[linux] 01/01: Merge tag 'debian/3.16.7-ckt20-1+deb8u4' into wheezy-backports

debian-kernel at lists.debian.org debian-kernel at lists.debian.org
Mon Mar 7 14:04:40 UTC 2016 

This is an automated email from the git hooks/post-receive script.

benh pushed a commit to branch wheezy-backports
in repository linux.

commit 33c903e454021a76931ab1e8e50cefc0c71cd71e
Merge: 92064ee e311865
Author: Ben Hutchings <ben at decadent.org.uk>
Date:   Mon Mar 7 12:32:37 2016 +0000

    Merge tag 'debian/3.16.7-ckt20-1+deb8u4' into wheezy-backports

 debian/changelog                                   |  42 ++++
 debian/config/defines                              |   5 +
 ...rd-against-other-sk-in-unix_dgram_sendmsg.patch |  40 ++++
 .../all/aio-properly-check-iovec-sizes.patch       |  41 ++++
 .../alsa-hrtimer-fix-stall-by-hrtimer_cancel.patch |  51 +++++
 ...missing-null-check-at-remove_events-ioctl.patch |  31 +++
 ...lsa-seq-fix-race-at-timer-setup-and-close.patch |  35 +++
 ...sa-timer-fix-double-unlink-of-active_list.patch |  34 +++
 .../alsa-timer-fix-race-among-timer-ioctls.patch   | 119 +++++++++++
 ...sa-timer-harden-slave-timer-list-handling.patch |  98 +++++++++
 ...sb-audio-avoid-freeing-umidi-object-twice.patch |  29 +++
 ...3-xino-handles-eintr-from-the-dying-proce.patch |  66 ++++++
 ...s-tiny-extract-a-new-func-xino_fwrite_wkq.patch |  81 +++++++
 ...ak-infinite-loop-in-fuse_fill_write_pages.patch |  56 +++++
 ...ix-incorrectly-returning-error-on-success.patch |  38 ++++
 ...the-per-user-amount-of-pages-allocated-in.patch | 237 +++++++++++++++++++++
 ...e-make-sure-delayed-work-run-in-local-cpu.patch |  70 ++++++
 ...flight-fds-in-sending-process-user_struct.patch | 145 +++++++++++++
 ...fix-invalid-memory-access-in-hub_activate.patch |  88 ++++++++
 ...barriers-and-document-switch_mm-vs-flush-.patch | 157 ++++++++++++++
 ...x86-mm-Improve-switch_mm-barrier-comments.patch |  62 ++++++
 ...=> fix-abi-changes-for-cve-2013-4312-fix.patch} |  26 ++-
 debian/patches/series                              |  21 +-
 23 files changed, 1566 insertions(+), 6 deletions(-)

diff --cc debian/changelog
index 7c49351,b1396c7..7c24e50
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,15 -1,33 +1,57 @@@
++linux (3.16.7-ckt20-1+deb8u4~bpo70+1) wheezy-backports; urgency=medium
++
++  * Rebuild for wheezy:
++    - Disable architectures that weren't part of wheezy
++    - Use gcc-4.6 for all architectures
++    - Change ABI number to 0.bpo.4
++    - [arm] btrfs: Work around bug in gcc-4.6 (fixes FTBFS)
++    - linux-image: Depend on initramfs-tools without any alternatives, so
++      that neither apt nor aptitude will automatically switch to dracut
++
++ -- Ben Hutchings <ben at decadent.org.uk>  Mon, 07 Mar 2016 12:32:26 +0000
++
+ linux (3.16.7-ckt20-1+deb8u4) jessie-security; urgency=high
+ 
+   * fuse: break infinite loop in fuse_fill_write_pages() (CVE-2015-8785)
+   * aufs: Fix regression due to "mm: make sendfile(2) killable"
+     (Closes: #812207)
+     - tiny, extract a new func xino_fwrite_wkq()
+     - XINO handles EINTR from the dying process
+   * [x86] mm: Add barriers and document switch_mm()-vs-flush synchronization
+     (CVE-2016-2069)
+   * [x86] mm: Improve switch_mm() barrier comments
+   * pipe: limit the per-user amount of pages allocated in pipes (CVE-2013-4312)
+   * iw_cxgb3: Fix incorrectly returning error on success (CVE-2015-8812)
+   * af_unix: Guard against other == sk in unix_dgram_sendmsg
+     (regression in 3.16.7-ckt20-1+deb8u1)
+   * Revert "workqueue: make sure delayed work run in local cpu"
+     (regression in 3.16.7-ckt20)
+   * ALSA: usb-audio: avoid freeing umidi object twice (CVE-2016-2384)
+   * unix: correctly track in-flight fds in sending process user_struct
+     (regression in 3.16.7-ckt20-1+deb8u3) (CVE-2016-2550)
+   * USB: fix invalid memory access in hub_activate() (CVE-2015-8816)
+   * ALSA: seq: Fix missing NULL check at remove_events ioctl (CVE-2016-2543)
+   * ALSA: seq: Fix race at timer setup and close (CVE-2016-2544)
+   * ALSA: timer: Fix double unlink of active_list (CVE-2016-2545)
+   * ALSA: timer: Fix race among timer ioctls (CVE-2016-2546)
+   * ALSA: timer: Harden slave timer list handling (CVE-2016-2547, CVE-2016-2548)
+   * ALSA: hrtimer: Fix stall by hrtimer_cancel() (CVE-2016-2549)
+   * AIO: properly check iovec sizes
+ 
+  -- Ben Hutchings <ben at decadent.org.uk>  Mon, 29 Feb 2016 00:45:11 +0000
+ 
 +linux (3.16.7-ckt20-1+deb8u3~bpo70+1) wheezy-backports; urgency=medium
 +
 +  * Rebuild for wheezy:
 +    - Disable architectures that weren't part of wheezy
 +    - Use gcc-4.6 for all architectures
 +    - Change ABI number to 0.bpo.4
 +    - [arm] btrfs: Work around bug in gcc-4.6 (fixes FTBFS)
 +    - linux-image: Depend on initramfs-tools without any alternatives, so
 +      that neither apt nor aptitude will automatically switch to dracut
 +
 + -- Ben Hutchings <ben at decadent.org.uk>  Tue, 19 Jan 2016 23:33:46 +0000
 +
  linux (3.16.7-ckt20-1+deb8u3) jessie-security; urgency=high
  
    [ Ben Hutchings ]

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git

More information about the Kernel-svn-changes mailing list