This bug was fixed in the package linux-lts-backport-maverick - 2.6.35-31.62~lucid1
--------------- linux-lts-backport-maverick (2.6.35-31.62~lucid1) lucid-proposed; urgency=low
[Herton R. Krzesinski]
* Release Tracking Bug - LP: #888571
[ Upstream Kernel Changes ]
* ipv6: restore correct ECN handling on TCP xmit - LP: #872179 * nl80211: fix overflow in ssid_len - CVE-2011-2517 - LP: #869245 - CVE-2011-2517 * vm: fix vm_pgoff wrap in stack expansion - CVE-2011-2496 - LP: #869243 - CVE-2011-2496 * vm: fix vm_pgoff wrap in upward expansion - CVE-2011-2496 - LP: #869243 - CVE-2011-2496 * ksm: fix NULL pointer dereference in scan_get_next_rmap_item() - CVE-2011-2183 - LP: #869227 - CVE-2011-2183 * NLM: Don't hang forever on NLM unlock requests - CVE-2011-2491 - LP: #869237 - CVE-2011-2491 * cifs: clean up cifs_find_smb_ses (try #2), CVE-2011-1585 - LP: #869208 - CVE-2011-1585 * cifs: fix NULL pointer dereference in cifs_find_smb_ses, CVE-2011-1585 - LP: #869208 - CVE-2011-1585 * cifs: check for NULL session password, CVE-2011-1585 - LP: #869208 - CVE-2011-1585
linux (2.6.35-30.61) maverick-proposed; urgency=low
* Release Tracking Bug - LP: #871912
[ Stefan Bader ]
* [Config] Include all filesystem modules for virtual - LP: #761809
* crypto: Move md5_transform to lib/md5.c, CVE-2011-3188 - LP: #834129 - CVE-2011-3188 * net: Compute protocol sequence numbers and fragment IDs using MD5, CVE-2011-3188 - LP: #834129 - CVE-2011-3188 * ext4: Fix max file size and logical block counting of extent format file, CVE-2011-2695 - LP: #819574 - CVE-2011-2695 * cifs: add fallback in is_path_accessible for old servers, CVE-2011-3363 - LP: #866034 - CVE-2011-3363 * Make TASKSTATS require root access, CVE-2011-2494 - LP: #866021 - CVE-2011-2494 * proc: restrict access to /proc/PID/io, CVE-2011-2495 - LP: #866025 - CVE-2011-2495 * proc: fix a race in do_io_accounting(), CVE-2011-2495 - LP: #866025 - CVE-2011-2495 * inotify: fix double free/corruption of stuct user - LP: #869203 - CVE-2011-1479 * staging: comedi: fix infoleak to userspace, CVE-2011-2909 - LP: #869261 - CVE-2011-2909 * perf tools: do not look at ./config for configuration, CVE-2011-2905 - LP: #869259 - CVE-2011-2905 -- Herton Ronaldo Krzesinski <email address hidden> Thu, 10 Nov 2011 15:25:11 -0200
This bug was fixed in the package linux-lts- backport- maverick - 2.6.35-31.62~lucid1
--------------- backport- maverick (2.6.35- 31.62~lucid1) lucid-proposed; urgency=low
linux-lts-
[Herton R. Krzesinski]
* Release Tracking Bug
- LP: #888571
[ Upstream Kernel Changes ]
* ipv6: restore correct ECN handling on TCP xmit next_rmap_ item() -
- LP: #872179
* nl80211: fix overflow in ssid_len - CVE-2011-2517
- LP: #869245
- CVE-2011-2517
* vm: fix vm_pgoff wrap in stack expansion - CVE-2011-2496
- LP: #869243
- CVE-2011-2496
* vm: fix vm_pgoff wrap in upward expansion - CVE-2011-2496
- LP: #869243
- CVE-2011-2496
* ksm: fix NULL pointer dereference in scan_get_
CVE-2011-2183
- LP: #869227
- CVE-2011-2183
* NLM: Don't hang forever on NLM unlock requests - CVE-2011-2491
- LP: #869237
- CVE-2011-2491
* cifs: clean up cifs_find_smb_ses (try #2), CVE-2011-1585
- LP: #869208
- CVE-2011-1585
* cifs: fix NULL pointer dereference in cifs_find_smb_ses, CVE-2011-1585
- LP: #869208
- CVE-2011-1585
* cifs: check for NULL session password, CVE-2011-1585
- LP: #869208
- CVE-2011-1585
linux (2.6.35-30.61) maverick-proposed; urgency=low
[Herton R. Krzesinski]
* Release Tracking Bug
- LP: #871912
[ Stefan Bader ]
* [Config] Include all filesystem modules for virtual
- LP: #761809
[ Upstream Kernel Changes ]
* crypto: Move md5_transform to lib/md5.c, CVE-2011-3188
- LP: #834129
- CVE-2011-3188
* net: Compute protocol sequence numbers and fragment IDs using MD5,
CVE-2011-3188
- LP: #834129
- CVE-2011-3188
* ext4: Fix max file size and logical block counting of extent format
file, CVE-2011-2695
- LP: #819574
- CVE-2011-2695
* cifs: add fallback in is_path_accessible for old servers, CVE-2011-3363
- LP: #866034
- CVE-2011-3363
* Make TASKSTATS require root access, CVE-2011-2494
- LP: #866021
- CVE-2011-2494
* proc: restrict access to /proc/PID/io, CVE-2011-2495
- LP: #866025
- CVE-2011-2495
* proc: fix a race in do_io_accounting(), CVE-2011-2495
- LP: #866025
- CVE-2011-2495
* inotify: fix double free/corruption of stuct user
- LP: #869203
- CVE-2011-1479
* staging: comedi: fix infoleak to userspace, CVE-2011-2909
- LP: #869261
- CVE-2011-2909
* perf tools: do not look at ./config for configuration, CVE-2011-2905
- LP: #869259
- CVE-2011-2905
-- Herton Ronaldo Krzesinski <email address hidden> Thu, 10 Nov 2011 15:25:11 -0200