[ubuntu/karmic-security] linux (delayed), linux 2.6.31-22.67 (Accepted)

Ubuntu Installer archive at ubuntu.com
Tue Oct 19 19:07:37 BST 2010 

linux (2.6.31-22.67) karmic-security; urgency=low

  [ Upstream Kernel Changes ]

  * Local privilege escalation vulnerability in RDS sockets
    - CVE-2010-3904
  * v4l: disable dangerous buggy compat function
    - CVE-2010-2963
  * mm: Do not assume ENOMEM when looking at a split stack vma
    -  LP: #646114
  * mm: Use helper to find real vma with stack guard page
    -  LP: #646114
  * Fix race in tty_fasync() properly
    - CVE-2009-4895
  * ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files
    - CVE-2010-2066
  * xfs: prevent swapext from operating on write-only files
    - CVE-2010-2226
  * cifs: Fix a kernel BUG with remote OS/2 server (try #3)
    - CVE-2010-2248
  * ethtool: Fix potential user buffer overflow for ETHTOOL_{G, S}RXFH
    - CVE-2010-2478
  * l2tp: Fix oops in pppol2tp_xmit
    - CVE-2010-2495
  * nfsd4: bug in read_buf
    - CVE-2010-2521
  * CIFS: Fix a malicious redirect problem in the DNS lookup code
    - CVE-2010-2524
  * GFS2: rename causes kernel Oops
    - CVE-2010-2798
  * net sched: fix some kernel memory leaks
    - CVE-2010-2942
  * jfs: don't allow os2 xattr namespace overlap with others
    - CVE-2010-2946
  * irda: Correctly clean up self->ias_obj on irda_bind() failure.
    - CVE-2010-2954
  * wireless extensions: fix kernel heap content leak
    - CVE-2010-2955
  * ext4: consolidate in_range() definitions
    - CVE-2010-3015
  * aio: check for multiplication overflow in do_io_submit
    - CVE-2010-3067
  * xfs: prevent reading uninitialized stack memory
    - CVE-2010-3078
  * ALSA: seq/oss - Fix double-free at error path of snd_seq_oss_open()
    - CVE-2010-3080
  * niu: Fix kernel buffer overflow for ETHTOOL_GRXCLSRLALL
    - CVE-2010-3084
  * rose: Fix signedness issues wrt. digi count.
    - CVE-2010-3310
  * sctp: Do not reset the packet during sctp_packet_config().
    - CVE-2010-3432
  * Fix pktcdvd ioctl dev_minor range check
    - CVE-2010-3437
  * ALSA: prevent heap corruption in snd_ctl_new()
    - CVE-2010-3442
  * net sched: fix kernel leak in act_police
    - CVE-2010-3477
  * Fix out-of-bounds reading in sctp_asoc_get_hmac()
    - CVE-2010-3705
  * ocfs2: Don't walk off the end of fast symlinks.
    - CVE-2010-NNN2

Date: Wed, 06 Oct 2010 16:05:21 +0100
Changed-By: Steve Conklin <sconklin at canonical.com>
Maintainer: Ubuntu Kernel Team <kernel-team at lists.ubuntu.com>
https://launchpad.net/ubuntu/karmic/+source/linux/2.6.31-22.67
-------------- next part --------------
Format: 1.8
Date: Wed, 06 Oct 2010 16:05:21 +0100
Source: linux
Binary: linux-source-2.6.31 linux-doc linux-headers-2.6.31-22 linux-libc-dev linux-image-2.6.31-22-386 linux-headers-2.6.31-22-386 linux-image-debug-2.6.31-22-386 linux-image-2.6.31-22-generic linux-headers-2.6.31-22-generic linux-image-debug-2.6.31-22-generic linux-image-2.6.31-22-generic-pae linux-headers-2.6.31-22-generic-pae linux-image-debug-2.6.31-22-generic-pae linux-image-2.6.31-22-ia64 linux-headers-2.6.31-22-ia64 linux-image-debug-2.6.31-22-ia64 linux-image-2.6.31-22-lpia linux-headers-2.6.31-22-lpia linux-image-debug-2.6.31-22-lpia linux-image-2.6.31-22-powerpc linux-headers-2.6.31-22-powerpc linux-image-debug-2.6.31-22-powerpc linux-image-2.6.31-22-powerpc-smp linux-headers-2.6.31-22-powerpc-smp linux-image-debug-2.6.31-22-powerpc-smp linux-image-2.6.31-22-powerpc64-smp linux-headers-2.6.31-22-powerpc64-smp linux-image-debug-2.6.31-22-powerpc64-smp linux-image-2.6.31-22-server linux-headers-2.6.31-22-server linux-image-debug-2.6.31-22-server linux-image-2.6.31-22-sparc64
 linux-headers-2.6.31-22-sparc64 linux-image-debug-2.6.31-22-sparc64 linux-image-2.6.31-22-sparc64-smp linux-headers-2.6.31-22-sparc64-smp linux-image-debug-2.6.31-22-sparc64-smp linux-image-2.6.31-22-virtual kernel-image-2.6.31-22-generic-di nic-modules-2.6.31-22-generic-di nic-shared-modules-2.6.31-22-generic-di serial-modules-2.6.31-22-generic-di ppp-modules-2.6.31-22-generic-di firewire-core-modules-2.6.31-22-generic-di scsi-modules-2.6.31-22-generic-di plip-modules-2.6.31-22-generic-di floppy-modules-2.6.31-22-generic-di fat-modules-2.6.31-22-generic-di nfs-modules-2.6.31-22-generic-di md-modules-2.6.31-22-generic-di usb-modules-2.6.31-22-generic-di pcmcia-storage-modules-2.6.31-22-generic-di fb-modules-2.6.31-22-generic-di input-modules-2.6.31-22-generic-di mouse-modules-2.6.31-22-generic-di irda-modules-2.6.31-22-generic-di parport-modules-2.6.31-22-generic-di nic-pcmcia-modules-2.6.31-22-generic-di pcmcia-modules-2.6.31-22-generic-di nic-usb-modules-2.6.31-22-generic-di
 sata-modules-2.6.31-22-generic-di crypto-modules-2.6.31-22-generic-di char-modules-2.6.31-22-generic-di fs-core-modules-2.6.31-22-generic-di fs-secondary-modules-2.6.31-22-generic-di pata-modules-2.6.31-22-generic-di storage-core-modules-2.6.31-22-generic-di block-modules-2.6.31-22-generic-di message-modules-2.6.31-22-generic-di virtio-modules-2.6.31-22-generic-di
Architecture: source
Version: 2.6.31-22.67
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu Kernel Team <kernel-team at lists.ubuntu.com>
Changed-By: Steve Conklin <sconklin at canonical.com>
Description: 
 block-modules-2.6.31-22-generic-di - Block storage devices (udeb)
 char-modules-2.6.31-22-generic-di - Character module support (udeb)
 crypto-modules-2.6.31-22-generic-di - crypto modules (udeb)
 fat-modules-2.6.31-22-generic-di - FAT filesystem support (udeb)
 fb-modules-2.6.31-22-generic-di - Framebuffer modules (udeb)
 firewire-core-modules-2.6.31-22-generic-di - Firewire (IEEE-1394) Support (udeb)
 floppy-modules-2.6.31-22-generic-di - Floppy driver support (udeb)
 fs-core-modules-2.6.31-22-generic-di - Base filesystem modules (udeb)
 fs-secondary-modules-2.6.31-22-generic-di - Extra filesystem modules (udeb)
 input-modules-2.6.31-22-generic-di - Support for various input methods (udeb)
 irda-modules-2.6.31-22-generic-di - Support for Infrared protocols (udeb)
 kernel-image-2.6.31-22-generic-di - Linux kernel binary image for the Debian installer (udeb)
 linux-doc  - Linux kernel specific documentation for version 2.6.31
 linux-headers-2.6.31-22 - Header files related to Linux kernel version 2.6.31
 linux-headers-2.6.31-22-386 - Linux kernel headers for version 2.6.31 on i386
 linux-headers-2.6.31-22-generic - Linux kernel headers for version 2.6.31 on x86/x86_64
 linux-headers-2.6.31-22-generic-pae - Linux kernel headers for version 2.6.31 on x86
 linux-headers-2.6.31-22-ia64 - Linux kernel headers for version 2.6.31 on IA-64 SMP
 linux-headers-2.6.31-22-lpia - Linux kernel headers for version 2.6.31 on Intel Atom processors
 linux-headers-2.6.31-22-powerpc - Linux kernel headers for version 2.6.31 on 32-bit PowerPC
 linux-headers-2.6.31-22-powerpc-smp - Linux kernel headers for version 2.6.31 on 32-bit PowerPC SMP
 linux-headers-2.6.31-22-powerpc64-smp - Linux kernel headers for version 2.6.31 on 64-bit PowerPC SMP
 linux-headers-2.6.31-22-server - Linux kernel headers for version 2.6.31 on x86_64
 linux-headers-2.6.31-22-sparc64 - Linux kernel headers for version 2.6.31 on 64-bit UltraSPARC
 linux-headers-2.6.31-22-sparc64-smp - Linux kernel headers for version 2.6.31 on 64-bit UltraSPARC SMP
 linux-image-2.6.31-22-386 - Linux kernel image for version 2.6.31 on i386
 linux-image-2.6.31-22-generic - Linux kernel image for version 2.6.31 on x86/x86_64
 linux-image-2.6.31-22-generic-pae - Linux kernel image for version 2.6.31 on x86
 linux-image-2.6.31-22-ia64 - Linux kernel image for version 2.6.31 on IA-64 SMP
 linux-image-2.6.31-22-lpia - Linux kernel image for version 2.6.31 on Intel Atom processors
 linux-image-2.6.31-22-powerpc - Linux kernel image for version 2.6.31 on 32-bit PowerPC
 linux-image-2.6.31-22-powerpc-smp - Linux kernel image for version 2.6.31 on 32-bit PowerPC SMP
 linux-image-2.6.31-22-powerpc64-smp - Linux kernel image for version 2.6.31 on 64-bit PowerPC SMP
 linux-image-2.6.31-22-server - Linux kernel image for version 2.6.31 on x86_64
 linux-image-2.6.31-22-sparc64 - Linux kernel image for version 2.6.31 on 64-bit UltraSPARC
 linux-image-2.6.31-22-sparc64-smp - Linux kernel image for version 2.6.31 on 64-bit UltraSPARC SMP
 linux-image-2.6.31-22-virtual - Linux kernel image for version 2.6.31 on x86/x86_64
 linux-image-debug-2.6.31-22-386 - Linux kernel debug image for version 2.6.31 on i386
 linux-image-debug-2.6.31-22-generic - Linux kernel debug image for version 2.6.31 on x86/x86_64
 linux-image-debug-2.6.31-22-generic-pae - Linux kernel debug image for version 2.6.31 on x86
 linux-image-debug-2.6.31-22-ia64 - Linux kernel debug image for version 2.6.31 on IA-64 SMP
 linux-image-debug-2.6.31-22-lpia - Linux kernel debug image for version 2.6.31 on Intel Atom process
 linux-image-debug-2.6.31-22-powerpc - Linux kernel debug image for version 2.6.31 on 32-bit PowerPC
 linux-image-debug-2.6.31-22-powerpc-smp - Linux kernel debug image for version 2.6.31 on 32-bit PowerPC SMP
 linux-image-debug-2.6.31-22-powerpc64-smp - Linux kernel debug image for version 2.6.31 on 64-bit PowerPC SMP
 linux-image-debug-2.6.31-22-server - Linux kernel debug image for version 2.6.31 on x86_64
 linux-image-debug-2.6.31-22-sparc64 - Linux kernel debug image for version 2.6.31 on 64-bit UltraSPARC
 linux-image-debug-2.6.31-22-sparc64-smp - Linux kernel debug image for version 2.6.31 on 64-bit UltraSPARC 
 linux-libc-dev - Linux Kernel Headers for development
 linux-source-2.6.31 - Linux kernel source for version 2.6.31 with Ubuntu patches
 md-modules-2.6.31-22-generic-di - Multi-device support (raid, device-mapper, lvm) (udeb)
 message-modules-2.6.31-22-generic-di - Fusion and i2o storage modules (udeb)
 mouse-modules-2.6.31-22-generic-di - Mouse support (udeb)
 nfs-modules-2.6.31-22-generic-di - NFS filesystem drivers (udeb)
 nic-modules-2.6.31-22-generic-di - Network interface support (udeb)
 nic-pcmcia-modules-2.6.31-22-generic-di - PCMCIA network interface support (udeb)
 nic-shared-modules-2.6.31-22-generic-di - nic shared modules (udeb)
 nic-usb-modules-2.6.31-22-generic-di - USB network interface support (udeb)
 parport-modules-2.6.31-22-generic-di - Parallel port support (udeb)
 pata-modules-2.6.31-22-generic-di - PATA support modules (udeb)
 pcmcia-modules-2.6.31-22-generic-di - PCMCIA Modules (udeb)
 pcmcia-storage-modules-2.6.31-22-generic-di - PCMCIA storage support (udeb)
 plip-modules-2.6.31-22-generic-di - PLIP (parallel port) networking support (udeb)
 ppp-modules-2.6.31-22-generic-di - PPP (serial port) networking support (udeb)
 sata-modules-2.6.31-22-generic-di - SATA storage support (udeb)
 scsi-modules-2.6.31-22-generic-di - SCSI storage support (udeb)
 serial-modules-2.6.31-22-generic-di - Serial port support (udeb)
 storage-core-modules-2.6.31-22-generic-di - Core storage support (udeb)
 usb-modules-2.6.31-22-generic-di - Core USB support (udeb)
 virtio-modules-2.6.31-22-generic-di - VirtIO Modules (udeb)
Changes: 
 linux (2.6.31-22.67) karmic-security; urgency=low
 .
   [ Upstream Kernel Changes ]
 .
   * Local privilege escalation vulnerability in RDS sockets
     - CVE-2010-3904
   * v4l: disable dangerous buggy compat function
     - CVE-2010-2963
   * mm: Do not assume ENOMEM when looking at a split stack vma
     -  LP: #646114
   * mm: Use helper to find real vma with stack guard page
     -  LP: #646114
   * Fix race in tty_fasync() properly
     - CVE-2009-4895
   * ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files
     - CVE-2010-2066
   * xfs: prevent swapext from operating on write-only files
     - CVE-2010-2226
   * cifs: Fix a kernel BUG with remote OS/2 server (try #3)
     - CVE-2010-2248
   * ethtool: Fix potential user buffer overflow for ETHTOOL_{G, S}RXFH
     - CVE-2010-2478
   * l2tp: Fix oops in pppol2tp_xmit
     - CVE-2010-2495
   * nfsd4: bug in read_buf
     - CVE-2010-2521
   * CIFS: Fix a malicious redirect problem in the DNS lookup code
     - CVE-2010-2524
   * GFS2: rename causes kernel Oops
     - CVE-2010-2798
   * net sched: fix some kernel memory leaks
     - CVE-2010-2942
   * jfs: don't allow os2 xattr namespace overlap with others
     - CVE-2010-2946
   * irda: Correctly clean up self->ias_obj on irda_bind() failure.
     - CVE-2010-2954
   * wireless extensions: fix kernel heap content leak
     - CVE-2010-2955
   * ext4: consolidate in_range() definitions
     - CVE-2010-3015
   * aio: check for multiplication overflow in do_io_submit
     - CVE-2010-3067
   * xfs: prevent reading uninitialized stack memory
     - CVE-2010-3078
   * ALSA: seq/oss - Fix double-free at error path of snd_seq_oss_open()
     - CVE-2010-3080
   * niu: Fix kernel buffer overflow for ETHTOOL_GRXCLSRLALL
     - CVE-2010-3084
   * rose: Fix signedness issues wrt. digi count.
     - CVE-2010-3310
   * sctp: Do not reset the packet during sctp_packet_config().
     - CVE-2010-3432
   * Fix pktcdvd ioctl dev_minor range check
     - CVE-2010-3437
   * ALSA: prevent heap corruption in snd_ctl_new()
     - CVE-2010-3442
   * net sched: fix kernel leak in act_police
     - CVE-2010-3477
   * Fix out-of-bounds reading in sctp_asoc_get_hmac()
     - CVE-2010-3705
   * ocfs2: Don't walk off the end of fast symlinks.
     - CVE-2010-NNN2
Checksums-Sha1: 
 59fb15bb87f600a32f27d5acdce475b90f59c1db 4422 linux_2.6.31-22.67.dsc
 809f549d4145dcbac1ea551cdb5f26f7c4f34c31 2994154 linux_2.6.31-22.67.diff.gz
Checksums-Sha256: 
 16b8b7150715bb6a1c645914b5c797cf9e0fba5082438170586a623db7e951e3 4422 linux_2.6.31-22.67.dsc
 ddfd8365ebf16bd5785b06956de0f32796b3251fbc75a0f40a72e2285e9d0407 2994154 linux_2.6.31-22.67.diff.gz
Files: 
 31f292eea4a6de474e6af0fea887aeef 4422 devel optional linux_2.6.31-22.67.dsc
 d4c0b765b973f6461a4c2ec22297cd6e 2994154 devel optional linux_2.6.31-22.67.diff.gz
Launchpad-Bugs-Fixed: 646114 646114

More information about the Karmic-changes mailing list