-
Committer:
Bazaar Package Importer
-
Author(s):
Stefan Bader, Stefan Bader, Upstream Kernel Changes, Ubuntu: 2.6.31-22.70
-
Date:
2010-12-01 11:17:04 UTC
-
mfrom:
(7.2.7 karmic-security)
-
Revision ID:
james.westby@ubuntu.com-20101201111704-pt5hbhkjlzpqq66a
Tags: 2.6.31-307.23
[ Stefan Bader ]
* Rebased to 2.6.31-22.70
[ Upstream Kernel Changes ]
* xen, compat: Test %rax for the syscall number, not %eax
- CVE-2010-3301
* xen, compat: Retruncate rax after ia32 syscall entry tracing
- CVE-2010-3301
[ Ubuntu: 2.6.31-22.70 ]
* Revert "SAUCE: AF_ECONET saddr->cookie prevent NULL pointer
dereference"
* Revert "SAUCE: AF_ECONET SIOCSIFADDR ioctl does not check privileges"
* Revert "SAUCE: AF_ECONET prevent kernel stack overflow"
* Btrfs: fix checks in BTRFS_IOC_CLONE_RANGE
- CVE-2010-2538
* xfs: validate untrusted inode numbers during lookup
- CVE-2010-2943
* xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED
- CVE-2010-2943
* xfs: remove block number from inode lookup code
- CVE-2010-2943
* xfs: fix untrusted inode number lookup
- CVE-2010-2943
* drm/i915: Sanity check pread/pwrite
- CVE-2010-2962
* drm/i915: Rephrase pwrite bounds checking to avoid any potential
overflow
- CVE-2010-2962
* tracing: Do not allow llseek to set_ftrace_filter
- CVE-2010-3079
* drivers/net/cxgb3/cxgb3_main.c: prevent reading uninitialized stack
memory
- CVE-2010-3296
* drivers/net/eql.c: prevent reading uninitialized stack memory
- CVE-2010-3297
* drivers/net/usb/hso.c: prevent reading uninitialized memory
- CVE-2010-3298
* setup_arg_pages: diagnose excessive argument size
- CVE-2010-3858
* net: clear heap allocation for ETHTOOL_GRXCLSRLALL
- CVE-2010-3861
* ipc: shm: fix information leak to userland
- CVE-2010-4072
* econet: disallow NULL remote addr for sendmsg(), fixes CVE-2010-3849
- CVE-2010-3849
* econet: fix CVE-2010-3850
- CVE-2010-3850
* econet: fix CVE-2010-3848
- CVE-2010-3848