Bug #737823 “CVE-2010-4529” : Karmic (9.10) : Bugs : linux-fsl-imx51 package : Ubuntu

Leann Ogasawara (leannogasawara) on 2011-03-18

security vulnerability:

no → yes

Leann Ogasawara (leannogasawara) on 2011-03-21

description:

updated

Revision history for this message

Leann Ogasawara (leannogasawara) wrote on 2011-03-21:

#1

maverick.patch Edit (2.1 KiB, text/plain)

Revision history for this message

Leann Ogasawara (leannogasawara) wrote on 2011-03-21:

#2

lucid.patch Edit (2.1 KiB, text/plain)

Revision history for this message

Leann Ogasawara (leannogasawara) wrote on 2011-03-21:

#3

karmic.patch Edit (2.1 KiB, text/plain)

Revision history for this message

Leann Ogasawara (leannogasawara) wrote on 2011-03-21:

#4

hardy.patch Edit (2.1 KiB, text/plain)

Revision history for this message

Leann Ogasawara (leannogasawara) wrote on 2011-03-21:

#5

dapper.patch Edit (2.1 KiB, text/plain)

Leann Ogasawara (leannogasawara) on 2011-03-21

Changed in linux (Ubuntu Natty):
status:	New → Invalid
Changed in linux (Ubuntu Maverick):
assignee:	nobody → Leann Ogasawara (leannogasawara)
importance:	Undecided → Low
status:	New → In Progress
Changed in linux (Ubuntu Lucid):
assignee:	nobody → Leann Ogasawara (leannogasawara)
importance:	Undecided → Low
status:	New → In Progress
Changed in linux (Ubuntu Karmic):
assignee:	nobody → Leann Ogasawara (leannogasawara)
importance:	Undecided → Low
status:	New → In Progress
Changed in linux (Ubuntu Hardy):
assignee:	nobody → Leann Ogasawara (leannogasawara)
importance:	Undecided → Low
status:	New → In Progress
Changed in linux (Ubuntu Dapper):
assignee:	nobody → Leann Ogasawara (leannogasawara)
importance:	Undecided → Low
status:	New → In Progress

Paolo Pisati (p-pisati) on 2011-03-24

Changed in linux-ti-omap4 (Ubuntu Maverick):
assignee:	nobody → Paolo Pisati (p-pisati)
Changed in linux-ti-omap4 (Ubuntu Dapper):
status:	New → Invalid
Changed in linux-ti-omap4 (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-ti-omap4 (Ubuntu Karmic):
status:	New → Invalid
Changed in linux-ti-omap4 (Ubuntu Lucid):
status:	New → Invalid
Changed in linux-ti-omap4 (Ubuntu Natty):
status:	New → Invalid
Changed in linux-ti-omap4 (Ubuntu Maverick):
status:	New → In Progress

Paolo Pisati (p-pisati) on 2011-03-24

Changed in linux-mvl-dove (Ubuntu Dapper):
status:	New → Invalid
Changed in linux-mvl-dove (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-mvl-dove (Ubuntu Karmic):
status:	New → Invalid
Changed in linux-mvl-dove (Ubuntu Natty):
status:	New → Invalid
Changed in linux-mvl-dove (Ubuntu Lucid):
assignee:	nobody → Paolo Pisati (p-pisati)

Paolo Pisati (p-pisati) on 2011-03-24

Changed in linux-mvl-dove (Ubuntu Maverick):
assignee:	nobody → Paolo Pisati (p-pisati)

Jamie Strandboge (jdstrand) on 2011-03-25

Changed in linux-fsl-imx51 (Ubuntu Natty):
status:	New → Invalid
Changed in linux-lts-backport-maverick (Ubuntu Natty):
status:	New → Invalid

Tim Gardner (timg-tpi) on 2011-03-28

Changed in linux-ti-omap4 (Ubuntu Maverick):
status:	In Progress → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2011-04-19:

#6

Download full text (3.4 KiB)

This bug was fixed in the package linux-ti-omap4 - 2.6.35-903.22

---------------
linux-ti-omap4 (2.6.35-903.22) maverick; urgency=low

[ Paolo Pisati ]

* Release Tracking Bug
- LP: #744250

[ Upstream Kernel Changes ]

  * ALSA: seq/oss - Fix double-free at error path of snd_seq_oss_open(), CVE-2010-3080
    - CVE-2010-3080
  * tracing: t_start: reset FTRACE_ITER_HASH in case of seek/pread, CVE-2010-3079
    - CVE-2010-3079
  * KEYS: Fix bug in keyctl_session_to_parent() if parent has no session keyring, CVE-2010-2960
    - CVE-2010-2960
  * drm/i915: Sanity check pread/pwrite, CVE-2010-2962
    - CVE-2010-2962
  * do_exit(): make sure that we run with get_fs() == USER_DS, CVE-2010-3849
    - CVE-2010-3849
  * econet: disallow NULL remote addr for sendmsg(), fixes CVE-2010-3849
    - CVE-2010-3849
  * econet: fix CVE-2010-3850
    - CVE-2010-3850
  * econet: fix CVE-2010-3848
    - CVE-2010-3848
  * compat: Make compat_alloc_user_space() incorporate the access_ok(), CVE-2010-3081
    - CVE-2010-3081
  * irda: Correctly clean up self->ias_obj on irda_bind() failure., CVE-2010-2954
    - CVE-2010-2954
  * wireless extensions: fix kernel heap content leak, CVE-2010-2955
    - CVE-2010-2955
  * KEYS: Fix RCU no-lock warning in keyctl_session_to_parent(), CVE-2010-2960
    - CVE-2010-2960
  * Fix pktcdvd ioctl dev_minor range check, CVE-2010-3437
    - CVE-2010-3437
  * Fix out-of-bounds reading in sctp_asoc_get_hmac(), CVE-2010-3705
    - CVE-2010-3705
  * ocfs2: Don't walk off the end of fast symlinks., CVE-2010-NNN2
    - CVE-2010-NNN2
  * v4l: disable dangerous buggy compat function, CVE-2010-2963
    - CVE-2010-2963
  * Local privilege escalation vulnerability in RDS sockets, CVE-2010-3904
    - CVE-2010-3904
  * net: clear heap allocation for ETHTOOL_GRXCLSRLALL, CVE-2010-3861
    - CVE-2010-3861
  * ipc: shm: fix information leak to userland, CVE-2010-4072
    - CVE-2010-4072
  * tcp: Increase TCP_MAXSEG socket option minimum., CVE-2010-4165
    - CVE-2010-4165
  * af_unix: limit unix_tot_inflight, CVE-2010-4249
    - CVE-2010-4249
  * V4L/DVB: ivtvfb: prevent reading uninitialized stack memory, CVE-2010-4079
    - LP: #707649
    - CVE-2010-4079
  * net: fix rds_iovec page count overflow, CVE-2010-3865
    - LP: #709153
    - CVE-2010-3865
  * net: ax25: fix information leak to userland, CVE-2010-3875
    - LP: #710714
    - CVE-2010-3875
  * net: ax25: fix information leak to userland harder, CVE-2010-3875
    - LP: #710714
    - CVE-2010-3875
  * net: packet: fix information leak to userland, CVE-2010-3876
    - LP: #710714
    - CVE-2010-3876
  * net: tipc: fix information leak to userland, CVE-2010-3877
    - LP: #711291
    - CVE-2010-3877
  * filter: make sure filters dont read uninitialized memory, CVE-2010-4158
    - LP: #721282
    - CVE-2010-4158
  * econet: Fix crash in aun_incoming(). CVE-2010-4342
    - LP: #736394
    - CVE-2010-4342
  * sound: Prevent buffer overflow in OSS load_mixer_volumes, CVE-2010-4527
    - LP: #737073
    - CVE-2010-4527
  * irda: prevent integer underflow in IRLMP_ENUMDEVICES, CVE-2010-4529
    - LP: #737823
    - CVE-2010-4529
  * x25: Prevent crashing when parsing bad X.25 facilities, C...

This bug was fixed in the package linux-ti-omap4 - 2.6.35-903.22

---------------
linux-ti-omap4 (2.6.35-903.22) maverick; urgency=low

[ Paolo Pisati ]

* Release Tracking Bug
    - LP: #744250

[ Upstream Kernel Changes ]

* ALSA: seq/oss - Fix double-free at error path of snd_seq_oss_open(), CVE-2010-3080
    - CVE-2010-3080
  * tracing: t_start: reset FTRACE_ITER_HASH in case of seek/pread, CVE-2010-3079
    - CVE-2010-3079
  * KEYS: Fix bug in keyctl_session_to_parent() if parent has no session keyring, CVE-2010-2960
    - CVE-2010-2960
  * drm/i915: Sanity check pread/pwrite, CVE-2010-2962
    - CVE-2010-2962
  * do_exit(): make sure that we run with get_fs() == USER_DS, CVE-2010-3849
    - CVE-2010-3849
  * econet: disallow NULL remote addr for sendmsg(), fixes CVE-2010-3849
    - CVE-2010-3849
  * econet: fix CVE-2010-3850
    - CVE-2010-3850
  * econet: fix CVE-2010-3848
    - CVE-2010-3848
  * compat: Make compat_alloc_user_space() incorporate the access_ok(), CVE-2010-3081
    - CVE-2010-3081
  * irda: Correctly clean up self->ias_obj on irda_bind() failure., CVE-2010-2954
    - CVE-2010-2954
  * wireless extensions: fix kernel heap content leak, CVE-2010-2955
    - CVE-2010-2955
  * KEYS: Fix RCU no-lock warning in keyctl_session_to_parent(), CVE-2010-2960
    - CVE-2010-2960
  * Fix pktcdvd ioctl dev_minor range check, CVE-2010-3437
    - CVE-2010-3437
  * Fix out-of-bounds reading in sctp_asoc_get_hmac(), CVE-2010-3705
    - CVE-2010-3705
  * ocfs2: Don't walk off the end of fast symlinks., CVE-2010-NNN2
    - CVE-2010-NNN2
  * v4l: disable dangerous buggy compat function, CVE-2010-2963
    - CVE-2010-2963
  * Local privilege escalation vulnerability in RDS sockets, CVE-2010-3904
    - CVE-2010-3904
  * net: clear heap allocation for ETHTOOL_GRXCLSRLALL, CVE-2010-3861
    - CVE-2010-3861
  * ipc: shm: fix information leak to userland, CVE-2010-4072
    - CVE-2010-4072
  * tcp: Increase TCP_MAXSEG socket option minimum., CVE-2010-4165
    - CVE-2010-4165
  * af_unix: limit unix_tot_inflight, CVE-2010-4249
    - CVE-2010-4249
  * V4L/DVB: ivtvfb: prevent reading uninitialized stack memory, CVE-2010-4079
    - LP: #707649
    - CVE-2010-4079
  * net: fix rds_iovec page count overflow, CVE-2010-3865
    - LP: #709153
    - CVE-2010-3865
  * net: ax25: fix information leak to userland, CVE-2010-3875
    - LP: #710714
    - CVE-2010-3875
  * net: ax25: fix information leak to userland harder, CVE-2010-3875
    - LP: #710714
    - CVE-2010-3875
  * net: packet: fix information leak to userland, CVE-2010-3876
    - LP: #710714
    - CVE-2010-3876
  * net: tipc: fix information leak to userland, CVE-2010-3877
    - LP: #711291
    - CVE-2010-3877
  * filter: make sure filters dont read uninitialized memory, CVE-2010-4158
    - LP: #721282
    - CVE-2010-4158
  * econet: Fix crash in aun_incoming(). CVE-2010-4342
    - LP: #736394
    - CVE-2010-4342
  * sound: Prevent buffer overflow in OSS load_mixer_volumes, CVE-2010-4527
    - LP: #737073
    - CVE-2010-4527
  * irda: prevent integer underflow in IRLMP_ENUMDEVICES, CVE-2010-4529
    - LP: #737823
    - CVE-2010-4529
  * x25: Prevent crashing when parsing bad X.25 facilities, CVE-2010-4164,
    CVE-2010-3873
    - LP: #731199
    - CVE-2010-3873
  * install_special_mapping skips security_file_mmap check., CVE-2010-4346
    - LP: #731971
    - CVE-2010-4346
 -- Tim Gardner <tim.gardner@canonical.com>   Wed, 02 Feb 2011 21:45:27 +0000

Changed in linux-ti-omap4 (Ubuntu Maverick):
status:	Fix Committed → Fix Released

Brad Figg (brad-figg) on 2011-04-25

tags:

added: kernel-cve-tracking-bug

Paolo Pisati (p-pisati) on 2011-04-28

Changed in linux (Ubuntu Lucid):
status:	In Progress → Fix Released
Changed in linux (Ubuntu Maverick):
status:	In Progress → Fix Released

Paolo Pisati (p-pisati) on 2011-04-29

Changed in linux-mvl-dove (Ubuntu Lucid):
status:	New → In Progress

Revision history for this message

Launchpad Janitor (janitor) wrote on 2011-05-23:

#7

This bug was fixed in the package linux - 2.6.24-29.89

---------------
linux (2.6.24-29.89) hardy-proposed; urgency=low

[ Steve Conklin ]

* Release Tracking Bug
- LP: #768380

[Tim Gardner]

* [Config] remove generated files

[Upstream Kernel Changes]

  * econet: Fix crash in aun_incoming(). CVE-2010-4342
    - LP: #736394
    - CVE-2010-4342
  * sound: Prevent buffer overflow in OSS load_mixer_volumes, CVE-2010-4527
    - LP: #737073
    - CVE-2010-4527
  * irda: prevent integer underflow in IRLMP_ENUMDEVICES, CVE-2010-4529
    - LP: #737823
    - CVE-2010-4529
  * av7110: check for negative array offset, CVE-2011-0521
    - LP: #767526
    - CVE-2011-0521
  * xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1,
    CVE-2011-0711
    - LP: #767740
    - CVE-2011-0711
-- Steve Conklin <email address hidden> Thu, 21 Apr 2011 09:28:26 -0500

Changed in linux (Ubuntu Hardy):
status:	In Progress → Fix Released

Revision history for this message

Paolo Pisati (p-pisati) wrote on 2011-06-02:

#8

karmic is EOL

Changed in linux-fsl-imx51 (Ubuntu Dapper):
status:	New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Hardy):
status:	New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Maverick):
status:	New → Invalid
Changed in linux-fsl-imx51 (Ubuntu Karmic):
status:	New → Won't Fix
Changed in linux-fsl-imx51 (Ubuntu Lucid):
assignee:	nobody → Paolo Pisati (p-pisati)
status:	New → In Progress

Revision history for this message

Launchpad Janitor (janitor) wrote on 2011-06-29:

#9

Download full text (29.1 KiB)

This bug was fixed in the package linux-mvl-dove - 2.6.32-217.34

---------------
linux-mvl-dove (2.6.32-217.34) lucid-proposed; urgency=low

[ Herton R. Krzesinski ]

* Release Tracking Bug
- LP: #794695

[ Paolo Pisati ]

* Rebased to 2.6.32-33.66

[ Ubuntu: 2.6.32-33.66 ]

  * Release Tracking Bug
    - LP: #794098
  * Revert "xhci: Fix full speed bInterval encoding."
  * Revert "USB: xhci - fix math in xhci_get_endpoint_interval()"
  * Revert "USB: xhci - fix unsafe macro definitions"

[ Ubuntu: 2.6.32-33.65 ]

* xhci: Fix full speed bInterval encoding.
- LP: #792959

[ Ubuntu: 2.6.32-33.64 ]

   * Release Tracking Bug
     - LP: #789325
  * SAUCE: (no-up) Fix up KVM: VMX: Fix host userspace gsbase corruption
    - LP: #787675
  * SAUCE: vesafb: mtrr module parameter is uint, not bool
    - LP: #778043
  * Revert "(pre-stable): input: Support Clickpad devices in ClickZone
    mode"
    - LP: #780588
  * Revert "GFS2: Fix writing to non-page aligned gfs2_quota structures"
    - LP: #780588
  * Revert "mmc: build fix: mmc_pm_notify is only available with
    CONFIG_PM=y"
    - LP: #780588
  * Revert "mmc: fix all hangs related to mmc/sd card insert/removal during
    suspend/resume"
    - LP: #780588
  * Revert "econet: fix CVE-2010-3848"
    - LP: #780588
  * Revert "dell-laptop: Add another Dell laptop family to the DMI
    whitelist"
    - LP: #780588
  * Revert "dell-laptop: Add another Dell laptop family to the DMI
    whitelist"
    - LP: #780588
  * Revert "xen: set max_pfn_mapped to the last pfn mapped"
  * cifs: always do is_path_accessible check in cifs_mount
    - LP: #770050
  * video: sn9c102: world-wirtable sysfs files
    - LP: #770050
  * UBIFS: restrict world-writable debugfs files
    - LP: #770050
  * NET: cdc-phonet, handle empty phonet header
    - LP: #770050
  * x86: Fix a bogus unwind annotation in lib/semaphore_32.S
    - LP: #770050
  * tioca: Fix assignment from incompatible pointer warnings
    - LP: #770050
  * mca.c: Fix cast from integer to pointer warning
    - LP: #770050
  * ramfs: fix memleak on no-mmu arch
    - LP: #770050
  * MAINTAINERS: update STABLE BRANCH info
    - LP: #770050
  * UBIFS: fix oops when R/O file-system is fsync'ed
    - LP: #770050
  * x86, cpu: AMD errata checking framework
    - LP: #770050
  * x86, cpu: Clean up AMD erratum 400 workaround
    - LP: #770050
  * x86, AMD: Set ARAT feature on AMD processors
    - LP: #770050
  * x86, amd: Disable GartTlbWlkErr when BIOS forgets it
    - LP: #770050
  * USB: ftdi_sio: Added IDs for CTI USB Serial Devices
    - LP: #770050
  * USB: ftdi_sio: add PID for OCT DK201 docking station
    - LP: #770050
  * USB: ftdi_sio: add ids for Hameg HO720 and HO730
    - LP: #770050
  * USB: option: Add new ONDA vendor id and product id for ONDA MT825UP
    - LP: #770050
  * USB: option: Added support for Samsung GT-B3730/GT-B3710 LTE USB modem.
    - LP: #770050
  * next_pidmap: fix overflow condition
    - LP: #770050
  * proc: do proper range check on readdir offset
    - LP: #770050
  * USB: EHCI: unlink unused QHs when the controller is stopped
    - LP: #770050
  * USB: fix formatting of SuperSpeed endpoints in /proc/bus/u...

This bug was fixed in the package linux-mvl-dove - 2.6.32-217.34

---------------
linux-mvl-dove (2.6.32-217.34) lucid-proposed; urgency=low

[ Herton R. Krzesinski ]

* Release Tracking Bug
    - LP: #794695

[ Paolo Pisati ]

* Rebased to 2.6.32-33.66

[ Ubuntu: 2.6.32-33.66 ]

* Release Tracking Bug
    - LP: #794098
  * Revert "xhci: Fix full speed bInterval encoding."
  * Revert "USB: xhci - fix math in xhci_get_endpoint_interval()"
  * Revert "USB: xhci - fix unsafe macro definitions"

[ Ubuntu: 2.6.32-33.65 ]

* xhci: Fix full speed bInterval encoding.
    - LP: #792959

[ Ubuntu: 2.6.32-33.64 ]

* Release Tracking Bug
     - LP: #789325
  * SAUCE: (no-up) Fix up KVM: VMX: Fix host userspace gsbase corruption
    - LP: #787675
  * SAUCE: vesafb: mtrr module parameter is uint, not bool
    - LP: #778043
  * Revert "(pre-stable): input: Support Clickpad devices in ClickZone
    mode"
    - LP: #780588
  * Revert "GFS2: Fix writing to non-page aligned gfs2_quota structures"
    - LP: #780588
  * Revert "mmc: build fix: mmc_pm_notify is only available with
    CONFIG_PM=y"
    - LP: #780588
  * Revert "mmc: fix all hangs related to mmc/sd card insert/removal during
    suspend/resume"
    - LP: #780588
  * Revert "econet: fix CVE-2010-3848"
    - LP: #780588
  * Revert "dell-laptop: Add another Dell laptop family to the DMI
    whitelist"
    - LP: #780588
  * Revert "dell-laptop: Add another Dell laptop family to the DMI
    whitelist"
    - LP: #780588
  * Revert "xen: set max_pfn_mapped to the last pfn mapped"
  * cifs: always do is_path_accessible check in cifs_mount
    - LP: #770050
  * video: sn9c102: world-wirtable sysfs files
    - LP: #770050
  * UBIFS: restrict world-writable debugfs files
    - LP: #770050
  * NET: cdc-phonet, handle empty phonet header
    - LP: #770050
  * x86: Fix a bogus unwind annotation in lib/semaphore_32.S
    - LP: #770050
  * tioca: Fix assignment from incompatible pointer warnings
    - LP: #770050
  * mca.c: Fix cast from integer to pointer warning
    - LP: #770050
  * ramfs: fix memleak on no-mmu arch
    - LP: #770050
  * MAINTAINERS: update STABLE BRANCH info
    - LP: #770050
  * UBIFS: fix oops when R/O file-system is fsync'ed
    - LP: #770050
  * x86, cpu: AMD errata checking framework
    - LP: #770050
  * x86, cpu: Clean up AMD erratum 400 workaround
    - LP: #770050
  * x86, AMD: Set ARAT feature on AMD processors
    - LP: #770050
  * x86, amd: Disable GartTlbWlkErr when BIOS forgets it
    - LP: #770050
  * USB: ftdi_sio: Added IDs for CTI USB Serial Devices
    - LP: #770050
  * USB: ftdi_sio: add PID for OCT DK201 docking station
    - LP: #770050
  * USB: ftdi_sio: add ids for Hameg HO720 and HO730
    - LP: #770050
  * USB: option: Add new ONDA vendor id and product id for ONDA MT825UP
    - LP: #770050
  * USB: option: Added support for Samsung GT-B3730/GT-B3710 LTE USB modem.
    - LP: #770050
  * next_pidmap: fix overflow condition
    - LP: #770050
  * proc: do proper range check on readdir offset
    - LP: #770050
  * USB: EHCI: unlink unused QHs when the controller is stopped
    - LP: #770050
  * USB: fix formatting of SuperSpeed endpoints in /proc/bus/usb/devices
    - LP: #770050
  * USB: xhci - fix unsafe macro definitions
    - LP: #770050
  * USB: xhci - fix math in xhci_get_endpoint_interval()
    - LP: #770050
  * x86, cpu: Fix regression in AMD errata checking code
    - LP: #770050
  * Linux 2.6.32.39
    - LP: #770050
  * fs/partitions/ldm.c: fix oops caused by corrupted partition table,
    CVE-2011-1017
    - LP: #771382
    - CVE-2011-1017
  * drm/i915: set DIDL using the ACPI video output device _ADR method
    return.
    - LP: #775547
  * drm/radeon/kms: MC vram map needs to be >= pci aperture size
    - LP: #775547
  * drm/radeon/kms: make sure blit addr masks are 64 bit
    - LP: #775547
  * drm/radeon/kms: fix handling of tex lookup disable in cs checker on
    r2xx
    - LP: #775547
  * drm/i915: Free hardware status page on unload when physically mapped
    - LP: #775547
  * drm/i915/overlay: Ensure that the reg_bo is in the GTT prior to
    writing.
    - LP: #775547
  * drm/radeon/kms/atom: set sane defaults in atombios_get_encoder_mode()
    - LP: #775547
  * drm/radeon/kms: fix typos in disabled vbios code
    - LP: #775547
  * drm/radeon/kms: add workaround for dce3 ddc line vbios bug
    - LP: #775547
  * drm/radeon/kms: fix interlaced and doublescan handling
    - LP: #775547
  * drm/i915/sdvo: Always add a 30ms delay to make SDVO TV detection
    reliable
    - LP: #775547
  * drm/radeon/kms: don't apply 7xx HDP flush workaround on AGP
    - LP: #775547
  * drm/ttm: Fix two race conditions + fix busy codepaths
    - LP: #775547
  * drm/i915: overlay on gen2 can't address above 1G
    - LP: #775547
  * drm/i915: fix memory corruption with GM965 and >4GB RAM
    - LP: #775547
  * drm/radeon: add quirk to make HP nx6125 laptop resume.
    - LP: #775547
  * drm/radeon/kms: add quirk to make HP DV5000 laptop resume
    - LP: #775547
  * ath: add missing regdomain pair 0x5c mapping
    - LP: #780588
  * block, blk-sysfs: Fix an err return path in blk_register_queue()
    - LP: #780588
  * p54: Initialize extra_len in p54_tx_80211
    - LP: #780588
  * intel-iommu: Unlink domain from iommu
    - LP: #780588
  * intel-iommu: Fix get_domain_for_dev() error path
    - LP: #780588
  * NFS: nfs_wcc_update_inode() should set nfsi->attr_gencount
    - LP: #780588
  * serial/imx: read cts state only after acking cts change irq
    - LP: #780588
  * ASoC: Fix output PGA enabling in wm_hubs CODECs
    - LP: #780588
  * kconfig: Avoid buffer underrun in choice input
    - LP: #780588
  * UBIFS: fix master node recovery
    - LP: #780588
  * Remove extra struct page member from the buffer info structure
    - LP: #780588
  * dasd: correct device table
    - LP: #780588
  * iwlagn: Support new 5000 microcode.
    - LP: #780588
  * atl1c: duplicate atl1c_get_tpd
    - LP: #780588
  * udp: Fix bogus UFO packet generation
    - LP: #780588
  * slub: fix panic with DISCONTIGMEM
    - LP: #780588
  * set memory ranges in N_NORMAL_MEMORY when onlined
    - LP: #780588
  * FLEXCOP-PCI: fix __xlate_proc_name-warning for flexcop-pci
    - LP: #780588
  * m68k/mm: Set all online nodes in N_NORMAL_MEMORY
    - LP: #780588
  * nfs: don't lose MS_SYNCHRONOUS on remount of noac mount
    - LP: #780588
  * NFSv4.1: Ensure state manager thread dies on last umount
    - LP: #780588
  * agp: fix arbitrary kernel memory writes
    - LP: #780588
  * agp: fix OOM and buffer overflow
    - LP: #780588
  * Input: xen-kbdfront - fix mouse getting stuck after save/restore
    - LP: #780588
  * pmcraid: reject negative request size
    - LP: #780588
  * mpt2sas: prevent heap overflows and unchecked reads
    - LP: #780588
  * put stricter guards on queue dead checks
    - LP: #780588
  * mmc: sdhci-pci: Fix error case in sdhci_pci_probe_slot()
    - LP: #780588
  * mmc: sdhci: Check mrq->cmd in sdhci_tasklet_finish
    - LP: #780588
  * mmc: sdhci: Check mrq != NULL in sdhci_tasklet_finish
    - LP: #780588
  * USB: fix regression in usbip by setting has_tt flag
    - LP: #780588
  * af_unix: Only allow recv on connected seqpacket sockets.
    - LP: #780588
  * ARM: 6891/1: prevent heap corruption in OABI semtimedop
    - LP: #780588
  * i8k: Tell gcc that *regs gets clobbered
    - LP: #780588
  * Fix gcc 4.5.1 miscompiling drivers/char/i8k.c (again)
    - LP: #780588
  * Open with O_CREAT flag set fails to open existing files on non writable
    directories
    - LP: #780588
  * can: Add missing socket check in can/bcm release.
    - LP: #780588
  * netxen: module firmware hints
    - LP: #780588
  * bnx2x: declare MODULE_FIRMWARE
    - LP: #780588
  * cxgb3: declare MODULE_FIRMWARE
    - LP: #780588
  * myri10ge: declare MODULE_FIRMWARE
    - LP: #780588
  * netx: declare MODULE_FIRMWARE
    - LP: #780588
  * pcnet-cs: declare MODULE_FIRMWARE
    - LP: #780588
  * spider-net: declare MODULE_FIRMWARE
    - LP: #780588
  * tms380tr: declare MODULE_FIRMWARE
    - LP: #780588
  * Input: Add support of Synaptics Clickpad device
    - LP: #780588
  * Input: elantech - do not advertise relative events
    - LP: #780588
  * Input: elantech - fix firmware version check
    - LP: #780588
  * Input: elantech - allow forcing Elantech protocol
    - LP: #780588
  * Input: elantech - ignore high bits in the position coordinates
    - LP: #780588
  * Input: elantech - use all 3 bytes when checking version
    - LP: #780588
  * Input: elantech - relax signature checks
    - LP: #780588
  * Input: elantech - discard the first 2 positions on some firmwares
    - LP: #780588
  * Staging: rtl8192su: check for skb == NULL
    - LP: #780588
  * Staging: rtl8192su: Clean up in case of an error in module
    initialisation
    - LP: #780588
  * Staging: rtl8192su: Fix procfs code for interfaces not named wlan0
    - LP: #780588
  * Staging: rtl8192su: remove device ids
    - LP: #780588
  * Staging: rtl8192su: add device ids
    - LP: #780588
  * USB: retain USB device power/wakeup setting across reconfiguration
    - LP: #780588
  * USB: don't enable remote wakeup by default
    - LP: #780588
  * USB: teach "devices" file about Wireless and SuperSpeed USB
    - LP: #780588
  * GFS2: Clean up gfs2_adjust_quota() and do_glock()
    - LP: #780588
  * GFS2: Fix writing to non-page aligned gfs2_quota structures
    - LP: #780588
  * GFS2: BUG in gfs2_adjust_quota
    - LP: #780588
  * SUNRPC: fix NFS client over TCP hangs due to packet loss (Bug 16494)
    - LP: #780588
  * nfs4: Ensure that ACL pages sent over NFS were not allocated from the
    slab (v3)
    - LP: #780588
  * nfs: fix compilation warning
    - LP: #780588
  * Fix corrupted OSF partition table parsing
    - LP: #780588
  * Increase OSF partition limit from 8 to 18
    - LP: #780588
  * Please add support for Microsoft MN-120 PCMCIA network card
    - LP: #780588
  * hwmon: (applesmc) Add iMac9,1 and MacBookPro2,2 support
    - LP: #780588
  * hwmon: (applesmc) Add support for MacBook Pro 5,3 and 5,4
    - LP: #780588
  * hwmon: (applesmc) Add generic support for MacBook Pro 6
    - LP: #780588
  * hwmon: (applesmc) Add generic support for MacBook Pro 7
    - LP: #780588
  * hwmon: (applesmc) Add MacBookAir3,1(3,2) support
    - LP: #780588
  * ALSA: emux: Add trivial compat ioctl handler
    - LP: #780588
  * ALSA: powermac - Reverse HP detection on G4 DA
    - LP: #780588
  * ALSA: powermac - Lineout detection on G4 DA
    - LP: #780588
  * ALSA: hda - Add support for the new 27 inch IMacs
    - LP: #780588
  * ALSA: hda - MacBookPro 5,3 line-in support
    - LP: #780588
  * ALSA: hda - Add model=mbp55 entry for MacBookPro 7,1
    - LP: #780588
  * ALSA: hda - MacBookAir3,1(3,2) alsa support
    - LP: #780588
  * virtio_net: fix oom handling on tx
    - LP: #780588
  * mac80211: Add define for TX headroom reserved by mac80211 itself.
    - LP: #780588
  * rt2x00: Centralize setting of extra TX headroom requested by rt2x00.
    - LP: #780588
  * rt2x00: Properly request tx headroom for alignment operations.
    - LP: #780588
  * rt2x00: use correct headroom for transmission
    - LP: #780588
  * Bluetooth: Add support Bluetooth controller of MacbookPro 6,2
    - LP: #780588
  * Bluetooth: Add support Bluetooth controller of MacbookPro 7,1
    - LP: #780588
  * Bluetooth: Add MacBookAir3,1(2) support
    - LP: #780588
  * perf tools: Display better error messages on missing packages
    - LP: #780588
  * perf tools: Add 'make DEBUG=1' to remove the -O6 cflag
    - LP: #780588
  * perf tools: Test -fstack-protector-all compiler option for inclusion in
    CFLAGS
    - LP: #780588
  * perf tools: Support static build
    - LP: #780588
  * perf tools: Add V=2 option to help debug config issues
    - LP: #780588
  * perf tools: Suggest static libraries as well
    - LP: #780588
  * perf: Use default compiler mode by default
    - LP: #780588
  * perf tools: Move QUIET_STDERR def to before first use
    - LP: #780588
  * perf tools: Check if /dev/null can be used as the -o gcc argument
    - LP: #780588
  * perf symbols: allow forcing use of cplus_demangle
    - LP: #780588
  * V4L/DVB: Add Elgato EyeTV Diversity to dibcom driver
    - LP: #780588
  * mmc: fix all hangs related to mmc/sd card insert/removal during
    suspend/resume
    - LP: #780588
  * mmc: build fix: mmc_pm_notify is only available with CONFIG_PM=y
    - LP: #780588
  * b43: Fix warning at drivers/mmc/core/core.c:237 in mmc_wait_for_cmd
    - LP: #780588
  * econet: Fix redeclaration of symbol len
    - LP: #780588
  * econet: fix CVE-2010-3848
    - LP: #780588
  * dell-laptop: Add another Dell laptop to the DMI whitelist
    - LP: #780588
  * dell-laptop: Add another Dell laptop family to the DMI whitelist
    - LP: #780588
  * scsi_dh_emc: fix mode select request setup
    - LP: #780588
  * scsi_dh_emc: request flag cleanup
    - LP: #780588
  * cifs: fix another memleak, in cifs_root_iget
    - LP: #780588
  * e1000e: Reset 82577/82578 PHY before first PHY register read
    - LP: #780588
  * e1000: fix Tx hangs by disabling 64-bit DMA
    - LP: #780588
  * btrfs: Require CAP_SYS_ADMIN for filesystem rebalance
    - LP: #780588
  * af_unix: limit recursion level
    - LP: #780588
  * init, sched: Fix race between init and kthreadd
    - LP: #780588
  * backlight: MacBookAir3,1(3,2) mbp-nvidia-bl support
    - LP: #780588
  * bonding: Ensure that we unshare skbs prior to calling pskb_may_pull
    - LP: #780588
  * HID: add MacBookAir 3,1 and 3,2 support
    - LP: #780588
  * intel-iommu: Force-disable IOMMU for iGFX on broken Cantiga revisions.
    - LP: #780588
  * ipg: Remove device claimed by dl2k from pci id table
    - LP: #780588
  * ipv6: Silence privacy extensions initialization
    - LP: #780588
  * l2tp: Fix UDP socket reference count bugs in the pppol2tp driver
    - LP: #780588
  * MIPS: DMA: Fix computation of DMA flags from device's
    coherent_dma_mask.
    - LP: #780588
  * mpt2sas: fix the incorrect scsi_dma_map error checking
    - LP: #780588
  * Phonet: device notifier only runs on initial namespace
    - LP: #780588
  * powerpc/boot/dts: Install dts from the right directory
    - LP: #780588
  * rt2500usb: fallback to SW encryption for TKIP+AES
    - LP: #780588
  * sata_via: Delay on vt6420 when starting ATAPI DMA write
    - LP: #780588
  * tehuti: Firmware filename is tehuti/bdx.bin
    - LP: #780588
  * wireless: b43: fix error path in SDIO
    - LP: #780588
  * libata: set queue DMA alignment to sector size for ATAPI too
    - LP: #780588
  * usb: musb: core: set has_tt flag
    - LP: #780588
  * iwlwifi: fix skb usage after free
    - LP: #780588
  * can: add missing socket check in can/raw release
    - LP: #780588
  * fix oops in scsi_run_queue()
    - LP: #780588
  * Linux 2.6.32.40
    - LP: #780588
  * PCI: allow matching of prefetchable resources to non-prefetchable
    windows
    - LP: #424142
  * cifs: check for bytes_remaining going to zero in CIFS_SessSetup
    - LP: #788602
  * Validate size of EFI GUID partition entries.
    - LP: #788602
  * dccp: handle invalid feature options length
    - LP: #788602
  * CIFS: Fix memory over bound bug in cifs_parse_mount_options
    - LP: #788602
  * Fix time() inconsistencies caused by intermediate xtime_cache values
    being read
    - LP: #788602
  * ehea: fix wrongly reported speed and port
    - LP: #788602
  * NET: slip, fix ldisc->open retval
    - LP: #788602
  * ne-h8300: Fix regression caused during net_device_ops conversion
    - LP: #788602
  * hydra: Fix regression caused during net_device_ops conversion
    - LP: #788602
  * libertas: fix cmdpendingq locking
    - LP: #788602
  * zorro8390: Fix regression caused during net_device_ops conversion
    - LP: #788602
  * cifs: add fallback in is_path_accessible for old servers
    - LP: #788602
  * x86, AMD: Fix ARAT feature setting again
    - LP: #788602
  * clocksource: Install completely before selecting
    - LP: #788602
  * tick: Clear broadcast active bit when switching to oneshot
    - LP: #788602
  * x86, apic: Fix spurious error interrupts triggering on all non-boot APs
    - LP: #788602
  * x86, mce, AMD: Fix leaving freed data in a list
    - LP: #788602
  * megaraid_sas: Sanity check user supplied length before passing it to
    dma_alloc_coherent()
    - LP: #788602
  * vmxnet3: Fix inconsistent LRO state after initialization
    - LP: #788602
  * netxen: Remove references to unified firmware file
    - LP: #788602
  * Linux 2.6.32.41
    - LP: #788602
  * drm/radeon/kms: fix bad shift in atom iio table parser
    - LP: #788602
  * Linux 2.6.32.41+drm33.18
    - LP: #788602

[ Ubuntu: 2.6.32-32.62 ]

* Release Tracking Bug
    - LP: #767370
  * (config) Disable CONFIG_NET_NS
    - LP: #720095
  * Revert "drm/radeon/kms: Fix retrying ttm_bo_init() after it failed
    once."
    - LP: #736234
  * Revert "drm/radeon: fall back to GTT if bo creation/validation in VRAM
    fails."
    - LP: #736234
  * x86: pvclock: Move scale_delta into common header
  * KVM: x86: Fix a possible backwards warp of kvmclock
  * KVM: x86: Fix kvmclock bug
  * cpuset: add a missing unlock in cpuset_write_resmask()
    - LP: #736234
  * keyboard: integer underflow bug
    - LP: #736234
  * RxRPC: Fix v1 keys
    - LP: #736234
  * ixgbe: fix for 82599 erratum on Header Splitting
    - LP: #736234
  * mm: fix possible cause of a page_mapped BUG
    - LP: #736234
  * powerpc/kdump: CPUs assume the context of the oopsing CPU
    - LP: #736234
  * powerpc/kdump: Use chip->shutdown to disable IRQs
    - LP: #736234
  * powerpc: Use more accurate limit for first segment memory allocations
    - LP: #736234
  * powerpc/pseries: Add hcall to read 4 ptes at a time in real mode
    - LP: #736234
  * powerpc/kexec: Speedup kexec hash PTE tear down
    - LP: #736234
  * powerpc/crashdump: Do not fail on NULL pointer dereferencing
    - LP: #736234
  * powerpc/kexec: Fix orphaned offline CPUs across kexec
    - LP: #736234
  * netfilter: nf_log: avoid oops in (un)bind with invalid nfproto values
    - LP: #736234
  * nfsd: wrong index used in inner loop
    - LP: #736234
  * r8169: use RxFIFO overflow workaround for 8168c chipset.
    - LP: #736234
  * Staging: comedi: jr3_pci: Don't ioremap too much space. Check result.
    - LP: #736234
  * net: don't allow CAP_NET_ADMIN to load non-netdev kernel modules,
    CVE-2011-1019
    - LP: #736234
    - CVE-2011-1019
  * ip6ip6: autoload ip6 tunnel
    - LP: #736234
  * Linux 2.6.32.33
    - LP: #736234
  * drm/radeon: fall back to GTT if bo creation/validation in VRAM fails.
    - LP: #652934, #736234
  * drm/radeon/kms: Fix retrying ttm_bo_init() after it failed once.
    - LP: #652934, #736234
  * drm: fix unsigned vs signed comparison issue in modeset ctl ioctl,
    CVE-2011-1013
    - LP: #736234
    - CVE-2011-1013
  * Linux 2.6.32.33+drm33.15
    - LP: #736234
  * econet: Fix crash in aun_incoming(). CVE-2010-4342
    - LP: #736394
    - CVE-2010-4342
  * igb: only use vlan_gro_receive if vlans are registered, CVE-2010-4263
    - LP: #737024
    - CVE-2010-4263
  * irda: prevent integer underflow in IRLMP_ENUMDEVICES, CVE-2010-4529
    - LP: #737823
    - CVE-2010-4529
  * hwmon/f71882fg: Set platform drvdata to NULL later
    - LP: #742056
  * mtd: add "platform:" prefix for platform modalias
    - LP: #742056
  * libata: no special completion processing for EH commands
    - LP: #742056
  * MIPS: MTX-1: Make au1000_eth probe all PHY addresses
    - LP: #742056
  * x86/mm: Handle mm_fault_error() in kernel space
    - LP: #742056
  * ftrace: Fix memory leak with function graph and cpu hotplug
    - LP: #742056
  * x86: Fix panic when handling "mem={invalid}" param
    - LP: #553464, #742056
  * x86: Emit "mem=nopentium ignored" warning when not supported
    - LP: #553464, #742056
  * ahci: AHCI and RAID mode SATA patch for Intel Patsburg DeviceIDs
    - LP: #742056
  * ahci: AHCI mode SATA patch for Intel DH89xxCC DeviceIDs
    - LP: #742056
  * ahci: AHCI mode SATA patch for Intel Patsburg SATA RAID controller
    - LP: #742056
  * RDMA/cma: Fix crash in request handlers
    - LP: #742056
  * IB/cm: Bump reference count on cm_id before invoking callback
    - LP: #742056
  * ath9k_hw: Fix incorrect macversion and macrev checks
    - LP: #742056
  * USB: serial/kobil_sct, fix potential tty NULL dereference
    - LP: #742056
  * USB: serial: ch341: add new id
    - LP: #742056
  * xhci: Fix cycle bit calculation during stall handling.
    - LP: #742056
  * ALSA: hda - fix digital mic selection in mixer on 92HD8X codecs
    - LP: #742056
  * PCI: remove quirk for pre-production systems
    - LP: #742056
  * PCI: add more checking to ICH region quirks
    - LP: #742056
  * PCI: do not create quirk I/O regions below PCIBIOS_MIN_IO for ICH
    - LP: #742056
  * PCI: sysfs: Fix failure path for addition of "vpd" attribute
    - LP: #742056
  * ALSA: ctxfi - Fix incorrect SPDIF status bit mask
    - LP: #742056
  * ALSA: ctxfi - Fix SPDIF status retrieval
    - LP: #742056
  * ALSA: ctxfi - Clear input settings before initialization
    - LP: #742056
  * SUNRPC: Ensure we always run the tk_callback before tk_action
    - LP: #742056
  * perf, powerpc: Handle events that raise an exception without
    overflowing
    - LP: #742056
  * ext3: Always set dx_node's fake_dirent explicitly.
    - LP: #742056
  * call_function_many: fix list delete vs add race
    - LP: #742056
  * call_function_many: add missing ordering
    - LP: #742056
  * x86: Flush TLB if PGD entry is changed in i386 PAE mode
    - LP: #742056
  * isdn: avoid calling tty_ldisc_flush() in atomic context
    - LP: #742056
  * smp_call_function_many: handle concurrent clearing of mask
    - LP: #742056
  * fix per-cpu flag problem in the cpu affinity checkers
    - LP: #742056
  * i2c: Fix typo in instantiating-devices document
    - LP: #742056
  * mmc: sdio: remember new card RCA when redetecting card
    - LP: #742056
  * powerpc/kexec: Fix race in kexec shutdown
    - LP: #742056
  * powerpc/kdump: Fix race in kdump shutdown
    - LP: #742056
  * powerpc: rtas_flash needs to use rtas_data_buf
    - LP: #742056
  * x86, binutils, xen: Fix another wrong size directive
    - LP: #742056
  * hwmon: (sht15) Fix integer overflow in humidity calculation
    - LP: #742056
  * Linux 2.6.32.34
    - LP: #742056
  * Linux 2.6.32.35
    - LP: #742056
  * aio: wake all waiters when destroying ctx
    - LP: #744921
  * shmem: let shared anonymous be nonlinear again
    - LP: #744921
  * PCI hotplug: acpiphp: set current_state to D0 in register_slot
    - LP: #744921
  * xen: set max_pfn_mapped to the last pfn mapped
    - LP: #744921
  * PCI: return correct value when writing to the "reset" attribute
    - LP: #744921
  * Prevent rt_sigqueueinfo and rt_tgsigqueueinfo from spoofing the signal
    code
    - LP: #744921
  * ext3: skip orphan cleanup on rocompat fs
    - LP: #744921
  * procfs: fix /proc/<pid>/maps heap check
    - LP: #744921
  * proc: protect mm start_code/end_code in /proc/pid/stat, CVE-2011-0726
    - LP: #744921
    - CVE-2011-0726
  * fbcon: Bugfix soft cursor detection in Tile Blitting
    - LP: #744921
  * nfsd41: modify the members value of nfsd4_op_flags
    - LP: #744921
  * nfsd: wrong index used in inner loop
    - LP: #744921
  * uvcvideo: Fix uvc_fixup_video_ctrl() format search
    - LP: #744921
  * ehci-hcd: Bug fix: don't set a QH's Halt bit
    - LP: #744921
  * USB: uss720 fixup refcount position
    - LP: #744921
  * USB: cdc-acm: fix memory corruption / panic
    - LP: #744921
  * USB: cdc-acm: fix potential null-pointer dereference
    - LP: #744921
  * USB: cdc-acm: fix potential null-pointer dereference on disconnect
    - LP: #744921
  * Input: xen-kbdfront - advertise either absolute or relative coordinates
    - LP: #744921
  * SUNRPC: Never reuse the socket port after an xs_close()
    - LP: #744921
  * fs: call security_d_instantiate in d_obtain_alias V2
    - LP: #744921
  * dcdbas: force SMI to happen when expected
    - LP: #744921
  * Linux 2.6.32.36
    - LP: #744921
  * drm/radeon/kms: check AA resolve registers on r300, CVE-2011-1016
    - LP: #745686
    - CVE-2011-1016
  * drm/radeon: fix regression with AA resolve checking, CVE-2011-1016
    - LP: #745686
    - CVE-2011-1016
  * xen: events: do not unmask event channels on resume
    - LP: #681083
  * drm/radeon/kms: check AA resolve registers on r300
    - LP: #754584
  * drm/radeon: fix regression with AA resolve checking
    - LP: #754584
  * Linux 2.6.32.36+drm33.16
    - LP: #754584
  * ALSA: hda - Fix SPDIF out regression on ALC889
    - LP: #764685
  * ALSA: Fix yet another race in disconnection
    - LP: #764685
  * perf: Better fit max unprivileged mlock pages for tools needs
    - LP: #764685
  * myri10ge: fix rmmod crash
    - LP: #764685
  * cciss: fix lost command issue
    - LP: #764685
  * sound/oss/opl3: validate voice and channel indexes
    - LP: #764685
  * mac80211: initialize sta->last_rx in sta_info_alloc
    - LP: #764685
  * ses: show devices for enclosures with no page 7
    - LP: #764685
  * ses: Avoid kernel panic when lun 0 is not mapped
    - LP: #764685
  * eCryptfs: Unlock page in write_begin error path
    - LP: #764685
  * eCryptfs: ecryptfs_keyring_auth_tok_for_sig() bug fix
    - LP: #764685
  * staging: usbip: bugfixes related to kthread conversion
    - LP: #764685
  * staging: usbip: bugfix add number of packets for isochronous frames
    - LP: #764685
  * staging: usbip: bugfix for isochronous packets and optimization
    - LP: #764685
  * staging: hv: Fix GARP not sent after Quick Migration
    - LP: #764685
  * staging: hv: use sync_bitops when interacting with the hypervisor
    - LP: #764685
  * Relax si_code check in rt_sigqueueinfo and rt_tgsigqueueinfo
    - LP: #764685
  * xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1
    - LP: #764685
  * irda: validate peer name and attribute lengths
    - LP: #764685
  * irda: prevent heap corruption on invalid nickname
    - LP: #764685
  * nilfs2: fix data loss in mmap page write for hole blocks
    - LP: #764685
  * ASoC: Explicitly say registerless widgets have no register
    - LP: #764685
  * ALSA: ens1371: fix Creative Ectiva support
    - LP: #764685
  * ROSE: prevent heap corruption with bad facilities
    - LP: #764685
  * Btrfs: Fix uninitialized root flags for subvolumes
    - LP: #764685
  * x86, mtrr, pat: Fix one cpu getting out of sync during resume
    - LP: #764685
  * ath9k: fix a chip wakeup related crash in ath9k_start
    - LP: #764685
  * UBIFS: do not read flash unnecessarily
    - LP: #764685
  * UBIFS: fix oops on error path in read_pnode
    - LP: #764685
  * UBIFS: fix debugging failure in dbg_check_space_info
    - LP: #764685
  * quota: Don't write quota info in dquot_commit()
    - LP: #764685
  * mm: avoid wrapping vm_pgoff in mremap()
    - LP: #764685
  * p54usb: IDs for two new devices
    - LP: #764685
  * b43: allocate receive buffers big enough for max frame len + offset
    - LP: #764685
  * Bluetooth: sco: fix information leak to userspace
    - LP: #764685
  * bridge: netfilter: fix information leak
    - LP: #764685
  * Bluetooth: bnep: fix buffer overflow
    - LP: #764685
  * Bluetooth: add support for Apple MacBook Pro 8,2
    - LP: #764685
  * Treat writes as new when holes span across page boundaries
    - LP: #764685
  * char/tpm: Fix unitialized usage of data buffer
    - LP: #764685
  * netfilter: ip_tables: fix infoleak to userspace
    - LP: #764685
  * netfilter: arp_tables: fix infoleak to userspace
    - LP: #764685
  * netfilter: ipt_CLUSTERIP: fix buffer overflow
    - LP: #764685
  * ipv6: netfilter: ip6_tables: fix infoleak to userspace
    - LP: #764685
  * mfd: ab3100: world-writable debugfs *_priv files
    - LP: #764685
  * drivers/rtc/rtc-ds1511.c: world-writable sysfs nvram file
    - LP: #764685
  * drivers/misc/ep93xx_pwm.c: world-writable sysfs files
    - LP: #764685
  * econet: 4 byte infoleak to the network
    - LP: #764685
  * sound/oss: remove offset from load_patch callbacks
    - LP: #764685
  * sound: oss: midi_synth: check get_user() return value
    - LP: #764685
  * repair gdbstub to match the gdbserial protocol specification
    - LP: #764685
  * gro: Reset dev pointer on reuse
    - LP: #764685
  * gro: reset skb_iif on reuse
    - LP: #764685
  * x86, amd-ucode: Remove needless log messages
    - LP: #764685
  * x86, microcode, AMD: Extend ucode size verification
    - LP: #764685
  * powerpc/kexec: Add ifdef CONFIG_PPC_STD_MMU_64 to PPC64 code
    - LP: #764685
  * powerpc: Fix default_machine_crash_shutdown #ifdef botch
    - LP: #764685
  * Squashfs: handle corruption of directory structure
    - LP: #764685
  * sctp: fix to calc the INIT/INIT-ACK chunk length correctly is set
    - LP: #764685
  * atm/solos-pci: Don't include frame pseudo-header on transmit hex-dump
    - LP: #764685
  * ext4: fix credits computing for indirect mapped files
    - LP: #764685
  * nfsd: fix auth_domain reference leak on nlm operations
    - LP: #764685
  * CAN: Use inode instead of kernel address for /proc file
    - LP: #764685
  * exec: make argv/envp memory visible to oom-killer
    - LP: #764685
  * exec: copy-and-paste the fixes into compat_do_execve() paths
    - LP: #764685
  * xfs: zero proper structure size for geometry calls
    - LP: #764685
  * Linux 2.6.32.37
    - LP: #764685
  * Linux 2.6.32.38
    - LP: #764685

[ Ubuntu: 2.6.32-31.61 ]

* Release Tracking Bug
    - LP: #754842
  * x86, quirk: Fix SB600 revision check
    - LP: #742056
 -- Herton Ronaldo Krzesinski <herton.krzesinski@canonical.com>   Wed, 08 Jun 2011 15:37:30 -0300

Changed in linux-mvl-dove (Ubuntu Lucid):
status:	In Progress → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2011-07-05:

#10

Download full text (4.2 KiB)

This bug was fixed in the package linux-fsl-imx51 - 2.6.31-609.26

---------------
linux-fsl-imx51 (2.6.31-609.26) lucid; urgency=low

[ Paolo Pisati ]

  * Tracking bug
    - LP: #795219
  * [Config] Disable parport_pc on fsl-imx51
    - LP: #601226

[ Upstream Kernel Changes ]

  * ALSA: sound/pci/rme9652: prevent reading uninitialized stack memory
    - LP: #712723, #712737
  * can-bcm: fix minor heap overflow
    - LP: #710680
  * drivers/video/via/ioctl.c: prevent reading uninitialized stack memory
    - LP: #712744
  * gdth: integer overflow in ioctl
    - LP: #711797
  * inet_diag: Make sure we actually run the same bytecode we audited, CVE-2010-3880
    - LP: #711865
    - CVE-2010-3880
  * net: fix rds_iovec page count overflow, CVE-2010-3865
    - LP: #709153
    - CVE-2010-3865
  * net: packet: fix information leak to userland, CVE-2010-3876
    - LP: #711045
    - CVE-2010-3876
  * net: tipc: fix information leak to userland, CVE-2010-3877
    - LP: #711291
    - CVE-2010-3877
  * net: Truncate recvfrom and sendto length to INT_MAX.
    - LP: #708839
  * posix-cpu-timers: workaround to suppress the problems with mt exec
    - LP: #712609
  * sys_semctl: fix kernel stack leakage
    - LP: #712749
  * x25: Patch to fix bug 15678 - x25 accesses fields beyond end of packet.
    - LP: #709372
  * memory corruption in X.25 facilities parsing
    - LP: #709372
  * net: ax25: fix information leak to userland, CVE-2010-3875
    - LP: #710714
    - CVE-2010-3875
  * net: ax25: fix information leak to userland harder, CVE-2010-3875
    - LP: #710714
    - CVE-2010-3875
  * fs/partitions/ldm.c: fix oops caused by corrupted partition table, CVE-2011-1017
    - LP: #771382
    - CVE-2011-1017
  * net: clear heap allocations for privileged ethtool actions
    - LP: #771445
  * Prevent rt_sigqueueinfo and rt_tgsigqueueinfo from spoofing the signal code
    - LP: #772543
  * Relax si_code check in rt_sigqueueinfo and rt_tgsigqueueinfo
    - LP: #772543
  * exec: make argv/envp memory visible to oom-killer
    - LP: #768408
  * next_pidmap: fix overflow condition
    - LP: #784727
  * proc: do proper range check on readdir offset
    - LP: #784727
  * mpt2sas: prevent heap overflows and unchecked reads
    - LP: #787145
  * agp: fix arbitrary kernel memory writes
    - LP: #788684
  * can: add missing socket check in can/raw release
    - LP: #788694
  * agp: fix OOM and buffer overflow
    - LP: #788700
  * do_exit(): make sure that we run with get_fs() == USER_DS - CVE-2010-4258
    - LP: #723945
    - CVE-2010-4258
  * x25: Prevent crashing when parsing bad X.25 facilities - CVE-2010-4164
    - LP: #731199
    - CVE-2010-4164
  * install_special_mapping skips security_file_mmap check - CVE-2010-4346
    - LP: #731971
    - CVE-2010-4346
  * econet: Fix crash in aun_incoming() - CVE-2010-4342
    - LP: #736394
    - CVE-2010-4342
  * sound: Prevent buffer overflow in OSS load_mixer_volumes - CVE-2010-4527
    - LP: #737073
    - CVE-2010-4527
  * irda: prevent integer underflow in IRLMP_ENUMDEVICES, CVE-2010-4529
    - LP: #737823
    - CVE-2010-4529
  * CAN: Use inode instead of kernel address for /proc file - CVE-2010-4565
    - LP: #765007...

This bug was fixed in the package linux-fsl-imx51 - 2.6.31-609.26

---------------
linux-fsl-imx51 (2.6.31-609.26) lucid; urgency=low

[ Paolo Pisati ]

* Tracking bug
    - LP: #795219
  * [Config] Disable parport_pc on fsl-imx51
    - LP: #601226

[ Upstream Kernel Changes ]

* ALSA: sound/pci/rme9652: prevent reading uninitialized stack memory
    - LP: #712723, #712737
  * can-bcm: fix minor heap overflow
    - LP: #710680
  * drivers/video/via/ioctl.c: prevent reading uninitialized stack memory
    - LP: #712744
  * gdth: integer overflow in ioctl
    - LP: #711797
  * inet_diag: Make sure we actually run the same bytecode we audited, CVE-2010-3880
    - LP: #711865
    - CVE-2010-3880
  * net: fix rds_iovec page count overflow, CVE-2010-3865
    - LP: #709153
    - CVE-2010-3865
  * net: packet: fix information leak to userland, CVE-2010-3876
    - LP: #711045
    - CVE-2010-3876
  * net: tipc: fix information leak to userland, CVE-2010-3877
    - LP: #711291
    - CVE-2010-3877
  * net: Truncate recvfrom and sendto length to INT_MAX.
    - LP: #708839
  * posix-cpu-timers: workaround to suppress the problems with mt exec
    - LP: #712609
  * sys_semctl: fix kernel stack leakage
    - LP: #712749
  * x25: Patch to fix bug 15678 - x25 accesses fields beyond end of packet.
    - LP: #709372
  * memory corruption in X.25 facilities parsing
    - LP: #709372
  * net: ax25: fix information leak to userland, CVE-2010-3875
    - LP: #710714
    - CVE-2010-3875
  * net: ax25: fix information leak to userland harder, CVE-2010-3875
    - LP: #710714
    - CVE-2010-3875
  * fs/partitions/ldm.c: fix oops caused by corrupted partition table, CVE-2011-1017
    - LP: #771382
    - CVE-2011-1017
  * net: clear heap allocations for privileged ethtool actions
    - LP: #771445
  * Prevent rt_sigqueueinfo and rt_tgsigqueueinfo from spoofing the signal code
    - LP: #772543
  * Relax si_code check in rt_sigqueueinfo and rt_tgsigqueueinfo
    - LP: #772543
  * exec: make argv/envp memory visible to oom-killer
    - LP: #768408
  * next_pidmap: fix overflow condition
    - LP: #784727
  * proc: do proper range check on readdir offset
    - LP: #784727
  * mpt2sas: prevent heap overflows and unchecked reads
    - LP: #787145
  * agp: fix arbitrary kernel memory writes
    - LP: #788684
  * can: add missing socket check in can/raw release
    - LP: #788694
  * agp: fix OOM and buffer overflow
    - LP: #788700
  * do_exit(): make sure that we run with get_fs() == USER_DS - CVE-2010-4258
    - LP: #723945
    - CVE-2010-4258
  * x25: Prevent crashing when parsing bad X.25 facilities - CVE-2010-4164
    - LP: #731199
    - CVE-2010-4164
  * install_special_mapping skips security_file_mmap check - CVE-2010-4346
    - LP: #731971
    - CVE-2010-4346
  * econet: Fix crash in aun_incoming() - CVE-2010-4342
    - LP: #736394
    - CVE-2010-4342
  * sound: Prevent buffer overflow in OSS load_mixer_volumes - CVE-2010-4527
    - LP: #737073
    - CVE-2010-4527
  * irda: prevent integer underflow in IRLMP_ENUMDEVICES, CVE-2010-4529
    - LP: #737823
    - CVE-2010-4529
  * CAN: Use inode instead of kernel address for /proc file - CVE-2010-4565
    - LP: #765007
    - CVE-2010-4565
  * av7110: check for negative array offset - CVE-2011-0521
    - LP: #767526
    - CVE-2011-0521
  * xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1 - CVE-2011-0711
    - LP: #767740
    - CVE-2011-0711
  * xfs: zero proper structure size for geometry calls - CVE-2011-0711
    - LP: #767740
    - CVE-2011-0711
  * ALSA: caiaq - Fix possible string-buffer overflow - CVE-2011-0712
    - LP: #768448
    - CVE-2011-0712
  * RDMA/cma: Fix crash in request handlers - CVE-2011-0695
    - LP: #770369
    - CVE-2011-0695
  * IB/cm: Bump reference count on cm_id before invoking callback - CVE-2011-0695
    - LP: #770369
    - CVE-2011-0695
  * Treat writes as new when holes span across page boundaries - CVE-2011-0463
    - LP: #770483
    - CVE-2011-0463
  * usb: iowarrior: don't trust report_size for buffer size - CVE-2010-4656
    - LP: #771484
    - CVE-2010-4656
  * tty: icount changeover for other main devices, CVE-2010-4076, CVE-2010-4077
    - LP: #720189
    - CVE-2010-4077
 -- Paolo Pisati <paolo.pisati@canonical.com>   Fri, 27 May 2011 18:09:53 +0200

Changed in linux-fsl-imx51 (Ubuntu Lucid):
status:	In Progress → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2011-07-13:

#11

Download full text (29.1 KiB)

This bug was fixed in the package linux-mvl-dove - 2.6.32-417.34

---------------
linux-mvl-dove (2.6.32-417.34) maverick-proposed; urgency=low

[ Herton R. Krzesinski ]

* Release Tracking Bug
- LP: #795153

[ Paolo Pisati ]

* Rebased to 2.6.32-33.66

[ Ubuntu: 2.6.32-33.66 ]

  * Release Tracking Bug
    - LP: #794098
  * Revert "xhci: Fix full speed bInterval encoding."
  * Revert "USB: xhci - fix math in xhci_get_endpoint_interval()"
  * Revert "USB: xhci - fix unsafe macro definitions"

[ Ubuntu: 2.6.32-33.65 ]

* xhci: Fix full speed bInterval encoding.
- LP: #792959

[ Ubuntu: 2.6.32-33.64 ]

   * Release Tracking Bug
     - LP: #789325
  * SAUCE: (no-up) Fix up KVM: VMX: Fix host userspace gsbase corruption
    - LP: #787675
  * SAUCE: vesafb: mtrr module parameter is uint, not bool
    - LP: #778043
  * Revert "(pre-stable): input: Support Clickpad devices in ClickZone
    mode"
    - LP: #780588
  * Revert "GFS2: Fix writing to non-page aligned gfs2_quota structures"
    - LP: #780588
  * Revert "mmc: build fix: mmc_pm_notify is only available with
    CONFIG_PM=y"
    - LP: #780588
  * Revert "mmc: fix all hangs related to mmc/sd card insert/removal during
    suspend/resume"
    - LP: #780588
  * Revert "econet: fix CVE-2010-3848"
    - LP: #780588
  * Revert "dell-laptop: Add another Dell laptop family to the DMI
    whitelist"
    - LP: #780588
  * Revert "dell-laptop: Add another Dell laptop family to the DMI
    whitelist"
    - LP: #780588
  * Revert "xen: set max_pfn_mapped to the last pfn mapped"
  * cifs: always do is_path_accessible check in cifs_mount
    - LP: #770050
  * video: sn9c102: world-wirtable sysfs files
    - LP: #770050
  * UBIFS: restrict world-writable debugfs files
    - LP: #770050
  * NET: cdc-phonet, handle empty phonet header
    - LP: #770050
  * x86: Fix a bogus unwind annotation in lib/semaphore_32.S
    - LP: #770050
  * tioca: Fix assignment from incompatible pointer warnings
    - LP: #770050
  * mca.c: Fix cast from integer to pointer warning
    - LP: #770050
  * ramfs: fix memleak on no-mmu arch
    - LP: #770050
  * MAINTAINERS: update STABLE BRANCH info
    - LP: #770050
  * UBIFS: fix oops when R/O file-system is fsync'ed
    - LP: #770050
  * x86, cpu: AMD errata checking framework
    - LP: #770050
  * x86, cpu: Clean up AMD erratum 400 workaround
    - LP: #770050
  * x86, AMD: Set ARAT feature on AMD processors
    - LP: #770050
  * x86, amd: Disable GartTlbWlkErr when BIOS forgets it
    - LP: #770050
  * USB: ftdi_sio: Added IDs for CTI USB Serial Devices
    - LP: #770050
  * USB: ftdi_sio: add PID for OCT DK201 docking station
    - LP: #770050
  * USB: ftdi_sio: add ids for Hameg HO720 and HO730
    - LP: #770050
  * USB: option: Add new ONDA vendor id and product id for ONDA MT825UP
    - LP: #770050
  * USB: option: Added support for Samsung GT-B3730/GT-B3710 LTE USB modem.
    - LP: #770050
  * next_pidmap: fix overflow condition
    - LP: #770050
  * proc: do proper range check on readdir offset
    - LP: #770050
  * USB: EHCI: unlink unused QHs when the controller is stopped
    - LP: #770050
  * USB: fix formatting of SuperSpeed endpoints in /proc/bu...

This bug was fixed in the package linux-mvl-dove - 2.6.32-417.34

---------------
linux-mvl-dove (2.6.32-417.34) maverick-proposed; urgency=low

[ Herton R. Krzesinski ]

* Release Tracking Bug
    - LP: #795153

[ Paolo Pisati ]

* Rebased to 2.6.32-33.66

[ Ubuntu: 2.6.32-33.66 ]

* Release Tracking Bug
    - LP: #794098
  * Revert "xhci: Fix full speed bInterval encoding."
  * Revert "USB: xhci - fix math in xhci_get_endpoint_interval()"
  * Revert "USB: xhci - fix unsafe macro definitions"

[ Ubuntu: 2.6.32-33.65 ]

* xhci: Fix full speed bInterval encoding.
    - LP: #792959

[ Ubuntu: 2.6.32-33.64 ]

* Release Tracking Bug
     - LP: #789325
  * SAUCE: (no-up) Fix up KVM: VMX: Fix host userspace gsbase corruption
    - LP: #787675
  * SAUCE: vesafb: mtrr module parameter is uint, not bool
    - LP: #778043
  * Revert "(pre-stable): input: Support Clickpad devices in ClickZone
    mode"
    - LP: #780588
  * Revert "GFS2: Fix writing to non-page aligned gfs2_quota structures"
    - LP: #780588
  * Revert "mmc: build fix: mmc_pm_notify is only available with
    CONFIG_PM=y"
    - LP: #780588
  * Revert "mmc: fix all hangs related to mmc/sd card insert/removal during
    suspend/resume"
    - LP: #780588
  * Revert "econet: fix CVE-2010-3848"
    - LP: #780588
  * Revert "dell-laptop: Add another Dell laptop family to the DMI
    whitelist"
    - LP: #780588
  * Revert "dell-laptop: Add another Dell laptop family to the DMI
    whitelist"
    - LP: #780588
  * Revert "xen: set max_pfn_mapped to the last pfn mapped"
  * cifs: always do is_path_accessible check in cifs_mount
    - LP: #770050
  * video: sn9c102: world-wirtable sysfs files
    - LP: #770050
  * UBIFS: restrict world-writable debugfs files
    - LP: #770050
  * NET: cdc-phonet, handle empty phonet header
    - LP: #770050
  * x86: Fix a bogus unwind annotation in lib/semaphore_32.S
    - LP: #770050
  * tioca: Fix assignment from incompatible pointer warnings
    - LP: #770050
  * mca.c: Fix cast from integer to pointer warning
    - LP: #770050
  * ramfs: fix memleak on no-mmu arch
    - LP: #770050
  * MAINTAINERS: update STABLE BRANCH info
    - LP: #770050
  * UBIFS: fix oops when R/O file-system is fsync'ed
    - LP: #770050
  * x86, cpu: AMD errata checking framework
    - LP: #770050
  * x86, cpu: Clean up AMD erratum 400 workaround
    - LP: #770050
  * x86, AMD: Set ARAT feature on AMD processors
    - LP: #770050
  * x86, amd: Disable GartTlbWlkErr when BIOS forgets it
    - LP: #770050
  * USB: ftdi_sio: Added IDs for CTI USB Serial Devices
    - LP: #770050
  * USB: ftdi_sio: add PID for OCT DK201 docking station
    - LP: #770050
  * USB: ftdi_sio: add ids for Hameg HO720 and HO730
    - LP: #770050
  * USB: option: Add new ONDA vendor id and product id for ONDA MT825UP
    - LP: #770050
  * USB: option: Added support for Samsung GT-B3730/GT-B3710 LTE USB modem.
    - LP: #770050
  * next_pidmap: fix overflow condition
    - LP: #770050
  * proc: do proper range check on readdir offset
    - LP: #770050
  * USB: EHCI: unlink unused QHs when the controller is stopped
    - LP: #770050
  * USB: fix formatting of SuperSpeed endpoints in /proc/bus/usb/devices
    - LP: #770050
  * USB: xhci - fix unsafe macro definitions
    - LP: #770050
  * USB: xhci - fix math in xhci_get_endpoint_interval()
    - LP: #770050
  * x86, cpu: Fix regression in AMD errata checking code
    - LP: #770050
  * Linux 2.6.32.39
    - LP: #770050
  * fs/partitions/ldm.c: fix oops caused by corrupted partition table,
    CVE-2011-1017
    - LP: #771382
    - CVE-2011-1017
  * drm/i915: set DIDL using the ACPI video output device _ADR method
    return.
    - LP: #775547
  * drm/radeon/kms: MC vram map needs to be >= pci aperture size
    - LP: #775547
  * drm/radeon/kms: make sure blit addr masks are 64 bit
    - LP: #775547
  * drm/radeon/kms: fix handling of tex lookup disable in cs checker on
    r2xx
    - LP: #775547
  * drm/i915: Free hardware status page on unload when physically mapped
    - LP: #775547
  * drm/i915/overlay: Ensure that the reg_bo is in the GTT prior to
    writing.
    - LP: #775547
  * drm/radeon/kms/atom: set sane defaults in atombios_get_encoder_mode()
    - LP: #775547
  * drm/radeon/kms: fix typos in disabled vbios code
    - LP: #775547
  * drm/radeon/kms: add workaround for dce3 ddc line vbios bug
    - LP: #775547
  * drm/radeon/kms: fix interlaced and doublescan handling
    - LP: #775547
  * drm/i915/sdvo: Always add a 30ms delay to make SDVO TV detection
    reliable
    - LP: #775547
  * drm/radeon/kms: don't apply 7xx HDP flush workaround on AGP
    - LP: #775547
  * drm/ttm: Fix two race conditions + fix busy codepaths
    - LP: #775547
  * drm/i915: overlay on gen2 can't address above 1G
    - LP: #775547
  * drm/i915: fix memory corruption with GM965 and >4GB RAM
    - LP: #775547
  * drm/radeon: add quirk to make HP nx6125 laptop resume.
    - LP: #775547
  * drm/radeon/kms: add quirk to make HP DV5000 laptop resume
    - LP: #775547
  * ath: add missing regdomain pair 0x5c mapping
    - LP: #780588
  * block, blk-sysfs: Fix an err return path in blk_register_queue()
    - LP: #780588
  * p54: Initialize extra_len in p54_tx_80211
    - LP: #780588
  * intel-iommu: Unlink domain from iommu
    - LP: #780588
  * intel-iommu: Fix get_domain_for_dev() error path
    - LP: #780588
  * NFS: nfs_wcc_update_inode() should set nfsi->attr_gencount
    - LP: #780588
  * serial/imx: read cts state only after acking cts change irq
    - LP: #780588
  * ASoC: Fix output PGA enabling in wm_hubs CODECs
    - LP: #780588
  * kconfig: Avoid buffer underrun in choice input
    - LP: #780588
  * UBIFS: fix master node recovery
    - LP: #780588
  * Remove extra struct page member from the buffer info structure
    - LP: #780588
  * dasd: correct device table
    - LP: #780588
  * iwlagn: Support new 5000 microcode.
    - LP: #780588
  * atl1c: duplicate atl1c_get_tpd
    - LP: #780588
  * udp: Fix bogus UFO packet generation
    - LP: #780588
  * slub: fix panic with DISCONTIGMEM
    - LP: #780588
  * set memory ranges in N_NORMAL_MEMORY when onlined
    - LP: #780588
  * FLEXCOP-PCI: fix __xlate_proc_name-warning for flexcop-pci
    - LP: #780588
  * m68k/mm: Set all online nodes in N_NORMAL_MEMORY
    - LP: #780588
  * nfs: don't lose MS_SYNCHRONOUS on remount of noac mount
    - LP: #780588
  * NFSv4.1: Ensure state manager thread dies on last umount
    - LP: #780588
  * agp: fix arbitrary kernel memory writes
    - LP: #780588
  * agp: fix OOM and buffer overflow
    - LP: #780588
  * Input: xen-kbdfront - fix mouse getting stuck after save/restore
    - LP: #780588
  * pmcraid: reject negative request size
    - LP: #780588
  * mpt2sas: prevent heap overflows and unchecked reads
    - LP: #780588
  * put stricter guards on queue dead checks
    - LP: #780588
  * mmc: sdhci-pci: Fix error case in sdhci_pci_probe_slot()
    - LP: #780588
  * mmc: sdhci: Check mrq->cmd in sdhci_tasklet_finish
    - LP: #780588
  * mmc: sdhci: Check mrq != NULL in sdhci_tasklet_finish
    - LP: #780588
  * USB: fix regression in usbip by setting has_tt flag
    - LP: #780588
  * af_unix: Only allow recv on connected seqpacket sockets.
    - LP: #780588
  * ARM: 6891/1: prevent heap corruption in OABI semtimedop
    - LP: #780588
  * i8k: Tell gcc that *regs gets clobbered
    - LP: #780588
  * Fix gcc 4.5.1 miscompiling drivers/char/i8k.c (again)
    - LP: #780588
  * Open with O_CREAT flag set fails to open existing files on non writable
    directories
    - LP: #780588
  * can: Add missing socket check in can/bcm release.
    - LP: #780588
  * netxen: module firmware hints
    - LP: #780588
  * bnx2x: declare MODULE_FIRMWARE
    - LP: #780588
  * cxgb3: declare MODULE_FIRMWARE
    - LP: #780588
  * myri10ge: declare MODULE_FIRMWARE
    - LP: #780588
  * netx: declare MODULE_FIRMWARE
    - LP: #780588
  * pcnet-cs: declare MODULE_FIRMWARE
    - LP: #780588
  * spider-net: declare MODULE_FIRMWARE
    - LP: #780588
  * tms380tr: declare MODULE_FIRMWARE
    - LP: #780588
  * Input: Add support of Synaptics Clickpad device
    - LP: #780588
  * Input: elantech - do not advertise relative events
    - LP: #780588
  * Input: elantech - fix firmware version check
    - LP: #780588
  * Input: elantech - allow forcing Elantech protocol
    - LP: #780588
  * Input: elantech - ignore high bits in the position coordinates
    - LP: #780588
  * Input: elantech - use all 3 bytes when checking version
    - LP: #780588
  * Input: elantech - relax signature checks
    - LP: #780588
  * Input: elantech - discard the first 2 positions on some firmwares
    - LP: #780588
  * Staging: rtl8192su: check for skb == NULL
    - LP: #780588
  * Staging: rtl8192su: Clean up in case of an error in module
    initialisation
    - LP: #780588
  * Staging: rtl8192su: Fix procfs code for interfaces not named wlan0
    - LP: #780588
  * Staging: rtl8192su: remove device ids
    - LP: #780588
  * Staging: rtl8192su: add device ids
    - LP: #780588
  * USB: retain USB device power/wakeup setting across reconfiguration
    - LP: #780588
  * USB: don't enable remote wakeup by default
    - LP: #780588
  * USB: teach "devices" file about Wireless and SuperSpeed USB
    - LP: #780588
  * GFS2: Clean up gfs2_adjust_quota() and do_glock()
    - LP: #780588
  * GFS2: Fix writing to non-page aligned gfs2_quota structures
    - LP: #780588
  * GFS2: BUG in gfs2_adjust_quota
    - LP: #780588
  * SUNRPC: fix NFS client over TCP hangs due to packet loss (Bug 16494)
    - LP: #780588
  * nfs4: Ensure that ACL pages sent over NFS were not allocated from the
    slab (v3)
    - LP: #780588
  * nfs: fix compilation warning
    - LP: #780588
  * Fix corrupted OSF partition table parsing
    - LP: #780588
  * Increase OSF partition limit from 8 to 18
    - LP: #780588
  * Please add support for Microsoft MN-120 PCMCIA network card
    - LP: #780588
  * hwmon: (applesmc) Add iMac9,1 and MacBookPro2,2 support
    - LP: #780588
  * hwmon: (applesmc) Add support for MacBook Pro 5,3 and 5,4
    - LP: #780588
  * hwmon: (applesmc) Add generic support for MacBook Pro 6
    - LP: #780588
  * hwmon: (applesmc) Add generic support for MacBook Pro 7
    - LP: #780588
  * hwmon: (applesmc) Add MacBookAir3,1(3,2) support
    - LP: #780588
  * ALSA: emux: Add trivial compat ioctl handler
    - LP: #780588
  * ALSA: powermac - Reverse HP detection on G4 DA
    - LP: #780588
  * ALSA: powermac - Lineout detection on G4 DA
    - LP: #780588
  * ALSA: hda - Add support for the new 27 inch IMacs
    - LP: #780588
  * ALSA: hda - MacBookPro 5,3 line-in support
    - LP: #780588
  * ALSA: hda - Add model=mbp55 entry for MacBookPro 7,1
    - LP: #780588
  * ALSA: hda - MacBookAir3,1(3,2) alsa support
    - LP: #780588
  * virtio_net: fix oom handling on tx
    - LP: #780588
  * mac80211: Add define for TX headroom reserved by mac80211 itself.
    - LP: #780588
  * rt2x00: Centralize setting of extra TX headroom requested by rt2x00.
    - LP: #780588
  * rt2x00: Properly request tx headroom for alignment operations.
    - LP: #780588
  * rt2x00: use correct headroom for transmission
    - LP: #780588
  * Bluetooth: Add support Bluetooth controller of MacbookPro 6,2
    - LP: #780588
  * Bluetooth: Add support Bluetooth controller of MacbookPro 7,1
    - LP: #780588
  * Bluetooth: Add MacBookAir3,1(2) support
    - LP: #780588
  * perf tools: Display better error messages on missing packages
    - LP: #780588
  * perf tools: Add 'make DEBUG=1' to remove the -O6 cflag
    - LP: #780588
  * perf tools: Test -fstack-protector-all compiler option for inclusion in
    CFLAGS
    - LP: #780588
  * perf tools: Support static build
    - LP: #780588
  * perf tools: Add V=2 option to help debug config issues
    - LP: #780588
  * perf tools: Suggest static libraries as well
    - LP: #780588
  * perf: Use default compiler mode by default
    - LP: #780588
  * perf tools: Move QUIET_STDERR def to before first use
    - LP: #780588
  * perf tools: Check if /dev/null can be used as the -o gcc argument
    - LP: #780588
  * perf symbols: allow forcing use of cplus_demangle
    - LP: #780588
  * V4L/DVB: Add Elgato EyeTV Diversity to dibcom driver
    - LP: #780588
  * mmc: fix all hangs related to mmc/sd card insert/removal during
    suspend/resume
    - LP: #780588
  * mmc: build fix: mmc_pm_notify is only available with CONFIG_PM=y
    - LP: #780588
  * b43: Fix warning at drivers/mmc/core/core.c:237 in mmc_wait_for_cmd
    - LP: #780588
  * econet: Fix redeclaration of symbol len
    - LP: #780588
  * econet: fix CVE-2010-3848
    - LP: #780588
  * dell-laptop: Add another Dell laptop to the DMI whitelist
    - LP: #780588
  * dell-laptop: Add another Dell laptop family to the DMI whitelist
    - LP: #780588
  * scsi_dh_emc: fix mode select request setup
    - LP: #780588
  * scsi_dh_emc: request flag cleanup
    - LP: #780588
  * cifs: fix another memleak, in cifs_root_iget
    - LP: #780588
  * e1000e: Reset 82577/82578 PHY before first PHY register read
    - LP: #780588
  * e1000: fix Tx hangs by disabling 64-bit DMA
    - LP: #780588
  * btrfs: Require CAP_SYS_ADMIN for filesystem rebalance
    - LP: #780588
  * af_unix: limit recursion level
    - LP: #780588
  * init, sched: Fix race between init and kthreadd
    - LP: #780588
  * backlight: MacBookAir3,1(3,2) mbp-nvidia-bl support
    - LP: #780588
  * bonding: Ensure that we unshare skbs prior to calling pskb_may_pull
    - LP: #780588
  * HID: add MacBookAir 3,1 and 3,2 support
    - LP: #780588
  * intel-iommu: Force-disable IOMMU for iGFX on broken Cantiga revisions.
    - LP: #780588
  * ipg: Remove device claimed by dl2k from pci id table
    - LP: #780588
  * ipv6: Silence privacy extensions initialization
    - LP: #780588
  * l2tp: Fix UDP socket reference count bugs in the pppol2tp driver
    - LP: #780588
  * MIPS: DMA: Fix computation of DMA flags from device's
    coherent_dma_mask.
    - LP: #780588
  * mpt2sas: fix the incorrect scsi_dma_map error checking
    - LP: #780588
  * Phonet: device notifier only runs on initial namespace
    - LP: #780588
  * powerpc/boot/dts: Install dts from the right directory
    - LP: #780588
  * rt2500usb: fallback to SW encryption for TKIP+AES
    - LP: #780588
  * sata_via: Delay on vt6420 when starting ATAPI DMA write
    - LP: #780588
  * tehuti: Firmware filename is tehuti/bdx.bin
    - LP: #780588
  * wireless: b43: fix error path in SDIO
    - LP: #780588
  * libata: set queue DMA alignment to sector size for ATAPI too
    - LP: #780588
  * usb: musb: core: set has_tt flag
    - LP: #780588
  * iwlwifi: fix skb usage after free
    - LP: #780588
  * can: add missing socket check in can/raw release
    - LP: #780588
  * fix oops in scsi_run_queue()
    - LP: #780588
  * Linux 2.6.32.40
    - LP: #780588
  * PCI: allow matching of prefetchable resources to non-prefetchable
    windows
    - LP: #424142
  * cifs: check for bytes_remaining going to zero in CIFS_SessSetup
    - LP: #788602
  * Validate size of EFI GUID partition entries.
    - LP: #788602
  * dccp: handle invalid feature options length
    - LP: #788602
  * CIFS: Fix memory over bound bug in cifs_parse_mount_options
    - LP: #788602
  * Fix time() inconsistencies caused by intermediate xtime_cache values
    being read
    - LP: #788602
  * ehea: fix wrongly reported speed and port
    - LP: #788602
  * NET: slip, fix ldisc->open retval
    - LP: #788602
  * ne-h8300: Fix regression caused during net_device_ops conversion
    - LP: #788602
  * hydra: Fix regression caused during net_device_ops conversion
    - LP: #788602
  * libertas: fix cmdpendingq locking
    - LP: #788602
  * zorro8390: Fix regression caused during net_device_ops conversion
    - LP: #788602
  * cifs: add fallback in is_path_accessible for old servers
    - LP: #788602
  * x86, AMD: Fix ARAT feature setting again
    - LP: #788602
  * clocksource: Install completely before selecting
    - LP: #788602
  * tick: Clear broadcast active bit when switching to oneshot
    - LP: #788602
  * x86, apic: Fix spurious error interrupts triggering on all non-boot APs
    - LP: #788602
  * x86, mce, AMD: Fix leaving freed data in a list
    - LP: #788602
  * megaraid_sas: Sanity check user supplied length before passing it to
    dma_alloc_coherent()
    - LP: #788602
  * vmxnet3: Fix inconsistent LRO state after initialization
    - LP: #788602
  * netxen: Remove references to unified firmware file
    - LP: #788602
  * Linux 2.6.32.41
    - LP: #788602
  * drm/radeon/kms: fix bad shift in atom iio table parser
    - LP: #788602
  * Linux 2.6.32.41+drm33.18
    - LP: #788602

[ Ubuntu: 2.6.32-32.62 ]

* Release Tracking Bug
    - LP: #767370
  * (config) Disable CONFIG_NET_NS
    - LP: #720095
  * Revert "drm/radeon/kms: Fix retrying ttm_bo_init() after it failed
    once."
    - LP: #736234
  * Revert "drm/radeon: fall back to GTT if bo creation/validation in VRAM
    fails."
    - LP: #736234
  * x86: pvclock: Move scale_delta into common header
  * KVM: x86: Fix a possible backwards warp of kvmclock
  * KVM: x86: Fix kvmclock bug
  * cpuset: add a missing unlock in cpuset_write_resmask()
    - LP: #736234
  * keyboard: integer underflow bug
    - LP: #736234
  * RxRPC: Fix v1 keys
    - LP: #736234
  * ixgbe: fix for 82599 erratum on Header Splitting
    - LP: #736234
  * mm: fix possible cause of a page_mapped BUG
    - LP: #736234
  * powerpc/kdump: CPUs assume the context of the oopsing CPU
    - LP: #736234
  * powerpc/kdump: Use chip->shutdown to disable IRQs
    - LP: #736234
  * powerpc: Use more accurate limit for first segment memory allocations
    - LP: #736234
  * powerpc/pseries: Add hcall to read 4 ptes at a time in real mode
    - LP: #736234
  * powerpc/kexec: Speedup kexec hash PTE tear down
    - LP: #736234
  * powerpc/crashdump: Do not fail on NULL pointer dereferencing
    - LP: #736234
  * powerpc/kexec: Fix orphaned offline CPUs across kexec
    - LP: #736234
  * netfilter: nf_log: avoid oops in (un)bind with invalid nfproto values
    - LP: #736234
  * nfsd: wrong index used in inner loop
    - LP: #736234
  * r8169: use RxFIFO overflow workaround for 8168c chipset.
    - LP: #736234
  * Staging: comedi: jr3_pci: Don't ioremap too much space. Check result.
    - LP: #736234
  * net: don't allow CAP_NET_ADMIN to load non-netdev kernel modules,
    CVE-2011-1019
    - LP: #736234
    - CVE-2011-1019
  * ip6ip6: autoload ip6 tunnel
    - LP: #736234
  * Linux 2.6.32.33
    - LP: #736234
  * drm/radeon: fall back to GTT if bo creation/validation in VRAM fails.
    - LP: #652934, #736234
  * drm/radeon/kms: Fix retrying ttm_bo_init() after it failed once.
    - LP: #652934, #736234
  * drm: fix unsigned vs signed comparison issue in modeset ctl ioctl,
    CVE-2011-1013
    - LP: #736234
    - CVE-2011-1013
  * Linux 2.6.32.33+drm33.15
    - LP: #736234
  * econet: Fix crash in aun_incoming(). CVE-2010-4342
    - LP: #736394
    - CVE-2010-4342
  * igb: only use vlan_gro_receive if vlans are registered, CVE-2010-4263
    - LP: #737024
    - CVE-2010-4263
  * irda: prevent integer underflow in IRLMP_ENUMDEVICES, CVE-2010-4529
    - LP: #737823
    - CVE-2010-4529
  * hwmon/f71882fg: Set platform drvdata to NULL later
    - LP: #742056
  * mtd: add "platform:" prefix for platform modalias
    - LP: #742056
  * libata: no special completion processing for EH commands
    - LP: #742056
  * MIPS: MTX-1: Make au1000_eth probe all PHY addresses
    - LP: #742056
  * x86/mm: Handle mm_fault_error() in kernel space
    - LP: #742056
  * ftrace: Fix memory leak with function graph and cpu hotplug
    - LP: #742056
  * x86: Fix panic when handling "mem={invalid}" param
    - LP: #553464, #742056
  * x86: Emit "mem=nopentium ignored" warning when not supported
    - LP: #553464, #742056
  * ahci: AHCI and RAID mode SATA patch for Intel Patsburg DeviceIDs
    - LP: #742056
  * ahci: AHCI mode SATA patch for Intel DH89xxCC DeviceIDs
    - LP: #742056
  * ahci: AHCI mode SATA patch for Intel Patsburg SATA RAID controller
    - LP: #742056
  * RDMA/cma: Fix crash in request handlers
    - LP: #742056
  * IB/cm: Bump reference count on cm_id before invoking callback
    - LP: #742056
  * ath9k_hw: Fix incorrect macversion and macrev checks
    - LP: #742056
  * USB: serial/kobil_sct, fix potential tty NULL dereference
    - LP: #742056
  * USB: serial: ch341: add new id
    - LP: #742056
  * xhci: Fix cycle bit calculation during stall handling.
    - LP: #742056
  * ALSA: hda - fix digital mic selection in mixer on 92HD8X codecs
    - LP: #742056
  * PCI: remove quirk for pre-production systems
    - LP: #742056
  * PCI: add more checking to ICH region quirks
    - LP: #742056
  * PCI: do not create quirk I/O regions below PCIBIOS_MIN_IO for ICH
    - LP: #742056
  * PCI: sysfs: Fix failure path for addition of "vpd" attribute
    - LP: #742056
  * ALSA: ctxfi - Fix incorrect SPDIF status bit mask
    - LP: #742056
  * ALSA: ctxfi - Fix SPDIF status retrieval
    - LP: #742056
  * ALSA: ctxfi - Clear input settings before initialization
    - LP: #742056
  * SUNRPC: Ensure we always run the tk_callback before tk_action
    - LP: #742056
  * perf, powerpc: Handle events that raise an exception without
    overflowing
    - LP: #742056
  * ext3: Always set dx_node's fake_dirent explicitly.
    - LP: #742056
  * call_function_many: fix list delete vs add race
    - LP: #742056
  * call_function_many: add missing ordering
    - LP: #742056
  * x86: Flush TLB if PGD entry is changed in i386 PAE mode
    - LP: #742056
  * isdn: avoid calling tty_ldisc_flush() in atomic context
    - LP: #742056
  * smp_call_function_many: handle concurrent clearing of mask
    - LP: #742056
  * fix per-cpu flag problem in the cpu affinity checkers
    - LP: #742056
  * i2c: Fix typo in instantiating-devices document
    - LP: #742056
  * mmc: sdio: remember new card RCA when redetecting card
    - LP: #742056
  * powerpc/kexec: Fix race in kexec shutdown
    - LP: #742056
  * powerpc/kdump: Fix race in kdump shutdown
    - LP: #742056
  * powerpc: rtas_flash needs to use rtas_data_buf
    - LP: #742056
  * x86, binutils, xen: Fix another wrong size directive
    - LP: #742056
  * hwmon: (sht15) Fix integer overflow in humidity calculation
    - LP: #742056
  * Linux 2.6.32.34
    - LP: #742056
  * Linux 2.6.32.35
    - LP: #742056
  * aio: wake all waiters when destroying ctx
    - LP: #744921
  * shmem: let shared anonymous be nonlinear again
    - LP: #744921
  * PCI hotplug: acpiphp: set current_state to D0 in register_slot
    - LP: #744921
  * xen: set max_pfn_mapped to the last pfn mapped
    - LP: #744921
  * PCI: return correct value when writing to the "reset" attribute
    - LP: #744921
  * Prevent rt_sigqueueinfo and rt_tgsigqueueinfo from spoofing the signal
    code
    - LP: #744921
  * ext3: skip orphan cleanup on rocompat fs
    - LP: #744921
  * procfs: fix /proc/<pid>/maps heap check
    - LP: #744921
  * proc: protect mm start_code/end_code in /proc/pid/stat, CVE-2011-0726
    - LP: #744921
    - CVE-2011-0726
  * fbcon: Bugfix soft cursor detection in Tile Blitting
    - LP: #744921
  * nfsd41: modify the members value of nfsd4_op_flags
    - LP: #744921
  * nfsd: wrong index used in inner loop
    - LP: #744921
  * uvcvideo: Fix uvc_fixup_video_ctrl() format search
    - LP: #744921
  * ehci-hcd: Bug fix: don't set a QH's Halt bit
    - LP: #744921
  * USB: uss720 fixup refcount position
    - LP: #744921
  * USB: cdc-acm: fix memory corruption / panic
    - LP: #744921
  * USB: cdc-acm: fix potential null-pointer dereference
    - LP: #744921
  * USB: cdc-acm: fix potential null-pointer dereference on disconnect
    - LP: #744921
  * Input: xen-kbdfront - advertise either absolute or relative coordinates
    - LP: #744921
  * SUNRPC: Never reuse the socket port after an xs_close()
    - LP: #744921
  * fs: call security_d_instantiate in d_obtain_alias V2
    - LP: #744921
  * dcdbas: force SMI to happen when expected
    - LP: #744921
  * Linux 2.6.32.36
    - LP: #744921
  * drm/radeon/kms: check AA resolve registers on r300, CVE-2011-1016
    - LP: #745686
    - CVE-2011-1016
  * drm/radeon: fix regression with AA resolve checking, CVE-2011-1016
    - LP: #745686
    - CVE-2011-1016
  * xen: events: do not unmask event channels on resume
    - LP: #681083
  * drm/radeon/kms: check AA resolve registers on r300
    - LP: #754584
  * drm/radeon: fix regression with AA resolve checking
    - LP: #754584
  * Linux 2.6.32.36+drm33.16
    - LP: #754584
  * ALSA: hda - Fix SPDIF out regression on ALC889
    - LP: #764685
  * ALSA: Fix yet another race in disconnection
    - LP: #764685
  * perf: Better fit max unprivileged mlock pages for tools needs
    - LP: #764685
  * myri10ge: fix rmmod crash
    - LP: #764685
  * cciss: fix lost command issue
    - LP: #764685
  * sound/oss/opl3: validate voice and channel indexes
    - LP: #764685
  * mac80211: initialize sta->last_rx in sta_info_alloc
    - LP: #764685
  * ses: show devices for enclosures with no page 7
    - LP: #764685
  * ses: Avoid kernel panic when lun 0 is not mapped
    - LP: #764685
  * eCryptfs: Unlock page in write_begin error path
    - LP: #764685
  * eCryptfs: ecryptfs_keyring_auth_tok_for_sig() bug fix
    - LP: #764685
  * staging: usbip: bugfixes related to kthread conversion
    - LP: #764685
  * staging: usbip: bugfix add number of packets for isochronous frames
    - LP: #764685
  * staging: usbip: bugfix for isochronous packets and optimization
    - LP: #764685
  * staging: hv: Fix GARP not sent after Quick Migration
    - LP: #764685
  * staging: hv: use sync_bitops when interacting with the hypervisor
    - LP: #764685
  * Relax si_code check in rt_sigqueueinfo and rt_tgsigqueueinfo
    - LP: #764685
  * xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1
    - LP: #764685
  * irda: validate peer name and attribute lengths
    - LP: #764685
  * irda: prevent heap corruption on invalid nickname
    - LP: #764685
  * nilfs2: fix data loss in mmap page write for hole blocks
    - LP: #764685
  * ASoC: Explicitly say registerless widgets have no register
    - LP: #764685
  * ALSA: ens1371: fix Creative Ectiva support
    - LP: #764685
  * ROSE: prevent heap corruption with bad facilities
    - LP: #764685
  * Btrfs: Fix uninitialized root flags for subvolumes
    - LP: #764685
  * x86, mtrr, pat: Fix one cpu getting out of sync during resume
    - LP: #764685
  * ath9k: fix a chip wakeup related crash in ath9k_start
    - LP: #764685
  * UBIFS: do not read flash unnecessarily
    - LP: #764685
  * UBIFS: fix oops on error path in read_pnode
    - LP: #764685
  * UBIFS: fix debugging failure in dbg_check_space_info
    - LP: #764685
  * quota: Don't write quota info in dquot_commit()
    - LP: #764685
  * mm: avoid wrapping vm_pgoff in mremap()
    - LP: #764685
  * p54usb: IDs for two new devices
    - LP: #764685
  * b43: allocate receive buffers big enough for max frame len + offset
    - LP: #764685
  * Bluetooth: sco: fix information leak to userspace
    - LP: #764685
  * bridge: netfilter: fix information leak
    - LP: #764685
  * Bluetooth: bnep: fix buffer overflow
    - LP: #764685
  * Bluetooth: add support for Apple MacBook Pro 8,2
    - LP: #764685
  * Treat writes as new when holes span across page boundaries
    - LP: #764685
  * char/tpm: Fix unitialized usage of data buffer
    - LP: #764685
  * netfilter: ip_tables: fix infoleak to userspace
    - LP: #764685
  * netfilter: arp_tables: fix infoleak to userspace
    - LP: #764685
  * netfilter: ipt_CLUSTERIP: fix buffer overflow
    - LP: #764685
  * ipv6: netfilter: ip6_tables: fix infoleak to userspace
    - LP: #764685
  * mfd: ab3100: world-writable debugfs *_priv files
    - LP: #764685
  * drivers/rtc/rtc-ds1511.c: world-writable sysfs nvram file
    - LP: #764685
  * drivers/misc/ep93xx_pwm.c: world-writable sysfs files
    - LP: #764685
  * econet: 4 byte infoleak to the network
    - LP: #764685
  * sound/oss: remove offset from load_patch callbacks
    - LP: #764685
  * sound: oss: midi_synth: check get_user() return value
    - LP: #764685
  * repair gdbstub to match the gdbserial protocol specification
    - LP: #764685
  * gro: Reset dev pointer on reuse
    - LP: #764685
  * gro: reset skb_iif on reuse
    - LP: #764685
  * x86, amd-ucode: Remove needless log messages
    - LP: #764685
  * x86, microcode, AMD: Extend ucode size verification
    - LP: #764685
  * powerpc/kexec: Add ifdef CONFIG_PPC_STD_MMU_64 to PPC64 code
    - LP: #764685
  * powerpc: Fix default_machine_crash_shutdown #ifdef botch
    - LP: #764685
  * Squashfs: handle corruption of directory structure
    - LP: #764685
  * sctp: fix to calc the INIT/INIT-ACK chunk length correctly is set
    - LP: #764685
  * atm/solos-pci: Don't include frame pseudo-header on transmit hex-dump
    - LP: #764685
  * ext4: fix credits computing for indirect mapped files
    - LP: #764685
  * nfsd: fix auth_domain reference leak on nlm operations
    - LP: #764685
  * CAN: Use inode instead of kernel address for /proc file
    - LP: #764685
  * exec: make argv/envp memory visible to oom-killer
    - LP: #764685
  * exec: copy-and-paste the fixes into compat_do_execve() paths
    - LP: #764685
  * xfs: zero proper structure size for geometry calls
    - LP: #764685
  * Linux 2.6.32.37
    - LP: #764685
  * Linux 2.6.32.38
    - LP: #764685

[ Ubuntu: 2.6.32-31.61 ]

* Release Tracking Bug
    - LP: #754842
  * x86, quirk: Fix SB600 revision check
    - LP: #742056
 -- Herton Ronaldo Krzesinski <herton.krzesinski@canonical.com>   Wed, 08 Jun 2011 15:37:30 -0300

Changed in linux-mvl-dove (Ubuntu Maverick):
status:	New → Fix Released

Revision history for this message

Leann Ogasawara (leannogasawara) wrote on 2011-07-15: Closing unsupported series nomination.

#12

This bug was nominated against a series that is no longer supported, ie karmic. The bug task representing the karmic nomination is being closed as Won't Fix.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu Karmic):
status:	In Progress → Won't Fix

Revision history for this message

Launchpad Janitor (janitor) wrote on 2011-08-08:

#13

Download full text (45.4 KiB)

This bug was fixed in the package linux-lts-backport-maverick - 2.6.35-30.56~lucid1

---------------
linux-lts-backport-maverick (2.6.35-30.56~lucid1) lucid-proposed; urgency=low

[Herton R. Krzesinski]

* Release Tracking Bug
- LP: #811215

[ Herton Ronaldo Krzesinski ]

* Revert "SAUCE: mmc: Enable MMC card reader for RICOH [1180:e823]"

[ Upstream Kernel Changes ]

* Revert "x86: Flush TLB if PGD entry is changed in i386 PAE mode"
- LP: #805209

linux (2.6.35-30.55) maverick-proposed; urgency=low

[Steve Conklin]

* Release Tracking Bug
- LP: #801690

[ Jeremy Kerr ]

* SAUCE: cx23885: Fix argument to videobuf_dma_unmap
- LP: #800527

[ Manoj Iyer ]

* SAUCE: mmc: Enable MMC card reader for RICOH [1180:e823]
- LP: #790754

[ Upstream Kernel Changes ]

  * agp: fix OOM and buffer overflow
    - LP: #791918
    - CVE-2011-1746
  * tty: icount changeover for other main devices, CVE-2010-4076,
    CVE-2010-4077
    - LP: #720189
    - CVE-2010-4077
  * fs/partitions/efi.c: corrupted GUID partition tables can cause kernel
    oops
    - LP: #795418
    - CVE-2011-1577
  * Fix corrupted OSF partition table parsing
    - LP: #796606
    - CVE-2011-1163
  * can: Add missing socket check in can/bcm release.
    - LP: #796502
    - CVE-2011-1598
  * nfs4: Ensure that ACL pages sent over NFS were not allocated from the
    slab (v3) CVE-2011-1090
    - LP: #800775
    - CVE-2011-1090

linux (2.6.35-30.54) maverick-proposed; urgency=low

[ Brad Figg ]

* Release Tracking Bug
- LP: #794114

[ Upstream Kernel Changes ]

  * Revert "xhci: Fix full speed bInterval encoding."
  * Revert "USB: xhci - also free streams when resetting devices"
  * Revert "USB: xhci - fix math in xhci_get_endpoint_interval()"
  * Revert "USB: xhci - fix unsafe macro definitions"

linux (2.6.35-30.53) maverick-proposed; urgency=low

[ Upstream Kernel Changes ]

* xhci: Fix full speed bInterval encoding.
- LP: #792959

linux (2.6.35-30.52) maverick-proposed; urgency=low

[ Herton R. Krzesinski ]

* Release Tracking Bug
- LP: #790653

[ Stefan Bader ]

* Include nls_iso8859-1 for virtual images
- LP: #732046

[ Thomas Schlichter ]

* SAUCE: vesafb: mtrr module parameter is uint, not bool
- LP: #778043

[ Tim Gardner ]

* [Config] Add cachefiles.ko to virtual flavour
- LP: #770430

[ Upstream Kernel Changes ]

  * Revert "intel_idle: PCI quirk to prevent Lenovo Ideapad s10-3 boot
    hang"
    - LP: #772560
  * Revert "TPM: Long default timeout fix"
    - LP: #772560
  * Revert "tpm_tis: Use timeouts returned from TPM"
    - LP: #772560
  * Revert "xen: set max_pfn_mapped to the last pfn mapped"
  * CAN: Use inode instead of kernel address for /proc file, CVE-2010-4565
    - LP: #765007
    - CVE-2010-4565
  * xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1,
    CVE-2011-0711
    - LP: #767740
    - CVE-2011-0711
  * Treat writes as new when holes span across page boundaries,
    CVE-2011-0463
    - LP: #770483
    - CVE-2011-0463
  * fs/partitions/ldm.c: fix oops caused by corrupted partition table,
    CVE-2011-1017
    - LP: #771382
    - CVE-2011-1017
  * qla2xxx:...

This bug was fixed in the package linux-lts-backport-maverick - 2.6.35-30.56~lucid1

---------------
linux-lts-backport-maverick (2.6.35-30.56~lucid1) lucid-proposed; urgency=low

[Herton R. Krzesinski]

* Release Tracking Bug
    - LP: #811215

[ Herton Ronaldo Krzesinski ]

* Revert "SAUCE: mmc: Enable MMC card reader for RICOH [1180:e823]"

[ Upstream Kernel Changes ]

* Revert "x86: Flush TLB if PGD entry is changed in i386 PAE mode"
    - LP: #805209

linux (2.6.35-30.55) maverick-proposed; urgency=low

[Steve Conklin]

* Release Tracking Bug
    - LP: #801690

[ Jeremy Kerr ]

* SAUCE: cx23885: Fix argument to videobuf_dma_unmap
    - LP: #800527

[ Manoj Iyer ]

* SAUCE: mmc: Enable MMC card reader for RICOH [1180:e823]
    - LP: #790754

[ Upstream Kernel Changes ]

* agp: fix OOM and buffer overflow
    - LP: #791918
    - CVE-2011-1746
  * tty: icount changeover for other main devices, CVE-2010-4076,
    CVE-2010-4077
    - LP: #720189
    - CVE-2010-4077
  * fs/partitions/efi.c: corrupted GUID partition tables can cause kernel
    oops
    - LP: #795418
    - CVE-2011-1577
  * Fix corrupted OSF partition table parsing
    - LP: #796606
    - CVE-2011-1163
  * can: Add missing socket check in can/bcm release.
    - LP: #796502
    - CVE-2011-1598
  * nfs4: Ensure that ACL pages sent over NFS were not allocated from the
    slab (v3) CVE-2011-1090
    - LP: #800775
    - CVE-2011-1090

linux (2.6.35-30.54) maverick-proposed; urgency=low

[ Brad Figg ]

* Release Tracking Bug
    - LP: #794114

[ Upstream Kernel Changes ]

* Revert "xhci: Fix full speed bInterval encoding."
  * Revert "USB: xhci - also free streams when resetting devices"
  * Revert "USB: xhci - fix math in xhci_get_endpoint_interval()"
  * Revert "USB: xhci - fix unsafe macro definitions"

linux (2.6.35-30.53) maverick-proposed; urgency=low

[ Upstream Kernel Changes ]

* xhci: Fix full speed bInterval encoding.
    - LP: #792959

linux (2.6.35-30.52) maverick-proposed; urgency=low

[ Herton R. Krzesinski ]

* Release Tracking Bug
    - LP: #790653

[ Stefan Bader ]

* Include nls_iso8859-1 for virtual images
    - LP: #732046

[ Thomas Schlichter ]

* SAUCE: vesafb: mtrr module parameter is uint, not bool
    - LP: #778043

[ Tim Gardner ]

* [Config] Add cachefiles.ko to virtual flavour
    - LP: #770430

[ Upstream Kernel Changes ]

* Revert "intel_idle: PCI quirk to prevent Lenovo Ideapad s10-3 boot
    hang"
    - LP: #772560
  * Revert "TPM: Long default timeout fix"
    - LP: #772560
  * Revert "tpm_tis: Use timeouts returned from TPM"
    - LP: #772560
  * Revert "xen: set max_pfn_mapped to the last pfn mapped"
  * CAN: Use inode instead of kernel address for /proc file, CVE-2010-4565
    - LP: #765007
    - CVE-2010-4565
  * xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1,
    CVE-2011-0711
    - LP: #767740
    - CVE-2011-0711
  * Treat writes as new when holes span across page boundaries,
    CVE-2011-0463
    - LP: #770483
    - CVE-2011-0463
  * fs/partitions/ldm.c: fix oops caused by corrupted partition table,
    CVE-2011-1017
    - LP: #771382
    - CVE-2011-1017
  * qla2xxx: Make the FC port capability mutual exclusive.
    - LP: #772560
  * staging: usbip: bugfixes related to kthread conversion
    - LP: #772560
  * staging: usbip: bugfix add number of packets for isochronous frames
    - LP: #772560
  * staging: usbip: bugfix for isochronous packets and optimization
    - LP: #772560
  * staging: hv: Fix GARP not sent after Quick Migration
    - LP: #772560
  * staging: hv: use sync_bitops when interacting with the hypervisor
    - LP: #772560
  * irda: validate peer name and attribute lengths
    - LP: #772560
  * irda: prevent heap corruption on invalid nickname
    - LP: #772560
  * nilfs2: fix data loss in mmap page write for hole blocks
    - LP: #772560
  * ASoC: Explicitly say registerless widgets have no register
    - LP: #772560
  * ALSA: ens1371: fix Creative Ectiva support
    - LP: #772560
  * ROSE: prevent heap corruption with bad facilities
    - LP: #772560
  * Btrfs: Fix uninitialized root flags for subvolumes
    - LP: #772560
  * x86, mtrr, pat: Fix one cpu getting out of sync during resume
    - LP: #772560
  * UBIFS: do not read flash unnecessarily
    - LP: #772560
  * UBIFS: fix oops on error path in read_pnode
    - LP: #772560
  * UBIFS: fix debugging failure in dbg_check_space_info
    - LP: #772560
  * quota: Don't write quota info in dquot_commit()
    - LP: #772560
  * mm: avoid wrapping vm_pgoff in mremap()
    - LP: #772560
  * p54usb: IDs for two new devices
    - LP: #772560
  * b43: allocate receive buffers big enough for max frame len + offset
    - LP: #772560
  * Bluetooth: sco: fix information leak to userspace
    - LP: #772560
  * bridge: netfilter: fix information leak
    - LP: #772560
  * Bluetooth: bnep: fix buffer overflow
    - LP: #772560
  * Bluetooth: add support for Apple MacBook Pro 8,2
    - LP: #772560
  * char/tpm: Fix unitialized usage of data buffer
    - LP: #772560
  * netfilter: ip_tables: fix infoleak to userspace
    - LP: #772560
  * netfilter: arp_tables: fix infoleak to userspace
    - LP: #772560
  * netfilter: ipt_CLUSTERIP: fix buffer overflow
    - LP: #772560
  * ipv6: netfilter: ip6_tables: fix infoleak to userspace
    - LP: #772560
  * mfd: ab3100: world-writable debugfs *_priv files
    - LP: #772560
  * drivers/rtc/rtc-ds1511.c: world-writable sysfs nvram file
    - LP: #772560
  * drivers/misc/ep93xx_pwm.c: world-writable sysfs files
    - LP: #772560
  * econet: 4 byte infoleak to the network
    - LP: #772560
  * sound/oss: remove offset from load_patch callbacks
    - LP: #772560
  * sound: oss: midi_synth: check get_user() return value
    - LP: #772560
  * gro: Reset dev pointer on reuse
    - LP: #772560
  * gro: reset skb_iif on reuse
    - LP: #772560
  * x86, microcode, AMD: Extend ucode size verification
    - LP: #772560
  * Squashfs: handle corruption of directory structure
    - LP: #772560
  * atm/solos-pci: Don't include frame pseudo-header on transmit hex-dump
    - LP: #772560
  * ext4: fix credits computing for indirect mapped files
    - LP: #772560
  * nfsd: fix auth_domain reference leak on nlm operations
    - LP: #772560
  * inet_diag: Make sure we actually run the same bytecode we audited.
    - LP: #772560
  * xfs: zero proper structure size for geometry calls
    - LP: #772560
  * cifs: always do is_path_accessible check in cifs_mount
    - LP: #772560
  * video: sn9c102: world-wirtable sysfs files
    - LP: #772560
  * UBIFS: restrict world-writable debugfs files
    - LP: #772560
  * NET: cdc-phonet, handle empty phonet header
    - LP: #772560
  * x86: Fix a bogus unwind annotation in lib/semaphore_32.S
    - LP: #772560
  * tioca: Fix assignment from incompatible pointer warnings
    - LP: #772560
  * mca.c: Fix cast from integer to pointer warning
    - LP: #772560
  * ramfs: fix memleak on no-mmu arch
    - LP: #772560
  * MAINTAINERS: update STABLE BRANCH info
    - LP: #772560
  * UBIFS: fix oops when R/O file-system is fsync'ed
    - LP: #772560
  * x86, cpu: AMD errata checking framework
    - LP: #772560
  * x86, cpu: Clean up AMD erratum 400 workaround
    - LP: #772560
  * x86, AMD: Set ARAT feature on AMD processors
    - LP: #772560
  * x86, amd: Disable GartTlbWlkErr when BIOS forgets it
    - LP: #772560
  * USB: ftdi_sio: Added IDs for CTI USB Serial Devices
    - LP: #772560
  * USB: ftdi_sio: add PID for OCT DK201 docking station
    - LP: #772560
  * USB: ftdi_sio: add ids for Hameg HO720 and HO730
    - LP: #772560
  * USB: option: Add new ONDA vendor id and product id for ONDA MT825UP
    - LP: #772560
  * USB: option: Added support for Samsung GT-B3730/GT-B3710 LTE USB modem.
    - LP: #772560
  * next_pidmap: fix overflow condition
    - LP: #772560
  * proc: do proper range check on readdir offset
    - LP: #772560
  * USB: EHCI: unlink unused QHs when the controller is stopped
    - LP: #772560
  * USB: fix formatting of SuperSpeed endpoints in /proc/bus/usb/devices
    - LP: #772560
  * USB: xhci - fix unsafe macro definitions
    - LP: #772560
  * USB: xhci - fix math in xhci_get_endpoint_interval()
    - LP: #772560
  * x86, cpu: Fix regression in AMD errata checking code
    - LP: #772560
  * Input: synaptics - fix crash in synaptics_module_init()
    - LP: #772560
  * ath9k: fix a chip wakeup related crash in ath9k_start
    - LP: #772560
  * ath: add missing regdomain pair 0x5c mapping
    - LP: #772560
  * block, blk-sysfs: Fix an err return path in blk_register_queue()
    - LP: #772560
  * p54: Initialize extra_len in p54_tx_80211
    - LP: #772560
  * x86, gart: Make sure GART does not map physmem above 1TB
    - LP: #772560
  * intel-iommu: Unlink domain from iommu
    - LP: #772560
  * intel-iommu: Fix get_domain_for_dev() error path
    - LP: #772560
  * drm/radeon/kms: fix bad shift in atom iio table parser
    - LP: #772560
  * NFS: nfs_wcc_update_inode() should set nfsi->attr_gencount
    - LP: #772560
  * serial/imx: read cts state only after acking cts change irq
    - LP: #772560
  * ASoC: Fix output PGA enabling in wm_hubs CODECs
    - LP: #772560
  * kconfig: Avoid buffer underrun in choice input
    - LP: #772560
  * UBIFS: fix master node recovery
    - LP: #772560
  * Remove extra struct page member from the buffer info structure
    - LP: #772560
  * dasd: correct device table
    - LP: #772560
  * iwlagn: Support new 5000 microcode.
    - LP: #772560
  * uvcvideo: Fix descriptor parsing for video output devices
    - LP: #772560
  * ALSA: hda - VIA: Add missing support for VT1718S in A-A path
    - LP: #772560
  * ALSA: hda - VIA: Fix stereo mixer recording no sound issue
    - LP: #772560
  * iwlwifi: fix skb usage after free
    - LP: #772560
  * intel-iommu: Fix use after release during device attach
    - LP: #772560
  * USB: Fix unplug of device with active streams
    - LP: #772560
  * USB: xhci - also free streams when resetting devices
    - LP: #772560
  * 2.6.35.y: Revert "SH: Add missing consts to sys_execve() declaration"
    - LP: #772560
  * 2.6.35.13 longterm review
    - LP: #772560
  * release-2.6.35.13
    - LP: #772560
  * xen: events: do not unmask event channels on resume
    - LP: #681083
  * ALSA: sound/pci/asihpi: check adapter index in hpi_ioctl, CVE-2011-1169
    - LP: #785331
    - CVE-2011-1169
  * mpt2sas: prevent heap overflows and unchecked reads, CVE-2011-1494
    - LP: #787145
    - CVE-2011-1494
  * can: add missing socket check in can/raw release, CVE-2011-1748
    - LP: #788694
    - CVE-2011-1748
  * agp: fix arbitrary kernel memory writes, CVE-1011-2022
    - LP: #788684
    - CVE-1011-2022

linux (2.6.35-29.51) maverick-proposed; urgency=low

[ Steve Conklin ]

* Release Tracking Bug
    - LP: #760928

[ Brad Figg ]

* [Config] Set CONFIG_NR_CPUS=256 for amd64 generic
    - LP: #737124

[ Kees Cook ]

* SAUCE: nx-emu: further clarify dmesg reporting
    - LP: #745181

[ Loïc Minier ]

* Include nls_cp437 module in virtual for fat
    - LP: #732046

[ Manoj Iyer ]

* SAUCE: thinkpad-acpi: module autoloading for newer Lenovo ThinkPads.
    - LP: #745217
  * SAUCE: (drop after 2.6.38) add support for Lenovo tablet ID (0xE6)
    - LP: #746652

[ Mel Gorman ]

* (pre-stable) mm: page allocator: adjust the per-cpu counter threshold
    when memory is low
    - LP: #719446

[ Tim Gardner ]

* [Config] updateconfigs after 2.6.35.12
    - LP: #747520
  * SAUCE: staging: hv: Fixed issue with scheduling while atomic in
    hv_vmbus
    - LP: #752064
  * SAUCE: Backport of mainline loss of network fix for Hyper-V
    - LP: #752064

[ Upstream Kernel Changes ]

* Revert "slab: Fix missing DEBUG_SLAB last user"
    - LP: #747520
  * PM / Hibernate: Improve comments in hibernate_preallocate_memory()
    - LP: #737208
  * PM / Hibernate: Make default image size depend on total RAM size
    - LP: #737208
  * irda: prevent integer underflow in IRLMP_ENUMDEVICES, CVE-2010-4529
    - LP: #737823
    - CVE-2010-4529
  * perf session: Invalidate last_match when removing threads from rb_tree
    - LP: #747520
  * Fix cred leak in AF_NETLINK
    - LP: #747520
  * staging: usbip: remove double giveback of URB
    - LP: #747520
  * USB: EHCI: ASPM quirk of ISOC on AMD SB800
    - LP: #747520
  * rt2x00: add device id for windy31 usb device
    - LP: #747520
  * ALSA: snd-usb-us122l: Fix missing NULL checks
    - LP: #747520
  * hwmon: (via686a) Initialize fan_div values
    - LP: #747520
  * USB: serial: handle Data Carrier Detect changes
    - LP: #747520
  * USB: CP210x Add two device IDs
    - LP: #747520
  * USB: CP210x Removed incorrect device ID
    - LP: #747520
  * USB: usb-storage: unusual_devs update for Cypress ATACB
    - LP: #747520
  * USB: usb-storage: unusual_devs update for TrekStor DataStation maxi g.u
    external hard drive enclosure
    - LP: #747520
  * USB: usb-storage: unusual_devs entry for CamSport Evo
    - LP: #747520
  * USB: usb-storage: unusual_devs entry for Coby MP3 player
    - LP: #747520
  * USB: serial: Updated support for ICOM devices
    - LP: #747520
  * USB: adding USB support for Cinterion's HC2x, EU3 and PH8 products
    - LP: #747520
  * USB: EHCI: ASPM quirk of ISOC on AMD Hudson
    - LP: #747520
  * USB: EHCI: fix DMA deallocation bug
    - LP: #747520
  * USB: g_printer: fix bug in module parameter definitions
    - LP: #747520
  * USB: io_edgeport: fix the reported firmware major and minor
    - LP: #747520
  * USB: ti_usb: fix module removal
    - LP: #747520
  * USB: Storage: Add unusual_devs entry for VTech Kidizoom
    - LP: #747520
  * USB: ftdi_sio: add ST Micro Connect Lite uart support
    - LP: #747520
  * USB: cdc-acm: Adding second ACM channel support for Nokia N8
    - LP: #747520
  * USB: ftdi_sio: Add VID=0x0647, PID=0x0100 for Acton Research
    spectrograph
    - LP: #747520
  * USB: prevent buggy hubs from crashing the USB stack
    - LP: #747520
  * staging: comedi: add support for newer jr3 1-channel pci board
    - LP: #747520
  * staging: comedi: ni_labpc: Use shared IRQ for PCMCIA card
    - LP: #747520
  * Staging: hv: fix sysfs symlink on hv block device
    - LP: #747520
  * staging: hv: Enable sending GARP packet after live migration
    - LP: #747520
  * iwlagn: enable only rfkill interrupt when device is down
    - LP: #747520
  * ath9k: Fix bug in delimiter padding computation
    - LP: #747520
  * fix medium error problems with some arrays which can cause data
    corruption
    - LP: #747520
  * libsas: fix runaway error handler problem
    - LP: #747520
  * mpt2sas: Fix device removal handshake for zoned devices
    - LP: #747520
  * mpt2sas: Correct resizing calculation for max_queue_depth
    - LP: #747520
  * mpt2sas: Kernel Panic during Large Topology discovery
    - LP: #747520
  * radio-aimslab.c: Fix gcc 4.5+ bug
    - LP: #747520
  * em28xx: Fix audio input for Terratec Grabby
    - LP: #747520
  * ALSA : au88x0 - Limit number of channels to fix Oops via OSS emu
    - LP: #747520
  * ALSA: HDA: Fix dmesg output of HDMI supported bits
    - LP: #747520
  * ALSA: hda - Fix memory leaks in conexant jack arrays
    - LP: #747520
  * input: bcm5974: Add support for MacBookAir3
    - LP: #747520
  * ALSA: hrtimer: handle delayed timer interrupts
    - LP: #747520
  * ASoC: WM8990: msleep() takes milliseconds not jiffies
    - LP: #747520
  * ASoC: Blackfin AC97: fix build error after multi-component update
    - LP: #747520
  * NFS: Fix "kernel BUG at fs/aio.c:554!"
    - LP: #747520
  * rtc-cmos: fix suspend/resume
    - LP: #747520
  * iwlagn: Re-enable RF_KILL interrupt when down
    - LP: #747520
  * rapidio: fix hang on RapidIO doorbell queue full condition
    - LP: #747520
  * PCI: pci-stub: ignore zero-length id parameters
    - LP: #747520
  * virtio: remove virtio-pci root device
    - LP: #747520
  * ds2760_battery: Fix calculation of time_to_empty_now
    - LP: #747520
  * p54: fix sequence no. accounting off-by-one error
    - LP: #747520
  * i2c: Unregister dummy devices last on adapter removal
    - LP: #747520
  * serial: unbreak billionton CF card
    - LP: #747520
  * ptrace: use safer wake up on ptrace_detach()
    - LP: #747520
  * x86, mtrr: Avoid MTRR reprogramming on BP during boot on UP platforms
    - LP: #747520
  * fix jiffy calculations in calibrate_delay_direct to handle overflow
    - LP: #747520
  * drivers: update to pl2303 usb-serial to support Motorola cables
    - LP: #747520
  * klist: Fix object alignment on 64-bit.
    - LP: #747520
  * powerpc: Fix some 6xx/7xxx CPU setup functions
    - LP: #747520
  * parisc : Remove broken line wrapping handling pdc_iodc_print()
    - LP: #747520
  * kernel/smp.c: fix smp_call_function_many() SMP race
    - LP: #747520
  * hostap_cs: fix sleeping function called from invalid context
    - LP: #747520
  * md: fix regression with re-adding devices to arrays with no metadata
    - LP: #747520
  * pata_mpc52xx: inherit from ata_bmdma_port_ops
    - LP: #747520
  * TPM: Long default timeout fix
    - LP: #747520
  * tpm_tis: Use timeouts returned from TPM
    - LP: #747520
  * SELinux: define permissions for DCB netlink messages
    - LP: #747520
  * SELinux: do not compute transition labels on mountpoint labeled
    filesystems
    - LP: #747520
  * ieee80211: correct IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK macro
    - LP: #747520
  * dm: dont take i_mutex to change device size
    - LP: #747520
  * dm mpath: disable blk_abort_queue
    - LP: #747520
  * drm/radeon/kms: add quirk for Mac Radeon HD 2600 card
    - LP: #747520
  * drm/radeon/kms: make the mac rv630 quirk generic
    - LP: #747520
  * drm/radeon/kms: add pll debugging output
    - LP: #747520
  * drm/radeon: remove 0x4243 pci id
    - LP: #747520
  * drm/radeon/kms: fix s/r issues with bios scratch regs
    - LP: #747520
  * drm/i915/lvds: Add AOpen i915GMm-HFS to the list of false-positive LVDS
    - LP: #747520
  * drm/i915: Add dependency on CONFIG_TMPFS
    - LP: #747520
  * x86, mm: avoid possible bogus tlb entries by clearing prev mm_cpumask
    after switching mm
    - LP: #747520
  * usb: Realloc xHCI structures after a hub is verified.
    - LP: #747520
  * sched: Move sched_avg_update() to update_cpu_load()
    - LP: #747520
  * sched: Increment cache_nice_tries only on periodic lb
    - LP: #747520
  * sched: Try not to migrate higher priority RT tasks
    - LP: #747520
  * sched: Give CPU bound RT tasks preference
    - LP: #747520
  * sched: suppress RCU lockdep splat in task_fork_fair
    - LP: #747520
  * sched: Do not consider SCHED_IDLE tasks to be cache hot
    - LP: #747520
  * sched: Set group_imb only a task can be pulled from the busiest cpu
    - LP: #747520
  * sched: Force balancing on newidle balance if local group has capacity
    - LP: #747520
  * sched: Drop group_capacity to 1 only if local group has extra capacity
    - LP: #747520
  * sched: Fix softirq time accounting
    - LP: #747520
  * sched: Consolidate account_system_vtime extern declaration
    - LP: #747520
  * sched: Remove unused PF_ALIGNWARN flag
    - LP: #747520
  * sched: Add a PF flag for ksoftirqd identification
    - LP: #747520
  * sched: Add IRQ_TIME_ACCOUNTING, finer accounting of irq time
    - LP: #747520
  * x86: Add IRQ_TIME_ACCOUNTING
    - LP: #747520
  * sched: Do not account irq time to current task
    - LP: #747520
  * sched: Remove irq time from available CPU power
    - LP: #747520
  * sched: Call tick_check_idle before __irq_enter
    - LP: #747520
  * sched: Export account_system_vtime()
    - LP: #747520
  * sched, cgroup: Fixup broken cgroup movement
    - LP: #747520
  * sched: Use group weight, idle cpu metrics to fix imbalances during idle
    - LP: #747520
  * kernel/user.c: add lock release annotation on free_user()
    - LP: #747520
  * NFSD: memory corruption due to writing beyond the stat array
    - LP: #747520
  * mptfusion: mptctl_release is required in mptctl.c
    - LP: #747520
  * mptfusion: Fix Incorrect return value in mptscsih_dev_reset
    - LP: #747520
  * ocfs2_connection_find() returns pointer to bad structure
    - LP: #747520
  * x86/pvclock: Zero last_value on resume
    - LP: #747520
  * av7110: check for negative array offset
    - LP: #747520
  * bonding/vlan: Avoid mangled NAs on slaves without VLAN tag insertion
    - LP: #747520
  * CRED: Fix kernel panic upon security_file_alloc() failure.
    - LP: #747520
  * CRED: Fix BUG() upon security_cred_alloc_blank() failure
    - LP: #747520
  * CRED: Fix memory and refcount leaks upon security_prepare_creds()
    failure
    - LP: #747520
  * isdn: hisax: Replace the bogus access to irq stats
    - LP: #747520
  * scsi_dh_alua: add netapp to dev list
    - LP: #747520
  * scsi_dh_alua: Add IBM Power Virtual SCSI ALUA device to dev list
    - LP: #747520
  * nfsd: correctly handle return value from nfsd_map_name_to_*
    - LP: #747520
  * s390: remove task_show_regs
    - LP: #747520
  * PM / Hibernate: Return error code when alloc_image_page() fails
    - LP: #747520
  * fs/partitions: Validate map_count in Mac partition tables
    - LP: #747520
  * ALSA: HDA: Add position_fix quirk for an Asus device
    - LP: #718402, #747520
  * ALSA: caiaq - Fix possible string-buffer overflow
    - LP: #747520
  * radio-aimslab.c needs #include <linux/delay.h>
    - LP: #747520
  * ARM: Ensure predictable endian state on signal handler entry
    - LP: #747520
  * acer-wmi: Fix capitalisation of GUID
    - LP: #747520
  * eCryptfs: Copy up lower inode attrs in getattr
    - LP: #747520
  * platform: x86: acer-wmi: world-writable sysfs threeg file
    - LP: #747520
  * platform: x86: asus_acpi: world-writable procfs files
    - LP: #747520
  * platform: x86: tc1100-wmi: world-writable sysfs wireless and jogdial
    files
    - LP: #747520
  * genirq: Disable the SHIRQ_DEBUG call in request_threaded_irq for now
    - LP: #747520
  * usb: musb: omap2430: fix kernel panic on reboot
    - LP: #747520
  * USB: add quirks entry for Keytouch QWERTY Panel
    - LP: #747520
  * USB: Add Samsung SGH-I500/Android modem ID switch to visor driver
    - LP: #747520
  * USB: Add quirk for Samsung Android phone modem
    - LP: #747520
  * p54pci: update receive dma buffers before and after processing
    - LP: #747520
  * sierra: add new ID for Airprime/Sierra USB IP modem
    - LP: #747520
  * staging: usbip: vhci: update reference count for usb_device
    - LP: #747520
  * staging: usbip: vhci: give back URBs from in-flight unlink requests
    - LP: #747520
  * staging: usbip: vhci: refuse to enqueue for dead connections
    - LP: #747520
  * staging: usbip: vhci: use urb->dev->portnum to find port
    - LP: #747520
  * epoll: prevent creating circular epoll structures
    - LP: #747520
  * ldm: corrupted partition table can cause kernel oops
    - LP: #747520
  * md: correctly handle probe of an 'mdp' device.
    - LP: #747520
  * x86 quirk: Fix polarity for IRQ0 pin2 override on SB800 systems
    - LP: #747520
  * xhci: Avoid BUG() in interrupt context
    - LP: #747520
  * xhci: Clarify some expressions in the TRB math
    - LP: #747520
  * xhci: Fix errors in the running total calculations in the TRB math
    - LP: #747520
  * xhci: Fix an error in count_sg_trbs_needed()
    - LP: #747520
  * x25: Do not reference freed memory.
    - LP: #747520
  * Ocfs2/refcounttree: Fix a bug for refcounttree to writeback clusters in
    a right number.
    - LP: #747520
  * drm: fix unsigned vs signed comparison issue in modeset ctl ioctl.
    - LP: #747520
  * mfd: Fix NULL pointer due to non-initialized ucb1x00-ts absinfo
    - LP: #747520
  * x86: Use u32 instead of long to set reset vector back to 0
    - LP: #747520
  * fuse: fix hang of single threaded fuseblk filesystem
    - LP: #747520
  * clockevents: Prevent oneshot mode when broadcast device is periodic
    - LP: #747520
  * ext2: Fix link count corruption under heavy link+rename load
    - LP: #747520
  * p54usb: add Senao NUB-350 usbid
    - LP: #747520
  * dccp: fix oops on Reset after close
    - LP: #747520
  * e1000e: disable broken PHY wakeup for ICH10 LOMs, use MAC wakeup
    instead
    - LP: #747520
  * r8169: disable ASPM
    - LP: #747520
  * usb: iowarrior: don't trust report_size for buffer size
    - LP: #747520
  * arp_notify: unconditionally send gratuitous ARP for
    NETDEV_NOTIFY_PEERS.
    - LP: #747520
  * CIFS: Fix oplock break handling (try #2)
    - LP: #747520
  * cpuset: add a missing unlock in cpuset_write_resmask()
    - LP: #747520
  * keyboard: integer underflow bug
    - LP: #747520
  * RxRPC: Fix v1 keys
    - LP: #747520
  * ixgbe: fix for 82599 erratum on Header Splitting
    - LP: #747520
  * mm: fix possible cause of a page_mapped BUG
    - LP: #747520
  * powerpc/kexec: Fix orphaned offline CPUs across kexec
    - LP: #747520
  * netfilter: nf_log: avoid oops in (un)bind with invalid nfproto values
    - LP: #747520
  * nfsd: wrong index used in inner loop
    - LP: #747520
  * r8169: use RxFIFO overflow workaround for 8168c chipset.
    - LP: #747520
  * net: don't allow CAP_NET_ADMIN to load non-netdev kernel modules
    - LP: #747520
  * ip6ip6-autoload-ip6-tunnel
    - LP: #747520
  * hwmon/f71882fg: Set platform drvdata to NULL later
    - LP: #747520
  * mtd: add "platform:" prefix for platform modalias
    - LP: #747520
  * libata: no special completion processing for EH commands
    - LP: #747520
  * MIPS: MTX-1: Make au1000_eth probe all PHY addresses
    - LP: #747520
  * x86/mm: Handle mm_fault_error() in kernel space
    - LP: #747520
  * ftrace: Fix memory leak with function graph and cpu hotplug
    - LP: #747520
  * x86: Fix panic when handling "mem={invalid}" param
    - LP: #553464, #747520
  * x86: Emit "mem=nopentium ignored" warning when not supported
    - LP: #553464, #747520
  * ahci: AHCI and RAID mode SATA patch for Intel Patsburg DeviceIDs
    - LP: #747520
  * ahci: AHCI mode SATA patch for Intel DH89xxCC DeviceIDs
    - LP: #747520
  * ahci: AHCI mode SATA patch for Intel Patsburg SATA RAID controller
    - LP: #747520
  * RDMA/cma: Fix crash in request handlers
    - LP: #747520
  * IB/cm: Bump reference count on cm_id before invoking callback
    - LP: #747520
  * x86, quirk: Fix SB600 revision check
    - LP: #747520
  * ath9k_hw: Fix incorrect macversion and macrev checks
    - LP: #747520
  * USB: serial/kobil_sct, fix potential tty NULL dereference
    - LP: #747520
  * USB: serial: ch341: add new id
    - LP: #747520
  * xhci: Fix cycle bit calculation during stall handling.
    - LP: #747520
  * ALSA: hda - fix digital mic selection in mixer on 92HD8X codecs
    - LP: #747520
  * PCI: add more checking to ICH region quirks
    - LP: #747520
  * PCI: do not create quirk I/O regions below PCIBIOS_MIN_IO for ICH
    - LP: #747520
  * PCI: sysfs: Fix failure path for addition of "vpd" attribute
    - LP: #747520
  * ALSA: ctxfi - Fix incorrect SPDIF status bit mask
    - LP: #747520
  * ALSA: ctxfi - Fix SPDIF status retrieval
    - LP: #747520
  * ALSA: ctxfi - Clear input settings before initialization
    - LP: #747520
  * SUNRPC: Ensure we always run the tk_callback before tk_action
    - LP: #747520
  * perf, powerpc: Handle events that raise an exception without
    overflowing
    - LP: #747520
  * ext3: Always set dx_node's fake_dirent explicitly.
    - LP: #747520
  * call_function_many: fix list delete vs add race
    - LP: #747520
  * call_function_many: add missing ordering
    - LP: #747520
  * x86: Flush TLB if PGD entry is changed in i386 PAE mode
    - LP: #747520
  * smp_call_function_many: handle concurrent clearing of mask
    - LP: #747520
  * fix per-cpu flag problem in the cpu affinity checkers
    - LP: #747520
  * i2c: Fix typo in instantiating-devices document
    - LP: #747520
  * mmc: sdio: remember new card RCA when redetecting card
    - LP: #747520
  * x86, binutils, xen: Fix another wrong size directive
    - LP: #747520
  * hwmon: (sht15) Fix integer overflow in humidity calculation
    - LP: #747520
  * aio: wake all waiters when destroying ctx
    - LP: #747520
  * shmem: let shared anonymous be nonlinear again
    - LP: #747520
  * PCI hotplug: acpiphp: set current_state to D0 in register_slot
    - LP: #747520
  * xen: set max_pfn_mapped to the last pfn mapped
    - LP: #747520
  * Prevent rt_sigqueueinfo and rt_tgsigqueueinfo from spoofing the signal
    code
    - LP: #747520
  * ext3: skip orphan cleanup on rocompat fs
    - LP: #747520
  * procfs: fix /proc/<pid>/maps heap check
    - LP: #747520
  * proc: protect mm start_code/end_code in /proc/pid/stat
    - LP: #747520
  * fbcon: Bugfix soft cursor detection in Tile Blitting
    - LP: #747520
  * nfsd41: modify the members value of nfsd4_op_flags
    - LP: #747520
  * uvcvideo: Fix uvc_fixup_video_ctrl() format search
    - LP: #747520
  * ehci-hcd: Bug fix: don't set a QH's Halt bit
    - LP: #747520
  * USB: uss720 fixup refcount position
    - LP: #747520
  * USB: cdc-acm: fix memory corruption / panic
    - LP: #747520
  * USB: cdc-acm: fix potential null-pointer dereference
    - LP: #747520
  * USB: cdc-acm: fix potential null-pointer dereference on disconnect
    - LP: #747520
  * Input: xen-kbdfront - advertise either absolute or relative coordinates
    - LP: #747520
  * SUNRPC: Never reuse the socket port after an xs_close()
    - LP: #747520
  * fs: call security_d_instantiate in d_obtain_alias V2
    - LP: #747520
  * dcdbas: force SMI to happen when expected
    - LP: #747520
  * ALSA: hda - Fix SPDIF out regression on ALC889
    - LP: #747520
  * ALSA: Fix yet another race in disconnection
    - LP: #747520
  * perf: Better fit max unprivileged mlock pages for tools needs
    - LP: #747520
  * myri10ge: fix rmmod crash
    - LP: #747520
  * cciss: fix lost command issue
    - LP: #747520
  * sound/oss/opl3: validate voice and channel indexes
    - LP: #747520
  * mac80211: initialize sta->last_rx in sta_info_alloc
    - LP: #747520
  * ses: show devices for enclosures with no page 7
    - LP: #747520
  * ses: Avoid kernel panic when lun 0 is not mapped
    - LP: #747520
  * eCryptfs: Unlock page in write_begin error path
    - LP: #747520
  * eCryptfs: ecryptfs_keyring_auth_tok_for_sig() bug fix
    - LP: #747520
  * classmate-laptop: depends on RFKILL or RFKILL=n
    - LP: #747520
  * netfilter: arpt_mangle: fix return values of checkentry
    - LP: #747520
  * Patch cab9e9848b9a8283b0504a2d7c435a9f5ba026de to the 2.6.35.y stable
    tree
    - LP: #747520
  * revert misc: uss720.c: add another vendor/product ID
    - LP: #747520
  * cfg80211: fix can_beacon_sec_chan, reenable HT40
    - LP: #747520
  * USB: isp1760: Implement solution for erratum 2
    - LP: #747520
  * xhci: Update internal dequeue pointers after stalls.
    - LP: #747520
  * perf: Fix tear-down of inherited group events
    - LP: #747520
  * net: Fix ip link add netns oops
    - LP: #747520
  * hwmon: (w83627ehf) Driver cleanup
    - LP: #747520
  * md: Fix - again - partition detection when array becomes active
    - LP: #747520
  * iwl3945: remove plcp check
    - LP: #747520
  * KVM: enlarge number of possible CPUID leaves
    - LP: #747520
  * KVM: i8259: initialize isr_ack
    - LP: #747520
  * KVM: VMX: Fix host userspace gsbase corruption
    - LP: #747520
  * Relax si_code check in rt_sigqueueinfo and rt_tgsigqueueinfo
    - LP: #747520
  * Release 2.6.35.12
    - LP: #747520
  * drm/radeon/kms: check AA resolve registers on r300, CVE-2011-1016
    - LP: #745686
    - CVE-2011-1016
  * drm/radeon: fix regression with AA resolve checking, CVE-2011-1016
    - LP: #745686
    - CVE-2011-1016
  * staging: hv: fix netvsc sleeping while atomic
    - LP: #752064
  * staging: hv: Fix the WARN_ON condition in free_net_device()
    - LP: #752064
  * Yama: fix default relationship to check thread group
    - LP: #737676

linux (2.6.35-28.50) maverick-proposed; urgency=low

[ Brad Figg ]

* Release Tracking Bug
    - LP: #734399

[ Corentin Chary ]

* SAUCE: (drop after 2.6.38) eeepc-wmi: reorder keymap
    - LP: #689393
  * SAUCE: (drop after 2.6.38) eeepc-wmi: add wlan key found on 1015P
    - LP: #689393

[ Keng-Yu Lin ]

* SAUCE: eeepc-wmi: set the touchpad toggle key code to F22
    - LP: #689393

[ Tim Gardner ]

* [Config] CONFIG_BOOT_PRINTK_DELAY=y
    - LP: #733191

[ Upstream Kernel Changes ]

* Revert "drm/radeon/bo: add some fallback placements for VRAM only
    objects."
    - LP: #652934
  * eeepc-wmi: add additional hotkeys
    - LP: #689393
  * xen: don't bother to stop other cpus on shutdown/reboot
    - LP: #727814
  * Yama: use thread group leader when creating match
    - LP: #729839
  * mmc: sdhci-pci: add ricoh e822 pci id with device specific quirks
    - LP: #730820

linux (2.6.35-28.49) maverick-proposed; urgency=low

[ Brad Figg ]

* Release Tracking Bug
    - LP: #726796

[ Colin Ian King ]

* SAUCE: Dell All-In-One: Remove need for Dell module alias

[ Manoj Iyer ]

* SAUCE: add ricoh 0xe823 pci id.
    - LP: #717435

[ Upstream Kernel Changes ]

* virtio_net: Add schedule check to napi_enable call
    - LP: #579276
  * mmc: make sdhci work with ricoh mmc controller
    - LP: #717435
  * NFS: fix the return value of nfs_file_fsync()
    - LP: #585657
  * rt2x00: Pad beacon to multiple of 32 bits.
    - LP: #659143
  * rt2x00: Fix firmware loading regression on x86_64.
    - LP: #659143
  * rt2x00: Check for errors from skb_pad() calls
    - LP: #659143
  * block: check for proper length of iov entries earlier in
    blk_rq_map_user_iov(), CVE-2010-4163
    - LP: #721504
    - CVE-2010-4163
  * tty: Make tiocgicount a handler, CVE-2010-4076, CVE-2010-4077
    - LP: #720189
    - CVE-2010-4077
    - CVE-2010-4076
  * rds: Integer overflow in RDS cmsg handling, CVE-2010-4175
    - LP: #721455
    - CVE-2010-4175

linux (2.6.35-27.48) maverick-proposed; urgency=low

[ Steve Conklin ]

* Release Tracking Bug
    - LP: #723335

[ Upstream Kernel Changes ]

* thinkpad-acpi: avoid keymap pitfall
    - LP: #722747

linux (2.6.35-27.47) maverick-proposed; urgency=low

[ Brad Figg ]

* Release Tracking Bug
    - LP: #716532

[ Upstream Kernel Changes ]

* Revert "USB: gadget: Allow function access to device ID data during
    bind()"
    - LP: #714732
  * net: fix rds_iovec page count overflow, CVE-2010-3865
    - LP: #709153
    - CVE-2010-3865
  * Input: fix typo in keycode validation supporting large scancodes
    - LP: #658198
  * net: ax25: fix information leak to userland, CVE-2010-3875
    - LP: #710714
    - CVE-2010-3875
  * net: ax25: fix information leak to userland harder, CVE-2010-3875
    - LP: #710714
    - CVE-2010-3875
  * net: packet: fix information leak to userland, CVE-2010-3876
    - LP: #710714
    - CVE-2010-3876
  * net: tipc: fix information leak to userland, CVE-2010-3877
    - LP: #711291
    - CVE-2010-3877
  * posix-cpu-timers: workaround to suppress the problems with mt exec,
    CVE-2010-4248
    - LP: #712609
    - CVE-2010-4248
  * sys_semctl: fix kernel stack leakage, CVE-2010-4083
    - LP: #712749
    - CVE-2010-4083
  * thinkpad-acpi: lock down size of hotkey keymap
    - LP: #712174
  * thinkpad-acpi: add support for model-specific keymaps
    - LP: #712174
  * thinkpad-acpi: Add KEY_CAMERA (Fn-F6) for Lenovo keyboards
    - LP: #712174
  * x86, hotplug: Use mwait to offline a processor, fix the legacy case
    - LP: #714732
  * fuse: verify ioctl retries
    - LP: #714732
  * fuse: fix ioctl when server is 32bit
    - LP: #714732
  * ALSA: hda: Use position_fix=1 for Acer Aspire 5538 to enable capture on
    internal mic
    - LP: #685161, #714732
  * ALSA: hda: Use model=lg quirk for LG P1 Express to enable playback and
    capture
    - LP: #595482, #714732
  * drm/radeon/kms: don't apply 7xx HDP flush workaround on AGP
    - LP: #714732
  * drm/kms: remove spaces from connector names (v2)
    - LP: #714732
  * drm/radeon/kms: fix vram base calculation on rs780/rs880
    - LP: #714732
  * nohz: Fix printk_needs_cpu() return value on offline cpus
    - LP: #714732
  * nohz: Fix get_next_timer_interrupt() vs cpu hotplug
    - LP: #714732
  * nfsd: Fix possible BUG_ON firing in set_change_info
    - LP: #714732
  * NFS: Fix fcntl F_GETLK not reporting some conflicts
    - LP: #714732
  * sunrpc: prevent use-after-free on clearing XPT_BUSY
    - LP: #714732
  * hwmon: (adm1026) Allow 1 as a valid divider value
    - LP: #714732
  * hwmon: (adm1026) Fix setting fan_div
    - LP: #714732
  * EDAC: Fix workqueue-related crashes
    - LP: #714732
  * amd64_edac: Fix interleaving check
    - LP: #714732
  * ASoC: Fix swap of left and right channels for WM8993/4 speaker boost
    gain
    - LP: #714732
  * ASoC: Fix off by one error in WM8994 EQ register bank size
    - LP: #714732
  * ASoC: WM8580: Fix R8 initial value
    - LP: #714732
  * ASoC: fix deemphasis control in wm8904/55/60 codecs
    - LP: #714732
  * bootmem: Add alloc_bootmem_align()
    - LP: #714732
  * x86, xsave: Use alloc_bootmem_align() instead of alloc_bootmem()
    - LP: #714732
  * IB/uverbs: Handle large number of entries in poll CQ
    - LP: #714732
  * PM / Hibernate: Fix PM_POST_* notification with user-space suspend
    - LP: #714732
  * ARM: 6535/1: V6 MPCore v6_dma_inv_range and v6_dma_flush_range RWFO fix
    - LP: #714732
  * qla2xxx: Correct issue where NPIV-config data was not being allocated
    for 82xx parts.
    - LP: #714732
  * qla2xxx: Populate Command Type 6 LUN field properly.
    - LP: #714732
  * llc: fix a device refcount imbalance
    - LP: #714732
  * ath9k: Disable SWBA interrupt on remove_interface
    - LP: #714732
  * ath9k: fix bug in tx power
    - LP: #714732
  * mac80211: Fix BUG in pskb_expand_head when transmitting shared skbs
    - LP: #714732
  * SPARC/LEON: removed constant timer initialization as if HZ=100, now it
    reflects the value of HZ
    - LP: #714732
  * sparc64: Delete prom_puts() unused.
    - LP: #714732
  * sparc: Remove prom_pathtoinode()
    - LP: #714732
  * sparc: Kill prom devops_{32,64}.c
    - LP: #714732
  * sparc64: Unexport prom_service_exists().
    - LP: #714732
  * sparc64: Delete prom_setcallback().
    - LP: #714732
  * sparc: Do not export prom_nb{get,put}char().
    - LP: #714732
  * sparc: Pass buffer pointer all the way down to prom_{get,put}char().
    - LP: #714732
  * sparc: Delete prom_*getchar().
    - LP: #714732
  * sparc: Write to prom console using indirect buffer.
    - LP: #714732
  * tcp: Don't change unlocked socket state in tcp_v4_err().
    - LP: #714732
  * tcp: Make TCP_MAXSEG minimum more correct.
    - LP: #714732
  * tcp: Bug fix in initialization of receive window.
    - LP: #714732
  * tcp: avoid a possible divide by zero
    - LP: #714732
  * tcp: protect sysctl_tcp_cookie_size reads
    - LP: #714732
  * 8139cp: fix checksum broken
    - LP: #714732
  * r8169: fix sleeping while holding spinlock.
    - LP: #714732
  * scm: Capture the full credentials of the scm sender.
    - LP: #714732
  * af_unix: Allow credentials to work across user and pid namespaces.
    - LP: #714732
  * user_ns: Introduce user_nsmap_uid and user_ns_map_gid.
    - LP: #714732
  * sock: Introduce cred_to_ucred
    - LP: #714732
  * net: Export cred_to_ucred to modules.
    - LP: #714732
  * af_unix: limit recursion level
    - LP: #714732
  * driver/net/benet: fix be_cmd_multicast_set() memcpy bug
    - LP: #714732
  * bonding: Fix slave selection bug.
    - LP: #714732
  * bridge: fix IPv6 queries for bridge multicast snooping
    - LP: #714732
  * cls_cgroup: Fix crash on module unload
    - LP: #714732
  * filter: fix sk_filter rcu handling
    - LP: #714732
  * econet: Do the correct cleanup after an unprivileged SIOCSIFADDR.
    - LP: #714732
  * econet: Fix crash in aun_incoming().
    - LP: #714732
  * ifb: goto resched directly if error happens and dp->tq isn't empty
    - LP: #714732
  * l2tp: Fix modalias of l2tp_ip
    - LP: #714732
  * x25: decrement netdev reference counts on unload
    - LP: #714732
  * tehuti: Firmware filename is tehuti/bdx.bin
    - LP: #714732
  * net/dst: dst_dev_event() called after other notifiers
    - LP: #714732
  * net: Fix header size check for GSO case in recvmsg (af_packet)
    - LP: #714732
  * ACPICA: Fix Scope() op in module level code
    - LP: #714732
  * nouveau: Acknowledge HPD irq in handler, not bottom half
    - LP: #714732
  * printk: Fix wake_up_klogd() vs cpu hotplug
    - LP: #714732
  * sched: Cure more NO_HZ load average woes
    - LP: #714732
  * ACPI: EC: Add another dmi match entry for MSI hardware
    - LP: #714732
  * PM / Runtime: Fix pm_runtime_suspended()
    - LP: #714732
  * inotify: stop kernel memory leak on file creation failure
    - LP: #714732
  * orinoco: fix TKIP countermeasure behaviour
    - LP: #714732
  * orinoco: clear countermeasure setting on commit
    - LP: #714732
  * x86, amd: Fix panic on AMD CPU family 0x15
    - LP: #714732
  * md: fix bug with re-adding of partially recovered device.
    - LP: #714732
  * md: protect against NULL reference when waiting to start a raid10.
    - LP: #714732
  * tracing: Fix panic when lseek() called on "trace" opened for writing
    - LP: #714732
  * x86, gcc-4.6: Use gcc -m options when building vdso
    - LP: #714732
  * x86: Enable the intr-remap fault handling after local APIC setup
    - LP: #714732
  * x86, vt-d: Handle previous faults after enabling fault handling
    - LP: #714732
  * x86, vt-d: Fix the vt-d fault handling irq migration in the x2apic mode
    - LP: #714732
  * x86, vt-d: Quirk for masking vtd spec errors to platform error handling
    logic
    - LP: #714732
  * rt2x00: Fix max TX power settings
    - LP: #714732
  * install_special_mapping skips security_file_mmap check.
    - LP: #714732
  * USB: misc: uss720.c: add another vendor/product ID
    - LP: #714732
  * USB: ftdi_sio: Add D.O.Tec PID
    - LP: #714732
  * USB: usb-storage: unusual_devs entry for the Samsung YP-CP3
    - LP: #714732
  * p54usb: add 5 more USBIDs
    - LP: #714732
  * p54usb: New USB ID for Gemtek WUBI-100GW
    - LP: #714732
  * n_gsm: Fix message length handling when building header
    - LP: #714732
  * n_gsm: gsm_data_alloc buffer allocation could fail and it is not being
    checked
    - LP: #714732
  * xhci: Fix issue with port array setup and buggy hosts.
    - LP: #714732
  * gpio: Fix null pointer dereference while accessing rdc321x
    platform_data
    - LP: #714732
  * cs5535-gpio: don't apply errata #36 to edge detect GPIOs
    - LP: #714732
  * cs5535-gpio: handle GPIO regs where higher (clear) bits are set
    - LP: #714732
  * mmc: at91_mci: fix multiblock SDIO transfers
    - LP: #714732
  * mmc: atmel-mci: fix multiblock SDIO transfers
    - LP: #714732
  * mmc: Fix re-probing with PM_POST_RESTORE notification
    - LP: #714732
  * fix freeing user_struct in user cache
    - LP: #714732
  * rtc: rs5c372: fix buffer size
    - LP: #714732
  * RAMOOPS: Don't overflow over non-allocated regions
    - LP: #714732
  * watchdog: Fix null pointer dereference while accessing rdc321x
    platform_data
    - LP: #714732
  * arch/x86/oprofile/op_model_amd.c: Perform initialisation on a single
    CPU
    - LP: #714732
  * mfd: Support additional parent IDs for wm831x
    - LP: #714732
  * mfd: Supply IRQ base for WM832x devices
    - LP: #714732
  * drm/radeon/kms/evergreen: reset the grbm blocks at resume and init
    - LP: #714732
  * drm/radeon/kms: fix evergreen asic reset
    - LP: #714732
  * drm/radeon/kms: reorder display resume to avoid problems
    - LP: #714732
  * drm/i915/dp: Fix I2C/EDID handling with active DisplayPort to DVI
    converter
    - LP: #714732
  * sound: Prevent buffer overflow in OSS load_mixer_volumes
    - LP: #714732
  * mv_xor: fix race in tasklet function
    - LP: #714732
  * ima: fix add LSM rule bug
    - LP: #714732
  * libata-sff: fix HSM_ST_ERR handling in __ata_sff_port_intr()
    - LP: #714732
  * mac80211: fix mesh forwarding
    - LP: #714732
  * ALSA: hda: Use LPIB quirk for Dell Inspiron m101z/1120
    - LP: #714732
  * Sched: fix skip_clock_update optimization
    - LP: #714732
  * block: Deprecate QUEUE_FLAG_CLUSTER and use queue_limits instead
    - LP: #714732
  * x86/microcode: Fix double vfree() and remove redundant pointer checks
    before vfree()
    - LP: #714732
  * gspca - sonixj: Set the flag for some devices
    - LP: #714732
  * gspca - sonixj: Add a flag in the driver_info table
    - LP: #714732
  * mac80211: fix hard lockup in sta_addba_resp_timer_expired
    - LP: #714732
  * mac80211: fix mesh forwarding when ratelimited too
    - LP: #714732
  * mac80211: fix initialization of skb->cb in ieee80211_subif_start_xmit
    - LP: #714732
  * Release 2.6.35.11
    - LP: #714732
  * inet_diag: Make sure we actually run the same bytecode we audited,
    CVE-2010-3880
    - LP: #711865
    - CVE-2010-3880

linux (2.6.35-26.46) maverick-proposed; urgency=low

[ Steve Conklin ]

* Tracking Bug
    - LP: #709352

[ Andy Whitcroft ]

* SAUCE: ensure root is ready before running usermodehelpers in it

[ Colin Ian King ]

* SAUCE: Add WMI hotkeys support for another Dell All-In-One series
    - LP: #701530
  * SAUCE: Dell WMI: Use sparse keymaps and tidy up code.
    - LP: #701530

[ Tim Gardner ]

* [Config] Set CONFIG_NR_CPUS=256 for amd64 server
    - LP: #706058

[ Upstream Kernel Changes ]

* Input: i8042 - introduce 'notimeout' blacklist for Dell Vostro V13
    - LP: #380126
  * ACPI / Sleep: Consolidate suspend and hibernation routines
    - LP: #703228
  * Quirk to fix suspend/resume on Lenovo Edge 11,13,14,15
    - LP: #702434
  * dell-laptop: Add another Dell laptop family to the DMI whitelist
    - LP: #693078
  * KVM: Fix fs/gs reload oops with invalid ldt, CVE-2010-3698
    - LP: #707000
    - CVE-2010-3698
  * V4L/DVB: ivtvfb: prevent reading uninitialized stack memory,
    CVE-2010-4079
    - LP: #707649
    - CVE-2010-4079
  * tpm: Autodetect itpm devices
    - LP: #705845
  * tpm: fix panic caused by "tpm: Autodetect itpm devices"
    - LP: #705845

linux (2.6.35-25.44) maverick-proposed; urgency=low

[ Upstream Kernel Changes ]

* Revert "drm/radeon/kms: properly compute group_size on 6xx/7xx"
    - LP: #703553
 -- Herton Ronaldo Krzesinski <herton.krzesinski@canonical.com>   Mon, 11 Jul 2011 15:17:32 -0300

Changed in linux-lts-backport-maverick (Ubuntu Lucid):
status:	New → Fix Released

Jamie Strandboge (jdstrand) on 2011-10-14

Changed in linux-lts-backport-maverick (Ubuntu Dapper):
status:	New → Won't Fix
Changed in linux-lts-backport-maverick (Ubuntu Karmic):
status:	New → Won't Fix
Changed in linux (Ubuntu Dapper):
status:	In Progress → Won't Fix

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2013-05-21:

#14

Thank you for reporting this bug to Ubuntu. maverick has reached EOL
(End of Life) and is no longer supported. As a result, this bug
against maverick is being marked "Won't Fix". Please see
https://wiki.ubuntu.com/Releases for currently supported Ubuntu
releases.

Please feel free to report any other bugs you may find.

Changed in linux-lts-backport-maverick (Ubuntu Maverick):
status:	New → Won't Fix

Jamie Strandboge (jdstrand) on 2013-05-21

Changed in linux-lts-backport-maverick (Ubuntu Hardy):
status:	New → Won't Fix

Ubuntu
linux-fsl-imx51 package

CVE-2010-4529

Bug Description

Related branches

CVE References

Other bug subscribers

Patches

	Status	Importance	Assigned to
linux (Ubuntu)	Invalid	Undecided	Unassigned
Dapper	Won't Fix	Low	Leann Ogasawara
Hardy	Fix Released	Low	Leann Ogasawara
Karmic	Won't Fix	Low	Leann Ogasawara
Lucid	Fix Released	Low	Leann Ogasawara
Maverick	Fix Released	Low	Leann Ogasawara
Natty	Invalid	Undecided	Unassigned
linux-fsl-imx51 (Ubuntu)	Invalid	Undecided	Unassigned
Dapper	Invalid	Undecided	Unassigned
Hardy	Invalid	Undecided	Unassigned
Karmic	Won't Fix	Undecided	Unassigned
Lucid	Fix Released	Undecided	Paolo Pisati
Maverick	Invalid	Undecided	Unassigned
Natty	Invalid	Undecided	Unassigned
linux-lts-backport-maverick (Ubuntu)	Invalid	Undecided	Unassigned
Dapper	Won't Fix	Undecided	Unassigned
Hardy	Won't Fix	Undecided	Unassigned
Karmic	Won't Fix	Undecided	Unassigned
Lucid	Fix Released	Undecided	Unassigned
Maverick	Won't Fix	Undecided	Unassigned
Natty	Invalid	Undecided	Unassigned
linux-mvl-dove (Ubuntu)	Invalid	Undecided	Unassigned
Dapper	Invalid	Undecided	Unassigned
Hardy	Invalid	Undecided	Unassigned
Karmic	Invalid	Undecided	Unassigned
Lucid	Fix Released	Undecided	Paolo Pisati
Maverick	Fix Released	Undecided	Paolo Pisati
Natty	Invalid	Undecided	Unassigned
linux-ti-omap4 (Ubuntu)	Invalid	Undecided	Unassigned
Dapper	Invalid	Undecided	Unassigned
Hardy	Invalid	Undecided	Unassigned
Karmic	Invalid	Undecided	Unassigned
Lucid	Invalid	Undecided	Unassigned
Maverick	Fix Released	Undecided	Paolo Pisati
Natty	Invalid	Undecided	Unassigned

Ubuntulinux-fsl-imx51 package

CVE-2010-4529

Bug Description

Related branches

CVE References

Other bug subscribers

Patches

Ubuntu
linux-fsl-imx51 package