[Bug 710714] Re: CVE-2010-3875
** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4249 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/710714 Title: CVE-2010-3875 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/710714/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 710714] Re: CVE-2010-3875
** Changed in: linux (Ubuntu Dapper) Status: Fix Committed = Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/710714 Title: CVE-2010-3875 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/710714/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 710714] Re: CVE-2010-3875
** Tags added: kernel-cve-tracking-bug ** Tags removed: kernel-cve-tracker -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/710714 Title: CVE-2010-3875 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/710714/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 710714] Re: CVE-2010-3875
This bug was fixed in the package linux-fsl-imx51 - 2.6.31-609.26 --- linux-fsl-imx51 (2.6.31-609.26) lucid; urgency=low [ Paolo Pisati ] * Tracking bug - LP: #795219 * [Config] Disable parport_pc on fsl-imx51 - LP: #601226 [ Upstream Kernel Changes ] * ALSA: sound/pci/rme9652: prevent reading uninitialized stack memory - LP: #712723, #712737 * can-bcm: fix minor heap overflow - LP: #710680 * drivers/video/via/ioctl.c: prevent reading uninitialized stack memory - LP: #712744 * gdth: integer overflow in ioctl - LP: #711797 * inet_diag: Make sure we actually run the same bytecode we audited, CVE-2010-3880 - LP: #711865 - CVE-2010-3880 * net: fix rds_iovec page count overflow, CVE-2010-3865 - LP: #709153 - CVE-2010-3865 * net: packet: fix information leak to userland, CVE-2010-3876 - LP: #711045 - CVE-2010-3876 * net: tipc: fix information leak to userland, CVE-2010-3877 - LP: #711291 - CVE-2010-3877 * net: Truncate recvfrom and sendto length to INT_MAX. - LP: #708839 * posix-cpu-timers: workaround to suppress the problems with mt exec - LP: #712609 * sys_semctl: fix kernel stack leakage - LP: #712749 * x25: Patch to fix bug 15678 - x25 accesses fields beyond end of packet. - LP: #709372 * memory corruption in X.25 facilities parsing - LP: #709372 * net: ax25: fix information leak to userland, CVE-2010-3875 - LP: #710714 - CVE-2010-3875 * net: ax25: fix information leak to userland harder, CVE-2010-3875 - LP: #710714 - CVE-2010-3875 * fs/partitions/ldm.c: fix oops caused by corrupted partition table, CVE-2011-1017 - LP: #771382 - CVE-2011-1017 * net: clear heap allocations for privileged ethtool actions - LP: #771445 * Prevent rt_sigqueueinfo and rt_tgsigqueueinfo from spoofing the signal code - LP: #772543 * Relax si_code check in rt_sigqueueinfo and rt_tgsigqueueinfo - LP: #772543 * exec: make argv/envp memory visible to oom-killer - LP: #768408 * next_pidmap: fix overflow condition - LP: #784727 * proc: do proper range check on readdir offset - LP: #784727 * mpt2sas: prevent heap overflows and unchecked reads - LP: #787145 * agp: fix arbitrary kernel memory writes - LP: #788684 * can: add missing socket check in can/raw release - LP: #788694 * agp: fix OOM and buffer overflow - LP: #788700 * do_exit(): make sure that we run with get_fs() == USER_DS - CVE-2010-4258 - LP: #723945 - CVE-2010-4258 * x25: Prevent crashing when parsing bad X.25 facilities - CVE-2010-4164 - LP: #731199 - CVE-2010-4164 * install_special_mapping skips security_file_mmap check - CVE-2010-4346 - LP: #731971 - CVE-2010-4346 * econet: Fix crash in aun_incoming() - CVE-2010-4342 - LP: #736394 - CVE-2010-4342 * sound: Prevent buffer overflow in OSS load_mixer_volumes - CVE-2010-4527 - LP: #737073 - CVE-2010-4527 * irda: prevent integer underflow in IRLMP_ENUMDEVICES, CVE-2010-4529 - LP: #737823 - CVE-2010-4529 * CAN: Use inode instead of kernel address for /proc file - CVE-2010-4565 - LP: #765007 - CVE-2010-4565 * av7110: check for negative array offset - CVE-2011-0521 - LP: #767526 - CVE-2011-0521 * xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1 - CVE-2011-0711 - LP: #767740 - CVE-2011-0711 * xfs: zero proper structure size for geometry calls - CVE-2011-0711 - LP: #767740 - CVE-2011-0711 * ALSA: caiaq - Fix possible string-buffer overflow - CVE-2011-0712 - LP: #768448 - CVE-2011-0712 * RDMA/cma: Fix crash in request handlers - CVE-2011-0695 - LP: #770369 - CVE-2011-0695 * IB/cm: Bump reference count on cm_id before invoking callback - CVE-2011-0695 - LP: #770369 - CVE-2011-0695 * Treat writes as new when holes span across page boundaries - CVE-2011-0463 - LP: #770483 - CVE-2011-0463 * usb: iowarrior: don't trust report_size for buffer size - CVE-2010-4656 - LP: #771484 - CVE-2010-4656 * tty: icount changeover for other main devices, CVE-2010-4076, CVE-2010-4077 - LP: #720189 - CVE-2010-4077 -- Paolo Pisati paolo.pis...@canonical.com Fri, 27 May 2011 18:09:53 +0200 ** Changed in: linux-fsl-imx51 (Ubuntu Lucid) Status: In Progress = Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4258 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4565 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4656 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-0463 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-0521 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-0695 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-0711 ** CVE added: http://www.cve.mitre.org/cgi-
[Bug 710714] Re: CVE-2010-3875
karmic is EOL ** Also affects: linux-fsl-imx51 (Ubuntu) Importance: Undecided Status: New ** Changed in: linux-fsl-imx51 (Ubuntu) Status: New = Invalid ** Changed in: linux-fsl-imx51 (Ubuntu Dapper) Status: New = Invalid ** Changed in: linux-fsl-imx51 (Ubuntu Hardy) Status: New = Invalid ** Changed in: linux-fsl-imx51 (Ubuntu Maverick) Status: New = Invalid ** Changed in: linux-fsl-imx51 (Ubuntu Natty) Status: New = Invalid ** Changed in: linux-fsl-imx51 (Ubuntu Karmic) Status: New = Won't Fix ** Changed in: linux-fsl-imx51 (Ubuntu Lucid) Status: New = In Progress ** Changed in: linux-fsl-imx51 (Ubuntu Lucid) Assignee: (unassigned) = Paolo Pisati (p-pisati) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/710714 Title: CVE-2010-3875 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 710714] Re: CVE-2010-3875
This bug was fixed in the package linux-ti-omap4 - 2.6.35-903.22 --- linux-ti-omap4 (2.6.35-903.22) maverick; urgency=low [ Paolo Pisati ] * Release Tracking Bug - LP: #744250 [ Upstream Kernel Changes ] * ALSA: seq/oss - Fix double-free at error path of snd_seq_oss_open(), CVE-2010-3080 - CVE-2010-3080 * tracing: t_start: reset FTRACE_ITER_HASH in case of seek/pread, CVE-2010-3079 - CVE-2010-3079 * KEYS: Fix bug in keyctl_session_to_parent() if parent has no session keyring, CVE-2010-2960 - CVE-2010-2960 * drm/i915: Sanity check pread/pwrite, CVE-2010-2962 - CVE-2010-2962 * do_exit(): make sure that we run with get_fs() == USER_DS, CVE-2010-3849 - CVE-2010-3849 * econet: disallow NULL remote addr for sendmsg(), fixes CVE-2010-3849 - CVE-2010-3849 * econet: fix CVE-2010-3850 - CVE-2010-3850 * econet: fix CVE-2010-3848 - CVE-2010-3848 * compat: Make compat_alloc_user_space() incorporate the access_ok(), CVE-2010-3081 - CVE-2010-3081 * irda: Correctly clean up self-ias_obj on irda_bind() failure., CVE-2010-2954 - CVE-2010-2954 * wireless extensions: fix kernel heap content leak, CVE-2010-2955 - CVE-2010-2955 * KEYS: Fix RCU no-lock warning in keyctl_session_to_parent(), CVE-2010-2960 - CVE-2010-2960 * Fix pktcdvd ioctl dev_minor range check, CVE-2010-3437 - CVE-2010-3437 * Fix out-of-bounds reading in sctp_asoc_get_hmac(), CVE-2010-3705 - CVE-2010-3705 * ocfs2: Don't walk off the end of fast symlinks., CVE-2010-NNN2 - CVE-2010-NNN2 * v4l: disable dangerous buggy compat function, CVE-2010-2963 - CVE-2010-2963 * Local privilege escalation vulnerability in RDS sockets, CVE-2010-3904 - CVE-2010-3904 * net: clear heap allocation for ETHTOOL_GRXCLSRLALL, CVE-2010-3861 - CVE-2010-3861 * ipc: shm: fix information leak to userland, CVE-2010-4072 - CVE-2010-4072 * tcp: Increase TCP_MAXSEG socket option minimum., CVE-2010-4165 - CVE-2010-4165 * af_unix: limit unix_tot_inflight, CVE-2010-4249 - CVE-2010-4249 * V4L/DVB: ivtvfb: prevent reading uninitialized stack memory, CVE-2010-4079 - LP: #707649 - CVE-2010-4079 * net: fix rds_iovec page count overflow, CVE-2010-3865 - LP: #709153 - CVE-2010-3865 * net: ax25: fix information leak to userland, CVE-2010-3875 - LP: #710714 - CVE-2010-3875 * net: ax25: fix information leak to userland harder, CVE-2010-3875 - LP: #710714 - CVE-2010-3875 * net: packet: fix information leak to userland, CVE-2010-3876 - LP: #710714 - CVE-2010-3876 * net: tipc: fix information leak to userland, CVE-2010-3877 - LP: #711291 - CVE-2010-3877 * filter: make sure filters dont read uninitialized memory, CVE-2010-4158 - LP: #721282 - CVE-2010-4158 * econet: Fix crash in aun_incoming(). CVE-2010-4342 - LP: #736394 - CVE-2010-4342 * sound: Prevent buffer overflow in OSS load_mixer_volumes, CVE-2010-4527 - LP: #737073 - CVE-2010-4527 * irda: prevent integer underflow in IRLMP_ENUMDEVICES, CVE-2010-4529 - LP: #737823 - CVE-2010-4529 * x25: Prevent crashing when parsing bad X.25 facilities, CVE-2010-4164, CVE-2010-3873 - LP: #731199 - CVE-2010-3873 * install_special_mapping skips security_file_mmap check., CVE-2010-4346 - LP: #731971 - CVE-2010-4346 -- Tim Gardner tim.gard...@canonical.com Wed, 02 Feb 2011 21:45:27 + ** Changed in: linux-ti-omap4 (Ubuntu Maverick) Status: Fix Committed = Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3079 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3081 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4164 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4342 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4346 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4527 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4529 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/710714 Title: CVE-2010-3875 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 710714] Re: CVE-2010-3875
** Branch linked: lp:ubuntu/maverick-proposed/linux-ti-omap4 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/710714 Title: CVE-2010-3875 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 710714] Re: CVE-2010-3875
** Changed in: linux-mvl-dove (Ubuntu Dapper) Status: New = Invalid ** Changed in: linux-mvl-dove (Ubuntu Hardy) Status: New = Invalid ** Changed in: linux-mvl-dove (Ubuntu Karmic) Status: New = Invalid ** Changed in: linux-ti-omap4 (Ubuntu Dapper) Status: New = Invalid ** Changed in: linux-ti-omap4 (Ubuntu Hardy) Status: New = Invalid ** Changed in: linux-ti-omap4 (Ubuntu Karmic) Status: New = Invalid ** Changed in: linux-ti-omap4 (Ubuntu Lucid) Status: New = Invalid ** Changed in: linux-ti-omap4 (Ubuntu Natty) Status: New = Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/710714 Title: CVE-2010-3875 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 710714] Re: CVE-2010-3875
** Also affects: linux-ti-omap4 (Ubuntu) Importance: Undecided Status: New ** Changed in: linux-ti-omap4 (Ubuntu Maverick) Status: New = Fix Committed ** Changed in: linux-ti-omap4 (Ubuntu Maverick) Assignee: (unassigned) = Paolo Pisati (p-pisati) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/710714 Title: CVE-2010-3875 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 710714] Re: CVE-2010-3875
This bug was fixed in the package linux-mvl-dove - 2.6.32-416.33 --- linux-mvl-dove (2.6.32-416.33) maverick; urgency=low [ Ubuntu: 2.6.32-31.60 ] * Release Tracking Bug - LP: #734950 * SAUCE: Clear new_profile in error path - LP: #732700 * [Config] CONFIG_BOOT_PRINTK_DELAY=y - LP: #733191 * Revert drm/radeon/bo: add some fallback placements for VRAM only objects. - LP: #652934 * drm/radeon: fall back to GTT if bo creation/validation in VRAM fails. - LP: #652934 * drm/radeon/kms: Fix retrying ttm_bo_init() after it failed once. - LP: #652934 * xfs: always use iget in bulkstat - LP: #692848 * drm/radeon/kms: make the mac rv630 quirk generic - LP: #728687 * drm/radeon/kms: add pll debugging output - LP: #728687 * drm/radeon: remove 0x4243 pci id - LP: #728687 * drm/radeon/kms: fix s/r issues with bios scratch regs - LP: #728687 * drm/i915/lvds: Add AOpen i915GMm-HFS to the list of false-positive LVDS - LP: #728687 * drm/i915: Add dependency on CONFIG_TMPFS - LP: #728687 * Linux 2.6.32.29+drm33.14 - LP: #728687 * NFSD: memory corruption due to writing beyond the stat array - LP: #728687 * mptfusion: mptctl_release is required in mptctl.c - LP: #728687 * mptfusion: Fix Incorrect return value in mptscsih_dev_reset - LP: #728687 * ocfs2_connection_find() returns pointer to bad structure - LP: #728687 * x25: decrement netdev reference counts on unload - LP: #728687 * x86, hpet: Disable per-cpu hpet timer if ARAT is supported - LP: #728687 * OHCI: work around for nVidia shutdown problem - LP: #728687 * x86/pvclock: Zero last_value on resume - LP: #728687 * av7110: check for negative array offset - LP: #728687 * CRED: Fix get_task_cred() and task_state() to not resurrect dead credentials - LP: #728687 * bonding/vlan: Avoid mangled NAs on slaves without VLAN tag insertion - LP: #728687 * CRED: Fix kernel panic upon security_file_alloc() failure. - LP: #728687 * CRED: Fix BUG() upon security_cred_alloc_blank() failure - LP: #728687 * CRED: Fix memory and refcount leaks upon security_prepare_creds() failure - LP: #728687 * sendfile(): check f_op.splice_write() rather than f_op.sendpage() - LP: #728687 * isdn: hisax: Replace the bogus access to irq stats - LP: #728687 * ixgbe: add support for 82599 based Express Module X520-P2 - LP: #728687 * ixgbe: prevent speculative processing of descriptors before ready - LP: #728687 * scsi_dh_alua: add netapp to dev list - LP: #728687 * scsi_dh_alua: Add IBM Power Virtual SCSI ALUA device to dev list - LP: #728687 * dm raid1: fail writes if errors are not handled and log fails - LP: #728687 * GFS2: Fix bmap allocation corner-case bug - LP: #728687 * dm raid1: fix null pointer dereference in suspend - LP: #728687 * sunrpc/cache: fix module refcnt leak in a failure path - LP: #728687 * be2net: Maintain tx and rx counters in driver - LP: #728687 * tcp: Make TCP_MAXSEG minimum more correct. - LP: #728687 * nfsd: correctly handle return value from nfsd_map_name_to_* - LP: #728687 * s390: remove task_show_regs - LP: #728687 * PM / Hibernate: Return error code when alloc_image_page() fails - LP: #728687 * fs/partitions: Validate map_count in Mac partition tables - LP: #728687 * ALSA: HDA: Add position_fix quirk for an Asus device - LP: #718402, #728687 * ALSA: caiaq - Fix possible string-buffer overflow - LP: #728687 * radio-aimslab.c needs #include linux/delay.h - LP: #728687 * ARM: Ensure predictable endian state on signal handler entry - LP: #728687 * acer-wmi: Fix capitalisation of GUID - LP: #728687 * eCryptfs: Copy up lower inode attrs in getattr - LP: #728687 * platform: x86: acer-wmi: world-writable sysfs threeg file - LP: #728687 * platform: x86: asus_acpi: world-writable procfs files - LP: #728687 * platform: x86: tc1100-wmi: world-writable sysfs wireless and jogdial files - LP: #728687 * genirq: Disable the SHIRQ_DEBUG call in request_threaded_irq for now - LP: #728687 * usb: musb: omap2430: fix kernel panic on reboot - LP: #728687 * USB: add quirks entry for Keytouch QWERTY Panel - LP: #728687 * USB: Add Samsung SGH-I500/Android modem ID switch to visor driver - LP: #728687 * USB: Add quirk for Samsung Android phone modem - LP: #728687 * p54pci: update receive dma buffers before and after processing - LP: #728687 * sierra: add new ID for Airprime/Sierra USB IP modem - LP: #728687 * staging: usbip: vhci: update reference count for usb_device - LP: #728687 * staging: usbip: vhci: give back URBs from in-flight unlink requests - LP: #728687 * staging: usbip: vhci: refuse to enqueue for dead connections - LP: #728687 * staging: usbip: vhci: use urb-dev-portnum to find port
[Bug 710714] Re: CVE-2010-3875
** Branch linked: lp:ubuntu/maverick-proposed/linux-mvl-dove ** Branch linked: lp:ubuntu/lucid-proposed/linux-mvl-dove -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/710714 Title: CVE-2010-3875 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 710714] Re: CVE-2010-3875
** Changed in: linux-mvl-dove (Ubuntu Lucid) Status: New = Fix Committed ** Changed in: linux-mvl-dove (Ubuntu Maverick) Status: New = Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/710714 Title: CVE-2010-3875 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 710714] Re: CVE-2010-3875
** Changed in: linux-mvl-dove (Ubuntu Natty) Status: New = Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/710714 Title: CVE-2010-3875 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 710714] Re: CVE-2010-3875
This bug was fixed in the package linux - 2.6.32-29.58 --- linux (2.6.32-29.58) lucid-proposed; urgency=low [ Brad Figg ] * Release Tracking Bug - LP: #716551 [ Upstream Kernel Changes ] * net: fix rds_iovec page count overflow, CVE-2010-3865 - LP: #709153 - CVE-2010-3865 * net: ax25: fix information leak to userland, CVE-2010-3875 - LP: #710714 - CVE-2010-3875 * net: ax25: fix information leak to userland harder, CVE-2010-3875 - LP: #710714 - CVE-2010-3875 * net: packet: fix information leak to userland, CVE-2010-3876 - LP: #710714 - CVE-2010-3876 * net: tipc: fix information leak to userland, CVE-2010-3877 - LP: #711291 - CVE-2010-3877 * inet_diag: Make sure we actually run the same bytecode we audited, CVE-2010-3880 - LP: #711865 - CVE-2010-3880 linux (2.6.32-29.57) lucid-proposed; urgency=low [ Steve Conklin ] * Tracking Bug - LP: #708864 [ Tim Gardner ] * [Config] Set CONFIG_NR_CPUS=256 for amd64 server - LP: #706058 [ Upstream Kernel Changes ] * Input: i8042 - introduce 'notimeout' blacklist for Dell Vostro V13 - LP: #380126 * tun: avoid BUG, dump packet on GSO errors - LP: #698883 * TTY: Fix error return from tty_ldisc_open() - LP: #705045 * x86, hotplug: Use mwait to offline a processor, fix the legacy case - LP: #705045 * fuse: verify ioctl retries - LP: #705045 * fuse: fix ioctl when server is 32bit - LP: #705045 * ALSA: hda: Use model=lg quirk for LG P1 Express to enable playback and capture - LP: #595482, #705045 * nohz: Fix printk_needs_cpu() return value on offline cpus - LP: #705045 * nohz: Fix get_next_timer_interrupt() vs cpu hotplug - LP: #705045 * nfsd: Fix possible BUG_ON firing in set_change_info - LP: #705045 * NFS: Fix fcntl F_GETLK not reporting some conflicts - LP: #705045 * sunrpc: prevent use-after-free on clearing XPT_BUSY - LP: #705045 * hwmon: (adm1026) Allow 1 as a valid divider value - LP: #705045 * hwmon: (adm1026) Fix setting fan_div - LP: #705045 * amd64_edac: Fix interleaving check - LP: #705045 * IB/uverbs: Handle large number of entries in poll CQ - LP: #705045 * PM / Hibernate: Fix PM_POST_* notification with user-space suspend - LP: #705045 * ACPICA: Fix Scope() op in module level code - LP: #705045 * ACPI: EC: Add another dmi match entry for MSI hardware - LP: #705045 * orinoco: fix TKIP countermeasure behaviour - LP: #705045 * orinoco: clear countermeasure setting on commit - LP: #705045 * x86, amd: Fix panic on AMD CPU family 0x15 - LP: #705045 * md: fix bug with re-adding of partially recovered device. - LP: #705045 * tracing: Fix panic when lseek() called on trace opened for writing - LP: #705045 * x86, gcc-4.6: Use gcc -m options when building vdso - LP: #705045 * x86: Enable the intr-remap fault handling after local APIC setup - LP: #705045 * x86, vt-d: Handle previous faults after enabling fault handling - LP: #705045 * x86, vt-d: Fix the vt-d fault handling irq migration in the x2apic mode - LP: #705045 * x86, vt-d: Quirk for masking vtd spec errors to platform error handling logic - LP: #705045 * hvc_console: Fix race between hvc_close and hvc_remove - LP: #705045 * hvc_console: Fix race between hvc_close and hvc_remove, again - LP: #705045 * HID: hidraw: fix window in hidraw_release - LP: #705045 * bfa: fix system crash when reading sysfs fc_host statistics - LP: #705045 * net: release dst entry while cache-hot for GSO case too - LP: #705045 * install_special_mapping skips security_file_mmap check. - LP: #705045 * USB: misc: uss720.c: add another vendor/product ID - LP: #705045 * USB: ftdi_sio: Add D.O.Tec PID - LP: #705045 * USB: usb-storage: unusual_devs entry for the Samsung YP-CP3 - LP: #705045 * p54usb: add 5 more USBIDs - LP: #705045 * p54usb: New USB ID for Gemtek WUBI-100GW - LP: #705045 * sound: Prevent buffer overflow in OSS load_mixer_volumes - LP: #705045 * mv_xor: fix race in tasklet function - LP: #705045 * ima: fix add LSM rule bug - LP: #705045 * ALSA: hda: Use LPIB for Dell Latitude 131L - LP: #530346, #705045 * ALSA: hda: Use LPIB quirk for Dell Inspiron m101z/1120 - LP: #705045 * block: Deprecate QUEUE_FLAG_CLUSTER and use queue_limits instead - LP: #705045 * sctp: Fix a race between ICMP protocol unreachable and connect() - LP: #705045 * posix-cpu-timers: workaround to suppress the problems with mt exec - LP: #705045 * Linux 2.6.32.28 - LP: #705045 * dell-laptop: Add another Dell laptop family to the DMI whitelist - LP: #693078 * dell-laptop: Add another Dell laptop family to the DMI whitelist - LP: #693078 * drm/ttm: Clear the ghost cpu_writers flag on ttm_buffer_object_transfer. - LP: #708769 *
[Bug 710714] Re: CVE-2010-3875
This bug was fixed in the package linux - 2.6.35-27.48
---
linux (2.6.35-27.48) maverick-proposed; urgency=low
[ Steve Conklin ]
* Release Tracking Bug
- LP: #723335
[ Upstream Kernel Changes ]
* thinkpad-acpi: avoid keymap pitfall
- LP: #722747
linux (2.6.35-27.47) maverick-proposed; urgency=low
[ Brad Figg ]
* Release Tracking Bug
- LP: #716532
[ Upstream Kernel Changes ]
* Revert USB: gadget: Allow function access to device ID data during
bind()
- LP: #714732
* net: fix rds_iovec page count overflow, CVE-2010-3865
- LP: #709153
- CVE-2010-3865
* Input: fix typo in keycode validation supporting large scancodes
- LP: #658198
* net: ax25: fix information leak to userland, CVE-2010-3875
- LP: #710714
- CVE-2010-3875
* net: ax25: fix information leak to userland harder, CVE-2010-3875
- LP: #710714
- CVE-2010-3875
* net: packet: fix information leak to userland, CVE-2010-3876
- LP: #710714
- CVE-2010-3876
* net: tipc: fix information leak to userland, CVE-2010-3877
- LP: #711291
- CVE-2010-3877
* posix-cpu-timers: workaround to suppress the problems with mt exec,
CVE-2010-4248
- LP: #712609
- CVE-2010-4248
* sys_semctl: fix kernel stack leakage, CVE-2010-4083
- LP: #712749
- CVE-2010-4083
* thinkpad-acpi: lock down size of hotkey keymap
- LP: #712174
* thinkpad-acpi: add support for model-specific keymaps
- LP: #712174
* thinkpad-acpi: Add KEY_CAMERA (Fn-F6) for Lenovo keyboards
- LP: #712174
* x86, hotplug: Use mwait to offline a processor, fix the legacy case
- LP: #714732
* fuse: verify ioctl retries
- LP: #714732
* fuse: fix ioctl when server is 32bit
- LP: #714732
* ALSA: hda: Use position_fix=1 for Acer Aspire 5538 to enable capture on
internal mic
- LP: #685161, #714732
* ALSA: hda: Use model=lg quirk for LG P1 Express to enable playback and
capture
- LP: #595482, #714732
* drm/radeon/kms: don't apply 7xx HDP flush workaround on AGP
- LP: #714732
* drm/kms: remove spaces from connector names (v2)
- LP: #714732
* drm/radeon/kms: fix vram base calculation on rs780/rs880
- LP: #714732
* nohz: Fix printk_needs_cpu() return value on offline cpus
- LP: #714732
* nohz: Fix get_next_timer_interrupt() vs cpu hotplug
- LP: #714732
* nfsd: Fix possible BUG_ON firing in set_change_info
- LP: #714732
* NFS: Fix fcntl F_GETLK not reporting some conflicts
- LP: #714732
* sunrpc: prevent use-after-free on clearing XPT_BUSY
- LP: #714732
* hwmon: (adm1026) Allow 1 as a valid divider value
- LP: #714732
* hwmon: (adm1026) Fix setting fan_div
- LP: #714732
* EDAC: Fix workqueue-related crashes
- LP: #714732
* amd64_edac: Fix interleaving check
- LP: #714732
* ASoC: Fix swap of left and right channels for WM8993/4 speaker boost
gain
- LP: #714732
* ASoC: Fix off by one error in WM8994 EQ register bank size
- LP: #714732
* ASoC: WM8580: Fix R8 initial value
- LP: #714732
* ASoC: fix deemphasis control in wm8904/55/60 codecs
- LP: #714732
* bootmem: Add alloc_bootmem_align()
- LP: #714732
* x86, xsave: Use alloc_bootmem_align() instead of alloc_bootmem()
- LP: #714732
* IB/uverbs: Handle large number of entries in poll CQ
- LP: #714732
* PM / Hibernate: Fix PM_POST_* notification with user-space suspend
- LP: #714732
* ARM: 6535/1: V6 MPCore v6_dma_inv_range and v6_dma_flush_range RWFO fix
- LP: #714732
* qla2xxx: Correct issue where NPIV-config data was not being allocated
for 82xx parts.
- LP: #714732
* qla2xxx: Populate Command Type 6 LUN field properly.
- LP: #714732
* llc: fix a device refcount imbalance
- LP: #714732
* ath9k: Disable SWBA interrupt on remove_interface
- LP: #714732
* ath9k: fix bug in tx power
- LP: #714732
* mac80211: Fix BUG in pskb_expand_head when transmitting shared skbs
- LP: #714732
* SPARC/LEON: removed constant timer initialization as if HZ=100, now it
reflects the value of HZ
- LP: #714732
* sparc64: Delete prom_puts() unused.
- LP: #714732
* sparc: Remove prom_pathtoinode()
- LP: #714732
* sparc: Kill prom devops_{32,64}.c
- LP: #714732
* sparc64: Unexport prom_service_exists().
- LP: #714732
* sparc64: Delete prom_setcallback().
- LP: #714732
* sparc: Do not export prom_nb{get,put}char().
- LP: #714732
* sparc: Pass buffer pointer all the way down to prom_{get,put}char().
- LP: #714732
* sparc: Delete prom_*getchar().
- LP: #714732
* sparc: Write to prom console using indirect buffer.
- LP: #714732
* tcp: Don't change unlocked socket state in tcp_v4_err().
- LP: #714732
* tcp: Make TCP_MAXSEG minimum more correct.
- LP: #714732
* tcp: Bug fix in initialization of receive window.
- LP: #714732
* tcp: avoid a possible divide by zero
- LP: #714732
[Bug 710714] Re: CVE-2010-3875
** Branch linked: lp:ubuntu/dapper-updates/linux-source-2.6.15 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/710714 Title: CVE-2010-3875 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 710714] Re: CVE-2010-3875
This bug was fixed in the package linux - 2.6.24-28.86 --- linux (2.6.24-28.86) hardy-proposed; urgency=low [ Brad Figg ] * Release Tracking Bug - LP: #716166 [Tim Gardner] * xen unified block-device I/O interface back end can orphan devices, CVE-2010-3699 - LP: #708019 - CVE-2010-3699 [Upstream Kernel Changes] * Hardy SRU: thinkpad-acpi: lock down video output state access, CVE-2010-3448 - LP: #706999 - CVE-2010-3448 * net: Limit socket I/O iovec total length to INT_MAX., CVE-2010-3859 - LP: #711855, #708839 - CVE-2010-4160 * net: Truncate recvfrom and sendto length to INT_MAX., CVE-2010-3859 - LP: #711855, #708839 - CVE-2010-4160 * net: ax25: fix information leak to userland, CVE-2010-3875 - LP: #710714 - CVE-2010-3875 * net: ax25: fix information leak to userland harder, CVE-2010-3875 - LP: #710714 - CVE-2010-3875 * memory corruption in X.25 facilities parsing, CVE-2010-3873 - LP: #709372 - CVE-2010-3873 * net: packet: fix information leak to userland, CVE-2010-3876 - LP: #710714 - CVE-2010-3876 * net: tipc: fix information leak to userland, CVE-2010-3877 - LP: #711291 - CVE-2010-3877 * KVM: VMX: fix vmx null pointer dereference on debug register access, CVE-2010-0435 - LP: #712615 - CVE-2010-0435 * gdth: integer overflow in ioctl, CVE-2010-4157 - LP: #711797 - CVE-2010-4157 * posix-cpu-timers: workaround to suppress the problems with mt exec, CVE-2010-4248 - LP: #712609 - CVE-2010-4248 * ALSA: sound/pci/rme9652: prevent reading uninitialized stack memory, CVE-2010-4080, CVE-2010-4081 - LP: #712723, #712737 - CVE-2010-4081 * sys_semctl: fix kernel stack leakage, CVE-2010-4083 - LP: #712749 - CVE-2010-4083 * inet_diag: Make sure we actually run the same bytecode we audited, CVE-2010-3880 - LP: #711865 - CVE-2010-3880 linux (2.6.24-28.85) hardy-proposed; urgency=low [ Brad Figg ] * Tracking Bug - LP: #708315 [Upstream Kernel Changes] * ata_piix: IDE mode SATA patch for Intel ICH10 DeviceID's - LP: #693401 * USB: serial/mos*: prevent reading uninitialized stack memory, CVE-2010-4074 - LP: #706149 - CVE-2010-4074 * KVM: Fix fs/gs reload oops with invalid ldt - LP: #707000 - CVE-2010-3698 * drivers/video/sis/sis_main.c: prevent reading uninitialized stack memory, CVE-2010-4078 - LP: #707579 - CVE-2010-4078 * V4L/DVB: ivtvfb: prevent reading uninitialized stack memory, CVE-2010-4079 - LP: #707649 - CVE-2010-4079 linux (2.6.24-28.84) hardy-proposed; urgency=low [ Steve Conklin ] * Tracking Bug - LP: #698185 linux (2.6.24-28.83) hardy-proposed; urgency=low [ Steve Conklin ] * tracking bug moved from here to latest entry linux (2.6.24-28.82) hardy-proposed; urgency=low [ Leann Ogasawara ] * Revert SAUCE: AF_ECONET saddr-cookie prevent NULL pointer dereference * Revert SAUCE: AF_ECONET SIOCSIFADDR ioctl does not check privileges * Revert SAUCE: AF_ECONET prevent kernel stack overflow [Upstream Kernel Changes] * xfs: validate untrusted inode numbers during lookup - CVE-2010-2943 * xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED - CVE-2010-2943 * xfs: remove block number from inode lookup code - CVE-2010-2943 * xfs: fix untrusted inode number lookup - CVE-2010-2943 * drivers/net/cxgb3/cxgb3_main.c: prevent reading uninitialized stack memory - CVE-2010-3296 * drivers/net/eql.c: prevent reading uninitialized stack memory - CVE-2010-3297 * setup_arg_pages: diagnose excessive argument size - CVE-2010-3858 * ipc: shm: fix information leak to userland - CVE-2010-4072 * econet: disallow NULL remote addr for sendmsg(), fixes CVE-2010-3849 - CVE-2010-3849 * econet: fix CVE-2010-3850 - CVE-2010-3850 * econet: fix CVE-2010-3848 - CVE-2010-3848 -- Brad Figg brad.f...@canonical.com Wed, 09 Feb 2011 15:14:25 -0800 ** Changed in: linux (Ubuntu Hardy) Status: Fix Committed = Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-0435 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-2943 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3296 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3297 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3448 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3698 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3699 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3848 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3849 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3850 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3858 ** CVE added:
[Bug 710714] Re: CVE-2010-3875
This bug was fixed in the package linux - 2.6.31-22.73 --- linux (2.6.31-22.73) karmic-proposed; urgency=low [ Steve Conklin ] * Release Tracking Bug - LP: #716648 [ Upstream Kernel Changes ] * copied ABI directory * net: Limit socket I/O iovec total length to INT_MAX., CVE-2010-3859 - LP: #708839, #711855 - CVE-2010-4160 * net: Truncate recvfrom and sendto length to INT_MAX., CVE-2010-3859 - LP: #708839, #711855 - CVE-2010-4160 * net: fix rds_iovec page count overflow, CVE-2010-3865 - LP: #709153 - CVE-2010-3865 * net: ax25: fix information leak to userland, CVE-2010-3875 - LP: #710714 - CVE-2010-3875 * net: ax25: fix information leak to userland harder, CVE-2010-3875 - LP: #710714 - CVE-2010-3875 * can-bcm: fix minor heap overflow - LP: #710680 - CVE-2010-3874 * memory corruption in X.25 facilities parsing, CVE-2010-3873 - LP: #709372 - CVE-2010-3873 * net: packet: fix information leak to userland, CVE-2010-3876 - LP: #710714 - CVE-2010-3876 * net: tipc: fix information leak to userland, CVE-2010-3877 - LP: #711291 - CVE-2010-3877 * KVM: VMX: fix vmx null pointer dereference on debug register access, CVE-2010-0435 - LP: #712615 - CVE-2010-0435 * gdth: integer overflow in ioctl, CVE-2010-4157 - LP: #711797 - CVE-2010-4157 * posix-cpu-timers: workaround to suppress the problems with mt exec, CVE-2010-4248 - LP: #712609 - CVE-2010-4248 * ALSA: sound/pci/rme9652: prevent reading uninitialized stack memory, CVE-2010-4080, CVE-2010-4081 - LP: #712723, #712737 - CVE-2010-4081 * drivers/video/via/ioctl.c: prevent reading uninitialized stack memory, CVE-2010-4082 - LP: #712744 - CVE-2010-4082 * sys_semctl: fix kernel stack leakage, CVE-2010-4083 - LP: #712749 - CVE-2010-4083 * inet_diag: Make sure we actually run the same bytecode we audited, CVE-2010-3880 - LP: #711865 - CVE-2010-3880 linux (2.6.31-22.72) karmic-proposed; urgency=low [ Brad Figg ] * Tracking Bug - LP: #708860 [ Upstream Kernel Changes ] * Karmic SRU: thinkpad-acpi: lock down video output state access, CVE-2010-3448 - LP: #706999 - CVE-2010-3448 * USB: serial/mos*: prevent reading uninitialized stack memory, CVE-2010-4074 - LP: #706149 - CVE-2010-4074 * KVM: Fix fs/gs reload oops with invalid ldt - LP: #707000 - CVE-2010-3698 * drivers/video/sis/sis_main.c: prevent reading uninitialized stack memory, CVE-2010-4078 - LP: #707579 - CVE-2010-4078 * V4L/DVB: ivtvfb: prevent reading uninitialized stack memory, CVE-2010-4079 - LP: #707649 - CVE-2010-4079 linux (2.6.31-22.71) karmic-proposed; urgency=low [ Brad Figg ] - LP: #698214 [ Upstream Kernel Changes ] * ipc: initialize structure memory to zero for compat functions * tcp: Increase TCP_MAXSEG socket option minimum. - CVE-2010-4165 * perf_events: Fix perf_counter_mmap() hook in mprotect() - CVE-2010-4169 * af_unix: limit unix_tot_inflight - CVE-2010-4249 -- Steve Conklin sconk...@canonical.com Thu, 10 Feb 2011 13:49:49 -0600 ** Changed in: linux (Ubuntu Karmic) Status: Fix Committed = Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3865 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3874 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4082 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4165 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4169 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4249 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/710714 Title: CVE-2010-3875 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 710714] Re: CVE-2010-3875
** Also affects: linux-mvl-dove (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/710714 Title: CVE-2010-3875 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 710714] Re: CVE-2010-3875
** Branch linked: lp:ubuntu/dapper-proposed/linux-source-2.6.15 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/710714 Title: CVE-2010-3875 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 710714] Re: CVE-2010-3875
** Branch linked: lp:ubuntu/lucid-proposed/linux-ec2 ** Branch linked: lp:ubuntu/karmic-proposed/linux-ec2 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/710714 Title: CVE-2010-3875 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 710714] Re: CVE-2010-3875
** Changed in: linux (Ubuntu Dapper) Status: In Progress = Fix Committed ** Changed in: linux (Ubuntu Maverick) Status: In Progress = Fix Committed ** Changed in: linux (Ubuntu Hardy) Status: In Progress = Fix Committed ** Changed in: linux (Ubuntu Lucid) Status: In Progress = Fix Committed ** Changed in: linux (Ubuntu Karmic) Status: In Progress = Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/710714 Title: CVE-2010-3875 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 710714] Re: CVE-2010-3875
This fix is already upstream and was incorporated in v2.6.37, as this is already released into Natty closing Fix Released there: commit fe10ae53384e48c51996941b7720ee16995cbcb7 Author: Vasiliy Kulikov sego...@gmail.com Date: Wed Nov 10 10:14:33 2010 -0800 net: ax25: fix information leak to userland Sometimes ax25_getname() doesn't initialize all members of fsa_digipeater field of fsa struct, also the struct has padding bytes between sax25_call and sax25_ndigis fields. This structure is then copied to userland. It leads to leaking of contents of kernel stack memory. Signed-off-by: Vasiliy Kulikov sego...@gmail.com Signed-off-by: David S. Miller da...@davemloft.net -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/710714 Title: CVE-2010-3875 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 710714] Re: CVE-2010-3875
The above patch is required on all supported releases; Dapper, Hardy, Karmic, Lucid, and Maverick. The patch above cherry-picks cleanly onto all of them and builds correctly. ** Changed in: linux (Ubuntu Dapper) Status: New = In Progress ** Changed in: linux (Ubuntu Hardy) Status: New = In Progress ** Changed in: linux (Ubuntu Karmic) Status: New = In Progress ** Changed in: linux (Ubuntu Lucid) Assignee: (unassigned) = Andy Whitcroft (apw) ** Changed in: linux (Ubuntu Hardy) Assignee: (unassigned) = Andy Whitcroft (apw) ** Changed in: linux (Ubuntu Karmic) Assignee: (unassigned) = Andy Whitcroft (apw) ** Changed in: linux (Ubuntu Maverick) Assignee: (unassigned) = Andy Whitcroft (apw) ** Changed in: linux (Ubuntu Maverick) Status: New = In Progress ** Changed in: linux (Ubuntu Lucid) Status: New = In Progress ** Changed in: linux (Ubuntu Dapper) Assignee: (unassigned) = Andy Whitcroft (apw) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/710714 Title: CVE-2010-3875 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
