Ubuntu
linux package

Comment 5 for bug 646114

Revision history for this message

Launchpad Janitor (janitor) wrote on 2010-10-19:

This bug was fixed in the package linux - 2.6.28-19.66

---------------
linux (2.6.28-19.66) jaunty-security; urgency=low

[ Stefan Bader ]

  * Revert "SAUCE: (no-up) Modularize vesafb -- fix initialization"
  * mm: Use helper to find real vma with stack guard page
    - LP: #646114
  * mm: Do not assume ENOMEM when looking at a split stack vma
    - LP: #646114

[ Upstream Kernel Changes ]

  * x86-64, compat: Test %rax for the syscall number, not %eax
    - CVE-2010-3301
  * x86-64, compat: Retruncate rax after ia32 syscall entry tracing
    - CVE-2010-3301
  * compat: Make compat_alloc_user_space() incorporate the access_ok()
    - CVE-2010-3081
  * Fix race in tty_fasync() properly
    - CVE-2009-4895
  * xfs: prevent swapext from operating on write-only files
    - CVE-2010-2226
  * cifs: Fix a kernel BUG with remote OS/2 server (try #3)
    - CVE-2010-2248
  * nfsd4: bug in read_buf
    - CVE-2010-2521
  * GFS2: rename causes kernel Oops
    - CVE-2010-2798
  * net sched: fix some kernel memory leaks
    - CVE-2010-2942
  * jfs: don't allow os2 xattr namespace overlap with others
    - CVE-2010-2946
  * irda: Correctly clean up self->ias_obj on irda_bind() failure.
    - CVE-2010-2954
  * wireless extensions: fix kernel heap content leak
    - CVE-2010-2955
  * ext4: consolidate in_range() definitions
    - CVE-2010-3015
  * aio: check for multiplication overflow in do_io_submit
    - CVE-2010-3067
  * xfs: prevent reading uninitialized stack memory
    - CVE-2010-3078
  * ALSA: seq/oss - Fix double-free at error path of snd_seq_oss_open()
    - CVE-2010-3080
  * rose: Fix signedness issues wrt. digi count.
    - CVE-2010-3310
  * sctp: Do not reset the packet during sctp_packet_config().
    - CVE-2010-3432
  * Fix pktcdvd ioctl dev_minor range check
    - CVE-2010-3437
  * ALSA: prevent heap corruption in snd_ctl_new()
    - CVE-2010-3442
  * net sched: fix kernel leak in act_police
    - CVE-2010-3477
  * Fix out-of-bounds reading in sctp_asoc_get_hmac()
    - CVE-2010-3705
  * v4l: disable dangerous buggy compat function
-- Steve Conklin <email address hidden> Fri, 15 Oct 2010 16:26:53 -0500

This bug was fixed in the package linux - 2.6.28-19.66

---------------
linux (2.6.28-19.66) jaunty-security; urgency=low

[ Stefan Bader ]

[ Upstream Kernel Changes ]

* x86-64, compat: Test %rax for the syscall number, not %eax
    - CVE-2010-3301
  * x86-64, compat: Retruncate rax after ia32 syscall entry tracing
    - CVE-2010-3301
  * compat: Make compat_alloc_user_space() incorporate the access_ok()
    - CVE-2010-3081
  * Fix race in tty_fasync() properly
    - CVE-2009-4895
  * xfs: prevent swapext from operating on write-only files
    - CVE-2010-2226
  * cifs: Fix a kernel BUG with remote OS/2 server (try #3)
    - CVE-2010-2248
  * nfsd4: bug in read_buf
    - CVE-2010-2521
  * GFS2: rename causes kernel Oops
    - CVE-2010-2798
  * net sched: fix some kernel memory leaks
    - CVE-2010-2942
  * jfs: don't allow os2 xattr namespace overlap with others
    - CVE-2010-2946
  * irda: Correctly clean up self->ias_obj on irda_bind() failure.
    - CVE-2010-2954
  * wireless extensions: fix kernel heap content leak
    - CVE-2010-2955
  * ext4: consolidate in_range() definitions
    - CVE-2010-3015
  * aio: check for multiplication overflow in do_io_submit
    - CVE-2010-3067
  * xfs: prevent reading uninitialized stack memory
    - CVE-2010-3078
  * ALSA: seq/oss - Fix double-free at error path of snd_seq_oss_open()
    - CVE-2010-3080
  * rose: Fix signedness issues wrt. digi count.
    - CVE-2010-3310
  * sctp: Do not reset the packet during sctp_packet_config().
    - CVE-2010-3432
  * Fix pktcdvd ioctl dev_minor range check
    - CVE-2010-3437
  * ALSA: prevent heap corruption in snd_ctl_new()
    - CVE-2010-3442
  * net sched: fix kernel leak in act_police
    - CVE-2010-3477
  * Fix out-of-bounds reading in sctp_asoc_get_hmac()
    - CVE-2010-3705
  * v4l: disable dangerous buggy compat function
 -- Steve Conklin <sconklin@canonical.com>   Fri, 15 Oct 2010 16:26:53 -0500

Ubuntulinux package

Comment 5 for bug 646114

Ubuntu
linux package