Maverick update to 2.6.35-903.22 stable release

Bug #744250 reported by Paolo Pisati
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
linux-ti-omap4 (Ubuntu)
Fix Released
Paolo Pisati

Bug Description

This bug is for tracking the 2.6.35-903.22 upload package. This bug will contain status and testing results releated to that upload.

The following patches are in the 2.6.35-903.22 stable release:

Paolo Pisati (p-pisati)
tags: added: kernel-stable-tracking-bug
Paolo Pisati (p-pisati)
description: updated
Tim Gardner (timg-tpi)
Changed in linux (Ubuntu):
status: New → Invalid
Changed in linux (Ubuntu Maverick):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu):
status: New → Invalid
Changed in linux-ti-omap4 (Ubuntu Maverick):
assignee: nobody → Paolo Pisati (p-pisati)
status: New → Fix Committed
security vulnerability: no → yes
Revision history for this message
Martin Pitt (pitti) wrote : Please test proposed package

Accepted linux-ti-omap4 into maverick-proposed, the package will build now and be available in a few hours. Please test and give feedback here. See for documentation how to enable and use -proposed. Thank you in advance!

Revision history for this message
Tobin Davis (gruemaster) wrote :

Exactly who is this proposed test request targeting? Since I am the QA guy for armel, it would be nice to get a notice about these when they are released as opposed to seeing them when I have other testing to do and I do an apt-get update.

Please tell me what group to subscribe to, or subscribe ubuntu-armel-porters so that our team will get notification of updates that need testing.

Revision history for this message
Tobin Davis (gruemaster) wrote :

Installed & verified ok.

tags: added: armel verification-done
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (3.4 KiB)

This bug was fixed in the package linux-ti-omap4 - 2.6.35-903.22

linux-ti-omap4 (2.6.35-903.22) maverick; urgency=low

  [ Paolo Pisati ]

  * Release Tracking Bug
    - LP: #744250

  [ Upstream Kernel Changes ]

  * ALSA: seq/oss - Fix double-free at error path of snd_seq_oss_open(), CVE-2010-3080
    - CVE-2010-3080
  * tracing: t_start: reset FTRACE_ITER_HASH in case of seek/pread, CVE-2010-3079
    - CVE-2010-3079
  * KEYS: Fix bug in keyctl_session_to_parent() if parent has no session keyring, CVE-2010-2960
    - CVE-2010-2960
  * drm/i915: Sanity check pread/pwrite, CVE-2010-2962
    - CVE-2010-2962
  * do_exit(): make sure that we run with get_fs() == USER_DS, CVE-2010-3849
    - CVE-2010-3849
  * econet: disallow NULL remote addr for sendmsg(), fixes CVE-2010-3849
    - CVE-2010-3849
  * econet: fix CVE-2010-3850
    - CVE-2010-3850
  * econet: fix CVE-2010-3848
    - CVE-2010-3848
  * compat: Make compat_alloc_user_space() incorporate the access_ok(), CVE-2010-3081
    - CVE-2010-3081
  * irda: Correctly clean up self->ias_obj on irda_bind() failure., CVE-2010-2954
    - CVE-2010-2954
  * wireless extensions: fix kernel heap content leak, CVE-2010-2955
    - CVE-2010-2955
  * KEYS: Fix RCU no-lock warning in keyctl_session_to_parent(), CVE-2010-2960
    - CVE-2010-2960
  * Fix pktcdvd ioctl dev_minor range check, CVE-2010-3437
    - CVE-2010-3437
  * Fix out-of-bounds reading in sctp_asoc_get_hmac(), CVE-2010-3705
    - CVE-2010-3705
  * ocfs2: Don't walk off the end of fast symlinks., CVE-2010-NNN2
    - CVE-2010-NNN2
  * v4l: disable dangerous buggy compat function, CVE-2010-2963
    - CVE-2010-2963
  * Local privilege escalation vulnerability in RDS sockets, CVE-2010-3904
    - CVE-2010-3904
  * net: clear heap allocation for ETHTOOL_GRXCLSRLALL, CVE-2010-3861
    - CVE-2010-3861
  * ipc: shm: fix information leak to userland, CVE-2010-4072
    - CVE-2010-4072
  * tcp: Increase TCP_MAXSEG socket option minimum., CVE-2010-4165
    - CVE-2010-4165
  * af_unix: limit unix_tot_inflight, CVE-2010-4249
    - CVE-2010-4249
  * V4L/DVB: ivtvfb: prevent reading uninitialized stack memory, CVE-2010-4079
    - LP: #707649
    - CVE-2010-4079
  * net: fix rds_iovec page count overflow, CVE-2010-3865
    - LP: #709153
    - CVE-2010-3865
  * net: ax25: fix information leak to userland, CVE-2010-3875
    - LP: #710714
    - CVE-2010-3875
  * net: ax25: fix information leak to userland harder, CVE-2010-3875
    - LP: #710714
    - CVE-2010-3875
  * net: packet: fix information leak to userland, CVE-2010-3876
    - LP: #710714
    - CVE-2010-3876
  * net: tipc: fix information leak to userland, CVE-2010-3877
    - LP: #711291
    - CVE-2010-3877
  * filter: make sure filters dont read uninitialized memory, CVE-2010-4158
    - LP: #721282
    - CVE-2010-4158
  * econet: Fix crash in aun_incoming(). CVE-2010-4342
    - LP: #736394
    - CVE-2010-4342
  * sound: Prevent buffer overflow in OSS load_mixer_volumes, CVE-2010-4527
    - LP: #737073
    - CVE-2010-4527
  * irda: prevent integer underflow in IRLMP_ENUMDEVICES, CVE-2010-4529
    - LP: #737823
    - CVE-2010-4529
  * x25: Prevent crashing when parsing bad X.25 facilities, C...


Changed in linux-ti-omap4 (Ubuntu Maverick):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.