[linux] 01/18: Note more CVEs fixed in upstream stable updates

debian-kernel at lists.debian.org debian-kernel at lists.debian.org
Thu Dec 29 03:44:11 UTC 2016 

This is an automated email from the git hooks/post-receive script.

benh pushed a commit to branch jessie
in repository linux.

commit 7a18341bd905725394939467ab997d5514d620ce
Author: Ben Hutchings <ben at decadent.org.uk>
Date:   Wed Dec 28 22:28:33 2016 +0000

    Note more CVEs fixed in upstream stable updates
---
 debian/changelog | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index d07a83c..bb04077 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -194,7 +194,7 @@ linux (3.16.39-1) UNRELEASED; urgency=medium
     - bonding: prevent out of bound accesses
     - net/mlx5: Fix potential deadlock in command mode change
     - net/mlx5: Add timeout handle to commands with callback
-    - block: fix use-after-free in sys_ioprio_get()
+    - block: fix use-after-free in sys_ioprio_get() (CVE-2016-7911)
     - ALSA: timer: Fix negative queue usage by racy accesses
     - qeth: delete napi struct when removing a qeth device
     - xenbus: don't bail early from xenbus_dev_request_and_reply()
@@ -204,7 +204,7 @@ linux (3.16.39-1) UNRELEASED; urgency=medium
     - proc: prevent stacking filesystems on top
     - [powerpc*] KVM: Book3S HV: Pull out TM state save/restore into separate
       procedures
-    - [powerpc*] KVM: Book3S HV: Save/restore TM state in H_CEDE
+    - [powerpc*] KVM: Book3S HV: Save/restore TM state in H_CEDE (CVE-2016-5412)
     https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.38
     https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.39
     - HID: uhid: fix timeout when probe races with IO
@@ -322,7 +322,7 @@ linux (3.16.39-1) UNRELEASED; urgency=medium
     - mm/hugetlb: avoid soft lockup in set_max_huge_pages()
     - sysv, ipc: fix security-layer leaking
     - ALSA: hda: Fix krealloc() with __GFP_ZERO usage
-    - block: fix use-after-free in seq file
+    - block: fix use-after-free in seq file (CVE-2016-7910)
     - mac80211: fix purging multicast PS buffer queue
     - SUNRPC: allow for upcalls for same uid but different gss service
     - USB: serial: fix memleak in driver-registration error path
@@ -446,6 +446,7 @@ linux (3.16.39-1) UNRELEASED; urgency=medium
     - [arm64] perf: reject groups spanning multiple HW PMUs (CVE-2015-8955)
     - firewire: net: guard against rx buffer overflows (CVE-2016-8633)
     - brcmfmac: avoid potential stack overflow in brcmf_cfg80211_start_ap()
+      (CVE-2016-8658)
     - vfio/pci: Fix integer overflows, bitmask check (CVE-2016-9083,
       CVE-2016-9084)
     - fs: Give dentry to inode_change_ok() instead of inode

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git

More information about the Kernel-svn-changes mailing list