© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
9199653
demo site
(Get the code!)
This bug was fixed in the package linux - 2.6.24-28.86
---------------
linux (2.6.24-28.86) hardy-proposed; urgency=low
[ Brad Figg ]
* Release Tracking Bug
- LP: #716166
[Tim Gardner]
* xen unified block-device I/O interface back end can orphan devices,
CVE-2010-3699
- LP: #708019
- CVE-2010-3699
[Upstream Kernel Changes]
* Hardy SRU: thinkpad-acpi: lock down video output state access,
CVE-2010-3448
- LP: #706999
- CVE-2010-3448
* net: Limit socket I/O iovec total length to INT_MAX., CVE-2010-3859
- LP: #711855, #708839
- CVE-2010-4160
* net: Truncate recvfrom and sendto length to INT_MAX., CVE-2010-3859
- LP: #711855, #708839
- CVE-2010-4160
* net: ax25: fix information leak to userland, CVE-2010-3875
- LP: #710714
- CVE-2010-3875
* net: ax25: fix information leak to userland harder, CVE-2010-3875
- LP: #710714
- CVE-2010-3875
* memory corruption in X.25 facilities parsing, CVE-2010-3873
- LP: #709372
- CVE-2010-3873
* net: packet: fix information leak to userland, CVE-2010-3876
- LP: #710714
- CVE-2010-3876
* net: tipc: fix information leak to userland, CVE-2010-3877
- LP: #711291
- CVE-2010-3877
* KVM: VMX: fix vmx null pointer dereference on debug register access,
CVE-2010-0435
- LP: #712615
- CVE-2010-0435
* gdth: integer overflow in ioctl, CVE-2010-4157
- LP: #711797
- CVE-2010-4157
* posix-cpu-timers: workaround to suppress the problems with mt exec,
CVE-2010-4248
- LP: #712609
- CVE-2010-4248
* ALSA: sound/pci/rme9652: prevent reading uninitialized stack memory,
CVE-2010-4080, CVE-2010-4081
- LP: #712723, #712737
- CVE-2010-4081
* sys_semctl: fix kernel stack leakage, CVE-2010-4083
- LP: #712749
- CVE-2010-4083
* inet_diag: Make sure we actually run the same bytecode we audited,
CVE-2010-3880
- LP: #711865
- CVE-2010-3880
linux (2.6.24-28.85) hardy-proposed; urgency=low
[ Brad Figg ]
* Tracking Bug
- LP: #708315
[Upstream Kernel Changes]
* ata_piix: IDE mode SATA patch for Intel ICH10 DeviceID's
- LP: #693401
* USB: serial/mos*: prevent reading uninitialized stack memory,
CVE-2010-4074
- LP: #706149
- CVE-2010-4074
* KVM: Fix fs/gs reload oops with invalid ldt
- LP: #707000
- CVE-2010-3698
* drivers/
memory, CVE-2010-4078
- LP: #707579
- CVE-2010-4078
* V4L/DVB: ivtvfb: prevent reading uninitialized stack memory,
CVE-2010-4079
- LP: #707649
- CVE-2010-4079
linux (2.6.24-28.84) hardy-proposed; urgency=low
[ Steve Conklin ]
* Tracking Bug
- LP: #698185
linux (2.6.24-28.83) hardy-proposed; urgency=low
[ Steve Conklin ]
* tracking bug moved from here to latest entry
linux (2.6.24-28.82) hardy-proposed; urgency=low
[ Leann Ogasawara ]
* Revert "SAUCE: AF_ECONET saddr->cookie prevent NULL pointer
dereference"
* Revert "SAUCE: AF_ECONET SIOCSIFADDR ioctl does not check privileges"
* Revert "SAUCE: AF_ECONET prevent kernel stack overflow"
[Upstream Kernel Changes]
* xfs: validate untrusted inode numbers during lookup
- CVE-2010-2943
* xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED
- CVE-2010-2943
* xfs: remove block number from inode lookup code
- CVE-2010-2943
* xfs: fix untrusted inode number lookup
- CVE-2010-2943
* drivers/
memory
- CVE-2010-3296
* drivers/net/eql.c: prevent reading uninitialized stack memory
- CVE-2010-3297
* setup_arg_pages: diagnose excessive argument size
- CVE-2010-3858
* ipc: shm: fix information leak to userland
- CVE-2010-4072
* econet: disallow NULL remote addr for sendmsg(), fixes CVE-2010-3849
- CVE-2010-3849
* econet: fix CVE-2010-3850
- CVE-2010-3850
* econet: fix CVE-2010-3848
- CVE-2010-3848
-- Brad Figg <email address hidden> Wed, 09 Feb 2011 15:14:25 -0800