[linux] branch wheezy-security updated (f206f4e -> 68b23c1)

debian-kernel at lists.debian.org debian-kernel at lists.debian.org
Tue Mar 7 02:36:41 UTC 2017 

This is an automated email from the git hooks/post-receive script.

benh pushed a change to branch wheezy-security
in repository linux.

      from  f206f4e   Prepare to release linux (3.2.84-2).
       new  784cce3   Update to 3.2.86
       new  611c334   ipc/shm: Fix shmat mmap nil-page protection (CVE-2017-5669)
       new  952f97d   sctp: avoid BUG_ON on sctp_wait_for_sndbuf (CVE-2017-5986)
       new  1cdc952   net/llc: avoid BUG_ON() in skb_orphan() (CVE-2017-6345)
       new  0f32df0   packet: fix races in fanout_add() (CVE-2017-6346)
       new  d183812   irda: Fix locking in hashbin_delete() (CVE-2017-6348)
       new  68b23c1   sctp: deny peeloff operation on asocs with threads sleeping on it (CVE-2017-6353)

The 7 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.


Summary of changes:
 debian/changelog                                   |  89 ++++
 debian/config/defines                              |   1 +
 .../alsa-pcm-call-kill_fasync-in-stream-lock.patch |  43 --
 ...lock-fix-use-after-free-in-sys_ioprio_get.patch | 120 ------
 ...reeing-skb-too-early-for-IPV6_RECVPKTINFO.patch |  47 ---
 .../all/dccp-limit-sk_filter-trim-to-payload.patch |  90 ----
 .../fbdev-color-map-copying-bounds-checking.patch  |  79 ----
 .../hid-core-prevent-out-of-bound-readings.patch   |  43 --
 ...pc-shm-fix-shmat-mmap-nil-page-protection.patch |  58 +++
 ...fix-lockdep-annotations-in-hashbin_delete.patch |  84 ++++
 ...t-reset-tty-receive_room-when-attaching-s.patch |  47 ---
 ...lence-warning-if-config_lockdep-isn-t-set.patch |  43 --
 ...ia-info-leak-in-__media_device_enum_links.patch |  36 --
 ...signed-overflows-for-so_-snd-rcv-bufforce.patch |  45 --
 .../all/net-cleanups-in-sock_setsockopt.patch      |  96 -----
 .../all/net-llc-avoid-bug_on-in-skb_orphan.patch   |  53 +++
 ...-check-minimum-size-on-icmp-header-length.patch |  68 ---
 ...ket-fix-race-condition-in-packet_set_ring.patch |  88 ----
 .../all/packet-fix-races-in-fanout_add.patch       |  72 ++++
 ...ix-concurrent-sys_perf_event_open-vs.-mov.patch | 153 -------
 .../bugfix/all/perf-do-not-double-free.patch       |  48 ---
 .../bugfix/all/perf-fix-event-ctx-locking.patch    | 468 ---------------------
 ...rf-fix-perf_event_for_each-to-use-sibling.patch |  38 --
 .../bugfix/all/perf-fix-race-in-swevent-hash.patch |  92 ----
 .../all/rose-limit-sk_filter-trim-to-payload.patch |  94 -----
 ...sctp-avoid-bug_on-on-sctp_wait_for_sndbuf.patch |  37 ++
 ...tion-on-asocs-with-threads-sleeping-on-it.patch |  63 +++
 ...lidate-chunk-len-before-actually-using-it.patch |  54 ---
 ...uble-free-when-drives-detach-during-sg_io.patch |  66 ---
 ...g_write-is-not-fit-to-be-called-under-ker.patch |  42 --
 ...ake-care-of-truncations-done-by-sk_filter.patch |  98 -----
 ...-ldisc-drivers-from-re-using-stale-tty-fi.patch |  75 ----
 ...-kl5kusb105-fix-line-state-error-handling.patch |  37 --
 ...llow-dma-mappings-to-be-marked-executable.patch |  37 --
 .../fix-potential-infoleak-in-older-kernels.patch  |  64 ---
 ...p-error-recovery-in-em_jmp_far-and-em_ret.patch | 125 ------
 .../all/net-add-__sock_queue_rcv_skb.patch         |  63 ---
 .../rt/0192-rtmutex-futex-prepare-rt.patch.patch   |  28 +-
 debian/patches/series                              |  35 +-
 39 files changed, 474 insertions(+), 2445 deletions(-)
 delete mode 100644 debian/patches/bugfix/all/alsa-pcm-call-kill_fasync-in-stream-lock.patch
 delete mode 100644 debian/patches/bugfix/all/block-fix-use-after-free-in-sys_ioprio_get.patch
 delete mode 100644 debian/patches/bugfix/all/dccp-fix-freeing-skb-too-early-for-IPV6_RECVPKTINFO.patch
 delete mode 100644 debian/patches/bugfix/all/dccp-limit-sk_filter-trim-to-payload.patch
 delete mode 100644 debian/patches/bugfix/all/fbdev-color-map-copying-bounds-checking.patch
 delete mode 100644 debian/patches/bugfix/all/hid-core-prevent-out-of-bound-readings.patch
 create mode 100644 debian/patches/bugfix/all/ipc-shm-fix-shmat-mmap-nil-page-protection.patch
 create mode 100644 debian/patches/bugfix/all/irda-fix-lockdep-annotations-in-hashbin_delete.patch
 delete mode 100644 debian/patches/bugfix/all/isdn-gigaset-reset-tty-receive_room-when-attaching-s.patch
 delete mode 100644 debian/patches/bugfix/all/lockdep-silence-warning-if-config_lockdep-isn-t-set.patch
 delete mode 100644 debian/patches/bugfix/all/media-info-leak-in-__media_device_enum_links.patch
 delete mode 100644 debian/patches/bugfix/all/net-avoid-signed-overflows-for-so_-snd-rcv-bufforce.patch
 delete mode 100644 debian/patches/bugfix/all/net-cleanups-in-sock_setsockopt.patch
 create mode 100644 debian/patches/bugfix/all/net-llc-avoid-bug_on-in-skb_orphan.patch
 delete mode 100644 debian/patches/bugfix/all/net-ping-check-minimum-size-on-icmp-header-length.patch
 delete mode 100644 debian/patches/bugfix/all/packet-fix-race-condition-in-packet_set_ring.patch
 create mode 100644 debian/patches/bugfix/all/packet-fix-races-in-fanout_add.patch
 delete mode 100644 debian/patches/bugfix/all/perf-core-fix-concurrent-sys_perf_event_open-vs.-mov.patch
 delete mode 100644 debian/patches/bugfix/all/perf-do-not-double-free.patch
 delete mode 100644 debian/patches/bugfix/all/perf-fix-event-ctx-locking.patch
 delete mode 100644 debian/patches/bugfix/all/perf-fix-perf_event_for_each-to-use-sibling.patch
 delete mode 100644 debian/patches/bugfix/all/perf-fix-race-in-swevent-hash.patch
 delete mode 100644 debian/patches/bugfix/all/rose-limit-sk_filter-trim-to-payload.patch
 create mode 100644 debian/patches/bugfix/all/sctp-avoid-bug_on-on-sctp_wait_for_sndbuf.patch
 create mode 100644 debian/patches/bugfix/all/sctp-deny-peeloff-operation-on-asocs-with-threads-sleeping-on-it.patch
 delete mode 100644 debian/patches/bugfix/all/sctp-validate-chunk-len-before-actually-using-it.patch
 delete mode 100644 debian/patches/bugfix/all/sg-fix-double-free-when-drives-detach-during-sg_io.patch
 delete mode 100644 debian/patches/bugfix/all/sg_write-bsg_write-is-not-fit-to-be-called-under-ker.patch
 delete mode 100644 debian/patches/bugfix/all/tcp-take-care-of-truncations-done-by-sk_filter.patch
 delete mode 100644 debian/patches/bugfix/all/tty-prevent-ldisc-drivers-from-re-using-stale-tty-fi.patch
 delete mode 100644 debian/patches/bugfix/all/usb-serial-kl5kusb105-fix-line-state-error-handling.patch
 delete mode 100644 debian/patches/bugfix/arm/arm-dma-mapping-don-t-allow-dma-mappings-to-be-marked-executable.patch
 delete mode 100644 debian/patches/bugfix/x86/fix-potential-infoleak-in-older-kernels.patch
 delete mode 100644 debian/patches/bugfix/x86/kvm-x86-drop-error-recovery-in-em_jmp_far-and-em_ret.patch
 delete mode 100644 debian/patches/features/all/net-add-__sock_queue_rcv_skb.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git

More information about the Kernel-svn-changes mailing list