Karmic fsl-imx51: tracking bug, update to 2.6.31-112.30

Bug #713223 reported by Tim Gardner on 2011-02-04
264
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux-fsl-imx51 (Ubuntu)
Undecided
Unassigned
Karmic
Undecided
Tim Gardner

Bug Description

rebased to Karmic master branch 2.6.31-22.72 which contains many CVEs and stable updates.

Tim Gardner (timg-tpi) on 2011-02-04
summary: - Karmic fsl-imx51: update to 2.6.31-112.30
+ Karmic fsl-imx51: tracking bug, update to 2.6.31-112.30
visibility: private → public
Changed in linux-fsl-imx51 (Ubuntu):
status: New → Invalid
Tim Gardner (timg-tpi) on 2011-02-04
Changed in linux-fsl-imx51 (Ubuntu Karmic):
assignee: nobody → Tim Gardner (timg-tpi)
status: New → Fix Committed

Accepted linux-fsl-imx51 into karmic-proposed, the package will build now and be available in a few hours. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

Tobin Davis (gruemaster) wrote :

Tested this release. Passed with no regressions.

tags: added: verification-done
Tim Gardner (timg-tpi) on 2011-02-17
tags: added: verification-done-karmic
removed: verification-done
Launchpad Janitor (janitor) wrote :
Download full text (6.7 KiB)

This bug was fixed in the package linux-fsl-imx51 - 2.6.31-112.30

---------------
linux-fsl-imx51 (2.6.31-112.30) karmic; urgency=low

  [ Tim Gardner ]

  * rebased to 2.6.31-22.72. This rebase contains all of the master
    branch changes since 2.6.31-22.61.
  * Tracking Bug
    - LP: #713223

  [ Upstream Kernel Changes ]

  * Karmic SRU: thinkpad-acpi: lock down video output state access, CVE-2010-3448
    - LP: #706999
    - CVE-2010-3448
  * USB: serial/mos*: prevent reading uninitialized stack memory,
    CVE-2010-4074
    - LP: #706149
    - CVE-2010-4074
  * KVM: Fix fs/gs reload oops with invalid ldt
    - LP: #707000
    - CVE-2010-3698
  * drivers/video/sis/sis_main.c: prevent reading uninitialized stack
    memory, CVE-2010-4078
    - LP: #707579
    - CVE-2010-4078
  * V4L/DVB: ivtvfb: prevent reading uninitialized stack memory,
    CVE-2010-4079
    - LP: #707649
    - CVE-2010-4079

  [ Upstream Kernel Changes ]

  * ipc: initialize structure memory to zero for compat functions
  * tcp: Increase TCP_MAXSEG socket option minimum.
    - CVE-2010-4165
  * perf_events: Fix perf_counter_mmap() hook in mprotect()
    - CVE-2010-4169
  * af_unix: limit unix_tot_inflight
    - CVE-2010-4249

  [ Leann Ogasawara ]

  * Revert "SAUCE: AF_ECONET saddr->cookie prevent NULL pointer
    dereference"
  * Revert "SAUCE: AF_ECONET SIOCSIFADDR ioctl does not check privileges"
  * Revert "SAUCE: AF_ECONET prevent kernel stack overflow"

  [ Upstream Kernel Changes ]

  * Btrfs: fix checks in BTRFS_IOC_CLONE_RANGE
    - CVE-2010-2538
  * xfs: validate untrusted inode numbers during lookup
    - CVE-2010-2943
  * xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED
    - CVE-2010-2943
  * xfs: remove block number from inode lookup code
    - CVE-2010-2943
  * xfs: fix untrusted inode number lookup
    - CVE-2010-2943
  * drm/i915: Sanity check pread/pwrite
    - CVE-2010-2962
  * drm/i915: Rephrase pwrite bounds checking to avoid any potential
    overflow
    - CVE-2010-2962
  * tracing: Do not allow llseek to set_ftrace_filter
    - CVE-2010-3079
  * drivers/net/cxgb3/cxgb3_main.c: prevent reading uninitialized stack
    memory
    - CVE-2010-3296
  * drivers/net/eql.c: prevent reading uninitialized stack memory
    - CVE-2010-3297
  * drivers/net/usb/hso.c: prevent reading uninitialized memory
    - CVE-2010-3298
  * setup_arg_pages: diagnose excessive argument size
    - CVE-2010-3858
  * net: clear heap allocation for ETHTOOL_GRXCLSRLALL
    - CVE-2010-3861
  * ipc: shm: fix information leak to userland
    - CVE-2010-4072
  * econet: disallow NULL remote addr for sendmsg(), fixes CVE-2010-3849
    - CVE-2010-3849
  * econet: fix CVE-2010-3850
    - CVE-2010-3850
  * econet: fix CVE-2010-3848
    - CVE-2010-3848

  [ Leann Ogasawara ]

  * SAUCE: AF_ECONET prevent kernel stack overflow
    - CVE-2010-3848
  * SAUCE: AF_ECONET SIOCSIFADDR ioctl does not check privileges
    - CVE-2010-3850
  * SAUCE: AF_ECONET saddr->cookie prevent NULL pointer dereference
    - CVE-2010-3849

  [ Andy Whitcroft ]

  * SAUCE: docs -- fix doc strings for fc_event_seq

  [ Brad Figg ]

  * SAUCE: (no-up) Modularize vesafb -- fix initialization
    - LP: #611471
...

Read more...

Changed in linux-fsl-imx51 (Ubuntu Karmic):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers