[kernel] r22110 - dists/squeeze-security/linux-2.6/debian

Ben Hutchings benh at moszumanska.debian.org
Sat Dec 6 22:19:22 UTC 2014 

Author: benh
Date: Sat Dec  6 22:19:22 2014
New Revision: 22110

Log:
Correct some errors/omissions in the stable change list

We have already applied 'cciss: fix info leak in cciss_ioctl32_passthru()'
(and did so correctly, unlike 2.6.32.y).

'net: rework recvmsg handler msg_name and msg_namelen logic' and
'MIPS: asm: thread_info: Add _TIF_SECCOMP flag' have CVE numbers.

'tg3: Fix deadlock in tg3_change_mtu()' is not applied, as we have
backported a later version of this driver and it is now excluded when
we generate stable update patches.  Anyway, it doesn't appear to be
needed in 2.6.32.

We already applied a smaller version of 'Fix a few incorrectly checked
[io_]remap_pfn_range() calls' that fixed the known security issue in
uio, but the version in 2.6.32.y also patches two other drivers, so
restore it to the change list.

Modified:
   dists/squeeze-security/linux-2.6/debian/changelog

Modified: dists/squeeze-security/linux-2.6/debian/changelog
==============================================================================
--- dists/squeeze-security/linux-2.6/debian/changelog	Sat Dec  6 05:28:40 2014	(r22109)
+++ dists/squeeze-security/linux-2.6/debian/changelog	Sat Dec  6 22:19:22 2014	(r22110)
@@ -148,7 +148,6 @@
     - ipvs: fix CHECKSUM_PARTIAL for TCP, UDP
     - staging: comedi: ni_65xx: (bug fix) confine insn_bits to one subdevice
     - kernel/kmod.c: check for NULL in call_usermodehelper_exec()
-    - cciss: fix info leak in cciss_ioctl32_passthru()
     - crypto: api - Fix race condition in larval lookup
     - ipv6: tcp: fix panic in SYN processing
     - tcp: must unclone packets before mangling them
@@ -201,6 +200,7 @@
     - isdnloop: use strlcpy() instead of strcpy()
     - ipv4: fix possible seqlock deadlock
     - net: rework recvmsg handler msg_name and msg_namelen logic
+      (CVE-2013-7266)
     - net: add BUG_ON if kernel advertises msg_namelen > sizeof(struct
       sockaddr_storage)
     - net: clamp ->msg_namelen instead of returning an error
@@ -219,7 +219,6 @@
     - net: llc: fix use after free in llc_ui_recvmsg
     - inet_diag: fix inet_diag_dump_icsk() timewait socket state logic
     - net: fix 'ip rule' iif/oif device rename
-    - tg3: Fix deadlock in tg3_change_mtu()
     - bonding: 802.3ad: make aggregator_identifier bond-private
     - net: sctp: fix sctp_connectx abi for ia32 emulation/compat mode
     - virtio-net: alloc big buffers also when guest can receive UFO
@@ -231,6 +230,7 @@
     - isdnloop: Validate NUL-terminated strings from user.
     - sctp: unbalanced rcu lock in ip_queue_xmit()
     - vm: add vm_iomap_memory() helper function
+    - Fix a few incorrectly checked [io_]remap_pfn_range() calls
     - gianfar: disable TX vlan based on kernel 2.6.x
     - powernow-k6: set transition latency value so ondemand governor can be used
     - powernow-k6: disable cache when changing frequency
@@ -249,7 +249,7 @@
     - x86_32, entry: Store badsys error code in %eax
     - x86_32, entry: Clean up sysenter_badsys declaration
     - MIPS: Cleanup flags in syscall flags handlers.
-    - MIPS: asm: thread_info: Add _TIF_SECCOMP flag
+    - MIPS: asm: thread_info: Add _TIF_SECCOMP flag (CVE-2014-4157)
     - sym53c8xx_2: Set DID_REQUEUE return code when aborting squeue
     - tcp: fix tcp_match_skb_to_sack() for unaligned SACK at end of an skb
     - igmp: fix the problem when mc leave group

More information about the Kernel-svn-changes mailing list