lp:ubuntu/gutsy-updates/linux-source-2.6.22
- Get this branch:
- bzr branch lp:ubuntu/gutsy-updates/linux-source-2.6.22
Branch merges
Branch information
- Owner:
- Ubuntu branches
- Status:
- Development
Recent revisions
- 50. By Stefan Bader
-
[Upstream Kernel Changes]
* NFS: Remove the buggy lock-if-signalled case from do_setlk()
- CVE-2008-4307
* sctp: Avoid memory overflow while FWD-TSN chunk is received with bad
stream ID
- CVE-2009-0065
* net: 4 bytes kernel memory disclosure in SO_BSDCOMPAT gsopt try #2
- CVE-2009-0676
* sparc: Fix mremap address range validation.
- CVE-2008-6107
* copy_process: fix CLONE_PARENT && parent_exec_id interaction
- CVE-2009-0028
* security: introduce missing kfree
- CVE-2009-0031
* eCryptfs: check readlink result was not an error before using it
- CVE-2009-0269
* dell_rbu: use scnprintf() instead of less secure sprintf()
- CVE-2009-0322
* drivers/net/skfp: if !capable(CAP_NET_ ADMIN): inverted logic
- CVE-2009-0675
* Ext4: Fix online resize block group descriptor corruption
- CVE-2009-0745
* ext4: Initialize the new group descriptor when resizing the filesystem
- CVE-2009-0745
* ext4: Add sanity check to make_indexed_dir
- CVE-2009-0746
* x86-64: syscall-audit: fix 32/64 syscall hole
- CVE-2009-0834
* x86-64: seccomp: fix 32/64 syscall hole
- CVE-2009-0835
* shm: fix shmctl(SHM_INFO) lockup with !CONFIG_SHMEM
- CVE-2009-0859
* udf: Fix oops when invalid character in filename occurs
- LP: #321606 - 49. By Stefan Bader
-
[Upstream Kernel Changes]
* ATM: CVE-2008-5079: duplicate listen() on socket corrupts the vcc table
- CVE-2008-5079
* libertas: fix buffer overrun
- CVE-2008-5134
* Fix inotify watch removal/umount races
- CVE-2008-5182
* net: Fix soft lockups/OOM issues w/ unix garbage collector
- CVE-2008-5300
* Enforce a minimum SG_IO timeout
- CVE-2008-5700
* ib700wdt.c - fix buffer_underflow bug
- CVE-2008-5702
* Add preemption point in qdisc_run
- CVE-2008-5713 - 48. By Stefan Bader
-
[Stefan Bader]
* XEN: Fix max number of segments in blkif
- CVE-2007-5498[Upstream Kernel Changes]
* Don't allow splice() to files opened with O_APPEND
- CVE-2008-4554
* sctp: Fix oops when INIT-ACK indicates that peer doesn't support AUTH
- CVE-2008-4576
* hfsplus: fix Buffer overflow with a corrupted image
- CVE-2008-4933
* hfsplus: check read_mapping_page() return value
- CVE-2008-4934
* net: Fix recursive descent in __scm_destroy().
- CVE-2008-5029
* security: avoid calling a NULL function pointer in
drivers/video/tvaudio. c
- CVE-2008-5033
* hfs: fix namelength memory corruption
- CVE-2008-5025
* V4L/DVB (9621): Avoid writing outside shadow.bytes[] array - 47. By Stefan Bader
-
[Stefan Bader]
* Enabled CONFIG_DEBUG_RODATA for all architectures.
[Upstream Kernel Changes]
* dccp: change L/R must have at least one byte in the dccpsf_val field
- CVE-2008-3276
* dio: zero struct dio with kzalloc instead of manually
- CVE-2007-6716
* wan: Missing capability checks in sbni_ioctl()
- CVE-2008-3525
* tmpfs: fix kernel BUG in shmem_delete_inode
- CVE-2008-3534
* fbdefio: add set_page_dirty handler to deferred IO FB
- CVE-2008-3534
* nfsd: fix buffer overrun decoding NFSv4 acl
- CVE-2008-3915
* Only allow access to DRM_I915_HWS_ADDR ioctl() for Xserver.
- CVE-2008-383 - 46. By Stefan Bader
-
[Stefan Bader]
* mm: Fix zero length segment loop
- LP: #249340
follow-up for CVE-2008-0598[Upstream Kernel Changes]
* Fix compiler warning on 64-bit
follow-up for CVE-2008-1673
* netfilter: nf_nat_snmp_basic: fix a range check in NAT for SNMP
follow-up for CVE-2008-1673 - 45. By Tim Gardner
-
Fix hppa FTBS by ignoring hppa ABI check. The last successful hppa
upload was -14.52. - 44. By Ben Collins <email address hidden>
-
[Colin Ian King]
* usb-storage: always set the allow_restart flag
- LP: #193154[Upstream Kernel Changes]
* [IA64] Fix unaligned handler for floating point instructions with base
update
* CVE-2007-6694: [POWERPC] CHRP: Fix possible NULL pointer dereference
* vm audit: add VM_DONTEXPAND to mmap for drivers that need it
(CVE-2008-0007)
* fix SMP ordering hole in fcntl_setlk() (CVE-2008-1669)
* Fix dnotify/close race (CVE-2008-1375)
* [TCP]: secure_tcp_sequence_ number( ) should not use a too fast clock
* hrtimer: check relative timeouts for overflow
* netdrvr: natsemi: Fix device removal bug - 43. By Tim Gardner
-
[Tim Gardner]
* splice: fix user pointer access in get_iovec_
page_array( )
(CVE-2008-0600)
- LP: #190587 - 42. By Tim Gardner
-
[Amit Kucheria]
* Poulsbo: Mass update of all patches from moblin repo
* Update config.lpia to reflect new patches
* [sata_sil][sata-> ide-bridg] failed to set xfermode
- LP: #153096
* Poulsbo: remove extra patch[Kees Cook]
* fix NFSv4 client mount regression
- LP: #164231[Tim Gardner]
* Support of new AMD PowerNow! (family 0x11 and beyond)
- LP: #185649[Upstream Kernel Changes]
* minixfs: limit minixfs printks on corrupted dir i_size (CVE-2006-6058)
* [JFFS2] Fix ACL vs. mode handling. (CVE-2007-4849)
* [IEEE80211]: avoid integer underflow for runt rx frames (CVE-2007-4997)
* [TCP]: Make sure write_queue_from does not begin with NULL ptr
(CVE-2007-5501)
* wait_task_stopped: Check p->exit_state instead of TASK_TRACED
(CVE-2007-5500)
* fix DLM regression
* CVE-2008-0001: Use access mode instead of open flags to determine
needed permissions
* hrtimers: avoid overflow for large relative timeouts (CVE-2007-5966)
* isdn: avoid copying overly-long strings (CVE-2007-6063)
* I4L: fix isdn_ioctl memory overrun vulnerability (CVE-2007-6151)
* vfs: coredumping fix (CVE-2007-6206)
* tmpfs: restore missing clear_highpage (CVE-2007-6417)
* [UBUNTU] fs/dlm: Fix regression introduced with last security fix. - 41. By Phillip Lougher <email address hidden>
-
[Security]
* wait_task_stopped: Check p->exit_state instead of TASK_TRACED
(CVE-2007-5500)
* [TCP]: Make sure write_queue_from does not begin with NULL ptr
(CVE-2007-5501)
* [IEEE80211]: avoid integer underflow for runt rx frames (CVE-2007-4997)
* [JFFS2] Fix ACL vs. mode handling. (CVE-2007-4849)
* minixfs: limit minixfs printks on corrupted dir i_size (CVE-2006-6058)
* NFS: Fix the mount regression[Fabio Massimo Di Nitto]
* fix DLM regression
[Tim Gardner]
* linux-image postinst matches header_
postinst_ hook for postinst_hook
incorrectly
- LP: #125816[Upstream Kernel Changes]
* [SPARC64]: Fix bugs in SYSV IPC handling in 64-bit processes.
* [SPARC64]: Fix register usage in xor_raid_4().
* [NIU]: Fix write past end of array in niu_pci_probe_sprom( ).
* [NIU]: getting rid of __ucmpdi2 in niu.o
* [SPARC64]: Do not use alloc_bootmem*low().
* [SPARC64]: Fix bogus '&' conditinal in set_rtc_mmss().
* [FUTEX]: Fix address computation in compat code.
* [NIU]: Fix link LED handling.
* [SPARC64]: Fix memory controller register access when non-SMP.
* [SPARC64]: Fix endless loop in cheetah_xcall_deliver( ).
* [SPARC64]: Fix two kernel linear mapping setup bugs.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)