FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu Kernel Team

LinkBack Thread Tools
Old 01-16-2008, 07:26 PM
Kees Cook
Default security update of stable kernels


I need to have builds/tests of security updates for Dapper through Gutsy
for a number of updates.

I've already merged fixes for the following CVEs:
* CVE-2007-3107 - e f -
* CVE-2007-5966 - e f g
* CVE-2007-6063 d e f g
* CVE-2007-6151 d e f g
* CVE-2007-6206 d e f g
* CVE-2007-6417 d e f g
* CVE-2008-0001 d e f g

And incorporated fixes from the NFSv4 regression (bug 164231) needed in
Feisty and Gutsy. They are in the security git trees:
* git://kernel.ubuntu.com/kees/ubuntu-dapper-security.git
* git://kernel.ubuntu.com/kees/ubuntu-edgy-security.git
* git://kernel.ubuntu.com/kees/ubuntu-feisty-security.git
* git://kernel.ubuntu.com/kees/ubuntu-gutsy-security.git

The following CVE needs more attention from the kernel team, as it did
not merge cleanly:
* CVE-2007-5904
It is fixed with upstream commits:
* a761ac579b89bc1f00212a42401398108deba65c
* 133672efbc1085f9af990bdc145e1822ea93bcf3

I would also ask that Dapper's update be regenerated to include all the
outstanding updates in 2.6.15-51.65 (which hasn't been released yet,
pending the 6.06.2 publication, which just happened). When doing the
upload to jackass, all packages tied to the Dapper kernel ABI need to be
version-bumped as well, and uploaded to jackass so that people only
using -updates will have a sane view of what to install.

These updates are rather urgent (due to CVE-2008-0001).

Let me know if I can help further, I want to make sure this gets
published before the Distro Sprint.



Kees Cook
kernel-team mailing list

Thread Tools

All times are GMT. The time now is 09:00 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org