← Back to branch summary

~ubuntu-branches/ubuntu/trusty/linux-lts-wily/trusty-security

Viewing all changes in revision 22.

  • Committer: Package Import Robot
  • Author(s): Kamal Mostafa, Luis Henriques, Upstream Kernel Changes
  • Date: 2016-06-24 09:31:55 UTC
  • Revision ID: package-import@ubuntu.com-20160624093155-r2541srcl5c441d2
Tags: 4.2.0-41.48~14.04.1
https://launchpad.net/bugs/1595921
https://launchpad.net/bugs/1555338
https://launchpad.net/bugs/1555338
https://launchpad.net/bugs/1555338
https://launchpad.net/bugs/1595350
https://launchpad.net/bugs/1595350
https://launchpad.net/bugs/1595350
https://launchpad.net/bugs/1595350
https://launchpad.net/bugs/1595350
https://launchpad.net/bugs/1595350
https://launchpad.net/bugs/1595350
https://launchpad.net/bugs/1595350
https://launchpad.net/bugs/1595350
https://launchpad.net/bugs/1595350
https://launchpad.net/bugs/1595350
https://launchpad.net/bugs/1595350
https://launchpad.net/bugs/1595350
https://launchpad.net/bugs/1595350
https://launchpad.net/bugs/1595350
https://launchpad.net/bugs/1595350
[ Luis Henriques ]

* Release Tracking Bug
  - LP: #1595921

[ Upstream Kernel Changes ]

* netfilter: x_tables: validate e->target_offset early
  - LP: #1555338
  - CVE-2016-3134
* netfilter: x_tables: make sure e->next_offset covers remaining blob
  size
  - LP: #1555338
  - CVE-2016-3134
* netfilter: x_tables: fix unconditional helper
  - LP: #1555338
  - CVE-2016-3134
* netfilter: x_tables: don't move to non-existent next rule
  - LP: #1595350
* netfilter: x_tables: validate targets of jumps
  - LP: #1595350
* netfilter: x_tables: add and use xt_check_entry_offsets
  - LP: #1595350
* netfilter: x_tables: kill check_entry helper
  - LP: #1595350
* netfilter: x_tables: assert minimum target size
  - LP: #1595350
* netfilter: x_tables: add compat version of xt_check_entry_offsets
  - LP: #1595350
* netfilter: x_tables: check standard target size too
  - LP: #1595350
* netfilter: x_tables: check for bogus target offset
  - LP: #1595350
* netfilter: x_tables: validate all offsets and sizes in a rule
  - LP: #1595350
* netfilter: x_tables: don't reject valid target size on some
  architectures
  - LP: #1595350
* netfilter: arp_tables: simplify translate_compat_table args
  - LP: #1595350
* netfilter: ip_tables: simplify translate_compat_table args
  - LP: #1595350
* netfilter: ip6_tables: simplify translate_compat_table args
  - LP: #1595350
* netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
  - LP: #1595350
* netfilter: x_tables: do compat validation via translate_table
  - LP: #1595350
* netfilter: x_tables: introduce and use xt_copy_counters_from_user
  - LP: #1595350

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: