kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #52120
[Bug 1229981] Re: CVE-2013-4345
This bug was fixed in the package linux-lts-raring -
3.8.0-38.56~precise1
---------------
linux-lts-raring (3.8.0-38.56~precise1) precise; urgency=low
[ Andy Whitcroft ]
* module signature does not use hash type in older releases
linux-lts-raring (3.8.0-38.55~precise1) precise; urgency=low
[ Kamal Mostafa ]
* Release Tracking Bug
- LP: #1290512
[ Tim Gardner ]
* [Debian] Re-sign modules after debug objcopy
- LP: #1253155
linux-lts-raring (3.8.0-38.54~precise1) precise; urgency=low
[ Kamal Mostafa ]
* Release Tracking Bug
- LP: #1290512
[ Upstream Kernel Changes ]
* netfilter: nf_nat: fix access to uninitialized buffer in IRC NAT helper
- LP: #1274684
- CVE-2014-1690
* crypto: ansi_cprng - Fix off by one error in non-block size request
- LP: #1229981
- CVE-2013-4345
* xfs: underflow bug in xfs_attrlist_by_handle()
- LP: #1256091
- CVE-2013-6382
* crypto: s390 - fix concurrency issue in aes-ctr mode
- LP: #1289439
* crypto: s390 - fix des and des3_ede cbc concurrency issue
- LP: #1289439
* crypto: s390 - fix des and des3_ede ctr concurrency issue
- LP: #1289439
* [media] mxl111sf: Fix unintentional garbage stack read
- LP: #1289439
* [media] mxl111sf: Fix compile when CONFIG_DVB_USB_MXL111SF is unset
- LP: #1289439
* [media] af9035: add ID [2040:f900] Hauppauge WinTV-MiniStick 2
- LP: #1289439
* arm64: vdso: prevent ld from aligning PT_LOAD segments to 64k
- LP: #1289439
* arm64: add DSB after icache flush in __flush_icache_all()
- LP: #1289439
* arm64: Invalidate the TLB when replacing pmd entries during boot
- LP: #1289439
* arm64: vdso: fix coarse clock handling
- LP: #1289439
* arm64: vdso: update wtm fields for CLOCK_MONOTONIC_COARSE
- LP: #1289439
* drm/mgag200,ast,cirrus: fix regression with drm_can_sleep conversion
- LP: #1289439
* x86, hweight: Fix BUG when booting with CONFIG_GCOV_PROFILE_ALL=y
- LP: #1289439
* mm/swap: fix race on swap_info reuse between swapoff and swapon
- LP: #1289439
* mm: __set_page_dirty_nobuffers() uses spin_lock_irqsave() instead of
spin_lock_irq()
- LP: #1289439
* mm: __set_page_dirty uses spin_lock_irqsave instead of spin_lock_irq
- LP: #1289439
* staging:iio:ad799x fix error_free_irq which was freeing an irq that may
not have been requested
- LP: #1289439
* KVM: return an error code in kvm_vm_ioctl_register_coalesced_mmio()
- LP: #1289439
* block: __elv_next_request() shouldn't call into the elevator if
bypassing
- LP: #1289439
* power: max17040: Fix NULL pointer dereference when there is no
platform_data
- LP: #1289439
* s390/dump: Fix dump memory detection
- LP: #1289439
* ath9k_htc: make ->sta_rc_update atomic for most calls
- LP: #1289439
* ath9k_htc: Do not support PowerSave by default
- LP: #1289439
* ar5523: fix usb id for Gigaset.
- LP: #1289439
* ath9k: Do not support PowerSave by default
- LP: #1289439
* spi: nuc900: Set SPI_LSB_FIRST for master->mode_bits if hw->pdata->lsb
is true
- LP: #1289439
* usb: ftdi_sio: add Mindstorms EV3 console adapter
- LP: #1289439
* usb-storage: restrict bcdDevice range for Super Top in Cypress ATACB
- LP: #1289439
* usb-storage: add unusual-devs entry for BlackBerry 9000
- LP: #1289439
* usb-storage: enable multi-LUN scanning when needed
- LP: #1289439
* of: Fix address decoding on Bimini and js2x machines
- LP: #1289439
* of: fix PCI bus match for PCIe slots
- LP: #1289439
* usb: qcserial: add Netgear Aircard 340U
- LP: #1289439
* USB: ftdi_sio: add Tagsys RFID Reader IDs
- LP: #1289439
* mac80211: move roc cookie assignment earlier
- LP: #1289439
* mac80211: release the channel in error path in start_ap
- LP: #1289439
* mac80211: Fix IBSS disconnect
- LP: #1289439
* mac80211: fix fragmentation code, particularly for encryption
- LP: #1289439
* time: Fix overflow when HZ is smaller than 60
- LP: #1289439
* ALSA: hda - Fix mic capture on Sony VAIO Pro 11
- LP: #1289439
* VME: Correct read/write alignment algorithm
- LP: #1289439
* Drivers: hv: vmbus: Don't timeout during the initial connection with
host
- LP: #1289439
* raw: test against runtime value of max_raw_minors
- LP: #1289439
* tty: n_gsm: Fix for modems with brk in modem status control
- LP: #1289439
* staging: comedi: adv_pci1710: fix analog output readback value
- LP: #1289439
* xen-blkfront: handle backend CLOSED without CLOSING
- LP: #1289439
* Modpost: fixed USB alias generation for ranges including 0x9 and 0xA
- LP: #1289439
* fs/file.c:fdtable: avoid triggering OOMs from alloc_fdmem
- LP: #1289439
* genirq: Add missing irq_to_desc export for CONFIG_SPARSE_IRQ=n
- LP: #1289439
* xen: install xen/gntdev.h and xen/gntalloc.h
- LP: #1289439
* ring-buffer: Fix first commit on sub-buffer having non-zero delta
- LP: #1289439
* usb: option: blacklist ZTE MF667 net interface
- LP: #1289439
* ftrace/x86: Use breakpoints for converting function graph caller
- LP: #1289439
* block: add cond_resched() to potentially long running ioctl discard
loop
- LP: #1289439
* md/raid5: Fix CPU hotplug callback registration
- LP: #1289439
* compiler/gcc4: Make quirk for asm_volatile_goto() unconditional
- LP: #1289439
* x86, smap: Don't enable SMAP if CONFIG_X86_SMAP is disabled
- LP: #1289439
* x86, smap: smap_violation() is bogus if CONFIG_X86_SMAP is off
- LP: #1289439
* lockd: send correct lock when granting a delayed lock.
- LP: #1289439
* IB/qib: Add missing serdes init sequence
- LP: #1289439
* EDAC: Poll timeout cannot be zero, p2
- LP: #1289439
* EDAC: Correct workqueue setup path
- LP: #1289439
* kvm: x86: fix apic_base enable check
- LP: #1289439
* Linux 3.8.13.19
- LP: #1289439
-- Brad Figg <brad.figg@xxxxxxxxxxxxx> Thu, 13 Mar 2014 08:42:48 -0700
** Changed in: linux-lts-raring (Ubuntu Precise)
Status: Fix Committed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-6382
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-1690
** Changed in: linux-lts-raring (Ubuntu Precise)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1229981
Title:
CVE-2013-4345
Status in “linux” package in Ubuntu:
Invalid
Status in “linux-armadaxp” package in Ubuntu:
Invalid
Status in “linux-ec2” package in Ubuntu:
Invalid
Status in “linux-fsl-imx51” package in Ubuntu:
Invalid
Status in “linux-lts-backport-maverick” package in Ubuntu:
Won't Fix
Status in “linux-lts-backport-natty” package in Ubuntu:
Won't Fix
Status in “linux-lts-quantal” package in Ubuntu:
Invalid
Status in “linux-lts-raring” package in Ubuntu:
Invalid
Status in “linux-lts-saucy” package in Ubuntu:
Invalid
Status in “linux-mvl-dove” package in Ubuntu:
Invalid
Status in “linux-ti-omap4” package in Ubuntu:
Invalid
Status in “linux” source package in Lucid:
Fix Released
Status in “linux-armadaxp” source package in Lucid:
Invalid
Status in “linux-ec2” source package in Lucid:
Fix Released
Status in “linux-fsl-imx51” source package in Lucid:
Invalid
Status in “linux-lts-backport-maverick” source package in Lucid:
Won't Fix
Status in “linux-lts-backport-natty” source package in Lucid:
Won't Fix
Status in “linux-lts-quantal” source package in Lucid:
Invalid
Status in “linux-lts-raring” source package in Lucid:
Invalid
Status in “linux-lts-saucy” source package in Lucid:
Invalid
Status in “linux-mvl-dove” source package in Lucid:
Invalid
Status in “linux-ti-omap4” source package in Lucid:
Invalid
Status in “linux” source package in Precise:
Fix Released
Status in “linux-armadaxp” source package in Precise:
Fix Released
Status in “linux-ec2” source package in Precise:
Invalid
Status in “linux-fsl-imx51” source package in Precise:
Invalid
Status in “linux-lts-backport-maverick” source package in Precise:
Won't Fix
Status in “linux-lts-backport-natty” source package in Precise:
Won't Fix
Status in “linux-lts-quantal” source package in Precise:
Fix Released
Status in “linux-lts-raring” source package in Precise:
Fix Released
Status in “linux-lts-saucy” source package in Precise:
Fix Released
Status in “linux-mvl-dove” source package in Precise:
Invalid
Status in “linux-ti-omap4” source package in Precise:
Fix Released
Status in “linux” source package in Quantal:
Fix Released
Status in “linux-armadaxp” source package in Quantal:
Fix Released
Status in “linux-ec2” source package in Quantal:
Invalid
Status in “linux-fsl-imx51” source package in Quantal:
Invalid
Status in “linux-lts-backport-maverick” source package in Quantal:
Won't Fix
Status in “linux-lts-backport-natty” source package in Quantal:
Won't Fix
Status in “linux-lts-quantal” source package in Quantal:
Invalid
Status in “linux-lts-raring” source package in Quantal:
Invalid
Status in “linux-lts-saucy” source package in Quantal:
Invalid
Status in “linux-mvl-dove” source package in Quantal:
Invalid
Status in “linux-ti-omap4” source package in Quantal:
Fix Released
Status in “linux-lts-backport-maverick” source package in Raring:
Won't Fix
Status in “linux-lts-backport-natty” source package in Raring:
Won't Fix
Status in “linux” source package in Saucy:
Fix Released
Status in “linux-armadaxp” source package in Saucy:
Invalid
Status in “linux-ec2” source package in Saucy:
Invalid
Status in “linux-fsl-imx51” source package in Saucy:
Invalid
Status in “linux-lts-backport-maverick” source package in Saucy:
Won't Fix
Status in “linux-lts-backport-natty” source package in Saucy:
Won't Fix
Status in “linux-lts-quantal” source package in Saucy:
Invalid
Status in “linux-lts-raring” source package in Saucy:
Invalid
Status in “linux-lts-saucy” source package in Saucy:
Invalid
Status in “linux-mvl-dove” source package in Saucy:
Invalid
Status in “linux-ti-omap4” source package in Saucy:
Fix Released
Status in “linux” source package in Trusty:
Invalid
Status in “linux-armadaxp” source package in Trusty:
Invalid
Status in “linux-ec2” source package in Trusty:
Invalid
Status in “linux-fsl-imx51” source package in Trusty:
Invalid
Status in “linux-lts-backport-maverick” source package in Trusty:
Won't Fix
Status in “linux-lts-backport-natty” source package in Trusty:
Won't Fix
Status in “linux-lts-quantal” source package in Trusty:
Invalid
Status in “linux-lts-raring” source package in Trusty:
Invalid
Status in “linux-lts-saucy” source package in Trusty:
Invalid
Status in “linux-mvl-dove” source package in Trusty:
Invalid
Status in “linux-ti-omap4” source package in Trusty:
Invalid
Bug description:
Off-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c
in the Linux kernel through 3.11.4 makes it easier for context-
dependent attackers to defeat cryptographic protection mechanisms via
multiple requests for small amounts of data, leading to improper
management of the state of the consumed data.
Break-Fix: - 714b33d15130cbb5ab426456d4e3de842d6c5b8a
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1229981/+subscriptions
References