UbuntuUpdates.org

Package "linux-lts-utopic"


Moved to trusty:main:security


Name: linux-lts-utopic

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

Latest version: *DELETED*
Release: trusty (14.04)
Level: proposed
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "linux-lts-utopic" in Trusty

Repository Area Version
security main 3.16.0-36.48~14.04.1
updates main 3.16.0-36.48~14.04.1
PPA: Canonical Kernel Team 3.16.0-76.98~14.04.1

Changelog

Version: *DELETED* 2016-06-10 09:06:35 UTC
Moved to trusty:main:security
No changelog for deleted or moved packages.

Version: 3.16.0-73.95~14.04.1 2016-06-09 22:06:39 UTC

  linux-lts-utopic (3.16.0-73.95~14.04.1) trusty; urgency=low

  [ Kamal Mostafa ]

  * CVE-2016-1583 (LP: #1588871)
    - ecryptfs: fix handling of directory opening
    - SAUCE: proc: prevent stacking filesystems on top
    - SAUCE: ecryptfs: forbid opening files without mmap handler

 -- Andy Whitcroft <email address hidden> Thu, 09 Jun 2016 08:46:24 +0100
Source diff to previous version
CVE-2016-1583 RESERVED

Version: 3.16.0-72.93~14.04.1 2016-05-18 22:09:23 UTC

  linux-lts-utopic (3.16.0-72.93~14.04.1) trusty; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1582411

  [ Kamal Mostafa ]

  * [Packaging] update-from-xxx-master: pull from git.launchpad.net
  * [Packaging] update-from-xxx-master: update from master-next
  * [Config] Drop ozwpan from the ABI

  [ Luis Henriques ]

  * [Config] CONFIG_USB_WPAN_HCD=n
    - LP: #1463740
    - CVE-2015-4004

  [ Prarit Bhargava ]

  * SAUCE: (no-up) ACPICA: Dispatcher: Update thread ID for recursive
    method calls
    - LP: #1577898

  [ Upstream Kernel Changes ]

  * usbnet: cleanup after bind() in probe()
    - LP: #1567191
    - CVE-2016-3951
  * KVM: x86: bit-ops emulation ignores offset on 64-bit
    - LP: #1423672
  * USB: usbip: fix potential out-of-bounds write
    - LP: #1572666
    - CVE-2016-3955
  * x86/mm/32: Enable full randomization on i386 and X86_32
    - LP: #1568523
    - CVE-2016-3672
  * Input: gtco - fix crash on detecting device without endpoints
    - LP: #1575706
    - CVE-2016-2187
  * atl2: Disable unimplemented scatter/gather feature
    - LP: #1561403
    - CVE-2016-2117
  * ALSA: usb-audio: Skip volume controls triggers hangup on Dell USB Dock
    - LP: #1577905
  * PNP: Add Broadwell to Intel MCH size workaround
    - LP: #1577748
  * PNP: Add Haswell-ULT to Intel MCH size workaround
    - LP: #1577748
  * fs/pnode.c: treat zero mnt_group_id-s as unequal
    - LP: #1572316
  * propogate_mnt: Handle the first propogated copy being a slave
    - LP: #1572316
  * USB: mct_u232: add sanity checking in probe
    - LP: #1556877
    - CVE-2016-3136
  * USB: cypress_m8: add endpoint sanity check
    - LP: #1556878
    - CVE-2016-3137
  * USB: digi_acceleport: do sanity checking for the number of ports
    - LP: #1556888
    - CVE-2016-3140
  * Input: ims-pcu - sanity check against missing interfaces
    - LP: #1566581
    - CVE-2016-3689
  * drm: Balance error path for GEM handle allocation
    - LP: #1579610
  * net: fix infoleak in llc
    - LP: #1578496
    - CVE-2016-4485
  * net: fix infoleak in rtnetlink
    - LP: #1578497
    - CVE-2016-4486

 -- Kamal Mostafa <email address hidden> Mon, 16 May 2016 14:10:36 -0700
1577898 thunderbolt hotplug is broken
1423672 ext4_mb_generate_buddy:756: group N, block bitmap and bg descriptor inconsistent: X vs Y
1577905 Dell TB15 audio is distorted
1577748 OOPS on wily+ for Haswell-ULT and Broadwell
1579610 drm.ko \u003c kernel version 4.5 has a dead lock bug
CVE-2015-4004 The OZWPAN driver in the Linux kernel through 4.0.5 relies on an untrusted length field during packet parsing, which allows remote attackers to obtai
CVE-2016-3951 usbnet: memory corruption triggered by invalid USB descriptor
CVE-2016-3955 remote buffer overflow in usbip
CVE-2016-3672 Unlimiting the stack not longer disables ASLR
CVE-2016-2187 The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2 allows physically proximate attackers to cause a denial of s
CVE-2016-2117 The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which a
CVE-2016-3136 crash on invalid USB device descriptors (mct_u232 driver)
CVE-2016-3137 crash on invalid USB device descriptors (cypress_m8 driver)
CVE-2016-3140 The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a
CVE-2016-3689 The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a
CVE-2016-4485 information leak vulnerability in llc module
CVE-2016-4486 information leak vulnerability in rtnetlink

Version: *DELETED* 2016-05-16 18:07:32 UTC
Moved to trusty:main:security
No changelog for deleted or moved packages.

Version: 3.16.0-71.92~14.04.1 2016-05-16 15:07:09 UTC

  linux-lts-utopic (3.16.0-71.92~14.04.1) trusty; urgency=low

  [ Kamal Mostafa ]

  * CVE-2016-0758 (LP: #1581202)
    - SAUCE: KEYS: Fix ASN.1 indefinite length object parsing

 -- Kamal Mostafa <email address hidden> Thu, 12 May 2016 15:31:12 -0700
CVE-2016-0758 law in ASN.1 DER decoder for x509 certificate DER files


About   -   Send Feedback to @ubuntu_updates