[linux] branch wheezy-security updated (823f777 -> ac64cdc)
debian-kernel at lists.debian.org
debian-kernel at lists.debian.org
Wed Apr 26 23:24:59 UTC 2017
This is an automated email from the git hooks/post-receive script.
benh pushed a change to branch wheezy-security
in repository linux.
from 823f777 l2tp: fix racy SOCK_ZAPPED flag check in l2tp_ip{,6}_bind() (CVE-2016-10200)
new 0756d74 USB: iowarrior: fix NULL-deref at probe (CVE-2016-2188)
new 942ed95 Update to 3.2.88
new 22b55b2 KEYS: Prevent user access to keyrings whose names start with '.'
new abf2886 ping: implement proper locking (CVE-2017-2671)
new d97bf3d Add patches for CVE-2017-7184
new 07d2fb9 [x86] drm/vmwgfx: NULL pointer dereference in vmw_surface_define_ioctl() (CVE-2017-7261)
new a87d0ab [x86] drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl() (CVE-2017-7294)
new 46d9a94 Add packet fixes for CVE-2017-7308 and a similar older issue
new e065205 KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings (CVE-2017-7472)
new 7d433a9 mm/mempolicy.c: fix error handling in set_mempolicy and mbind (CVE-2017-7616)
new ac64cdc Add fix for CVE-2017-7618 and earlier fixes to crypto/ahash.c that it depends on
The 11 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.
Summary of changes:
debian/changelog | 198 ++++++++++++-
...ash-fix-einprogress-notification-callback.patch | 226 +++++++++++++++
...h-fully-restore-ahash-request-before-comp.patch | 35 +++
...-Fix-the-pointer-voodoo-in-unaligned-ahas.patch | 118 ++++++++
...-pull-out-the-functions-to-save-restore-r.patch | 152 ++++++++++
...h-simplify-the-ahash_finup-implementation.patch | 115 ++++++++
...pc-shm-fix-shmat-mmap-nil-page-protection.patch | 58 ----
...fix-lockdep-annotations-in-hashbin_delete.patch | 84 ------
...ow-keyrings-beginning-with-.-to-be-joined.patch | 76 +++++
...yctl_set_reqkey_keyring-to-not-leak-threa.patch | 176 ++++++++++++
...ate-eperm-for-a-key-type-name-beginning-w.patch | 39 +++
...special-dot-prefixed-keyring-name-bug-fix.patch | 49 ++++
...cy-sock_zapped-flag-check-in-l2tp_ip-6-_b.patch | 137 ---------
...y.c-fix-error-handling-in-set_mempolicy-a.patch | 72 +++++
.../all/net-llc-avoid-bug_on-in-skb_orphan.patch | 53 ----
...-fix-overflow-in-check-for-priv-area-size.patch | 35 +++
...ket-fix-overflow-in-check-for-tp_frame_nr.patch | 32 +++
...cket-fix-overflow-in-check-for-tp_reserve.patch | 28 ++
.../all/packet-fix-races-in-fanout_add.patch | 72 -----
...cket-handle-too-big-packets-for-packet_v3.patch | 73 +++++
.../bugfix/all/ping-implement-proper-locking.patch | 49 ++++
.../bugfix/all/sctp-Export-sctp_do_peeloff.patch | 14 +-
...sctp-avoid-bug_on-on-sctp_wait_for_sndbuf.patch | 37 ---
...tion-on-asocs-with-threads-sleeping-on-it.patch | 63 -----
.../tty-n_hdlc-fix-lockdep-false-positive.patch | 96 -------
.../all/tty-n_hdlc-get-rid-of-racy-n_hdlc.patch | 309 ---------------------
.../usb-iowarrior-fix-null-deref-at-probe.patch | 53 ++++
...e-xfrm_msg_newae-incoming-esn-size-harder.patch | 34 +++
..._newae-xfrma_replay_esn_val-replay_window.patch | 45 +++
...eger-overflow-in-vmw_surface_define_ioctl.patch | 36 +++
...r-dereference-in-vmw_surface_define_ioctl.patch | 33 +++
.../drm/Remove-gma500-driver-from-staging.patch | 7 +-
.../list-introduce-list_first_entry_or_null.patch | 35 ---
.../features/all/net-sock-add-sock_efree.patch | 33 ---
...ing-hv-move-hv_netvsc-out-of-staging-area.patch | 63 +----
...-hyperv-Fix-the-stop-wake-queue-mechanism.patch | 27 +-
debian/patches/series | 31 ++-
37 files changed, 1730 insertions(+), 1063 deletions(-)
create mode 100644 debian/patches/bugfix/all/crypto-ahash-fix-einprogress-notification-callback.patch
create mode 100644 debian/patches/bugfix/all/crypto-ahash-fully-restore-ahash-request-before-comp.patch
create mode 100644 debian/patches/bugfix/all/crypto-hash-Fix-the-pointer-voodoo-in-unaligned-ahas.patch
create mode 100644 debian/patches/bugfix/all/crypto-hash-pull-out-the-functions-to-save-restore-r.patch
create mode 100644 debian/patches/bugfix/all/crypto-hash-simplify-the-ahash_finup-implementation.patch
delete mode 100644 debian/patches/bugfix/all/ipc-shm-fix-shmat-mmap-nil-page-protection.patch
delete mode 100644 debian/patches/bugfix/all/irda-fix-lockdep-annotations-in-hashbin_delete.patch
create mode 100644 debian/patches/bugfix/all/keys-disallow-keyrings-beginning-with-.-to-be-joined.patch
create mode 100644 debian/patches/bugfix/all/keys-fix-keyctl_set_reqkey_keyring-to-not-leak-threa.patch
create mode 100644 debian/patches/bugfix/all/keys-reinstate-eperm-for-a-key-type-name-beginning-w.patch
create mode 100644 debian/patches/bugfix/all/keys-special-dot-prefixed-keyring-name-bug-fix.patch
delete mode 100644 debian/patches/bugfix/all/l2tp-fix-racy-sock_zapped-flag-check-in-l2tp_ip-6-_b.patch
create mode 100644 debian/patches/bugfix/all/mm-mempolicy.c-fix-error-handling-in-set_mempolicy-a.patch
delete mode 100644 debian/patches/bugfix/all/net-llc-avoid-bug_on-in-skb_orphan.patch
create mode 100644 debian/patches/bugfix/all/net-packet-fix-overflow-in-check-for-priv-area-size.patch
create mode 100644 debian/patches/bugfix/all/net-packet-fix-overflow-in-check-for-tp_frame_nr.patch
create mode 100644 debian/patches/bugfix/all/net-packet-fix-overflow-in-check-for-tp_reserve.patch
delete mode 100644 debian/patches/bugfix/all/packet-fix-races-in-fanout_add.patch
create mode 100644 debian/patches/bugfix/all/packet-handle-too-big-packets-for-packet_v3.patch
create mode 100644 debian/patches/bugfix/all/ping-implement-proper-locking.patch
delete mode 100644 debian/patches/bugfix/all/sctp-avoid-bug_on-on-sctp_wait_for_sndbuf.patch
delete mode 100644 debian/patches/bugfix/all/sctp-deny-peeloff-operation-on-asocs-with-threads-sleeping-on-it.patch
delete mode 100644 debian/patches/bugfix/all/tty-n_hdlc-fix-lockdep-false-positive.patch
delete mode 100644 debian/patches/bugfix/all/tty-n_hdlc-get-rid-of-racy-n_hdlc.patch
create mode 100644 debian/patches/bugfix/all/usb-iowarrior-fix-null-deref-at-probe.patch
create mode 100644 debian/patches/bugfix/all/xfrm_user-validate-xfrm_msg_newae-incoming-esn-size-harder.patch
create mode 100644 debian/patches/bugfix/all/xfrm_user-validate-xfrm_msg_newae-xfrma_replay_esn_val-replay_window.patch
create mode 100644 debian/patches/bugfix/x86/drm-vmwgfx-fix-integer-overflow-in-vmw_surface_define_ioctl.patch
create mode 100644 debian/patches/bugfix/x86/vmwgfx-null-pointer-dereference-in-vmw_surface_define_ioctl.patch
delete mode 100644 debian/patches/features/all/list-introduce-list_first_entry_or_null.patch
delete mode 100644 debian/patches/features/all/net-sock-add-sock_efree.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git
More information about the Kernel-svn-changes
mailing list