linux-fsl-imx51: 2.6.31-609.26 -proposed tracker
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Kernel SRU Workflow |
Fix Released
|
Undecided
|
Unassigned | ||
| Certification-testing |
Invalid
|
Undecided
|
Canonical Hardware Certification | ||
| Prepare-package |
Fix Released
|
Undecided
|
Brad Figg | ||
| Promote-to-proposed |
Fix Released
|
Undecided
|
Ubuntu Stable Release Updates Team | ||
| Promote-to-security |
Fix Released
|
Undecided
|
Ubuntu Stable Release Updates Team | ||
| Promote-to-updates |
Fix Released
|
Undecided
|
Ubuntu Stable Release Updates Team | ||
| Regression-testing |
Fix Released
|
Undecided
|
Registry Administrators | ||
| Security-signoff |
Fix Released
|
Undecided
|
Kees Cook | ||
| Verification-testing |
Fix Released
|
Undecided
|
Canonical Kernel Team | ||
| linux-fsl-imx51 (Ubuntu) |
Invalid
|
Medium
|
Unassigned | ||
| Lucid |
Fix Released
|
Undecided
|
Unassigned | ||
Bug Description
This bug is for tracking the 2.6.31-609.26 upload package. This bug will contain status and testing results releated to that upload.
For an explanation of the tasks and the associated workflow see: https:/
Passed verification.
The commits for CVE-2010-4076 and CVE-2010-4077 seems a bit confused. This version seems to have half of them, so I'm ignoring those CVEs in the changelog for the future publication. The rest looks fine.
This bug was fixed in the package linux-fsl-imx51 - 2.6.31-609.26
---------------
linux-fsl-imx51 (2.6.31-609.26) lucid; urgency=low
[ Paolo Pisati ]
* Tracking bug
- LP: #795219
* [Config] Disable parport_pc on fsl-imx51
- LP: #601226
[ Upstream Kernel Changes ]
* ALSA: sound/pci/rme9652: prevent reading uninitialized stack memory
- LP: #712723, #712737
* can-bcm: fix minor heap overflow
- LP: #710680
* drivers/
- LP: #712744
* gdth: integer overflow in ioctl
- LP: #711797
* inet_diag: Make sure we actually run the same bytecode we audited, CVE-2010-3880
- LP: #711865
- CVE-2010-3880
* net: fix rds_iovec page count overflow, CVE-2010-3865
- LP: #709153
- CVE-2010-3865
* net: packet: fix information leak to userland, CVE-2010-3876
- LP: #711045
- CVE-2010-3876
* net: tipc: fix information leak to userland, CVE-2010-3877
- LP: #711291
- CVE-2010-3877
* net: Truncate recvfrom and sendto length to INT_MAX.
- LP: #708839
* posix-cpu-timers: workaround to suppress the problems with mt exec
- LP: #712609
* sys_semctl: fix kernel stack leakage
- LP: #712749
* x25: Patch to fix bug 15678 - x25 accesses fields beyond end of packet.
- LP: #709372
* memory corruption in X.25 facilities parsing
- LP: #709372
* net: ax25: fix information leak to userland, CVE-2010-3875
- LP: #710714
- CVE-2010-3875
* net: ax25: fix information leak to userland harder, CVE-2010-3875
- LP: #710714
- CVE-2010-3875
* fs/partitions/
- LP: #771382
- CVE-2011-1017
* net: clear heap allocations for privileged ethtool actions
- LP: #771445
* Prevent rt_sigqueueinfo and rt_tgsigqueueinfo from spoofing the signal code
- LP: #772543
* Relax si_code check in rt_sigqueueinfo and rt_tgsigqueueinfo
- LP: #772543
* exec: make argv/envp memory visible to oom-killer
- LP: #768408
* next_pidmap: fix overflow condition
- LP: #784727
* proc: do proper range check on readdir offset
- LP: #784727
* mpt2sas: prevent heap overflows and unchecked reads
- LP: #787145
* agp: fix arbitrary kernel memory writes
- LP: #788684
* can: add missing socket check in can/raw release
- LP: #788694
* agp: fix OOM and buffer overflow
- LP: #788700
* do_exit(): make sure that we run with get_fs() == USER_DS - CVE-2010-4258
- LP: #723945
- CVE-2010-4258
* x25: Prevent crashing when parsing bad X.25 facilities - CVE-2010-4164
- LP: #731199
- CVE-2010-4164
* install_
- LP: #731971
- CVE-2010-4346
* econet: Fix crash in aun_incoming() - CVE-2010-4342
- LP: #736394
- CVE-2010-4342
* sound: Prevent buffer overflow in OSS load_mixer_volumes - CVE-2010-4527
- LP: #737073
- CVE-2010-4527
* irda: prevent integer underflow in IRLMP_ENUMDEVICES, CVE-2010-4529
- LP: #737823
- CVE-2010-4529
* CAN: Use inode instead of kernel address for /proc file - CVE-2010-4565
- LP: #765007...
Released to -security/-updates
The package has been published and the bug is being set to Fix Released