[linux] 01/01: Merge tag 'debian/4.9.65-3+deb9u1' into jessie-backports
debian-kernel at lists.debian.org
debian-kernel at lists.debian.org
Sat Dec 23 21:25:46 UTC 2017
This is an automated email from the git hooks/post-receive script.
benh pushed a commit to branch jessie-backports
in repository linux.
commit da84bdb0c9ac5cf2be7fc180dc0853bf9abd3c51
Merge: a700b41 e7f8080
Author: Ben Hutchings <ben at decadent.org.uk>
Date: Sat Dec 23 04:46:50 2017 +0000
Merge tag 'debian/4.9.65-3+deb9u1' into jessie-backports
Release linux (4.9.65-3+deb9u1).
debian/changelog | 48 +++++++
...vent-stack-info-leak-from-the-efs-element.patch | 48 +++++++
...-adjust-insn_aux_data-when-patching-insns.patch | 93 ++++++++++++
.../bugfix/all/bpf-fix-branch-pruning-logic.patch | 111 +++++++++++++++
...-incorrect-sign-extension-in-check_alu_op.patch | 50 +++++++
...t-out-of-bounds-stack-pointer-calculation.patch | 53 +++++++
...s_equal-comparison-of-pointer-and-unknown.patch | 36 +++++
...-require-that-the-underlying-hash-algorit.patch | 142 +++++++++++++++++++
...ypto-salsa20-fix-blkcipher_walk-API-usage.patch | 84 +++++++++++
...cve-2017-8824-use-after-free-in-dccp-code.patch | 38 +++++
...ssing-permission-check-for-request_key-de.patch | 157 +++++++++++++++++++++
...ix-stack-out-of-bounds-read-in-write_mmio.patch | 154 ++++++++++++++++++++
...sb-v2-lmedm04-Improve-logic-checking-of-w.patch | 83 +++++++++++
...sb-v2-lmedm04-move-ts2020-attach-to-dm04_.patch | 67 +++++++++
...-fix-an-error-handling-path-in-hdpvr_prob.patch | 98 +++++++++++++
...4-fix-for-a-race-condition-in-raw_sendmsg.patch | 71 ++++++++++
...fnetlink_cthelper-add-missing-permission-.patch | 74 ++++++++++
...lter-xt_osf-add-missing-permission-checks.patch | 56 ++++++++
.../all/netlink-add-netns-check-on-taps.patch | 39 +++++
...prevent-malicious-bnuminterfaces-overflow.patch | 44 ++++++
...emove-i-o-port-0x80-bypass-on-intel-hosts.patch | 47 ++++++
debian/patches/series | 20 +++
22 files changed, 1613 insertions(+)
diff --cc debian/changelog
index ee24c97,7b3f009..ace98b8
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,17 -1,37 +1,65 @@@
++linux (4.9.65-3+deb9u1~bpo8+1) jessie-backports; urgency=medium
++
++ * Rebuild for jessie-backports:
++ - Revert "[x86] psmouse: Enable MOUSE_PS2_VMMOUSE", which breaks
++ xserver-xorg-input-vmmouse and several metapackages in jessie
++ - Revert changes to use gcc-6 compiler, not found in jessie
++ - Change ABI number to 0.bpo.4
++ - Revert changes to flex and asciidoc build-dependencies
++ - linux-image-dbg: Revert changes to packaging of debug symbols
++ - Revert "enable `perf data' support" as libbabeltrace is not available
++ - [mips*] Disable RELOCATABLE and RANDOMIZE_BASE.
++
++ -- Ben Hutchings <ben at decadent.org.uk> Sat, 23 Dec 2017 04:47:27 +0000
++
+ linux (4.9.65-3+deb9u1) stretch-security; urgency=high
+
+ * dccp: CVE-2017-8824: use-after-free in DCCP code
+ * media: dvb-usb-v2: lmedm04: Improve logic checking of warm start
+ (CVE-2017-16538)
+ * media: dvb-usb-v2: lmedm04: move ts2020 attach to dm04_lme2510_tuner
+ (CVE-2017-16538)
+ * media: hdpvr: Fix an error handling path in hdpvr_probe() (CVE-2017-16644)
+ * bpf/verifier: Fix multiple security issues:
+ - adjust insn_aux_data when patching insns
+ - fix branch pruning logic
+ - reject out-of-bounds stack pointer calculation
+ - fix incorrect sign extension in check_alu_op() (CVE-2017-16995)
+ - Fix states_equal() comparison of pointer and UNKNOWN
+ * netfilter: nfnetlink_cthelper: Add missing permission checks
+ (CVE-2017-17448)
+ * netlink: Add netns check on taps (CVE-2017-17449)
+ * netfilter: xt_osf: Add missing permission checks (CVE-2017-17450)
+ * USB: core: prevent malicious bNumInterfaces overflow (CVE-2017-17558)
+ * net: ipv4: fix for a race condition in raw_sendmsg (CVE-2017-17712)
+ * [armhf,arm64,x86] KVM: Fix stack-out-of-bounds read in write_mmio
+ (CVE-2017-17741)
+ * crypto: salsa20 - fix blkcipher_walk API usage (CVE-2017-17805)
+ * crypto: hmac - require that the underlying hash algorithm is unkeyed
+ (CVE-2017-17806)
+ * KEYS: add missing permission check for request_key() destination
+ (CVE-2017-17807)
+ * [x86] KVM: VMX: remove I/O port 0x80 bypass on Intel hosts
+ (CVE-2017-1000407)
+ * bluetooth: Prevent stack info leak from the EFS element.
+ (CVE-2017-1000410)
+
+ -- Ben Hutchings <ben at decadent.org.uk> Sat, 23 Dec 2017 00:39:51 +0000
+
+linux (4.9.65-3~bpo8+1) jessie-backports; urgency=medium
+
+ * Rebuild for jessie-backports:
+ - Revert "[x86] psmouse: Enable MOUSE_PS2_VMMOUSE", which breaks
+ xserver-xorg-input-vmmouse and several metapackages in jessie
+ - Revert changes to use gcc-6 compiler, not found in jessie
+ - Change ABI number to 0.bpo.4
+ - Revert changes to flex and asciidoc build-dependencies
+ - linux-image-dbg: Revert changes to packaging of debug symbols
+ - Revert "enable `perf data' support" as libbabeltrace is not available
+ - [mips*] Disable RELOCATABLE and RANDOMIZE_BASE.
+
+ -- Ben Hutchings <ben at decadent.org.uk> Sat, 09 Dec 2017 01:41:29 +0000
+
linux (4.9.65-3) stretch; urgency=medium
[ Salvatore Bonaccorso ]
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git
More information about the Kernel-svn-changes
mailing list