[kernel] r22110 - dists/squeeze-security/linux-2.6/debian
Ben Hutchings
benh at moszumanska.debian.org
Sat Dec 6 22:19:22 UTC 2014
Author: benh
Date: Sat Dec 6 22:19:22 2014
New Revision: 22110
Log:
Correct some errors/omissions in the stable change list
We have already applied 'cciss: fix info leak in cciss_ioctl32_passthru()'
(and did so correctly, unlike 2.6.32.y).
'net: rework recvmsg handler msg_name and msg_namelen logic' and
'MIPS: asm: thread_info: Add _TIF_SECCOMP flag' have CVE numbers.
'tg3: Fix deadlock in tg3_change_mtu()' is not applied, as we have
backported a later version of this driver and it is now excluded when
we generate stable update patches. Anyway, it doesn't appear to be
needed in 2.6.32.
We already applied a smaller version of 'Fix a few incorrectly checked
[io_]remap_pfn_range() calls' that fixed the known security issue in
uio, but the version in 2.6.32.y also patches two other drivers, so
restore it to the change list.
Modified:
dists/squeeze-security/linux-2.6/debian/changelog
Modified: dists/squeeze-security/linux-2.6/debian/changelog
==============================================================================
--- dists/squeeze-security/linux-2.6/debian/changelog Sat Dec 6 05:28:40 2014 (r22109)
+++ dists/squeeze-security/linux-2.6/debian/changelog Sat Dec 6 22:19:22 2014 (r22110)
@@ -148,7 +148,6 @@
- ipvs: fix CHECKSUM_PARTIAL for TCP, UDP
- staging: comedi: ni_65xx: (bug fix) confine insn_bits to one subdevice
- kernel/kmod.c: check for NULL in call_usermodehelper_exec()
- - cciss: fix info leak in cciss_ioctl32_passthru()
- crypto: api - Fix race condition in larval lookup
- ipv6: tcp: fix panic in SYN processing
- tcp: must unclone packets before mangling them
@@ -201,6 +200,7 @@
- isdnloop: use strlcpy() instead of strcpy()
- ipv4: fix possible seqlock deadlock
- net: rework recvmsg handler msg_name and msg_namelen logic
+ (CVE-2013-7266)
- net: add BUG_ON if kernel advertises msg_namelen > sizeof(struct
sockaddr_storage)
- net: clamp ->msg_namelen instead of returning an error
@@ -219,7 +219,6 @@
- net: llc: fix use after free in llc_ui_recvmsg
- inet_diag: fix inet_diag_dump_icsk() timewait socket state logic
- net: fix 'ip rule' iif/oif device rename
- - tg3: Fix deadlock in tg3_change_mtu()
- bonding: 802.3ad: make aggregator_identifier bond-private
- net: sctp: fix sctp_connectx abi for ia32 emulation/compat mode
- virtio-net: alloc big buffers also when guest can receive UFO
@@ -231,6 +230,7 @@
- isdnloop: Validate NUL-terminated strings from user.
- sctp: unbalanced rcu lock in ip_queue_xmit()
- vm: add vm_iomap_memory() helper function
+ - Fix a few incorrectly checked [io_]remap_pfn_range() calls
- gianfar: disable TX vlan based on kernel 2.6.x
- powernow-k6: set transition latency value so ondemand governor can be used
- powernow-k6: disable cache when changing frequency
@@ -249,7 +249,7 @@
- x86_32, entry: Store badsys error code in %eax
- x86_32, entry: Clean up sysenter_badsys declaration
- MIPS: Cleanup flags in syscall flags handlers.
- - MIPS: asm: thread_info: Add _TIF_SECCOMP flag
+ - MIPS: asm: thread_info: Add _TIF_SECCOMP flag (CVE-2014-4157)
- sym53c8xx_2: Set DID_REQUEUE return code when aborting squeue
- tcp: fix tcp_match_skb_to_sack() for unaligned SACK at end of an skb
- igmp: fix the problem when mc leave group
More information about the Kernel-svn-changes
mailing list