Bug#624605: marked as done (Potential fixes for lenny from stable 2.6.27.59)
Your message dated Wed, 21 Mar 2012 23:41:37 +0000
with message-id <20120321234137.GQ12704@decadent.org.uk>
and subject line Re: Potential fixes for lenny from stable 2.6.27.59
has caused the Debian Bug report #624605,
regarding Potential fixes for lenny from stable 2.6.27.59
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
624605: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624605
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: Potential fixes for lenny from stable 2.6.27.59
- From: Ben Hutchings <ben@decadent.org.uk>
- Date: Sat, 30 Apr 2011 05:29:19 +0100
- Message-id: <20110430042919.12348.92338.reportbug@localhost>
Package: linux-2.6
Version: 2.6.26-26lenny2
Severity: normal
We might as well get some benefit from these backports:
001/173 USB: EHCI: ASPM quirk of ISOC on AMD SB800
002/173 rt2x00: add device id for windy31 usb device
003/173 hwmon: (via686a) Initialize fan_div values
004/173 USB: usb-storage: unusual_devs entry for CamSport Evo
005/173 USB: EHCI: ASPM quirk of ISOC on AMD Hudson
006/173 USB: EHCI: fix DMA deallocation bug
007/173 USB: g_printer: fix bug in module parameter definitions
008/173 USB: io_edgeport: fix the reported firmware major and minor
009/173 USB: ti_usb: fix module removal
010/173 USB: Storage: Add unusual_devs entry for VTech Kidizoom
011/173 USB: prevent buggy hubs from crashing the USB stack
Not important enough.
012/173 [SCSI] fix medium error problems with some arrays which can cause data corruption
Fixes data loss.
013/173 [SCSI] libsas: fix runaway error handler problem
014/173 [media] radio-aimslab.c: Fix gcc 4.5+ bug
015/173 ALSA : au88x0 - Limit number of channels to fix Oops via OSS emu
016/173 Input: i8042 - introduce 'notimeout' blacklist for Dell Vostro V13
Not important enough.
017/173 NFS: Fix "kernel BUG at fs/aio.c:554!"
Might fix local DoS or data loss?
018/173 rapidio: fix hang on RapidIO doorbell queue full condition
019/173 serial: unbreak billionton CF card
Not important enough.
020/173 ptrace: use safer wake up on ptrace_detach()
Fixes local DoS.
021/173 fix jiffy calculations in calibrate_delay_direct to handle overflow
022/173 USB: serial: pl2303: Hybrid reader Uniform HCR331
023/173 drivers: update to pl2303 usb-serial to support Motorola cables
024/173 powerpc: Fix some 6xx/7xxx CPU setup functions
025/173 parisc: pass through '\t' to early (iodc) console
026/173 parisc : Remove broken line wrapping handling pdc_iodc_print()
027/173 hostap_cs: fix sleeping function called from invalid context
Not important enough.
028/173 md: fix regression with re-adding devices to arrays with no metadata
Not applicable.
029/173 [rejected]
030/173 TPM: Long default timeout fix
031/173 drm/radeon: remove 0x4243 pci id
Not important enough.
032/173 x86, mm: avoid possible bogus tlb entries by clearing prev mm_cpumask after switching mm
Fixes data loss.
033/173 NFSD: memory corruption due to writing beyond the stat array
Fixes data loss.
034/173 sctp: Fix out-of-bounds reading in sctp_asoc_get_hmac()
Already applied; CVE-2010-3705.
035/173 ocfs2_connection_find() returns pointer to bad structure
Might fix a security vulnerability.
036/173 Fix pktcdvd ioctl dev_minor range check
Already applied; CVE-2010-3437.
037/173 filter: make sure filters dont read uninitialized memory
Already applied; CVE-2010-4158.
038/173 x25: decrement netdev reference counts on unload
Not important enough.
039/173 [rejected]
040/173 [media] [v3,media] av7110: check for negative array offset
Already applied; CVE-2011-0521.
041/173 NFS: fix the return value of nfs_file_fsync()
Not applicable.
042/173 isdn: hisax: Replace the bogus access to irq stats
Not important enough.
043/173 dm raid1: fail writes if errors are not handled and log fails
Fixes data loss.
044/173 GFS2: Fix bmap allocation corner-case bug
045/173 sunrpc/cache: fix module refcnt leak in a failure path
Not important enough.
046/173 tcp: Increase TCP_MAXSEG socket option minimum.
047/173 tcp: Make TCP_MAXSEG minimum more correct.
Fixes local DoS; CVE-2010-4165.
048/173 nfsd: correctly handle return value from nfsd_map_name_to_*
Not applicable.
049/173 s390: remove task_show_regs
Already applied; CVE-2011-0710.
050/173 fs/partitions: Validate map_count in Mac partition tables
Already applied; CVE-2011-1010.
051/173 [media] radio-aimslab.c needs #include <linux/delay.h>
052/173 ARM: Ensure predictable endian state on signal handler entry
Not important enough.
053/173 platform: x86: asus_acpi: world-writable procfs files
054/173 [rejected]
055/173 platform: x86: acer-wmi: world-writable sysfs threeg file
056/173 platform: x86: tc1100-wmi: world-writable sysfs wireless and jogdial files
Probably fix local DoS.
057/173 genirq: Disable the SHIRQ_DEBUG call in request_threaded_irq for now
058/173 usb: musb: omap2430: fix kernel panic on reboot
Not important enough.
059/173 ldm: corrupted partition table can cause kernel oops
Already applied; CVE-2011-1012.
060/173 md: correctly handle probe of an 'mdp' device.
Not important enough.
061/173 x25: Do not reference freed memory.
Possibly fixes local DoS.
062/173 mfd: Fix NULL pointer due to non-initialized ucb1x00-ts absinfo
063/173 x86: Use u32 instead of long to set reset vector back to 0
Not important enough.
064/173 ext2: Fix link count corruption under heavy link+rename load
Fixes possible local DoS or data loss.
065/173 sctp: Fix oops when sending queued ASCONF chunks
Fixes remote DoS; CVE-2010-1173.
066/173 virtio: set pci bus master enable bit
Required for compatibility as guest in qemu 0.11-0.12.
067/173 dccp: fix oops on Reset after close
Already applied; CVE-2011-1093.
068/173 r8169: disable ASPM
Not important enough.
069/173 usb: iowarrior: don't trust report_size for buffer size
Already applied; CVE-2010-4656.
070/173 [S390] keyboard: integer underflow bug
Fixes local DoS or maybe privilege escalation.
071/173 mm: fix possible cause of a page_mapped BUG
Possibly fixes local DoS.
072/173 powerpc/kdump: CPUs assume the context of the oopsing CPU
073/173 powerpc/kdump: Use chip->shutdown to disable IRQs
074/173 powerpc: Use more accurate limit for first segment memory allocations
075/173 powerpc/pseries: Add hcall to read 4 ptes at a time in real mode
076/173 powerpc/kexec: Speedup kexec hash PTE tear down
077/173 powerpc/crashdump: Do not fail on NULL pointer dereferencing
078/173 powerpc/kexec: Fix orphaned offline CPUs across kexec
079/173 hwmon/f71882fg: Set platform drvdata to NULL later
080/173 libata: no special completion processing for EH commands
081/173 x86: Fix panic when handling "mem={invalid}" param
082/173 ahci: add device IDs for Ibex Peak ahci controllers
083/173 ahci: AHCI and RAID mode SATA patch for Intel Cougar Point DeviceIDs
084/173 ahci: AHCI and RAID mode SATA patch for Intel Patsburg DeviceIDs
085/173 ahci: AHCI mode SATA patch for Intel DH89xxCC DeviceIDs
086/173 ahci: AHCI mode SATA patch for Intel Patsburg SATA RAID controller
Not important enough.
087/173 RDMA/cma: Fix crash in request handlers
088/173 IB/cm: Bump reference count on cm_id before invoking callback
CVE-2011-0695.
089/173 x86, quirk: Fix SB600 revision check
090/173 USB: serial/kobil_sct, fix potential tty NULL dereference
091/173 USB: serial: ch341: add new id
092/173 PCI: add more checking to ICH region quirks
093/173 PCI: do not create quirk I/O regions below PCIBIOS_MIN_IO for ICH
094/173 SUNRPC: Ensure we always run the tk_callback before tk_action
095/173 ext3: Always set dx_node's fake_dirent explicitly.
Not important enough.
096/173 x86: Flush TLB if PGD entry is changed in i386 PAE mode
Fixes possible user-space hang.
097/173 isdn: avoid calling tty_ldisc_flush() in atomic context
098/173 [PARISC] fix per-cpu flag problem in the cpu affinity checkers
099/173 powerpc/kdump: Fix race in kdump shutdown
100/173 powerpc: rtas_flash needs to use rtas_data_buf
101/173 x86, binutils, xen: Fix another wrong size directive
102/173 aio: wake all waiters when destroying ctx
103/173 shmem: let shared anonymous be nonlinear again
Not important enough.
104/173 Prevent rt_sigqueueinfo and rt_tgsigqueueinfo from spoofing the signal code
Fixes CVE-2011-1182.
105/173 ext3: skip orphan cleanup on rocompat fs
Fixes data loss.
106/173 procfs: fix /proc/<pid>/maps heap check
Not important enough.
107/173 proc: protect mm start_code/end_code in /proc/pid/stat
Fixes local information leak that defeats ASLR.
108/173 fbcon: Bugfix soft cursor detection in Tile Blitting
109/173 ehci-hcd: Bug fix: don't set a QH's Halt bit
110/173 USB: uss720 fixup refcount position
111/173 USB: cdc-acm: fix potential null-pointer dereference on disconnect
112/173 Input: xen-kbdfront - advertise either absolute or relative coordinates
113/173 dcdbas: force SMI to happen when expected
114/173 myri10ge: fix rmmod crash
115/173 cciss: fix lost command issue
116/173 sound/oss/opl3: validate voice and channel indexes
117/173 mac80211: initialize sta->last_rx in sta_info_alloc
118/173 [SCSI] ses: show devices for enclosures with no page 7
119/173 [SCSI] ses: Avoid kernel panic when lun 0 is not mapped
Not important enough.
120/173 eCryptfs: ecryptfs_keyring_auth_tok_for_sig() bug fix
Might fix a local DoS?
121/173 Relax si_code check in rt_sigqueueinfo and rt_tgsigqueueinfo
Fixes regression in 104/173.
122/173 xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1
Already applied; CVE-2011-0711.
123/173 irda: validate peer name and attribute lengths
Fixes remote privilege escalation.
124/173 irda: prevent heap corruption on invalid nickname
Fixes local privilege escalation.
125/173 ASoC: Explicitly say registerless widgets have no register
126/173 ALSA: ens1371: fix Creative Ectiva support
Not important enough.
127/173 ROSE: prevent heap corruption with bad facilities
CVE-2011-1493.
128/173 UBIFS: do not read flash unnecessarily
129/173 UBIFS: fix oops on error path in read_pnode
130/173 quota: Don't write quota info in dquot_commit()
Not important enough
131/173 mm: avoid wrapping vm_pgoff in mremap()
Fixes local DoS.
132/173 Bluetooth: sco: fix information leak to userspace
Already applied; CVE-2011-1078.
133/173 bridge: netfilter: fix information leak
Already applied; CVE-2011-1080.
134/173 Bluetooth: bnep: fix buffer overflow
Already applied; CVE-2011-1079.
135/173 Bluetooth: add support for Apple MacBook Pro 8,2
Not important enough.
136/173 Treat writes as new when holes span across page boundaries
Fixes data loss.
137/173 char/tpm: Fix unitialized usage of data buffer
Not important enough.
138/173 netfilter: ip_tables: fix infoleak to userspace
Already applied; CVE-2011-1171.
139/173 netfilter: arp_tables: fix infoleak to userspace
Already applied; CVE-2011-1170.
140/173 netfilter: ipt_CLUSTERIP: fix buffer overflow
Not a real buffer overflow; not really important.
141/173 ipv6: netfilter: ip6_tables: fix infoleak to userspace
Already applied; CVE-2011-1172.
142/173 drivers/rtc/rtc-ds1511.c: world-writable sysfs nvram file
Fixes local DoS.
143/173 econet: 4 byte infoleak to the network
Already applied; CVE-2011-1173.
144/173 sound/oss: remove offset from load_patch callbacks
145/173 sound: oss: midi_synth: check get_user() return value
146/173 repair gdbstub to match the gdbserial protocol specification
147/173 powerpc/kexec: Add ifdef CONFIG_PPC_STD_MMU_64 to PPC64 code
148/173 powerpc: Fix default_machine_crash_shutdown #ifdef botch
Not important enough.
149/173 sctp: fix to calc the INIT/INIT-ACK chunk length correctly is set
Fixes local DoS.
150/173 net: ax25: fix information leak to userland
Already applied; CVE-2010-3875.
151/173 net: packet: fix information leak to userland
Already applied; CVE-2010-3876.
152/173 ext4: fix credits computing for indirect mapped files
Fixes data loss. Maybe not important as ext4 was considered
experimental in lenny.
153/173 nfsd: fix auth_domain reference leak on nlm operations
Probably fixes remote DoS.
154/173 net: tipc: fix information leak to userland
Already applied; CVE-2010-3877.
155/173 inet_diag: Make sure we actually run the same bytecode we audited.
Already applied; CVE-2010-3880.
156/173 econet: Fix crash in aun_incoming().
Already applied; CVE-2010-4342.
157/173 irda: prevent integer underflow in IRLMP_ENUMDEVICES
Already applied; CVE-2010-4529.
158/173 CAN: Use inode instead of kernel address for /proc file
Already applied; CVE-2010-4565.
159/173 exec: make argv/envp memory visible to oom-killer
160/173 exec: copy-and-paste the fixes into compat_do_execve() paths
Already applied; CVE-2010-4243.
161/173 xfs: zero proper structure size for geometry calls
Already applied; fixes regression in 122/173.
162/173 [media] video: sn9c102: world-wirtable sysfs files
Fixes local DoS.
163/173 x86: Fix a bogus unwind annotation in lib/semaphore_32.S
164/173 [IA64] tioca: Fix assignment from incompatible pointer warnings
165/173 nommu: ramfs: pages allocated to an inode's pagecache may get wrongly discarded
166/173 MAINTAINERS: update STABLE BRANCH info
167/173 UBIFS: fix oops when R/O file-system is fsync'ed
Not important enough.
168/173 next_pidmap: fix overflow condition
Fixes local DoS or information leak?
169/173 proc: do proper range check on readdir offset
Fixes local DoS or information leak?
170/173 USB: EHCI: unlink unused QHs when the controller is stopped
Not important enough.
171/173 net: ax25: fix information leak to userland harder
Fixes local information leak.
172/173 net: Fix oops from tcp_collapse() when using splice()
Fixes local DoS.
173/173 [SCSI] mptsas: fix hangs caused by ATA pass-through
Not important enough.
Ben.
--- End Message ---
--- Begin Message ---
Closing, as no further fixes will be made to lenny.
Ben.
--
Ben Hutchings
We get into the habit of living before acquiring the habit of thinking.
- Albert Camus
--- End Message ---
Reply to: