[ubuntu/lucid-security] linux 2.6.32-64.128 (Accepted)

Adam Conrad adconrad at 0c3.net
Wed Jul 16 19:36:09 UTC 2014


linux (2.6.32-64.128) lucid; urgency=low

  [ Upstream Kernel Changes ]

  * l2tp: Privilege escalation in ppp over l2tp sockets
    - LP: #1341472
    - CVE-2014-4943

linux (2.6.32-64.127) lucid; urgency=low

  [ Luis Henriques ]

  * Merged back Ubuntu-2.6.32-62.126 security release
  * Revert "x86_64,ptrace: Enforce RIP <= TASK_SIZE_MAX (CVE-2014-4699)"
    - LP: #1337339
  * Release Tracking Bug
    - LP: #1338946

  [ Upstream Kernel Changes ]

  * ptrace,x86: force IRET path after a ptrace_stop()
    - LP: #1337339
    - CVE-2014-4699

linux (2.6.32-63.126) lucid; urgency=low

  [ Luis Henriques ]

  * Release Tracking Bug
    - LP: #1335875

  [ Upstream Kernel Changes ]

  * net: check net.core.somaxconn sysctl values
    - LP: #1321293
  * sysctl net: Keep tcp_syn_retries inside the boundary
    - LP: #1321293
  * ethtool: Report link-down while interface is down
    - LP: #1335049
  * futex: Prevent attaching to kernel threads
    - LP: #1335049
  * auditsc: audit_krule mask accesses need bounds checking
    - LP: #1335049
  * net: fix regression introduced in 2.6.32.62 by sysctl fixes
    - LP: #1335049
  * Linux 2.6.32.63
    - LP: #1335049
  * lib/lzo: Rename lzo1x_decompress.c to lzo1x_decompress_safe.c
    - LP: #1335313
    - CVE-2014-4608
  * lib/lzo: Update LZO compression to current upstream version
    - LP: #1335313
    - CVE-2014-4608
  * lzo: properly check for overruns
    - LP: #1335313
    - CVE-2014-4608

Date: 2014-07-15 08:29:12.593522+00:00
Changed-By: Luis Henriques <luis.henriques at canonical.com>
Signed-By: Adam Conrad <adconrad at 0c3.net>
https://launchpad.net/ubuntu/lucid/+source/linux/2.6.32-64.128
-------------- next part --------------
Sorry, changesfile not available.


More information about the Lucid-changes mailing list