[ubuntu/jaunty-security] linux 2.6.28-17.58 (Accepted)

Ubuntu Installer archive at ubuntu.com
Fri Dec 4 18:04:30 GMT 2009 

linux (2.6.28-17.58) jaunty-security; urgency=low

  [ Leann Ogasawara ]

  * [SCSI] megaraid_sas: remove sysfs poll_mode_io world writeable
    permissions
    - CVE-2009-3939

  [ Upstream Kernel Changes ]

  * net ax25: Fix signed comparison in the sockopt handler
    - CVE-2009-2909
  * x86: Don't leak 64-bit kernel register values to 32-bit processes
    - CVE-2009-2910
  * tc: Fix unitialized kernel memory leak
    - CVE-2009-3228
  * fs: pipe.c null pointer dereference
    - CVE-2009-3547
  * netlink: fix typo in initialization
    - CVE-2009-3612
  * r8169: use hardware auto-padding.
    - CVE-2009-3613
  * drm/r128: Add test for initialisation to all ioctls that require it
    - CVE-2009-3620
  * AF_UNIX: Fix deadlock on connecting to shutdown socket
    - CVE-2009-3621
  * KVM: Prevent overflow in KVM_GET_SUPPORTED_CPUID
    - CVE-2009-3638
  * KVM: VMX: Check cpl before emulating debug register access
    - CVE-2009-3722
  * connector: Keep the skb in cn_callback_data
    - CVE-2009-3725
  * connector: Provide the sender's credentials to the callback
    - CVE-2009-3725
  * connector: Fix incompatible pointer type warning
    - CVE-2009-3725
  * uvesafb/connector: Disallow unpliviged users to send netlink packets
    - CVE-2009-3725
  * NFSv4: Fix a problem whereby a buggy server can oops the kernel
    - CVE-2009-3726
  * isdn: hfc_usb: Fix read buffer overflow
    - CVE-2009-4005
  * gdth: Prevent negative offsets in ioctl CVE-2009-3080
    - CVE-2009-3080

Date: Tue, 24 Nov 2009 18:01:22 -0800
Changed-By: Leann Ogasawara <leann.ogasawara at canonical.com>
Maintainer: Ubuntu Kernel Team <kernel-team at lists.ubuntu.com>
https://launchpad.net/ubuntu/jaunty/+source/linux/2.6.28-17.58
-------------- next part --------------
Format: 1.8
Date: Tue, 24 Nov 2009 18:01:22 -0800
Source: linux
Binary: linux-source-2.6.28 linux-doc-2.6.28 linux-headers-2.6.28-17 linux-libc-dev linux-image-2.6.28-17-generic linux-headers-2.6.28-17-generic linux-image-debug-2.6.28-17-generic linux-image-2.6.28-17-imx51 linux-headers-2.6.28-17-imx51 linux-image-debug-2.6.28-17-imx51 linux-image-2.6.28-17-iop32x linux-headers-2.6.28-17-iop32x linux-image-debug-2.6.28-17-iop32x linux-image-2.6.28-17-ixp4xx linux-headers-2.6.28-17-ixp4xx linux-image-debug-2.6.28-17-ixp4xx linux-image-2.6.28-17-lpia linux-headers-2.6.28-17-lpia linux-image-debug-2.6.28-17-lpia linux-image-2.6.28-17-server linux-headers-2.6.28-17-server linux-image-debug-2.6.28-17-server linux-image-2.6.28-17-versatile linux-headers-2.6.28-17-versatile linux-image-debug-2.6.28-17-versatile linux-image-2.6.28-17-virtual kernel-image-2.6.28-17-generic-di nic-modules-2.6.28-17-generic-di nic-shared-modules-2.6.28-17-generic-di serial-modules-2.6.28-17-generic-di ppp-modules-2.6.28-17-generic-di firewire-core-modules-2.6.28-17-generic-di scsi-modules-2.6.28-17-generic-di plip-modules-2.6.28-17-generic-di floppy-modules-2.6.28-17-generic-di fat-modules-2.6.28-17-generic-di nfs-modules-2.6.28-17-generic-di md-modules-2.6.28-17-generic-di usb-modules-2.6.28-17-generic-di pcmcia-storage-modules-2.6.28-17-generic-di fb-modules-2.6.28-17-generic-di input-modules-2.6.28-17-generic-di mouse-modules-2.6.28-17-generic-di irda-modules-2.6.28-17-generic-di parport-modules-2.6.28-17-generic-di nic-pcmcia-modules-2.6.28-17-generic-di pcmcia-modules-2.6.28-17-generic-di nic-usb-modules-2.6.28-17-generic-di sata-modules-2.6.28-17-generic-di crypto-modules-2.6.28-17-generic-di fs-core-modules-2.6.28-17-generic-di fs-secondary-modules-2.6.28-17-generic-di pata-modules-2.6.28-17-generic-di storage-core-modules-2.6.28-17-generic-di block-modules-2.6.28-17-generic-di message-modules-2.6.28-17-generic-di virtio-modules-2.6.28-17-generic-di
Architecture: source
Version: 2.6.28-17.58
Distribution: jaunty-security
Urgency: low
Maintainer: Ubuntu Kernel Team <kernel-team at lists.ubuntu.com>
Changed-By: Leann Ogasawara <leann.ogasawara at canonical.com>
Description: 
 block-modules-2.6.28-17-generic-di - Block storage devices (udeb)
 crypto-modules-2.6.28-17-generic-di - crypto modules (udeb)
 fat-modules-2.6.28-17-generic-di - FAT filesystem support (udeb)
 fb-modules-2.6.28-17-generic-di - Framebuffer modules (udeb)
 firewire-core-modules-2.6.28-17-generic-di - Firewire (IEEE-1394) Support (udeb)
 floppy-modules-2.6.28-17-generic-di - Floppy driver support (udeb)
 fs-core-modules-2.6.28-17-generic-di - Base filesystem modules (udeb)
 fs-secondary-modules-2.6.28-17-generic-di - Extra filesystem modules (udeb)
 input-modules-2.6.28-17-generic-di - Support for various input methods (udeb)
 irda-modules-2.6.28-17-generic-di - Support for Infrared protocols (udeb)
 kernel-image-2.6.28-17-generic-di - Linux kernel binary image for the Debian installer (udeb)
 linux-doc-2.6.28 - Linux kernel specific documentation for version 2.6.28
 linux-headers-2.6.28-17 - Header files related to Linux kernel version 2.6.28
 linux-headers-2.6.28-17-generic - Linux kernel headers for version 2.6.28 on x86/x86_64
 linux-headers-2.6.28-17-imx51 - Linux kernel headers for version 2.6.28 on I.MX51-based systems
 linux-headers-2.6.28-17-iop32x - Linux kernel headers for version 2.6.28 on IOP32x-based systems
 linux-headers-2.6.28-17-ixp4xx - Linux kernel headers for version 2.6.28 on IXP4xx-based systems
 linux-headers-2.6.28-17-lpia - Linux kernel headers for version 2.6.28 on Intel Atom processors
 linux-headers-2.6.28-17-server - Linux kernel headers for version 2.6.28 on x86/x86_64
 linux-headers-2.6.28-17-versatile - Linux kernel headers for version 2.6.28 on Versatile-based system
 linux-image-2.6.28-17-generic - Linux kernel image for version 2.6.28 on x86/x86_64
 linux-image-2.6.28-17-imx51 - Linux kernel image for version 2.6.28 on I.MX51-based systems
 linux-image-2.6.28-17-iop32x - Linux kernel image for version 2.6.28 on IOP32x-based systems
 linux-image-2.6.28-17-ixp4xx - Linux kernel image for version 2.6.28 on IXP4xx-based systems
 linux-image-2.6.28-17-lpia - Linux kernel image for version 2.6.28 on Intel Atom processors
 linux-image-2.6.28-17-server - Linux kernel image for version 2.6.28 on x86/x86_64
 linux-image-2.6.28-17-versatile - Linux kernel image for version 2.6.28 on Versatile-based systems
 linux-image-2.6.28-17-virtual - Linux kernel image for version 2.6.28 on x86/x86_64
 linux-image-debug-2.6.28-17-generic - Linux kernel debug image for version 2.6.28 on x86/x86_64
 linux-image-debug-2.6.28-17-imx51 - Linux kernel debug image for version 2.6.28 on I.MX51-based syste
 linux-image-debug-2.6.28-17-iop32x - Linux kernel debug image for version 2.6.28 on IOP32x-based syste
 linux-image-debug-2.6.28-17-ixp4xx - Linux kernel debug image for version 2.6.28 on IXP4xx-based syste
 linux-image-debug-2.6.28-17-lpia - Linux kernel debug image for version 2.6.28 on Intel Atom process
 linux-image-debug-2.6.28-17-server - Linux kernel debug image for version 2.6.28 on x86/x86_64
 linux-image-debug-2.6.28-17-versatile - Linux kernel debug image for version 2.6.28 on Versatile-based sy
 linux-libc-dev - Linux Kernel Headers for development
 linux-source-2.6.28 - Linux kernel source for version 2.6.28 with Ubuntu patches
 md-modules-2.6.28-17-generic-di - Multi-device support (raid, device-mapper, lvm) (udeb)
 message-modules-2.6.28-17-generic-di - Fusion and i2o storage modules (udeb)
 mouse-modules-2.6.28-17-generic-di - Mouse support (udeb)
 nfs-modules-2.6.28-17-generic-di - NFS filesystem drivers (udeb)
 nic-modules-2.6.28-17-generic-di - Network interface support (udeb)
 nic-pcmcia-modules-2.6.28-17-generic-di - PCMCIA network interface support (udeb)
 nic-shared-modules-2.6.28-17-generic-di - Shared NIC drivers (udeb)
 nic-usb-modules-2.6.28-17-generic-di - USB network interface support (udeb)
 parport-modules-2.6.28-17-generic-di - Parallel port support (udeb)
 pata-modules-2.6.28-17-generic-di - PATA support modules (udeb)
 pcmcia-modules-2.6.28-17-generic-di - PCMCIA Modules (udeb)
 pcmcia-storage-modules-2.6.28-17-generic-di - PCMCIA storage support (udeb)
 plip-modules-2.6.28-17-generic-di - PLIP (parallel port) networking support (udeb)
 ppp-modules-2.6.28-17-generic-di - PPP (serial port) networking support (udeb)
 sata-modules-2.6.28-17-generic-di - SATA storage support (udeb)
 scsi-modules-2.6.28-17-generic-di - SCSI storage support (udeb)
 serial-modules-2.6.28-17-generic-di - Serial port support (udeb)
 storage-core-modules-2.6.28-17-generic-di - Core storage support (udeb)
 usb-modules-2.6.28-17-generic-di - Core USB support (udeb)
 virtio-modules-2.6.28-17-generic-di - VirtIO Modules (udeb)
Changes: 
 linux (2.6.28-17.58) jaunty-security; urgency=low
 .
   [ Leann Ogasawara ]
 .
   * [SCSI] megaraid_sas: remove sysfs poll_mode_io world writeable
     permissions
     - CVE-2009-3939
 .
   [ Upstream Kernel Changes ]
 .
   * net ax25: Fix signed comparison in the sockopt handler
     - CVE-2009-2909
   * x86: Don't leak 64-bit kernel register values to 32-bit processes
     - CVE-2009-2910
   * tc: Fix unitialized kernel memory leak
     - CVE-2009-3228
   * fs: pipe.c null pointer dereference
     - CVE-2009-3547
   * netlink: fix typo in initialization
     - CVE-2009-3612
   * r8169: use hardware auto-padding.
     - CVE-2009-3613
   * drm/r128: Add test for initialisation to all ioctls that require it
     - CVE-2009-3620
   * AF_UNIX: Fix deadlock on connecting to shutdown socket
     - CVE-2009-3621
   * KVM: Prevent overflow in KVM_GET_SUPPORTED_CPUID
     - CVE-2009-3638
   * KVM: VMX: Check cpl before emulating debug register access
     - CVE-2009-3722
   * connector: Keep the skb in cn_callback_data
     - CVE-2009-3725
   * connector: Provide the sender's credentials to the callback
     - CVE-2009-3725
   * connector: Fix incompatible pointer type warning
     - CVE-2009-3725
   * uvesafb/connector: Disallow unpliviged users to send netlink packets
     - CVE-2009-3725
   * NFSv4: Fix a problem whereby a buggy server can oops the kernel
     - CVE-2009-3726
   * isdn: hfc_usb: Fix read buffer overflow
     - CVE-2009-4005
   * gdth: Prevent negative offsets in ioctl CVE-2009-3080
     - CVE-2009-3080
Checksums-Sha1: 
 79fea6fe0520ce11e786d29ca20c61f292d31746 3174 linux_2.6.28-17.58.dsc
 b3f32e12cb681c3bd77bd509ee88c825c9b96b22 7376644 linux_2.6.28-17.58.diff.gz
Checksums-Sha256: 
 d21a79239f3213b2ea5f98d6c6c834c8c1503abf1194278dc2a48cc3b439a4e8 3174 linux_2.6.28-17.58.dsc
 0496cd570e8f3b5088156905eb6bc3369536e5ae47e4dc68ccb4736bb9e8dd4b 7376644 linux_2.6.28-17.58.diff.gz
Files: 
 4b030df27e676e4b6b514555386c7ab0 3174 devel optional linux_2.6.28-17.58.dsc
 d89b3951dcdbb3b03a9b170a323b1ffb 7376644 devel optional linux_2.6.28-17.58.diff.gz

More information about the Jaunty-changes mailing list