UbuntuUpdates.org


AllMaverickLucidKarmicJauntyIntrepidHardyAll PPAs
Recent Search QueriesSearch Statistics

Package linux-ec2

Name: linux-ec2

Description:

This package is just an umbrella for a group of other packages, it has no description. Please select a package in "Packages in group" for more information.
Latest version: 2.6.31-307.17
Ubuntu release: karmic (9.10)
Level: updates
Repository: main

All versions of linux-ec2 in Karmic

updates (this page) base security proposed
2.6.31-307.17 2.6.31-302.7 2.6.31-307.17 2.6.31-307.18

See all versions of linux-ec2 in all Ubuntu releases and repositories.

Links

Packages in group

linux-ec2-doc linux-ec2-source-2.6.31 linux-headers-2.6.31-304 linux-headers-2.6.31-304-ec2 linux-headers-2.6.31-305 linux-headers-2.6.31-305-ec2 linux-headers-2.6.31-306 linux-headers-2.6.31-306-ec2 linux-headers-2.6.31-307 linux-headers-2.6.31-307-ec2 linux-image-2.6.31-304-ec2 linux-image-2.6.31-305-ec2 linux-image-2.6.31-306-ec2 linux-image-2.6.31-307-ec2

Change Log

Version: 2.6.31-307.17 2010-08-20 00:02:35 UTC 
linux-ec2 (2.6.31-307.17) karmic-security; urgency=low

  [ Stefan Bader ]

  * Rebased to 2.6.31-22.63

  [ Ubuntu: 2.6.31-22.63 ]

  * drm: Initialize ioctl struct when no user data is present
    - CVE-2010-2803
  * can: add limit for nframes and clean up signed/unsigned variables
    - CVE-2010-2959
  * mm: keep a guard page below a grow-down stack segment
    - CVE-2010-2240
  * mm: fix missing page table unmap for stack guard page failure case
    - CVE-2010-2240
  * mm: fix page table unmap for stack guard page properly
    - CVE-2010-2240
  * mm: fix up some user-visible effects of the stack guard page
    - CVE-2010-2240
  * x86: don't send SIGBUS for kernel page faults
    - CVE-2010-2240

 -- Stefan Bader   Wed, 18 Aug 2010 12:33:11 +0200
Source diff to previous version
CVE-2010-2803 RESERVED
CVE-2010-2959 nframes issue
CVE-2010-2240 mm: keep a guard page below a grow-down stack segment

Version: 2.6.31-307.16 2010-08-05 01:01:47 UTC 
linux-ec2 (2.6.31-307.16) karmic-security; urgency=low

  [ Stefan Bader ]

  * Rebased to 2.6.31-22.61

  [ Ubuntu: 2.6.31-22.61 ]

  * sctp: Fix skb_over_panic resulting from multiple invalid parameter
    errors (CVE-2010-1173) (v4)
    - CVE-2010-1173
  * sctp: fix append error cause to ERROR chunk correctly
    - CVE-2010-1173
  * GFS2: Fix writing to non-page aligned gfs2_quota structures
    - CVE-2010-1436
  * KEYS: find_keyring_by_name() can gain access to a freed keyring
    - CVE-2010-1437
  * sparc64: Fix sun4u execute bit check in TSB I-TLB load.
    - CVE-2010-1451
  * Btrfs: check for read permission on src file in the clone ioctl
    - CVE-2010-1636
  * GFS2: Fix permissions checking for setflags ioctl()
    - CVE-2010-1641
  * Btrfs: should add a permission check for setfacl
    - CVE-2010-2071
  * ecryptfs: Bugfix for error related to ecryptfs_hash_buckets
    - CVE-2010-2492

 -- Stefan Bader   Tue, 20 Jul 2010 18:07:38 +0200
Source diff to previous version
CVE-2010-1173 The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attacker
CVE-2010-1436 gfs2 in the Linux kernel 2.6.18, and possibly other versions, does not properly handle when the gfs2_quota struct occupies two separate pages, which a
CVE-2010-1437 Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and earlier allows local users to cause
CVE-2010-1451 The TSB I-TLB load implementation in arch/sparc/kernel/tsb.S in the Linux kernel before 2.6.33 on the SPARC platform does not properly obtain the valu
CVE-2010-1636 The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs functionality in the Linux kernel 2.6.29 through 2.6.32, and possibly other versions,
CVE-2010-1641 The do_gfs2_set_flags function in fs/gfs2/file.c in the Linux kernel before 2.6.34-git10 does not verify the ownership of a file, which allows local u
CVE-2010-2071 The btrfs_xattr_set_acl function in fs/btrfs/acl.c in btrfs in the Linux kernel 2.6.34 and earlier does not check file ownership before setting an ACL
CVE-2010-2492 RESERVED

Version: 2.6.31.307.6 2010-06-03 03:01:26 UTC
No changelog available yet.
Source diff to previous version

Version: 2.6.31-307.15 2010-06-03 03:01:26 UTC 
linux-ec2 (2.6.31-307.15) karmic-security; urgency=low

  [ Stefan Bader ]

  * Rebased to 2.6.31-22.60

  [ Ubuntu: 2.6.31-22.60 ]

  * kvm: restrict writing of segment selectors to segment registers
    - CVE-2010-0419
  * USB: usbfs: properly clean up the as structure on error paths
    - CVE-2010-1083
  * Bluetooth: Fix potential bad memory access with sysfs files
    - CVE-2010-1084
  * ALSA: hda-intel: Avoid divide by zero crash
    - CVE-2010-1085
  * dvb-core: Fix DoS bug in ULE decapsulation code that can be triggered
    by an invalid Payload Pointer
    - CVE-2010-1086
  * GFS2: Skip check for mandatory locks when unlocking
    - CVE-2010-0727
  * tipc: Fix oops on send prior to entering networked mode (v3)
    - CVE-2010-1187
  * inotify: do not reuse watch descriptors
    - LP: #485556
  * idr: fix a critical misallocation bug, take#2
    - LP: #485556
  * tty: release_one_tty() forgets to put pids
    - CVE-2010-1162
  * reiserfs: fix permissions on .reiserfs_priv
    - CVE-2010-1146
  * fix LOOKUP_FOLLOW on automount "symlinks"
    - CVE-2010-1088
  * NFS: Fix an Oops when truncating a file
    - CVE-2010-1087
  * Attempt #2 to handle null nameidata
    - CVE-2010-1148
  * r8169: Fix receive buffer length when MTU is between 1515 and 1536
    - CVE-2009-4537
  * r8169: offical fix for CVE-2009-4537 (overlength frame DMAs)
    - CVE-2009-4537
  * KVM: Use kvm_{read,write}_guest_virt() to read and write segment
    descriptors
    - CVE-2010-0298
    - CVE-2010-0306
  * KVM: x86 emulator: Check CPL level during privilege instruction
    emulation
    - CVE-2010-0298
    - CVE-2010-0306
  * KVM: x86 emulator: Add Virtual-8086 mode of emulation
    - CVE-2010-0298
    - CVE-2010-0306
  * KVM: x86 emulator: fix memory access during x86 emulation
    - CVE-2010-0298
    - CVE-2010-0306
  * KVM: x86 emulator: Check IOPL level during io instruction emulation
    - CVE-2010-0298
    - CVE-2010-0306
  * KVM: x86 emulator: Fix popf emulation
    - CVE-2010-0298
    - CVE-2010-0306
  * KVM: VMX: Use macros instead of hex value on cr0 initialization
    - CVE-2010-0298
    - CVE-2010-0306
  * KVM: SVM: Reset cr0 properly on vcpu reset
    - CVE-2010-0298
    - CVE-2010-0306
  * KVM: x86: disable paravirt mmu reporting
    - CVE-2010-0298
    - CVE-2010-0306

 -- Stefan Bader   Tue, 25 May 2010 12:54:39 +0000
Source diff to previous version
485556 linux: "inotify oops with wd == 4096"
CVE-2010-0419 The x86 emulator in KVM 83, when a guest is configured for Symmetric Multiprocessing (SMP), does not properly restrict writing of segment selectors to
CVE-2010-1083 The processcompl_compat function in drivers/usb/core/devio.c in Linux kernel 2.6.x through 2.6.32, and possibly other versions, does not clear the tra
CVE-2010-1084 Linux kernel 2.6.18 through 2.6.33, and possibly other versions, allows remote attackers to cause a denial of service (memory corruption) via a large
CVE-2010-1085 The azx_position_ok function in hda_intel.c in Linux kernel 2.6.33-rc4 and earlier, when running on the AMD780V chip set, allows context-dependent att
CVE-2010-1086 The ULE decapsulation functionality in drivers/media/dvb/dvb-core/dvb_net.c in dvb-core in Linux kernel 2.6.33 and earlier allows attackers to cause a
CVE-2010-0727 The gfs2_lock function in the Linux kernel before 2.6.34-rc1-next-20100312, and the gfs_lock function in the Linux kernel on Red Hat Enterprise Linux
CVE-2010-1187 The Transparent Inter-Process Communication (TIPC) functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local
CVE-2010-1162 The release_one_tty function in drivers/char/tty_io.c in the Linux kernel before 2.6.34-rc4 omits certain required calls to the put_pid function, whic
CVE-2010-1146 The Linux kernel 2.6.33.2 and earlier, when a ReiserFS filesystem exists, does not restrict read or write access to the .reiserfs_priv directory, whic
CVE-2010-1088 fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always follow NFS automount "symlinks," which allows attackers to have an unknown impact, re
CVE-2010-1087 The nfs_wait_on_request function in fs/nfs/pagelist.c in Linux kernel 2.6.x through 2.6.33-rc5 allows attackers to cause a denial of service (Oops) vi
CVE-2010-1148 The cifs_create function in fs/cifs/dir.c in the Linux kernel 2.6.33.2 and earlier allows local users to cause a denial of service (NULL pointer deref
CVE-2009-4537 drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds th
CVE-2010-0298 The x86 emulator in KVM 83 does not use the Current Privilege Level (CPL) and I/O Privilege Level (IOPL) in determining the memory access available to
CVE-2010-0306 The x86 emulator in KVM 83, when a guest is configured for Symmetric Multiprocessing (SMP), does not use the Current Privilege Level (CPL) and I/O Pri

Version: 2.6.31.306.5 2010-04-28 19:01:42 UTC
No changelog available yet.


About   -   Changelog   -   Send Feedback