FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu Kernel Team

 
 
LinkBack Thread Tools
 
Old 07-28-2011, 10:05 AM
Andy Whitcroft
 
Default rose networking validation issues

CVE-2011-1493
Bugs in both facilities parsing and in request validation can
lead to heap corruption.

The fixes for this are in oneiric via mainline and one of the two fixes has
hit lucid and later via stable updates. Following this email are patch
sets for all of the remaining affected branches. All of the patches
except for hardy 3/3 are cherry-picks from mainline, hardy 3/3 is a
trivial backport. There is a small preparitory cleanup patch included
in some sets to simplify the port. I am including all of the sets as
they nearly all differ in patch combinations.

Note that from a review point of view, except for hardy 3/3, where a patch
appears in more than one set the patch is an identicle change in all sets.

Proposing for hardy, lucid, lucid/fsl-imx51, maverick/ti-omap4, natty,
and natty/ti-omap4.

-apw

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 
Old 07-28-2011, 01:18 PM
Stefan Bader
 
Default rose networking validation issues

On 28.07.2011 12:05, Andy Whitcroft wrote:
> CVE-2011-1493
> Bugs in both facilities parsing and in request validation can
> lead to heap corruption.
>
> The fixes for this are in oneiric via mainline and one of the two fixes has
> hit lucid and later via stable updates. Following this email are patch
> sets for all of the remaining affected branches. All of the patches
> except for hardy 3/3 are cherry-picks from mainline, hardy 3/3 is a
> trivial backport. There is a small preparitory cleanup patch included
> in some sets to simplify the port. I am including all of the sets as
> they nearly all differ in patch combinations.
>
> Note that from a review point of view, except for hardy 3/3, where a patch
> appears in more than one set the patch is an identicle change in all sets.

Took me a bit to grasp the wisdom of the above... :-P

>
> Proposing for hardy, lucid, lucid/fsl-imx51, maverick/ti-omap4, natty,
> and natty/ti-omap4.
>
> -apw
>

All patches look like to folllow the upstream counterparts and to do what the
descriptions suggests.

Acked-by: Stefan Bader <stefan.bader@canonical.com>

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 
Old 07-28-2011, 01:18 PM
Stefan Bader
 
Default rose networking validation issues

On 28.07.2011 12:05, Andy Whitcroft wrote:
> CVE-2011-1493
> Bugs in both facilities parsing and in request validation can
> lead to heap corruption.
>
> The fixes for this are in oneiric via mainline and one of the two fixes has
> hit lucid and later via stable updates. Following this email are patch
> sets for all of the remaining affected branches. All of the patches
> except for hardy 3/3 are cherry-picks from mainline, hardy 3/3 is a
> trivial backport. There is a small preparitory cleanup patch included
> in some sets to simplify the port. I am including all of the sets as
> they nearly all differ in patch combinations.
>
> Note that from a review point of view, except for hardy 3/3, where a patch
> appears in more than one set the patch is an identicle change in all sets.

Took me a bit to grasp the wisdom of the above... :-P

>
> Proposing for hardy, lucid, lucid/fsl-imx51, maverick/ti-omap4, natty,
> and natty/ti-omap4.
>
> -apw
>

All patches look like to folllow the upstream counterparts and to do what the
descriptions suggests.

Acked-by: Stefan Bader <stefan.bader@canonical.com>

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 
Old 07-28-2011, 01:18 PM
Stefan Bader
 
Default rose networking validation issues

On 28.07.2011 12:05, Andy Whitcroft wrote:
> CVE-2011-1493
> Bugs in both facilities parsing and in request validation can
> lead to heap corruption.
>
> The fixes for this are in oneiric via mainline and one of the two fixes has
> hit lucid and later via stable updates. Following this email are patch
> sets for all of the remaining affected branches. All of the patches
> except for hardy 3/3 are cherry-picks from mainline, hardy 3/3 is a
> trivial backport. There is a small preparitory cleanup patch included
> in some sets to simplify the port. I am including all of the sets as
> they nearly all differ in patch combinations.
>
> Note that from a review point of view, except for hardy 3/3, where a patch
> appears in more than one set the patch is an identicle change in all sets.

Took me a bit to grasp the wisdom of the above... :-P

>
> Proposing for hardy, lucid, lucid/fsl-imx51, maverick/ti-omap4, natty,
> and natty/ti-omap4.
>
> -apw
>

All patches look like to folllow the upstream counterparts and to do what the
descriptions suggests.

Acked-by: Stefan Bader <stefan.bader@canonical.com>

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 

Thread Tools




All times are GMT. The time now is 08:41 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org