Created by James Westby and last modified
Get this branch:
bzr branch lp:debian/lenny/linux-2.6
Members of Ubuntu branches can upload to this branch. Log in for directions.

Related bugs

Related blueprints

Branch information

Ubuntu branches

Recent revisions

16. By dann frazier

Revert: [powerpc] oprofile: Handle events that raise an exception without
overflowing (CVE-2011-4347).

15. By dann frazier

[ Ben Hutchings ]
* dm,md: Deal with merge_bvec_fn in component devices better
  (Closes: #604457)
* rt2x00: Fix memory leak after failing to insert RTS/CTS frame
  (Closes: #561890)

[ dann frazier ]
* Include selected backport from
  - md: fix bug with re-adding of partially recovered device.
* Include selected backports from
  - NFS: fix the return value of nfs_file_fsync()
  - ptrace: use safer wake up on ptrace_detach()
  - [x86] mm: avoid possible bogus tlb entries by clearing prev mm_cpumask
    after switching mm
  - dm raid1: fail writes if errors are not handled and log fails
  - [x86] asus_acpi: world-writable procfs files
  - [x86] acer-wmi: world-writable sysfs threeg file
  - [x86] tc1100-wmi: world-writable sysfs wireless and jogdial files
  - NFSD: memory corruption due to writing beyond the stat array
  - ext2: Fix link count corruption under heavy link+rename load
  - virtio: set pci bus master enable bit
  - [s390] keyboard: integer underflow bug
  - ocfs2_connection_find() returns pointer to bad structure
  - libsas: fix runaway error handler problem
  - NFS: Fix "kernel BUG at fs/aio.c:554!"
  - md: fix regression with re-adding devices to arrays with no metadata
  - [x86] Flush TLB if PGD entry is changed in i386 PAE mode
  - ext3: skip orphan cleanup on rocompat fs
  - cciss: fix lost command issue
* cifs: fix an oops that can occur when accessing filenames containing
  accented characters from a Windows ME server (Closes: #524438)
* [hppa] Fix FTBFS caused by CVE-2011-2496 fix

14. By dann frazier

* net sched: fix kernel leak in act_police (CVE-2010-3477)
* aio: check for multiplication overflow in do_io_submit (CVE-2010-3067)
* cxgb3: prevent reading uninitialized stack memory (CVE-2010-3296)
* eql: prevent reading uninitialized stack memory (CVE-2010-3297)
* rose: Fix signedness issues wrt. digi count (CVE-2010-3310)
* sctp: Do not reset the packet during sctp_packet_config() (CVE-2010-3432)
* Fix pktcdvd ioctl dev_minor range check (CVE-2010-3437)
* ALSA: prevent heap corruption in snd_ctl_new() (CVE-2010-3442)
* thinkpad-acpi: lock down video output state access (CVE-2010-3448)
* sctp: Fix out-of-bounds reading in sctp_asoc_get_hmac() (CVE-2010-3705)
* setup_arg_pages: diagnose excessive argument size (CVE-2010-3858)
* X.25: memory corruption in X.25 facilities parsing (CVE-2010-3873)
* sys_semctl: fix kernel stack leakage (CVE-2010-4083)
* ALSA: rme9652: prevent reading uninitialized stack memory
  (CVE-2010-4080, CVE-2010-4081)
* V4L/DVB: ivtvfb: prevent reading uninitialized stack memory (CVE-2010-4079)
* video/sis: prevent reading uninitialized stack memory (CVE-2010-4078)
* X.25: Prevent crashing when parsing bad X.25 facilities (CVE-2010-4164)
* v4l1: fix 32-bit compat microcode loading translation (CVE-2010-2963)
* net: Mitigate overflow issues
   - Truncate recvfrom and sendto length to INT_MAX.
   - Limit socket I/O iovec total length to INT_MAX.
   - Resolves kernel heap overflow in the TIPC protcol (CVE-2010-3859)
* net: ax25: fix information leak to userland (CVE-2010-3875)
* can-bcm: fix minor heap overflow (CVE-2010-3874)
* net: packet: fix information leak to userland (CVE-2010-3876)
* net: tipc: fix information leak to userland (CVE-2010-3877)
* inet_diag: Make sure we actually run the same bytecode we audited
* ipc: shm: fix information leak to userland (CVE-2010-4072)
* ipc: initialize structure memory to zero for compat functions
* USB: serial/mos*: prevent reading uninitialized stack memory (CVE-2010-4074)
* [SCSI] gdth: integer overflow in ioctl (CVE-2010-4157)
* econet: Avoid stack overflow w/ large msgiovlen (CVE-2010-3848)
* econet: disallow NULL remote addr for sendmsg() (CVE-2010-3849)
* econet: Add mising CAP_NET_ADMIN check in SIOCSIFADDR (CVE-2010-3850)

13. By dann frazier

[ Ben Hutchings ]
* [alpha,s390,sparc] math-emu: correct test for downshifting fraction in
  _FP_FROM_INT() (Closes: #593193)
* SCSI/mptsas: fix hangs caused by ATA pass-through (Closes: #594690)
* xfs: prevent kernel crash due to corrupted inode log format
  (Closes: #550733)
* r6040: Fix various bugs in r6040_multicast_list() (Closes: #600155)

12. By dann frazier

[ Ben Hutchings ]
* pid_ns: Ensure that child_reaper is always valid (Closes: #570350)
* [xen] Fix deadlock in timer interrupt, thanks to Zdenek Salvet
  (Closes: #534880)
* e1000e: Add support for 82567LM-4, 82567LM-3, 82567LF-3 and 82583V
  controllers (Closes: #512546)

[ Moritz Muehlenhoff ]
* parport: quickfix the proc registration bug (Closes: #588672);
  ignore ABI changes in parport and parport_pc

[ dann frazier ]
* Add guard page for stacks that grow up, an additional fix for
* mm: make stack guard page logic use vm_prev pointer, an additional
  fix for CVE-2010-2240
* net sched: fix some kernel memory leaks (CVE-2010-2942)
* jfs: don't allow os2 xattr namespace overlap with others (CVE-2010-2946)

11. By dann frazier

[ Ben Hutchings ]
* usbhid: Reduce the race condition between disconnect and ioctl
  (Closes: #511892)
* r8169: Fix MDIO timing (Closes: #583139)
* [x86] Restore automatic update of LILO on kernel installation, upgrade
  or removal (Closes: #505609)

10. By dann frazier

[ Ben Hutchings ]
* Fix false soft lockup reports for the nohz idle loop
* nohz: Fix two bugs that can keep a processor idle and lead to a
  system hang (may fix #496917, #538158 and others)
* usbmidi: Fix crash when device is disconnected (Closes: #513050)
* r8169: Apply various upstream bug fixes
* r8169: Add support for RTL8101e (v2), RTL8102e (v1,v2,v3),
  RTL8168c/8111c (v3,v4), RTL8168cp/8111cp (v2,v3), RTL8168d (v1)
  (Closes: #552465; may fix #516187)
* Revert patch to sanitise <linux/socket.h>, which introduced
  different build failures
* usbnet: Set link down initially for drivers that update link state
  (Closes: #444043)
* atl1e: Remove broken implementation of TSO for TCP/IPv6
  (Closes: #558426) and allow other hardware offloads to be disabled in
  case they are also buggy

[ dann frazier ]
* floppy: request and release only the ports we actually use
  (Closes: #332942)
* igb: Add 82576 MAC support (Closes: #522922), backport
  by Ben Hutchings
* [SCSI] gdth: Prevent negative offsets in ioctl (CVE-2009-3080)
* NFSv4: Fix a problem whereby a buggy server can oops the kernel
* [SCSI] megaraid_sas: remove sysfs dbg_lvl world writeable permissions
* isdn: hfc_usb: Fix read buffer overflow (CVE-2009-4005)
* fuse: prevent fuse_put_request on invalid pointer (CVE-2009-4021)
* hpilo: new PCI ID (Closes: #559064)
* Avoid /proc/$pid/maps visibility during initial setuid ELF loading
* hfs: fix a potential buffer overflow (CVE-2009-4020)
* KVM: x86 emulator: limit instructions to 15 bytes (CVE-2009-4031)
* firewire: ohci: handle receive packets with a data length of zero
* ext4: Avoid null pointer dereference when decoding EROFS w/o a journal
* s390: dasd diag - add support for read-only minidisks (Closes: #550898)

9. By dann frazier

[ Moritz Muehlenhoff ]
* Input: ALPS - add signature for Toshiba Satellite Pro M10
  (Closes: #434722)

[ dann frazier ]
* aacraid: Fix regression w/ bigmem kernel (Closes: #537771)
* [parisc] isa-eeprom - Fix loff_t usage (CVE-2009-2846)
* do_sigaltstack: avoid copying 'stack_t' as a structure to user space
* execve: must clear current->clear_child_tid (CVE-2009-2848)
* md: avoid dereferencing NULL pointer when accessing suspend_* sysfs
  attributes (CVE-2009-2849)

8. By dann frazier

Revert "sata_nv: avoid link reset on controllers where it's broken"
due to regression. (closes: #533657)

7. By dann frazier

Switch out mips/llseek regression fix for the less invasive one
that is more likely to be accepted upstream.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
This branch contains Public information 
Everyone can see this information.