From patchwork Thu Jan 27 22:15:32 2011
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: Dapper SRU, CVE-2010-3859
Date: Thu, 27 Jan 2011 12:15:32 -0000
From: Tim Gardner <timg@tpi.com>
X-Patchwork-Id: 80746
Message-Id: <20110127221532.0E98332E39@sepang.rtg.net>
To: kernel-team@lists.ubuntu.com

The following changes since commit 935dc7c143df82eed4efe22af6f5d54a9e63e42d:
  Dan Rosenberg (1):
        drivers/video/sis/sis_main.c: prevent reading uninitialized stack memory, CVE-2010-4078

are available in the git repository at:

  git://kernel.ubuntu.com/rtg/ubuntu-dapper.git CVE-2010-3859

David S. Miller (1):
      net: Limit socket I/O iovec total length to INT_MAX., CVE-2010-3859

Tim Gardner (1):
      net: Truncate recvfrom and sendto length to INT_MAX., CVE-2010-3859

 net/compat.c     |    4 ++++
 net/core/iovec.c |   15 +++++++--------
 net/socket.c     |    6 ++++++
 3 files changed, 17 insertions(+), 8 deletions(-)

>From 56dbc8e48a729838dc4e625bdc00f594d06690cd Mon Sep 17 00:00:00 2001
From: Tim Gardner <tim.gardner@canonical.com>
Date: Thu, 27 Jan 2011 13:57:38 -0700
Subject: [PATCH 1/2] net: Truncate recvfrom and sendto length to INT_MAX., CVE-2010-3859

BugLink: http://bugs/launchpad.net/bugs/708839

CVE-2010-3859

Backported from commit 253eacc070b114c2ec1f81b067d2fed7305467b0 upstream.
Stable backported to 2.6.32.26

Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
Acked-by: Stefan Bader <stefan.bader@canonical.com>
Acked-by: Brad Figg <brad.figg@canonical.com>

---
net/socket.c |    6 ++++++
 1 files changed, 6 insertions(+), 0 deletions(-)