[Bug 683474] Re: Karmic: 2.6.31-22.70 -proposed tracker

Tue, 04 Jan 2011 13:16:16 -0800 

This bug was fixed in the package linux - 2.6.31-22.70

---------------
linux (2.6.31-22.70) karmic-proposed; urgency=low

  [ Leann Ogasawara ]

  - LP: #683474
  * Revert "SAUCE: AF_ECONET saddr->cookie prevent NULL pointer
    dereference"
  * Revert "SAUCE: AF_ECONET SIOCSIFADDR ioctl does not check privileges"
  * Revert "SAUCE: AF_ECONET prevent kernel stack overflow"

  [ Upstream Kernel Changes ]

  * Btrfs: fix checks in BTRFS_IOC_CLONE_RANGE
    - CVE-2010-2538
  * xfs: validate untrusted inode numbers during lookup
    - CVE-2010-2943
  * xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED
    - CVE-2010-2943
  * xfs: remove block number from inode lookup code
    - CVE-2010-2943
  * xfs: fix untrusted inode number lookup
    - CVE-2010-2943
  * drm/i915: Sanity check pread/pwrite
    - CVE-2010-2962
  * drm/i915: Rephrase pwrite bounds checking to avoid any potential
    overflow
    - CVE-2010-2962
  * tracing: Do not allow llseek to set_ftrace_filter
    - CVE-2010-3079
  * drivers/net/cxgb3/cxgb3_main.c: prevent reading uninitialized stack
    memory
    - CVE-2010-3296
  * drivers/net/eql.c: prevent reading uninitialized stack memory
    - CVE-2010-3297
  * drivers/net/usb/hso.c: prevent reading uninitialized memory
    - CVE-2010-3298
  * setup_arg_pages: diagnose excessive argument size
    - CVE-2010-3858
  * net: clear heap allocation for ETHTOOL_GRXCLSRLALL
    - CVE-2010-3861
  * ipc: shm: fix information leak to userland
    - CVE-2010-4072
  * econet: disallow NULL remote addr for sendmsg(), fixes CVE-2010-3849
    - CVE-2010-3849
  * econet: fix CVE-2010-3850
    - CVE-2010-3850
  * econet: fix CVE-2010-3848
    - CVE-2010-3848
 -- Leann Ogasawara <[email protected]>   Tue, 30 Nov 2010 20:16:51 
-0800

** Changed in: linux (Ubuntu Karmic)
       Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-2538

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-2943

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-2962

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3079

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3296

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3297

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3298

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3848

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3849

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3850

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3858

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3861

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4072

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/683474

Title:
  Karmic: 2.6.31-22.70 -proposed tracker

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to