~ubuntu-branches/ubuntu/dapper/linux-source-2.6.15/dapper-security

Viewing all changes in revision 43.

  • Committer: Bazaar Package Importer
  • Author(s): Steve Conklin, Steve Conklin, Upstream Kernel Changes
  • Date: 2011-02-09 16:52:23 UTC
  • Revision ID: james.westby@ubuntu.com-20110209165223-anmw911qchewynpl
Tags: 2.6.15-55.93
[ Steve Conklin ]

* Tracking Bug
  - LP: #716472

[Upstream Kernel Changes]

* net: Truncate recvfrom and sendto length to INT_MAX., CVE-2010-3859
  - LP: #711855, #708839
  - CVE-2010-4160
* net: Limit socket I/O iovec total length to INT_MAX., CVE-2010-3859
  - LP: #711855, #708839
  - CVE-2010-4160
* net: ax25: fix information leak to userland, CVE-2010-3875
  - LP: #710714
  - CVE-2010-3875
* net: ax25: fix information leak to userland harder, CVE-2010-3875
  - LP: #710714
  - CVE-2010-3875
* memory corruption in X.25 facilities parsing, CVE-2010-3873
  - LP: #709372
  - CVE-2010-3873
* net: packet: fix information leak to userland, CVE-2010-3876
  - LP: #710714
  - CVE-2010-3876
* x86: replace LOCK_PREFIX in futex.h, CVE-2010-3086
  - LP: #706060
  - CVE-2010-3086
* gdth: integer overflow in ioctl, CVE-2010-4157
  - LP: #711797
  - CVE-2010-4157
* ALSA: sound/pci/rme9652: prevent reading uninitialized stack memory,
  CVE-2010-4080, CVE-2010-4081
  - LP: #712723, #712737
  - CVE-2010-4081
* sys_semctl: fix kernel stack leakage, CVE-2010-4083
  - LP: #712749
  - CVE-2010-4083
* inet_diag: Make sure we actually run the same bytecode we audited,
  CVE-2010-3880
  - LP: #711865
  - CVE-2010-3880

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: