[Bug 707649] Re: CVE-2010-4079
** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4249 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/707649 Title: CVE-2010-4079 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/707649/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 707649] Re: CVE-2010-4079
This bug was fixed in the package linux-ti-omap4 - 2.6.35-903.22 --- linux-ti-omap4 (2.6.35-903.22) maverick; urgency=low [ Paolo Pisati ] * Release Tracking Bug - LP: #744250 [ Upstream Kernel Changes ] * ALSA: seq/oss - Fix double-free at error path of snd_seq_oss_open(), CVE-2010-3080 - CVE-2010-3080 * tracing: t_start: reset FTRACE_ITER_HASH in case of seek/pread, CVE-2010-3079 - CVE-2010-3079 * KEYS: Fix bug in keyctl_session_to_parent() if parent has no session keyring, CVE-2010-2960 - CVE-2010-2960 * drm/i915: Sanity check pread/pwrite, CVE-2010-2962 - CVE-2010-2962 * do_exit(): make sure that we run with get_fs() == USER_DS, CVE-2010-3849 - CVE-2010-3849 * econet: disallow NULL remote addr for sendmsg(), fixes CVE-2010-3849 - CVE-2010-3849 * econet: fix CVE-2010-3850 - CVE-2010-3850 * econet: fix CVE-2010-3848 - CVE-2010-3848 * compat: Make compat_alloc_user_space() incorporate the access_ok(), CVE-2010-3081 - CVE-2010-3081 * irda: Correctly clean up self-ias_obj on irda_bind() failure., CVE-2010-2954 - CVE-2010-2954 * wireless extensions: fix kernel heap content leak, CVE-2010-2955 - CVE-2010-2955 * KEYS: Fix RCU no-lock warning in keyctl_session_to_parent(), CVE-2010-2960 - CVE-2010-2960 * Fix pktcdvd ioctl dev_minor range check, CVE-2010-3437 - CVE-2010-3437 * Fix out-of-bounds reading in sctp_asoc_get_hmac(), CVE-2010-3705 - CVE-2010-3705 * ocfs2: Don't walk off the end of fast symlinks., CVE-2010-NNN2 - CVE-2010-NNN2 * v4l: disable dangerous buggy compat function, CVE-2010-2963 - CVE-2010-2963 * Local privilege escalation vulnerability in RDS sockets, CVE-2010-3904 - CVE-2010-3904 * net: clear heap allocation for ETHTOOL_GRXCLSRLALL, CVE-2010-3861 - CVE-2010-3861 * ipc: shm: fix information leak to userland, CVE-2010-4072 - CVE-2010-4072 * tcp: Increase TCP_MAXSEG socket option minimum., CVE-2010-4165 - CVE-2010-4165 * af_unix: limit unix_tot_inflight, CVE-2010-4249 - CVE-2010-4249 * V4L/DVB: ivtvfb: prevent reading uninitialized stack memory, CVE-2010-4079 - LP: #707649 - CVE-2010-4079 * net: fix rds_iovec page count overflow, CVE-2010-3865 - LP: #709153 - CVE-2010-3865 * net: ax25: fix information leak to userland, CVE-2010-3875 - LP: #710714 - CVE-2010-3875 * net: ax25: fix information leak to userland harder, CVE-2010-3875 - LP: #710714 - CVE-2010-3875 * net: packet: fix information leak to userland, CVE-2010-3876 - LP: #710714 - CVE-2010-3876 * net: tipc: fix information leak to userland, CVE-2010-3877 - LP: #711291 - CVE-2010-3877 * filter: make sure filters dont read uninitialized memory, CVE-2010-4158 - LP: #721282 - CVE-2010-4158 * econet: Fix crash in aun_incoming(). CVE-2010-4342 - LP: #736394 - CVE-2010-4342 * sound: Prevent buffer overflow in OSS load_mixer_volumes, CVE-2010-4527 - LP: #737073 - CVE-2010-4527 * irda: prevent integer underflow in IRLMP_ENUMDEVICES, CVE-2010-4529 - LP: #737823 - CVE-2010-4529 * x25: Prevent crashing when parsing bad X.25 facilities, CVE-2010-4164, CVE-2010-3873 - LP: #731199 - CVE-2010-3873 * install_special_mapping skips security_file_mmap check., CVE-2010-4346 - LP: #731971 - CVE-2010-4346 -- Tim Gardner tim.gard...@canonical.com Wed, 02 Feb 2011 21:45:27 + ** Changed in: linux-ti-omap4 (Ubuntu Maverick) Status: Fix Committed = Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-2954 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-2955 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-2960 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-2962 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-2963 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3079 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3080 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3081 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3437 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3705 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3861 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3904 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4158 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4164 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4342 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4346 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4527 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4529 -- You received this bug notification because you are a member of Ubuntu
[Bug 707649] Re: CVE-2010-4079
** Branch linked: lp:ubuntu/maverick-proposed/linux-ti-omap4 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/707649 Title: CVE-2010-4079 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 707649] Re: CVE-2010-4079
** Changed in: linux-ti-omap4 (Ubuntu Hardy) Status: New = Invalid ** Changed in: linux-ti-omap4 (Ubuntu Lucid) Status: New = Invalid ** Changed in: linux-ti-omap4 (Ubuntu Karmic) Status: New = Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/707649 Title: CVE-2010-4079 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 707649] Re: CVE-2010-4079
** Changed in: linux-ti-omap4 (Ubuntu Natty) Status: New = Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/707649 Title: CVE-2010-4079 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 707649] Re: CVE-2010-4079
** Also affects: linux-ti-omap4 (Ubuntu) Importance: Undecided Status: New ** Changed in: linux-ti-omap4 (Ubuntu Dapper) Status: New = Invalid ** Changed in: linux-ti-omap4 (Ubuntu Maverick) Status: New = Fix Committed ** Changed in: linux-ti-omap4 (Ubuntu Maverick) Assignee: (unassigned) = Paolo Pisati (p-pisati) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/707649 Title: CVE-2010-4079 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 707649] Re: CVE-2010-4079
This bug was fixed in the package linux - 2.6.35-27.48
---
linux (2.6.35-27.48) maverick-proposed; urgency=low
[ Steve Conklin ]
* Release Tracking Bug
- LP: #723335
[ Upstream Kernel Changes ]
* thinkpad-acpi: avoid keymap pitfall
- LP: #722747
linux (2.6.35-27.47) maverick-proposed; urgency=low
[ Brad Figg ]
* Release Tracking Bug
- LP: #716532
[ Upstream Kernel Changes ]
* Revert USB: gadget: Allow function access to device ID data during
bind()
- LP: #714732
* net: fix rds_iovec page count overflow, CVE-2010-3865
- LP: #709153
- CVE-2010-3865
* Input: fix typo in keycode validation supporting large scancodes
- LP: #658198
* net: ax25: fix information leak to userland, CVE-2010-3875
- LP: #710714
- CVE-2010-3875
* net: ax25: fix information leak to userland harder, CVE-2010-3875
- LP: #710714
- CVE-2010-3875
* net: packet: fix information leak to userland, CVE-2010-3876
- LP: #710714
- CVE-2010-3876
* net: tipc: fix information leak to userland, CVE-2010-3877
- LP: #711291
- CVE-2010-3877
* posix-cpu-timers: workaround to suppress the problems with mt exec,
CVE-2010-4248
- LP: #712609
- CVE-2010-4248
* sys_semctl: fix kernel stack leakage, CVE-2010-4083
- LP: #712749
- CVE-2010-4083
* thinkpad-acpi: lock down size of hotkey keymap
- LP: #712174
* thinkpad-acpi: add support for model-specific keymaps
- LP: #712174
* thinkpad-acpi: Add KEY_CAMERA (Fn-F6) for Lenovo keyboards
- LP: #712174
* x86, hotplug: Use mwait to offline a processor, fix the legacy case
- LP: #714732
* fuse: verify ioctl retries
- LP: #714732
* fuse: fix ioctl when server is 32bit
- LP: #714732
* ALSA: hda: Use position_fix=1 for Acer Aspire 5538 to enable capture on
internal mic
- LP: #685161, #714732
* ALSA: hda: Use model=lg quirk for LG P1 Express to enable playback and
capture
- LP: #595482, #714732
* drm/radeon/kms: don't apply 7xx HDP flush workaround on AGP
- LP: #714732
* drm/kms: remove spaces from connector names (v2)
- LP: #714732
* drm/radeon/kms: fix vram base calculation on rs780/rs880
- LP: #714732
* nohz: Fix printk_needs_cpu() return value on offline cpus
- LP: #714732
* nohz: Fix get_next_timer_interrupt() vs cpu hotplug
- LP: #714732
* nfsd: Fix possible BUG_ON firing in set_change_info
- LP: #714732
* NFS: Fix fcntl F_GETLK not reporting some conflicts
- LP: #714732
* sunrpc: prevent use-after-free on clearing XPT_BUSY
- LP: #714732
* hwmon: (adm1026) Allow 1 as a valid divider value
- LP: #714732
* hwmon: (adm1026) Fix setting fan_div
- LP: #714732
* EDAC: Fix workqueue-related crashes
- LP: #714732
* amd64_edac: Fix interleaving check
- LP: #714732
* ASoC: Fix swap of left and right channels for WM8993/4 speaker boost
gain
- LP: #714732
* ASoC: Fix off by one error in WM8994 EQ register bank size
- LP: #714732
* ASoC: WM8580: Fix R8 initial value
- LP: #714732
* ASoC: fix deemphasis control in wm8904/55/60 codecs
- LP: #714732
* bootmem: Add alloc_bootmem_align()
- LP: #714732
* x86, xsave: Use alloc_bootmem_align() instead of alloc_bootmem()
- LP: #714732
* IB/uverbs: Handle large number of entries in poll CQ
- LP: #714732
* PM / Hibernate: Fix PM_POST_* notification with user-space suspend
- LP: #714732
* ARM: 6535/1: V6 MPCore v6_dma_inv_range and v6_dma_flush_range RWFO fix
- LP: #714732
* qla2xxx: Correct issue where NPIV-config data was not being allocated
for 82xx parts.
- LP: #714732
* qla2xxx: Populate Command Type 6 LUN field properly.
- LP: #714732
* llc: fix a device refcount imbalance
- LP: #714732
* ath9k: Disable SWBA interrupt on remove_interface
- LP: #714732
* ath9k: fix bug in tx power
- LP: #714732
* mac80211: Fix BUG in pskb_expand_head when transmitting shared skbs
- LP: #714732
* SPARC/LEON: removed constant timer initialization as if HZ=100, now it
reflects the value of HZ
- LP: #714732
* sparc64: Delete prom_puts() unused.
- LP: #714732
* sparc: Remove prom_pathtoinode()
- LP: #714732
* sparc: Kill prom devops_{32,64}.c
- LP: #714732
* sparc64: Unexport prom_service_exists().
- LP: #714732
* sparc64: Delete prom_setcallback().
- LP: #714732
* sparc: Do not export prom_nb{get,put}char().
- LP: #714732
* sparc: Pass buffer pointer all the way down to prom_{get,put}char().
- LP: #714732
* sparc: Delete prom_*getchar().
- LP: #714732
* sparc: Write to prom console using indirect buffer.
- LP: #714732
* tcp: Don't change unlocked socket state in tcp_v4_err().
- LP: #714732
* tcp: Make TCP_MAXSEG minimum more correct.
- LP: #714732
* tcp: Bug fix in initialization of receive window.
- LP: #714732
* tcp: avoid a possible divide by zero
- LP: #714732
[Bug 707649] Re: CVE-2010-4079
This bug was fixed in the package linux - 2.6.24-28.86 --- linux (2.6.24-28.86) hardy-proposed; urgency=low [ Brad Figg ] * Release Tracking Bug - LP: #716166 [Tim Gardner] * xen unified block-device I/O interface back end can orphan devices, CVE-2010-3699 - LP: #708019 - CVE-2010-3699 [Upstream Kernel Changes] * Hardy SRU: thinkpad-acpi: lock down video output state access, CVE-2010-3448 - LP: #706999 - CVE-2010-3448 * net: Limit socket I/O iovec total length to INT_MAX., CVE-2010-3859 - LP: #711855, #708839 - CVE-2010-4160 * net: Truncate recvfrom and sendto length to INT_MAX., CVE-2010-3859 - LP: #711855, #708839 - CVE-2010-4160 * net: ax25: fix information leak to userland, CVE-2010-3875 - LP: #710714 - CVE-2010-3875 * net: ax25: fix information leak to userland harder, CVE-2010-3875 - LP: #710714 - CVE-2010-3875 * memory corruption in X.25 facilities parsing, CVE-2010-3873 - LP: #709372 - CVE-2010-3873 * net: packet: fix information leak to userland, CVE-2010-3876 - LP: #710714 - CVE-2010-3876 * net: tipc: fix information leak to userland, CVE-2010-3877 - LP: #711291 - CVE-2010-3877 * KVM: VMX: fix vmx null pointer dereference on debug register access, CVE-2010-0435 - LP: #712615 - CVE-2010-0435 * gdth: integer overflow in ioctl, CVE-2010-4157 - LP: #711797 - CVE-2010-4157 * posix-cpu-timers: workaround to suppress the problems with mt exec, CVE-2010-4248 - LP: #712609 - CVE-2010-4248 * ALSA: sound/pci/rme9652: prevent reading uninitialized stack memory, CVE-2010-4080, CVE-2010-4081 - LP: #712723, #712737 - CVE-2010-4081 * sys_semctl: fix kernel stack leakage, CVE-2010-4083 - LP: #712749 - CVE-2010-4083 * inet_diag: Make sure we actually run the same bytecode we audited, CVE-2010-3880 - LP: #711865 - CVE-2010-3880 linux (2.6.24-28.85) hardy-proposed; urgency=low [ Brad Figg ] * Tracking Bug - LP: #708315 [Upstream Kernel Changes] * ata_piix: IDE mode SATA patch for Intel ICH10 DeviceID's - LP: #693401 * USB: serial/mos*: prevent reading uninitialized stack memory, CVE-2010-4074 - LP: #706149 - CVE-2010-4074 * KVM: Fix fs/gs reload oops with invalid ldt - LP: #707000 - CVE-2010-3698 * drivers/video/sis/sis_main.c: prevent reading uninitialized stack memory, CVE-2010-4078 - LP: #707579 - CVE-2010-4078 * V4L/DVB: ivtvfb: prevent reading uninitialized stack memory, CVE-2010-4079 - LP: #707649 - CVE-2010-4079 linux (2.6.24-28.84) hardy-proposed; urgency=low [ Steve Conklin ] * Tracking Bug - LP: #698185 linux (2.6.24-28.83) hardy-proposed; urgency=low [ Steve Conklin ] * tracking bug moved from here to latest entry linux (2.6.24-28.82) hardy-proposed; urgency=low [ Leann Ogasawara ] * Revert SAUCE: AF_ECONET saddr-cookie prevent NULL pointer dereference * Revert SAUCE: AF_ECONET SIOCSIFADDR ioctl does not check privileges * Revert SAUCE: AF_ECONET prevent kernel stack overflow [Upstream Kernel Changes] * xfs: validate untrusted inode numbers during lookup - CVE-2010-2943 * xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED - CVE-2010-2943 * xfs: remove block number from inode lookup code - CVE-2010-2943 * xfs: fix untrusted inode number lookup - CVE-2010-2943 * drivers/net/cxgb3/cxgb3_main.c: prevent reading uninitialized stack memory - CVE-2010-3296 * drivers/net/eql.c: prevent reading uninitialized stack memory - CVE-2010-3297 * setup_arg_pages: diagnose excessive argument size - CVE-2010-3858 * ipc: shm: fix information leak to userland - CVE-2010-4072 * econet: disallow NULL remote addr for sendmsg(), fixes CVE-2010-3849 - CVE-2010-3849 * econet: fix CVE-2010-3850 - CVE-2010-3850 * econet: fix CVE-2010-3848 - CVE-2010-3848 -- Brad Figg brad.f...@canonical.com Wed, 09 Feb 2011 15:14:25 -0800 ** Changed in: linux (Ubuntu Hardy) Status: In Progress = Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-0435 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-2943 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3296 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3297 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3448 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3698 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3699 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3848 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3849 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3850 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3858 ** CVE added:
[Bug 707649] Re: CVE-2010-4079
This bug was fixed in the package linux - 2.6.31-22.73 --- linux (2.6.31-22.73) karmic-proposed; urgency=low [ Steve Conklin ] * Release Tracking Bug - LP: #716648 [ Upstream Kernel Changes ] * copied ABI directory * net: Limit socket I/O iovec total length to INT_MAX., CVE-2010-3859 - LP: #708839, #711855 - CVE-2010-4160 * net: Truncate recvfrom and sendto length to INT_MAX., CVE-2010-3859 - LP: #708839, #711855 - CVE-2010-4160 * net: fix rds_iovec page count overflow, CVE-2010-3865 - LP: #709153 - CVE-2010-3865 * net: ax25: fix information leak to userland, CVE-2010-3875 - LP: #710714 - CVE-2010-3875 * net: ax25: fix information leak to userland harder, CVE-2010-3875 - LP: #710714 - CVE-2010-3875 * can-bcm: fix minor heap overflow - LP: #710680 - CVE-2010-3874 * memory corruption in X.25 facilities parsing, CVE-2010-3873 - LP: #709372 - CVE-2010-3873 * net: packet: fix information leak to userland, CVE-2010-3876 - LP: #710714 - CVE-2010-3876 * net: tipc: fix information leak to userland, CVE-2010-3877 - LP: #711291 - CVE-2010-3877 * KVM: VMX: fix vmx null pointer dereference on debug register access, CVE-2010-0435 - LP: #712615 - CVE-2010-0435 * gdth: integer overflow in ioctl, CVE-2010-4157 - LP: #711797 - CVE-2010-4157 * posix-cpu-timers: workaround to suppress the problems with mt exec, CVE-2010-4248 - LP: #712609 - CVE-2010-4248 * ALSA: sound/pci/rme9652: prevent reading uninitialized stack memory, CVE-2010-4080, CVE-2010-4081 - LP: #712723, #712737 - CVE-2010-4081 * drivers/video/via/ioctl.c: prevent reading uninitialized stack memory, CVE-2010-4082 - LP: #712744 - CVE-2010-4082 * sys_semctl: fix kernel stack leakage, CVE-2010-4083 - LP: #712749 - CVE-2010-4083 * inet_diag: Make sure we actually run the same bytecode we audited, CVE-2010-3880 - LP: #711865 - CVE-2010-3880 linux (2.6.31-22.72) karmic-proposed; urgency=low [ Brad Figg ] * Tracking Bug - LP: #708860 [ Upstream Kernel Changes ] * Karmic SRU: thinkpad-acpi: lock down video output state access, CVE-2010-3448 - LP: #706999 - CVE-2010-3448 * USB: serial/mos*: prevent reading uninitialized stack memory, CVE-2010-4074 - LP: #706149 - CVE-2010-4074 * KVM: Fix fs/gs reload oops with invalid ldt - LP: #707000 - CVE-2010-3698 * drivers/video/sis/sis_main.c: prevent reading uninitialized stack memory, CVE-2010-4078 - LP: #707579 - CVE-2010-4078 * V4L/DVB: ivtvfb: prevent reading uninitialized stack memory, CVE-2010-4079 - LP: #707649 - CVE-2010-4079 linux (2.6.31-22.71) karmic-proposed; urgency=low [ Brad Figg ] - LP: #698214 [ Upstream Kernel Changes ] * ipc: initialize structure memory to zero for compat functions * tcp: Increase TCP_MAXSEG socket option minimum. - CVE-2010-4165 * perf_events: Fix perf_counter_mmap() hook in mprotect() - CVE-2010-4169 * af_unix: limit unix_tot_inflight - CVE-2010-4249 -- Steve Conklin sconk...@canonical.com Thu, 10 Feb 2011 13:49:49 -0600 ** Changed in: linux (Ubuntu Karmic) Status: In Progress = Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3865 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3874 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4082 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4165 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4169 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4249 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/707649 Title: CVE-2010-4079 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 707649] Re: CVE-2010-4079
** Tags added: verification-done-maverick ** Tags removed: verification-done -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/707649 Title: CVE-2010-4079 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 707649] Re: CVE-2010-4079
This is a CVE fix. There is no test for this particular issue. ** Tags added: verification-done -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/707649 Title: CVE-2010-4079 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 707649] Re: CVE-2010-4079
This is the commit below in mainline which was in mainline v2.6.36 and is therefore Fix Released, closing: commit 405707985594169cfd0b1d97d29fcb4b4c6f2ac9 Author: Dan Rosenberg drosenb...@vsecurity.com Date: Wed Sep 15 18:44:22 2010 -0300 V4L/DVB: ivtvfb: prevent reading uninitialized stack memory ** Also affects: linux (Ubuntu Natty) Importance: Undecided Status: New ** Changed in: linux (Ubuntu Natty) Status: New = Fix Released ** Changed in: linux (Ubuntu Natty) Assignee: (unassigned) = Andy Whitcroft (apw) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/707649 Title: CVE-2010-4079 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 707649] Re: CVE-2010-4079
** Also affects: linux (Ubuntu Dapper) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Hardy) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Karmic) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Maverick) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/707649 Title: CVE-2010-4079 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 707649] Re: CVE-2010-4079
** This bug has been flagged as a security vulnerability ** Changed in: linux (Ubuntu Hardy) Status: New = In Progress ** Changed in: linux (Ubuntu Karmic) Status: New = In Progress ** Changed in: linux (Ubuntu Lucid) Status: New = Fix Released ** Changed in: linux (Ubuntu Maverick) Status: New = In Progress ** Changed in: linux (Ubuntu Dapper) Status: New = Invalid ** Changed in: linux (Ubuntu Karmic) Importance: Undecided = Low ** Changed in: linux (Ubuntu Hardy) Assignee: (unassigned) = Brad Figg (brad-figg) ** Changed in: linux (Ubuntu Maverick) Assignee: (unassigned) = Brad Figg (brad-figg) ** Changed in: linux (Ubuntu Hardy) Importance: Undecided = Low ** Changed in: linux (Ubuntu Karmic) Assignee: (unassigned) = Brad Figg (brad-figg) ** Changed in: linux (Ubuntu Maverick) Importance: Undecided = Low -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/707649 Title: CVE-2010-4079 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 707649] Re: CVE-2010-4079
** Patch added: hardy-CVE-2010-4079.patch https://bugs.launchpad.net/ubuntu/+source/linux/+bug/707649/+attachment/1807182/+files/hardy-CVE-2010-4079.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/707649 Title: CVE-2010-4079 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 707649] Re: CVE-2010-4079
** Patch added: karmic-CVE-2010-4079.patch https://bugs.launchpad.net/ubuntu/+source/linux/+bug/707649/+attachment/1807183/+files/karmic-CVE-2010-4079.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/707649 Title: CVE-2010-4079 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 707649] Re: CVE-2010-4079
** Patch added: maverick-CVE-2010-4079.patch https://bugs.launchpad.net/ubuntu/+source/linux/+bug/707649/+attachment/1807184/+files/maverick-CVE-2010-4079.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/707649 Title: CVE-2010-4079 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
