[ubuntu/karmic-security] linux-ec2 (delayed), linux-ec2 2.6.31-307.21 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Tue Oct 19 19:07:11 BST 2010
linux-ec2 (2.6.31-307.21) karmic-security; urgency=low
[ John Johansen ]
* Rebased to 2.6.31-22.67
[ Ubuntu: 2.6.31-22.67 ]
* Local privilege escalation vulnerability in RDS sockets
- CVE-2010-3904
* v4l: disable dangerous buggy compat function
- CVE-2010-2963
* mm: Do not assume ENOMEM when looking at a split stack vma
- LP: #646114
* mm: Use helper to find real vma with stack guard page
- LP: #646114
* Fix race in tty_fasync() properly
- CVE-2009-4895
* ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files
- CVE-2010-2066
* xfs: prevent swapext from operating on write-only files
- CVE-2010-2226
* cifs: Fix a kernel BUG with remote OS/2 server (try #3)
- CVE-2010-2248
* ethtool: Fix potential user buffer overflow for ETHTOOL_{G, S}RXFH
- CVE-2010-2478
* l2tp: Fix oops in pppol2tp_xmit
- CVE-2010-2495
* nfsd4: bug in read_buf
- CVE-2010-2521
* CIFS: Fix a malicious redirect problem in the DNS lookup code
- CVE-2010-2524
* GFS2: rename causes kernel Oops
- CVE-2010-2798
* net sched: fix some kernel memory leaks
- CVE-2010-2942
* jfs: don't allow os2 xattr namespace overlap with others
- CVE-2010-2946
* irda: Correctly clean up self->ias_obj on irda_bind() failure.
- CVE-2010-2954
* wireless extensions: fix kernel heap content leak
- CVE-2010-2955
* ext4: consolidate in_range() definitions
- CVE-2010-3015
* aio: check for multiplication overflow in do_io_submit
- CVE-2010-3067
* xfs: prevent reading uninitialized stack memory
- CVE-2010-3078
* ALSA: seq/oss - Fix double-free at error path of snd_seq_oss_open()
- CVE-2010-3080
* niu: Fix kernel buffer overflow for ETHTOOL_GRXCLSRLALL
- CVE-2010-3084
* rose: Fix signedness issues wrt. digi count.
- CVE-2010-3310
* sctp: Do not reset the packet during sctp_packet_config().
- CVE-2010-3432
* Fix pktcdvd ioctl dev_minor range check
- CVE-2010-3437
* ALSA: prevent heap corruption in snd_ctl_new()
- CVE-2010-3442
* net sched: fix kernel leak in act_police
- CVE-2010-3477
* Fix out-of-bounds reading in sctp_asoc_get_hmac()
- CVE-2010-3705
* ocfs2: Don't walk off the end of fast symlinks.
- CVE-2010-NNN2
linux-ec2 (2.6.31-307.20) karmic-proposed; urgency=low
[ Stefan Bader ]
* Rebased to 2.6.31-22.66
[ Ubuntu: 2.6.31-22.66 ]
* SAUCE: (no-up) Modularize vesafb -- fix initialization
- LP: #611471
* SAUCE: sched: update load count only once per cpu in 10 tick update
window
- LP: #513848
* (pre-stable) x86-32, resume: do a global tlb flush in S4 resume
- LP: #531309
* PCI: Ensure we re-enable devices on resume
- LP: #566149
[ Ubuntu: 2.6.31-22.65 ]
* x86-64, compat: Test %rax for the syscall number, not %eax
- CVE-2010-3301
* x86-64, compat: Retruncate rax after ia32 syscall entry tracing
- CVE-2010-3301
* compat: Make compat_alloc_user_space() incorporate the access_ok()
- CVE-2010-3081
Date: Sun, 17 Oct 2010 17:39:55 -0700
Changed-By: John Johansen <john.johansen at canonical.com>
Maintainer: Ubuntu Kernel Team <kernel-team at lists.ubuntu.com>
https://launchpad.net/ubuntu/karmic/+source/linux-ec2/2.6.31-307.21
-------------- next part --------------
Format: 1.8
Date: Sun, 17 Oct 2010 17:39:55 -0700
Source: linux-ec2
Binary: linux-ec2-source-2.6.31 linux-ec2-doc linux-headers-2.6.31-307 linux-image-2.6.31-307-ec2 linux-headers-2.6.31-307-ec2 linux-image-debug-2.6.31-307-ec2 kernel-image-2.6.31-307-generic-di nic-modules-2.6.31-307-generic-di nic-shared-modules-2.6.31-307-generic-di serial-modules-2.6.31-307-generic-di ppp-modules-2.6.31-307-generic-di firewire-core-modules-2.6.31-307-generic-di scsi-modules-2.6.31-307-generic-di plip-modules-2.6.31-307-generic-di floppy-modules-2.6.31-307-generic-di fat-modules-2.6.31-307-generic-di nfs-modules-2.6.31-307-generic-di md-modules-2.6.31-307-generic-di usb-modules-2.6.31-307-generic-di pcmcia-storage-modules-2.6.31-307-generic-di fb-modules-2.6.31-307-generic-di input-modules-2.6.31-307-generic-di mouse-modules-2.6.31-307-generic-di irda-modules-2.6.31-307-generic-di parport-modules-2.6.31-307-generic-di nic-pcmcia-modules-2.6.31-307-generic-di pcmcia-modules-2.6.31-307-generic-di nic-usb-modules-2.6.31-307-generic-di sata-modules-2.6.31-307-generic-di
crypto-modules-2.6.31-307-generic-di char-modules-2.6.31-307-generic-di fs-core-modules-2.6.31-307-generic-di fs-secondary-modules-2.6.31-307-generic-di pata-modules-2.6.31-307-generic-di storage-core-modules-2.6.31-307-generic-di block-modules-2.6.31-307-generic-di message-modules-2.6.31-307-generic-di virtio-modules-2.6.31-307-generic-di
Architecture: source
Version: 2.6.31-307.21
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu Kernel Team <kernel-team at lists.ubuntu.com>
Changed-By: John Johansen <john.johansen at canonical.com>
Description:
block-modules-2.6.31-307-generic-di - Block storage devices (udeb)
char-modules-2.6.31-307-generic-di - Character module support (udeb)
crypto-modules-2.6.31-307-generic-di - crypto modules (udeb)
fat-modules-2.6.31-307-generic-di - FAT filesystem support (udeb)
fb-modules-2.6.31-307-generic-di - Framebuffer modules (udeb)
firewire-core-modules-2.6.31-307-generic-di - Firewire (IEEE-1394) Support (udeb)
floppy-modules-2.6.31-307-generic-di - Floppy driver support (udeb)
fs-core-modules-2.6.31-307-generic-di - Base filesystem modules (udeb)
fs-secondary-modules-2.6.31-307-generic-di - Extra filesystem modules (udeb)
input-modules-2.6.31-307-generic-di - Support for various input methods (udeb)
irda-modules-2.6.31-307-generic-di - Support for Infrared protocols (udeb)
kernel-image-2.6.31-307-generic-di - Linux kernel binary image for the Debian installer (udeb)
linux-ec2-doc - Linux kernel specific documentation for version 2.6.31
linux-ec2-source-2.6.31 - Linux kernel source for version 2.6.31 with Ubuntu patches
linux-headers-2.6.31-307 - Header files related to Linux kernel version 2.6.31
linux-headers-2.6.31-307-ec2 - Linux kernel headers for version 2.6.31 on x86/x86_64
linux-image-2.6.31-307-ec2 - Linux kernel image for version 2.6.31 on x86/x86_64
linux-image-debug-2.6.31-307-ec2 - Linux kernel debug image for version 2.6.31 on x86/x86_64
md-modules-2.6.31-307-generic-di - Multi-device support (raid, device-mapper, lvm) (udeb)
message-modules-2.6.31-307-generic-di - Fusion and i2o storage modules (udeb)
mouse-modules-2.6.31-307-generic-di - Mouse support (udeb)
nfs-modules-2.6.31-307-generic-di - NFS filesystem drivers (udeb)
nic-modules-2.6.31-307-generic-di - Network interface support (udeb)
nic-pcmcia-modules-2.6.31-307-generic-di - PCMCIA network interface support (udeb)
nic-shared-modules-2.6.31-307-generic-di - nic shared modules (udeb)
nic-usb-modules-2.6.31-307-generic-di - USB network interface support (udeb)
parport-modules-2.6.31-307-generic-di - Parallel port support (udeb)
pata-modules-2.6.31-307-generic-di - PATA support modules (udeb)
pcmcia-modules-2.6.31-307-generic-di - PCMCIA Modules (udeb)
pcmcia-storage-modules-2.6.31-307-generic-di - PCMCIA storage support (udeb)
plip-modules-2.6.31-307-generic-di - PLIP (parallel port) networking support (udeb)
ppp-modules-2.6.31-307-generic-di - PPP (serial port) networking support (udeb)
sata-modules-2.6.31-307-generic-di - SATA storage support (udeb)
scsi-modules-2.6.31-307-generic-di - SCSI storage support (udeb)
serial-modules-2.6.31-307-generic-di - Serial port support (udeb)
storage-core-modules-2.6.31-307-generic-di - Core storage support (udeb)
usb-modules-2.6.31-307-generic-di - Core USB support (udeb)
virtio-modules-2.6.31-307-generic-di - VirtIO Modules (udeb)
Changes:
linux-ec2 (2.6.31-307.21) karmic-security; urgency=low
.
[ John Johansen ]
.
* Rebased to 2.6.31-22.67
.
[ Ubuntu: 2.6.31-22.67 ]
.
* Local privilege escalation vulnerability in RDS sockets
- CVE-2010-3904
* v4l: disable dangerous buggy compat function
- CVE-2010-2963
* mm: Do not assume ENOMEM when looking at a split stack vma
- LP: #646114
* mm: Use helper to find real vma with stack guard page
- LP: #646114
* Fix race in tty_fasync() properly
- CVE-2009-4895
* ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files
- CVE-2010-2066
* xfs: prevent swapext from operating on write-only files
- CVE-2010-2226
* cifs: Fix a kernel BUG with remote OS/2 server (try #3)
- CVE-2010-2248
* ethtool: Fix potential user buffer overflow for ETHTOOL_{G, S}RXFH
- CVE-2010-2478
* l2tp: Fix oops in pppol2tp_xmit
- CVE-2010-2495
* nfsd4: bug in read_buf
- CVE-2010-2521
* CIFS: Fix a malicious redirect problem in the DNS lookup code
- CVE-2010-2524
* GFS2: rename causes kernel Oops
- CVE-2010-2798
* net sched: fix some kernel memory leaks
- CVE-2010-2942
* jfs: don't allow os2 xattr namespace overlap with others
- CVE-2010-2946
* irda: Correctly clean up self->ias_obj on irda_bind() failure.
- CVE-2010-2954
* wireless extensions: fix kernel heap content leak
- CVE-2010-2955
* ext4: consolidate in_range() definitions
- CVE-2010-3015
* aio: check for multiplication overflow in do_io_submit
- CVE-2010-3067
* xfs: prevent reading uninitialized stack memory
- CVE-2010-3078
* ALSA: seq/oss - Fix double-free at error path of snd_seq_oss_open()
- CVE-2010-3080
* niu: Fix kernel buffer overflow for ETHTOOL_GRXCLSRLALL
- CVE-2010-3084
* rose: Fix signedness issues wrt. digi count.
- CVE-2010-3310
* sctp: Do not reset the packet during sctp_packet_config().
- CVE-2010-3432
* Fix pktcdvd ioctl dev_minor range check
- CVE-2010-3437
* ALSA: prevent heap corruption in snd_ctl_new()
- CVE-2010-3442
* net sched: fix kernel leak in act_police
- CVE-2010-3477
* Fix out-of-bounds reading in sctp_asoc_get_hmac()
- CVE-2010-3705
* ocfs2: Don't walk off the end of fast symlinks.
- CVE-2010-NNN2
.
linux-ec2 (2.6.31-307.20) karmic-proposed; urgency=low
.
[ Stefan Bader ]
.
* Rebased to 2.6.31-22.66
.
[ Ubuntu: 2.6.31-22.66 ]
.
* SAUCE: (no-up) Modularize vesafb -- fix initialization
- LP: #611471
* SAUCE: sched: update load count only once per cpu in 10 tick update
window
- LP: #513848
* (pre-stable) x86-32, resume: do a global tlb flush in S4 resume
- LP: #531309
* PCI: Ensure we re-enable devices on resume
- LP: #566149
.
[ Ubuntu: 2.6.31-22.65 ]
.
* x86-64, compat: Test %rax for the syscall number, not %eax
- CVE-2010-3301
* x86-64, compat: Retruncate rax after ia32 syscall entry tracing
- CVE-2010-3301
* compat: Make compat_alloc_user_space() incorporate the access_ok()
- CVE-2010-3081
Checksums-Sha1:
dd0baa2ac945aea388aa7879d444691b184cd97e 3346 linux-ec2_2.6.31-307.21.dsc
642ce409166104e9ce3b8b36a0b807326f411f60 9299794 linux-ec2_2.6.31-307.21.diff.gz
Checksums-Sha256:
7df44e577582b756971ae415a2b6a1ff355efbf8af68ecf6685491d6e294aff7 3346 linux-ec2_2.6.31-307.21.dsc
a338158ecab153127eff0e3f8ce7c8d194f6b2568ffe92bbb7daf31db8c08cf6 9299794 linux-ec2_2.6.31-307.21.diff.gz
Files:
1a1875470d51311def6aeaaffe950259 3346 devel optional linux-ec2_2.6.31-307.21.dsc
1f489361f6806eca15d52686fca1563e 9299794 devel optional linux-ec2_2.6.31-307.21.diff.gz
Launchpad-Bugs-Fixed: 513848 531309 566149 611471 646114 646114
More information about the Karmic-changes
mailing list