[linux] 01/01: Merge tag 'debian/3.2.68-1+deb7u6' into squeeze-backports
debian-kernel at lists.debian.org
debian-kernel at lists.debian.org
Wed Nov 11 18:13:12 UTC 2015
This is an automated email from the git hooks/post-receive script.
benh pushed a commit to branch squeeze-backports
in repository linux.
commit bb99b9835c0e1a4fca392ed724442daa58ac08f8
Merge: b26d5dd 1695cc9
Author: Ben Hutchings <ben at decadent.org.uk>
Date: Wed Nov 11 18:09:33 2015 +0000
Merge tag 'debian/3.2.68-1+deb7u6' into squeeze-backports
debian/changelog | 44 +++++++++
...msg-shm-IPC-objects-before-doing-ipc_addi.patch | 110 +++++++++++++++++++++
...permit-request_key-to-construct-a-new-key.patch | 34 +++++++
...ash-when-attempt-to-garbage-collect-an-un.patch | 75 ++++++++++++++
...ce-between-key-destruction-and-finding-a-.patch | 48 +++++++++
...ache-handle-escaped-paths-in-prepend_path.patch | 69 +++++++++++++
...ully-initialize-sem_array-before-making-i.patch | 57 +++++++++++
...-when-sending-a-message-on-unbound-socket.patch | 69 +++++++++++++
...iteheat-fix-potential-null-deref-at-probe.patch | 77 +++++++++++++++
...sbvision-fix-overflow-of-interfaces-array.patch | 31 ++++++
...-that-are-unreachable-from-their-mnt_root.patch | 105 ++++++++++++++++++++
...-intercept-ac-to-avoid-guest-host-exploit.patch | 38 +++++++
...x-avoid-guest-host-dos-by-intercepting-ac.patch | 44 +++++++++
debian/patches/series | 12 +++
14 files changed, 813 insertions(+)
diff --cc debian/changelog
index 8b787fb,3d0ba10..d5f3f6d
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,18 -1,32 +1,62 @@@
++linux (3.2.68-1+deb7u6~bpo60+1) squeeze-backports; urgency=medium
++
++ * Rebuild for squeeze:
++ - Use gcc-4.4 for all architectures
++ - Disable building of udebs
++ - Change ABI number to 0.bpo.4
++ - Monkey-patch Python collections module to add OrderedDict if necessary
++ - [armel] Disable CRYPTO_FIPS, VGA_ARB, FTRACE on iop32x and ixp4xx to
++ reduce kernel size (as suggested by Arnaud Patard)
++ - Use QUILT_PATCH_OPTS instead of missing quilt patch --fuzz option
++ - Make build target depend on build-arch only, so we don't redundantly
++ build documentation on each architecture
++
++ -- Ben Hutchings <ben at decadent.org.uk> Wed, 11 Nov 2015 01:20:48 +0000
++
+ linux (3.2.68-1+deb7u6) wheezy-security; urgency=medium
+
+ [ Salvatore Bonaccorso ]
+ * KEYS: Fix race between key destruction and finding a keyring by name
+ * KEYS: Fix crash when attempt to garbage collect an uninstantiated keyring
+ (CVE-2015-7872)
+ * KEYS: Don't permit request_key() to construct a new keyring
+
+ [ Ben Hutchings ]
+ * usbvision: fix overflow of interfaces array (CVE-2015-7833)
+ * RDS: fix race condition when sending a message on unbound socket
+ (CVE-2015-7990)
+ * [x86] KVM: Intercept #AC to avoid guest->host denial-of-service
+ (CVE-2015-5307)
+
+ -- Ben Hutchings <ben at decadent.org.uk> Mon, 09 Nov 2015 12:25:06 +0000
+
+ linux (3.2.68-1+deb7u5) wheezy-security; urgency=medium
+
+ * USB: whiteheat: fix potential null-deref at probe (CVE-2015-5257)
+ * ipc/sem.c: fully initialize sem_array before making it visible
+ * ipc: Initialize msg/shm IPC objects before doing ipc_addid()
+ (CVE-2015-7613)
+ * vfs: Fix possible escape from mount namespace or chroot (CVE-2015-2925):
+ - dcache: Handle escaped paths in prepend_path
+ - vfs: Test for and handle paths that are unreachable from their mnt_root
+
+ -- Ben Hutchings <ben at decadent.org.uk> Fri, 09 Oct 2015 23:24:39 +0100
+
+linux (3.2.68-1+deb7u4~bpo60+1) squeeze-backports; urgency=medium
+
+ * Rebuild for squeeze:
+ - Use gcc-4.4 for all architectures
+ - Disable building of udebs
+ - Change ABI number to 0.bpo.4
+ - Monkey-patch Python collections module to add OrderedDict if necessary
+ - [armel] Disable CRYPTO_FIPS, VGA_ARB, FTRACE on iop32x and ixp4xx to
+ reduce kernel size (as suggested by Arnaud Patard)
+ - Use QUILT_PATCH_OPTS instead of missing quilt patch --fuzz option
+ - Make build target depend on build-arch only, so we don't redundantly
+ build documentation on each architecture
+
+ -- Ben Hutchings <ben at decadent.org.uk> Tue, 22 Sep 2015 15:58:05 +0200
+
linux (3.2.68-1+deb7u4) wheezy-security; urgency=medium
* ipv6: addrconf: validate new MTU before applying it (CVE-2015-0272)
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git
More information about the Kernel-svn-changes
mailing list