Linux Archive

Linux Archive (
-   Ubuntu Kernel Team (
-   -   security update of stable kernels (

Kees Cook 01-16-2008 07:26 PM

security update of stable kernels

I need to have builds/tests of security updates for Dapper through Gutsy
for a number of updates.

I've already merged fixes for the following CVEs:
* CVE-2007-3107 - e f -
* CVE-2007-5966 - e f g
* CVE-2007-6063 d e f g
* CVE-2007-6151 d e f g
* CVE-2007-6206 d e f g
* CVE-2007-6417 d e f g
* CVE-2008-0001 d e f g

And incorporated fixes from the NFSv4 regression (bug 164231) needed in
Feisty and Gutsy. They are in the security git trees:
* git://
* git://
* git://
* git://

The following CVE needs more attention from the kernel team, as it did
not merge cleanly:
* CVE-2007-5904
It is fixed with upstream commits:
* a761ac579b89bc1f00212a42401398108deba65c
* 133672efbc1085f9af990bdc145e1822ea93bcf3

I would also ask that Dapper's update be regenerated to include all the
outstanding updates in 2.6.15-51.65 (which hasn't been released yet,
pending the 6.06.2 publication, which just happened). When doing the
upload to jackass, all packages tied to the Dapper kernel ABI need to be
version-bumped as well, and uploaded to jackass so that people only
using -updates will have a sane view of what to install.

These updates are rather urgent (due to CVE-2008-0001).

Let me know if I can help further, I want to make sure this gets
published before the Distro Sprint.



Kees Cook
kernel-team mailing list

All times are GMT. The time now is 08:38 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.