[Kernel-packages] [Bug 1713456] Re: linux: 3.13.0-130.179 -proposed tracker

[Launchpad Bug Tracker]

*** This bug is a duplicate of bug 1716634 ***
    https://bugs.launchpad.net/bugs/1716634

This bug was fixed in the package linux - 3.13.0-132.181

---------------
linux (3.13.0-132.181) trusty; urgency=low

  * linux: 3.13.0-132.181 -proposed tracker (LP: #1716634)

  * CVE-2017-1000251
    - Bluetooth: Properly check L2CAP config option output buffer length

linux (3.13.0-131.180) trusty; urgency=low

  * linux: 3.13.0-131.180 -proposed tracker (LP: #1715439)

  * CVE-2016-7097
    - posix_acl: Clear SGID bit when setting file permissions

  * CVE-2016-9083
    - vfio/pci: Fix integer overflows, bitmask check

  * CVE-2016-9084
    - vfio/pci: Fix integer overflows, bitmask check

  * CVE-2016-9604
    - KEYS: Disallow keyrings beginning with '.' to be joined as session 
keyrings

  * CVE-2016-9191
    - sysctl: Drop reference added by grab_header in proc_sys_readdir

  * CVE-2016-9178
    - fix minor infoleak in get_user_ex()

  * CVE-2016-8650
    - mpi: Fix NULL ptr dereference in mpi_powm() [ver #3]

  * CVE-2016-10044
    - vfs: Commit to never having exectuables on proc and sysfs.
    - aio: mark AIO pseudo-fs noexec

linux (3.13.0-130.179) trusty; urgency=low

  * linux: 3.13.0-130.179 -proposed tracker (LP: #1713456)

  * CVE-2016-10200
    - l2tp: fix racy SOCK_ZAPPED flag check in l2tp_ip{, 6}_bind()

  * CVE-2016-9754
    - ring-buffer: Prevent overflow of size in ring_buffer_resize()

  * CVE-2017-5970
    - ipv4: keep skb->dst around in presence of IP options

  * CVE-2017-6346
    - packet: fix races in fanout_add()

  * CVE-2017-6214
    - tcp: avoid infinite loop in tcp_splice_read()

  * CVE-2017-6951
    - KEYS: Change the name of the dead type to ".dead" to prevent user access

  * CVE-2017-7472
    - KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings

  * CVE-2017-7187
    - scsi: sg: check length passed to SG_NEXT_CMD_LEN

  * CVE-2017-7541
    - brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx()

  * sort ABI files with C.UTF-8 locale (LP: #1712345)
    - [Packaging] sort ABI files with C.UTF-8 locale

  * Please only recommend or suggest initramfs-tools | linux-initramfs-tool for
    kernels able to boot without initramfs (LP: #1700972)
    - [Debian] Don't depend on initramfs-tools

 -- Juerg Haefliger <juerg.haefli...@canonical.com>  Wed, 13 Sep 2017
13:34:29 +0200

** Changed in: linux (Ubuntu Trusty)
       Status: Confirmed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-10044

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-10200

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-7097

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-8650

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-9083

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-9084

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-9178

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-9191

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-9604

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-9754

** CVE added: https://cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-1000251

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5970

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-6214

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-6346

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-6951

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-7187

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-7472

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-7541

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1713456

Title:
  linux: 3.13.0-130.179 -proposed tracker

Status in Kernel SRU Workflow:
  In Progress
Status in Kernel SRU Workflow automated-testing series:
  Fix Released
Status in Kernel SRU Workflow certification-testing series:
  Confirmed
Status in Kernel SRU Workflow prepare-package series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-signed series:
  Fix Released
Status in Kernel SRU Workflow promote-to-proposed series:
  Fix Released
Status in Kernel SRU Workflow promote-to-security series:
  New
Status in Kernel SRU Workflow promote-to-updates series:
  New
Status in Kernel SRU Workflow regression-testing series:
  Confirmed
Status in Kernel SRU Workflow security-signoff series:
  In Progress
Status in Kernel SRU Workflow upload-to-ppa series:
  Invalid
Status in Kernel SRU Workflow verification-testing series:
  Confirmed
Status in linux package in Ubuntu:
  Invalid
Status in linux source package in Trusty:
  Fix Released

Bug description:
  This bug is for tracking the <version to be filled> upload package.
  This bug will contain status and testing results related to that
  upload.

  For an explanation of the tasks and the associated workflow see:
  https://wiki.ubuntu.com/Kernel/kernel-sru-workflow

  backports: 1713458
  derivatives:
  -- swm properties --
  boot-testing-requested: true
  phase: Promoted to proposed
  proposed-announcement-sent: true
  proposed-testing-requested: true

To manage notifications about this bug go to:
https://bugs.launchpad.net/kernel-sru-workflow/+bug/1713456/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp