[linux] 01/18: Note more CVEs fixed in upstream stable updates
debian-kernel at lists.debian.org
debian-kernel at lists.debian.org
Thu Dec 29 03:44:11 UTC 2016
This is an automated email from the git hooks/post-receive script.
benh pushed a commit to branch jessie
in repository linux.
commit 7a18341bd905725394939467ab997d5514d620ce
Author: Ben Hutchings <ben at decadent.org.uk>
Date: Wed Dec 28 22:28:33 2016 +0000
Note more CVEs fixed in upstream stable updates
---
debian/changelog | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index d07a83c..bb04077 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -194,7 +194,7 @@ linux (3.16.39-1) UNRELEASED; urgency=medium
- bonding: prevent out of bound accesses
- net/mlx5: Fix potential deadlock in command mode change
- net/mlx5: Add timeout handle to commands with callback
- - block: fix use-after-free in sys_ioprio_get()
+ - block: fix use-after-free in sys_ioprio_get() (CVE-2016-7911)
- ALSA: timer: Fix negative queue usage by racy accesses
- qeth: delete napi struct when removing a qeth device
- xenbus: don't bail early from xenbus_dev_request_and_reply()
@@ -204,7 +204,7 @@ linux (3.16.39-1) UNRELEASED; urgency=medium
- proc: prevent stacking filesystems on top
- [powerpc*] KVM: Book3S HV: Pull out TM state save/restore into separate
procedures
- - [powerpc*] KVM: Book3S HV: Save/restore TM state in H_CEDE
+ - [powerpc*] KVM: Book3S HV: Save/restore TM state in H_CEDE (CVE-2016-5412)
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.38
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.39
- HID: uhid: fix timeout when probe races with IO
@@ -322,7 +322,7 @@ linux (3.16.39-1) UNRELEASED; urgency=medium
- mm/hugetlb: avoid soft lockup in set_max_huge_pages()
- sysv, ipc: fix security-layer leaking
- ALSA: hda: Fix krealloc() with __GFP_ZERO usage
- - block: fix use-after-free in seq file
+ - block: fix use-after-free in seq file (CVE-2016-7910)
- mac80211: fix purging multicast PS buffer queue
- SUNRPC: allow for upcalls for same uid but different gss service
- USB: serial: fix memleak in driver-registration error path
@@ -446,6 +446,7 @@ linux (3.16.39-1) UNRELEASED; urgency=medium
- [arm64] perf: reject groups spanning multiple HW PMUs (CVE-2015-8955)
- firewire: net: guard against rx buffer overflows (CVE-2016-8633)
- brcmfmac: avoid potential stack overflow in brcmf_cfg80211_start_ap()
+ (CVE-2016-8658)
- vfio/pci: Fix integer overflows, bitmask check (CVE-2016-9083,
CVE-2016-9084)
- fs: Give dentry to inode_change_ok() instead of inode
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git
More information about the Kernel-svn-changes
mailing list