kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #127506
[Bug 1283101] Re: CVE-2014-0069: CIFS -- add hardening patch
** Information type changed from Public to Public Security
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-0069
** CVE removed: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3601
** CVE removed: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-5077
** CVE removed: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-5472
** Summary changed:
- CVE-2014-0069: CIFS -- add hardening patch
+ CIFS: sanity check length of data to send before sending
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1283101
Title:
CIFS: sanity check length of data to send before sending
Status in linux package in Ubuntu:
Fix Released
Status in linux-armadaxp package in Ubuntu:
Invalid
Status in linux-ec2 package in Ubuntu:
Invalid
Status in linux-lts-quantal package in Ubuntu:
Invalid
Status in linux-lts-raring package in Ubuntu:
Invalid
Status in linux-lts-saucy package in Ubuntu:
Invalid
Status in linux-ti-omap4 package in Ubuntu:
Invalid
Status in linux source package in Lucid:
Won't Fix
Status in linux-armadaxp source package in Lucid:
Invalid
Status in linux-ec2 source package in Lucid:
Won't Fix
Status in linux-lts-quantal source package in Lucid:
Invalid
Status in linux-lts-raring source package in Lucid:
Invalid
Status in linux-lts-saucy source package in Lucid:
Invalid
Status in linux-ti-omap4 source package in Lucid:
Invalid
Status in linux source package in Precise:
Confirmed
Status in linux-armadaxp source package in Precise:
Confirmed
Status in linux-ec2 source package in Precise:
Invalid
Status in linux-lts-quantal source package in Precise:
Won't Fix
Status in linux-lts-raring source package in Precise:
Won't Fix
Status in linux-lts-saucy source package in Precise:
Won't Fix
Status in linux-ti-omap4 source package in Precise:
Confirmed
Status in linux source package in Quantal:
Won't Fix
Status in linux-armadaxp source package in Quantal:
Won't Fix
Status in linux-ec2 source package in Quantal:
Invalid
Status in linux-lts-quantal source package in Quantal:
Invalid
Status in linux-lts-raring source package in Quantal:
Invalid
Status in linux-lts-saucy source package in Quantal:
Invalid
Status in linux-ti-omap4 source package in Quantal:
Won't Fix
Status in linux source package in Saucy:
Won't Fix
Status in linux-armadaxp source package in Saucy:
Invalid
Status in linux-ec2 source package in Saucy:
Invalid
Status in linux-lts-quantal source package in Saucy:
Invalid
Status in linux-lts-raring source package in Saucy:
Invalid
Status in linux-lts-saucy source package in Saucy:
Invalid
Status in linux-ti-omap4 source package in Saucy:
Won't Fix
Status in linux source package in Trusty:
Fix Released
Status in linux-armadaxp source package in Trusty:
Invalid
Status in linux-ec2 source package in Trusty:
Invalid
Status in linux-lts-quantal source package in Trusty:
Invalid
Status in linux-lts-raring source package in Trusty:
Invalid
Status in linux-lts-saucy source package in Trusty:
Invalid
Status in linux-ti-omap4 source package in Trusty:
Invalid
Bug description:
This CVE was fixed under 5d81de8e8667da7135d3a32a964087c0faf5483f but
there is a second fix which will make this much safer going forward
against other bugs:
http://article.gmane.org/gmane.linux.kernel.cifs/9402
Makes sense to put this into any release which needs it.
# As applied to linus' tree
Break-fix: - a26054d184763969a411e3939fe243516715ff59
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1283101/+subscriptions
References
