From patchwork Fri Jan 28 20:37:47 2011
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Tim Gardner <timg@tpi.com>
X-Patchwork-Id: 80891
X-Patchwork-Delegate: stefan.bader@canonical.com
Return-Path: <kernel-team-bounces@lists.ubuntu.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from chlorine.canonical.com (chlorine.canonical.com
	[91.189.94.204]) by ozlabs.org (Postfix) with ESMTP id E7B8DB710E
	for <incoming@patchwork.ozlabs.org>;
	Sat, 29 Jan 2011 07:37:57 +1100 (EST)
Received: from localhost ([127.0.0.1] helo=chlorine.canonical.com)
	by chlorine.canonical.com with esmtp (Exim 4.71)
	(envelope-from <kernel-team-bounces@lists.ubuntu.com>)
	id 1Piv4r-0007PD-2T; Fri, 28 Jan 2011 20:37:53 +0000
Received: from mail.tpi.com ([70.99.223.143])
	by chlorine.canonical.com with esmtp (Exim 4.71)
	(envelope-from <timg@tpi.com>) id 1Piv4p-0007P2-RB
	for kernel-team@lists.ubuntu.com; Fri, 28 Jan 2011 20:37:52 +0000
Received: from sepang.rtg.net (unknown [10.0.2.5])
	by mail.tpi.com (Postfix) with ESMTP id 102E32964D1
	for <kernel-team@lists.ubuntu.com>;
	Fri, 28 Jan 2011 12:37:03 -0800 (PST)
Received: by sepang.rtg.net (Postfix, from userid 1000)
	id 2A7A3F89F8; Fri, 28 Jan 2011 13:37:47 -0700 (MST)
To: kernel-team@lists.ubuntu.com
Subject: Hardy CVE-2010-3873, memory corruption in X.25 facilities parsing
Message-Id: <20110128203747.2A7A3F89F8@sepang.rtg.net>
Date: Fri, 28 Jan 2011 13:37:47 -0700 (MST)
From: timg@tpi.com (Tim Gardner)
X-BeenThere: kernel-team@lists.ubuntu.com
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: Kernel team discussions <kernel-team.lists.ubuntu.com>
List-Unsubscribe: <https://lists.ubuntu.com/mailman/options/kernel-team>,
	<mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>
List-Archive: <https://lists.ubuntu.com/archives/kernel-team>
List-Post: <mailto:kernel-team@lists.ubuntu.com>
List-Help: <mailto:kernel-team-request@lists.ubuntu.com?subject=help>
List-Subscribe: <https://lists.ubuntu.com/mailman/listinfo/kernel-team>,
	<mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>
MIME-Version: 1.0
Sender: kernel-team-bounces@lists.ubuntu.com
Errors-To: kernel-team-bounces@lists.ubuntu.com

The following changes since commit 726f4409a25c6c39b57efcb52375c9c5490c809d:
  Linus Torvalds (1):
        net: Truncate recvfrom and sendto length to INT_MAX., CVE-2010-3859

are available in the git repository at:

  git://kernel.ubuntu.com/rtg/ubuntu-hardy.git CVE-2010-3873

andrew hendry (1):
      memory corruption in X.25 facilities parsing, CVE-2010-3873

 net/x25/x25_facilities.c |    8 ++++----
 net/x25/x25_in.c         |   11 +++++++----
 2 files changed, 11 insertions(+), 8 deletions(-)

From 5f702dc29cadc092040622d1a653d74557da1834 Mon Sep 17 00:00:00 2001
From: andrew hendry <andrew.hendry@gmail.com>
Date: Wed, 3 Nov 2010 12:54:53 +0000
Subject: [PATCH] memory corruption in X.25 facilities parsing, CVE-2010-3873

BugLink: http://bugs.launchpad.net/bugs/709372

CVE-2010-3873

Backported from a6331d6f9a4298173b413cf99a40cc86a9d92c37
by Tim Gardner <tim.gardner@canonical.com>

Signed-of-by: Andrew Hendry <andrew.hendry@gmail.com>

Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
Acked-by: Stefan Bader <stefan.bader@canonical.com>
---
 net/x25/x25_facilities.c |    8 ++++----
 net/x25/x25_in.c         |   11 +++++++----
 2 files changed, 11 insertions(+), 8 deletions(-)