
- LP: #1341472
- CVE-2014-4943
linux (2.6.32-64.127) lucid; urgency=low
[ Luis Henriques ]
* Merged back Ubuntu- 2.6.32- 62.126 security release
* Revert "x86_64,ptrace: Enforce RIP <= TASK_SIZE_MAX (CVE-2014-4699)"
- LP: #1337339
* Release Tracking Bug
- LP: #1338946
[ Upstream Kernel Changes ]
* ptrace,x86: force IRET path after a ptrace_stop()
- LP: #1337339
- CVE-2014-4699
linux (2.6.32-63.126) lucid; urgency=low
[ Luis Henriques ]
* Release Tracking Bug
- LP: #1335875
[ Upstream Kernel Changes ]
* net: check net.core.somaxconn sysctl values s_safe. c
- LP: #1321293
* sysctl net: Keep tcp_syn_retries inside the boundary
- LP: #1321293
* ethtool: Report link-down while interface is down
- LP: #1335049
* futex: Prevent attaching to kernel threads
- LP: #1335049
* auditsc: audit_krule mask accesses need bounds checking
- LP: #1335049
* net: fix regression introduced in 2.6.32.62 by sysctl fixes
- LP: #1335049
* Linux 2.6.32.63
- LP: #1335049
* lib/lzo: Rename lzo1x_decompress.c to lzo1x_decompres
- LP: #1335313
- CVE-2014-4608
* lib/lzo: Update LZO compression to current upstream version
- LP: #1335313
- CVE-2014-4608
* lzo: properly check for overruns
- LP: #1335313
- CVE-2014-4608
-- Luis Henriques <email address hidden> Mon, 14 Jul 2014 16:33:33 +0100