[Bug 844371] Re: CVE-2011-2723
** Changed in: linux-ti-omap4 (Ubuntu Precise) Status: Fix Committed = Fix Released ** Changed in: linux-ti-omap4 (Ubuntu Oneiric) Status: Fix Committed = Fix Released ** Changed in: linux (Ubuntu Precise) Status: Fix Committed = Fix Released ** Changed in: linux (Ubuntu Oneiric) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/844371 Title: CVE-2011-2723 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/844371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 844371] Re: CVE-2011-2723
** Changed in: linux-lts-backport-oneiric (Ubuntu Oneiric) Status: New = Invalid ** Changed in: linux-lts-backport-oneiric (Ubuntu Oneiric) Importance: Undecided = Medium ** Changed in: linux-lts-backport-oneiric (Ubuntu Lucid) Status: New = Invalid ** Changed in: linux-lts-backport-oneiric (Ubuntu Lucid) Importance: Undecided = Medium ** Changed in: linux-lts-backport-oneiric (Ubuntu Precise) Status: New = Invalid ** Changed in: linux-lts-backport-oneiric (Ubuntu Precise) Importance: Undecided = Medium ** Changed in: linux-lts-backport-oneiric (Ubuntu Hardy) Status: New = Invalid ** Changed in: linux-lts-backport-oneiric (Ubuntu Hardy) Importance: Undecided = Medium ** Changed in: linux-lts-backport-oneiric (Ubuntu Maverick) Status: New = Invalid ** Changed in: linux-lts-backport-oneiric (Ubuntu Maverick) Importance: Undecided = Medium ** Changed in: linux-lts-backport-oneiric (Ubuntu Natty) Status: New = Invalid ** Changed in: linux-lts-backport-oneiric (Ubuntu Natty) Importance: Undecided = Medium -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/844371 Title: CVE-2011-2723 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/844371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 844371] Re: CVE-2011-2723
This bug was fixed in the package linux - 2.6.38-12.51 --- linux (2.6.38-12.51) natty-proposed; urgency=low [Herton R. Krzesinski] * Release Tracking Bug - LP: #860832 [ Alex Bligh ] * SAUCE: net/netfilter/nf_conntrack_netlink.c: fix Oops on container destroy - LP: #843892 [ Jesse Sung ] * SAUCE: Unregister input device only if it is registered - LP: #839238 [ Leann Ogasawara ] * SAUCE: x86: reboot: Make Dell Latitude E6220 use reboot=pci - LP: #838402 * SAUCE: x86: reboot: Make Dell Latitude E6520 use reboot=pci - LP: #833705 [ Ming Lei ] * SAUCE: fireware: add NO_MSI quirks for o2micro controller - LP: #801719 [ Stefan Bader ] * [Config] Include all filesystem modules for virtual - LP: #761809 [ Tim Gardner ] * [Config] kernel preparation cannot be parallelized * [Config] Linearize module/abi checks * [Config] Linearize and simplify tree preparation rules * [Config] Build kernel image in parallel with modules * [Config] Set concurrency for kmake invocations * [Config] Improve install-arch-headers speed * [Config] Fix binary-perarch dependencies * [Config] Removed stamp-flavours target * [Config] Serialize binary indep targets * [Config] Use build stamp directly * [Config] Restore prepare-% target * [Config] Fix binary-% build target [ Upstream Kernel Changes ] * Revert drm/i915: disable PCH ports if needed when disabling a CRTC - LP: #814325, #838181 * drm/i915: restore only the mode of this driver on lastclose (v2) - LP: #848687 * cifs: fix possible memory corruption in CIFSFindNext, CVE-2011-3191 - LP: #834135 - CVE-2011-3191 * befs: Validate length of long symbolic links, CVE-2011-2928 - LP: #834124 - CVE-2011-2928 * gro: Only reset frag0 when skb can be pulled, CVE-2011-2723 - LP: #844371 - CVE-2011-2723 * inet_diag: fix inet_diag_bc_audit(), CVE-2011-2213 - LP: #838421 - CVE-2011-2213 * si4713-i2c: avoid potential buffer overflow on si4713, CVE-2011-2700 - LP: #844370 - CVE-2011-2700 * Bluetooth: Prevent buffer overflow in l2cap config request, CVE-2011-2497 - LP: #838423 - CVE-2011-2497 * crypto: Move md5_transform to lib/md5.c, CVE-2011-3188 - LP: #834129 - CVE-2011-3188 * net: Compute protocol sequence numbers and fragment IDs using MD5, CVE-2011-3188 - LP: #834129 - CVE-2011-3188 * x86, intel, power: Initialize MSR_IA32_ENERGY_PERF_BIAS - LP: #760131 * x86, intel, power: Correct the MSR_IA32_ENERGY_PERF_BIAS message - LP: #760131 * rt2x00: Serialize TX operations on a queue. - LP: #855239 * ext4: Fix max file size and logical block counting of extent format file, CVE-2011-2695 - LP: #819574 - CVE-2011-2695 -- Herton Ronaldo Krzesinski herton.krzesin...@canonical.com Tue, 27 Sep 2011 16:19:57 -0300 ** Changed in: linux (Ubuntu Natty) Status: Fix Committed = Fix Released ** Changed in: linux-lts-backport-natty (Ubuntu Lucid) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/844371 Title: CVE-2011-2723 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/844371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 844371] Re: CVE-2011-2723
This bug was fixed in the package linux-lts-backport-natty - 2.6.38-12.51~lucid1 --- linux-lts-backport-natty (2.6.38-12.51~lucid1) lucid-proposed; urgency=low [Herton R. Krzesinski] * Release Tracking Bug - LP: #862556 [ Alex Bligh ] * SAUCE: net/netfilter/nf_conntrack_netlink.c: fix Oops on container destroy - LP: #843892 [ Jesse Sung ] * SAUCE: Unregister input device only if it is registered - LP: #839238 [ Leann Ogasawara ] * SAUCE: x86: reboot: Make Dell Latitude E6220 use reboot=pci - LP: #838402 * SAUCE: x86: reboot: Make Dell Latitude E6520 use reboot=pci - LP: #833705 [ Ming Lei ] * SAUCE: fireware: add NO_MSI quirks for o2micro controller - LP: #801719 [ Stefan Bader ] * [Config] Include all filesystem modules for virtual - LP: #761809 [ Tim Gardner ] * [Config] kernel preparation cannot be parallelized * [Config] Linearize module/abi checks * [Config] Linearize and simplify tree preparation rules * [Config] Build kernel image in parallel with modules * [Config] Set concurrency for kmake invocations * [Config] Improve install-arch-headers speed * [Config] Fix binary-perarch dependencies * [Config] Removed stamp-flavours target * [Config] Serialize binary indep targets * [Config] Use build stamp directly * [Config] Restore prepare-% target * [Config] Fix binary-% build target [ Upstream Kernel Changes ] * Revert drm/i915: disable PCH ports if needed when disabling a CRTC - LP: #814325, #838181 * drm/i915: restore only the mode of this driver on lastclose (v2) - LP: #848687 * cifs: fix possible memory corruption in CIFSFindNext, CVE-2011-3191 - LP: #834135 - CVE-2011-3191 * befs: Validate length of long symbolic links, CVE-2011-2928 - LP: #834124 - CVE-2011-2928 * gro: Only reset frag0 when skb can be pulled, CVE-2011-2723 - LP: #844371 - CVE-2011-2723 * inet_diag: fix inet_diag_bc_audit(), CVE-2011-2213 - LP: #838421 - CVE-2011-2213 * si4713-i2c: avoid potential buffer overflow on si4713, CVE-2011-2700 - LP: #844370 - CVE-2011-2700 * Bluetooth: Prevent buffer overflow in l2cap config request, CVE-2011-2497 - LP: #838423 - CVE-2011-2497 * crypto: Move md5_transform to lib/md5.c, CVE-2011-3188 - LP: #834129 - CVE-2011-3188 * net: Compute protocol sequence numbers and fragment IDs using MD5, CVE-2011-3188 - LP: #834129 - CVE-2011-3188 * x86, intel, power: Initialize MSR_IA32_ENERGY_PERF_BIAS - LP: #760131 * x86, intel, power: Correct the MSR_IA32_ENERGY_PERF_BIAS message - LP: #760131 * rt2x00: Serialize TX operations on a queue. - LP: #855239 * ext4: Fix max file size and logical block counting of extent format file, CVE-2011-2695 - LP: #819574 - CVE-2011-2695 linux (2.6.38-11.50) natty-proposed; urgency=low [Herton R. Krzesinski] * Release Tracking Bug - LP: #848246 [ Upstream Kernel Changes ] * Revert eCryptfs: Handle failed metadata read in lookup * Revert KVM: fix kvmclock regression due to missing clock update * Revert ath9k: use split rx buffers to get rid of order-1 skb allocations -- Herton Ronaldo Krzesinski herton.krzesin...@canonical.com Thu, 29 Sep 2011 15:40:51 -0300 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/844371 Title: CVE-2011-2723 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/844371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 844371] Re: CVE-2011-2723
This bug was fixed in the package linux-fsl-imx51 - 2.6.31-611.29 --- linux-fsl-imx51 (2.6.31-611.29) lucid-proposed; urgency=low * Release tracking bug - LP: #873059 [ Upstream Kernel Changes ] * cifs: fix possible memory corruption in CIFSFindNext, CVE-2011-3191 - LP: #834135 - CVE-2011-3191 * befs: Validate length of long symbolic links, CVE-2011-2928 - LP: #834124 - CVE-2011-2928 * gro: Only reset frag0 when skb can be pulled, CVE-2011-2723 - LP: #844371 - CVE-2011-2723 * Validate size of EFI GUID partition entries, CVE-2011-1776 - LP: #844365 - CVE-2011-1776 * inet_diag: fix inet_diag_bc_audit(), CVE-2011-2213 - LP: #838421 - CVE-2011-2213 * Bluetooth: Prevent buffer overflow in l2cap config request, CVE-2011-2497 - LP: #838423 - CVE-2011-2497 * core: Fix memory leak/corruption on VLAN GRO_DROP, CVE-2011-1576 - LP: #844361 - CVE-2011-1576 * crypto: Move md5_transform to lib/md5.c, CVE-2011-3188 - LP: #827462, #834129 - CVE-2011-3188 * net: Compute protocol sequence numbers and fragment IDs using MD5, CVE-2011-3188 - LP: #827462, #834129 - CVE-2011-3188 * ext4: correctly calculate number of blocks for fiemap, CVE-2011-2695 - LP: #474597, #583414, #819574 - CVE-2011-2695 * ext4: Fix max file size and logical block counting of extent format file, CVE-2011-2695 - LP: #819574 - CVE-2011-2695 * cifs: always do is_path_accessible check in cifs_mount, CVE-2011-3363 - LP: #866034 - CVE-2011-3363 * cifs: add fallback in is_path_accessible for old servers, CVE-2011-3363 - LP: #866034 - CVE-2011-3363 * Make TASKSTATS require root access, CVE-2011-2494 - LP: #866021 - CVE-2011-2494 * proc: restrict access to /proc/PID/io, CVE-2011-2495 - LP: #866025 - CVE-2011-2495 * proc: fix a race in do_io_accounting(), CVE-2011-2495 - LP: #866025 - CVE-2011-2495 * staging: comedi: fix infoleak to userspace, CVE-2011-2909 - LP: #869261 - CVE-2011-2909 * sctp: fix to calc the INIT/INIT-ACK chunk length correctly is set, CVE-2011-1573 - LP: #869205 - CVE-2011-1573 * perf tools: do not look at ./config for configuration, CVE-2011-2905 - LP: #869259 - CVE-2011-2905 * net_sched: Fix qdisc_notify() - CVE-2011-2525 - LP: #869250 - CVE-2011-2525 * nl80211: fix overflow in ssid_len - CVE-2011-2517 - LP: #869245 - CVE-2011-2517 * mm: avoid wrapping vm_pgoff in mremap() - CVE-2011-2496 - LP: #869243 - CVE-2011-2496 * vm: fix vm_pgoff wrap in stack expansion - CVE-2011-2496 - LP: #869243 - CVE-2011-2496 * vm: fix vm_pgoff wrap in upward expansion - CVE-2011-2496 - LP: #869243 - CVE-2011-2496 -- Paolo Pisati paolo.pis...@canonical.com Thu, 13 Oct 2011 12:19:09 +0200 ** Changed in: linux-fsl-imx51 (Ubuntu Lucid) Status: Fix Committed = Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-1573 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-2494 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-2495 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-2496 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-2517 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-2525 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-2905 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-2909 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3363 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/844371 Title: CVE-2011-2723 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/844371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 844371] Re: CVE-2011-2723
** Also affects: linux (Ubuntu Precise) Importance: Medium Status: Fix Committed ** Also affects: linux-ec2 (Ubuntu Precise) Importance: Medium Status: Invalid ** Also affects: linux-fsl-imx51 (Ubuntu Precise) Importance: Medium Status: Invalid ** Also affects: linux-lts-backport-maverick (Ubuntu Precise) Importance: Medium Status: Invalid ** Also affects: linux-lts-backport-natty (Ubuntu Precise) Importance: Medium Status: Invalid ** Also affects: linux-mvl-dove (Ubuntu Precise) Importance: Medium Status: Invalid ** Also affects: linux-ti-omap4 (Ubuntu Precise) Importance: Medium Status: Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/844371 Title: CVE-2011-2723 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/844371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 844371] Re: CVE-2011-2723
This bug was fixed in the package linux - 2.6.35-30.60 --- linux (2.6.35-30.60) maverick-proposed; urgency=low [Herton R. Krzesinski] * Release Tracking Bug - LP: #854092 [ Stefan Bader ] * [Config] Force perf to use libiberty for demangling - LP: #783660 [ Tim Gardner ] * [Config] Simplify binary-udebs dependencies * [Config] kernel preparation cannot be parallelized * [Config] Linearize module/abi checks * [Config] Linearize and simplify tree preparation rules * [Config] Build kernel image in parallel with modules * [Config] Set concurrency for kmake invocations * [Config] Improve install-arch-headers speed * [Config] Fix binary-perarch dependencies * [Config] Removed stamp-flavours target * [Config] Serialize binary indep targets * [Config] Use build stamp directly * [Config] Restore prepare-% target * [Config] Fix binary-% build target [ Upstream Kernel Changes ] * Add mount option to check uid of device being mounted = expect uid, CVE-2011-1833 - LP: #732628 - CVE-2011-1833 * ipv6: make fragment identifications less predictable, CVE-2011-2699 - LP: #827685 - CVE-2011-2699 * perf: Fix software event overflow, CVE-2011-2918 - LP: #834121 - CVE-2011-2918 * cifs: fix possible memory corruption in CIFSFindNext, CVE-2011-3191 - LP: #834135 - CVE-2011-3191 * befs: Validate length of long symbolic links, CVE-2011-2928 - LP: #834124 - CVE-2011-2928 * gro: Only reset frag0 when skb can be pulled, CVE-2011-2723 - LP: #844371 - CVE-2011-2723 * Validate size of EFI GUID partition entries, CVE-2011-1776 - LP: #844365 - CVE-2011-1776 * inet_diag: fix inet_diag_bc_audit(), CVE-2011-2213 - LP: #838421 - CVE-2011-2213 * si4713-i2c: avoid potential buffer overflow on si4713, CVE-2011-2700 - LP: #844370 - CVE-2011-2700 * Bluetooth: Prevent buffer overflow in l2cap config request, CVE-2011-2497 - LP: #838423 - CVE-2011-2497 * core: Fix memory leak/corruption on VLAN GRO_DROP, CVE-2011-1576 - LP: #844361 - CVE-2011-1576 -- Herton Ronaldo Krzesinski herton.krzesin...@canonical.com Mon, 19 Sep 2011 15:10:43 -0300 ** Changed in: linux (Ubuntu Maverick) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/844371 Title: CVE-2011-2723 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/844371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 844371] Re: CVE-2011-2723
This bug was fixed in the package linux-ti-omap4 - 2.6.38-1209.16 --- linux-ti-omap4 (2.6.38-1209.16) natty-proposed; urgency=low * Release tracking bug - LP: #862554 [ Ming Lei ] * SAUCE: usb: ehci: make HC see up-to-date qh/qtd descriptor ASAP - LP: #709245 [ Upstream Kernel Changes ] * cifs: fix possible memory corruption in CIFSFindNext, CVE-2011-3191 - LP: #834135 - CVE-2011-3191 * befs: Validate length of long symbolic links, CVE-2011-2928 - LP: #834124 - CVE-2011-2928 * gro: Only reset frag0 when skb can be pulled, CVE-2011-2723 - LP: #844371 - CVE-2011-2723 * Validate size of EFI GUID partition entries, CVE-2011-1776 - LP: #844365 - CVE-2011-1776 * inet_diag: fix inet_diag_bc_audit(), CVE-2011-2213 - LP: #838421 - CVE-2011-2213 * si4713-i2c: avoid potential buffer overflow on si4713, CVE-2011-2700 - LP: #844370 - CVE-2011-2700 * Bluetooth: Prevent buffer overflow in l2cap config request, CVE-2011-2497 - LP: #838423 - CVE-2011-2497 * crypto: Move md5_transform to lib/md5.c, CVE-2011-3188 - LP: #834129 - CVE-2011-3188 * net: Compute protocol sequence numbers and fragment IDs using MD5, CVE-2011-3188 - LP: #834129 - CVE-2011-3188 * ext4: Fix max file size and logical block counting of extent format file, CVE-2011-2695 - LP: #819574 - CVE-2011-2695 -- Paolo Pisati paolo.pis...@canonical.com Fri, 30 Sep 2011 12:12:00 +0200 ** Changed in: linux-ti-omap4 (Ubuntu Natty) Status: Fix Committed = Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-2695 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/844371 Title: CVE-2011-2723 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/844371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 844371] Re: CVE-2011-2723
** Branch linked: lp:ubuntu/lucid-proposed/linux-lts-backport-natty -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/844371 Title: CVE-2011-2723 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/844371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 844371] Re: CVE-2011-2723
** Branch linked: lp:ubuntu/natty-proposed/linux-ti-omap4 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/844371 Title: CVE-2011-2723 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/844371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 844371] Re: CVE-2011-2723
This bug was fixed in the package linux-lts-backport-maverick - 2.6.35-30.60~lucid1 --- linux-lts-backport-maverick (2.6.35-30.60~lucid1) lucid-proposed; urgency=low [Herton R. Krzesinski] * Release Tracking Bug - LP: #854430 [ Stefan Bader ] * [Config] Force perf to use libiberty for demangling - LP: #783660 [ Tim Gardner ] * [Config] Simplify binary-udebs dependencies * [Config] kernel preparation cannot be parallelized * [Config] Linearize module/abi checks * [Config] Linearize and simplify tree preparation rules * [Config] Build kernel image in parallel with modules * [Config] Set concurrency for kmake invocations * [Config] Improve install-arch-headers speed * [Config] Fix binary-perarch dependencies * [Config] Removed stamp-flavours target * [Config] Serialize binary indep targets * [Config] Use build stamp directly * [Config] Restore prepare-% target * [Config] Fix binary-% build target [ Upstream Kernel Changes ] * Add mount option to check uid of device being mounted = expect uid, CVE-2011-1833 - LP: #732628 - CVE-2011-1833 * ipv6: make fragment identifications less predictable, CVE-2011-2699 - LP: #827685 - CVE-2011-2699 * perf: Fix software event overflow, CVE-2011-2918 - LP: #834121 - CVE-2011-2918 * cifs: fix possible memory corruption in CIFSFindNext, CVE-2011-3191 - LP: #834135 - CVE-2011-3191 * befs: Validate length of long symbolic links, CVE-2011-2928 - LP: #834124 - CVE-2011-2928 * gro: Only reset frag0 when skb can be pulled, CVE-2011-2723 - LP: #844371 - CVE-2011-2723 * Validate size of EFI GUID partition entries, CVE-2011-1776 - LP: #844365 - CVE-2011-1776 * inet_diag: fix inet_diag_bc_audit(), CVE-2011-2213 - LP: #838421 - CVE-2011-2213 * si4713-i2c: avoid potential buffer overflow on si4713, CVE-2011-2700 - LP: #844370 - CVE-2011-2700 * Bluetooth: Prevent buffer overflow in l2cap config request, CVE-2011-2497 - LP: #838423 - CVE-2011-2497 * core: Fix memory leak/corruption on VLAN GRO_DROP, CVE-2011-1576 - LP: #844361 - CVE-2011-1576 linux (2.6.35-30.59) maverick-proposed; urgency=low [Herton R. Krzesinski] * Release Tracking Bug - LP: #837449 [ Upstream Kernel Changes ] * Revert drm/nv50-nvc0: work around an evo channel hang that some people see * Revert eCryptfs: Handle failed metadata read in lookup -- Herton Ronaldo Krzesinski herton.krzesin...@canonical.com Tue, 20 Sep 2011 11:03:51 -0300 ** Changed in: linux-lts-backport-maverick (Ubuntu Lucid) Status: Fix Committed = Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-1576 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-1776 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-1833 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-2213 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-2497 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-2699 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-2700 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-2918 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-2928 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3191 ** Changed in: linux-ti-omap4 (Ubuntu Maverick) Status: Fix Committed = Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3188 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/844371 Title: CVE-2011-2723 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/844371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 844371] Re: CVE-2011-2723
This bug was fixed in the package linux-ti-omap4 - 2.6.35-903.25 --- linux-ti-omap4 (2.6.35-903.25) maverick-proposed; urgency=low [ Ming Lei ] * SAUCE: usb: ehci: make HC see up-to-date qh/qtd descriptor ASAP - LP: #709245 [ Upstream Kernel Changes ] * cifs: fix possible memory corruption in CIFSFindNext, CVE-2011-3191 - LP: #834135 - CVE-2011-3191 * befs: Validate length of long symbolic links, CVE-2011-2928 - LP: #834124 - CVE-2011-2928 * gro: Only reset frag0 when skb can be pulled, CVE-2011-2723 - LP: #844371 - CVE-2011-2723 * Validate size of EFI GUID partition entries, CVE-2011-1776 - LP: #844365 - CVE-2011-1776 * inet_diag: fix inet_diag_bc_audit(), CVE-2011-2213 - LP: #838421 - CVE-2011-2213 * si4713-i2c: avoid potential buffer overflow on si4713, CVE-2011-2700 - LP: #844370 - CVE-2011-2700 * Bluetooth: Prevent buffer overflow in l2cap config request, CVE-2011-2497 - LP: #838423 - CVE-2011-2497 * core: Fix memory leak/corruption on VLAN GRO_DROP, CVE-2011-1576 - LP: #844361 - CVE-2011-1576 * crypto: Move md5_transform to lib/md5.c, CVE-2011-3188 - LP: #834129 - CVE-2011-3188 * net: Compute protocol sequence numbers and fragment IDs using MD5, CVE-2011-3188 - LP: #834129 - CVE-2011-3188 -- Paolo Pisati paolo.pis...@canonical.com Tue, 20 Sep 2011 19:12:28 +0200 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/844371 Title: CVE-2011-2723 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/844371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 844371] Re: CVE-2011-2723
** Changed in: linux (Ubuntu Lucid) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/844371 Title: CVE-2011-2723 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/844371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 844371] Re: CVE-2011-2723
** Changed in: linux-ec2 (Ubuntu Lucid) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/844371 Title: CVE-2011-2723 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/844371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 844371] Re: CVE-2011-2723
** Branch linked: lp:ubuntu/lucid-proposed/linux-lts-backport-maverick -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/844371 Title: CVE-2011-2723 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/844371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 844371] Re: CVE-2011-2723
** Branch linked: lp:ubuntu/maverick-proposed/linux-ti-omap4 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/844371 Title: CVE-2011-2723 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/844371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 844371] Re: CVE-2011-2723
** Changed in: linux-lts-backport-natty (Ubuntu Lucid) Status: In Progress = Fix Committed ** Changed in: linux-mvl-dove (Ubuntu Maverick) Status: Fix Committed = Fix Released ** Changed in: linux-lts-backport-maverick (Ubuntu Lucid) Status: In Progress = Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/844371 Title: CVE-2011-2723 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/844371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 844371] Re: CVE-2011-2723
** Changed in: linux (Ubuntu Oneiric) Status: New = Fix Committed ** Changed in: linux-ti-omap4 (Ubuntu Oneiric) Status: New = Fix Committed ** Changed in: linux-ti-omap4 (Ubuntu Natty) Status: New = In Progress ** Changed in: linux-ti-omap4 (Ubuntu Natty) Assignee: (unassigned) = Andy Whitcroft (apw) ** Changed in: linux (Ubuntu Natty) Status: New = In Progress ** Changed in: linux (Ubuntu Natty) Assignee: (unassigned) = Andy Whitcroft (apw) ** Changed in: linux (Ubuntu Maverick) Status: New = In Progress ** Changed in: linux (Ubuntu Maverick) Assignee: (unassigned) = Andy Whitcroft (apw) ** Changed in: linux-lts-backport-natty (Ubuntu Lucid) Status: New = In Progress ** Changed in: linux-lts-backport-maverick (Ubuntu Lucid) Status: New = In Progress ** Changed in: linux (Ubuntu Lucid) Status: New = Fix Committed ** Changed in: linux-ec2 (Ubuntu Lucid) Status: New = Fix Committed ** Changed in: linux-fsl-imx51 (Ubuntu Lucid) Status: New = In Progress ** Changed in: linux-fsl-imx51 (Ubuntu Lucid) Assignee: (unassigned) = Andy Whitcroft (apw) ** Changed in: linux-mvl-dove (Ubuntu Lucid) Status: New = In Progress ** Changed in: linux-mvl-dove (Ubuntu Lucid) Status: In Progress = Fix Committed ** Changed in: linux-mvl-dove (Ubuntu Maverick) Status: New = Fix Committed ** Changed in: linux-ti-omap4 (Ubuntu Maverick) Status: New = In Progress ** Changed in: linux-ti-omap4 (Ubuntu Maverick) Assignee: (unassigned) = Andy Whitcroft (apw) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/844371 Title: CVE-2011-2723 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/844371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 844371] Re: CVE-2011-2723
** Changed in: linux (Ubuntu Hardy) Status: New = Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/844371 Title: CVE-2011-2723 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/844371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 844371] Re: CVE-2011-2723
** Changed in: linux-fsl-imx51 (Ubuntu Lucid) Status: In Progress = Fix Committed ** Changed in: linux (Ubuntu Maverick) Status: In Progress = Fix Committed ** Changed in: linux-ti-omap4 (Ubuntu Maverick) Status: In Progress = Fix Committed ** Changed in: linux (Ubuntu Natty) Status: In Progress = Fix Committed ** Changed in: linux-ti-omap4 (Ubuntu Natty) Status: In Progress = Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/844371 Title: CVE-2011-2723 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/844371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 844371] Re: CVE-2011-2723
** Changed in: linux-mvl-dove (Ubuntu Lucid) Status: Fix Committed = Fix Released ** Description changed: The skb_gro_header_slow function in include/linux/netdevice.h in the Linux kernel before 2.6.39.4, when Generic Receive Offload (GRO) is enabled, resets certain fields in incorrect situations, which allows remote attackers to cause a denial of service (system crash) via crafted network traffic. + + Break-Fix: 86911732d3996a9da07914b280621450111bb6da + 17dd759c67f21e34f2156abcf415e1f60605a188 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/844371 Title: CVE-2011-2723 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/844371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 844371] Re: CVE-2011-2723
CVE-2011-2723 ** Also affects: linux (Ubuntu Oneiric) Importance: Undecided Status: New ** Also affects: linux-fsl-imx51 (Ubuntu Oneiric) Importance: Undecided Status: New ** Also affects: linux-lts-backport-maverick (Ubuntu Oneiric) Importance: Undecided Status: New ** Also affects: linux-lts-backport-natty (Ubuntu Oneiric) Importance: Undecided Status: New ** Also affects: linux-mvl-dove (Ubuntu Oneiric) Importance: Undecided Status: New ** Also affects: linux-ti-omap4 (Ubuntu Oneiric) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Natty) Importance: Undecided Status: New ** Also affects: linux-fsl-imx51 (Ubuntu Natty) Importance: Undecided Status: New ** Also affects: linux-lts-backport-maverick (Ubuntu Natty) Importance: Undecided Status: New ** Also affects: linux-lts-backport-natty (Ubuntu Natty) Importance: Undecided Status: New ** Also affects: linux-mvl-dove (Ubuntu Natty) Importance: Undecided Status: New ** Also affects: linux-ti-omap4 (Ubuntu Natty) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Maverick) Importance: Undecided Status: New ** Also affects: linux-fsl-imx51 (Ubuntu Maverick) Importance: Undecided Status: New ** Also affects: linux-lts-backport-maverick (Ubuntu Maverick) Importance: Undecided Status: New ** Also affects: linux-lts-backport-natty (Ubuntu Maverick) Importance: Undecided Status: New ** Also affects: linux-mvl-dove (Ubuntu Maverick) Importance: Undecided Status: New ** Also affects: linux-ti-omap4 (Ubuntu Maverick) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: linux-fsl-imx51 (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: linux-lts-backport-maverick (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: linux-lts-backport-natty (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: linux-mvl-dove (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: linux-ti-omap4 (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Hardy) Importance: Undecided Status: New ** Also affects: linux-fsl-imx51 (Ubuntu Hardy) Importance: Undecided Status: New ** Also affects: linux-lts-backport-maverick (Ubuntu Hardy) Importance: Undecided Status: New ** Also affects: linux-lts-backport-natty (Ubuntu Hardy) Importance: Undecided Status: New ** Also affects: linux-mvl-dove (Ubuntu Hardy) Importance: Undecided Status: New ** Also affects: linux-ti-omap4 (Ubuntu Hardy) Importance: Undecided Status: New ** Changed in: linux-ec2 (Ubuntu Oneiric) Status: New = Invalid ** Changed in: linux-ec2 (Ubuntu Hardy) Status: New = Invalid ** Changed in: linux-ec2 (Ubuntu Natty) Status: New = Invalid ** Changed in: linux-lts-backport-natty (Ubuntu Oneiric) Status: New = Invalid ** Changed in: linux-lts-backport-natty (Ubuntu Hardy) Status: New = Invalid ** Changed in: linux-lts-backport-natty (Ubuntu Maverick) Status: New = Invalid ** Changed in: linux-lts-backport-natty (Ubuntu Natty) Status: New = Invalid ** Changed in: linux-mvl-dove (Ubuntu Oneiric) Status: New = Invalid ** Changed in: linux-mvl-dove (Ubuntu Hardy) Status: New = Invalid ** Changed in: linux-mvl-dove (Ubuntu Natty) Status: New = Invalid ** Changed in: linux-lts-backport-maverick (Ubuntu Oneiric) Status: New = Invalid ** Changed in: linux-lts-backport-maverick (Ubuntu Hardy) Status: New = Invalid ** Changed in: linux-lts-backport-maverick (Ubuntu Maverick) Status: New = Invalid ** Changed in: linux-lts-backport-maverick (Ubuntu Natty) Status: New = Invalid ** Changed in: linux-ti-omap4 (Ubuntu Lucid) Status: New = Invalid ** Changed in: linux-ti-omap4 (Ubuntu Hardy) Status: New = Invalid ** Changed in: linux-fsl-imx51 (Ubuntu Oneiric) Status: New = Invalid ** Changed in: linux-fsl-imx51 (Ubuntu Hardy) Status: New = Invalid ** Changed in: linux-fsl-imx51 (Ubuntu Maverick) Status: New = Invalid ** Changed in: linux-fsl-imx51 (Ubuntu Natty) Status: New = Invalid ** Description changed: - Placeholder + The skb_gro_header_slow function in include/linux/netdevice.h in the + Linux kernel before 2.6.39.4, when Generic Receive Offload (GRO) is + enabled, resets certain fields in incorrect situations, which allows + remote attackers to cause a denial of service (system crash) via crafted + network traffic. ** Changed in: linux-ec2 (Ubuntu Lucid) Importance: Undecided = Medium ** Changed in: linux-ec2 (Ubuntu Oneiric) Importance: Undecided = Medium ** Changed in:
