[linux] branch wheezy-backports updated (be9025c -> 65937e0)
debian-kernel at lists.debian.org
debian-kernel at lists.debian.org
Fri Feb 24 16:38:31 UTC 2017
This is an automated email from the git hooks/post-receive script.
benh pushed a change to branch wheezy-backports
in repository linux.
from be9025c Merge tag 'debian/3.16.36-1+deb8u2' into wheezy-backports
adds 1b039cf [mips*] Fix ptrace handling of any syscalls returning ENOSYS.
adds e5632e0 KVM: VMX: Fix host initiated access to guest MSR_TSC_AUX
adds 635b9f8 Merge tag 'debian/3.16.36-1+deb8u1' into jessie
adds 0de3bd6 [x86] KVM: pass host_initiated to functions that read MSRs
adds 90edc09 Merge tag 'debian/3.16.36-1+deb8u2' into jessie
adds d63902d [x86] video: Disable X86_SYSFB, FB_SIMPLE (Closes: #822575)
adds fe4ed98 hwrng: Add chaoskey driver, backported from 4.8 (Closes: #839616)
adds 6a73b7e Update to 3.16.39
adds 403e746 Revert "ecryptfs: forbid opening files without mmap handler", redundant with upstream fixes
adds f693d4d fs: Move procfs/ecryptfs stacking check into ecryptfs, to avoid ABI change
adds c3b1123 Fix/ignore/revert (as appropriate) ABI changes in 3.16.37 and 3.16.39
adds d99616c Fix backport of "fs: Give dentry to inode_change_ok() instead of inode" in fuse, xfs
adds 7a18341 Note more CVEs fixed in upstream stable updates
adds 51cd4c2 sg: Fix double-free when drives detach during SG_IO (CVE-2015-8962)
adds 155aee4 perf: Fix race in swevent hash (CVE-2015-8963)
adds 13e777c tty: Prevent ldisc drivers from re-using stale tty fields (CVE-2015-8964)
adds 3a9c496 usb: gadget: f_fs: Fix use-after-free (CVE-2016-7912)
adds d07602d HID: core: prevent out-of-bound readings (CVE-2016-7915)
adds c29ed46 netfilter: nfnetlink: correctly validate length of batch messages (CVE-2016-7917)
adds 6d745c6 net: ping: check minimum size on ICMP header length (CVE-2016-8399)
adds 598c277 net: Limit sk_filter trim to payload
adds 95da0e7 mpi: Fix NULL ptr dereference in mpi_powm() [ver #3] (CVE-2016-8650)
adds 45b63de packet: fix race condition in packet_set_ring (CVE-2016-8655)
adds f9953e2 [x86] Fix potential infoleak in older kernels (CVE-2016-9178)
adds 461db92 sctp: validate chunk len before actually using it (CVE-2016-9555)
adds 160c700 sg_write()/bsg_write() is not fit to be called under KERNEL_DS (CVE-2016-9576)
adds de565a4 [x86] KVM: drop error recovery in em_jmp_far and em_ret_far (CVE-2016-9756)
adds 1e8af51 net: avoid signed overflows for SO_{SND|RCV}BUFFORCE (CVE-2016-9793)
adds c2cf110 ALSA: pcm : Call kill_fasync() in stream lock (CVE-2016-9794)
adds a2c6ec6 Note that CVE-2016-9806 was fixed in 3.16.37
adds 0523f19 security,perf: Allow unprivileged use of perf_event_open to be disabled
adds 45680ed spi-nor: Add support for n25q256a11 SPI flash device (Closes: #843650)
adds bb2768e xen-blkfront: fix accounting of reqs when migrating (Closes: #843715)
adds 6fbce29 Note that #834513 was (probably) fixed in 3.16.37
adds 22fa415 Note that CVE-2016-10088 is fixed along with CVE-2016-9576
adds 6b4dd34 Prepare to release linux (3.16.39-1).
new 65937e0 Merge tag 'debian/3.16.39-1' into wheezy-backports
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.
Summary of changes:
debian/changelog | 535 ++++++++++++++
debian/config/config | 1 +
debian/config/defines | 6 +-
debian/config/kernelarch-x86/config | 6 +-
...ont-fix-accounting-of-reqs-when-migrating.patch | 44 ++
...ort-sprintf-buffer-in-proc-keys-show-func.patch | 70 --
...ilter-ensure-number-of-counters-is-0-in-d.patch | 53 --
...ck-size-values-after-double-fetch-from-us.patch | 65 --
...sa-compress-fix-an-integer-overflow-check.patch | 31 -
.../alsa-pcm-call-kill_fasync-in-stream-lock.patch | 43 ++
...fix-leak-in-events-via-snd_timer_user_cca.patch | 33 -
...fix-leak-in-events-via-snd_timer_user_tin.patch | 33 -
...imer-fix-leak-in-sndrv_timer_ioctl_params.patch | 33 -
...uble-fetch-in-audit_log_single_execve_arg.patch | 414 -----------
.../batman-adv-fix-double-put-of-vlan-object.patch | 29 -
...ix-potential-null-dereference-in-rfcomm-b.patch | 62 --
.../all/dccp-limit-sk_filter-trim-to-payload.patch | 94 +++
...forbid-opening-files-without-mmap-handler.patch | 54 --
...entry-to-inode_change_ok-instead-of-inode.patch | 678 ++++++++++++++++++
...-propagate-dentry-down-to-inode_change_ok.patch | 68 ++
.../hid-core-prevent-out-of-bound-readings.patch | 43 ++
...validate-num_values-for-hidiocgusages-hid.patch | 41 --
.../keys-potential-uninitialized-variable.patch | 86 ---
...up_flags-FOLL_WRITE-games-from-__get_user.patch | 77 --
...ix-null-ptr-dereference-in-mpi_powm-ver-3.patch | 96 +++
...signed-overflows-for-so_-snd-rcv-bufforce.patch | 45 ++
...-check-minimum-size-on-icmp-header-length.patch | 67 ++
...rp_tables-simplify-translate_compat_table.patch | 208 ------
...nsure-number-of-counters-is-0-in-do_repla.patch | 120 ----
...p6_tables-simplify-translate_compat_table.patch | 185 -----
...p_tables-simplify-translate_compat_table-.patch | 184 -----
...fnetlink-correctly-validate-length-of-bat.patch | 71 ++
..._tables-add-and-use-xt_check_entry_offset.patch | 151 ----
..._tables-add-compat-version-of-xt_check_en.patch | 105 ---
...ilter-x_tables-assert-minimum-target-size.patch | 25 -
...er-x_tables-check-for-bogus-target-offset.patch | 164 -----
...r-x_tables-check-standard-target-size-too.patch | 60 --
..._tables-do-compat-validation-via-translat.patch | 781 ---------------------
..._tables-don-t-move-to-non-existent-next-r.patch | 100 ---
..._tables-don-t-reject-valid-target-size-on.patch | 54 --
..._tables-introduce-and-use-xt_copy_counter.patch | 331 ---------
...etfilter-x_tables-kill-check_entry-helper.patch | 149 ----
...-x_tables-speed-up-jump-target-validation.patch | 493 -------------
..._tables-validate-all-offsets-and-sizes-in.patch | 137 ----
...filter-x_tables-validate-targets-of-jumps.patch | 131 ----
..._tables-xt_compat_match_from_user-doesn-t.patch | 234 ------
.../nfsd-check-permissions-when-setting-ACLs.patch | 146 ----
...ket-fix-race-condition-in-packet_set_ring.patch | 88 +++
.../bugfix/all/perf-fix-race-in-swevent-hash.patch | 92 +++
.../bugfix/all/posix_acl-Add-set_posix_acl.patch | 82 ---
.../rds-fix-an-infoleak-in-rds_inc_info_copy.patch | 31 -
...entry-to-inode_change_ok-instead-of-inode.patch | 779 ++++++++++++++++++++
.../all/rose-limit-sk_filter-trim-to-payload.patch | 94 +++
...-Buffer-overflow-in-arcmsr_iop_message_xf.patch | 46 --
...lidate-chunk-len-before-actually-using-it.patch | 54 ++
...uble-free-when-drives-detach-during-sg_io.patch | 66 ++
...g_write-is-not-fit-to-be-called-under-ker.patch | 42 ++
...e-after-free-in-tcp_xmit_retransmit_queue.patch | 50 --
.../tcp-make-challenge-acks-less-predictable.patch | 71 --
...ake-care-of-truncations-done-by-sk_filter.patch | 98 +++
...x-an-infoleak-in-tipc_nl_compat_link_dump.patch | 26 -
...-ldisc-drivers-from-re-using-stale-tty-fi.patch | 74 ++
.../all/usb-gadget-f_fs-fix-use-after-free.patch | 32 +
...usb-usbfs-fix-potential-infoleak-in-devio.patch | 41 --
...-propagate-dentry-down-to-inode_change_ok.patch | 210 ++++++
...ll-Always-run-the-seccomp-syscall-filters.patch | 283 ++++++++
...always-reclaim-in-start_thread-for-exec-c.patch | 106 ---
...tl-fix-potential-information-leak-with-de.patch | 52 --
...-host-initiated-access-to-guest-MSR_TSC_A.patch | 42 ++
...s-host_initiated-to-functions-that-read-M.patch | 537 ++++++++++++++
.../fix-potential-infoleak-in-older-kernels.patch | 63 ++
...p-error-recovery-in-em_jmp_far-and-em_ret.patch | 125 ++++
...x-for-double-fetch-security-bug-in-vop-dr.patch | 37 -
.../debian/fs-fix-abi-change-in-3.16.39.patch | 126 ++++
...cfs-ecryptfs-stacking-check-into-ecryptfs.patch | 94 +++
.../debian/i8042-revert-abi-break-in-3.16.39.patch | 147 ++++
debian/patches/debian/kernelvariables.patch | 6 +-
.../debian/mips-fix-abi-change-in-3.16.37.patch | 85 +++
.../net-fix-abi-change-for-sk_filter-changes.patch | 68 ++
.../net-sched-fix-abi-change-in-3.16.37.patch | 35 +
...efine-at_vector_size_arch-for-arch_dlinfo.patch | 30 +
...lock-fix-bdi-vs-gendisk-lifetime-mismatch.patch | 75 ++
...efine-at_vector_size_arch-for-arch_dlinfo.patch | 30 +
.../debian/scsi-fix-abi-change-in-3.16.37.patch | 30 +
.../uaccess-avoid-abi-change-in-3.16.39.patch | 21 +
.../debian/ubi-avoid-abi-change-in-3.16.37.patch | 24 +
...ioctl-data-read-write-error-for-adapter-t.patch | 47 +-
...019-arcmsr-simplify-ioctl-data-read-write.patch | 59 +-
.../chaoskey/USB-chaoskey-read-offset-bug.patch | 27 +
.../chaoskey/chaoskey-3.16-no-hwrng-quality.patch | 30 +
...key-Add-support-for-Araneus-Alea-I-USB-RN.patch | 58 ++
...key-Fix-URB-warning-due-to-timeout-on-Ale.patch | 101 +++
...river-for-Altus-Metrum-ChaosKey-device-v2.patch | 620 ++++++++++++++++
.../usb-Fix-warnings-in-chaoskey-driver.patch | 53 ++
...misc-chaoskey-Cleanup-probe-failure-paths.patch | 99 +++
...aoskey-introduce-an-URB-for-asynchronous-.patch | 183 +++++
...b-misc-fix-chaoskey-build-needs-HW_RANDOM.patch | 29 +
.../features/all/kdbus/shm-add-sealing-API.patch | 4 +-
.../all/net-add-__sock_queue_rcv_skb.patch | 63 ++
...ow-further-restriction-of-perf_event_open.patch | 75 ++
...d-support-for-n25q256a11-spi-flash-device.patch | 35 +
...l-accesses-to-kvm-irq_routing-into-irqchi.patch | 4 +-
.../KVM-PPC-Book3S-HV-Fix-ABIv2-on-LE.patch | 57 +-
...-Provide-and-use-accessors-for-irq-routin.patch | 45 +-
...spend-resume-quirks-for-apple-thunderbolt.patch | 8 +-
debian/patches/series | 97 +--
106 files changed, 6769 insertions(+), 5553 deletions(-)
create mode 100644 debian/patches/bugfix/all/-xen-blkfront-fix-accounting-of-reqs-when-migrating.patch
delete mode 100644 debian/patches/bugfix/all/KEYS-Fix-short-sprintf-buffer-in-proc-keys-show-func.patch
delete mode 100644 debian/patches/bugfix/all/Revert-netfilter-ensure-number-of-counters-is-0-in-d.patch
delete mode 100644 debian/patches/bugfix/all/aacraid-Check-size-values-after-double-fetch-from-us.patch
delete mode 100644 debian/patches/bugfix/all/alsa-compress-fix-an-integer-overflow-check.patch
create mode 100644 debian/patches/bugfix/all/alsa-pcm-call-kill_fasync-in-stream-lock.patch
delete mode 100644 debian/patches/bugfix/all/alsa-timer-fix-leak-in-events-via-snd_timer_user_cca.patch
delete mode 100644 debian/patches/bugfix/all/alsa-timer-fix-leak-in-events-via-snd_timer_user_tin.patch
delete mode 100644 debian/patches/bugfix/all/alsa-timer-fix-leak-in-sndrv_timer_ioctl_params.patch
delete mode 100644 debian/patches/bugfix/all/audit-fix-a-double-fetch-in-audit_log_single_execve_arg.patch
delete mode 100644 debian/patches/bugfix/all/batman-adv-fix-double-put-of-vlan-object.patch
delete mode 100644 debian/patches/bugfix/all/bluetooth-fix-potential-null-dereference-in-rfcomm-b.patch
create mode 100644 debian/patches/bugfix/all/dccp-limit-sk_filter-trim-to-payload.patch
delete mode 100644 debian/patches/bugfix/all/ecryptfs-forbid-opening-files-without-mmap-handler.patch
create mode 100644 debian/patches/bugfix/all/fs-give-dentry-to-inode_change_ok-instead-of-inode.patch
create mode 100644 debian/patches/bugfix/all/fuse-propagate-dentry-down-to-inode_change_ok.patch
create mode 100644 debian/patches/bugfix/all/hid-core-prevent-out-of-bound-readings.patch
delete mode 100644 debian/patches/bugfix/all/hid-hiddev-validate-num_values-for-hidiocgusages-hid.patch
delete mode 100644 debian/patches/bugfix/all/keys-potential-uninitialized-variable.patch
delete mode 100644 debian/patches/bugfix/all/mm-remove-gup_flags-FOLL_WRITE-games-from-__get_user.patch
create mode 100644 debian/patches/bugfix/all/mpi-fix-null-ptr-dereference-in-mpi_powm-ver-3.patch
create mode 100644 debian/patches/bugfix/all/net-avoid-signed-overflows-for-so_-snd-rcv-bufforce.patch
create mode 100644 debian/patches/bugfix/all/net-ping-check-minimum-size-on-icmp-header-length.patch
delete mode 100644 debian/patches/bugfix/all/netfilter-arp_tables-simplify-translate_compat_table.patch
delete mode 100644 debian/patches/bugfix/all/netfilter-ensure-number-of-counters-is-0-in-do_repla.patch
delete mode 100644 debian/patches/bugfix/all/netfilter-ip6_tables-simplify-translate_compat_table.patch
delete mode 100644 debian/patches/bugfix/all/netfilter-ip_tables-simplify-translate_compat_table-.patch
create mode 100644 debian/patches/bugfix/all/netfilter-nfnetlink-correctly-validate-length-of-bat.patch
delete mode 100644 debian/patches/bugfix/all/netfilter-x_tables-add-and-use-xt_check_entry_offset.patch
delete mode 100644 debian/patches/bugfix/all/netfilter-x_tables-add-compat-version-of-xt_check_en.patch
delete mode 100644 debian/patches/bugfix/all/netfilter-x_tables-assert-minimum-target-size.patch
delete mode 100644 debian/patches/bugfix/all/netfilter-x_tables-check-for-bogus-target-offset.patch
delete mode 100644 debian/patches/bugfix/all/netfilter-x_tables-check-standard-target-size-too.patch
delete mode 100644 debian/patches/bugfix/all/netfilter-x_tables-do-compat-validation-via-translat.patch
delete mode 100644 debian/patches/bugfix/all/netfilter-x_tables-don-t-move-to-non-existent-next-r.patch
delete mode 100644 debian/patches/bugfix/all/netfilter-x_tables-don-t-reject-valid-target-size-on.patch
delete mode 100644 debian/patches/bugfix/all/netfilter-x_tables-introduce-and-use-xt_copy_counter.patch
delete mode 100644 debian/patches/bugfix/all/netfilter-x_tables-kill-check_entry-helper.patch
delete mode 100644 debian/patches/bugfix/all/netfilter-x_tables-speed-up-jump-target-validation.patch
delete mode 100644 debian/patches/bugfix/all/netfilter-x_tables-validate-all-offsets-and-sizes-in.patch
delete mode 100644 debian/patches/bugfix/all/netfilter-x_tables-validate-targets-of-jumps.patch
delete mode 100644 debian/patches/bugfix/all/netfilter-x_tables-xt_compat_match_from_user-doesn-t.patch
delete mode 100644 debian/patches/bugfix/all/nfsd-check-permissions-when-setting-ACLs.patch
create mode 100644 debian/patches/bugfix/all/packet-fix-race-condition-in-packet_set_ring.patch
create mode 100644 debian/patches/bugfix/all/perf-fix-race-in-swevent-hash.patch
delete mode 100644 debian/patches/bugfix/all/posix_acl-Add-set_posix_acl.patch
delete mode 100644 debian/patches/bugfix/all/rds-fix-an-infoleak-in-rds_inc_info_copy.patch
create mode 100644 debian/patches/bugfix/all/revert-fs-give-dentry-to-inode_change_ok-instead-of-inode.patch
create mode 100644 debian/patches/bugfix/all/rose-limit-sk_filter-trim-to-payload.patch
delete mode 100644 debian/patches/bugfix/all/scsi-arcmsr-Buffer-overflow-in-arcmsr_iop_message_xf.patch
create mode 100644 debian/patches/bugfix/all/sctp-validate-chunk-len-before-actually-using-it.patch
create mode 100644 debian/patches/bugfix/all/sg-fix-double-free-when-drives-detach-during-sg_io.patch
create mode 100644 debian/patches/bugfix/all/sg_write-bsg_write-is-not-fit-to-be-called-under-ker.patch
delete mode 100644 debian/patches/bugfix/all/tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch
delete mode 100644 debian/patches/bugfix/all/tcp-make-challenge-acks-less-predictable.patch
create mode 100644 debian/patches/bugfix/all/tcp-take-care-of-truncations-done-by-sk_filter.patch
delete mode 100644 debian/patches/bugfix/all/tipc-fix-an-infoleak-in-tipc_nl_compat_link_dump.patch
create mode 100644 debian/patches/bugfix/all/tty-prevent-ldisc-drivers-from-re-using-stale-tty-fi.patch
create mode 100644 debian/patches/bugfix/all/usb-gadget-f_fs-fix-use-after-free.patch
delete mode 100644 debian/patches/bugfix/all/usb-usbfs-fix-potential-infoleak-in-devio.patch
create mode 100644 debian/patches/bugfix/all/xfs-propagate-dentry-down-to-inode_change_ok.patch
create mode 100644 debian/patches/bugfix/mips/MIPS-scall-Always-run-the-seccomp-syscall-filters.patch
delete mode 100644 debian/patches/bugfix/powerpc/powerpc-tm-always-reclaim-in-start_thread-for-exec-c.patch
delete mode 100644 debian/patches/bugfix/s390/s390-sclp_ctl-fix-potential-information-leak-with-de.patch
create mode 100644 debian/patches/bugfix/x86/KVM-VMX-Fix-host-initiated-access-to-guest-MSR_TSC_A.patch
create mode 100644 debian/patches/bugfix/x86/KVM-x86-pass-host_initiated-to-functions-that-read-M.patch
create mode 100644 debian/patches/bugfix/x86/fix-potential-infoleak-in-older-kernels.patch
create mode 100644 debian/patches/bugfix/x86/kvm-x86-drop-error-recovery-in-em_jmp_far-and-em_ret.patch
delete mode 100644 debian/patches/bugfix/x86/misc-mic-fix-for-double-fetch-security-bug-in-vop-dr.patch
create mode 100644 debian/patches/debian/fs-fix-abi-change-in-3.16.39.patch
create mode 100644 debian/patches/debian/fs-move-procfs-ecryptfs-stacking-check-into-ecryptfs.patch
create mode 100644 debian/patches/debian/i8042-revert-abi-break-in-3.16.39.patch
create mode 100644 debian/patches/debian/mips-fix-abi-change-in-3.16.37.patch
create mode 100644 debian/patches/debian/net-fix-abi-change-for-sk_filter-changes.patch
create mode 100644 debian/patches/debian/net-sched-fix-abi-change-in-3.16.37.patch
create mode 100644 debian/patches/debian/revert-arm64-define-at_vector_size_arch-for-arch_dlinfo.patch
create mode 100644 debian/patches/debian/revert-block-fix-bdi-vs-gendisk-lifetime-mismatch.patch
create mode 100644 debian/patches/debian/revert-s390-define-at_vector_size_arch-for-arch_dlinfo.patch
create mode 100644 debian/patches/debian/scsi-fix-abi-change-in-3.16.37.patch
create mode 100644 debian/patches/debian/uaccess-avoid-abi-change-in-3.16.39.patch
create mode 100644 debian/patches/debian/ubi-avoid-abi-change-in-3.16.37.patch
create mode 100644 debian/patches/features/all/chaoskey/USB-chaoskey-read-offset-bug.patch
create mode 100644 debian/patches/features/all/chaoskey/chaoskey-3.16-no-hwrng-quality.patch
create mode 100644 debian/patches/features/all/chaoskey/hwrng-chaoskey-Add-support-for-Araneus-Alea-I-USB-RN.patch
create mode 100644 debian/patches/features/all/chaoskey/hwrng-chaoskey-Fix-URB-warning-due-to-timeout-on-Ale.patch
create mode 100644 debian/patches/features/all/chaoskey/usb-Add-driver-for-Altus-Metrum-ChaosKey-device-v2.patch
create mode 100644 debian/patches/features/all/chaoskey/usb-Fix-warnings-in-chaoskey-driver.patch
create mode 100644 debian/patches/features/all/chaoskey/usb-misc-chaoskey-Cleanup-probe-failure-paths.patch
create mode 100644 debian/patches/features/all/chaoskey/usb-misc-chaoskey-introduce-an-URB-for-asynchronous-.patch
create mode 100644 debian/patches/features/all/chaoskey/usb-misc-fix-chaoskey-build-needs-HW_RANDOM.patch
create mode 100644 debian/patches/features/all/net-add-__sock_queue_rcv_skb.patch
create mode 100644 debian/patches/features/all/security-perf-allow-further-restriction-of-perf_event_open.patch
create mode 100644 debian/patches/features/all/spi-nor-add-support-for-n25q256a11-spi-flash-device.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git
More information about the Kernel-svn-changes
mailing list