lp:ubuntu/natty-security/linux-ti-omap4

Created by Ubuntu Package Importer on 2011-09-21 and last modified on 2012-09-12
Get this branch:
bzr branch lp:ubuntu/natty-security/linux-ti-omap4
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

39. By Paolo Pisati on 2012-09-12

* Release Tracking Bug
  - LP: #1047347

[ Upstream Kernel Changes ]

* rds: set correct msg_namelen
  - LP: #1031112
  - CVE-2012-3340
* KVM: unmap pages from the iommu when slots are removed
  - LP: #987569
  - CVE-2012-2121
* net: Allow driver to limit number of GSO segments per skb
  - LP: #1037456
  - CVE-2012-3412
* tcp: do not scale TSO segment size with reordering degree
  - LP: #1037456
  - CVE-2012-3412
* tcp: Apply device TSO segment limit earlier
  - LP: #1037456
  - CVE-2012-3412
* sfc: Replace some literal constants with EFX_PAGE_SIZE/EFX_BUF_SIZE
  - LP: #1037456
  - CVE-2012-3412
* sfc: Fix maximum number of TSO segments and minimum TX queue size
  - LP: #1037456
  - CVE-2012-3412
* mm: Hold a file reference in madvise_remove
  - LP: #1042447
  - CVE-2012-3511

38. By Paolo Pisati on 2012-07-27

* Release Tracking Bug
  - LP: #1029784

[ Andy Whitcroft ]

* SAUCE: rds_ib_send() -- prevent local pings triggering BUG_ON()
  - LP: #1016299
  - CVE-2012-2372

[ Upstream Kernel Changes ]

* fcaps: clear the same personality flags as suid when fcaps are used
  - LP: #987571
  - CVE-2012-2123
* security: fix compile error in commoncap.c
  - LP: #987571
  - CVE-2012-2123
* net: sock: validate data_len before allocating skb in
  sock_alloc_send_pskb()
  - LP: #1006622
  - CVE-2012-2136
* dl2k: Clean up rio_ioctl
  - CVE-2012-2313
* hfsplus: Fix potential buffer overflows
  - CVE-2012-2319
* nfs: don't lose MS_SYNCHRONOUS on remount of noac mount
  - LP: #775809
* NFSv4.1: Ensure state manager thread dies on last umount
  - LP: #775809
* NFSv4: Handle expired stateids when the lease is still valid
  - LP: #793702
* NFSv4.1: Fix the handling of NFS4ERR_SEQ_MISORDERED errors
  - LP: #793702
* NFSv4: include bitmap in nfsv4 get acl data
  - LP: #893147
  - CVE-2011-4131
* Avoid reading past buffer when calling GETACL
  - LP: #1002505
  - CVE-2012-2375
* Avoid beyond bounds copy while caching ACL
  - LP: #1002505
  - CVE-2012-2375
* Fix length of buffer copied in __nfs4_get_acl_uncached
  - LP: #1002505
  - CVE-2012-2375

37. By Paolo Pisati on 2012-04-30

* Release Tracking Bug
  - LP: #990206

[ Upstream Kernel Changes ]

* ext4: fix undefined behavior in ext4_fill_flex_info()
  - LP: #984757
  - CVE-2012-2100
* jbd2: clear BH_Delay & BH_Unwritten in journal_unmap_buffer
  - LP: #929781
  - CVE-2011-4086
* cifs: fix dentry refcount leak when opening a FIFO on lookup
  - LP: #947997
  - CVE-2012-1090

36. By Paolo Pisati on 2012-03-30

* Release Tracking Bug
  - LP: #967822

[ Upstream Kernel Changes ]

* regset: Prevent null pointer reference on readonly regsets
  - LP: #949905
  - CVE-2012-1097
* regset: Return -EFAULT, not -EIO, on host-side memory fault
  - LP: #949905
  - CVE-2012-1097
* mm: memcg: Correct unregistring of events attached to the same eventfd
  - LP: #952828
  - CVE-2012-1146
* eCryptfs: Copy up lower inode attrs after setting lower xattr

35. By Paolo Pisati on 2012-02-20

* Release Tracking Bug
  - LP: #932673

[ Upstream Kernel Changes ]

* net: ip_expire() must revalidate route
  - LP: #922051
  - CVE-2011-1927
* ARM: 6891/1: prevent heap corruption in OABI semtimedop
  - LP: #925373
  - CVE-2011-1759
* Fix for buffer overflow in ldm_frag_add not sufficient
  - LP: #922371
  - CVE-2011-2182
* oom: use pte pages in OOM score
  - LP: #922374
  - CVE-2011-2498
* TOMOYO: Fix oops in tomoyo_mount_acl().
  - LP: #922377
  - CVE-2011-2518
* AppArmor: fix oops in apparmor_setprocattr
  - LP: #789409
  - CVE-2011-3619

34. By Paolo Pisati on 2012-01-26

* Release Tracking Bug
  - LP: #921724

[ Upstream Kernel Changes ]

* xfs: validate acl count
  - LP: #917706
  - CVE-2012-0038
* xfs: fix acl count validation in xfs_acl_from_disk()
  - LP: #917706
  - CVE-2012-0038
* drm: integer overflow in drm_mode_dirtyfb_ioctl()
  - LP: #917838
  - CVE-2012-0044
* igmp: Avoid zero delay when receiving odd mixture of IGMP queries
  - LP: #917848
  - CVE-2012-0207

33. By Paolo Pisati on 2012-01-04

* Release Tracking Bug
  - LP: #911708

[ Upstream Kernel Changes ]

* fuse: check size of FUSE_NOTIFY_INVAL_ENTRY message, CVE-2011-3353
  - LP: #905058
  - CVE-2011-3353

32. By Andy Whitcroft on 2011-12-20

* Release Tracking Bug
  - LP: #906913

[ Upstream Kernel Changes ]

* use cache type functions for arch_get_unmapped_area
* topdown mmap support
* TPM: Zero buffer after copying to userspace, CVE-2011-1162
  - LP: #899463
  - CVE-2011-1162
* hfs: fix hfs_find_init() sb->ext_tree NULL ptr oops, CVE-2011-2203
  - LP: #899466
  - CVE-2011-2203
* KEYS: Fix a NULL pointer deref in the user-defined key type,
  CVE-2011-4110
  - LP: #894369
  - CVE-2011-4110

31. By Paolo Pisati on 2011-12-02

* Release Tracking Bug
  - LP: #897566

[ Upstream Kernel Changes ]

* crypto: ghash - Avoid null pointer dereference if no key is set
  - LP: #887299
  - CVE-2011-4081
* xfs: Fix possible memory corruption in xfs_readlink, CVE-2011-4077
  - LP: #887298
  - CVE-2011-4077
* jbd/jbd2: validate sb->s_first in journal_get_superblock()
  - LP: #893148
  - CVE-2011-4132
* inetpeer: reduce stack usage, CVE-2011-4087
  - LP: #887302
  - CVE-2011-4087
* hfs: add sanity check for file name length, CVE-2011-4330
  - LP: #894374
  - CVE-2011-4330
* ipv6: udp: fix the wrong headroom check
  - LP: #894373
  - CVE-2011-4326

30. By Paolo Pisati on 2011-11-11

* Release Tracking Bug
  - LP: #888573

[ Upstream Kernel Changes ]

* cifs: add fallback in is_path_accessible for old servers, CVE-2011-3363
  - LP: #866034
  - CVE-2011-3363
* Make TASKSTATS require root access, CVE-2011-2494
  - LP: #866021
  - CVE-2011-2494
* proc: restrict access to /proc/PID/io, CVE-2011-2495
  - LP: #866025
  - CVE-2011-2495
* proc: fix a race in do_io_accounting(), CVE-2011-2495
  - LP: #866025
  - CVE-2011-2495
* staging: comedi: fix infoleak to userspace, CVE-2011-2909
  - LP: #869261
  - CVE-2011-2909
* perf tools: do not look at ./config for configuration, CVE-2011-2905
  - LP: #869259
  - CVE-2011-2905
* nl80211: fix overflow in ssid_len - CVE-2011-2517
  - LP: #869245
  - CVE-2011-2517
* vm: fix vm_pgoff wrap in upward expansion
  - LP: #869243
  - CVE-2011-2496
* mm: thp: fix /dev/zero MAP_PRIVATE and vm_flags cleanups, CVE-2011-2479
  - LP: #775809
  - CVE-2011-2479
* ksm: fix NULL pointer dereference in scan_get_next_rmap_item() -
  CVE-2011-2183
  - LP: #869227
  - CVE-2011-2183
* NLM: Don't hang forever on NLM unlock requests - CVE-2011-2491
  - LP: #869237
  - CVE-2011-2491

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/oneiric/linux-ti-omap4
This branch contains Public information 
Everyone can see this information.

Subscribers