Bug #827685 “CVE-2011-2699” : Bugs : linux package : Ubuntu

Revision history for this message

Kees Cook (kees) wrote on 2011-08-16:

#1

CVE-2011-2699

tags:	added: kernel-cve-tracking-bug
security vulnerability:	no → yes

Kees Cook (kees) on 2011-08-16

Changed in linux-ec2 (Ubuntu Oneiric):
status:	New → Invalid
Changed in linux-ec2 (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-ec2 (Ubuntu Natty):
status:	New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Oneiric):
status:	New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Maverick):
status:	New → Invalid
Changed in linux-lts-backport-natty (Ubuntu Natty):
status:	New → Invalid
Changed in linux-mvl-dove (Ubuntu Oneiric):
status:	New → Invalid
Changed in linux-mvl-dove (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-mvl-dove (Ubuntu Natty):
status:	New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Oneiric):
status:	New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Maverick):
status:	New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Natty):
status:	New → Invalid
Changed in linux-ti-omap4 (Ubuntu Lucid):
status:	New → Invalid
Changed in linux-ti-omap4 (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Oneiric):
status:	New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Maverick):
status:	New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Natty):
status:	New → Invalid
description:	updated
Changed in linux-ec2 (Ubuntu Lucid):
importance:	Undecided → Low
Changed in linux-ec2 (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-ec2 (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux-ec2 (Ubuntu Maverick):
status:	New → Invalid
importance:	Undecided → Low
Changed in linux-ec2 (Ubuntu Natty):
importance:	Undecided → Low
Changed in linux-lts-backport-natty (Ubuntu Lucid):
importance:	Undecided → Low
Changed in linux-lts-backport-natty (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-lts-backport-natty (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux-lts-backport-natty (Ubuntu Maverick):
importance:	Undecided → Low
Changed in linux-lts-backport-natty (Ubuntu Natty):
importance:	Undecided → Low
Changed in linux-mvl-dove (Ubuntu Lucid):
importance:	Undecided → Low
Changed in linux-mvl-dove (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-mvl-dove (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux-mvl-dove (Ubuntu Maverick):
importance:	Undecided → Low
Changed in linux-mvl-dove (Ubuntu Natty):
importance:	Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Lucid):
importance:	Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Maverick):
importance:	Undecided → Low
Changed in linux-lts-backport-maverick (Ubuntu Natty):
importance:	Undecided → Low
Changed in linux (Ubuntu Lucid):
importance:	Undecided → Low
Changed in linux (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux (Ubuntu Maverick):
importance:	Undecided → Low
Changed in linux (Ubuntu Natty):
importance:	Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Lucid):
importance:	Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Maverick):
importance:	Undecided → Low
Changed in linux-ti-omap4 (Ubuntu Natty):
importance:	Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Lucid):
importance:	Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Oneiric):
importance:	Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Hardy):
importance:	Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Maverick):
importance:	Undecided → Low
Changed in linux-fsl-imx51 (Ubuntu Natty):
importance:	Undecided → Low

Andy Whitcroft (apw) on 2011-08-23

Changed in linux (Ubuntu Hardy):
assignee:	nobody → Andy Whitcroft (apw)
status:	New → In Progress
Changed in linux (Ubuntu Lucid):
assignee:	nobody → Andy Whitcroft (apw)
status:	New → In Progress
Changed in linux (Ubuntu Maverick):
assignee:	nobody → Andy Whitcroft (apw)
status:	New → In Progress
Changed in linux (Ubuntu Natty):
assignee:	nobody → Andy Whitcroft (apw)
status:	New → In Progress
Changed in linux (Ubuntu Oneiric):
assignee:	nobody → Andy Whitcroft (apw)
status:	New → In Progress
Changed in linux-ec2 (Ubuntu Lucid):
status:	New → In Progress
Changed in linux-fsl-imx51 (Ubuntu Lucid):
assignee:	nobody → Andy Whitcroft (apw)
status:	New → In Progress
Changed in linux-lts-backport-maverick (Ubuntu Lucid):
status:	New → In Progress
Changed in linux-lts-backport-natty (Ubuntu Lucid):
status:	New → In Progress
Changed in linux-mvl-dove (Ubuntu Lucid):
status:	New → In Progress
Changed in linux-mvl-dove (Ubuntu Maverick):
status:	New → In Progress
Changed in linux-ti-omap4 (Ubuntu Maverick):
assignee:	nobody → Andy Whitcroft (apw)
status:	New → In Progress
Changed in linux-ti-omap4 (Ubuntu Natty):
assignee:	nobody → Andy Whitcroft (apw)
status:	New → In Progress
Changed in linux-ti-omap4 (Ubuntu Oneiric):
assignee:	nobody → Andy Whitcroft (apw)
status:	New → In Progress

Tim Gardner (timg-tpi) on 2011-08-23

Changed in linux (Ubuntu Natty):
status:	In Progress → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Natty):
status:	In Progress → Fix Committed
Changed in linux (Ubuntu Maverick):
status:	In Progress → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Maverick):
status:	In Progress → Fix Committed

Tim Gardner (timg-tpi) on 2011-08-23

Changed in linux (Ubuntu Lucid):
status:	In Progress → Fix Committed
Changed in linux-fsl-imx51 (Ubuntu Lucid):
status:	In Progress → Fix Committed
Changed in linux (Ubuntu Hardy):
status:	In Progress → Fix Committed

Kees Cook (kees) on 2011-08-25

Changed in linux-ec2 (Ubuntu Lucid):
status:	In Progress → Fix Committed
Changed in linux-lts-backport-natty (Ubuntu Lucid):
status:	In Progress → Fix Committed
Changed in linux-mvl-dove (Ubuntu Lucid):
status:	In Progress → Fix Committed
Changed in linux-mvl-dove (Ubuntu Maverick):
status:	In Progress → Fix Committed
Changed in linux (Ubuntu Oneiric):
status:	In Progress → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Oneiric):
status:	In Progress → Fix Committed

Kees Cook (kees) on 2011-08-26

Changed in linux-lts-backport-maverick (Ubuntu Lucid):
status:	In Progress → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2011-09-13:

#2

Download full text (6.2 KiB)

This bug was fixed in the package linux-fsl-imx51 - 2.6.31-610.28

---------------
linux-fsl-imx51 (2.6.31-610.28) lucid-proposed; urgency=low

* Release tracking bug
- LP: #837802

[ Upstream Kernel Changes ]

  * ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * perf: Fix software event overflow, CVE-2011-2918
    - LP: #834121
    - CVE-2011-2918
  * proc: fix oops on invalid /proc/<pid>/maps access, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020

linux-fsl-imx51 (2.6.31-610.27) lucid-proposed; urgency=low

* Release tracking bug
- LP: #829160

[ Upstream Kernel Changes ]

  * fs/partitions/efi.c: corrupted GUID partition tables can cause kernel
    oops
    - LP: #795418
    - CVE-2011-1577
  * Fix corrupted OSF partition table parsing
    - LP: #796606
    - CVE-2011-1163
  * can: Add missing socket check in can/bcm release.
    - LP: #796502
    - CVE-2011-1598
  * proc: protect mm start_code/end_code in /proc/pid/stat
    - LP: #799906
    - CVE-2011-0726
  * sctp: Fix a race between ICMP protocol unreachable and connect()
  * tty: Make tiocgicount a handler, CVE-2010-4076, CVE-2010-4077
    - LP: #794034
    - CVE-2010-4077
  * filter: make sure filters dont read uninitialized memory CVE-2010-4158
    - LP: #721282
    - CVE-2010-4158
  * bio: take care not overflow page count when mapping/copying user data
    CVE-2010-4162
    - LP: #721441
    - CVE-2010-4162
  * block: check for proper length of iov entries in blk_rq_map_user_iov()
    - LP: #721504
    - CVE-2010-4163
  * block: check for proper length of iov entries earlier in
    blk_rq_map_user_iov(), CVE-2010-4163
    - LP: #721504
    - CVE-2010-4163
  * rds: Integer overflow in RDS cmsg handling, CVE-2010-4175
    - LP: #721455
    - CVE-2010-4175
  * bluetooth: Fix missing NULL check CVE-2010-4242
    - LP: #714846
    - CVE-2010-4242
  * IB/uverbs: Handle large number of entries in poll CQ CVE-2010-4649
    - LP: #800121
    - CVE-2010-4649
  * epoll: prevent creating circular epoll structures CVE-2011-1082
    - LP: #800758
    - CVE-2011-1082
  * nfs4: Ensure that ACL pages sent over NFS were not allocated from the
    slab (v3) CVE-2011-1090
    - LP: #800775
  * ldm: corrupted partition table can cause kernel oops CVE-2011-1012
    - LP: #801083
    - CVE-2011-1012
  * netfilter: ipt_CLUSTERIP: fix buffer overflow CVE-2011-2534
    - LP: #801473
    - CVE-2011-2534
  * netfilter: arp_tables: fix infoleak to userspace CVE-2011-1170
    - LP: #801480
    - CVE-2011-1170
  * netfilter: ip_tables: fix infoleak to userspace CVE-2011-1171
    - LP: #801482
    - CVE-2011-1171
  * ipv6: netfilter: ip6_tables: fix infoleak to userspace CVE-2011-1172
    - LP: #801483
    - CVE-2011-1172
  * econet: 4 byte infoleak to the network CVE-2011-1173
    - LP: #801484
    - CVE-2011-1173
  * net: Limit socket I/O iovec total length to INT_MAX.
    - LP: #708839
  * fs/partitions: Validate map_count in Mac partition tables -
    CVE-2011-1010
    - LP: #804225
    - CVE-2011-1010
  * drm: fix unsigned vs signed comparison issue in modeset ctl ioctl,
    CVE-2011-1013
    - LP: #804229
    - CVE-2011-1013
...

This bug was fixed in the package linux-fsl-imx51 - 2.6.31-610.28

---------------
linux-fsl-imx51 (2.6.31-610.28) lucid-proposed; urgency=low

* Release tracking bug
    - LP: #837802

[ Upstream Kernel Changes ]

* ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * perf: Fix software event overflow, CVE-2011-2918
    - LP: #834121
    - CVE-2011-2918
  * proc: fix oops on invalid /proc/<pid>/maps access, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020

linux-fsl-imx51 (2.6.31-610.27) lucid-proposed; urgency=low

* Release tracking bug
    - LP: #829160

[ Upstream Kernel Changes ]

* fs/partitions/efi.c: corrupted GUID partition tables can cause kernel
    oops
    - LP: #795418
    - CVE-2011-1577
  * Fix corrupted OSF partition table parsing
    - LP: #796606
    - CVE-2011-1163
  * can: Add missing socket check in can/bcm release.
    - LP: #796502
    - CVE-2011-1598
  * proc: protect mm start_code/end_code in /proc/pid/stat
    - LP: #799906
    - CVE-2011-0726
  * sctp: Fix a race between ICMP protocol unreachable and connect()
  * tty: Make tiocgicount a handler, CVE-2010-4076, CVE-2010-4077
    - LP: #794034
    - CVE-2010-4077
  * filter: make sure filters dont read uninitialized memory CVE-2010-4158
    - LP: #721282
    - CVE-2010-4158
  * bio: take care not overflow page count when mapping/copying user data
    CVE-2010-4162
    - LP: #721441
    - CVE-2010-4162
  * block: check for proper length of iov entries in blk_rq_map_user_iov()
    - LP: #721504
    - CVE-2010-4163
  * block: check for proper length of iov entries earlier in
    blk_rq_map_user_iov(), CVE-2010-4163
    - LP: #721504
    - CVE-2010-4163
  * rds: Integer overflow in RDS cmsg handling, CVE-2010-4175
    - LP: #721455
    - CVE-2010-4175
  * bluetooth: Fix missing NULL check CVE-2010-4242
    - LP: #714846
    - CVE-2010-4242
  * IB/uverbs: Handle large number of entries in poll CQ CVE-2010-4649
    - LP: #800121
    - CVE-2010-4649
  * epoll: prevent creating circular epoll structures CVE-2011-1082
    - LP: #800758
    - CVE-2011-1082
  * nfs4: Ensure that ACL pages sent over NFS were not allocated from the
    slab (v3) CVE-2011-1090
    - LP: #800775
  * ldm: corrupted partition table can cause kernel oops CVE-2011-1012
    - LP: #801083
    - CVE-2011-1012
  * netfilter: ipt_CLUSTERIP: fix buffer overflow CVE-2011-2534
    - LP: #801473
    - CVE-2011-2534
  * netfilter: arp_tables: fix infoleak to userspace CVE-2011-1170
    - LP: #801480
    - CVE-2011-1170
  * netfilter: ip_tables: fix infoleak to userspace CVE-2011-1171
    - LP: #801482
    - CVE-2011-1171
  * ipv6: netfilter: ip6_tables: fix infoleak to userspace CVE-2011-1172
    - LP: #801483
    - CVE-2011-1172
  * econet: 4 byte infoleak to the network CVE-2011-1173
    - LP: #801484
    - CVE-2011-1173
  * net: Limit socket I/O iovec total length to INT_MAX.
    - LP: #708839
  * fs/partitions: Validate map_count in Mac partition tables -
    CVE-2011-1010
    - LP: #804225
    - CVE-2011-1010
  * drm: fix unsigned vs signed comparison issue in modeset ctl ioctl,
    CVE-2011-1013
    - LP: #804229
    - CVE-2011-1013
  * exec: copy-and-paste the fixes into compat_do_execve() paths -
    CVE-2010-4243
    - LP: #804234
    - CVE-2010-4243
  * taskstats: don't allow duplicate entries in listener mode,
    CVE-2011-2484
    - LP: #806390
    - CVE-2011-2484
  * dccp: handle invalid feature options length, CVE-2011-1770
    - LP: #806375
    - CVE-2011-1770
  * pagemap: close races with suid execve, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * report errors in /proc/*/*map* sanely, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * close race in /proc/*/environ, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * auxv: require the target to be tracable (or yourself), CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * deal with races in /proc/*/{syscall, stack, personality}, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * dccp: fix oops on Reset after close, CVE-2011-1093
    - LP: #814087
    - CVE-2011-1093
  * net: add limit for socket backlog CVE-2010-4251
    - LP: #807462
  * tcp: use limited socket backlog CVE-2010-4251
    - LP: #807462
  * ipv6: udp: Optimise multicast reception
    - LP: #807462
  * ipv4: udp: Optimise multicast reception
    - LP: #807462
  * udp: multicast RX should increment SNMP/sk_drops counter in allocation
    failures CVE-2010-4251
    - LP: #807462
  * udp: use limited socket backlog CVE-2010-4251
    - LP: #807462
  * llc: use limited socket backlog CVE-2010-4251
    - LP: #807462
  * sctp: use limited socket backlog CVE-2010-4251
    - LP: #807462
  * tipc: use limited socket backlog CVE-2010-4251
    - LP: #807462
  * x25: use limited socket backlog CVE-2010-4251
    - LP: #807462
  * net: backlog functions rename CVE-2010-4251
    - LP: #807462
  * net: sk_add_backlog() take rmem_alloc into account CVE-2010-4805
    - LP: #809318
  * Bluetooth: sco: fix information leak to userspace, CVE-2011-1078
    - LP: #816542
    - CVE-2011-1078
  * Bluetooth: bnep: fix buffer overflow, CVE-2011-1079
    - LP: #816544
    - CVE-2011-1079
  * bridge: netfilter: fix information leak, CVE-2011-1080
    - LP: #816545
    - CVE-2011-1080
  * char/tpm: Fix unitialized usage of data buffer, CVE-2011-1160
    - LP: #816546
    - CVE-2011-1160
  * irda: validate peer name and attribute lengths, CVE-2011-1180
    - LP: #816547
    - CVE-2011-1180
  * gro: Reset dev pointer on reuse, CVE-2011-1478
    - LP: #816549
    - CVE-2011-1478
  * gro: reset skb_iif on reuse, CVE-2011-1478
    - LP: #816549
    - CVE-2011-1478
  * rose_loopback_timer sets VC number <= ROSE_DEFAULT_MAXVC, CVE-2011-1493
    - LP: #816550
    - CVE-2011-1493
  * ROSE: prevent heap corruption with bad facilities, CVE-2011-1493
    - LP: #816550
    - CVE-2011-1493
  * rose: Add length checks to CALL_REQUEST parsing, CVE-2011-1493
    - LP: #816550
    - CVE-2011-1493
  * Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace.
    - LP: #819569
    - CVE-2011-2492
  * Add mount option to check uid of device being mounted = expect uid,
    CVE-2011-1833
    - LP: #732628
    - CVE-2011-1833
 -- Paolo Pisati <paolo.pisati@canonical.com>   Wed, 31 Aug 2011 10:26:26 +0200

Changed in linux-fsl-imx51 (Ubuntu Lucid):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2011-09-13:

#3

Download full text (9.1 KiB)

This bug was fixed in the package linux-ti-omap4 - 2.6.35-903.24

---------------
linux-ti-omap4 (2.6.35-903.24) maverick-proposed; urgency=low

* Release tracking bug
- LP: #838037

[ Upstream Kernel Changes ]

  * ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * perf: Fix software event overflow, CVE-2011-2918
    - LP: #834121
    - CVE-2011-2918
  * proc: fix oops on invalid /proc/<pid>/maps access, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020

linux-ti-omap4 (2.6.35-903.23) maverick-proposed; urgency=low

* Release tracking bug
- LP: #829655

[ Upstream Kernel Changes ]

  * drm/radeon/kms: check AA resolve registers on r300, CVE-2011-1016
    - LP: #745686
    - CVE-2011-1016
  * drm/radeon: fix regression with AA resolve checking, CVE-2011-1016
    - LP: #745686
    - CVE-2011-1016
  * can-bcm: fix minor heap overflow
    - LP: #690730
  * CAN: Use inode instead of kernel address for /proc file, CVE-2010-4565
    - LP: #765007
    - CVE-2010-4565
  * av7110: check for negative array offset
    - LP: #747520
  * xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1,
    CVE-2011-0711
    - LP: #767740
    - CVE-2011-0711
  * ALSA: caiaq - Fix possible string-buffer overflow
    - LP: #747520
  * IB/cm: Bump reference count on cm_id before invoking callback,
    CVE-2011-0695
    - LP: #770369
    - CVE-2011-0695
  * RDMA/cma: Fix crash in request handlers, CVE-2011-0695
    - LP: #770369
    - CVE-2011-0695
  * Treat writes as new when holes span across page boundaries,
    CVE-2011-0463
    - LP: #770483
    - CVE-2011-0463
  * net: clear heap allocations for privileged ethtool actions
    - LP: #686158
  * usb: iowarrior: don't trust report_size for buffer size
    - LP: #747520
  * fs/partitions/ldm.c: fix oops caused by corrupted partition table,
    CVE-2011-1017
    - LP: #771382
    - CVE-2011-1017
  * Prevent rt_sigqueueinfo and rt_tgsigqueueinfo from spoofing the signal
    code
    - LP: #747520
  * Relax si_code check in rt_sigqueueinfo and rt_tgsigqueueinfo
    - LP: #747520
  * exec: make argv/envp memory visible to oom-killer
    - LP: #690730
  * next_pidmap: fix overflow condition
    - LP: #772560
  * proc: do proper range check on readdir offset
    - LP: #772560
  * ALSA: sound/pci/asihpi: check adapter index in hpi_ioctl, CVE-2011-1169
    - LP: #785331
    - CVE-2011-1169
  * mpt2sas: prevent heap overflows and unchecked reads, CVE-2011-1494
    - LP: #787145
    - CVE-2011-1494
  * agp: fix arbitrary kernel memory writes, CVE-1011-2022
    - LP: #788684
    - CVE-1011-2022
  * can: add missing socket check in can/raw release, CVE-2011-1748
    - LP: #788694
    - CVE-2011-1748
  * agp: fix OOM and buffer overflow
    - LP: #788700
  * drivers/net/cxgb3/cxgb3_main.c: prevent reading uninitialized stack
    memory - CVE-2010-3296
    - CVE-2010-3296
  * drivers/net/eql.c: prevent reading uninitialized stack memory -
    CVE-2010-3297
    - CVE-2010-3297
  * inet_diag: Make sure we actually run the same bytecode we audited,
    CVE-2010-3880
    - LP: #711865
    - CVE-2010-3880
  * setup_arg_pages: diagnose excessive argume...

This bug was fixed in the package linux-ti-omap4 - 2.6.35-903.24

---------------
linux-ti-omap4 (2.6.35-903.24) maverick-proposed; urgency=low

* Release tracking bug
    - LP: #838037

[ Upstream Kernel Changes ]

* ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * perf: Fix software event overflow, CVE-2011-2918
    - LP: #834121
    - CVE-2011-2918
  * proc: fix oops on invalid /proc/<pid>/maps access, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020

linux-ti-omap4 (2.6.35-903.23) maverick-proposed; urgency=low

* Release tracking bug
    - LP: #829655

[ Upstream Kernel Changes ]

* drm/radeon/kms: check AA resolve registers on r300, CVE-2011-1016
    - LP: #745686
    - CVE-2011-1016
  * drm/radeon: fix regression with AA resolve checking, CVE-2011-1016
    - LP: #745686
    - CVE-2011-1016
  * can-bcm: fix minor heap overflow
    - LP: #690730
  * CAN: Use inode instead of kernel address for /proc file, CVE-2010-4565
    - LP: #765007
    - CVE-2010-4565
  * av7110: check for negative array offset
    - LP: #747520
  * xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1,
    CVE-2011-0711
    - LP: #767740
    - CVE-2011-0711
  * ALSA: caiaq - Fix possible string-buffer overflow
    - LP: #747520
  * IB/cm: Bump reference count on cm_id before invoking callback,
    CVE-2011-0695
    - LP: #770369
    - CVE-2011-0695
  * RDMA/cma: Fix crash in request handlers, CVE-2011-0695
    - LP: #770369
    - CVE-2011-0695
  * Treat writes as new when holes span across page boundaries,
    CVE-2011-0463
    - LP: #770483
    - CVE-2011-0463
  * net: clear heap allocations for privileged ethtool actions
    - LP: #686158
  * usb: iowarrior: don't trust report_size for buffer size
    - LP: #747520
  * fs/partitions/ldm.c: fix oops caused by corrupted partition table,
    CVE-2011-1017
    - LP: #771382
    - CVE-2011-1017
  * Prevent rt_sigqueueinfo and rt_tgsigqueueinfo from spoofing the signal
    code
    - LP: #747520
  * Relax si_code check in rt_sigqueueinfo and rt_tgsigqueueinfo
    - LP: #747520
  * exec: make argv/envp memory visible to oom-killer
    - LP: #690730
  * next_pidmap: fix overflow condition
    - LP: #772560
  * proc: do proper range check on readdir offset
    - LP: #772560
  * ALSA: sound/pci/asihpi: check adapter index in hpi_ioctl, CVE-2011-1169
    - LP: #785331
    - CVE-2011-1169
  * mpt2sas: prevent heap overflows and unchecked reads, CVE-2011-1494
    - LP: #787145
    - CVE-2011-1494
  * agp: fix arbitrary kernel memory writes, CVE-1011-2022
    - LP: #788684
    - CVE-1011-2022
  * can: add missing socket check in can/raw release, CVE-2011-1748
    - LP: #788694
    - CVE-2011-1748
  * agp: fix OOM and buffer overflow
    - LP: #788700
  * drivers/net/cxgb3/cxgb3_main.c: prevent reading uninitialized stack
    memory - CVE-2010-3296
    - CVE-2010-3296
  * drivers/net/eql.c: prevent reading uninitialized stack memory -
    CVE-2010-3297
    - CVE-2010-3297
  * inet_diag: Make sure we actually run the same bytecode we audited,
    CVE-2010-3880
    - LP: #711865
    - CVE-2010-3880
  * setup_arg_pages: diagnose excessive argument size - CVE-2010-3858
    - LP: #672664
    - CVE-2010-3858
  * net: Truncate recvfrom and sendto length to INT_MAX - CVE-2010-3859
    - LP: #690730
    - CVE-2010-3859
  * net: Limit socket I/O iovec total length to INT_MAX - CVE-2010-3859
    - LP: #690730
    - CVE-2010-3859
  * ipc: initialize structure memory to zero for compat functions -
    CVE-2010-4073
    - LP: #690730
    - CVE-2010-4073
  * ALSA: sound/pci/rme9652: prevent reading uninitialized stack memory -
    CVE-2010-4080, CVE-2010-4081
    - LP: #672664
    - CVE-2010-4080, CVE-2010-4081
  * drivers/video/via/ioctl.c: prevent reading uninitialized stack memory -
    CVE-2010-4082
    - CVE-2010-4082
  * sys_semctl: fix kernel stack leakage, CVE-2010-4083
    - LP: #712749
    - CVE-2010-4083
  * gdth: integer overflow in ioctl - CVE-2010-4157
    - LP: #686158
    - CVE-2010-4157
  * bio: take care not overflow page count when mapping/copying user data -
    CVE-2010-4162
    - LP: #721441
    - CVE-2010-4162
  * bluetooth: Fix missing NULL check - CVE-2010-4242
    - LP: #686158
  * rds: Integer overflow in RDS cmsg handling, CVE-2010-4175
    - LP: #721455
    - CVE-2010-4175
  * perf_events: Fix perf_counter_mmap() hook in mprotect() - CVE-2010-4169
    - LP: #690730
    - CVE-2010-4169
  * block: check for proper length of iov entries in blk_rq_map_user_iov()
    - CVE-2010-4163
    - LP: #690730
    - CVE-2010-4163
  * block: check for proper length of iov entries earlier in
    blk_rq_map_user_iov(), CVE-2010-4163
    - LP: #721504
    - CVE-2010-4163
  * fs/partitions/efi.c: corrupted GUID partition tables can cause kernel
    oops
    - LP: #795418
    - CVE-2011-1577
  * Fix corrupted OSF partition table parsing
    - LP: #796606
    - CVE-2011-1163
  * can: Add missing socket check in can/bcm release.
    - LP: #796502
    - CVE-2011-1598
  * proc: protect mm start_code/end_code in /proc/pid/stat
    - LP: #799906
    - CVE-2011-0726
  * tty: icount changeover for other main devices, CVE-2010-4076,
    CVE-2010-4077
    - LP: #720189
    - CVE-2010-4077
  * tty: Make tiocgicount a handler, CVE-2010-4076, CVE-2010-4077
    - LP: #794034
    - CVE-2010-4077
  * posix-cpu-timers: workaround to suppress the problems with mt exec,
    CVE-2010-4248
    - LP: #712609
    - CVE-2010-4248
  * Rename 'pipe_info()' to 'get_pipe_info()' CVE-2010-4256
    - LP: #799805
    - CVE-2010-4256
  * Export 'get_pipe_info()' to other users CVE-2010-4256
    - LP: #799805
    - CVE-2010-4256
  * IB/uverbs: Handle large number of entries in poll CQ CVE-2010-4649
    - LP: #800121
    - CVE-2010-4649
  * nfs4: Ensure that ACL pages sent over NFS were not allocated from the
    slab (v3) CVE-2011-1090
    - LP: #800775
    - CVE-2011-1090
  * epoll: prevent creating circular epoll structures CVE-2011-1082
    - LP: #800758
    - CVE-2011-1082
  * xfs: zero proper structure size for geometry calls CVE-2011-0711
    - LP: #767740
    - CVE-2011-0711
  * ldm: corrupted partition table can cause kernel oops CVE-2011-1012
    - LP: #801083
    - CVE-2011-1012
  * netfilter: ipt_CLUSTERIP: fix buffer overflow CVE-2011-2534
    - LP: #801473
    - CVE-2011-2534
  * netfilter: arp_tables: fix infoleak to userspace CVE-2011-1170
    - LP: #801480
    - CVE-2011-1170
  * netfilter: ip_tables: fix infoleak to userspace CVE-2011-1171
    - LP: #801482
    - CVE-2011-1171
  * ipv6: netfilter: ip6_tables: fix infoleak to userspace CVE-2011-1172
    - LP: #801483
    - CVE-2011-1172
  * econet: 4 byte infoleak to the network CVE-2011-1173
    - LP: #801484
    - CVE-2011-1173
  * fs/partitions: Validate map_count in Mac partition tables CVE-2011-1010
    - LP: #804225
    - CVE-2011-1010
  * drm: fix unsigned vs signed comparison issue in modeset ctl ioctl
    CVE-2011-1013
    - LP: #804229
  * net: don't allow CAP_NET_ADMIN to load non-netdev kernel modules
    CVE-2011-1019
    - LP: #804366
    - CVE-2011-1019
  * exec: copy-and-paste the fixes into compat_do_execve() paths
    CVE-2010-4243
    - LP: #804234
    - CVE-2010-4243
  * taskstats: don't allow duplicate entries in listener mode,
    CVE-2011-2484
    - LP: #806390
    - CVE-2011-2484
  * dccp: handle invalid feature options length, CVE-2011-1770
    - LP: #806375
    - CVE-2011-1770
  * pagemap: close races with suid execve, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * report errors in /proc/*/*map* sanely, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * close race in /proc/*/environ, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * auxv: require the target to be tracable (or yourself), CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * deal with races in /proc/*/{syscall, stack, personality}, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * dccp: fix oops on Reset after close, CVE-2011-1093
    - LP: #814087
    - CVE-2011-1093
  * Bluetooth: sco: fix information leak to userspace, CVE-2011-1078
    - LP: #816542
    - CVE-2011-1078
  * Bluetooth: bnep: fix buffer overflow, CVE-2011-1079
    - LP: #816544
    - CVE-2011-1079
  * bridge: netfilter: fix information leak, CVE-2011-1080
    - LP: #816545
    - CVE-2011-1080
  * gro: Reset dev pointer on reuse, CVE-2011-1478
    - LP: #816549
    - CVE-2011-1478
  * gro: reset skb_iif on reuseu, CVE-2011-1478
    - LP: #816549
    - CVE-2011-1478
  * char/tpm: Fix unitialized usage of data buffer, CVE-2011-1160
    - LP: #816546
    - CVE-2011-1160
  * irda: validate peer name and attribute lengths, CVE-2011-1180
    - LP: #816547
    - CVE-2011-1180
  * ROSE: prevent heap corruption with bad facilities, CVE-2011-1493
    - LP: #816550
    - CVE-2011-1493
  * rose: Add length checks to CALL_REQUEST parsing, CVE-2011-1493
    - LP: #816550
    - CVE-2011-1493
  * Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace.
    - LP: #819569
    - CVE-2011-2492
  * Add mount option to check uid of device being mounted = expect uid,
    CVE-2011-1833
    - LP: #732628
    - CVE-2011-1833
 -- Paolo Pisati <paolo.pisati@canonical.com>   Wed, 31 Aug 2011 16:46:35 +0200

Changed in linux-ti-omap4 (Ubuntu Maverick):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2011-09-21:

#4

Download full text (38.0 KiB)

This bug was fixed in the package linux-ti-omap4 - 2.6.38-1209.15

---------------
linux-ti-omap4 (2.6.38-1209.15) natty-proposed; urgency=low

* Release tracking bug
- LP: #837761

[ Paolo Pisati ]

* [Config] Turn on CONFIG_USER_NS and DEVPTS_MULTIPLE_INSTANCES.
- LP: #787749

[ Tim Gardner ]

* [Config] Add enic/fnic to nic-modules udeb, CVE-2011-1020
- LP: #801610

[ Upstream Kernel Changes ]

  * mpt2sas: prevent heap overflows and unchecked reads
    - LP: #780546
  * agp: fix arbitrary kernel memory writes
    - LP: #775809
  * can: add missing socket check in can/raw release
    - LP: #780546
  * agp: fix OOM and buffer overflow
    - LP: #775809
  * bonding: Incorrect TX queue offset, CVE-2011-1581
    - LP: #792312
    - CVE-2011-1581
  * fs/partitions/efi.c: corrupted GUID partition tables can cause kernel
    oops
    - LP: #795418
    - CVE-2011-1577
  * can: Add missing socket check in can/bcm release.
    - LP: #796502
    - CVE-2011-1598
  * USB: ehci: remove structure packing from ehci_def
    - LP: #791552
  * taskstats: don't allow duplicate entries in listener mode,
    CVE-2011-2484
    - LP: #806390
    - CVE-2011-2484
  * ext4: init timer earlier to avoid a kernel panic in __save_error_info,
    CVE-2011-2493
    - LP: #806929
    - CVE-2011-2493
  * dccp: handle invalid feature options length, CVE-2011-1770
    - LP: #806375
    - CVE-2011-1770
  * pagemap: close races with suid execve, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * report errors in /proc/*/*map* sanely, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * close race in /proc/*/environ, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * auxv: require the target to be tracable (or yourself), CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * deal with races in /proc/*/{syscall, stack, personality}, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * rose: Add length checks to CALL_REQUEST parsing, CVE-2011-1493
    - LP: #816550
    - CVE-2011-1493
  * GFS2: make sure fallocate bytes is a multiple of blksize, CVE-2011-2689
    - LP: #819572
    - CVE-2011-2689
  * Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace.
    - LP: #819569
    - CVE-2011-2492
  * Add mount option to check uid of device being mounted = expect uid,
    CVE-2011-1833
    - LP: #732628
    - CVE-2011-1833
  * ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * perf: Fix software event overflow, CVE-2011-2918
    - LP: #834121
    - CVE-2011-2918
  * proc: fix oops on invalid /proc/<pid>/maps access, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020

linux-ti-omap4 (2.6.38-1209.13) natty; urgency=low

[ Tim Gardner ]

* Release Tracking Bug
- LP: #772381

[ Brad Figg ]

* Ubuntu-2.6.38-9.43

[ Bryan Wu ]

  * merge Ubuntu-2.6.38-9.43
  * cherry-pick 6 patches from u2 of 'for-ubuntu' branch
  * [Config] Sync up configs for 2.6.38.4

[ Herton Ronaldo Krzesinski ]

* SAUCE: Revert "x86, hibernate: Initialize mmu_cr4_features during boot"
- LP: #764758

[ Leann Ogasawara ]

* [Config] updateconfigs for 2.6.38.4

[ Paolo Pisati ]

* [Conf...

This bug was fixed in the package linux-ti-omap4 - 2.6.38-1209.15

---------------
linux-ti-omap4 (2.6.38-1209.15) natty-proposed; urgency=low

* Release tracking bug
    - LP: #837761

[ Paolo Pisati ]

* [Config] Turn on CONFIG_USER_NS and DEVPTS_MULTIPLE_INSTANCES.
    - LP: #787749

[ Tim Gardner ]

* [Config] Add enic/fnic to nic-modules udeb, CVE-2011-1020
    - LP: #801610

[ Upstream Kernel Changes ]

* mpt2sas: prevent heap overflows and unchecked reads
    - LP: #780546
  * agp: fix arbitrary kernel memory writes
    - LP: #775809
  * can: add missing socket check in can/raw release
    - LP: #780546
  * agp: fix OOM and buffer overflow
    - LP: #775809
  * bonding: Incorrect TX queue offset, CVE-2011-1581
    - LP: #792312
    - CVE-2011-1581
  * fs/partitions/efi.c: corrupted GUID partition tables can cause kernel
    oops
    - LP: #795418
    - CVE-2011-1577
  * can: Add missing socket check in can/bcm release.
    - LP: #796502
    - CVE-2011-1598
  * USB: ehci: remove structure packing from ehci_def
    - LP: #791552
  * taskstats: don't allow duplicate entries in listener mode,
    CVE-2011-2484
    - LP: #806390
    - CVE-2011-2484
  * ext4: init timer earlier to avoid a kernel panic in __save_error_info,
    CVE-2011-2493
    - LP: #806929
    - CVE-2011-2493
  * dccp: handle invalid feature options length, CVE-2011-1770
    - LP: #806375
    - CVE-2011-1770
  * pagemap: close races with suid execve, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * report errors in /proc/*/*map* sanely, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * close race in /proc/*/environ, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * auxv: require the target to be tracable (or yourself), CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * deal with races in /proc/*/{syscall, stack, personality}, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * rose: Add length checks to CALL_REQUEST parsing, CVE-2011-1493
    - LP: #816550
    - CVE-2011-1493
  * GFS2: make sure fallocate bytes is a multiple of blksize, CVE-2011-2689
    - LP: #819572
    - CVE-2011-2689
  * Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace.
    - LP: #819569
    - CVE-2011-2492
  * Add mount option to check uid of device being mounted = expect uid,
    CVE-2011-1833
    - LP: #732628
    - CVE-2011-1833
  * ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * perf: Fix software event overflow, CVE-2011-2918
    - LP: #834121
    - CVE-2011-2918
  * proc: fix oops on invalid /proc/<pid>/maps access, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020

linux-ti-omap4 (2.6.38-1209.13) natty; urgency=low

[ Tim Gardner ]

* Release Tracking Bug
    - LP: #772381

[ Brad Figg ]

* Ubuntu-2.6.38-9.43

[ Bryan Wu ]

* merge Ubuntu-2.6.38-9.43
  * cherry-pick 6 patches from u2 of 'for-ubuntu' branch
  * [Config] Sync up configs for 2.6.38.4

[ Herton Ronaldo Krzesinski ]

* SAUCE: Revert "x86, hibernate: Initialize mmu_cr4_features during boot"
    - LP: #764758

[ Leann Ogasawara ]

* [Config] updateconfigs for 2.6.38.4

[ Paolo Pisati ]

* [Config] s/USB_MUSB_TUSB6010/USB_MUSB_OMAP2PLUS/ on omap3 to get musb
    - LP: #759913

[ Serge E. Hallyn ]

* SAUCE: kvm: fix push of wrong eip when doing softint
    - LP: #747090

[ Tim Gardner ]

* [Config] Add cachefiles.ko to virtual flavour
    - LP: #770430

[ Upstream Kernel Changes ]

* Revert "net/sunrpc: Use static const char arrays"
    - LP: #761134
  * Revert "x86: Cleanup highmap after brk is concluded"
    - LP: #761134
  * ALSA: hda - Fix SPDIF out regression on ALC889
    - LP: #761134
  * ALSA: Fix yet another race in disconnection
    - LP: #761134
  * ALSA: vmalloc buffers should use normal mmap
    - LP: #761134
  * perf: Better fit max unprivileged mlock pages for tools needs
    - LP: #761134
  * myri10ge: fix rmmod crash
    - LP: #761134
  * cciss: fix lost command issue
    - LP: #761134
  * ath9k: Fix kernel panic in AR2427
    - LP: #761134
  * sound/oss/opl3: validate voice and channel indexes
    - LP: #761134
  * mac80211: initialize sta->last_rx in sta_info_alloc
    - LP: #761134
  * ses: show devices for enclosures with no page 7
    - LP: #761134
  * ses: Avoid kernel panic when lun 0 is not mapped
    - LP: #761134
  * PCI/ACPI: Report ASPM support to BIOS if not disabled from command line
    - LP: #761134
  * eCryptfs: Unlock page in write_begin error path
    - LP: #761134
  * eCryptfs: ecryptfs_keyring_auth_tok_for_sig() bug fix
    - LP: #761134
  * crypto: aesni-intel - fixed problem with packets that are not multiple
    of 64bytes
    - LP: #761134
  * staging: usbip: bugfixes related to kthread conversion
    - LP: #761134
  * staging: usbip: bugfix add number of packets for isochronous frames
    - LP: #761134
  * staging: usbip: bugfix for isochronous packets and optimization
    - LP: #761134
  * staging: hv: use sync_bitops when interacting with the hypervisor
    - LP: #761134
  * staging: hv: Fix GARP not sent after Quick Migration
    - LP: #761134
  * xfs: register the inode cache shrinker before quotachecks
    - LP: #761134
  * amd64_edac: Fix potential memleak
    - LP: #761134
  * watchdog: s3c2410_wdt.c: Convert release_resource to
    release_region/release_mem_region
    - LP: #761134
  * watchdog: Convert release_resource to release_region/release_mem_region
    - LP: #761134
  * irda: validate peer name and attribute lengths
    - LP: #761134
  * irda: prevent heap corruption on invalid nickname
    - LP: #761134
  * powerpc: Fix accounting of softirq time when idle
    - LP: #761134
  * nilfs2: fix data loss in mmap page write for hole blocks
    - LP: #761134
  * ASoC: Explicitly say registerless widgets have no register
    - LP: #761134
  * ASoC: imx: set watermarks for mx2-dma
    - LP: #761134
  * ASoC: imx: fix burstsize for DMA
    - LP: #761134
  * ASoC: Fix CODEC device name for Corgi
    - LP: #761134
  * ALSA: ens1371: fix Creative Ectiva support
    - LP: #761134
  * ALSA: hda - HDMI: Fix MCP7x audio infoframe checksums
    - LP: #761134
  * ALSA: HDA: Fix single internal mic on ALC275 (Sony Vaio VPCSB1C5E)
    - LP: #752792, #761134
  * net: fix ethtool->set_flags not intended -EINVAL return value
    - LP: #761134
  * drm/radeon/kms: add some new ontario pci ids
    - LP: #761134
  * drm/radeon/kms: add some sanity checks to obj info record parsingi (v2)
    - LP: #761134
  * inotify: fix double free/corruption of stuct user
    - LP: #761134
  * HID: hid-magicmouse: Increase evdev buffer size
    - LP: #761134
  * perf: Fix task_struct reference leak
    - LP: #761134
  * perf: Rebase max unprivileged mlock threshold on top of page size
    - LP: #761134
  * ROSE: prevent heap corruption with bad facilities
    - LP: #761134
  * Btrfs: Fix uninitialized root flags for subvolumes
    - LP: #761134
  * x86, mtrr, pat: Fix one cpu getting out of sync during resume
    - LP: #761134
  * Input: synaptics - fix crash in synaptics_module_init()
    - LP: #761134
  * ath9k: fix a chip wakeup related crash in ath9k_start
    - LP: #761134
  * mac80211: fix a crash in minstrel_ht in HT mode with no supported MCS
    rates
    - LP: #761134
  * staging: IIO: IMU: ADIS16400: Fix up SPI messages cs_change behavior
    - LP: #761134
  * staging: IIO: IMU: ADIS16400: Add delay after self test
    - LP: #761134
  * staging: IIO: IMU: ADIS16400: Fix addresses of GYRO and ACCEL
    calibration offset
    - LP: #761134
  * staging: IIO: IMU: ADIS16400: Make sure only enabled scan_elements are
    pushed into the ring
    - LP: #761134
  * UBIFS: do not read flash unnecessarily
    - LP: #761134
  * UBIFS: fix oops on error path in read_pnode
    - LP: #761134
  * UBIFS: fix debugging failure in dbg_check_space_info
    - LP: #761134
  * quota: Don't write quota info in dquot_commit()
    - LP: #761134
  * mm: avoid wrapping vm_pgoff in mremap()
    - LP: #761134
  * iwlwifi: accept EEPROM version 0x423 for iwl6000
    - LP: #761134
  * p54usb: IDs for two new devices
    - LP: #761134
  * rt2x00: Fix radio off hang issue for PCIE interface
    - LP: #662288, #761134
  * rt2x00: fix cancelling uninitialized work
    - LP: #761134
  * wl12xx: fix potential buffer overflow in testmode nvs push
    - LP: #761134
  * media/radio/wl1273: fix build errors
    - LP: #761134
  * b43: allocate receive buffers big enough for max frame len + offset
    - LP: #761134
  * Bluetooth: sco: fix information leak to userspace
    - LP: #761134
  * bridge: netfilter: fix information leak
    - LP: #761134
  * Bluetooth: bnep: fix buffer overflow
    - LP: #761134
  * Bluetooth: add support for Apple MacBook Pro 8,2
    - LP: #761134
  * Treat writes as new when holes span across page boundaries
    - LP: #761134
  * char/tpm: Fix unitialized usage of data buffer
    - LP: #761134
  * netfilter: ip_tables: fix infoleak to userspace
    - LP: #761134
  * netfilter: xtables: fix reentrancy
    - LP: #761134
  * netfilter: arp_tables: fix infoleak to userspace
    - LP: #761134
  * netfilter: ipt_CLUSTERIP: fix buffer overflow
    - LP: #761134
  * ipv6: netfilter: ip6_tables: fix infoleak to userspace
    - LP: #761134
  * scsi_transport_iscsi: make priv_sess file writeable only by root
    - LP: #761134
  * mfd: ab8500: world-writable debugfs register-* files
    - LP: #761134
  * mfd: ab3500: world-writable debugfs register-* files
    - LP: #761134
  * mfd: ab3100: world-writable debugfs *_priv files
    - LP: #761134
  * drivers/rtc/rtc-ds1511.c: world-writable sysfs nvram file
    - LP: #761134
  * drivers/misc/ep93xx_pwm.c: world-writable sysfs files
    - LP: #761134
  * drivers/leds/leds-lp5523.c: world-writable engine* sysfs files
    - LP: #761134
  * drivers/leds/leds-lp5521.c: world-writable sysfs engine* files
    - LP: #761134
  * econet: 4 byte infoleak to the network
    - LP: #761134
  * netfilter: h323: bug in parsing of ASN1 SEQOF field
    - LP: #761134
  * sound/oss: remove offset from load_patch callbacks
    - LP: #761134
  * drivers/media/video/tlg2300/pd-video.c: Remove second mutex_unlock in
    pd_vidioc_s_fmt
    - LP: #761134
  * acer-wmi: does not set persistence state by rfkill_init_sw_state
    - LP: #761134
  * Squashfs: Use vmalloc rather than kmalloc for zlib workspace
    - LP: #761134
  * Squashfs: handle corruption of directory structure
    - LP: #761134
  * atm/solos-pci: Don't include frame pseudo-header on transmit hex-dump
    - LP: #761134
  * atm/solos-pci: Don't flap VCs when carrier state changes
    - LP: #761134
  * ext4: fix a double free in ext4_register_li_request
    - LP: #761134
  * ext4: fix credits computing for indirect mapped files
    - LP: #761134
  * nfsd: fix auth_domain reference leak on nlm operations
    - LP: #761134
  * nfsd4: fix oops on lock failure
    - LP: #761134
  * Linux 2.6.38.3
    - LP: #761134
  * vm: fix vm_pgoff wrap in stack expansion
    - LP: #769042
  * drm/radeon/kms: pll tweaks for rv6xx
    - LP: #769042
  * drm/radeon/kms: fix suspend on rv530 asics
    - LP: #769042
  * cifs: always do is_path_accessible check in cifs_mount
    - LP: #769042
  * cifs: check for private_data before trying to put it
    - LP: #769042
  * cifs: set ra_pages in backing_dev_info
    - LP: #769042
  * cifs: wrap received signature check in srv_mutex
    - LP: #769042
  * video: sn9c102: world-wirtable sysfs files
    - LP: #769042
  * UBIFS: restrict world-writable debugfs files
    - LP: #769042
  * ALSA: hda - Fix pin-config of Gigabyte mobo
    - LP: #769042
  * NET: cdc-phonet, handle empty phonet header
    - LP: #769042
  * x86: Fix a bogus unwind annotation in lib/semaphore_32.S
    - LP: #769042
  * tioca: Fix assignment from incompatible pointer warnings
    - LP: #769042
  * mca.c: Fix cast from integer to pointer warning
    - LP: #769042
  * vm: fix mlock() on stack guard page
    - LP: #769042
  * UBIFS: fix assertion warnings
    - LP: #769042
  * perf: Fix task context scheduling
    - LP: #769042
  * bridge: Fix possibly wrong MLD queries' ethernet source address
    - LP: #769042
  * fib: add rtnl locking in ip_fib_net_exit
    - LP: #769042
  * gianfar: Fall back to software tcp/udp checksum on older controllers
    - LP: #769042
  * l2tp: fix possible oops on l2tp_eth module unload
    - LP: #769042
  * net ipv6: Fix duplicate /proc/sys/net/ipv6/neigh directory entries.
    - LP: #769042
  * net_sched: fix ip_tos2prio
    - LP: #769042
  * pppoe: drop PPPOX_ZOMBIEs in pppoe_flush_dev
    - LP: #769042
  * sctp: Pass __GFP_NOWARN to hash table allocation attempts.
    - LP: #769042
  * tcp: avoid cwnd moderation in undo
    - LP: #769042
  * xfrm: Refcount destination entry on xfrm_lookup
    - LP: #769042
  * vlan: should take into account needed_headroom
    - LP: #769042
  * bridge: Reset IPCB when entering IP stack on NF_FORWARD
    - LP: #769042
  * sparc: Fix .size directive for do_int_load
    - LP: #769042
  * sparc32: Fix might-be-used-uninitialized warning in do_sparc_fault().
    - LP: #769042
  * sparc32: Pass task_struct to schedule_tail() in ret_from_fork
    - LP: #769042
  * sparc64: Fix build errors with gcc-4.6.0
    - LP: #769042
  * futex: Set FLAGS_HAS_TIMEOUT during futex_wait restart setup
    - LP: #769042
  * kstrto*: converting strings to integers done (hopefully) right
    - LP: #769042
  * mm/thp: use conventional format for boolean attributes
    - LP: #769042
  * ramfs: fix memleak on no-mmu arch
    - LP: #769042
  * oom-kill: remove boost_dying_task_prio()
    - LP: #769042
  * MAINTAINERS: update STABLE BRANCH info
    - LP: #769042
  * UBIFS: fix oops when R/O file-system is fsync'ed
    - LP: #769042
  * x86, AMD: Set ARAT feature on AMD processors
    - LP: #769042
  * x86, amd: Disable GartTlbWlkErr when BIOS forgets it
    - LP: #769042
  * vfs: Fix absolute RCU path walk failures due to uninitialized seq
    number
    - LP: #769042
  * ARM: 6864/1: hw_breakpoint: clear DBGVCR out of reset
    - LP: #769042
  * i2c-algo-bit: Call pre/post_xfer for bit_test
    - LP: #769042
  * RTC: add missing "return 0" in new alarm func for rtc-bfin.c
    - LP: #769042
  * sched: Fix erroneous all_pinned logic
    - LP: #769042
  * vmscan: all_unreclaimable() use zone->all_unreclaimable as a name
    - LP: #769042
  * brk: COMPAT_BRK: fix detection of randomized brk
    - LP: #769042
  * usb: musb: temporarily make it bool
    - LP: #769042
  * USB: ftdi_sio: Added IDs for CTI USB Serial Devices
    - LP: #769042
  * USB: ftdi_sio: add PID for OCT DK201 docking station
    - LP: #769042
  * USB: ftdi_sio: add ids for Hameg HO720 and HO730
    - LP: #769042
  * USB: option: Added support for Samsung GT-B3730/GT-B3710 LTE USB modem.
    - LP: #769042
  * next_pidmap: fix overflow condition
    - LP: #769042
  * proc: do proper range check on readdir offset
    - LP: #769042
  * powerpc: Fix oops if scan_dispatch_log is called too early
    - LP: #769042
  * powerpc/perf_event: Skip updating kernel counters if register value
    shrinks
    - LP: #769042
  * usb: Fix qcserial memory leak on rmmod
    - LP: #769042
  * usb: qcserial avoid pointing to freed memory
    - LP: #769042
  * usb: qcserial add missing errorpath kfrees
    - LP: #769042
  * USB: EHCI: unlink unused QHs when the controller is stopped
    - LP: #769042
  * USB: fix formatting of SuperSpeed endpoints in /proc/bus/usb/devices
    - LP: #769042
  * USB: xhci - fix unsafe macro definitions
    - LP: #769042
  * USB: xhci - fix math in xhci_get_endpoint_interval()
    - LP: #769042
  * USB: xhci - also free streams when resetting devices
    - LP: #769042
  * USB: Fix unplug of device with active streams
    - LP: #769042
  * radeon: Fix KMS CP writeback on big endian machines.
    - LP: #769042
  * Bluetooth: Fix HCI_RESET command synchronization
    - LP: #700292, #769042
  * perf tool: Fix gcc 4.6.0 issues
    - LP: #769042
  * bridge: reset IPCB in br_parse_ip_options
    - LP: #769042
  * ip: ip_options_compile() resilient to NULL skb route
    - LP: #769042
  * Linux 2.6.38.4
    - LP: #769042
  * (pre stable) ath9k_hw: partially revert "fix dma descriptor rx error
    bit parsing"
    - LP: #735171
  * fs/partitions/ldm.c: fix oops caused by corrupted partition table,
    CVE-2011-1017
    - LP: #771382
    - CVE-2011-1017
  * (pre-stable) drm/i915: Sanitize the output registers after resume
    - LP: #745304
  * ARM: EXYNOS4: Register HSMMC2 before HSMMC0 on SMDKV310 board
  * ARM: vexpress: add basic DT platform matching support
  * ARM: vexpress: add basic dts DT source
  * OMAP: Fixed gpio polarity of gpio USB-phy reset.
  * arm/dt: Fix broken dtbs rule.
  * arm/dt: vexpress: Update basic DT to use skeleton.dtsi file.

[ u2 of for-ubuntu ]

* arm/dt: vexpress: Update basic DT to use skeleton.dtsi file.
  * arm/dt: Fix broken dtbs rule.
  * OMAP: Fixed gpio polarity of gpio USB-phy reset.
  * ARM: vexpress: add basic dts DT source
  * ARM: vexpress: add basic DT platform matching support
  * ARM: EXYNOS4: Register HSMMC2 before HSMMC0 on SMDKV310 board

[ Ubuntu: 2.6.38-9.43 ]

* Release Tracking Bug
    - LP: #772096
  * SAUCE: Revert "x86, hibernate: Initialize mmu_cr4_features during boot"
    - LP: #764758
  * [Config] updateconfigs for 2.6.38.4
  * [Config] s/USB_MUSB_TUSB6010/USB_MUSB_OMAP2PLUS/ on omap3 to get musb
    - LP: #759913
  * SAUCE: kvm: fix push of wrong eip when doing softint
    - LP: #747090
  * [Config] Add cachefiles.ko to virtual flavour
    - LP: #770430
  * Revert "net/sunrpc: Use static const char arrays"
    - LP: #761134
  * Revert "x86: Cleanup highmap after brk is concluded"
    - LP: #761134
  * ALSA: hda - Fix SPDIF out regression on ALC889
    - LP: #761134
  * ALSA: Fix yet another race in disconnection
    - LP: #761134
  * ALSA: vmalloc buffers should use normal mmap
    - LP: #761134
  * perf: Better fit max unprivileged mlock pages for tools needs
    - LP: #761134
  * myri10ge: fix rmmod crash
    - LP: #761134
  * cciss: fix lost command issue
    - LP: #761134
  * ath9k: Fix kernel panic in AR2427
    - LP: #761134
  * sound/oss/opl3: validate voice and channel indexes
    - LP: #761134
  * mac80211: initialize sta->last_rx in sta_info_alloc
    - LP: #761134
  * ses: show devices for enclosures with no page 7
    - LP: #761134
  * ses: Avoid kernel panic when lun 0 is not mapped
    - LP: #761134
  * PCI/ACPI: Report ASPM support to BIOS if not disabled from command line
    - LP: #761134
  * eCryptfs: Unlock page in write_begin error path
    - LP: #761134
  * eCryptfs: ecryptfs_keyring_auth_tok_for_sig() bug fix
    - LP: #761134
  * crypto: aesni-intel - fixed problem with packets that are not multiple
    of 64bytes
    - LP: #761134
  * staging: usbip: bugfixes related to kthread conversion
    - LP: #761134
  * staging: usbip: bugfix add number of packets for isochronous frames
    - LP: #761134
  * staging: usbip: bugfix for isochronous packets and optimization
    - LP: #761134
  * staging: hv: use sync_bitops when interacting with the hypervisor
    - LP: #761134
  * staging: hv: Fix GARP not sent after Quick Migration
    - LP: #761134
  * xfs: register the inode cache shrinker before quotachecks
    - LP: #761134
  * amd64_edac: Fix potential memleak
    - LP: #761134
  * watchdog: s3c2410_wdt.c: Convert release_resource to
    release_region/release_mem_region
    - LP: #761134
  * watchdog: Convert release_resource to release_region/release_mem_region
    - LP: #761134
  * irda: validate peer name and attribute lengths
    - LP: #761134
  * irda: prevent heap corruption on invalid nickname
    - LP: #761134
  * powerpc: Fix accounting of softirq time when idle
    - LP: #761134
  * nilfs2: fix data loss in mmap page write for hole blocks
    - LP: #761134
  * ASoC: Explicitly say registerless widgets have no register
    - LP: #761134
  * ASoC: imx: set watermarks for mx2-dma
    - LP: #761134
  * ASoC: imx: fix burstsize for DMA
    - LP: #761134
  * ASoC: Fix CODEC device name for Corgi
    - LP: #761134
  * ALSA: ens1371: fix Creative Ectiva support
    - LP: #761134
  * ALSA: hda - HDMI: Fix MCP7x audio infoframe checksums
    - LP: #761134
  * ALSA: HDA: Fix single internal mic on ALC275 (Sony Vaio VPCSB1C5E)
    - LP: #752792, #761134
  * net: fix ethtool->set_flags not intended -EINVAL return value
    - LP: #761134
  * drm/radeon/kms: add some new ontario pci ids
    - LP: #761134
  * drm/radeon/kms: add some sanity checks to obj info record parsingi (v2)
    - LP: #761134
  * inotify: fix double free/corruption of stuct user
    - LP: #761134
  * HID: hid-magicmouse: Increase evdev buffer size
    - LP: #761134
  * perf: Fix task_struct reference leak
    - LP: #761134
  * perf: Rebase max unprivileged mlock threshold on top of page size
    - LP: #761134
  * ROSE: prevent heap corruption with bad facilities
    - LP: #761134
  * Btrfs: Fix uninitialized root flags for subvolumes
    - LP: #761134
  * x86, mtrr, pat: Fix one cpu getting out of sync during resume
    - LP: #761134
  * Input: synaptics - fix crash in synaptics_module_init()
    - LP: #761134
  * ath9k: fix a chip wakeup related crash in ath9k_start
    - LP: #761134
  * mac80211: fix a crash in minstrel_ht in HT mode with no supported MCS
    rates
    - LP: #761134
  * staging: IIO: IMU: ADIS16400: Fix up SPI messages cs_change behavior
    - LP: #761134
  * staging: IIO: IMU: ADIS16400: Add delay after self test
    - LP: #761134
  * staging: IIO: IMU: ADIS16400: Fix addresses of GYRO and ACCEL
    calibration offset
    - LP: #761134
  * staging: IIO: IMU: ADIS16400: Make sure only enabled scan_elements are
    pushed into the ring
    - LP: #761134
  * UBIFS: do not read flash unnecessarily
    - LP: #761134
  * UBIFS: fix oops on error path in read_pnode
    - LP: #761134
  * UBIFS: fix debugging failure in dbg_check_space_info
    - LP: #761134
  * quota: Don't write quota info in dquot_commit()
    - LP: #761134
  * mm: avoid wrapping vm_pgoff in mremap()
    - LP: #761134
  * iwlwifi: accept EEPROM version 0x423 for iwl6000
    - LP: #761134
  * p54usb: IDs for two new devices
    - LP: #761134
  * rt2x00: Fix radio off hang issue for PCIE interface
    - LP: #662288, #761134
  * rt2x00: fix cancelling uninitialized work
    - LP: #761134
  * wl12xx: fix potential buffer overflow in testmode nvs push
    - LP: #761134
  * media/radio/wl1273: fix build errors
    - LP: #761134
  * b43: allocate receive buffers big enough for max frame len + offset
    - LP: #761134
  * Bluetooth: sco: fix information leak to userspace
    - LP: #761134
  * bridge: netfilter: fix information leak
    - LP: #761134
  * Bluetooth: bnep: fix buffer overflow
    - LP: #761134
  * Bluetooth: add support for Apple MacBook Pro 8,2
    - LP: #761134
  * Treat writes as new when holes span across page boundaries
    - LP: #761134
  * char/tpm: Fix unitialized usage of data buffer
    - LP: #761134
  * netfilter: ip_tables: fix infoleak to userspace
    - LP: #761134
  * netfilter: xtables: fix reentrancy
    - LP: #761134
  * netfilter: arp_tables: fix infoleak to userspace
    - LP: #761134
  * netfilter: ipt_CLUSTERIP: fix buffer overflow
    - LP: #761134
  * ipv6: netfilter: ip6_tables: fix infoleak to userspace
    - LP: #761134
  * scsi_transport_iscsi: make priv_sess file writeable only by root
    - LP: #761134
  * mfd: ab8500: world-writable debugfs register-* files
    - LP: #761134
  * mfd: ab3500: world-writable debugfs register-* files
    - LP: #761134
  * mfd: ab3100: world-writable debugfs *_priv files
    - LP: #761134
  * drivers/rtc/rtc-ds1511.c: world-writable sysfs nvram file
    - LP: #761134
  * drivers/misc/ep93xx_pwm.c: world-writable sysfs files
    - LP: #761134
  * drivers/leds/leds-lp5523.c: world-writable engine* sysfs files
    - LP: #761134
  * drivers/leds/leds-lp5521.c: world-writable sysfs engine* files
    - LP: #761134
  * econet: 4 byte infoleak to the network
    - LP: #761134
  * netfilter: h323: bug in parsing of ASN1 SEQOF field
    - LP: #761134
  * sound/oss: remove offset from load_patch callbacks
    - LP: #761134
  * drivers/media/video/tlg2300/pd-video.c: Remove second mutex_unlock in
    pd_vidioc_s_fmt
    - LP: #761134
  * acer-wmi: does not set persistence state by rfkill_init_sw_state
    - LP: #761134
  * Squashfs: Use vmalloc rather than kmalloc for zlib workspace
    - LP: #761134
  * Squashfs: handle corruption of directory structure
    - LP: #761134
  * atm/solos-pci: Don't include frame pseudo-header on transmit hex-dump
    - LP: #761134
  * atm/solos-pci: Don't flap VCs when carrier state changes
    - LP: #761134
  * ext4: fix a double free in ext4_register_li_request
    - LP: #761134
  * ext4: fix credits computing for indirect mapped files
    - LP: #761134
  * nfsd: fix auth_domain reference leak on nlm operations
    - LP: #761134
  * nfsd4: fix oops on lock failure
    - LP: #761134
  * Linux 2.6.38.3
    - LP: #761134
  * vm: fix vm_pgoff wrap in stack expansion
    - LP: #769042
  * drm/radeon/kms: pll tweaks for rv6xx
    - LP: #769042
  * drm/radeon/kms: fix suspend on rv530 asics
    - LP: #769042
  * cifs: always do is_path_accessible check in cifs_mount
    - LP: #769042
  * cifs: check for private_data before trying to put it
    - LP: #769042
  * cifs: set ra_pages in backing_dev_info
    - LP: #769042
  * cifs: wrap received signature check in srv_mutex
    - LP: #769042
  * video: sn9c102: world-wirtable sysfs files
    - LP: #769042
  * UBIFS: restrict world-writable debugfs files
    - LP: #769042
  * ALSA: hda - Fix pin-config of Gigabyte mobo
    - LP: #769042
  * NET: cdc-phonet, handle empty phonet header
    - LP: #769042
  * x86: Fix a bogus unwind annotation in lib/semaphore_32.S
    - LP: #769042
  * tioca: Fix assignment from incompatible pointer warnings
    - LP: #769042
  * mca.c: Fix cast from integer to pointer warning
    - LP: #769042
  * vm: fix mlock() on stack guard page
    - LP: #769042
  * UBIFS: fix assertion warnings
    - LP: #769042
  * perf: Fix task context scheduling
    - LP: #769042
  * bridge: Fix possibly wrong MLD queries' ethernet source address
    - LP: #769042
  * fib: add rtnl locking in ip_fib_net_exit
    - LP: #769042
  * gianfar: Fall back to software tcp/udp checksum on older controllers
    - LP: #769042
  * l2tp: fix possible oops on l2tp_eth module unload
    - LP: #769042
  * net ipv6: Fix duplicate /proc/sys/net/ipv6/neigh directory entries.
    - LP: #769042
  * net_sched: fix ip_tos2prio
    - LP: #769042
  * pppoe: drop PPPOX_ZOMBIEs in pppoe_flush_dev
    - LP: #769042
  * sctp: Pass __GFP_NOWARN to hash table allocation attempts.
    - LP: #769042
  * tcp: avoid cwnd moderation in undo
    - LP: #769042
  * xfrm: Refcount destination entry on xfrm_lookup
    - LP: #769042
  * vlan: should take into account needed_headroom
    - LP: #769042
  * bridge: Reset IPCB when entering IP stack on NF_FORWARD
    - LP: #769042
  * sparc: Fix .size directive for do_int_load
    - LP: #769042
  * sparc32: Fix might-be-used-uninitialized warning in do_sparc_fault().
    - LP: #769042
  * sparc32: Pass task_struct to schedule_tail() in ret_from_fork
    - LP: #769042
  * sparc64: Fix build errors with gcc-4.6.0
    - LP: #769042
  * futex: Set FLAGS_HAS_TIMEOUT during futex_wait restart setup
    - LP: #769042
  * kstrto*: converting strings to integers done (hopefully) right
    - LP: #769042
  * mm/thp: use conventional format for boolean attributes
    - LP: #769042
  * ramfs: fix memleak on no-mmu arch
    - LP: #769042
  * oom-kill: remove boost_dying_task_prio()
    - LP: #769042
  * MAINTAINERS: update STABLE BRANCH info
    - LP: #769042
  * UBIFS: fix oops when R/O file-system is fsync'ed
    - LP: #769042
  * x86, AMD: Set ARAT feature on AMD processors
    - LP: #769042
  * x86, amd: Disable GartTlbWlkErr when BIOS forgets it
    - LP: #769042
  * vfs: Fix absolute RCU path walk failures due to uninitialized seq
    number
    - LP: #769042
  * ARM: 6864/1: hw_breakpoint: clear DBGVCR out of reset
    - LP: #769042
  * i2c-algo-bit: Call pre/post_xfer for bit_test
    - LP: #769042
  * RTC: add missing "return 0" in new alarm func for rtc-bfin.c
    - LP: #769042
  * sched: Fix erroneous all_pinned logic
    - LP: #769042
  * vmscan: all_unreclaimable() use zone->all_unreclaimable as a name
    - LP: #769042
  * brk: COMPAT_BRK: fix detection of randomized brk
    - LP: #769042
  * usb: musb: temporarily make it bool
    - LP: #769042
  * USB: ftdi_sio: Added IDs for CTI USB Serial Devices
    - LP: #769042
  * USB: ftdi_sio: add PID for OCT DK201 docking station
    - LP: #769042
  * USB: ftdi_sio: add ids for Hameg HO720 and HO730
    - LP: #769042
  * USB: option: Added support for Samsung GT-B3730/GT-B3710 LTE USB modem.
    - LP: #769042
  * next_pidmap: fix overflow condition
    - LP: #769042
  * proc: do proper range check on readdir offset
    - LP: #769042
  * powerpc: Fix oops if scan_dispatch_log is called too early
    - LP: #769042
  * powerpc/perf_event: Skip updating kernel counters if register value
    shrinks
    - LP: #769042
  * usb: Fix qcserial memory leak on rmmod
    - LP: #769042
  * usb: qcserial avoid pointing to freed memory
    - LP: #769042
  * usb: qcserial add missing errorpath kfrees
    - LP: #769042
  * USB: EHCI: unlink unused QHs when the controller is stopped
    - LP: #769042
  * USB: fix formatting of SuperSpeed endpoints in /proc/bus/usb/devices
    - LP: #769042
  * USB: xhci - fix unsafe macro definitions
    - LP: #769042
  * USB: xhci - fix math in xhci_get_endpoint_interval()
    - LP: #769042
  * USB: xhci - also free streams when resetting devices
    - LP: #769042
  * USB: Fix unplug of device with active streams
    - LP: #769042
  * radeon: Fix KMS CP writeback on big endian machines.
    - LP: #769042
  * Bluetooth: Fix HCI_RESET command synchronization
    - LP: #700292, #769042
  * perf tool: Fix gcc 4.6.0 issues
    - LP: #769042
  * bridge: reset IPCB in br_parse_ip_options
    - LP: #769042
  * ip: ip_options_compile() resilient to NULL skb route
    - LP: #769042
  * Linux 2.6.38.4
    - LP: #769042
  * (pre stable) ath9k_hw: partially revert "fix dma descriptor rx error
    bit parsing"
    - LP: #735171
  * fs/partitions/ldm.c: fix oops caused by corrupted partition table,
    CVE-2011-1017
    - LP: #771382
    - CVE-2011-1017
  * (pre-stable) drm/i915: Sanitize the output registers after resume
    - LP: #745304

linux-ti-omap4 (2.6.38-1208.12) natty; urgency=low

[ Tim Gardner ]

* Release Tracking Bug
    - LP: #770368

[ Bryan Wu ]

* merge Ubuntu-2.6.38-8.41
  * merge Ubuntu-2.6.38-8.42
  * merge u1 of 'for-ubuntu' branch
  * [Config] sync up configs

[ David Henningsson ]

* SAUCE: (drop after 2.6.38) ALSA: HDA: Fix dock mic for Lenovo
    X220-tablet
    - LP: #751033

[ Gustavo F. Padovan ]

* SAUCE: Revert "Bluetooth: Add new PID for Atheros 3011"
    - LP: #720949

[ Herton Ronaldo Krzesinski ]

* SAUCE: (drop after 2.6.39) v4l: make sure drivers supply a zeroed
    struct v4l2_subdev
    - LP: #745213

[ John Johansen ]

* AppArmor: Fix masking of capabilities in complain mode
    - LP: #748656

[ Kees Cook ]

* SAUCE: nx-emu: further clarify dmesg reporting
    - LP: #745181

[ Leann Ogasawara ]

* Ubuntu-2.6.38-8.40
  * Ubuntu-2.6.38-8.41
  * [Config] Disable CONFIG_RTS_PSTOR for armel, powerpc
  * Ubuntu-2.6.38-8.42

[ Luke Yelavich ]

* [Config] Disable CONFIG_CRASH_DUMP on 32-bit powerpc kernels
    - LP: #745358
  * [Config] Disable CONFIG_DRM_RADEON_KMS on powerpc kernels
  * [Config] Build some framebuffer drivers as modules for powerpc kernels.

[ Manoj Iyer ]

* SAUCE: thinkpad-acpi: module autoloading for newer Lenovo ThinkPads.
    - LP: #745217
  * SAUCE: (drop after 2.6.38) add support for Lenovo tablet ID (0xE6)
    - LP: #746652

[ Seth Forshee ]

* SAUCE: (drop after 2.6.38) eeepc-wmi: Add support for T101MT
    Home/Express Gate key

[ Steve Langasek ]

* [Config] Make linux-libc-dev coinstallable under multiarch
    - LP: #750585

[ Tim Gardner ]

* SAUCE: Increase the default hard limit for open FDs to 4096
    - LP: #663090
  * [Config] CONFIG_RTS_PSTOR=m
    - LP: #698006

[ Upstream Kernel Changes ]

* Revert "tcp: disallow bind() to reuse addr/port"
    - LP: #731878
  * ALSA: pcm: fix infinite loop in snd_pcm_update_hw_ptr0()
  * Relax si_code check in rt_sigqueueinfo and rt_tgsigqueueinfo
  * ALSA: HDA: Add dock mic quirk for Lenovo Thinkpad X220
    - LP: #746259
  * ALSA: HDA: New AD1984A model for Dell Precision R5500
    - LP: #741516
  * Input: sparse-keymap - report scancodes with key events
  * Input: sparse-keymap - report KEY_UNKNOWN for unknown scan codes
  * KVM: SVM: Load %gs earlier if CONFIG_X86_32_LAZY_GS=n
    - LP: #729085
  * watchdog: sp5100_tco.c: Check if firmware has set correct value in
    tcobase.
    - LP: #740011
  * staging: add rts_pstor for Realtek PCIE cardreader
    - LP: #698006
  * staging: fix rts_pstor build errors
    - LP: #698006
  * Staging: rts_pstor: fixed some brace code styling issues
    - LP: #698006
  * staging: rts_pstor: potential NULL dereference
    - LP: #698006
  * Staging: rts_pstor: fix read past end of buffer
    - LP: #698006
  * staging: rts_pstor: delete a function
    - LP: #698006
  * staging: rts_pstor: fix sparse warning
    - LP: #698006
  * staging: rts_pstor: fix a bug that a greenhouse sd card can't be
    recognized
    - LP: #698006
  * staging: rts_pstor: optimize kmalloc to kzalloc
    - LP: #698006
  * staging: rts_pstor: MSXC card power class
    - LP: #698006
  * staging: rts_pstor: modify initial card clock
    - LP: #698006
  * staging: rts_pstor: set lun_mode in a different place
    - LP: #698006
  * x86, hibernate: Initialize mmu_cr4_features during boot
    - LP: #752870
  * ARM: EXYNOS4: CPUIDLE Support
  * ARM: EXYNOS4: Fix incorrect mapping of gpio pull-up macro to register
    setting
  * ARM: EXYNOS4: Fix card insert/removal event detection on smdkv310 board
  * ARM: 6864/1: hw_breakpoint: clear DBGVCR out of reset
  * ARM: 6865/1: perf: ensure pass through zero is counted on overflow
  * ARM: 6866/1: Do not restrict HIGHPTE to !OUTER_CACHE
  * ARM: 6867/1: Introduce THREAD_NOTIFY_COPY for copy_thread() hooks
  * ARM: 6868/1: Preserve the VFP state during fork
  * ARM: EXYNOS4: CPUIDLE Support
  * config slim down reference defconfig
  * MAKEFILE correct using shawn dtb method
  * omap2 sdp4430 protect hdmi with hdmi sound config
  * Subject: [PATCH 3/3] usb: musb: Moving the Vbus enable function call
    from to workqueue.
  * omap2 4430sdp board file rearrange
  * alsa soc implement abe constraint test
  * omap2 panda neutral reodering of structs
  * omap2 hwmod 44xx neutral reordering
  * alsa panda hdmi audio ensure cpu dai gets built
  * omap2 hwmod 2420 mmc devattr name fix
  * enable build omap3 boards

[ u1 of for-ubuntu ]

* ARM: EXYNOS4: CPUIDLE Support
  * ARM: EXYNOS4: Fix incorrect mapping of gpio pull-up macro to register
    setting
  * ARM: EXYNOS4: Fix card insert/removal event detection on smdkv310 board
  * ARM: 6864/1: hw_breakpoint: clear DBGVCR out of reset
  * ARM: 6865/1: perf: ensure pass through zero is counted on overflow
  * ARM: 6866/1: Do not restrict HIGHPTE to !OUTER_CACHE
  * ARM: 6867/1: Introduce THREAD_NOTIFY_COPY for copy_thread() hooks
  * ARM: 6868/1: Preserve the VFP state during fork
  * ARM: EXYNOS4: CPUIDLE Support
  * config slim down reference defconfig
  * MAKEFILE correct using shawn dtb method
  * omap2 sdp4430 protect hdmi with hdmi sound config
  * Subject: [PATCH 3/3] usb: musb: Moving the Vbus enable function call
    from to workqueue.
  * omap2 4430sdp board file rearrange
  * alsa soc implement abe constraint test
  * omap2 panda neutral reodering of structs
  * omap2 hwmod 44xx neutral reordering
  * alsa panda hdmi audio ensure cpu dai gets built
  * omap2 hwmod 2420 mmc devattr name fix
  * enable build omap3 boards

[ Ubuntu: 2.6.38-8.42 ]

* SAUCE: (drop after 2.6.38) ALSA: HDA: Fix dock mic for Lenovo
    X220-tablet
    - LP: #751033
  * SAUCE: Revert "Bluetooth: Add new PID for Atheros 3011"
    - LP: #720949
  * SAUCE: (drop after 2.6.39) v4l: make sure drivers supply a zeroed
    struct v4l2_subdev
    - LP: #745213
  * AppArmor: Fix masking of capabilities in complain mode
    - LP: #748656
  * [Config] Disable CONFIG_RTS_PSTOR for armel, powerpc
  * SAUCE: (drop after 2.6.38) add support for Lenovo tablet ID (0xE6)
    - LP: #746652
  * [Config] Make linux-libc-dev coinstallable under multiarch
    - LP: #750585
  * [Config] CONFIG_RTS_PSTOR=m
    - LP: #698006
  * Revert "tcp: disallow bind() to reuse addr/port"
    - LP: #731878
  * ALSA: HDA: Add dock mic quirk for Lenovo Thinkpad X220
    - LP: #746259
  * ALSA: HDA: New AD1984A model for Dell Precision R5500
    - LP: #741516
  * Input: sparse-keymap - report scancodes with key events
  * Input: sparse-keymap - report KEY_UNKNOWN for unknown scan codes
  * KVM: SVM: Load %gs earlier if CONFIG_X86_32_LAZY_GS=n
    - LP: #729085
  * watchdog: sp5100_tco.c: Check if firmware has set correct value in
    tcobase.
    - LP: #740011
  * staging: add rts_pstor for Realtek PCIE cardreader
    - LP: #698006
  * staging: fix rts_pstor build errors
    - LP: #698006
  * Staging: rts_pstor: fixed some brace code styling issues
    - LP: #698006
  * staging: rts_pstor: potential NULL dereference
    - LP: #698006
  * Staging: rts_pstor: fix read past end of buffer
    - LP: #698006
  * staging: rts_pstor: delete a function
    - LP: #698006
  * staging: rts_pstor: fix sparse warning
    - LP: #698006
  * staging: rts_pstor: fix a bug that a greenhouse sd card can't be
    recognized
    - LP: #698006
  * staging: rts_pstor: optimize kmalloc to kzalloc
    - LP: #698006
  * staging: rts_pstor: MSXC card power class
    - LP: #698006
  * staging: rts_pstor: modify initial card clock
    - LP: #698006
  * staging: rts_pstor: set lun_mode in a different place
    - LP: #698006
  * x86, hibernate: Initialize mmu_cr4_features during boot
    - LP: #752870

[ Ubuntu: 2.6.38-8.41 ]

* [Config] Disable CONFIG_CRASH_DUMP on 32-bit powerpc kernels
    - LP: #745358
  * [Config] Disable CONFIG_DRM_RADEON_KMS on powerpc kernels
  * [Config] Build some framebuffer drivers as modules for powerpc kernels.
  * SAUCE: (drop after 2.6.38) eeepc-wmi: Add support for T101MT
    Home/Express Gate key
  * SAUCE: Increase the default hard limit for open FDs to 4096
    - LP: #663090
  * ALSA: pcm: fix infinite loop in snd_pcm_update_hw_ptr0()
  * Relax si_code check in rt_sigqueueinfo and rt_tgsigqueueinfo
 -- Paolo Pisati <paolo.pisati@canonical.com>   Wed, 31 Aug 2011 18:34:36 +0200

Changed in linux-ti-omap4 (Ubuntu Natty):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2011-09-21:

#5

This bug was fixed in the package linux - 2.6.38-11.50

---------------
linux (2.6.38-11.50) natty-proposed; urgency=low

[Herton R. Krzesinski]

* Release Tracking Bug
- LP: #848246

[ Upstream Kernel Changes ]

  * Revert "eCryptfs: Handle failed metadata read in lookup"
  * Revert "KVM: fix kvmclock regression due to missing clock update"
  * Revert "ath9k: use split rx buffers to get rid of order-1 skb
    allocations"

linux (2.6.38-11.49) natty-proposed; urgency=low

[Herton R. Krzesinski]

* Release Tracking Bug
- LP: #836903

[ Adam Jackson ]

* SAUCE: drm/i915/pch: Fix integer math bugs in panel fitting
- LP: #753994

[ Keng-Yu Lin ]

* SAUCE: Input: ALPS - Enable Intellimouse mode for Lenovo Zhaoyang E47
- LP: #632884, #803005

[ Stefan Bader ]

* [Config] Force perf to use libiberty for demangling
- LP: #783660

[ Tim Gardner ]

* [Config] Add enic/fnic to udebs
- LP: #801610

[ Upstream Kernel Changes ]

  * eeepc-wmi: add keys found on EeePC 1215T
    - LP: #812644
  * eCryptfs: Handle failed metadata read in lookup
    - LP: #509180
  * pagemap: close races with suid execve, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * report errors in /proc/*/*map* sanely, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * close race in /proc/*/environ, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * auxv: require the target to be tracable (or yourself), CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * deal with races in /proc/*/{syscall, stack, personality}, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * vmscan: fix a livelock in kswapd
    - LP: #813797
  * mmc: Add PCI fixup quirks for Ricoh 1180:e823 reader
    - LP: #773524
  * mmc: Added quirks for Ricoh 1180:e823 lower base clock frequency
    - LP: #773524
  * rose: Add length checks to CALL_REQUEST parsing, CVE-2011-1493
    - LP: #816550
    - CVE-2011-1493
  * pata_marvell: Add support for 88SE91A0, 88SE91A4
    - LP: #777325
  * GFS2: make sure fallocate bytes is a multiple of blksize, CVE-2011-2689
    - LP: #819572
    - CVE-2011-2689
  * Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace.
    - LP: #819569
    - CVE-2011-2492
  * drm/nv50-nvc0: work around an evo channel hang that some people see
    - LP: #583760
  * KVM: fix kvmclock regression due to missing clock update
    - LP: #795717
  * Add mount option to check uid of device being mounted = expect uid,
    CVE-2011-1833
    - LP: #732628
    - CVE-2011-1833
  * proc: fix oops on invalid /proc/<pid>/maps access, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * ath9k: use split rx buffers to get rid of order-1 skb allocations
    - LP: #728835
  * perf: Fix software event overflow, CVE-2011-2918
    - LP: #834121
    - CVE-2011-2918
-- Herton Ronaldo Krzesinski <email address hidden> Mon, 12 Sep 2011 17:23:38 -0300

This bug was fixed in the package linux - 2.6.38-11.50

---------------
linux (2.6.38-11.50) natty-proposed; urgency=low

[Herton R. Krzesinski]

* Release Tracking Bug
    - LP: #848246

[ Upstream Kernel Changes ]

* Revert "eCryptfs: Handle failed metadata read in lookup"
  * Revert "KVM: fix kvmclock regression due to missing clock update"
  * Revert "ath9k: use split rx buffers to get rid of order-1 skb
    allocations"

linux (2.6.38-11.49) natty-proposed; urgency=low

[Herton R. Krzesinski]

* Release Tracking Bug
    - LP: #836903

[ Adam Jackson ]

* SAUCE: drm/i915/pch: Fix integer math bugs in panel fitting
    - LP: #753994

[ Keng-Yu Lin ]

* SAUCE: Input: ALPS - Enable Intellimouse mode for Lenovo Zhaoyang E47
    - LP: #632884, #803005

[ Stefan Bader ]

* [Config] Force perf to use libiberty for demangling
    - LP: #783660

[ Tim Gardner ]

* [Config] Add enic/fnic to udebs
    - LP: #801610

[ Upstream Kernel Changes ]

* eeepc-wmi: add keys found on EeePC 1215T
    - LP: #812644
  * eCryptfs: Handle failed metadata read in lookup
    - LP: #509180
  * pagemap: close races with suid execve, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * report errors in /proc/*/*map* sanely, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * close race in /proc/*/environ, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * auxv: require the target to be tracable (or yourself), CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * deal with races in /proc/*/{syscall, stack, personality}, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * vmscan: fix a livelock in kswapd
    - LP: #813797
  * mmc: Add PCI fixup quirks for Ricoh 1180:e823 reader
    - LP: #773524
  * mmc: Added quirks for Ricoh 1180:e823 lower base clock frequency
    - LP: #773524
  * rose: Add length checks to CALL_REQUEST parsing, CVE-2011-1493
    - LP: #816550
    - CVE-2011-1493
  * pata_marvell: Add support for 88SE91A0, 88SE91A4
    - LP: #777325
  * GFS2: make sure fallocate bytes is a multiple of blksize, CVE-2011-2689
    - LP: #819572
    - CVE-2011-2689
  * Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace.
    - LP: #819569
    - CVE-2011-2492
  * drm/nv50-nvc0: work around an evo channel hang that some people see
    - LP: #583760
  * KVM: fix kvmclock regression due to missing clock update
    - LP: #795717
  * Add mount option to check uid of device being mounted = expect uid,
    CVE-2011-1833
    - LP: #732628
    - CVE-2011-1833
  * proc: fix oops on invalid /proc/<pid>/maps access, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * ath9k: use split rx buffers to get rid of order-1 skb allocations
    - LP: #728835
  * perf: Fix software event overflow, CVE-2011-2918
    - LP: #834121
    - CVE-2011-2918
 -- Herton Ronaldo Krzesinski <herton.krzesinski@canonical.com>   Mon, 12 Sep 2011 17:23:38 -0300

Changed in linux (Ubuntu Natty):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2011-09-29:

#6

This bug was fixed in the package linux-lts-backport-maverick - 2.6.35-30.60~lucid1

---------------
linux-lts-backport-maverick (2.6.35-30.60~lucid1) lucid-proposed; urgency=low

[Herton R. Krzesinski]

* Release Tracking Bug
- LP: #854430

[ Stefan Bader ]

* [Config] Force perf to use libiberty for demangling
- LP: #783660

[ Tim Gardner ]

  * [Config] Simplify binary-udebs dependencies
  * [Config] kernel preparation cannot be parallelized
  * [Config] Linearize module/abi checks
  * [Config] Linearize and simplify tree preparation rules
  * [Config] Build kernel image in parallel with modules
  * [Config] Set concurrency for kmake invocations
  * [Config] Improve install-arch-headers speed
  * [Config] Fix binary-perarch dependencies
  * [Config] Removed stamp-flavours target
  * [Config] Serialize binary indep targets
  * [Config] Use build stamp directly
  * [Config] Restore prepare-% target
  * [Config] Fix binary-% build target

[ Upstream Kernel Changes ]

  * Add mount option to check uid of device being mounted = expect uid,
    CVE-2011-1833
    - LP: #732628
    - CVE-2011-1833
  * ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * perf: Fix software event overflow, CVE-2011-2918
    - LP: #834121
    - CVE-2011-2918
  * cifs: fix possible memory corruption in CIFSFindNext, CVE-2011-3191
    - LP: #834135
    - CVE-2011-3191
  * befs: Validate length of long symbolic links, CVE-2011-2928
    - LP: #834124
    - CVE-2011-2928
  * gro: Only reset frag0 when skb can be pulled, CVE-2011-2723
    - LP: #844371
    - CVE-2011-2723
  * Validate size of EFI GUID partition entries, CVE-2011-1776
    - LP: #844365
    - CVE-2011-1776
  * inet_diag: fix inet_diag_bc_audit(), CVE-2011-2213
    - LP: #838421
    - CVE-2011-2213
  * si4713-i2c: avoid potential buffer overflow on si4713, CVE-2011-2700
    - LP: #844370
    - CVE-2011-2700
  * Bluetooth: Prevent buffer overflow in l2cap config request,
    CVE-2011-2497
    - LP: #838423
    - CVE-2011-2497
  * core: Fix memory leak/corruption on VLAN GRO_DROP, CVE-2011-1576
    - LP: #844361
    - CVE-2011-1576

linux (2.6.35-30.59) maverick-proposed; urgency=low

[Herton R. Krzesinski]

* Release Tracking Bug
- LP: #837449

[ Upstream Kernel Changes ]

  * Revert "drm/nv50-nvc0: work around an evo channel hang that some people
    see"
  * Revert "eCryptfs: Handle failed metadata read in lookup"
-- Herton Ronaldo Krzesinski <email address hidden> Tue, 20 Sep 2011 11:03:51 -0300

This bug was fixed in the package linux-lts-backport-maverick - 2.6.35-30.60~lucid1

---------------
linux-lts-backport-maverick (2.6.35-30.60~lucid1) lucid-proposed; urgency=low

[Herton R. Krzesinski]

* Release Tracking Bug
    - LP: #854430

[ Stefan Bader ]

* [Config] Force perf to use libiberty for demangling
    - LP: #783660

[ Tim Gardner ]

* [Config] Simplify binary-udebs dependencies
  * [Config] kernel preparation cannot be parallelized
  * [Config] Linearize module/abi checks
  * [Config] Linearize and simplify tree preparation rules
  * [Config] Build kernel image in parallel with modules
  * [Config] Set concurrency for kmake invocations
  * [Config] Improve install-arch-headers speed
  * [Config] Fix binary-perarch dependencies
  * [Config] Removed stamp-flavours target
  * [Config] Serialize binary indep targets
  * [Config] Use build stamp directly
  * [Config] Restore prepare-% target
  * [Config] Fix binary-% build target

[ Upstream Kernel Changes ]

* Add mount option to check uid of device being mounted = expect uid,
    CVE-2011-1833
    - LP: #732628
    - CVE-2011-1833
  * ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * perf: Fix software event overflow, CVE-2011-2918
    - LP: #834121
    - CVE-2011-2918
  * cifs: fix possible memory corruption in CIFSFindNext, CVE-2011-3191
    - LP: #834135
    - CVE-2011-3191
  * befs: Validate length of long symbolic links, CVE-2011-2928
    - LP: #834124
    - CVE-2011-2928
  * gro: Only reset frag0 when skb can be pulled, CVE-2011-2723
    - LP: #844371
    - CVE-2011-2723
  * Validate size of EFI GUID partition entries, CVE-2011-1776
    - LP: #844365
    - CVE-2011-1776
  * inet_diag: fix inet_diag_bc_audit(), CVE-2011-2213
    - LP: #838421
    - CVE-2011-2213
  * si4713-i2c: avoid potential buffer overflow on si4713, CVE-2011-2700
    - LP: #844370
    - CVE-2011-2700
  * Bluetooth: Prevent buffer overflow in l2cap config request,
    CVE-2011-2497
    - LP: #838423
    - CVE-2011-2497
  * core: Fix memory leak/corruption on VLAN GRO_DROP, CVE-2011-1576
    - LP: #844361
    - CVE-2011-1576

linux (2.6.35-30.59) maverick-proposed; urgency=low

[Herton R. Krzesinski]

* Release Tracking Bug
    - LP: #837449

[ Upstream Kernel Changes ]

* Revert "drm/nv50-nvc0: work around an evo channel hang that some people
    see"
  * Revert "eCryptfs: Handle failed metadata read in lookup"
 -- Herton Ronaldo Krzesinski <herton.krzesinski@canonical.com>   Tue, 20 Sep 2011 11:03:51 -0300

Changed in linux-lts-backport-maverick (Ubuntu Lucid):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2011-09-29:

#7

Download full text (16.5 KiB)

This bug was fixed in the package linux-lts-backport-natty - 2.6.38-11.50~lucid1

---------------
linux-lts-backport-natty (2.6.38-11.50~lucid1) lucid-proposed; urgency=low

[Herton R. Krzesinski]

* Release Tracking Bug
- LP: #848588

[ Upstream Kernel Changes ]

  * Revert "eCryptfs: Handle failed metadata read in lookup"
  * Revert "KVM: fix kvmclock regression due to missing clock update"
  * Revert "ath9k: use split rx buffers to get rid of order-1 skb
    allocations"

linux (2.6.38-11.49) natty-proposed; urgency=low

[Herton R. Krzesinski]

* Release Tracking Bug
- LP: #836903

[ Adam Jackson ]

* SAUCE: drm/i915/pch: Fix integer math bugs in panel fitting
- LP: #753994

[ Keng-Yu Lin ]

* SAUCE: Input: ALPS - Enable Intellimouse mode for Lenovo Zhaoyang E47
- LP: #632884, #803005

[ Stefan Bader ]

* [Config] Force perf to use libiberty for demangling
- LP: #783660

[ Tim Gardner ]

* [Config] Add enic/fnic to udebs
- LP: #801610

[ Upstream Kernel Changes ]

  * eeepc-wmi: add keys found on EeePC 1215T
    - LP: #812644
  * eCryptfs: Handle failed metadata read in lookup
    - LP: #509180
  * pagemap: close races with suid execve, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * report errors in /proc/*/*map* sanely, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * close race in /proc/*/environ, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * auxv: require the target to be tracable (or yourself), CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * deal with races in /proc/*/{syscall, stack, personality}, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * vmscan: fix a livelock in kswapd
    - LP: #813797
  * mmc: Add PCI fixup quirks for Ricoh 1180:e823 reader
    - LP: #773524
  * mmc: Added quirks for Ricoh 1180:e823 lower base clock frequency
    - LP: #773524
  * rose: Add length checks to CALL_REQUEST parsing, CVE-2011-1493
    - LP: #816550
    - CVE-2011-1493
  * pata_marvell: Add support for 88SE91A0, 88SE91A4
    - LP: #777325
  * GFS2: make sure fallocate bytes is a multiple of blksize, CVE-2011-2689
    - LP: #819572
    - CVE-2011-2689
  * Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace.
    - LP: #819569
    - CVE-2011-2492
  * drm/nv50-nvc0: work around an evo channel hang that some people see
    - LP: #583760
  * KVM: fix kvmclock regression due to missing clock update
    - LP: #795717
  * Add mount option to check uid of device being mounted = expect uid,
    CVE-2011-1833
    - LP: #732628
    - CVE-2011-1833
  * proc: fix oops on invalid /proc/<pid>/maps access, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * ath9k: use split rx buffers to get rid of order-1 skb allocations
    - LP: #728835
  * perf: Fix software event overflow, CVE-2011-2918
    - LP: #834121
    - CVE-2011-2918

linux (2.6.38-11.48) natty-proposed; urgency=low

[Herton R. Krzesinski]

* Release Tracking Bug
- LP: #818175

[ Upstream Kernel Changes ]

* Revert "HID: magicmouse: ignore 'ivalid report id' while switching
...

This bug was fixed in the package linux-lts-backport-natty - 2.6.38-11.50~lucid1

---------------
linux-lts-backport-natty (2.6.38-11.50~lucid1) lucid-proposed; urgency=low

[Herton R. Krzesinski]

* Release Tracking Bug
    - LP: #848588

[ Upstream Kernel Changes ]

* Revert "eCryptfs: Handle failed metadata read in lookup"
  * Revert "KVM: fix kvmclock regression due to missing clock update"
  * Revert "ath9k: use split rx buffers to get rid of order-1 skb
    allocations"

linux (2.6.38-11.49) natty-proposed; urgency=low

[Herton R. Krzesinski]

* Release Tracking Bug
    - LP: #836903

[ Adam Jackson ]

* SAUCE: drm/i915/pch: Fix integer math bugs in panel fitting
    - LP: #753994

[ Keng-Yu Lin ]

* SAUCE: Input: ALPS - Enable Intellimouse mode for Lenovo Zhaoyang E47
    - LP: #632884, #803005

[ Stefan Bader ]

* [Config] Force perf to use libiberty for demangling
    - LP: #783660

[ Tim Gardner ]

* [Config] Add enic/fnic to udebs
    - LP: #801610

[ Upstream Kernel Changes ]

* eeepc-wmi: add keys found on EeePC 1215T
    - LP: #812644
  * eCryptfs: Handle failed metadata read in lookup
    - LP: #509180
  * pagemap: close races with suid execve, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * report errors in /proc/*/*map* sanely, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * close race in /proc/*/environ, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * auxv: require the target to be tracable (or yourself), CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * deal with races in /proc/*/{syscall, stack, personality}, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * vmscan: fix a livelock in kswapd
    - LP: #813797
  * mmc: Add PCI fixup quirks for Ricoh 1180:e823 reader
    - LP: #773524
  * mmc: Added quirks for Ricoh 1180:e823 lower base clock frequency
    - LP: #773524
  * rose: Add length checks to CALL_REQUEST parsing, CVE-2011-1493
    - LP: #816550
    - CVE-2011-1493
  * pata_marvell: Add support for 88SE91A0, 88SE91A4
    - LP: #777325
  * GFS2: make sure fallocate bytes is a multiple of blksize, CVE-2011-2689
    - LP: #819572
    - CVE-2011-2689
  * Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace.
    - LP: #819569
    - CVE-2011-2492
  * drm/nv50-nvc0: work around an evo channel hang that some people see
    - LP: #583760
  * KVM: fix kvmclock regression due to missing clock update
    - LP: #795717
  * Add mount option to check uid of device being mounted = expect uid,
    CVE-2011-1833
    - LP: #732628
    - CVE-2011-1833
  * proc: fix oops on invalid /proc/<pid>/maps access, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * ath9k: use split rx buffers to get rid of order-1 skb allocations
    - LP: #728835
  * perf: Fix software event overflow, CVE-2011-2918
    - LP: #834121
    - CVE-2011-2918

linux (2.6.38-11.48) natty-proposed; urgency=low

[Herton R. Krzesinski]

* Release Tracking Bug
    - LP: #818175

[ Upstream Kernel Changes ]

* Revert "HID: magicmouse: ignore 'ivalid report id' while switching
    modes"
    - LP: #814250

linux (2.6.38-11.47) natty-proposed; urgency=low

[Steve Conklin]

* Release Tracking Bug
    - LP: #811180

[ Keng-Yu Lin ]

* SAUCE: Revert: "dell-laptop: Toggle the unsupported hardware
    killswitch"
    - LP: #775281

[ Ming Lei ]

* SAUCE: fix yama_ptracer_del lockdep warning
    - LP: #791019

[ Stefan Bader ]

* SAUCE: Re-enable RODATA for i386 virtual
    - LP: #809838

[ Tim Gardner ]

* [Config] Add grub-efi as a recommended bootloader for server and
    generic
    - LP: #800910
  * SAUCE: rtl8192se: Force a build for a 2.6/3.0 kernel
    - LP: #805494

[ Upstream Kernel Changes ]

* Revert "bridge: Forward reserved group addresses if !STP"
    - LP: #793702
  * Fix up ABI directory
  * bonding: Incorrect TX queue offset, CVE-2011-1581
    - LP: #792312
    - CVE-2011-1581
  * fs/partitions/efi.c: corrupted GUID partition tables can cause kernel
    oops
    - LP: #795418
    - CVE-2011-1577
  * usbnet/cdc_ncm: add missing .reset_resume hook
    - LP: #793892
  * ath5k: Disable fast channel switching by default
    - LP: #767192
  * mm: vmscan: correctly check if reclaimer should schedule during
    shrink_slab
    - LP: #755066
  * mm: vmscan: correct use of pgdat_balanced in sleeping_prematurely
    - LP: #755066
  * ALSA: hda - Use LPIB for ATI/AMD chipsets as default
    - LP: #741825
  * ALSA: hda - Enable snoop bit for AMD controllers
    - LP: #741825
  * ALSA: hda - Enable sync_write workaround for AMD generically
    - LP: #741825
  * cpuidle: menu: fixed wrapping timers at 4.294 seconds
    - LP: #774947
  * drm/i915: Fix gen6 (SNB) missed BLT ring interrupts.
    - LP: #761065
  * USB: ehci: remove structure packing from ehci_def
    - LP: #791552
  * drm/i915: disable PCH ports if needed when disabling a CRTC
    - LP: #791752
  * kmemleak: Do not return a pointer to an object that kmemleak did not
    get
    - LP: #793702
  * kmemleak: Initialise kmemleak after debug_objects_mem_init()
    - LP: #793702
  * Fix _OSC UUID in pcc-cpufreq
    - LP: #793702
  * CPU hotplug, re-create sysfs directory and symlinks
    - LP: #793702
  * Fix memory leak in cpufreq_stat
    - LP: #793702
  * net: recvmmsg: Strip MSG_WAITFORONE when calling recvmsg
    - LP: #793702
  * ftrace: Only update the function code on write to filter files
    - LP: #793702
  * qla2xxx: Fix hang during driver unload when vport is active.
    - LP: #793702
  * qla2xxx: Fix virtual port failing to login after chip reset.
    - LP: #793702
  * qla2xxx: Fix vport delete hang when logins are outstanding.
    - LP: #793702
  * powerpc/kdump64: Don't reference freed memory as pacas
    - LP: #793702
  * powerpc/kexec: Fix memory corruption from unallocated slaves
    - LP: #793702
  * x86, cpufeature: Fix cpuid leaf 7 feature detection
    - LP: #793702
  * ath9k_hw: do noise floor calibration only on required chains
    - LP: #793702
  * ath9k_hw: fix power for the HT40 duplicate frames
    - LP: #793702
  * ath9k_hw: fix dual band assumption for XB113
    - LP: #793702
  * ath9k_hw: Fix STA connection issues with AR9380 (XB113).
    - LP: #793702
  * powerpc: Set nr_cpu_ids early and use it to free PACAs
    - LP: #793702
  * powerpc/oprofile: Handle events that raise an exception without
    overflowing
    - LP: #793702
  * iwlagn: fix iwl_is_any_associated
    - LP: #793702
  * block: rescan partitions on invalidated devices on -ENOMEDIA too
    - LP: #793702
  * block: move bd_set_size() above rescan_partitions() in __blkdev_get()
    - LP: #793702
  * paride: Convert to bdops->check_events()
    - LP: #793702
  * gdrom,viocd: Convert to bdops->check_events()
    - LP: #793702
  * ide: Convert to bdops->check_events()
    - LP: #793702
  * block: don't block events on excl write for non-optical devices
    - LP: #793702
  * block: Fix discard topology stacking and reporting
    - LP: #793702
  * block: add proper state guards to __elv_next_request
    - LP: #793702
  * block: always allocate genhd->ev if check_events is implemented
    - LP: #793702
  * mtd: mtdconcat: fix NAND OOB write
    - LP: #793702
  * mtd: return badblockbits back
    - LP: #793702
  * x86, 64-bit: Fix copy_[to/from]_user() checks for the userspace address
    limit
    - LP: #793702
  * ext4: fix possible use-after-free in ext4_remove_li_request()
    - LP: #793702
  * iwlwifi: fix bugs in change_interface
    - LP: #793702
  * nl80211: Fix set_key regression with some drivers
    - LP: #793702
  * mac80211: fix a few RCU issues
    - LP: #793702
  * wire up fanotify syscalls
    - LP: #793702
  * wire up clock_adjtime syscall
    - LP: #793702
  * drm: Send pending vblank events before disabling vblank.
    - LP: #793702
  * pata_cm64x: fix boot crash on parisc
    - LP: #793702
  * ext3: Fix fs corruption when make_indexed_dir() fails
    - LP: #793702
  * jbd: Fix forever sleeping process in do_get_write_access()
    - LP: #793702
  * jbd: fix fsync() tid wraparound bug
    - LP: #793702
  * ext4: release page cache in ext4_mb_load_buddy error path
    - LP: #793702
  * bonding: 802.3ad - fix agg_device_up
    - LP: #793702
  * bridge: fix forwarding of IPv6
    - LP: #793702
  * ieee802154: Remove hacked CFLAGS in net/ieee802154/Makefile
    - LP: #793702
  * irda: fix locking unbalance in irda_sendmsg
    - LP: #793702
  * inetpeer: reduce stack usage
    - LP: #793702
  * ipv6: Remove hoplimit initialization to -1
    - LP: #793702
  * ipv6: udp: fix the wrong headroom check
    - LP: #793702
  * macvlan: fix panic if lowerdev in a bond
    - LP: #793702
  * net: Do not wrap sysctl igmp_max_memberships in IP_MULTICAST
    - LP: #793702
  * net: use hlist_del_rcu() in dev_change_name()
    - LP: #793702
  * SCTP: fix race between sctp_bind_addr_free() and
    sctp_bind_addr_conflict()
    - LP: #793702
  * tcp: len check is unnecessarily devastating, change to WARN_ON
    - LP: #793702
  * vlan: fix GVRP at dismantle time MIME-Version: 1.0
    - LP: #793702
  * igmp: call ip_mc_clear_src() only when we have no users of ip_mc_list
    - LP: #793702
  * net: add skb_dst_force() in sock_queue_err_skb()
    - LP: #793702
  * sch_sfq: avoid giving spurious NET_XMIT_CN signals
    - LP: #793702
  * sctp: fix memory leak of the ASCONF queue when free asoc
    - LP: #793702
  * sch_sfq: fix peek() implementation
    - LP: #793702
  * bonding: prevent deadlock on slave store with alb mode (v3)
    - LP: #793702
  * mpt2sas: move even handling of MPT2SAS_TURN_ON_FAULT_LED into process
    context
    - LP: #793702
  * bnx2i: Fixed packet error created when the sq_size is set to 16
    - LP: #793702
  * bnx2i: Updated the connection shutdown/cleanup timeout
    - LP: #793702
  * Fix Ultrastor asm snippet
    - LP: #793702
  * target: Fix multi task->task_sg[] chaining logic bug
    - LP: #793702
  * target: Fix interrupt context bug with stats_lock and
    core_tmr_alloc_req
    - LP: #793702
  * target: Fix bug with task_sg chained transport_free_dev_tasks release
    - LP: #793702
  * target: Fix task->task_execute_queue=1 clear bug + LUN_RESET OOPs
    - LP: #793702
  * x86, ioapic: Fix potential resume deadlock
    - LP: #793702
  * x86, amd: Do not enable ARAT feature on AMD processors below family
    0x12
    - LP: #793702
  * x86, amd: Use _safe() msr access for GartTlbWlk disable code
    - LP: #793702
  * x86, cpufeature: Update CPU feature RDRND to RDRAND
    - LP: #793702
  * oprofile, x86: Enable preemption during pci device setup in IBS init
    - LP: #793702
  * rcu: Fix unpaired rcu_irq_enter() from locking selftests
    - LP: #793702
  * When mandatory encryption on share, fail mount
    - LP: #793702
  * staging: usbip: fix wrong endian conversion
    - LP: #793702
  * staging: r8712u: Fix driver to support ad-hoc mode
    - LP: #793702
  * Fix for buffer overflow in ldm_frag_add not sufficient
    - LP: #793702
  * seqlock: Don't smp_rmb in seqlock reader spin loop
    - LP: #793702
  * md: Fix race when creating a new md device.
    - LP: #793702
  * md/bitmap: fix saving of events_cleared and other state.
    - LP: #793702
  * ALSA: HDA: Use one dmic only for Dell Studio 1558
    - LP: #731706, #793702
  * ALSA: HDA: Add quirk for Lenovo U350
    - LP: #751681, #793702
  * ALSA: hda - Fix input-src parse in patch_analog.c
    - LP: #793702
  * ASoC: Ensure output PGA is enabled for line outputs in wm_hubs
    - LP: #793702
  * ASoC: Add some missing volume update bit sets for wm_hubs devices
    - LP: #793702
  * HID: magicmouse: ignore 'ivalid report id' while switching modes
    - LP: #793702
  * mm/page_alloc.c: prevent unending loop in __alloc_pages_slowpath()
    - LP: #793702
  * loop: limit 'max_part' module param to DISK_MAX_PARTS
    - LP: #793702
  * loop: handle on-demand devices correctly
    - LP: #793702
  * i2c/writing-clients: Fix foo_driver.id_table
    - LP: #793702
  * USB: CP210x Add 4 Device IDs for AC-Services Devices
    - LP: #793702
  * USB: moto_modem: Add USB identifier for the Motorola VE240.
    - LP: #793702
  * USB: serial: ftdi_sio: adding support for TavIR STK500
    - LP: #793702
  * USB: gadget: g_multi: fixed vendor and product ID in inf files
    - LP: #793702
  * USB: gamin_gps: Fix for data transfer problems in native mode
    - LP: #793702
  * Bind only modem AT command endpoint to option module.
    - LP: #793702
  * USB: cdc_acm: Fix oops when Droids MuIn LCD is connected
    - LP: #793702
  * xhci: Fix bug in control transfer cancellation.
    - LP: #793702
  * usb/gadget: at91sam9g20 fix end point max packet size
    - LP: #793702
  * usb: gadget: rndis: don't test against req->length
    - LP: #793702
  * xhci: Fix memory leak in ring cache deallocation.
    - LP: #793702
  * xhci: Fix memory leak bug when dropping endpoints
    - LP: #793702
  * USB: option: add support for Huawei E353 device
    - LP: #793702
  * OHCI: fix regression caused by nVidia shutdown workaround
    - LP: #793702
  * USB: remove remaining usages of hcd->state from usbcore and fix
    regression
    - LP: #793702
  * cx88: protect per-device driver list with device lock
    - LP: #793702
  * cx88: fix locking of sub-driver operations
    - LP: #793702
  * cx88: hold device lock during sub-driver initialization
    - LP: #793702
  * sh: clkfwk: fixup clk_rate_table_build parameter in div6 clock
    - LP: #793702
  * sh: fixup fpu.o compile order
    - LP: #793702
  * p54usb: add zoom 4410 usbid
    - LP: #793702
  * eCryptfs: Allow 2 scatterlist entries for encrypted filenames
    - LP: #793702
  * UBIFS: fix a rare memory leak in ro to rw remounting path
    - LP: #793702
  * kbuild: Fix GNU make v3.80 compatibility
    - LP: #793702
  * i8k: Avoid lahf in 64-bit code
    - LP: #793702
  * idle governor: Avoid lock acquisition to read pm_qos before entering
    idle
    - LP: #793702
  * dm table: reject devices without request fns
    - LP: #793702
  * ARM: 6941/1: cache: ensure MVA is cacheline aligned in
    flush_kern_dcache_area
    - LP: #793702
  * tmpfs: fix race between truncate and writepage
    - LP: #793702
  * atm: expose ATM device index in sysfs
    - LP: #793702
  * brd: limit 'max_part' module param to DISK_MAX_PARTS
    - LP: #793702
  * brd: handle on-demand devices correctly
    - LP: #793702
  * drm/i915: fix user irq miss in BSD ring on g4x
    - LP: #793702
  * drm/radeon/evergreen/btc/fusion: setup hdp to invalidate and flush when
    asked
    - LP: #793702
  * drm/radeon/kms: add wait idle ioctl for eg->cayman
    - LP: #793702
  * SUNRPC: Deal with the lack of a SYN_SENT sk->sk_state_change
    callback...
    - LP: #793702
  * NFSv4: Handle expired stateids when the lease is still valid
    - LP: #793702
  * NFSv4.1: Fix the handling of NFS4ERR_SEQ_MISORDERED errors
    - LP: #793702
  * PCI: Add quirk for setting valid class for TI816X Endpoint
    - LP: #793702
  * xen mmu: fix a race window causing leave_mm BUG()
    - LP: #793702
  * ext4: Use schedule_timeout_interruptible() for waiting in lazyinit
    thread
    - LP: #793702
  * AppArmor: fix oops in apparmor_setprocattr
    - LP: #793702
  * Linux 2.6.38.8
    - LP: #793702
  * xhci: Add defines for hardcoded slot states
    - LP: #802541
  * xhci: Do not issue device reset when device is not setup
    - LP: #802541
  * taskstats: don't allow duplicate entries in listener mode,
    CVE-2011-2484
    - LP: #806390
    - CVE-2011-2484
  * ext4: init timer earlier to avoid a kernel panic in __save_error_info,
    CVE-2011-2493
    - LP: #806929
    - CVE-2011-2493
  * acer-wmi: does not poll device status when WMI event is available
    - LP: #771758
  * acer-wmi: Only update rfkill status for associated hotkey events
    - LP: #771758
  * (drop after 2.6.38) acer-wmi: Add support for Aspire 1830 wlan hotkey
    - LP: #771758
  * mm: vmscan: correct check for kswapd sleeping in sleeping_prematurely
    - LP: #808509
  * mm: vmscan: kswapd should not free an excessive number of pages when
    balancing small zones
    - LP: #808509
  * mm: vmscan: do not apply pressure to slab if we are not applying
    pressure to zone
    - LP: #808509
  * mm: vmscan: evaluate the watermarks against the correct classzone
    - LP: #808509
  * mm: vmscan: only read new_classzone_idx from pgdat when reclaiming
    successfully
    - LP: #808509

linux (2.6.38-10.46) natty-proposed; urgency=low

[ Steve Conklin ]

* Release Tracking Bug
    - LP: #802464

[ Upstream Kernel Changes ]

* Revert "put stricter guards on queue dead checks"
  * Revert "fix oops in scsi_run_queue()"
 -- Herton Ronaldo Krzesinski <herton.krzesinski@canonical.com>   Tue, 13 Sep 2011 17:49:18 -0300

Changed in linux-lts-backport-natty (Ubuntu Lucid):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2011-10-04:

#8

This bug was fixed in the package linux - 2.6.24-29.94

---------------
linux (2.6.24-29.94) hardy-proposed; urgency=low

[Herton R. Krzesinski]

* Release Tracking Bug
- LP: #853945

[Upstream Kernel Changes]

  * ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * splice: fix infinite loop in generic_file_splice_read()
    - LP: #790557
  * cifs: fix possible memory corruption in CIFSFindNext, CVE-2011-3191
    - LP: #834135
    - CVE-2011-3191
  * befs: ensure fast symlinks are NUL-terminated, CVE-2011-2928
    - LP: #834124
    - CVE-2011-2928
  * befs: Validate length of long symbolic links, CVE-2011-2928
    - LP: #834124
    - CVE-2011-2928
  * Validate size of EFI GUID partition entries, CVE-2011-1776
    - LP: #844365
    - CVE-2011-1776
  * inet_diag: fix inet_diag_bc_audit(), CVE-2011-2213
    - LP: #838421
    - CVE-2011-2213
  * Bluetooth: Prevent buffer overflow in l2cap config request,
    CVE-2011-2497
    - LP: #838423
    - CVE-2011-2497
-- Herton Ronaldo Krzesinski <email address hidden> Mon, 19 Sep 2011 12:24:41 -0300

Changed in linux (Ubuntu Hardy):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2011-10-11:

#9

This bug was fixed in the package linux - 2.6.35-30.60

---------------
linux (2.6.35-30.60) maverick-proposed; urgency=low

[Herton R. Krzesinski]

* Release Tracking Bug
- LP: #854092

[ Stefan Bader ]

* [Config] Force perf to use libiberty for demangling
- LP: #783660

[ Tim Gardner ]

  * [Config] Simplify binary-udebs dependencies
  * [Config] kernel preparation cannot be parallelized
  * [Config] Linearize module/abi checks
  * [Config] Linearize and simplify tree preparation rules
  * [Config] Build kernel image in parallel with modules
  * [Config] Set concurrency for kmake invocations
  * [Config] Improve install-arch-headers speed
  * [Config] Fix binary-perarch dependencies
  * [Config] Removed stamp-flavours target
  * [Config] Serialize binary indep targets
  * [Config] Use build stamp directly
  * [Config] Restore prepare-% target
  * [Config] Fix binary-% build target

[ Upstream Kernel Changes ]

  * Add mount option to check uid of device being mounted = expect uid,
    CVE-2011-1833
    - LP: #732628
    - CVE-2011-1833
  * ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * perf: Fix software event overflow, CVE-2011-2918
    - LP: #834121
    - CVE-2011-2918
  * cifs: fix possible memory corruption in CIFSFindNext, CVE-2011-3191
    - LP: #834135
    - CVE-2011-3191
  * befs: Validate length of long symbolic links, CVE-2011-2928
    - LP: #834124
    - CVE-2011-2928
  * gro: Only reset frag0 when skb can be pulled, CVE-2011-2723
    - LP: #844371
    - CVE-2011-2723
  * Validate size of EFI GUID partition entries, CVE-2011-1776
    - LP: #844365
    - CVE-2011-1776
  * inet_diag: fix inet_diag_bc_audit(), CVE-2011-2213
    - LP: #838421
    - CVE-2011-2213
  * si4713-i2c: avoid potential buffer overflow on si4713, CVE-2011-2700
    - LP: #844370
    - CVE-2011-2700
  * Bluetooth: Prevent buffer overflow in l2cap config request,
    CVE-2011-2497
    - LP: #838423
    - CVE-2011-2497
  * core: Fix memory leak/corruption on VLAN GRO_DROP, CVE-2011-1576
    - LP: #844361
    - CVE-2011-1576
-- Herton Ronaldo Krzesinski <email address hidden> Mon, 19 Sep 2011 15:10:43 -0300

This bug was fixed in the package linux - 2.6.35-30.60

---------------
linux (2.6.35-30.60) maverick-proposed; urgency=low

[Herton R. Krzesinski]

* Release Tracking Bug
    - LP: #854092

[ Stefan Bader ]

* [Config] Force perf to use libiberty for demangling
    - LP: #783660

[ Tim Gardner ]

* [Config] Simplify binary-udebs dependencies
  * [Config] kernel preparation cannot be parallelized
  * [Config] Linearize module/abi checks
  * [Config] Linearize and simplify tree preparation rules
  * [Config] Build kernel image in parallel with modules
  * [Config] Set concurrency for kmake invocations
  * [Config] Improve install-arch-headers speed
  * [Config] Fix binary-perarch dependencies
  * [Config] Removed stamp-flavours target
  * [Config] Serialize binary indep targets
  * [Config] Use build stamp directly
  * [Config] Restore prepare-% target
  * [Config] Fix binary-% build target

[ Upstream Kernel Changes ]

* Add mount option to check uid of device being mounted = expect uid,
    CVE-2011-1833
    - LP: #732628
    - CVE-2011-1833
  * ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * perf: Fix software event overflow, CVE-2011-2918
    - LP: #834121
    - CVE-2011-2918
  * cifs: fix possible memory corruption in CIFSFindNext, CVE-2011-3191
    - LP: #834135
    - CVE-2011-3191
  * befs: Validate length of long symbolic links, CVE-2011-2928
    - LP: #834124
    - CVE-2011-2928
  * gro: Only reset frag0 when skb can be pulled, CVE-2011-2723
    - LP: #844371
    - CVE-2011-2723
  * Validate size of EFI GUID partition entries, CVE-2011-1776
    - LP: #844365
    - CVE-2011-1776
  * inet_diag: fix inet_diag_bc_audit(), CVE-2011-2213
    - LP: #838421
    - CVE-2011-2213
  * si4713-i2c: avoid potential buffer overflow on si4713, CVE-2011-2700
    - LP: #844370
    - CVE-2011-2700
  * Bluetooth: Prevent buffer overflow in l2cap config request,
    CVE-2011-2497
    - LP: #838423
    - CVE-2011-2497
  * core: Fix memory leak/corruption on VLAN GRO_DROP, CVE-2011-1576
    - LP: #844361
    - CVE-2011-1576
 -- Herton Ronaldo Krzesinski <herton.krzesinski@canonical.com>   Mon, 19 Sep 2011 15:10:43 -0300

Changed in linux (Ubuntu Maverick):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2011-10-25:

#10

Download full text (5.7 KiB)

This bug was fixed in the package linux-mvl-dove - 2.6.32-419.37

---------------
linux-mvl-dove (2.6.32-419.37) maverick-proposed; urgency=low

* Release Tracking Bug
- LP: #872659

[ Paolo Pisati ]

* Rebased to 2.6.32-35.78

[ Ubuntu: 2.6.32-35.78 ]

  * Release Tracking Bug
    - LP: #871899
  * SAUCE: sched: Prevent divide by zero when cpu_power is 0
    - LP: #614853
  * [Config] Force perf to use libiberty for demangling
    - LP: #783660
  * [Config] Simplify binary-udebs dependencies
    - LP: #832352
  * [Config] kernel preparation cannot be parallelized
    - LP: #832352
  * [Config] Linearize module/abi checks
    - LP: #832352
  * [Config] Linearize and simplify tree preparation rules
    - LP: #832352
  * [Config] Build kernel image in parallel with modules
    - LP: #832352
  * [Config] Set concurrency for kmake invocations
    - LP: #832352
  * [Config] Improve install-arch-headers speed
    - LP: #832352
  * [Config] Fix binary-perarch dependencies
    - LP: #832352
  * [Config] Removed stamp-flavours target
    - LP: #832352
  * [Config] Serialize binary indep targets
    - LP: #832352
  * [Config] Use build stamp directly
    - LP: #832352
  * [Config] Restore prepare-% target
    - LP: #832352
  * [Config] Fix binary-% build target
  * [Config] Fix install-headers target
    - LP: #832352
  * SAUCE: igb: Protect stats update
    - LP: #829566
  * SAUCE: rtl8192se spams log
    - LP: #859702
  * Add mount option to check uid of device being mounted = expect uid,
    CVE-2011-1833
    - LP: #732628
    - CVE-2011-1833
  * crypto: Move md5_transform to lib/md5.c
    - LP: #827462
  * net: Compute protocol sequence numbers and fragment IDs using MD5.
    - LP: #827462
  * ALSA: timer - Fix Oops at closing slave timer
    - LP: #827462
  * ALSA: snd-usb-caiaq: Fix keymap for RigKontrol3
    - LP: #827462
  * powerpc: Fix device tree claim code
    - LP: #827462
  * powerpc: pseries: Fix kexec on machines with more than 4TB of RAM
    - LP: #827462
  * Linux 2.6.32.45+drm33.19
    - LP: #827462
  * ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * tunnels: fix netns vs proto registration ordering
    - LP: #823296
  * Fix broken backport for IPv6 tunnels in 2.6.32-longterm kernels.
  * USB: xhci: fix OS want to own HC
    - LP: #837669
  * USB: assign instead of equal in usbtmc.c
    - LP: #837669
  * USB: usb-storage: unusual_devs entry for ARM V2M motherboard.
    - LP: #837669
  * USB: Serial: Added device ID for Qualcomm Modem in Sagemcom's HiLo3G
    - LP: #837669
  * atm: br2864: sent packets truncated in VC routed mode
    - LP: #837669
  * hwmon: (ibmaem) add missing kfree
    - LP: #837669
  * ALSA: snd-usb-caiaq: Correct offset fields of outbound iso_frame_desc
    - LP: #837669
  * mm: fix wrong vmap address calculations with odd NR_CPUS values
    - LP: #837669
  * perf tools: do not look at ./config for configuration
    - LP: #837669
  * fs/partitions/efi.c: corrupted GUID partition tables can cause kernel
    oops
    - LP: #837669
  * befs: Validate length of long symbolic links.
    - LP: #837669
  * ALSA: snd_usb_caiaq: track submitted outp...

This bug was fixed in the package linux-mvl-dove - 2.6.32-419.37

---------------
linux-mvl-dove (2.6.32-419.37) maverick-proposed; urgency=low

* Release Tracking Bug
    - LP: #872659

[ Paolo Pisati ]

* Rebased to 2.6.32-35.78

[ Ubuntu: 2.6.32-35.78 ]

* Release Tracking Bug
    - LP: #871899
  * SAUCE: sched: Prevent divide by zero when cpu_power is 0
    - LP: #614853
  * [Config] Force perf to use libiberty for demangling
    - LP: #783660
  * [Config] Simplify binary-udebs dependencies
    - LP: #832352
  * [Config] kernel preparation cannot be parallelized
    - LP: #832352
  * [Config] Linearize module/abi checks
    - LP: #832352
  * [Config] Linearize and simplify tree preparation rules
    - LP: #832352
  * [Config] Build kernel image in parallel with modules
    - LP: #832352
  * [Config] Set concurrency for kmake invocations
    - LP: #832352
  * [Config] Improve install-arch-headers speed
    - LP: #832352
  * [Config] Fix binary-perarch dependencies
    - LP: #832352
  * [Config] Removed stamp-flavours target
    - LP: #832352
  * [Config] Serialize binary indep targets
    - LP: #832352
  * [Config] Use build stamp directly
    - LP: #832352
  * [Config] Restore prepare-% target
    - LP: #832352
  * [Config] Fix binary-% build target
  * [Config] Fix install-headers target
    - LP: #832352
  * SAUCE: igb: Protect stats update
    - LP: #829566
  * SAUCE: rtl8192se spams log
    - LP: #859702
  * Add mount option to check uid of device being mounted = expect uid,
    CVE-2011-1833
    - LP: #732628
    - CVE-2011-1833
  * crypto: Move md5_transform to lib/md5.c
    - LP: #827462
  * net: Compute protocol sequence numbers and fragment IDs using MD5.
    - LP: #827462
  * ALSA: timer - Fix Oops at closing slave timer
    - LP: #827462
  * ALSA: snd-usb-caiaq: Fix keymap for RigKontrol3
    - LP: #827462
  * powerpc: Fix device tree claim code
    - LP: #827462
  * powerpc: pseries: Fix kexec on machines with more than 4TB of RAM
    - LP: #827462
  * Linux 2.6.32.45+drm33.19
    - LP: #827462
  * ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * tunnels: fix netns vs proto registration ordering
    - LP: #823296
  * Fix broken backport for IPv6 tunnels in 2.6.32-longterm kernels.
  * USB: xhci: fix OS want to own HC
    - LP: #837669
  * USB: assign instead of equal in usbtmc.c
    - LP: #837669
  * USB: usb-storage: unusual_devs entry for ARM V2M motherboard.
    - LP: #837669
  * USB: Serial: Added device ID for Qualcomm Modem in Sagemcom's HiLo3G
    - LP: #837669
  * atm: br2864: sent packets truncated in VC routed mode
    - LP: #837669
  * hwmon: (ibmaem) add missing kfree
    - LP: #837669
  * ALSA: snd-usb-caiaq: Correct offset fields of outbound iso_frame_desc
    - LP: #837669
  * mm: fix wrong vmap address calculations with odd NR_CPUS values
    - LP: #837669
  * perf tools: do not look at ./config for configuration
    - LP: #837669
  * fs/partitions/efi.c: corrupted GUID partition tables can cause kernel
    oops
    - LP: #837669
  * befs: Validate length of long symbolic links.
    - LP: #837669
  * ALSA: snd_usb_caiaq: track submitted output urbs
    - LP: #837669
  * ALSA: ac97: Add HP Compaq dc5100 SFF(PT003AW) to Headphone Jack Sense
    whitelist
    - LP: #826081, #837669
  * futex: Fix regression with read only mappings
    - LP: #837669
  * x86-32, vdso: On system call restart after SYSENTER, use int $0x80
    - LP: #837669
  * x86, UV: Remove UV delay in starting slave cpus
    - LP: #837669
  * drm/ttm: fix ttm_bo_add_ttm(user) failure path
    - LP: #837669
  * fuse: check size of FUSE_NOTIFY_INVAL_ENTRY message
    - LP: #837669
  * igb: Fix lack of flush after register write and before delay
    - LP: #837669
  * Linux 2.6.32.46
    - LP: #837669
  * cifs: fix possible memory corruption in CIFSFindNext, CVE-2011-3191
    - LP: #834135
    - CVE-2011-3191
  * Bluetooth: Prevent buffer overflow in l2cap config request,
    CVE-2011-2497
    - LP: #838423
    - CVE-2011-2497
  * core: Fix memory leak/corruption on VLAN GRO_DROP, CVE-2011-1576
    - LP: #844361
    - CVE-2011-1576
  * ext4: Fix max file size and logical block counting of extent format
    file, CVE-2011-2695
    - LP: #819574
    - CVE-2011-2695
  * drm/i915: prepare for fair lru eviction
    - LP: #843904
  * drm/i915: Move the eviction logic to its own file.
    - LP: #843904
  * drm/i915: Implement fair lru eviction across both rings. (v2)
    - LP: #843904
  * drm/i915: Maintain LRU order of inactive objects upon access by CPU
    (v2)
    - LP: #843904
  * drm/i915/evict: Ensure we completely cleanup on failure
    - LP: #843904
  * drm/i915: Periodically flush the active lists and requests
    - LP: #843904
  * Make TASKSTATS require root access, CVE-2011-2494
    - LP: #866021
    - CVE-2011-2494
  * proc: fix a race in do_io_accounting(), CVE-2011-2495
    - LP: #866025
    - CVE-2011-2495
  * drm/i915: Remove BUG_ON from i915_gem_evict_something
    - LP: #828550
  * drm/i915: Hold a reference to the object whilst unbinding the eviction
    list
    - LP: #843904
  * drm/i915: Fix refleak during eviction.
    - LP: #843904
  * Linux 2.6.32.46+drm33.20

[ Ubuntu: 2.6.32-34.77 ]

* Release Tracking Bug
    - LP: #849228
  * Revert "drm/i915: Remove BUG_ON from i915_gem_evict_something"
  * Revert "drm/i915: Periodically flush the active lists and requests"
  * Revert "drm/i915/evict: Ensure we completely cleanup on failure"
  * Revert "drm/i915: Maintain LRU order of inactive objects upon access by
    CPU (v2)"
  * Revert "drm/i915: Implement fair lru eviction across both rings. (v2)"
  * Revert "drm/i915: Move the eviction logic to its own file."
  * Revert "drm/i915: prepare for fair lru eviction"
 -- Paolo Pisati <paolo.pisati@canonical.com>   Thu, 13 Oct 2011 11:02:06 +0200

Changed in linux-mvl-dove (Ubuntu Maverick):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2011-10-25:

#11

Download full text (5.6 KiB)

This bug was fixed in the package linux-ec2 - 2.6.32-319.39

---------------
linux-ec2 (2.6.32-319.39) lucid-proposed; urgency=low

[ Stefan Bader ]

  * Rebased to 2.6.32-35.78
  * Release Tracking Bug
    - LP: #873063

[ Ubuntu: 2.6.32-35.78 ]

  * [Config] Force perf to use libiberty for demangling
    - LP: #783660
  * [Config] Simplify binary-udebs dependencies
    - LP: #832352
  * [Config] kernel preparation cannot be parallelized
    - LP: #832352
  * [Config] Linearize module/abi checks
    - LP: #832352
  * [Config] Linearize and simplify tree preparation rules
    - LP: #832352
  * [Config] Build kernel image in parallel with modules
    - LP: #832352
  * [Config] Set concurrency for kmake invocations
    - LP: #832352
  * [Config] Improve install-arch-headers speed
    - LP: #832352
  * [Config] Fix binary-perarch dependencies
    - LP: #832352
  * [Config] Removed stamp-flavours target
    - LP: #832352
  * [Config] Serialize binary indep targets
    - LP: #832352
  * [Config] Use build stamp directly
    - LP: #832352
  * [Config] Restore prepare-% target
    - LP: #832352
  * [Config] Fix binary-% build target
  * [Config] Fix install-headers target
    - LP: #832352
  * SAUCE: igb: Protect stats update
    - LP: #829566
  * SAUCE: rtl8192se spams log
    - LP: #859702
  * Add mount option to check uid of device being mounted = expect uid,
    CVE-2011-1833
    - LP: #732628
    - CVE-2011-1833
  * crypto: Move md5_transform to lib/md5.c
    - LP: #827462
  * net: Compute protocol sequence numbers and fragment IDs using MD5.
    - LP: #827462
  * ALSA: timer - Fix Oops at closing slave timer
    - LP: #827462
  * ALSA: snd-usb-caiaq: Fix keymap for RigKontrol3
    - LP: #827462
  * powerpc: Fix device tree claim code
    - LP: #827462
  * powerpc: pseries: Fix kexec on machines with more than 4TB of RAM
    - LP: #827462
  * Linux 2.6.32.45+drm33.19
    - LP: #827462
  * ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * tunnels: fix netns vs proto registration ordering
    - LP: #823296
  * Fix broken backport for IPv6 tunnels in 2.6.32-longterm kernels.
  * USB: xhci: fix OS want to own HC
    - LP: #837669
  * USB: assign instead of equal in usbtmc.c
    - LP: #837669
  * USB: usb-storage: unusual_devs entry for ARM V2M motherboard.
    - LP: #837669
  * USB: Serial: Added device ID for Qualcomm Modem in Sagemcom's HiLo3G
    - LP: #837669
  * atm: br2864: sent packets truncated in VC routed mode
    - LP: #837669
  * hwmon: (ibmaem) add missing kfree
    - LP: #837669
  * ALSA: snd-usb-caiaq: Correct offset fields of outbound iso_frame_desc
    - LP: #837669
  * mm: fix wrong vmap address calculations with odd NR_CPUS values
    - LP: #837669
  * perf tools: do not look at ./config for configuration
    - LP: #837669
  * fs/partitions/efi.c: corrupted GUID partition tables can cause kernel
    oops
    - LP: #837669
  * befs: Validate length of long symbolic links.
    - LP: #837669
  * ALSA: snd_usb_caiaq: track submitted output urbs
    - LP: #837669
  * ALSA: ac97: Add HP Compaq dc5100 SFF(PT003AW) to Headphone Jack Sense
    whitelist
    - LP: #826081, #83...

This bug was fixed in the package linux-ec2 - 2.6.32-319.39

---------------
linux-ec2 (2.6.32-319.39) lucid-proposed; urgency=low

[ Stefan Bader ]

* Rebased to 2.6.32-35.78
  * Release Tracking Bug
    - LP: #873063

[ Ubuntu: 2.6.32-35.78 ]

* [Config] Force perf to use libiberty for demangling
    - LP: #783660
  * [Config] Simplify binary-udebs dependencies
    - LP: #832352
  * [Config] kernel preparation cannot be parallelized
    - LP: #832352
  * [Config] Linearize module/abi checks
    - LP: #832352
  * [Config] Linearize and simplify tree preparation rules
    - LP: #832352
  * [Config] Build kernel image in parallel with modules
    - LP: #832352
  * [Config] Set concurrency for kmake invocations
    - LP: #832352
  * [Config] Improve install-arch-headers speed
    - LP: #832352
  * [Config] Fix binary-perarch dependencies
    - LP: #832352
  * [Config] Removed stamp-flavours target
    - LP: #832352
  * [Config] Serialize binary indep targets
    - LP: #832352
  * [Config] Use build stamp directly
    - LP: #832352
  * [Config] Restore prepare-% target
    - LP: #832352
  * [Config] Fix binary-% build target
  * [Config] Fix install-headers target
    - LP: #832352
  * SAUCE: igb: Protect stats update
    - LP: #829566
  * SAUCE: rtl8192se spams log
    - LP: #859702
  * Add mount option to check uid of device being mounted = expect uid,
    CVE-2011-1833
    - LP: #732628
    - CVE-2011-1833
  * crypto: Move md5_transform to lib/md5.c
    - LP: #827462
  * net: Compute protocol sequence numbers and fragment IDs using MD5.
    - LP: #827462
  * ALSA: timer - Fix Oops at closing slave timer
    - LP: #827462
  * ALSA: snd-usb-caiaq: Fix keymap for RigKontrol3
    - LP: #827462
  * powerpc: Fix device tree claim code
    - LP: #827462
  * powerpc: pseries: Fix kexec on machines with more than 4TB of RAM
    - LP: #827462
  * Linux 2.6.32.45+drm33.19
    - LP: #827462
  * ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * tunnels: fix netns vs proto registration ordering
    - LP: #823296
  * Fix broken backport for IPv6 tunnels in 2.6.32-longterm kernels.
  * USB: xhci: fix OS want to own HC
    - LP: #837669
  * USB: assign instead of equal in usbtmc.c
    - LP: #837669
  * USB: usb-storage: unusual_devs entry for ARM V2M motherboard.
    - LP: #837669
  * USB: Serial: Added device ID for Qualcomm Modem in Sagemcom's HiLo3G
    - LP: #837669
  * atm: br2864: sent packets truncated in VC routed mode
    - LP: #837669
  * hwmon: (ibmaem) add missing kfree
    - LP: #837669
  * ALSA: snd-usb-caiaq: Correct offset fields of outbound iso_frame_desc
    - LP: #837669
  * mm: fix wrong vmap address calculations with odd NR_CPUS values
    - LP: #837669
  * perf tools: do not look at ./config for configuration
    - LP: #837669
  * fs/partitions/efi.c: corrupted GUID partition tables can cause kernel
    oops
    - LP: #837669
  * befs: Validate length of long symbolic links.
    - LP: #837669
  * ALSA: snd_usb_caiaq: track submitted output urbs
    - LP: #837669
  * ALSA: ac97: Add HP Compaq dc5100 SFF(PT003AW) to Headphone Jack Sense
    whitelist
    - LP: #826081, #837669
  * futex: Fix regression with read only mappings
    - LP: #837669
  * x86-32, vdso: On system call restart after SYSENTER, use int $0x80
    - LP: #837669
  * x86, UV: Remove UV delay in starting slave cpus
    - LP: #837669
  * drm/ttm: fix ttm_bo_add_ttm(user) failure path
    - LP: #837669
  * fuse: check size of FUSE_NOTIFY_INVAL_ENTRY message
    - LP: #837669
  * igb: Fix lack of flush after register write and before delay
    - LP: #837669
  * Linux 2.6.32.46
    - LP: #837669
  * cifs: fix possible memory corruption in CIFSFindNext, CVE-2011-3191
    - LP: #834135
    - CVE-2011-3191
  * Bluetooth: Prevent buffer overflow in l2cap config request,
    CVE-2011-2497
    - LP: #838423
    - CVE-2011-2497
  * core: Fix memory leak/corruption on VLAN GRO_DROP, CVE-2011-1576
    - LP: #844361
    - CVE-2011-1576
  * ext4: Fix max file size and logical block counting of extent format
    file, CVE-2011-2695
    - LP: #819574
    - CVE-2011-2695
  * drm/i915: prepare for fair lru eviction
    - LP: #843904
  * drm/i915: Move the eviction logic to its own file.
    - LP: #843904
  * drm/i915: Implement fair lru eviction across both rings. (v2)
    - LP: #843904
  * drm/i915: Maintain LRU order of inactive objects upon access by CPU
    (v2)
    - LP: #843904
  * drm/i915/evict: Ensure we completely cleanup on failure
    - LP: #843904
  * drm/i915: Periodically flush the active lists and requests
    - LP: #843904
  * Make TASKSTATS require root access, CVE-2011-2494
    - LP: #866021
    - CVE-2011-2494
  * proc: fix a race in do_io_accounting(), CVE-2011-2495
    - LP: #866025
    - CVE-2011-2495
  * drm/i915: Remove BUG_ON from i915_gem_evict_something
    - LP: #828550
  * drm/i915: Hold a reference to the object whilst unbinding the eviction
    list
    - LP: #843904
  * drm/i915: Fix refleak during eviction.
    - LP: #843904
  * Linux 2.6.32.46+drm33.20

[ Ubuntu: 2.6.32-34.77 ]

* Revert "drm/i915: Remove BUG_ON from i915_gem_evict_something"
  * Revert "drm/i915: Periodically flush the active lists and requests"
  * Revert "drm/i915/evict: Ensure we completely cleanup on failure"
  * Revert "drm/i915: Maintain LRU order of inactive objects upon access by
    CPU (v2)"
  * Revert "drm/i915: Implement fair lru eviction across both rings. (v2)"
  * Revert "drm/i915: Move the eviction logic to its own file."
  * Revert "drm/i915: prepare for fair lru eviction"
 -- Stefan Bader <stefan.bader@canonical.com>   Fri, 14 Oct 2011 17:14:29 +0100

Changed in linux-ec2 (Ubuntu Lucid):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2011-10-25:

#12

Download full text (5.7 KiB)

This bug was fixed in the package linux-mvl-dove - 2.6.32-219.37

---------------
linux-mvl-dove (2.6.32-219.37) lucid-proposed; urgency=low

* Release Tracking Bug
- LP: #873062

[ Paolo Pisati ]

* Rebased to 2.6.32-35.78

[ Ubuntu: 2.6.32-35.78 ]

  * Release Tracking Bug
    - LP: #871899
  * SAUCE: sched: Prevent divide by zero when cpu_power is 0
    - LP: #614853
  * [Config] Force perf to use libiberty for demangling
    - LP: #783660
  * [Config] Simplify binary-udebs dependencies
    - LP: #832352
  * [Config] kernel preparation cannot be parallelized
    - LP: #832352
  * [Config] Linearize module/abi checks
    - LP: #832352
  * [Config] Linearize and simplify tree preparation rules
    - LP: #832352
  * [Config] Build kernel image in parallel with modules
    - LP: #832352
  * [Config] Set concurrency for kmake invocations
    - LP: #832352
  * [Config] Improve install-arch-headers speed
    - LP: #832352
  * [Config] Fix binary-perarch dependencies
    - LP: #832352
  * [Config] Removed stamp-flavours target
    - LP: #832352
  * [Config] Serialize binary indep targets
    - LP: #832352
  * [Config] Use build stamp directly
    - LP: #832352
  * [Config] Restore prepare-% target
    - LP: #832352
  * [Config] Fix binary-% build target
  * [Config] Fix install-headers target
    - LP: #832352
  * SAUCE: igb: Protect stats update
    - LP: #829566
  * SAUCE: rtl8192se spams log
    - LP: #859702
  * Add mount option to check uid of device being mounted = expect uid,
    CVE-2011-1833
    - LP: #732628
    - CVE-2011-1833
  * crypto: Move md5_transform to lib/md5.c
    - LP: #827462
  * net: Compute protocol sequence numbers and fragment IDs using MD5.
    - LP: #827462
  * ALSA: timer - Fix Oops at closing slave timer
    - LP: #827462
  * ALSA: snd-usb-caiaq: Fix keymap for RigKontrol3
    - LP: #827462
  * powerpc: Fix device tree claim code
    - LP: #827462
  * powerpc: pseries: Fix kexec on machines with more than 4TB of RAM
    - LP: #827462
  * Linux 2.6.32.45+drm33.19
    - LP: #827462
  * ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * tunnels: fix netns vs proto registration ordering
    - LP: #823296
  * Fix broken backport for IPv6 tunnels in 2.6.32-longterm kernels.
  * USB: xhci: fix OS want to own HC
    - LP: #837669
  * USB: assign instead of equal in usbtmc.c
    - LP: #837669
  * USB: usb-storage: unusual_devs entry for ARM V2M motherboard.
    - LP: #837669
  * USB: Serial: Added device ID for Qualcomm Modem in Sagemcom's HiLo3G
    - LP: #837669
  * atm: br2864: sent packets truncated in VC routed mode
    - LP: #837669
  * hwmon: (ibmaem) add missing kfree
    - LP: #837669
  * ALSA: snd-usb-caiaq: Correct offset fields of outbound iso_frame_desc
    - LP: #837669
  * mm: fix wrong vmap address calculations with odd NR_CPUS values
    - LP: #837669
  * perf tools: do not look at ./config for configuration
    - LP: #837669
  * fs/partitions/efi.c: corrupted GUID partition tables can cause kernel
    oops
    - LP: #837669
  * befs: Validate length of long symbolic links.
    - LP: #837669
  * ALSA: snd_usb_caiaq: track submitted output ...

This bug was fixed in the package linux-mvl-dove - 2.6.32-219.37

---------------
linux-mvl-dove (2.6.32-219.37) lucid-proposed; urgency=low

* Release Tracking Bug
    - LP: #873062

[ Paolo Pisati ]

* Rebased to 2.6.32-35.78

[ Ubuntu: 2.6.32-35.78 ]

* Release Tracking Bug
    - LP: #871899
  * SAUCE: sched: Prevent divide by zero when cpu_power is 0
    - LP: #614853
  * [Config] Force perf to use libiberty for demangling
    - LP: #783660
  * [Config] Simplify binary-udebs dependencies
    - LP: #832352
  * [Config] kernel preparation cannot be parallelized
    - LP: #832352
  * [Config] Linearize module/abi checks
    - LP: #832352
  * [Config] Linearize and simplify tree preparation rules
    - LP: #832352
  * [Config] Build kernel image in parallel with modules
    - LP: #832352
  * [Config] Set concurrency for kmake invocations
    - LP: #832352
  * [Config] Improve install-arch-headers speed
    - LP: #832352
  * [Config] Fix binary-perarch dependencies
    - LP: #832352
  * [Config] Removed stamp-flavours target
    - LP: #832352
  * [Config] Serialize binary indep targets
    - LP: #832352
  * [Config] Use build stamp directly
    - LP: #832352
  * [Config] Restore prepare-% target
    - LP: #832352
  * [Config] Fix binary-% build target
  * [Config] Fix install-headers target
    - LP: #832352
  * SAUCE: igb: Protect stats update
    - LP: #829566
  * SAUCE: rtl8192se spams log
    - LP: #859702
  * Add mount option to check uid of device being mounted = expect uid,
    CVE-2011-1833
    - LP: #732628
    - CVE-2011-1833
  * crypto: Move md5_transform to lib/md5.c
    - LP: #827462
  * net: Compute protocol sequence numbers and fragment IDs using MD5.
    - LP: #827462
  * ALSA: timer - Fix Oops at closing slave timer
    - LP: #827462
  * ALSA: snd-usb-caiaq: Fix keymap for RigKontrol3
    - LP: #827462
  * powerpc: Fix device tree claim code
    - LP: #827462
  * powerpc: pseries: Fix kexec on machines with more than 4TB of RAM
    - LP: #827462
  * Linux 2.6.32.45+drm33.19
    - LP: #827462
  * ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * tunnels: fix netns vs proto registration ordering
    - LP: #823296
  * Fix broken backport for IPv6 tunnels in 2.6.32-longterm kernels.
  * USB: xhci: fix OS want to own HC
    - LP: #837669
  * USB: assign instead of equal in usbtmc.c
    - LP: #837669
  * USB: usb-storage: unusual_devs entry for ARM V2M motherboard.
    - LP: #837669
  * USB: Serial: Added device ID for Qualcomm Modem in Sagemcom's HiLo3G
    - LP: #837669
  * atm: br2864: sent packets truncated in VC routed mode
    - LP: #837669
  * hwmon: (ibmaem) add missing kfree
    - LP: #837669
  * ALSA: snd-usb-caiaq: Correct offset fields of outbound iso_frame_desc
    - LP: #837669
  * mm: fix wrong vmap address calculations with odd NR_CPUS values
    - LP: #837669
  * perf tools: do not look at ./config for configuration
    - LP: #837669
  * fs/partitions/efi.c: corrupted GUID partition tables can cause kernel
    oops
    - LP: #837669
  * befs: Validate length of long symbolic links.
    - LP: #837669
  * ALSA: snd_usb_caiaq: track submitted output urbs
    - LP: #837669
  * ALSA: ac97: Add HP Compaq dc5100 SFF(PT003AW) to Headphone Jack Sense
    whitelist
    - LP: #826081, #837669
  * futex: Fix regression with read only mappings
    - LP: #837669
  * x86-32, vdso: On system call restart after SYSENTER, use int $0x80
    - LP: #837669
  * x86, UV: Remove UV delay in starting slave cpus
    - LP: #837669
  * drm/ttm: fix ttm_bo_add_ttm(user) failure path
    - LP: #837669
  * fuse: check size of FUSE_NOTIFY_INVAL_ENTRY message
    - LP: #837669
  * igb: Fix lack of flush after register write and before delay
    - LP: #837669
  * Linux 2.6.32.46
    - LP: #837669
  * cifs: fix possible memory corruption in CIFSFindNext, CVE-2011-3191
    - LP: #834135
    - CVE-2011-3191
  * Bluetooth: Prevent buffer overflow in l2cap config request,
    CVE-2011-2497
    - LP: #838423
    - CVE-2011-2497
  * core: Fix memory leak/corruption on VLAN GRO_DROP, CVE-2011-1576
    - LP: #844361
    - CVE-2011-1576
  * ext4: Fix max file size and logical block counting of extent format
    file, CVE-2011-2695
    - LP: #819574
    - CVE-2011-2695
  * drm/i915: prepare for fair lru eviction
    - LP: #843904
  * drm/i915: Move the eviction logic to its own file.
    - LP: #843904
  * drm/i915: Implement fair lru eviction across both rings. (v2)
    - LP: #843904
  * drm/i915: Maintain LRU order of inactive objects upon access by CPU
    (v2)
    - LP: #843904
  * drm/i915/evict: Ensure we completely cleanup on failure
    - LP: #843904
  * drm/i915: Periodically flush the active lists and requests
    - LP: #843904
  * Make TASKSTATS require root access, CVE-2011-2494
    - LP: #866021
    - CVE-2011-2494
  * proc: fix a race in do_io_accounting(), CVE-2011-2495
    - LP: #866025
    - CVE-2011-2495
  * drm/i915: Remove BUG_ON from i915_gem_evict_something
    - LP: #828550
  * drm/i915: Hold a reference to the object whilst unbinding the eviction
    list
    - LP: #843904
  * drm/i915: Fix refleak during eviction.
    - LP: #843904
  * Linux 2.6.32.46+drm33.20

[ Ubuntu: 2.6.32-34.77 ]

* Release Tracking Bug
    - LP: #849228
  * Revert "drm/i915: Remove BUG_ON from i915_gem_evict_something"
  * Revert "drm/i915: Periodically flush the active lists and requests"
  * Revert "drm/i915/evict: Ensure we completely cleanup on failure"
  * Revert "drm/i915: Maintain LRU order of inactive objects upon access by
    CPU (v2)"
  * Revert "drm/i915: Implement fair lru eviction across both rings. (v2)"
  * Revert "drm/i915: Move the eviction logic to its own file."
  * Revert "drm/i915: prepare for fair lru eviction"
 -- Paolo Pisati <paolo.pisati@canonical.com>   Thu, 13 Oct 2011 11:02:06 +0200

Changed in linux-mvl-dove (Ubuntu Lucid):
status:	Fix Committed → Fix Released

Marc Deslauriers (mdeslaur) on 2011-10-25

Changed in linux-lts-backport-oneiric (Ubuntu Oneiric):
status:	New → Invalid
importance:	Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Lucid):
status:	New → Invalid
importance:	Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Precise):
status:	New → Invalid
importance:	Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Hardy):
status:	New → Invalid
importance:	Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Maverick):
status:	New → Invalid
importance:	Undecided → Low
Changed in linux-lts-backport-oneiric (Ubuntu Natty):
status:	New → Invalid
importance:	Undecided → Low

Revision history for this message

Launchpad Janitor (janitor) wrote on 2011-11-08:

#13

Download full text (5.2 KiB)

This bug was fixed in the package linux - 2.6.32-35.78

---------------
linux (2.6.32-35.78) lucid-proposed; urgency=low

[Herton R. Krzesinski]

* Release Tracking Bug
- LP: #871899

[ Andrew Dickinson ]

* SAUCE: sched: Prevent divide by zero when cpu_power is 0
- LP: #614853

[ Stefan Bader ]

* [Config] Force perf to use libiberty for demangling
- LP: #783660

[ Tim Gardner ]

  * [Config] Simplify binary-udebs dependencies
    - LP: #832352
  * [Config] kernel preparation cannot be parallelized
    - LP: #832352
  * [Config] Linearize module/abi checks
    - LP: #832352
  * [Config] Linearize and simplify tree preparation rules
    - LP: #832352
  * [Config] Build kernel image in parallel with modules
    - LP: #832352
  * [Config] Set concurrency for kmake invocations
    - LP: #832352
  * [Config] Improve install-arch-headers speed
    - LP: #832352
  * [Config] Fix binary-perarch dependencies
    - LP: #832352
  * [Config] Removed stamp-flavours target
    - LP: #832352
  * [Config] Serialize binary indep targets
    - LP: #832352
  * [Config] Use build stamp directly
    - LP: #832352
  * [Config] Restore prepare-% target
    - LP: #832352
  * [Config] Fix binary-% build target
  * [Config] Fix install-headers target
    - LP: #832352
  * SAUCE: igb: Protect stats update
    - LP: #829566
  * SAUCE: rtl8192se spams log
    - LP: #859702

[ Upstream Kernel Changes ]

  * Add mount option to check uid of device being mounted = expect uid,
    CVE-2011-1833
    - LP: #732628
    - CVE-2011-1833
  * crypto: Move md5_transform to lib/md5.c
    - LP: #827462
  * net: Compute protocol sequence numbers and fragment IDs using MD5.
    - LP: #827462
  * ALSA: timer - Fix Oops at closing slave timer
    - LP: #827462
  * ALSA: snd-usb-caiaq: Fix keymap for RigKontrol3
    - LP: #827462
  * powerpc: Fix device tree claim code
    - LP: #827462
  * powerpc: pseries: Fix kexec on machines with more than 4TB of RAM
    - LP: #827462
  * Linux 2.6.32.45+drm33.19
    - LP: #827462
  * ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * tunnels: fix netns vs proto registration ordering
    - LP: #823296
  * Fix broken backport for IPv6 tunnels in 2.6.32-longterm kernels.
  * USB: xhci: fix OS want to own HC
    - LP: #837669
  * USB: assign instead of equal in usbtmc.c
    - LP: #837669
  * USB: usb-storage: unusual_devs entry for ARM V2M motherboard.
    - LP: #837669
  * USB: Serial: Added device ID for Qualcomm Modem in Sagemcom's HiLo3G
    - LP: #837669
  * atm: br2864: sent packets truncated in VC routed mode
    - LP: #837669
  * hwmon: (ibmaem) add missing kfree
    - LP: #837669
  * ALSA: snd-usb-caiaq: Correct offset fields of outbound iso_frame_desc
    - LP: #837669
  * mm: fix wrong vmap address calculations with odd NR_CPUS values
    - LP: #837669
  * perf tools: do not look at ./config for configuration
    - LP: #837669
  * fs/partitions/efi.c: corrupted GUID partition tables can cause kernel
    oops
    - LP: #837669
  * befs: Validate length of long symbolic links.
    - LP: #837669
  * ALSA: snd_usb_caiaq: track submitted output urbs
    - LP: #8...

This bug was fixed in the package linux - 2.6.32-35.78

---------------
linux (2.6.32-35.78) lucid-proposed; urgency=low

[Herton R. Krzesinski]

* Release Tracking Bug
    - LP: #871899

[ Andrew Dickinson ]

* SAUCE: sched: Prevent divide by zero when cpu_power is 0
    - LP: #614853

[ Stefan Bader ]

* [Config] Force perf to use libiberty for demangling
    - LP: #783660

[ Tim Gardner ]

* [Config] Simplify binary-udebs dependencies
    - LP: #832352
  * [Config] kernel preparation cannot be parallelized
    - LP: #832352
  * [Config] Linearize module/abi checks
    - LP: #832352
  * [Config] Linearize and simplify tree preparation rules
    - LP: #832352
  * [Config] Build kernel image in parallel with modules
    - LP: #832352
  * [Config] Set concurrency for kmake invocations
    - LP: #832352
  * [Config] Improve install-arch-headers speed
    - LP: #832352
  * [Config] Fix binary-perarch dependencies
    - LP: #832352
  * [Config] Removed stamp-flavours target
    - LP: #832352
  * [Config] Serialize binary indep targets
    - LP: #832352
  * [Config] Use build stamp directly
    - LP: #832352
  * [Config] Restore prepare-% target
    - LP: #832352
  * [Config] Fix binary-% build target
  * [Config] Fix install-headers target
    - LP: #832352
  * SAUCE: igb: Protect stats update
    - LP: #829566
  * SAUCE: rtl8192se spams log
    - LP: #859702

[ Upstream Kernel Changes ]

* Add mount option to check uid of device being mounted = expect uid,
    CVE-2011-1833
    - LP: #732628
    - CVE-2011-1833
  * crypto: Move md5_transform to lib/md5.c
    - LP: #827462
  * net: Compute protocol sequence numbers and fragment IDs using MD5.
    - LP: #827462
  * ALSA: timer - Fix Oops at closing slave timer
    - LP: #827462
  * ALSA: snd-usb-caiaq: Fix keymap for RigKontrol3
    - LP: #827462
  * powerpc: Fix device tree claim code
    - LP: #827462
  * powerpc: pseries: Fix kexec on machines with more than 4TB of RAM
    - LP: #827462
  * Linux 2.6.32.45+drm33.19
    - LP: #827462
  * ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * tunnels: fix netns vs proto registration ordering
    - LP: #823296
  * Fix broken backport for IPv6 tunnels in 2.6.32-longterm kernels.
  * USB: xhci: fix OS want to own HC
    - LP: #837669
  * USB: assign instead of equal in usbtmc.c
    - LP: #837669
  * USB: usb-storage: unusual_devs entry for ARM V2M motherboard.
    - LP: #837669
  * USB: Serial: Added device ID for Qualcomm Modem in Sagemcom's HiLo3G
    - LP: #837669
  * atm: br2864: sent packets truncated in VC routed mode
    - LP: #837669
  * hwmon: (ibmaem) add missing kfree
    - LP: #837669
  * ALSA: snd-usb-caiaq: Correct offset fields of outbound iso_frame_desc
    - LP: #837669
  * mm: fix wrong vmap address calculations with odd NR_CPUS values
    - LP: #837669
  * perf tools: do not look at ./config for configuration
    - LP: #837669
  * fs/partitions/efi.c: corrupted GUID partition tables can cause kernel
    oops
    - LP: #837669
  * befs: Validate length of long symbolic links.
    - LP: #837669
  * ALSA: snd_usb_caiaq: track submitted output urbs
    - LP: #837669
  * ALSA: ac97: Add HP Compaq dc5100 SFF(PT003AW) to Headphone Jack Sense
    whitelist
    - LP: #826081, #837669
  * futex: Fix regression with read only mappings
    - LP: #837669
  * x86-32, vdso: On system call restart after SYSENTER, use int $0x80
    - LP: #837669
  * x86, UV: Remove UV delay in starting slave cpus
    - LP: #837669
  * drm/ttm: fix ttm_bo_add_ttm(user) failure path
    - LP: #837669
  * fuse: check size of FUSE_NOTIFY_INVAL_ENTRY message
    - LP: #837669
  * igb: Fix lack of flush after register write and before delay
    - LP: #837669
  * Linux 2.6.32.46
    - LP: #837669
  * cifs: fix possible memory corruption in CIFSFindNext, CVE-2011-3191
    - LP: #834135
    - CVE-2011-3191
  * Bluetooth: Prevent buffer overflow in l2cap config request,
    CVE-2011-2497
    - LP: #838423
    - CVE-2011-2497
  * core: Fix memory leak/corruption on VLAN GRO_DROP, CVE-2011-1576
    - LP: #844361
    - CVE-2011-1576
  * ext4: Fix max file size and logical block counting of extent format
    file, CVE-2011-2695
    - LP: #819574
    - CVE-2011-2695
  * drm/i915: prepare for fair lru eviction
    - LP: #843904
  * drm/i915: Move the eviction logic to its own file.
    - LP: #843904
  * drm/i915: Implement fair lru eviction across both rings. (v2)
    - LP: #843904
  * drm/i915: Maintain LRU order of inactive objects upon access by CPU
    (v2)
    - LP: #843904
  * drm/i915/evict: Ensure we completely cleanup on failure
    - LP: #843904
  * drm/i915: Periodically flush the active lists and requests
    - LP: #843904
  * Make TASKSTATS require root access, CVE-2011-2494
    - LP: #866021
    - CVE-2011-2494
  * proc: fix a race in do_io_accounting(), CVE-2011-2495
    - LP: #866025
    - CVE-2011-2495
  * drm/i915: Remove BUG_ON from i915_gem_evict_something
    - LP: #828550
  * drm/i915: Hold a reference to the object whilst unbinding the eviction
    list
    - LP: #843904
  * drm/i915: Fix refleak during eviction.
    - LP: #843904
  * Linux 2.6.32.46+drm33.20
 -- Herton Ronaldo Krzesinski <herton.krzesinski@canonical.com>   Mon, 10 Oct 2011 14:12:26 -0300

Changed in linux (Ubuntu Lucid):
status:	Fix Committed → Fix Released

Paolo Pisati (p-pisati) on 2012-12-04

Changed in linux-ti-omap4 (Ubuntu Oneiric):
status:	Fix Committed → Fix Released
Changed in linux-ti-omap4 (Ubuntu Precise):
status:	Fix Committed → Fix Released
Changed in linux-ti-omap4 (Ubuntu):
status:	Fix Committed → Fix Released

Jamie Strandboge (jdstrand) on 2013-05-21

Changed in linux (Ubuntu Oneiric):
status:	Fix Committed → Won't Fix

Revision history for this message

Andy Whitcroft (apw) wrote on 2015-01-21:

#14

This was already applied upstream.

Changed in linux (Ubuntu Precise):
status:	Fix Committed → Fix Released
Changed in linux (Ubuntu):
status:	Fix Committed → Fix Released

Juerg Haefliger (juergh) on 2025-04-18

tags:

added: kernel-daily-bug

Ubuntu
linux package

CVE-2011-2699

Bug Description

Related branches

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
linux (Ubuntu)	Fix Released	Low	Andy Whitcroft
Hardy	Fix Released	Low	Andy Whitcroft
Lucid	Fix Released	Low	Andy Whitcroft
Maverick	Fix Released	Low	Andy Whitcroft
Natty	Fix Released	Low	Andy Whitcroft
Oneiric	Won't Fix	Low	Andy Whitcroft
Precise	Fix Released	Low	Andy Whitcroft
linux-ec2 (Ubuntu)	Invalid	Low	Unassigned
Hardy	Invalid	Low	Unassigned
Lucid	Fix Released	Low	Unassigned
Maverick	Invalid	Low	Unassigned
Natty	Invalid	Low	Unassigned
Oneiric	Invalid	Low	Unassigned
Precise	Invalid	Low	Unassigned
linux-fsl-imx51 (Ubuntu)	Invalid	Low	Unassigned
Hardy	Invalid	Low	Unassigned
Lucid	Fix Released	Low	Andy Whitcroft
Maverick	Invalid	Low	Unassigned
Natty	Invalid	Low	Unassigned
Oneiric	Invalid	Low	Unassigned
Precise	Invalid	Low	Unassigned
linux-lts-backport-maverick (Ubuntu)	Invalid	Low	Unassigned
Hardy	Invalid	Low	Unassigned
Lucid	Fix Released	Low	Unassigned
Maverick	Invalid	Low	Unassigned
Natty	Invalid	Low	Unassigned
Oneiric	Invalid	Low	Unassigned
Precise	Invalid	Low	Unassigned
linux-lts-backport-natty (Ubuntu)	Invalid	Low	Unassigned
Hardy	Invalid	Low	Unassigned
Lucid	Fix Released	Low	Unassigned
Maverick	Invalid	Low	Unassigned
Natty	Invalid	Low	Unassigned
Oneiric	Invalid	Low	Unassigned
Precise	Invalid	Low	Unassigned
linux-lts-backport-oneiric (Ubuntu)	Invalid	Low	Unassigned
Hardy	Invalid	Low	Unassigned
Lucid	Invalid	Low	Unassigned
Maverick	Invalid	Low	Unassigned
Natty	Invalid	Low	Unassigned
Oneiric	Invalid	Low	Unassigned
Precise	Invalid	Low	Unassigned
linux-mvl-dove (Ubuntu)	Invalid	Low	Unassigned
Hardy	Invalid	Low	Unassigned
Lucid	Fix Released	Low	Unassigned
Maverick	Fix Released	Low	Unassigned
Natty	Invalid	Low	Unassigned
Oneiric	Invalid	Low	Unassigned
Precise	Invalid	Low	Unassigned
linux-ti-omap4 (Ubuntu)	Fix Released	Low	Andy Whitcroft
Hardy	Invalid	Low	Unassigned
Lucid	Invalid	Low	Unassigned
Maverick	Fix Released	Low	Andy Whitcroft
Natty	Fix Released	Low	Andy Whitcroft
Oneiric	Fix Released	Low	Andy Whitcroft
Precise	Fix Released	Low	Andy Whitcroft

Ubuntulinux package

CVE-2011-2699

Bug Description

Related branches

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux package