[Bug 869245] Re: CVE-2011-2517

Launchpad Bug Tracker Wed, 23 Nov 2011 22:16:48 -0800

This bug was fixed in the package linux-lts-backport-maverick -
2.6.35-31.62~lucid1


---------------
linux-lts-backport-maverick (2.6.35-31.62~lucid1) lucid-proposed; urgency=low

  [Herton R. Krzesinski]

  * Release Tracking Bug
    - LP: #888571

  [ Upstream Kernel Changes ]

  * ipv6: restore correct ECN handling on TCP xmit
    - LP: #872179
  * nl80211: fix overflow in ssid_len - CVE-2011-2517
    - LP: #869245
    - CVE-2011-2517
  * vm: fix vm_pgoff wrap in stack expansion - CVE-2011-2496
    - LP: #869243
    - CVE-2011-2496
  * vm: fix vm_pgoff wrap in upward expansion - CVE-2011-2496
    - LP: #869243
    - CVE-2011-2496
  * ksm: fix NULL pointer dereference in scan_get_next_rmap_item() -
    CVE-2011-2183
    - LP: #869227
    - CVE-2011-2183
  * NLM: Don't hang forever on NLM unlock requests - CVE-2011-2491
    - LP: #869237
    - CVE-2011-2491
  * cifs: clean up cifs_find_smb_ses (try #2), CVE-2011-1585
    - LP: #869208
    - CVE-2011-1585
  * cifs: fix NULL pointer dereference in cifs_find_smb_ses, CVE-2011-1585
    - LP: #869208
    - CVE-2011-1585
  * cifs: check for NULL session password, CVE-2011-1585
    - LP: #869208
    - CVE-2011-1585

linux (2.6.35-30.61) maverick-proposed; urgency=low

  [Herton R. Krzesinski]

  * Release Tracking Bug
    - LP: #871912

  [ Stefan Bader ]

  * [Config] Include all filesystem modules for virtual
    - LP: #761809

  [ Upstream Kernel Changes ]

  * crypto: Move md5_transform to lib/md5.c, CVE-2011-3188
    - LP: #834129
    - CVE-2011-3188
  * net: Compute protocol sequence numbers and fragment IDs using MD5,
    CVE-2011-3188
    - LP: #834129
    - CVE-2011-3188
  * ext4: Fix max file size and logical block counting of extent format
    file, CVE-2011-2695
    - LP: #819574
    - CVE-2011-2695
  * cifs: add fallback in is_path_accessible for old servers, CVE-2011-3363
    - LP: #866034
    - CVE-2011-3363
  * Make TASKSTATS require root access, CVE-2011-2494
    - LP: #866021
    - CVE-2011-2494
  * proc: restrict access to /proc/PID/io, CVE-2011-2495
    - LP: #866025
    - CVE-2011-2495
  * proc: fix a race in do_io_accounting(), CVE-2011-2495
    - LP: #866025
    - CVE-2011-2495
  * inotify: fix double free/corruption of stuct user
    - LP: #869203
    - CVE-2011-1479
  * staging: comedi: fix infoleak to userspace, CVE-2011-2909
    - LP: #869261
    - CVE-2011-2909
  * perf tools: do not look at ./config for configuration, CVE-2011-2905
    - LP: #869259
    - CVE-2011-2905
 -- Herton Ronaldo Krzesinski <herton.krzesin...@canonical.com>   Thu, 10 Nov 
2011 15:25:11 -0200

** Changed in: linux-lts-backport-maverick (Ubuntu Lucid)
       Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-1479

** Changed in: linux-ti-omap4 (Ubuntu Natty)
       Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-2479

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/869245

Title:
  CVE-2011-2517

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/869245/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 869245] Re: CVE-2011-2517

Reply via email to