This bug was fixed in the package linux-fsl-imx51 - 2.6.31-611.29
--------------- linux-fsl-imx51 (2.6.31-611.29) lucid-proposed; urgency=low
* Release tracking bug - LP: #873059
[ Upstream Kernel Changes ]
* cifs: fix possible memory corruption in CIFSFindNext, CVE-2011-3191 - LP: #834135 - CVE-2011-3191 * befs: Validate length of long symbolic links, CVE-2011-2928 - LP: #834124 - CVE-2011-2928 * gro: Only reset frag0 when skb can be pulled, CVE-2011-2723 - LP: #844371 - CVE-2011-2723 * Validate size of EFI GUID partition entries, CVE-2011-1776 - LP: #844365 - CVE-2011-1776 * inet_diag: fix inet_diag_bc_audit(), CVE-2011-2213 - LP: #838421 - CVE-2011-2213 * Bluetooth: Prevent buffer overflow in l2cap config request, CVE-2011-2497 - LP: #838423 - CVE-2011-2497 * core: Fix memory leak/corruption on VLAN GRO_DROP, CVE-2011-1576 - LP: #844361 - CVE-2011-1576 * crypto: Move md5_transform to lib/md5.c, CVE-2011-3188 - LP: #827462, #834129 - CVE-2011-3188 * net: Compute protocol sequence numbers and fragment IDs using MD5, CVE-2011-3188 - LP: #827462, #834129 - CVE-2011-3188 * ext4: correctly calculate number of blocks for fiemap, CVE-2011-2695 - LP: #474597, #583414, #819574 - CVE-2011-2695 * ext4: Fix max file size and logical block counting of extent format file, CVE-2011-2695 - LP: #819574 - CVE-2011-2695 * cifs: always do is_path_accessible check in cifs_mount, CVE-2011-3363 - LP: #866034 - CVE-2011-3363 * cifs: add fallback in is_path_accessible for old servers, CVE-2011-3363 - LP: #866034 - CVE-2011-3363 * Make TASKSTATS require root access, CVE-2011-2494 - LP: #866021 - CVE-2011-2494 * proc: restrict access to /proc/PID/io, CVE-2011-2495 - LP: #866025 - CVE-2011-2495 * proc: fix a race in do_io_accounting(), CVE-2011-2495 - LP: #866025 - CVE-2011-2495 * staging: comedi: fix infoleak to userspace, CVE-2011-2909 - LP: #869261 - CVE-2011-2909 * sctp: fix to calc the INIT/INIT-ACK chunk length correctly is set, CVE-2011-1573 - LP: #869205 - CVE-2011-1573 * perf tools: do not look at ./config for configuration, CVE-2011-2905 - LP: #869259 - CVE-2011-2905 * net_sched: Fix qdisc_notify() - CVE-2011-2525 - LP: #869250 - CVE-2011-2525 * nl80211: fix overflow in ssid_len - CVE-2011-2517 - LP: #869245 - CVE-2011-2517 * mm: avoid wrapping vm_pgoff in mremap() - CVE-2011-2496 - LP: #869243 - CVE-2011-2496 * vm: fix vm_pgoff wrap in stack expansion - CVE-2011-2496 - LP: #869243 - CVE-2011-2496 * vm: fix vm_pgoff wrap in upward expansion - CVE-2011-2496 - LP: #869243 - CVE-2011-2496 -- Paolo Pisati <email address hidden> Thu, 13 Oct 2011 12:19:09 +0200
This bug was fixed in the package linux-fsl-imx51 - 2.6.31-611.29
---------------
linux-fsl-imx51 (2.6.31-611.29) lucid-proposed; urgency=low
* Release tracking bug
- LP: #873059
[ Upstream Kernel Changes ]
* cifs: fix possible memory corruption in CIFSFindNext, CVE-2011-3191 bc_audit( ), CVE-2011-2213
- LP: #834135
- CVE-2011-3191
* befs: Validate length of long symbolic links, CVE-2011-2928
- LP: #834124
- CVE-2011-2928
* gro: Only reset frag0 when skb can be pulled, CVE-2011-2723
- LP: #844371
- CVE-2011-2723
* Validate size of EFI GUID partition entries, CVE-2011-1776
- LP: #844365
- CVE-2011-1776
* inet_diag: fix inet_diag_
- LP: #838421
- CVE-2011-2213
* Bluetooth: Prevent buffer overflow in l2cap config request,
CVE-2011-2497
- LP: #838423
- CVE-2011-2497
* core: Fix memory leak/corruption on VLAN GRO_DROP, CVE-2011-1576
- LP: #844361
- CVE-2011-1576
* crypto: Move md5_transform to lib/md5.c, CVE-2011-3188
- LP: #827462, #834129
- CVE-2011-3188
* net: Compute protocol sequence numbers and fragment IDs using MD5,
CVE-2011-3188
- LP: #827462, #834129
- CVE-2011-3188
* ext4: correctly calculate number of blocks for fiemap, CVE-2011-2695
- LP: #474597, #583414, #819574
- CVE-2011-2695
* ext4: Fix max file size and logical block counting of extent format
file, CVE-2011-2695
- LP: #819574
- CVE-2011-2695
* cifs: always do is_path_accessible check in cifs_mount, CVE-2011-3363
- LP: #866034
- CVE-2011-3363
* cifs: add fallback in is_path_accessible for old servers, CVE-2011-3363
- LP: #866034
- CVE-2011-3363
* Make TASKSTATS require root access, CVE-2011-2494
- LP: #866021
- CVE-2011-2494
* proc: restrict access to /proc/PID/io, CVE-2011-2495
- LP: #866025
- CVE-2011-2495
* proc: fix a race in do_io_accounting(), CVE-2011-2495
- LP: #866025
- CVE-2011-2495
* staging: comedi: fix infoleak to userspace, CVE-2011-2909
- LP: #869261
- CVE-2011-2909
* sctp: fix to calc the INIT/INIT-ACK chunk length correctly is set,
CVE-2011-1573
- LP: #869205
- CVE-2011-1573
* perf tools: do not look at ./config for configuration, CVE-2011-2905
- LP: #869259
- CVE-2011-2905
* net_sched: Fix qdisc_notify() - CVE-2011-2525
- LP: #869250
- CVE-2011-2525
* nl80211: fix overflow in ssid_len - CVE-2011-2517
- LP: #869245
- CVE-2011-2517
* mm: avoid wrapping vm_pgoff in mremap() - CVE-2011-2496
- LP: #869243
- CVE-2011-2496
* vm: fix vm_pgoff wrap in stack expansion - CVE-2011-2496
- LP: #869243
- CVE-2011-2496
* vm: fix vm_pgoff wrap in upward expansion - CVE-2011-2496
- LP: #869243
- CVE-2011-2496
-- Paolo Pisati <email address hidden> Thu, 13 Oct 2011 12:19:09 +0200