linux: 2.6.24-29.90 -proposed tracker

Bug #788843 reported by Herton R. Krzesinski on 2011-05-26
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Kernel SRU Workflow
Undecided
Unassigned
Certification-testing
Undecided
Canonical Hardware Certification
Prepare-package
Undecided
Canonical Kernel Team
Promote-to-proposed
Undecided
Ubuntu Stable Release Updates Team
Promote-to-security
Undecided
Ubuntu Stable Release Updates Team
Promote-to-updates
Undecided
Ubuntu Stable Release Updates Team
Regression-testing
Undecided
C de-Avillez
Security-signoff
Undecided
Kees Cook
Verification-testing
Undecided
Canonical Kernel Team
linux (Ubuntu)
Medium
Unassigned

Bug Description

This bug is for tracking the 2.6.24-29.90 upload package. This bug will contain status and testing results releated to that upload.

For an explanation of the tasks and the associated workflow see: https://wiki.ubuntu.com/Kernel/kernel-sru-workflow

tags: added: kernel-release-tracking-bug
Changed in linux (Ubuntu):
status: New → In Progress
importance: Undecided → Medium
Changed in kernel-sru-workflow:
status: New → In Progress
Ara Pulido (ara) wrote :

The certification team is not testing Hardy kernels. I will put this task as Invalid to avoid confusion.

Martin Pitt (pitti) wrote :

Copied to hardy-proposed.

Steve Conklin (sconklin) wrote :

Nothing but CVEs in this release, so no verification required

Kees Cook (kees) wrote :

The commit-checker missed 5caf3ae4c4bed98bd6148021e6e934d94b5dea1d (due to it accidentally claiming to be a backport of linus:272b62c1f0f6f742046e45b50b6fec98860208a0 instead of linus:b00916b189d13a615ff05c9242201135992fcda3), so CVE-2010-4655 was not shown as pending in UCT, but was correct in the changelog, so the resulting kernel is correct.

The commit-checker correctly found CVE-2011-1012 (linus:294f6cf48666825d23c9372ef37631232746e40d) which had been attributed to CVE-2011-1017 in the changelog instead of CVE-2011-1012. The fixes for CVE-2011-1017 are present also, so again, the resulting kernel is correct.

I'm happy for this to move to -security when it passes QA.

C de-Avillez (hggdh2) wrote :

QA completed, results at https://wiki.ubuntu.com/QATeam/kernelSRU-hardy-2.6.24-29.90

Marking Fix-Released for QA.

C de-Avillez (hggdh2) wrote :

Please note that EC2 tests shows a problem on m1.small instances.

C de-Avillez (hggdh2) wrote :

Wrong /proc/version_signature: bug 794714
CONFIG_COMPAT_VDSO disabled: bug 794715

Changed in kernel-sru-workflow:
status: In Progress → Incomplete
Brad Figg (brad-figg) on 2011-06-08
Changed in kernel-sru-workflow:
status: Incomplete → In Progress
tags: added: regression-testing-passed
Changed in kernel-sru-workflow:
status: In Progress → Incomplete
Brad Figg (brad-figg) on 2011-06-08
tags: added: certification-testing-passed
Changed in kernel-sru-workflow:
status: Incomplete → In Progress
Martin Pitt (pitti) wrote :

I'm a bit confused here -- C de-Avillez suggests that there is a regression?

Brad Figg (brad-figg) wrote :

The consensus between Kees and Stefan and Andy was that this issue has existed for some time and is not new in this kernel. This problem will be addressed in the next kernel. Therefore, no regression.

Stefan Bader (smb) wrote :

+1 The xen kernels have been built with this configuration since release. This is just the first time the test is actually run under ec2. I have added a SRU update for the next upload to disable that option, which will then fix it. But for now it is not a regression.

Kees Cook (kees) wrote :

Agreed, please don't hold it back.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 2.6.24-29.90

---------------
linux (2.6.24-29.90) hardy-proposed; urgency=low

  [ Herton R. Krzesinski ]

  * Release Tracking Bug
    - LP: #788843

  [Upstream Kernel Changes]

  * IB/cm: Bump reference count on cm_id before invoking callback,
    CVE-2011-0695
    - LP: #770369
    - CVE-2011-0695
  * RDMA/cma: Fix crash in request handlers, CVE-2011-0695
    - LP: #770369
    - CVE-2011-0695
  * ALSA: caiaq - Fix possible string-buffer overflow, CVE-2011-0712
    - LP: #768448
    - CVE-2011-0712
  * Treat writes as new when holes span across page boundaries,
    CVE-2011-0463
    - LP: #770483
    - CVE-2011-0463
  * net: clear heap allocations for privileged ethtool actions,
    CVE-2010-4655
    - LP: #771445
    - CVE-2010-4655
  * usb: iowarrior: don't trust report_size for buffer size, CVE-2010-4656
    - LP: #711484
    - CVE-2010-4656
  * fs/partitions/ldm.c: fix oops caused by corrupted partition table,
    CVE-2011-1017
    - LP: #771382
    - CVE-2011-1017
  * ldm: corrupted partition table can cause kernel oops, CVE-2011-1017
    - LP: #771382
    - CVE-2011-1017
  * next_pidmap: fix overflow condition, CVE-2011-1593
    - LP: #784727
    - CVE-2011-1593
  * proc: do proper range check on readdir offset, CVE-2011-1593
    - LP: #784727
    - CVE-2011-1593
 -- Herton Ronaldo Krzesinski <email address hidden> Thu, 26 May 2011 18:15:42 -0300

Changed in linux (Ubuntu):
status: In Progress → Fix Released
Martin Pitt (pitti) wrote :

Copied to -updates/-security. Kees, can you please issue the USN?

Steve Conklin (sconklin) on 2011-06-09
Changed in kernel-sru-workflow:
status: In Progress → Fix Released
status: Fix Released → In Progress
status: In Progress → Fix Released
status: Fix Released → Incomplete
Steve Conklin (sconklin) on 2011-06-09
Changed in kernel-sru-workflow:
status: Incomplete → In Progress
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers