← Back to team overview

kernel-packages team mailing list archive

[Bug 1403918] Re: Lucid update to 2.6.32.65 stable release

 

This bug was fixed in the package linux - 2.6.32-71.138

---------------
linux (2.6.32-71.138) lucid; urgency=low

  [ Luis Henriques ]

  * Release Tracking Bug
    - LP: #1403943

  [ Luis Henriques ]

  * [Config] updateconfigs CONFIG_X86_16BIT=y after v2.6.32.65 update

  [ Upstream Kernel Changes ]

  * KVM: x86: Check non-canonical addresses upon WRMSR
    - LP: #1384539
    - CVE-2014-3610
  * KVM: x86: Improve thread safety in pit
    - LP: #1384540
    - CVE-2014-3611
  * net:socket: set msg_namelen to 0 if msg_name is passed as NULL in
    msghdr struct from userland.
    - LP: #1335478
  * x86, 64-bit: Move K8 B step iret fixup to fault entry asm
    - LP: #1403918
  * x86-64: Adjust frame type at paranoid_exit:
    - LP: #1403918
  * x86-64, modify_ldt: Ban 16-bit segments on 64-bit kernels
    - LP: #1403918
  * x86-32, espfix: Remove filter for espfix32 due to race
    - LP: #1403918
  * x86-64, espfix: Don't leak bits 31:16 of %esp returning to 16-bit stack
    - LP: #1403918
  * x86, espfix: Move espfix definitions into a separate header file
    - LP: #1403918
  * x86, espfix: Fix broken header guard
    - LP: #1403918
  * x86, espfix: Make espfix64 a Kconfig option, fix UML
    - LP: #1403918
  * x86, espfix: Make it possible to disable 16-bit support
    - LP: #1403918
  * x86_64/entry/xen: Do not invoke espfix64 on Xen
    - LP: #1403918
  * x86/espfix/xen: Fix allocation of pages for paravirt page tables
    - LP: #1403918
  * x86_64, traps: Fix the espfix64 #DF fixup and rewrite it in C
    - LP: #1403918
  * x86_64, traps: Rework bad_iret
    - LP: #1403918
 -- Luis Henriques <luis.henriques@xxxxxxxxxxxxx>   Thu, 18 Dec 2014 16:22:56 +0000

** Changed in: linux (Ubuntu Lucid)
       Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3610

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3611

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1403918

Title:
  Lucid update to 2.6.32.65 stable release

Status in linux package in Ubuntu:
  New
Status in linux source package in Lucid:
  Fix Released

Bug description:
  SRU Justification

      Impact:
         The upstream process for stable tree updates is quite similar
         in scope to the Ubuntu SRU process, e.g., each patch has to
         demonstrably fix a bug, and each patch is vetted by upstream
         by originating either directly from Linus' tree or in a minimally
         backported form of that patch. The 2.6.32.65 upstream stable
         patch set is now available. It should be included in the Ubuntu
         kernel as well.

         git://git.kernel.org/

      TEST CASE: TBD

         The following patches are in the 2.6.32.65 stable release:

  x86, 64-bit: Move K8 B step iret fixup to fault entry asm
  x86-64: Adjust frame type at paranoid_exit:
  x86-64, modify_ldt: Ban 16-bit segments on 64-bit kernels
  x86-32, espfix: Remove filter for espfix32 due to race
  x86-64, espfix: Don't leak bits 31:16 of %esp returning to 16-bit stack
  x86, espfix: Move espfix definitions into a separate header file
  x86, espfix: Fix broken header guard
  x86, espfix: Make espfix64 a Kconfig option, fix UML
  x86, espfix: Make it possible to disable 16-bit support
  x86_64/entry/xen: Do not invoke espfix64 on Xen
  x86/espfix/xen: Fix allocation of pages for paravirt page tables
  x86_64, traps: Stop using IST for #SS
  x86_64, traps: Fix the espfix64 #DF fixup and rewrite it in C
  x86_64, traps: Rework bad_iret

  The following patches from the stable release have been dropped (some
  were actually already applied to Lucid):

  net: sendmsg: fix failed backport of "fix NULL pointer dereference"
  net/l2tp: don't fall back on UDP [get|set]sockopt
  ALSA: control: Don't access controls outside of protected regions
  ALSA: control: Fix replacing user controls
  USB: whiteheat: Added bounds checking for bulk command response
  net: sctp: fix panic on duplicate ASCONF chunks
  net: sctp: fix remote memory pressure from excessive queueing
  udf: Avoid infinite loop when processing indirect ICBs
  net: sctp: fix NULL pointer dereference in af->from_addr_param on malformed packet
  mac80211: fix fragmentation code, particularly for encryption
  ttusb-dec: buffer overflow in ioctl
  vlan: Don't propagate flag changes on down interfaces.
  sctp: Fix double-free introduced by bad backport in 2.6.32.62
  md/raid6: Fix misapplied backport in 2.6.32.64
  block: add missing blk_queue_dead() checks
  block: Fix blk_execute_rq_nowait() dead queue handling
  cciss: Fix misapplied "cciss: fix info leak in cciss_ioctl32_passthru()"
  proc connector: Delete spurious memset in proc_exit_connector()
  Linux 2.6.32.65

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1403918/+subscriptions


References