[linux] branch wheezy-security updated (823f777 -> ac64cdc)

debian-kernel at lists.debian.org debian-kernel at lists.debian.org
Wed Apr 26 23:24:59 UTC 2017 

This is an automated email from the git hooks/post-receive script.

benh pushed a change to branch wheezy-security
in repository linux.

      from  823f777   l2tp: fix racy SOCK_ZAPPED flag check in l2tp_ip{,6}_bind() (CVE-2016-10200)
       new  0756d74   USB: iowarrior: fix NULL-deref at probe (CVE-2016-2188)
       new  942ed95   Update to 3.2.88
       new  22b55b2   KEYS: Prevent user access to keyrings whose names start with '.'
       new  abf2886   ping: implement proper locking (CVE-2017-2671)
       new  d97bf3d   Add patches for CVE-2017-7184
       new  07d2fb9   [x86] drm/vmwgfx: NULL pointer dereference in vmw_surface_define_ioctl() (CVE-2017-7261)
       new  a87d0ab   [x86] drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl() (CVE-2017-7294)
       new  46d9a94   Add packet fixes for CVE-2017-7308 and a similar older issue
       new  e065205   KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings (CVE-2017-7472)
       new  7d433a9   mm/mempolicy.c: fix error handling in set_mempolicy and mbind (CVE-2017-7616)
       new  ac64cdc   Add fix for CVE-2017-7618 and earlier fixes to crypto/ahash.c that it depends on

The 11 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.


Summary of changes:
 debian/changelog                                   | 198 ++++++++++++-
 ...ash-fix-einprogress-notification-callback.patch | 226 +++++++++++++++
 ...h-fully-restore-ahash-request-before-comp.patch |  35 +++
 ...-Fix-the-pointer-voodoo-in-unaligned-ahas.patch | 118 ++++++++
 ...-pull-out-the-functions-to-save-restore-r.patch | 152 ++++++++++
 ...h-simplify-the-ahash_finup-implementation.patch | 115 ++++++++
 ...pc-shm-fix-shmat-mmap-nil-page-protection.patch |  58 ----
 ...fix-lockdep-annotations-in-hashbin_delete.patch |  84 ------
 ...ow-keyrings-beginning-with-.-to-be-joined.patch |  76 +++++
 ...yctl_set_reqkey_keyring-to-not-leak-threa.patch | 176 ++++++++++++
 ...ate-eperm-for-a-key-type-name-beginning-w.patch |  39 +++
 ...special-dot-prefixed-keyring-name-bug-fix.patch |  49 ++++
 ...cy-sock_zapped-flag-check-in-l2tp_ip-6-_b.patch | 137 ---------
 ...y.c-fix-error-handling-in-set_mempolicy-a.patch |  72 +++++
 .../all/net-llc-avoid-bug_on-in-skb_orphan.patch   |  53 ----
 ...-fix-overflow-in-check-for-priv-area-size.patch |  35 +++
 ...ket-fix-overflow-in-check-for-tp_frame_nr.patch |  32 +++
 ...cket-fix-overflow-in-check-for-tp_reserve.patch |  28 ++
 .../all/packet-fix-races-in-fanout_add.patch       |  72 -----
 ...cket-handle-too-big-packets-for-packet_v3.patch |  73 +++++
 .../bugfix/all/ping-implement-proper-locking.patch |  49 ++++
 .../bugfix/all/sctp-Export-sctp_do_peeloff.patch   |  14 +-
 ...sctp-avoid-bug_on-on-sctp_wait_for_sndbuf.patch |  37 ---
 ...tion-on-asocs-with-threads-sleeping-on-it.patch |  63 -----
 .../tty-n_hdlc-fix-lockdep-false-positive.patch    |  96 -------
 .../all/tty-n_hdlc-get-rid-of-racy-n_hdlc.patch    | 309 ---------------------
 .../usb-iowarrior-fix-null-deref-at-probe.patch    |  53 ++++
 ...e-xfrm_msg_newae-incoming-esn-size-harder.patch |  34 +++
 ..._newae-xfrma_replay_esn_val-replay_window.patch |  45 +++
 ...eger-overflow-in-vmw_surface_define_ioctl.patch |  36 +++
 ...r-dereference-in-vmw_surface_define_ioctl.patch |  33 +++
 .../drm/Remove-gma500-driver-from-staging.patch    |   7 +-
 .../list-introduce-list_first_entry_or_null.patch  |  35 ---
 .../features/all/net-sock-add-sock_efree.patch     |  33 ---
 ...ing-hv-move-hv_netvsc-out-of-staging-area.patch |  63 +----
 ...-hyperv-Fix-the-stop-wake-queue-mechanism.patch |  27 +-
 debian/patches/series                              |  31 ++-
 37 files changed, 1730 insertions(+), 1063 deletions(-)
 create mode 100644 debian/patches/bugfix/all/crypto-ahash-fix-einprogress-notification-callback.patch
 create mode 100644 debian/patches/bugfix/all/crypto-ahash-fully-restore-ahash-request-before-comp.patch
 create mode 100644 debian/patches/bugfix/all/crypto-hash-Fix-the-pointer-voodoo-in-unaligned-ahas.patch
 create mode 100644 debian/patches/bugfix/all/crypto-hash-pull-out-the-functions-to-save-restore-r.patch
 create mode 100644 debian/patches/bugfix/all/crypto-hash-simplify-the-ahash_finup-implementation.patch
 delete mode 100644 debian/patches/bugfix/all/ipc-shm-fix-shmat-mmap-nil-page-protection.patch
 delete mode 100644 debian/patches/bugfix/all/irda-fix-lockdep-annotations-in-hashbin_delete.patch
 create mode 100644 debian/patches/bugfix/all/keys-disallow-keyrings-beginning-with-.-to-be-joined.patch
 create mode 100644 debian/patches/bugfix/all/keys-fix-keyctl_set_reqkey_keyring-to-not-leak-threa.patch
 create mode 100644 debian/patches/bugfix/all/keys-reinstate-eperm-for-a-key-type-name-beginning-w.patch
 create mode 100644 debian/patches/bugfix/all/keys-special-dot-prefixed-keyring-name-bug-fix.patch
 delete mode 100644 debian/patches/bugfix/all/l2tp-fix-racy-sock_zapped-flag-check-in-l2tp_ip-6-_b.patch
 create mode 100644 debian/patches/bugfix/all/mm-mempolicy.c-fix-error-handling-in-set_mempolicy-a.patch
 delete mode 100644 debian/patches/bugfix/all/net-llc-avoid-bug_on-in-skb_orphan.patch
 create mode 100644 debian/patches/bugfix/all/net-packet-fix-overflow-in-check-for-priv-area-size.patch
 create mode 100644 debian/patches/bugfix/all/net-packet-fix-overflow-in-check-for-tp_frame_nr.patch
 create mode 100644 debian/patches/bugfix/all/net-packet-fix-overflow-in-check-for-tp_reserve.patch
 delete mode 100644 debian/patches/bugfix/all/packet-fix-races-in-fanout_add.patch
 create mode 100644 debian/patches/bugfix/all/packet-handle-too-big-packets-for-packet_v3.patch
 create mode 100644 debian/patches/bugfix/all/ping-implement-proper-locking.patch
 delete mode 100644 debian/patches/bugfix/all/sctp-avoid-bug_on-on-sctp_wait_for_sndbuf.patch
 delete mode 100644 debian/patches/bugfix/all/sctp-deny-peeloff-operation-on-asocs-with-threads-sleeping-on-it.patch
 delete mode 100644 debian/patches/bugfix/all/tty-n_hdlc-fix-lockdep-false-positive.patch
 delete mode 100644 debian/patches/bugfix/all/tty-n_hdlc-get-rid-of-racy-n_hdlc.patch
 create mode 100644 debian/patches/bugfix/all/usb-iowarrior-fix-null-deref-at-probe.patch
 create mode 100644 debian/patches/bugfix/all/xfrm_user-validate-xfrm_msg_newae-incoming-esn-size-harder.patch
 create mode 100644 debian/patches/bugfix/all/xfrm_user-validate-xfrm_msg_newae-xfrma_replay_esn_val-replay_window.patch
 create mode 100644 debian/patches/bugfix/x86/drm-vmwgfx-fix-integer-overflow-in-vmw_surface_define_ioctl.patch
 create mode 100644 debian/patches/bugfix/x86/vmwgfx-null-pointer-dereference-in-vmw_surface_define_ioctl.patch
 delete mode 100644 debian/patches/features/all/list-introduce-list_first_entry_or_null.patch
 delete mode 100644 debian/patches/features/all/net-sock-add-sock_efree.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git

More information about the Kernel-svn-changes mailing list