[linux] branch wheezy-backports updated (1e65e1c -> 7bf3249)
debian-kernel at lists.debian.org
debian-kernel at lists.debian.org
Sat Jul 9 13:58:15 UTC 2016
This is an automated email from the git hooks/post-receive script.
benh pushed a change to branch wheezy-backports
in repository linux.
from 1e65e1c Merge tag 'debian/3.16.7-ckt25-2' into wheezy-backports
adds eb8861d Add CVE reference for "AIO: properly check iovec sizes"
adds 083d0e0 CVE-2016-2847 assigned separately
adds d07964d Replace retroactive changes to CVE ID references with [bracketed notes]
adds ed9e01e Add various security fixes
adds bd951e2 Merge tag 'debian/3.16.7-ckt25-1' into jessie-security
adds d0b3ba5 Revert recent radeon revisions raising regressions
adds 111bfd0 Revert "usb: hub: do not clear BOS field during reset device" (Closes: #820176)
adds eebdeae Merge tag 'debian/3.16.7-ckt25-2' into jessie-security
adds d1dddc0 [x86] USB: usbip: fix potential out-of-bounds write (CVE-2016-3955)
adds 1164e52 netfilter: x_tables: Fix parsing of IPT_SO_SET_REPLACE blobs (CVE-2016-3134)
adds 8d4e375 ipv4: Don't do expensive useless work during inetdev destroy. (CVE-2016-3156)
adds 81968c2 Add fix for CVE-2016-3672
adds 7ce6744 usbnet: Fix possible memory corruption after probe failure (CVE-2016-3951)
adds 1159763 atl2: Disable unimplemented scatter/gather feature (CVE-2016-2117)
adds 9a5ea14 [x86] xen: suppress hugetlbfs in PV guests (CVE-2016-3961)
adds 0da28d4 get_rock_ridge_filename(): handle malformed NM entries (CVE-2016-4913)
adds 82af3cb fs/pnode.c: treat zero mnt_group_id-s as unequal
adds 499c129 propogate_mnt: Handle the first propogated copy being a slave (CVE-2016-4581)
adds 78183cf Delete dummy CVE ID from 'missing CLAC' fix
adds 9c61c1f mm: hugetlb: allow hugepages_supported to be architecture specific
adds 7d17432 USB: usbfs: fix potential infoleak in devio (CVE-2016-4482)
adds 912af45 ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS (CVE-2016-4569)
adds 17633a8 ALSA: timer: Fix leak in events via snd_timer_user_ccallback or snd_timer_user_tinterrupt (CVE-2016-4578)
adds b7a433d tipc: fix an infoleak in tipc_nl_compat_link_dump (CVE-2016-5243)
adds d46e7e5 Fix changelog entry for CVE-2016-5243
adds 0249fe0 rds: fix an infoleak in rds_inc_info_copy (CVE-2016-5244)
adds 944b91d ecryptfs: forbid opening files without mmap handler (CVE-2016-1583)
adds 22d0a6d Add USB descriptor parsing fixes
adds 7972ce8 mm: migrate dirty page without clear_page_dirty_for_io etc (CVE-2016-3070)
adds 3c3898e Add networking information leak fixes
adds 3d87ee5 IB/security: Restrict use of the write() interface (CVE-2016-4565)
adds c229ea2 ppp: take reference on channels netns (CVE-2016-4805)
adds d7574c1 KEYS: potential uninitialized variable (CVE-2016-4470)
adds 6f66940 netfilter: x_tables: Add fixes for CVE-2016-4997, CVE-2016-4998
adds 6c9fbc1 nfsd: check permissions when setting ACLs (CVE-2016-1237)
adds 69680fa Ignore ABI change in x_tables
adds 04444bb migrate: Fix ABI change
adds d82dcef Prepare to release linux (3.16.7-ckt25-2+deb8u1).
adds dca4276 Fix backport of "netfilter: x_tables: validate targets of jumps"
adds 234044f netfilter: ensure number of counters is >0 in do_replace()
adds 9d2d42e Prepare to release linux (3.16.7-ckt25-2+deb8u2).
adds 8f7b310 Revert "netfilter: ensure number of counters is >0 in do_replace()"
adds 4908413 ALSA: compress: fix an integer overflow check (CVE-2014-9904)
adds 4344acb [amd64] misc: mic: Fix for double fetch security bug in VOP driver (CVE-2016-5728)
adds 8b52763 [powerpc*] tm: Always reclaim in start_thread() for exec() class syscalls (CVE-2016-5828)
adds 8a42855 HID: hiddev: validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands (CVE-2016-5829)
adds f512e08 [s390*] sclp_ctl: fix potential information leak with /dev/sclp (CVE-2016-6130)
adds 10e2424 Prepare to release linux (3.16.7-ckt25-2+deb8u3).
new 7bf3249 Merge tag 'debian/3.16.7-ckt25-2+deb8u3' into wheezy-backports
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.
Summary of changes:
debian/changelog | 121 ++++
debian/config/defines | 1 +
...ilter-ensure-number-of-counters-is-0-in-d.patch | 53 ++
...B-usbip-fix-potential-out-of-bounds-write.patch | 46 ++
...sa-compress-fix-an-integer-overflow-check.patch | 31 +
...fix-leak-in-events-via-snd_timer_user_cca.patch | 33 +
...fix-leak-in-events-via-snd_timer_user_tin.patch | 33 +
...imer-fix-leak-in-sndrv_timer_ioctl_params.patch | 33 +
...dio-add-sanity-checks-for-endpoint-access.patch | 71 ++
...dio-fix-null-dereference-in-create_fixed_.patch | 34 +
...able-unimplemented-scatter-gather-feature.patch | 37 +
...not-call-usbnet_link_change-from-cdc_ncm_.patch | 81 +++
...cryptfs-fix-handling-of-directory-opening.patch | 139 ++++
...forbid-opening-files-without-mmap-handler.patch | 54 ++
...de.c-treat-zero-mnt_group_id-s-as-unequal.patch | 78 ++
...idge_filename-handle-malformed-NM-entries.patch | 63 ++
...validate-num_values-for-hidiocgusages-hid.patch | 41 ++
...urity-restrict-use-of-the-write-interface.patch | 156 ++++
...linux-poison.h-fix-list_poison-1-2-offset.patch | 44 ++
...k-fix-crash-on-detecting-device-without-e.patch | 44 ++
...emote2-fix-crashes-on-detecting-device-wi.patch | 106 +++
...fix-crash-on-detecting-device-without-end.patch | 51 ++
...mate-fix-oops-with-malicious-usb-descript.patch | 35 +
...do-expensive-useless-work-during-inetdev-.patch | 98 +++
.../keys-potential-uninitialized-variable.patch | 86 +++
...allow-hugepages_supported-to-be-architect.patch | 50 ++
...-page-without-clear_page_dirty_for_io-etc.patch | 154 ++++
.../net-fix-a-kernel-infoleak-in-x25-module.patch | 29 +
.../bugfix/all/net-fix-infoleak-in-llc.patch | 29 +
.../bugfix/all/net-fix-infoleak-in-rtnetlink.patch | 46 ++
...rp_tables-simplify-translate_compat_table.patch | 208 ++++++
...nsure-number-of-counters-is-0-in-do_repla.patch | 120 ++++
...p6_tables-simplify-translate_compat_table.patch | 185 +++++
...p_tables-simplify-translate_compat_table-.patch | 184 +++++
..._tables-add-and-use-xt_check_entry_offset.patch | 151 ++++
..._tables-add-compat-version-of-xt_check_en.patch | 105 +++
...ilter-x_tables-assert-minimum-target-size.patch | 25 +
...er-x_tables-check-for-bogus-target-offset.patch | 164 +++++
...r-x_tables-check-standard-target-size-too.patch | 60 ++
..._tables-do-compat-validation-via-translat.patch | 781 +++++++++++++++++++++
..._tables-don-t-move-to-non-existent-next-r.patch | 100 +++
..._tables-don-t-reject-valid-target-size-on.patch | 54 ++
...tfilter-x_tables-fix-unconditional-helper.patch | 226 ++++++
..._tables-introduce-and-use-xt_copy_counter.patch | 331 +++++++++
...etfilter-x_tables-kill-check_entry-helper.patch | 149 ++++
...-sure-e-next_offset-covers-remaining-blob.patch | 83 +++
..._tables-validate-all-offsets-and-sizes-in.patch | 137 ++++
...r-x_tables-validate-e-target_offset-early.patch | 193 +++++
...filter-x_tables-validate-targets-of-jumps.patch | 131 ++++
..._tables-xt_compat_match_from_user-doesn-t.patch | 234 ++++++
.../nfsd-check-permissions-when-setting-ACLs.patch | 146 ++++
.../bugfix/all/posix_acl-Add-set_posix_acl.patch | 82 +++
.../all/ppp-take-reference-on-channels-netns.patch | 144 ++++
...nt-Handle-the-first-propogated-copy-being.patch | 131 ++++
.../rds-fix-an-infoleak-in-rds_inc_info_copy.patch | 31 +
...x-an-infoleak-in-tipc_nl_compat_link_dump.patch | 26 +
.../all/usb-cdc-acm-more-sanity-checking.patch | 29 +
.../usb-cypress_m8-add-endpoint-sanity-check.patch | 46 ++
...celeport-do-sanity-checking-for-the-numbe.patch | 49 ++
...usb-mct_u232-add-sanity-checking-in-probe.patch | 46 ++
...usb-usbfs-fix-potential-infoleak-in-devio.patch | 41 ++
.../all/usbnet-cleanup-after-bind-in-probe.patch | 36 +
...always-reclaim-in-start_thread-for-exec-c.patch | 106 +++
.../s390-mm-four-page-table-levels-vs.-fork.patch | 114 +++
...tl-fix-potential-information-leak-with-de.patch | 52 ++
...x-for-double-fetch-security-bug-in-vop-dr.patch | 37 +
...compat-add-missing-clac-to-entry_int80_32.patch | 45 ++
...64-properly-context-switch-iopl-on-xen-pv.patch | 97 +++
...ble-full-randomization-on-i386-and-x86_32.patch | 79 +++
...86-mm-xen-Suppress-hugetlbfs-in-PV-guests.patch | 72 ++
.../x86/x86-standardize-mmap_rnd-usage.patch | 99 +++
.../debian/migrate-fix-abi-change-in-3.16.36.patch | 20 +
debian/patches/series | 70 ++
73 files changed, 7096 insertions(+)
create mode 100644 debian/patches/bugfix/all/Revert-netfilter-ensure-number-of-counters-is-0-in-d.patch
create mode 100644 debian/patches/bugfix/all/USB-usbip-fix-potential-out-of-bounds-write.patch
create mode 100644 debian/patches/bugfix/all/alsa-compress-fix-an-integer-overflow-check.patch
create mode 100644 debian/patches/bugfix/all/alsa-timer-fix-leak-in-events-via-snd_timer_user_cca.patch
create mode 100644 debian/patches/bugfix/all/alsa-timer-fix-leak-in-events-via-snd_timer_user_tin.patch
create mode 100644 debian/patches/bugfix/all/alsa-timer-fix-leak-in-sndrv_timer_ioctl_params.patch
create mode 100644 debian/patches/bugfix/all/alsa-usb-audio-add-sanity-checks-for-endpoint-access.patch
create mode 100644 debian/patches/bugfix/all/alsa-usb-audio-fix-null-dereference-in-create_fixed_.patch
create mode 100644 debian/patches/bugfix/all/atl2-disable-unimplemented-scatter-gather-feature.patch
create mode 100644 debian/patches/bugfix/all/cdc_ncm-do-not-call-usbnet_link_change-from-cdc_ncm_.patch
create mode 100644 debian/patches/bugfix/all/ecryptfs-fix-handling-of-directory-opening.patch
create mode 100644 debian/patches/bugfix/all/ecryptfs-forbid-opening-files-without-mmap-handler.patch
create mode 100644 debian/patches/bugfix/all/fs-pnode.c-treat-zero-mnt_group_id-s-as-unequal.patch
create mode 100644 debian/patches/bugfix/all/get_rock_ridge_filename-handle-malformed-NM-entries.patch
create mode 100644 debian/patches/bugfix/all/hid-hiddev-validate-num_values-for-hidiocgusages-hid.patch
create mode 100644 debian/patches/bugfix/all/ib-security-restrict-use-of-the-write-interface.patch
create mode 100644 debian/patches/bugfix/all/include-linux-poison.h-fix-list_poison-1-2-offset.patch
create mode 100644 debian/patches/bugfix/all/input-aiptek-fix-crash-on-detecting-device-without-e.patch
create mode 100644 debian/patches/bugfix/all/input-ati_remote2-fix-crashes-on-detecting-device-wi.patch
create mode 100644 debian/patches/bugfix/all/input-gtco-fix-crash-on-detecting-device-without-end.patch
create mode 100644 debian/patches/bugfix/all/input-powermate-fix-oops-with-malicious-usb-descript.patch
create mode 100644 debian/patches/bugfix/all/ipv4-don-t-do-expensive-useless-work-during-inetdev-.patch
create mode 100644 debian/patches/bugfix/all/keys-potential-uninitialized-variable.patch
create mode 100644 debian/patches/bugfix/all/mm-hugetlb-allow-hugepages_supported-to-be-architect.patch
create mode 100644 debian/patches/bugfix/all/mm-migrate-dirty-page-without-clear_page_dirty_for_io-etc.patch
create mode 100644 debian/patches/bugfix/all/net-fix-a-kernel-infoleak-in-x25-module.patch
create mode 100644 debian/patches/bugfix/all/net-fix-infoleak-in-llc.patch
create mode 100644 debian/patches/bugfix/all/net-fix-infoleak-in-rtnetlink.patch
create mode 100644 debian/patches/bugfix/all/netfilter-arp_tables-simplify-translate_compat_table.patch
create mode 100644 debian/patches/bugfix/all/netfilter-ensure-number-of-counters-is-0-in-do_repla.patch
create mode 100644 debian/patches/bugfix/all/netfilter-ip6_tables-simplify-translate_compat_table.patch
create mode 100644 debian/patches/bugfix/all/netfilter-ip_tables-simplify-translate_compat_table-.patch
create mode 100644 debian/patches/bugfix/all/netfilter-x_tables-add-and-use-xt_check_entry_offset.patch
create mode 100644 debian/patches/bugfix/all/netfilter-x_tables-add-compat-version-of-xt_check_en.patch
create mode 100644 debian/patches/bugfix/all/netfilter-x_tables-assert-minimum-target-size.patch
create mode 100644 debian/patches/bugfix/all/netfilter-x_tables-check-for-bogus-target-offset.patch
create mode 100644 debian/patches/bugfix/all/netfilter-x_tables-check-standard-target-size-too.patch
create mode 100644 debian/patches/bugfix/all/netfilter-x_tables-do-compat-validation-via-translat.patch
create mode 100644 debian/patches/bugfix/all/netfilter-x_tables-don-t-move-to-non-existent-next-r.patch
create mode 100644 debian/patches/bugfix/all/netfilter-x_tables-don-t-reject-valid-target-size-on.patch
create mode 100644 debian/patches/bugfix/all/netfilter-x_tables-fix-unconditional-helper.patch
create mode 100644 debian/patches/bugfix/all/netfilter-x_tables-introduce-and-use-xt_copy_counter.patch
create mode 100644 debian/patches/bugfix/all/netfilter-x_tables-kill-check_entry-helper.patch
create mode 100644 debian/patches/bugfix/all/netfilter-x_tables-make-sure-e-next_offset-covers-remaining-blob.patch
create mode 100644 debian/patches/bugfix/all/netfilter-x_tables-validate-all-offsets-and-sizes-in.patch
create mode 100644 debian/patches/bugfix/all/netfilter-x_tables-validate-e-target_offset-early.patch
create mode 100644 debian/patches/bugfix/all/netfilter-x_tables-validate-targets-of-jumps.patch
create mode 100644 debian/patches/bugfix/all/netfilter-x_tables-xt_compat_match_from_user-doesn-t.patch
create mode 100644 debian/patches/bugfix/all/nfsd-check-permissions-when-setting-ACLs.patch
create mode 100644 debian/patches/bugfix/all/posix_acl-Add-set_posix_acl.patch
create mode 100644 debian/patches/bugfix/all/ppp-take-reference-on-channels-netns.patch
create mode 100644 debian/patches/bugfix/all/propogate_mnt-Handle-the-first-propogated-copy-being.patch
create mode 100644 debian/patches/bugfix/all/rds-fix-an-infoleak-in-rds_inc_info_copy.patch
create mode 100644 debian/patches/bugfix/all/tipc-fix-an-infoleak-in-tipc_nl_compat_link_dump.patch
create mode 100644 debian/patches/bugfix/all/usb-cdc-acm-more-sanity-checking.patch
create mode 100644 debian/patches/bugfix/all/usb-cypress_m8-add-endpoint-sanity-check.patch
create mode 100644 debian/patches/bugfix/all/usb-digi_acceleport-do-sanity-checking-for-the-numbe.patch
create mode 100644 debian/patches/bugfix/all/usb-mct_u232-add-sanity-checking-in-probe.patch
create mode 100644 debian/patches/bugfix/all/usb-usbfs-fix-potential-infoleak-in-devio.patch
create mode 100644 debian/patches/bugfix/all/usbnet-cleanup-after-bind-in-probe.patch
create mode 100644 debian/patches/bugfix/powerpc/powerpc-tm-always-reclaim-in-start_thread-for-exec-c.patch
create mode 100644 debian/patches/bugfix/s390/s390-mm-four-page-table-levels-vs.-fork.patch
create mode 100644 debian/patches/bugfix/s390/s390-sclp_ctl-fix-potential-information-leak-with-de.patch
create mode 100644 debian/patches/bugfix/x86/misc-mic-fix-for-double-fetch-security-bug-in-vop-dr.patch
create mode 100644 debian/patches/bugfix/x86/x86-entry-compat-add-missing-clac-to-entry_int80_32.patch
create mode 100644 debian/patches/bugfix/x86/x86-iopl-64-properly-context-switch-iopl-on-xen-pv.patch
create mode 100644 debian/patches/bugfix/x86/x86-mm-32-enable-full-randomization-on-i386-and-x86_32.patch
create mode 100644 debian/patches/bugfix/x86/x86-mm-xen-Suppress-hugetlbfs-in-PV-guests.patch
create mode 100644 debian/patches/bugfix/x86/x86-standardize-mmap_rnd-usage.patch
create mode 100644 debian/patches/debian/migrate-fix-abi-change-in-3.16.36.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git
More information about the Kernel-svn-changes
mailing list