[linux] 01/01: Merge tag 'debian/3.2.68-1+deb7u6' into squeeze-backports

debian-kernel at lists.debian.org debian-kernel at lists.debian.org
Wed Nov 11 18:13:12 UTC 2015 

This is an automated email from the git hooks/post-receive script.

benh pushed a commit to branch squeeze-backports
in repository linux.

commit bb99b9835c0e1a4fca392ed724442daa58ac08f8
Merge: b26d5dd 1695cc9
Author: Ben Hutchings <ben at decadent.org.uk>
Date:   Wed Nov 11 18:09:33 2015 +0000

    Merge tag 'debian/3.2.68-1+deb7u6' into squeeze-backports

 debian/changelog                                   |  44 +++++++++
 ...msg-shm-IPC-objects-before-doing-ipc_addi.patch | 110 +++++++++++++++++++++
 ...permit-request_key-to-construct-a-new-key.patch |  34 +++++++
 ...ash-when-attempt-to-garbage-collect-an-un.patch |  75 ++++++++++++++
 ...ce-between-key-destruction-and-finding-a-.patch |  48 +++++++++
 ...ache-handle-escaped-paths-in-prepend_path.patch |  69 +++++++++++++
 ...ully-initialize-sem_array-before-making-i.patch |  57 +++++++++++
 ...-when-sending-a-message-on-unbound-socket.patch |  69 +++++++++++++
 ...iteheat-fix-potential-null-deref-at-probe.patch |  77 +++++++++++++++
 ...sbvision-fix-overflow-of-interfaces-array.patch |  31 ++++++
 ...-that-are-unreachable-from-their-mnt_root.patch | 105 ++++++++++++++++++++
 ...-intercept-ac-to-avoid-guest-host-exploit.patch |  38 +++++++
 ...x-avoid-guest-host-dos-by-intercepting-ac.patch |  44 +++++++++
 debian/patches/series                              |  12 +++
 14 files changed, 813 insertions(+)

diff --cc debian/changelog
index 8b787fb,3d0ba10..d5f3f6d
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,18 -1,32 +1,62 @@@
++linux (3.2.68-1+deb7u6~bpo60+1) squeeze-backports; urgency=medium
++
++  * Rebuild for squeeze:
++    - Use gcc-4.4 for all architectures
++    - Disable building of udebs
++    - Change ABI number to 0.bpo.4
++    - Monkey-patch Python collections module to add OrderedDict if necessary
++    - [armel] Disable CRYPTO_FIPS, VGA_ARB, FTRACE on iop32x and ixp4xx to
++      reduce kernel size (as suggested by Arnaud Patard)
++    - Use QUILT_PATCH_OPTS instead of missing quilt patch --fuzz option
++    - Make build target depend on build-arch only, so we don't redundantly
++      build documentation on each architecture
++
++ -- Ben Hutchings <ben at decadent.org.uk>  Wed, 11 Nov 2015 01:20:48 +0000
++
+ linux (3.2.68-1+deb7u6) wheezy-security; urgency=medium
+ 
+   [ Salvatore Bonaccorso ]
+   * KEYS: Fix race between key destruction and finding a keyring by name
+   * KEYS: Fix crash when attempt to garbage collect an uninstantiated keyring
+     (CVE-2015-7872)
+   * KEYS: Don't permit request_key() to construct a new keyring
+ 
+   [ Ben Hutchings ]
+   * usbvision: fix overflow of interfaces array (CVE-2015-7833)
+   * RDS: fix race condition when sending a message on unbound socket
+     (CVE-2015-7990)
+   * [x86] KVM: Intercept #AC to avoid guest->host denial-of-service
+     (CVE-2015-5307)
+ 
+  -- Ben Hutchings <ben at decadent.org.uk>  Mon, 09 Nov 2015 12:25:06 +0000
+ 
+ linux (3.2.68-1+deb7u5) wheezy-security; urgency=medium
+ 
+   * USB: whiteheat: fix potential null-deref at probe (CVE-2015-5257)
+   * ipc/sem.c: fully initialize sem_array before making it visible
+   * ipc: Initialize msg/shm IPC objects before doing ipc_addid()
+     (CVE-2015-7613)
+   * vfs: Fix possible escape from mount namespace or chroot (CVE-2015-2925):
+     - dcache: Handle escaped paths in prepend_path
+     - vfs: Test for and handle paths that are unreachable from their mnt_root
+ 
+  -- Ben Hutchings <ben at decadent.org.uk>  Fri, 09 Oct 2015 23:24:39 +0100
+ 
 +linux (3.2.68-1+deb7u4~bpo60+1) squeeze-backports; urgency=medium
 +
 +  * Rebuild for squeeze:
 +    - Use gcc-4.4 for all architectures
 +    - Disable building of udebs
 +    - Change ABI number to 0.bpo.4
 +    - Monkey-patch Python collections module to add OrderedDict if necessary
 +    - [armel] Disable CRYPTO_FIPS, VGA_ARB, FTRACE on iop32x and ixp4xx to
 +      reduce kernel size (as suggested by Arnaud Patard)
 +    - Use QUILT_PATCH_OPTS instead of missing quilt patch --fuzz option
 +    - Make build target depend on build-arch only, so we don't redundantly
 +      build documentation on each architecture
 +
 + -- Ben Hutchings <ben at decadent.org.uk>  Tue, 22 Sep 2015 15:58:05 +0200
 +
  linux (3.2.68-1+deb7u4) wheezy-security; urgency=medium
  
    * ipv6: addrconf: validate new MTU before applying it (CVE-2015-0272)

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git

More information about the Kernel-svn-changes mailing list