Aggiornamenti di sicurezza importanti per Ubuntu 12.10 “Quantal Quetzal”: GIMP

Sappiamo tutti quanto sia importante mantenere aggiornato il proprio sistema operativo, ma è parimenti esperienza comune che spesso siano proprio gli aggiornamenti a introdurre nuovi bug.

Ubuntu segue delle linee guida ben precise per gestire questa situazione.

La chiave di volta dell’intero discorso è che, una volta rilasciata la release, gli aggiornamenti non si fanno affatto, a meno che non riguardino vulnerabilità di sicurezza o bug particolarmente significativi.

Addirittura, nell’ottica di stabilizzare la release, già durante le ultime fasi di sviluppo l’ingresso di nuovi pacchetti dei vari software è sottoposto ad un controllo particolarmente rigido (una fase nota agli sviluppatori come “Feature Freeze”, appunto).

Gli aggiornamenti proposti a continuazione fanno parte del bollettino di sicurezza settimanale rilasciato da Canonical e riguardano in particolare aggiornamenti importanti sulla sicurezza riguardanti la neonata Ubuntu 12.10 Quantal Quetzal (in particolare i file di dati indipendenti dall'architettura da usare con GIMP e il kernel Linux).



File di dati per GIMP.

Modifiche per le versioni:
Versione installata: 2.8.2-1ubuntu1
Versione disponibile: 2.8.2-1ubuntu1.1

Versione 2.8.2-1ubuntu1.1:

  * SECURITY UPDATE: code execution via malformed xwd files
    - debian/patches/CVE-2012-5576.patch: validate sizes in
      plug-ins/common/file-xwd.c.
    - CVE-2012-5576

Linux Kernel.


Modifiche per le versioni:
Versione installata: 3.5.0.20.23
Versione disponibile: 3.5.0.21.27

Versione 3.5.0.21.27:

  [ Brad Figg ]

  * UBUNTU: So maybe it does make sense to have the virtual->generic dependency

Versione 3.5.0.21.26:

  [ Brad Figg ]

  * UBUNTU: The -hv- driver should be for -generic and not for -virtual

Versione 3.5.0.21.25:

  [ Andy Whitcroft ]

  * Add the linux-backports-modules-hv-precise-virtual for Hyper-V.
    - LP: #1089970

Versione 3.5.0.21.24:

  [ Luis Henriques ]

  * Bump ABI

This package will always depend on the latest generic kernel headers available.

This package provides kernel header files for version 3.5.0, for sites that want the latest kernel headers. Please read /usr/share/doc/linux-headers-3.5.0-21/debian.README.gz for details


Modifiche per le versioni:
Versione installata: None
Versione disponibile: 3.5.0-21.32

Versione 3.5.0-21.32:

  [ Luis Henriques ]

  * Release Tracking Bug
    - LP: #1088979
  * SAUCE: i915_hsw: move i915_hsw_enabled symbol to intel_ips
    - LP: #1087622


Versione 3.5.0-20.31:

  [Luis Henriques]

  * Release Tracking Bug
    - LP: #1086759

  [ Ben Widawsky ]

  * SAUCE: i915_hsw: Include #define I915_PARAM_HAS_WAIT_TIMEOUT
    - LP: #1085245
  * SAUCE: i915_hsw: Include #define DRM_I915_GEM_CONTEXT_[CREATE,DESTROY]
    - LP: #1085245
  * SAUCE: i915_hsw: drm/i915: add register read IOCTL
    - LP: #1085245
  * SAUCE: i915_hsw: Include #define i915_execbuffer2_[set,get]_context_id
    - LP: #1085245

  [ Chris Wilson ]

  * SAUCE: i915_hsw: Include #define I915_GEM_PARAM_HAS_SEMAPHORES
    - LP: #1085245
  * SAUCE: i915_hsw: Include #define I915_PARAM_HAS_SECURE_BATCHES
    - LP: #1085245

  [ Daniel Vetter ]

  * SAUCE: i915_hsw: drm/i915: call intel_enable_gtt
    - LP: #1085245
  * SAUCE: i915_hsw: drm: add helper to sort panels to the head of the
    connector list
    - LP: #1085245
  * SAUCE: i915_hsw: drm: extract dp link bw helpers
    - LP: #1085245
  * SAUCE: i915_hsw: drm: extract drm_dp_max_lane_count helper
    - LP: #1085245
  * SAUCE: i915_hsw: drm: dp helper: extract drm_dp_channel_eq_ok
    - LP: #1085245
  * SAUCE: i915_hsw: drm: extract helpers to compute new training values
    from sink request
    - LP: #1085245
  * SAUCE: i915_hsw: drm: dp helper: extract drm_dp_clock_recovery_ok
    - LP: #1085245

  [ Dave Airlie ]

  * SAUCE: i915_hsw: Include #define I915_PARAM_HAS_PRIME_VMAP_FLUSH
    - LP: #1085245

  [ Leann Ogasawara ]

  * SAUCE: i915_hsw: Provide an ubuntu/i915 driver for Haswell graphics
    - LP: #1085245
  * SAUCE: i915_hsw: Revert "drm: Make the .mode_fixup() operations mode
    argument a const pointer" for ubuntu/i915 driver
    - LP: #1085245
  * SAUCE: i915_hsw: Rename ubuntu/i915 driver i915_hsw
    - LP: #1085245
  * SAUCE: i915_hsw: Only support Haswell with ubuntu/i915 driver
    - LP: #1085245
  * SAUCE: i915_hsw: Include #define DRM_I915_GEM_WAIT
    - LP: #1085245
  * SAUCE: i915_hsw: drm: extract dp link train delay functions from radeon
    - LP: #1085245
  * SAUCE: i915_hsw: drm/dp: Update DPCD defines
    - LP: #1085245
  * SAUCE: i915_hsw: Update intel_ips.h file location
    - LP: #1085245
  * SAUCE: i915_hsw: Provide updated drm_mm.h and drm_mm.c for ubuntu/i915
    - LP: #1085245
  * SAUCE: i915_hsw: drm/i915: Replace the array of pages with a
    scatterlist
    - LP: #1085245
  * SAUCE: i915_hsw: drm/i915: Replace the array of pages with a
    scatterlist
    - LP: #1085245
  * SAUCE: i915_hsw: drm/i915: Stop using AGP layer for GEN6+
    - LP: #1085245
  * SAUCE: i915_hsw: Add i915_hsw_gpu_*() calls for ubuntu/i915
    - LP: #1085245
  * i915_hsw: [Config] Enable CONFIG_DRM_I915_HSW=m
    - LP: #1085245

  [ Paulo Zanoni ]

  * SAUCE: drm/i915: fix hsw_fdi_link_train "retry" code
    - LP: #1085245
  * SAUCE: drm/i915: reject modes the LPT FDI receiver can't handle
    - LP: #1085245
  * SAUCE: drm/i915: add support for mPHY destination on intel_sbi_{read,
    write}
    - LP: #1085245
  * SAUCE: drm/i915: add lpt_init_pch_refclk
    - LP: #1085245
  * SAUCE: drm/i915: set the LPT FDI RX polarity reversal bit when needed
    - LP: #1085245

  [ Tim Gardner ]

  * Revert "SAUCE: SECCOMP: audit: always report seccomp violations"
    - LP: #1079469

  [ Upstream Kernel Changes ]

  * Revert "cgroup: Drop task_lock(parent) on cgroup_fork()"
    - LP: #1084539
  * Revert "cgroup: Remove task_lock() from cgroup_post_fork()"
    - LP: #1084539
  * Revert "x86/mm: Fix the size calculation of mapping tables"
    - LP: #1084539
  * Revert "SUNRPC: Ensure we close the socket on EPIPE errors too..."
    - LP: #1084539
  * Revert "ath9k_hw: Updated AR9003 tx gain table for 5GHz"
    - LP: #1084539
  * Revert "sched: Add missing call to calc_load_exit_idle()"
    - LP: #1084539
  * net: fix secpath kmemleak
    - LP: #1065434
  * seccomp: forcing auditing of kill condition
    - LP: #1079469
  * e1000e: add device IDs for i218
    - LP: #1081796
  * bonding: Bonding driver does not consider the gso_max_size/gso_max_segs
    setting of slave devices.
    - LP: #1078184
  * mm/hotplug: correctly add new zone to all other nodes' zone lists
    - LP: #1079860
    - CVE-2012-5517
  * xen: enable platform-pci only in a Xen guest
    - LP: #1081054
  * udf: fix retun value on error path in udf_load_logicalvol
    - LP: #1084539
  * usb: gadget: at91_udc: fix dt support
    - LP: #1084539
  * netfilter: nf_nat_sip: fix incorrect handling of EBUSY for RTCP
    expectation
    - LP: #1084539
  * netfilter: nf_nat_sip: fix via header translation with multiple
    parameters
    - LP: #1084539
  * netfilter: nf_ct_expect: fix possible access to uninitialized timer
    - LP: #1084539
  * netfilter: xt_limit: have r->cost != 0 case work
    - LP: #1084539
  * netfilter: nf_conntrack: fix racy timer handling with reliable events
    - LP: #1084539
  * netfilter: nfnetlink_log: fix NLA_PUT macro removal bug
    - LP: #1084539
  * MIPS: ath79: Fix CPU/DDR frequency calculation for SRIF PLLs
    - LP: #1084539
  * jbd: Fix assertion failure in commit code due to lacking transaction
    credits
    - LP: #1084539
  * nfsd4: fix nfs4 stateid leak
    - LP: #1084539
  * NFSD: pass null terminated buf to kstrtouint()
    - LP: #1084539
  * mfd: 88pm860x: Move _IO resources out of ioport_ioresource
    - LP: #1084539
  * target: support zero allocation length in INQUIRY
    - LP: #1084539
  * target: fix truncation of mode data, support zero allocation length
    - LP: #1084539
  * target: fix return code in target_core_init_configfs error path
    - LP: #1084539
  * powerpc/eeh: Lock module while handling EEH event
    - LP: #1084539
  * SUNRPC: Ensure that the TCP socket is closed when in CLOSE_WAIT
    - LP: #1084539
  * ext4: remove erroneous ext4_superblock_csum_set() in update_backups()
    - LP: #1084539
  * block: remove the duplicated setting for congestion_threshold
    - LP: #1084539
  * block: lift the initial queue bypass mode on blk_register_queue()
    instead of blk_init_allocated_queue()
    - LP: #1084539
  * block: fix request_queue->flags initialization
    - LP: #1084539
  * viafb: don't touch clock state on OLPC XO-1.5
    - LP: #1084539
  * qla2xxx: Fix endianness of task management response code
    - LP: #1084539
  * iscsi-target: Correctly set 0xffffffff field within ISCSI_OP_REJECT PDU
    - LP: #1084539
  * drm/i915: use adjusted_mode instead of mode for checking the 6bpc force
    flag
    - LP: #1084539
  * kbuild: Do not package /boot and /lib in make tar-pkg
    - LP: #1084539
  * module: taint kernel when lve module is loaded
    - LP: #1084539
  * mtd: nand: allow NAND_NO_SUBPAGE_WRITE to be set from driver
    - LP: #1084539
  * nfsd4: don't pin clientids to pseudoflavors
    - LP: #1084539
  * lockd: use rpc client's cl_nodename for id encoding
    - LP: #1084539
  * pnfsblock: fix partial page buffer wirte
    - LP: #1084539
  * pnfsblock: fix non-aligned DIO read
    - LP: #1084539
  * pnfsblock: fix non-aligned DIO write
    - LP: #1084539
  * target/file: Re-enable optional fd_buffered_io=1 operation
    - LP: #1084539
  * iscsi-target: Add explicit set of cache_dynamic_acls=1 for TPG
    demo-mode
    - LP: #1084539
  * iscsit: remove incorrect unlock in iscsit_build_sendtargets_resp
    - LP: #1084539
  * iscsi-target: Bump defaults for nopin_timeout + nopin_response_timeout
    values

Ricerca personalizzata

Se ti è piaciuto l'articolo , iscriviti al feed cliccando sull'immagine sottostante per tenerti sempre aggiornato sui nuovi contenuti del blog: