[Bug 812360] Re: linux: 2.6.24-29.92 -proposed tracker
** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4249 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/812360 Title: linux: 2.6.24-29.92 -proposed tracker To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/812360/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 812360] Re: linux: 2.6.24-29.92 -proposed tracker
** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4249 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/812360 Title: linux: 2.6.24-29.92 -proposed tracker To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/812360/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 812360] Re: linux: 2.6.24-29.92 -proposed tracker
** Description changed: This bug is for tracking the 2.6.24-29.92 upload package. This bug will contain status and testing results releated to that upload. For an explanation of the tasks and the associated workflow see: https://wiki.ubuntu.com/Kernel/kernel-sru-workflow - - kernel-stable-Prepare-package-start": "Tuesday, 18. July 2011 15:31 UTC" - kernel-stable-Promote-to-updates-end": "Tuesday, 08. August 2011 21:40 UTC" + kernel-stable-Prepare-package-start: Tuesday, 18. July 2011 15:31 UTC + kernel-stable-Promote-to-updates-end: Tuesday, 08. August 2011 21:40 UTC ** Description changed: This bug is for tracking the 2.6.24-29.92 upload package. This bug will contain status and testing results releated to that upload. For an explanation of the tasks and the associated workflow see: https://wiki.ubuntu.com/Kernel/kernel-sru-workflow - kernel-stable-Prepare-package-start: Tuesday, 18. July 2011 15:31 UTC - kernel-stable-Promote-to-updates-end: Tuesday, 08. August 2011 21:40 UTC + kernel-stable-Prepare-package-start:Tuesday, 18. July 2011 15:31 UTC + kernel-stable-Promote-to-updates-end:Tuesday, 08. August 2011 21:40 UTC -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/812360 Title: linux: 2.6.24-29.92 -proposed tracker To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/812360/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 812360] Re: linux: 2.6.24-29.92 -proposed tracker
** Description changed: This bug is for tracking the 2.6.24-29.92 upload package. This bug will contain status and testing results releated to that upload. For an explanation of the tasks and the associated workflow see: https://wiki.ubuntu.com/Kernel/kernel-sru-workflow + + + kernel-stable-Prepare-package-start": "Tuesday, 18. July 2011 15:31 UTC" + kernel-stable-Promote-to-updates-end": "Tuesday, 08. August 2011 21:40 UTC" -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/812360 Title: linux: 2.6.24-29.92 -proposed tracker To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/812360/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 812360] Re: linux: 2.6.24-29.92 -proposed tracker
There were false positives and have been fixed now. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/812360 Title: linux: 2.6.24-29.92 -proposed tracker To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/812360/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 812360] Re: linux: 2.6.24-29.92 -proposed tracker
Confirmed that the "/proc/$pid/ DAC bypass on setuid" test is broken on Hardy. I have corrected this. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/812360 Title: linux: 2.6.24-29.92 -proposed tracker To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/812360/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 812360] Re: linux: 2.6.24-29.92 -proposed tracker
I do not see the issue on KVM i386. For completeness, on all tests I also saw this error -- which I assumed to be a coding error on QRT: /proc/$pid/ DAC bypass on setuid (CVE-2011-1020) ... (skipped: not fixed before Oneiric yet) FAIL == FAIL: /proc/$pid/ DAC bypass on setuid (CVE-2011-1020) -- Traceback (most recent call last): File "./test-kernel-security.py", line 1339, in test_101_proc_fd_leaks self.assertShellOutputContains(bad[name], ['sudo','-u',os.environ['SUDO_USER'],"sh","-c","echo '' | ./dac-bypass.py %s" % (name)], invert=expected) File "/home/ubuntu/qrt-test-kernel/testlib.py", line 903, in assertShellOutputContains self.assertTrue(text in out, msg + result + report) AssertionError: Got exit code 10. Looking for text " 0x" Command: 'sudo', '-u', 'ubuntu', 'sh', '-c', 'echo '' | ./dac-bypass.py syscall' Output: Traceback (most recent call last): File "./dac-bypass.py", line 37, in files[name] = file('/proc/%d/%s' % (target, name)) IOError: [Errno 2] No such file or directory: '/proc/18730/syscall' (current) UNIX password: passwd: Authentication failure passwd: password unchanged Changing password for ubuntu. -- Ran 49 tests in 28.108s FAILED (failures=1) ** CVE added: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2011-1020 ** Changed in: kernel-sru-workflow/regression-testing Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/812360 Title: linux: 2.6.24-29.92 -proposed tracker To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/812360/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 812360] Re: linux: 2.6.24-29.92 -proposed tracker
Still need to run KVM on i386. Nevertheless, I got an unexpected failure on the QRT test 'test-kernel.py'. As such, I am failing QA. Bug 822967 has been opened for this error. ** Tags added: qa-testing-failed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/812360 Title: linux: 2.6.24-29.92 -proposed tracker To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/812360/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 812360] Re: linux: 2.6.24-29.92 -proposed tracker
The package has been published and the bug is being set to Fix Released ** Changed in: kernel-sru-workflow Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/812360 Title: linux: 2.6.24-29.92 -proposed tracker To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/812360/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 812360] Re: linux: 2.6.24-29.92 -proposed tracker
Copied to -security/-updates ** Changed in: kernel-sru-workflow/promote-to-security Status: New => Fix Released ** Changed in: kernel-sru-workflow/promote-to-updates Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/812360 Title: linux: 2.6.24-29.92 -proposed tracker To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/812360/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 812360] Re: linux: 2.6.24-29.92 -proposed tracker
This bug was fixed in the package linux - 2.6.24-29.92 --- linux (2.6.24-29.92) hardy-proposed; urgency=low [Herton R. Krzesinski] * Release Tracking Bug - LP: #812360 [Upstream Kernel Changes] * af_unix: limit unix_tot_inflight CVE-2010-4249 - LP: #769182 - CVE-2010-4249 * xfs: zero proper structure size for geometry calls CVE-2011-0711 - LP: #767740 - CVE-2011-0711 * netfilter: ip_tables: fix infoleak to userspace CVE-2011-1171 - LP: #801482 - CVE-2011-1171 * econet: 4 byte infoleak to the network CVE-2011-1173 - LP: #801484 - CVE-2011-1173 * netfilter: arp_tables: fix infoleak to userspace CVE-2011-1170 - LP: #801480 * ipv6: netfilter: ip6_tables: fix infoleak to userspace CVE-2011-1172 - LP: #801483 - CVE-2011-1172 * xen: don't allow blkback virtual CDROM device, CVE-2010-4238 - LP: #803931 - CVE-2010-4238 * IB/uverbs: Handle large number of entries in poll CQ CVE-2010-4649 - LP: #805512 * ipc: initialize structure memory to zero for compat functions CVE-2010-4073 - LP: #806366 - CVE-2010-4073 * tcp: Increase TCP_MAXSEG socket option minimum CVE-2010-4165 - LP: #806374 - CVE-2010-4165 * taskstats: don't allow duplicate entries in listener mode, CVE-2011-2484 - LP: #806390 - CVE-2011-2484 * netfilter: ipt_CLUSTERIP: fix buffer overflow, CVE-2011-2534 - LP: #801473 - CVE-2011-2534 * nfs4: Ensure that ACL pages sent over NFS were not allocated from the slab (v3), CVE-2011-1090 - LP: #800775 - CVE-2011-1090 * fs/partitions: Validate map_count in Mac partition tables - LP: #804225 - CVE-2011-1010 -- Herton Ronaldo KrzesinskiMon, 18 Jul 2011 12:36:01 -0300 ** Changed in: linux (Ubuntu) Status: In Progress => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4073 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4165 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4238 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4249 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4649 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-0711 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-1010 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-1090 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-1170 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-1171 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-1172 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-1173 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-2484 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-2534 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/812360 Title: linux: 2.6.24-29.92 -proposed tracker To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/812360/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 812360] Re: linux: 2.6.24-29.92 -proposed tracker
** Changed in: kernel-sru-workflow/regression-testing Status: Confirmed => In Progress ** Changed in: kernel-sru-workflow/regression-testing Assignee: Canonical Platform QA Team (canonical-platform-qa) => C de-Avillez (hggdh2) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/812360 Title: linux: 2.6.24-29.92 -proposed tracker To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/812360/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 812360] Re: linux: 2.6.24-29.92 -proposed tracker
Looks good, thanks! ** Changed in: kernel-sru-workflow/security-signoff Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/812360 Title: linux: 2.6.24-29.92 -proposed tracker To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/812360/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 812360] Re: linux: 2.6.24-29.92 -proposed tracker
** Changed in: kernel-sru-workflow/security-signoff Status: Confirmed => In Progress ** Changed in: kernel-sru-workflow/security-signoff Assignee: Canonical Security Team (canonical-security) => Kees Cook (kees) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/812360 Title: linux: 2.6.24-29.92 -proposed tracker To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/812360/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 812360] Re: linux: 2.6.24-29.92 -proposed tracker
** Changed in: kernel-sru-workflow/regression-testing Status: New => Confirmed ** Changed in: kernel-sru-workflow/security-signoff Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/812360 Title: linux: 2.6.24-29.92 -proposed tracker To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/812360/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 812360] Re: linux: 2.6.24-29.92 -proposed tracker
This kernel contains only CVE fixes and therefore has no bugs to be verified ** Changed in: kernel-sru-workflow/verification-testing Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/812360 Title: linux: 2.6.24-29.92 -proposed tracker To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/812360/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 812360] Re: linux: 2.6.24-29.92 -proposed tracker
** Changed in: kernel-sru-workflow/verification-testing Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/812360 Title: linux: 2.6.24-29.92 -proposed tracker To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/812360/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 812360] Re: linux: 2.6.24-29.92 -proposed tracker
** Changed in: kernel-sru-workflow/promote-to-proposed Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/812360 Title: linux: 2.6.24-29.92 -proposed tracker To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/812360/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 812360] Re: linux: 2.6.24-29.92 -proposed tracker
** Changed in: kernel-sru-workflow/prepare-package Status: In Progress => Fix Released ** Changed in: kernel-sru-workflow/promote-to-proposed Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/812360 Title: linux: 2.6.24-29.92 -proposed tracker To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/812360/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 812360] Re: linux: 2.6.24-29.92 -proposed tracker
** Tags added: hardy -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/812360 Title: linux: 2.6.24-29.92 -proposed tracker To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/812360/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs