linux: 2.6.31-22.72 -proposed tracker
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Medium
|
Canonical Kernel Team |
Bug Description
This bug is for tracking the 2.6.31-22.72 upload package. This bug will contain status and testing results releated to that upload.
tags: | added: kernel-tracking-bug |
Jeremy Foshee (jeremyfoshee) wrote : | #1 |
tags: | added: needs-kernel-logs |
tags: | added: needs-upstream-testing |
tags: | added: kj-triage |
Changed in linux (Ubuntu): | |
status: | New → Incomplete |
Changed in linux (Ubuntu): | |
status: | Incomplete → In Progress |
importance: | Undecided → Medium |
assignee: | nobody → Canonical Kernel Team (canonical-kernel-team) |
Launchpad Janitor (janitor) wrote : | #2 |
This bug was fixed in the package linux - 2.6.31-22.73
---------------
linux (2.6.31-22.73) karmic-proposed; urgency=low
[ Steve Conklin ]
* Release Tracking Bug
- LP: #716648
[ Upstream Kernel Changes ]
* copied ABI directory
* net: Limit socket I/O iovec total length to INT_MAX., CVE-2010-3859
- LP: #708839, #711855
- CVE-2010-4160
* net: Truncate recvfrom and sendto length to INT_MAX., CVE-2010-3859
- LP: #708839, #711855
- CVE-2010-4160
* net: fix rds_iovec page count overflow, CVE-2010-3865
- LP: #709153
- CVE-2010-3865
* net: ax25: fix information leak to userland, CVE-2010-3875
- LP: #710714
- CVE-2010-3875
* net: ax25: fix information leak to userland harder, CVE-2010-3875
- LP: #710714
- CVE-2010-3875
* can-bcm: fix minor heap overflow
- LP: #710680
- CVE-2010-3874
* memory corruption in X.25 facilities parsing, CVE-2010-3873
- LP: #709372
- CVE-2010-3873
* net: packet: fix information leak to userland, CVE-2010-3876
- LP: #710714
- CVE-2010-3876
* net: tipc: fix information leak to userland, CVE-2010-3877
- LP: #711291
- CVE-2010-3877
* KVM: VMX: fix vmx null pointer dereference on debug register access,
CVE-2010-0435
- LP: #712615
- CVE-2010-0435
* gdth: integer overflow in ioctl, CVE-2010-4157
- LP: #711797
- CVE-2010-4157
* posix-cpu-timers: workaround to suppress the problems with mt exec,
CVE-2010-4248
- LP: #712609
- CVE-2010-4248
* ALSA: sound/pci/rme9652: prevent reading uninitialized stack memory,
CVE-2010-4080, CVE-2010-4081
- LP: #712723, #712737
- CVE-2010-4081
* drivers/
CVE-2010-4082
- LP: #712744
- CVE-2010-4082
* sys_semctl: fix kernel stack leakage, CVE-2010-4083
- LP: #712749
- CVE-2010-4083
* inet_diag: Make sure we actually run the same bytecode we audited,
CVE-2010-3880
- LP: #711865
- CVE-2010-3880
linux (2.6.31-22.72) karmic-proposed; urgency=low
[ Brad Figg ]
* Tracking Bug
- LP: #708860
[ Upstream Kernel Changes ]
* Karmic SRU: thinkpad-acpi: lock down video output state access, CVE-2010-3448
- LP: #706999
- CVE-2010-3448
* USB: serial/mos*: prevent reading uninitialized stack memory,
CVE-2010-4074
- LP: #706149
- CVE-2010-4074
* KVM: Fix fs/gs reload oops with invalid ldt
- LP: #707000
- CVE-2010-3698
* drivers/
memory, CVE-2010-4078
- LP: #707579
- CVE-2010-4078
* V4L/DVB: ivtvfb: prevent reading uninitialized stack memory,
CVE-2010-4079
- LP: #707649
- CVE-2010-4079
linux (2.6.31-22.71) karmic-proposed; urgency=low
[ Brad Figg ]
- LP: #698214
[ Upstream Kernel Changes ]
* ipc: initialize structure memory to zero for compat functions
* tcp: Increase TCP_MAXSEG socket option minimum.
- CVE-2010-4165
* perf_events: Fix perf_counter_mmap() hook in mprotect()
- CVE-2010-4169
* af_unix: limit unix_tot_inflight
- CVE-2010-4249
-- Steve Conklin <email address hidden> Thu, 10 Feb 2011 13:49:49...
Changed in linux (Ubuntu): | |
status: | In Progress → Fix Released |
Hi Brad,
Please be sure to confirm this issue exists with the latest development release of Ubuntu. ISO CD images are available from http:// cdimage. ubuntu. com/daily/ current/ . If the issue remains, please run the following command from a Terminal (Applications- >Accessories- >Terminal) . It will automatically gather and attach updated debug information to this report.
apport-collect -p linux 708860
Also, if you could test the latest upstream kernel available that would be great. It will allow additional upstream developers to examine the issue. Refer to https:/ /wiki.ubuntu. com/KernelMainl ineBuilds . Once you've tested the upstream kernel, please remove the 'needs- upstream- testing' tag. This can be done by clicking on the yellow pencil icon next to the tag located at the bottom of the bug description and deleting the 'needs- upstream- testing' text. Please let us know your results.
Thanks in advance.
[This is an automated message. Apologies if it has reached you inappropriately; please just reply to this message indicating so.]