[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch

2015-07-20 Thread Mathew Hodson 
** Information type changed from Public to Public Security

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-0069

** CVE removed: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3601

** CVE removed: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-5077

** CVE removed: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-5472

** Summary changed:

- CVE-2014-0069: CIFS -- add hardening patch
+ CIFS: sanity check length of data to send before sending

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1283101

Title:
  CIFS: sanity check length of data to send before sending

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch

2015-03-08 Thread Andy Whitcroft 
** Changed in: linux (Ubuntu)
   Status: Invalid = Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1283101

Title:
  CVE-2014-0069: CIFS -- add hardening patch

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch

2014-10-28 Thread Andy Whitcroft 
** Changed in: linux (Ubuntu)
   Status: Fix Released = Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1283101

Title:
  CVE-2014-0069: CIFS -- add hardening patch

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch

2014-09-22 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 3.13.0-36.63

---
linux (3.13.0-36.63) trusty; urgency=low

  [ Joseph Salisbury ]

  * Release Tracking Bug
- LP: #1365052

  [ Feng Kan ]

  * SAUCE: (no-up) irqchip:gic: change access of gicc_ctrl register to read
modify write.
- LP: #1357527
  * SAUCE: (no-up) arm64: optimized copy_to_user and copy_from_user
assembly code
- LP: #1358949

  [ Ming Lei ]

  * SAUCE: (no-up) Drop APM X-Gene SoC Ethernet driver
- LP: #1360140
  * [Config] Drop XGENE entries
- LP: #1360140
  * [Config] CONFIG_NET_XGENE=m for arm64
- LP: #1360140

  [ Stefan Bader ]

  * SAUCE: Add compat macro for skb_get_hash
- LP: #1358162
  * SAUCE: bcache: prevent crash on changing writeback_running
- LP: #1357295

  [ Suman Tripathi ]

  * SAUCE: (no-up) arm64: Fix the csr-mask for APM X-Gene SoC AHCI SATA PHY
clock DTS node.
- LP: #1359489
  * SAUCE: (no-up) ahci_xgene: Skip the PHY and clock initialization if
already configured by the firmware.
- LP: #1359501
  * SAUCE: (no-up) ahci_xgene: Fix the link down in first attempt for the
APM X-Gene SoC AHCI SATA host controller driver.
- LP: #1359507

  [ Tuan Phan ]

  * SAUCE: (no-up) pci-xgene-msi: fixed deadlock in irq_set_affinity
- LP: #1359514

  [ Upstream Kernel Changes ]

  * iwlwifi: mvm: Add a missed beacons threshold
- LP: #1349572
  * mac80211: reset probe_send_count also in HW_CONNECTION_MONITOR case
- LP: #1349572
  * genirq: Add an accessor for IRQ_PER_CPU flag
- LP: #1357527
  * arm64: perf: add support for percpu pmu interrupt
- LP: #1357527
  * cifs: sanity check length of data to send before sending
- LP: #1283101
  * KVM: nVMX: Pass vmexit parameters to nested_vmx_vmexit
- LP: #1329434
  * KVM: nVMX: Rework interception of IRQs and NMIs
- LP: #1329434
  * KVM: vmx: disable APIC virtualization in nested guests
- LP: #1329434
  * HID: Add transport-driver functions to the USB HID interface.
- LP: #1353021
  * ahci_xgene: Removing NCQ support from the APM X-Gene SoC AHCI SATA Host
Controller driver.
- LP: #1358498
  * fold d_kill() and d_free()
- LP: #1354234
  * fold try_prune_one_dentry()
- LP: #1354234
  * new helper: dentry_free()
- LP: #1354234
  * expand the call of dentry_lru_del() in dentry_kill()
- LP: #1354234
  * dentry_kill(): don't try to remove from shrink list
- LP: #1354234
  * don't remove from shrink list in select_collect()
- LP: #1354234
  * more graceful recovery in umount_collect()
- LP: #1354234
  * dcache: don't need rcu in shrink_dentry_list()
- LP: #1354234
  * lift the already marked killed case into shrink_dentry_list()
  * split dentry_kill()
- LP: #1354234
  * expand dentry_kill(dentry, 0) in shrink_dentry_list()
- LP: #1354234
  * shrink_dentry_list(): take parent's -d_lock earlier
- LP: #1354234
  * dealing with the rest of shrink_dentry_list() livelock
- LP: #1354234
  * dentry_kill() doesn't need the second argument now
- LP: #1354234
  * dcache: add missing lockdep annotation
- LP: #1354234
  * fs: convert use of typedef ctl_table to struct ctl_table
- LP: #1354234
  * lock_parent: don't step on stale -d_parent of all-but-freed one
- LP: #1354234
  * tools/testing/selftests/ptrace/peeksiginfo.c: add PAGE_SIZE definition
- LP: #1358855
  * x86, irq, pic: Probe for legacy PIC and set legacy_pic appropriately
- LP: #1317697
  * bnx2x: Fix kernel crash and data miscompare after EEH recovery
- LP: #1353105
  * bnx2x: Adapter not recovery from EEH error injection
- LP: #1353105
  * Fix: module signature vs tracepoints: add new TAINT_UNSIGNED_MODULE
- LP: #1359670
  * bcache: fix crash on shutdown in passthrough mode
- LP: #1357295
  * bcache: fix uninterruptible sleep in writeback thread
- LP: #1357295
  * namespaces: Use task_lock and not rcu to protect nsproxy
- LP: #1328088
  * MAINTAINERS: Add entry for APM X-Gene SoC ethernet driver
- LP: #1360140
  * Documentation: dts: Add bindings for APM X-Gene SoC ethernet driver
- LP: #1360140
  * dts: Add bindings for APM X-Gene SoC ethernet driver
- LP: #1360140
  * drivers: net: Add APM X-Gene SoC ethernet driver support.
- LP: #1360140
  * powerpc/mm: Add new set flag argument to pte/pmd update function
- LP: #1357014
  * powerpc/thp: Add write barrier after updating the valid bit
- LP: #1357014
  * powerpc/thp: Don't recompute vsid and ssize in loop on invalidate
- LP: #1357014
  * powerpc/thp: Invalidate old 64K based hash page mapping before insert
of 4k pte
- LP: #1357014
  * powerpc/thp: Handle combo pages in invalidate
- LP: #1357014
  * powerpc/thp: Invalidate with vpn in loop
- LP: #1357014
  * powerpc/thp: Use ACCESS_ONCE when loading pmdp
- LP: #1357014
  * powerpc/mm: Use read barrier when creating real_pte
- LP: #1357014
  * powerpc/thp: Add tracepoints to track hugepage

[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch

2014-09-22 Thread Launchpad Bug Tracker 
** Branch linked: lp:ubuntu/precise-security/linux-lts-trusty

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1283101

Title:
  CVE-2014-0069: CIFS -- add hardening patch

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch

2014-09-15 Thread Brad Figg 
** Tags removed: verification-needed-trusty
** Tags added: verification-done-trusty

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1283101

Title:
  CVE-2014-0069: CIFS -- add hardening patch

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch

2014-09-08 Thread Brad Figg 
This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
trusty' to 'verification-done-trusty'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-trusty

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1283101

Title:
  CVE-2014-0069: CIFS -- add hardening patch

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch

2014-09-05 Thread Launchpad Bug Tracker 
** Branch linked: lp:ubuntu/precise-proposed/linux-lts-trusty

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1283101

Title:
  CVE-2014-0069: CIFS -- add hardening patch

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch

2014-09-04 Thread Launchpad Bug Tracker 
** Branch linked: lp:ubuntu/trusty-proposed/linux-keystone

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1283101

Title:
  CVE-2014-0069: CIFS -- add hardening patch

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch

2014-08-18 Thread Tim Gardner 
** Changed in: linux (Ubuntu Trusty)
   Status: Confirmed = Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1283101

Title:
  CVE-2014-0069: CIFS -- add hardening patch

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch

2014-08-18 Thread Andy Whitcroft 
** Changed in: linux (Ubuntu Saucy)
   Status: Confirmed = Won't Fix

** Changed in: linux-lts-raring (Ubuntu Precise)
   Status: Confirmed = Won't Fix

** Changed in: linux-lts-saucy (Ubuntu Precise)
   Status: Confirmed = Won't Fix

** Changed in: linux-ti-omap4 (Ubuntu Saucy)
   Status: Confirmed = Won't Fix

** Changed in: linux (Ubuntu Lucid)
   Status: Confirmed = Won't Fix

** Changed in: linux-ec2 (Ubuntu Lucid)
   Status: Confirmed = Won't Fix

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1283101

Title:
  CVE-2014-0069: CIFS -- add hardening patch

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch

2014-05-22 Thread Andy Whitcroft 
** Changed in: linux (Ubuntu)
   Status: Fix Committed = Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1283101

Title:
  CVE-2014-0069: CIFS -- add hardening patch

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch

2014-05-22 Thread Andy Whitcroft 
** Changed in: linux (Ubuntu Quantal)
   Status: Confirmed = Won't Fix

** Changed in: linux-lts-quantal (Ubuntu Precise)
   Status: Confirmed = Won't Fix

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1283101

Title:
  CVE-2014-0069: CIFS -- add hardening patch

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch

2014-05-22 Thread Andy Whitcroft 
** Changed in: linux-ti-omap4 (Ubuntu Quantal)
   Status: Confirmed = Won't Fix

** Changed in: linux-armadaxp (Ubuntu Quantal)
   Status: Confirmed = Won't Fix

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1283101

Title:
  CVE-2014-0069: CIFS -- add hardening patch

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch

2014-05-16 Thread Andy Whitcroft 
** Changed in: linux (Ubuntu)
   Status: Confirmed = Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1283101

Title:
  CVE-2014-0069: CIFS -- add hardening patch

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch

2014-03-13 Thread Andy Whitcroft 
** Summary changed:

- CVE-2014-0069: add hardening patch
+ CVE-2014-0069: CIFS -- add hardening patch

** Description changed:

  This CVE was fixed under 5d81de8e8667da7135d3a32a964087c0faf5483f but
  there is a second fix which will make this much safer going forward
  against other bugs:
  
  http://article.gmane.org/gmane.linux.kernel.cifs/9402
  
  Makes sense to put this into any release which needs it.
  
- # from cifs branch for-next (may change again yet)
+ # As applied to linus' tree
  Break-fix: - a26054d184763969a411e3939fe243516715ff59

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1283101

Title:
  CVE-2014-0069: CIFS -- add hardening patch

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs