Ubuntu
linux package

linux: 2.6.31-22.73 -proposed tracker

Bug #716648 reported by Steve Conklin on 2011-02-10
32
This bug affects 3 people
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Invalid
Medium
Unassigned
Karmic
Fix Released
Undecided
Unassigned
linux-ec2 (Ubuntu)
Invalid
Undecided
Unassigned
Karmic
Fix Released
Undecided
Unassigned
Also affects project (?) Also affects distribution/package Nominate for series

Bug Description

This bug is for tracking the 2.6.31-22.73 upload package. This bug will contain status and testing results releated to that upload.

Steve Conklin (sconklin) on 2011-02-10
tags: added: kernel-tracking-bug
Andy Whitcroft (apw) on 2011-02-11
Changed in linux (Ubuntu):
importance: Undecided → Medium
Martin Pitt (pitti) wrote : Please test proposed package

Accepted linux into karmic-proposed, the package will build now and be available in a few hours. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

Changed in linux (Ubuntu Karmic):
status: New → Fix Committed
Changed in linux (Ubuntu):
status: New → Invalid
Martin Pitt (pitti) wrote :

linux-ec2 uses the same tracking bug.

Changed in linux-ec2 (Ubuntu):
status: New → Invalid
Changed in linux-ec2 (Ubuntu Karmic):
status: New → Fix Committed
Martin Pitt (pitti) wrote :

Accepted linux-ec2 into karmic-proposed, the package will build now and be available in a few hours. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

C de-Avillez (hggdh2) wrote :

QA results are being posted on https://wiki.ubuntu.com/QATeam/KernelSRU-karmic-2.6.31-22.73. When QA is completed I will add a comment here.

C de-Avillez (hggdh2) wrote :

Tests done successful. The failures on the kernel-security tests for Karmic (KVM and Xen DomU) are expected, and the tests have been adjusted for them.

tags: added: verification-done
Launchpad Janitor (janitor) wrote :
Download full text (3.1 KiB)

This bug was fixed in the package linux - 2.6.31-22.73

---------------
linux (2.6.31-22.73) karmic-proposed; urgency=low

  [ Steve Conklin ]

  * Release Tracking Bug
    - LP: #716648

  [ Upstream Kernel Changes ]

  * copied ABI directory
  * net: Limit socket I/O iovec total length to INT_MAX., CVE-2010-3859
    - LP: #708839, #711855
    - CVE-2010-4160
  * net: Truncate recvfrom and sendto length to INT_MAX., CVE-2010-3859
    - LP: #708839, #711855
    - CVE-2010-4160
  * net: fix rds_iovec page count overflow, CVE-2010-3865
    - LP: #709153
    - CVE-2010-3865
  * net: ax25: fix information leak to userland, CVE-2010-3875
    - LP: #710714
    - CVE-2010-3875
  * net: ax25: fix information leak to userland harder, CVE-2010-3875
    - LP: #710714
    - CVE-2010-3875
  * can-bcm: fix minor heap overflow
    - LP: #710680
    - CVE-2010-3874
  * memory corruption in X.25 facilities parsing, CVE-2010-3873
    - LP: #709372
    - CVE-2010-3873
  * net: packet: fix information leak to userland, CVE-2010-3876
    - LP: #710714
    - CVE-2010-3876
  * net: tipc: fix information leak to userland, CVE-2010-3877
    - LP: #711291
    - CVE-2010-3877
  * KVM: VMX: fix vmx null pointer dereference on debug register access,
    CVE-2010-0435
    - LP: #712615
    - CVE-2010-0435
  * gdth: integer overflow in ioctl, CVE-2010-4157
    - LP: #711797
    - CVE-2010-4157
  * posix-cpu-timers: workaround to suppress the problems with mt exec,
    CVE-2010-4248
    - LP: #712609
    - CVE-2010-4248
  * ALSA: sound/pci/rme9652: prevent reading uninitialized stack memory,
    CVE-2010-4080, CVE-2010-4081
    - LP: #712723, #712737
    - CVE-2010-4081
  * drivers/video/via/ioctl.c: prevent reading uninitialized stack memory,
    CVE-2010-4082
    - LP: #712744
    - CVE-2010-4082
  * sys_semctl: fix kernel stack leakage, CVE-2010-4083
    - LP: #712749
    - CVE-2010-4083
  * inet_diag: Make sure we actually run the same bytecode we audited,
    CVE-2010-3880
    - LP: #711865
    - CVE-2010-3880

linux (2.6.31-22.72) karmic-proposed; urgency=low

  [ Brad Figg ]

  * Tracking Bug
    - LP: #708860

  [ Upstream Kernel Changes ]

  * Karmic SRU: thinkpad-acpi: lock down video output state access, CVE-2010-3448
    - LP: #706999
    - CVE-2010-3448
  * USB: serial/mos*: prevent reading uninitialized stack memory,
    CVE-2010-4074
    - LP: #706149
    - CVE-2010-4074
  * KVM: Fix fs/gs reload oops with invalid ldt
    - LP: #707000
    - CVE-2010-3698
  * drivers/video/sis/sis_main.c: prevent reading uninitialized stack
    memory, CVE-2010-4078
    - LP: #707579
    - CVE-2010-4078
  * V4L/DVB: ivtvfb: prevent reading uninitialized stack memory,
    CVE-2010-4079
    - LP: #707649
    - CVE-2010-4079

linux (2.6.31-22.71) karmic-proposed; urgency=low

  [ Brad Figg ]

  - LP: #698214

  [ Upstream Kernel Changes ]

  * ipc: initialize structure memory to zero for compat functions
  * tcp: Increase TCP_MAXSEG socket option minimum.
    - CVE-2010-4165
  * perf_events: Fix perf_counter_mmap() hook in mprotect()
    - CVE-2010-4169
  * af_unix: limit unix_tot_inflight
    - CVE-2010-4249
 -- Steve Conklin <email address hidden> Thu, 10 Feb 2011 13:49:49...

Read more...

Changed in linux (Ubuntu Karmic):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-ec2 - 2.6.31-307.27

---------------
linux-ec2 (2.6.31-307.27) karmic-proposed; urgency=low

  [ Stefan Bader ]

  * Rebased to 2.6.31-22.73

  [ Ubuntu: 2.6.31-22.73 ]

  * Release Tracking Bug
    - LP: #716648
  * net: Limit socket I/O iovec total length to INT_MAX., CVE-2010-3859
    - LP: #708839, #711855
    - CVE-2010-4160
  * net: Truncate recvfrom and sendto length to INT_MAX., CVE-2010-3859
    - LP: #708839, #711855
    - CVE-2010-4160
  * net: fix rds_iovec page count overflow, CVE-2010-3865
    - LP: #709153
    - CVE-2010-3865
  * net: ax25: fix information leak to userland, CVE-2010-3875
    - LP: #710714
    - CVE-2010-3875
  * net: ax25: fix information leak to userland harder, CVE-2010-3875
    - LP: #710714
    - CVE-2010-3875
  * can-bcm: fix minor heap overflow
    - LP: #710680
    - CVE-2010-3874
  * memory corruption in X.25 facilities parsing, CVE-2010-3873
    - LP: #709372
    - CVE-2010-3873
  * net: packet: fix information leak to userland, CVE-2010-3876
    - LP: #710714
    - CVE-2010-3876
  * net: tipc: fix information leak to userland, CVE-2010-3877
    - LP: #711291
    - CVE-2010-3877
  * KVM: VMX: fix vmx null pointer dereference on debug register access,
    CVE-2010-0435
    - LP: #712615
    - CVE-2010-0435
  * gdth: integer overflow in ioctl, CVE-2010-4157
    - LP: #711797
    - CVE-2010-4157
  * posix-cpu-timers: workaround to suppress the problems with mt exec,
    CVE-2010-4248
    - LP: #712609
    - CVE-2010-4248
  * ALSA: sound/pci/rme9652: prevent reading uninitialized stack memory,
    CVE-2010-4080, CVE-2010-4081
    - LP: #712723, #712737
    - CVE-2010-4081
  * drivers/video/via/ioctl.c: prevent reading uninitialized stack memory,
    CVE-2010-4082
    - LP: #712744
    - CVE-2010-4082
  * sys_semctl: fix kernel stack leakage, CVE-2010-4083
    - LP: #712749
    - CVE-2010-4083
  * inet_diag: Make sure we actually run the same bytecode we audited,
    CVE-2010-3880
    - LP: #711865
    - CVE-2010-3880
 -- Stefan Bader <email address hidden> Fri, 11 Feb 2011 09:22:20 +0100

Changed in linux-ec2 (Ubuntu Karmic):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers