This bug was fixed in the package linux-keystone - 3.13.0-62.90
--------------- linux-keystone (3.13.0-62.90) trusty; urgency=low
[ Ike Panhc ]
* Release Tracking Bug - LP: #1596011 * Rebase to Ubuntu-3.13.0-91.138
[ Ubuntu: 3.13.0-91.138 ]
* Release Tracking Bug - LP: #1595991 * netfilter: x_tables: validate e->target_offset early - LP: #1555338 - CVE-2016-3134 * netfilter: x_tables: make sure e->next_offset covers remaining blob size - LP: #1555338 - CVE-2016-3134 * netfilter: x_tables: fix unconditional helper - LP: #1555338 - CVE-2016-3134 * netfilter: x_tables: don't move to non-existent next rule - LP: #1595350 * netfilter: x_tables: validate targets of jumps - LP: #1595350 * netfilter: x_tables: add and use xt_check_entry_offsets - LP: #1595350 * netfilter: x_tables: kill check_entry helper - LP: #1595350 * netfilter: x_tables: assert minimum target size - LP: #1595350 * netfilter: x_tables: add compat version of xt_check_entry_offsets - LP: #1595350 * netfilter: x_tables: check standard target size too - LP: #1595350 * netfilter: x_tables: check for bogus target offset - LP: #1595350 * netfilter: x_tables: validate all offsets and sizes in a rule - LP: #1595350 * netfilter: x_tables: don't reject valid target size on some architectures - LP: #1595350 * netfilter: arp_tables: simplify translate_compat_table args - LP: #1595350 * netfilter: ip_tables: simplify translate_compat_table args - LP: #1595350 * netfilter: ip6_tables: simplify translate_compat_table args - LP: #1595350 * netfilter: x_tables: xt_compat_match_from_user doesn't need a retval - LP: #1595350 * netfilter: x_tables: do compat validation via translate_table - LP: #1595350 * netfilter: x_tables: introduce and use xt_copy_counters_from_user - LP: #1595350
-- Ike Panhc <email address hidden> Mon, 27 Jun 2016 15:14:09 +0800
This bug was fixed in the package linux-keystone - 3.13.0-62.90
---------------
linux-keystone (3.13.0-62.90) trusty; urgency=low
[ Ike Panhc ]
* Release Tracking Bug 3.13.0- 91.138
- LP: #1596011
* Rebase to Ubuntu-
[ Ubuntu: 3.13.0-91.138 ]
* Release Tracking Bug entry_offsets entry_offsets compat_ table args compat_ table args compat_ table args match_from_ user doesn't need a retval counters_ from_user
- LP: #1595991
* netfilter: x_tables: validate e->target_offset early
- LP: #1555338
- CVE-2016-3134
* netfilter: x_tables: make sure e->next_offset covers remaining blob
size
- LP: #1555338
- CVE-2016-3134
* netfilter: x_tables: fix unconditional helper
- LP: #1555338
- CVE-2016-3134
* netfilter: x_tables: don't move to non-existent next rule
- LP: #1595350
* netfilter: x_tables: validate targets of jumps
- LP: #1595350
* netfilter: x_tables: add and use xt_check_
- LP: #1595350
* netfilter: x_tables: kill check_entry helper
- LP: #1595350
* netfilter: x_tables: assert minimum target size
- LP: #1595350
* netfilter: x_tables: add compat version of xt_check_
- LP: #1595350
* netfilter: x_tables: check standard target size too
- LP: #1595350
* netfilter: x_tables: check for bogus target offset
- LP: #1595350
* netfilter: x_tables: validate all offsets and sizes in a rule
- LP: #1595350
* netfilter: x_tables: don't reject valid target size on some
architectures
- LP: #1595350
* netfilter: arp_tables: simplify translate_
- LP: #1595350
* netfilter: ip_tables: simplify translate_
- LP: #1595350
* netfilter: ip6_tables: simplify translate_
- LP: #1595350
* netfilter: x_tables: xt_compat_
- LP: #1595350
* netfilter: x_tables: do compat validation via translate_table
- LP: #1595350
* netfilter: x_tables: introduce and use xt_copy_
- LP: #1595350
-- Ike Panhc <email address hidden> Mon, 27 Jun 2016 15:14:09 +0800