Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Ubuntu Kernel Team (http://www.linux-archive.org/ubuntu-kernel-team/)
-   -   CVE fixes (http://www.linux-archive.org/ubuntu-kernel-team/542838-cve-fixes.html)

Paolo Pisati 06-22-2011 02:06 PM

CVE fixes
 
The following changes since commit ad43db5a592e927faed31f7b44cf099d7944b498:

can: Add missing socket check in can/bcm release. (2011-06-14 09:20:49
+0100)

are available in the git repository at:
git://kernel.ubuntu.com/ubuntu/ubuntu-lucid.git ..BRANCH.NOT.VERIFIED..

Alan Cox (2):
tty: Make tiocgicount a handler, CVE-2010-4076, CVE-2010-4077
bluetooth: Fix missing NULL check CVE-2010-4242

Dan Carpenter (1):
IB/uverbs: Handle large number of entries in poll CQ CVE-2010-4649

Dan Rosenberg (1):
rds: Integer overflow in RDS cmsg handling, CVE-2010-4175

David S. Miller (1):
filter: make sure filters dont read uninitialized memory CVE-2010-4158

Jens Axboe (1):
bio: take care not overflow page count when mapping/copying user
data CVE-2010-4162

Paolo Pisati (1):
UBUNTU: Start new release

Xiaotian Feng (1):
block: check for proper length of iov entries earlier in
blk_rq_map_user_iov(), CVE-2010-4163

block/blk-map.c | 3 +
debian.fsl-imx51/abi/2.6.31-608.25/abiname | 1 -
.../abi/2.6.31-608.25/armel/ignore.modules | 1 -
debian.fsl-imx51/abi/2.6.31-609.26/abiname | 1 +
.../{2.6.31-608.25 => 2.6.31-609.26}/armel/imx51 | 2991
++++++++++----------
.../armel/imx51.modules | 26 -
debian.fsl-imx51/changelog | 8 +
drivers/bluetooth/hci_ldisc.c | 7 +
drivers/char/tty_io.c | 21 +
drivers/infiniband/core/uverbs_cmd.c | 101 +-
drivers/serial/serial_core.c | 37 +-
drivers/usb/serial/usb-serial.c | 13 +
fs/bio.c | 14 +-
include/linux/tty_driver.h | 9 +
include/linux/usb/serial.h | 2 +
net/core/filter.c | 64 +-
net/rds/rdma.c | 24 +-
17 files changed, 1690 insertions(+), 1633 deletions(-)
delete mode 100644 debian.fsl-imx51/abi/2.6.31-608.25/abiname
delete mode 100644 debian.fsl-imx51/abi/2.6.31-608.25/armel/ignore.modules
create mode 100644 debian.fsl-imx51/abi/2.6.31-609.26/abiname
rename debian.fsl-imx51/abi/{2.6.31-608.25 =>
2.6.31-609.26}/armel/imx51 (81%)
rename debian.fsl-imx51/abi/{2.6.31-608.25 =>
2.6.31-609.26}/armel/imx51.modules (99%)

All commits cherry-picked from lucid/master, upstream sha, buglink
pointing to the real lp bug and kteam ack included.
--
bye,
p.

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team

Paolo Pisati 06-22-2011 02:09 PM

CVE fixes
 
On 06/22/2011 04:06 PM, Paolo Pisati wrote:
> The following changes since commit ad43db5a592e927faed31f7b44cf099d7944b498:
>
> can: Add missing socket check in can/bcm release. (2011-06-14 09:20:49
> +0100)
>
> are available in the git repository at:
> git://kernel.ubuntu.com/ubuntu/ubuntu-lucid.git ..BRANCH.NOT.VERIFIED..
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^

git://kernel.ubuntu.com/ppisati/ubuntu-lucid.git fsl-imx51

>
> Alan Cox (2):
> tty: Make tiocgicount a handler, CVE-2010-4076, CVE-2010-4077
> bluetooth: Fix missing NULL check CVE-2010-4242
>
> Dan Carpenter (1):
> IB/uverbs: Handle large number of entries in poll CQ CVE-2010-4649
>
> Dan Rosenberg (1):
> rds: Integer overflow in RDS cmsg handling, CVE-2010-4175
>
> David S. Miller (1):
> filter: make sure filters dont read uninitialized memory CVE-2010-4158
>
> Jens Axboe (1):
> bio: take care not overflow page count when mapping/copying user
> data CVE-2010-4162
>
> Paolo Pisati (1):
> UBUNTU: Start new release
>
> Xiaotian Feng (1):
> block: check for proper length of iov entries earlier in
> blk_rq_map_user_iov(), CVE-2010-4163
>
> block/blk-map.c | 3 +
> debian.fsl-imx51/abi/2.6.31-608.25/abiname | 1 -
> .../abi/2.6.31-608.25/armel/ignore.modules | 1 -
> debian.fsl-imx51/abi/2.6.31-609.26/abiname | 1 +
> .../{2.6.31-608.25 => 2.6.31-609.26}/armel/imx51 | 2991
> ++++++++++----------
> .../armel/imx51.modules | 26 -
> debian.fsl-imx51/changelog | 8 +
> drivers/bluetooth/hci_ldisc.c | 7 +
> drivers/char/tty_io.c | 21 +
> drivers/infiniband/core/uverbs_cmd.c | 101 +-
> drivers/serial/serial_core.c | 37 +-
> drivers/usb/serial/usb-serial.c | 13 +
> fs/bio.c | 14 +-
> include/linux/tty_driver.h | 9 +
> include/linux/usb/serial.h | 2 +
> net/core/filter.c | 64 +-
> net/rds/rdma.c | 24 +-
> 17 files changed, 1690 insertions(+), 1633 deletions(-)
> delete mode 100644 debian.fsl-imx51/abi/2.6.31-608.25/abiname
> delete mode 100644 debian.fsl-imx51/abi/2.6.31-608.25/armel/ignore.modules
> create mode 100644 debian.fsl-imx51/abi/2.6.31-609.26/abiname
> rename debian.fsl-imx51/abi/{2.6.31-608.25 =>
> 2.6.31-609.26}/armel/imx51 (81%)
> rename debian.fsl-imx51/abi/{2.6.31-608.25 =>
> 2.6.31-609.26}/armel/imx51.modules (99%)
>
> All commits cherry-picked from lucid/master, upstream sha, buglink
> pointing to the real lp bug and kteam ack included.


--
bye,
p.

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team

Paolo Pisati 06-22-2011 02:17 PM

CVE fixes
 
The following changes since commit c72707ca9d1a6098190da1b1cb84f029761bc27d:

can: Add missing socket check in can/bcm release. (2011-06-14 09:21:42
+0100)

are available in the git repository at:
git://kernel.ubuntu.com/ppisati/ubuntu-maverick.git ti-omap4

Alan Cox (1):
tty: Make tiocgicount a handler, CVE-2010-4076, CVE-2010-4077

Andy Whitcroft (1):
tty: icount changeover for other main devices, CVE-2010-4076,
CVE-2010-4077

Dan Carpenter (1):
IB/uverbs: Handle large number of entries in poll CQ CVE-2010-4649

Linus Torvalds (2):
Rename 'pipe_info()' to 'get_pipe_info()' CVE-2010-4256
Export 'get_pipe_info()' to other users CVE-2010-4256

Oleg Nesterov (1):
posix-cpu-timers: workaround to suppress the problems with mt
exec, CVE-2010-4248

arch/ia64/hp/sim/simserial.c | 12 +----
drivers/char/amiserial.c | 56 ++++++++++--------
drivers/char/cyclades.c | 49 +++++++++--------
drivers/char/ip2/ip2main.c | 72 ++++++++++++++----------
drivers/char/mxser.c | 62 ++++++++++++---------
drivers/char/nozomi.c | 37 ++++++------
drivers/char/pcmcia/synclink_cs.c | 60 +++++++++-----------
drivers/char/synclink.c | 73 +++++++++++-------------
drivers/char/synclink_gt.c | 56 ++++++++++---------
drivers/char/synclinkmp.c | 61 +++++++++-----------
drivers/char/tty_io.c | 21 +++++++
drivers/infiniband/core/uverbs_cmd.c | 101
+++++++++++++++++++---------------
drivers/serial/68360serial.c | 51 ++++++++---------
drivers/serial/serial_core.c | 37 ++++++-------
drivers/usb/serial/usb-serial.c | 13 ++++
fs/pipe.c | 2 +-
fs/splice.c | 24 ++------
include/linux/pipe_fs_i.h | 12 ++++
include/linux/tty_driver.h | 9 +++
include/linux/usb/serial.h | 2 +
kernel/exit.c | 8 +++
net/bluetooth/rfcomm/tty.c | 4 -
22 files changed, 443 insertions(+), 379 deletions(-)


All commits cherry-picked from maverick/master, upstream sha, buglink
pointing to the real lp bug and kteam ack included.
--
bye,
p.

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team


All times are GMT. The time now is 09:24 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.