[linux] 01/01: Merge remote-tracking branch 'alioth/stretch-security' into stretch

debian-kernel at lists.debian.org debian-kernel at lists.debian.org
Sat Sep 2 20:14:03 UTC 2017 

This is an automated email from the git hooks/post-receive script.

benh pushed a commit to branch stretch
in repository linux.

commit e04954b9b1bea7f999a401262ec9ea70757c7397
Merge: b0fc78b 91c6faa
Author: Ben Hutchings <ben at decadent.org.uk>
Date:   Fri Sep 1 00:24:07 2017 +0100

    Merge remote-tracking branch 'alioth/stretch-security' into stretch

 debian/changelog                                   |  29 +++
 ...-timer-fix-missing-queue-indices-reset-at.patch |  52 +++++
 ...lsa-timer-fix-race-between-read-and-ioctl.patch |  69 +++++++
 ...nfmt_elf-use-elf_et_dyn_base-only-for-pie.patch | 167 +++++++++++++++
 ...x-possible-buffer-overflow-in-brcmf_cfg80.patch |  46 +++++
 .../patches/bugfix/all/dentry-name-snapshots.patch | 228 +++++++++++++++++++++
 ...don-t-leak-bo-on-drm_gem_object_init-fail.patch |  35 ++++
 .../fs-exec.c-account-for-argv-envp-pointers.patch |  90 ++++++++
 ...overflow-of-offset-in-ip6_find_1stfragopt.patch |  55 +++++
 ...-use-consistent-conditional-judgement-for.patch |  38 ++++
 ...eue-fix-a-use-after-free-in-sys_mq_notify.patch |  50 +++++
 ...et-fix-tp_reserve-race-in-packet_set_ring.patch |  46 +++++
 ...everal-cases-where-a-padded-len-isn-t-che.patch | 206 +++++++++++++++++++
 ...p-consistently-apply-ufo-or-fragmentation.patch |  85 ++++++++
 ...k-don-t-leak-stack-data-via-response-ring.patch | 130 ++++++++++++
 .../xfrm-policy-check-policy-direction-value.patch |  40 ++++
 ...x-Make-sure-backup_handle-is-always-valid.patch |  60 ++++++
 ...limit-the-number-of-mip-levels-in-vmw_gb_.patch |  38 ++++
 .../kvm-x86-fix-singlestepping-over-syscall.patch  | 125 +++++++++++
 debian/patches/series                              |  18 ++
 20 files changed, 1607 insertions(+)

diff --cc debian/changelog
index ccc24dd,df874ed..850b216
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,30 -1,37 +1,59 @@@
 -linux (4.9.30-2+deb9u4) UNRELEASED; urgency=medium
 +linux (4.9.30-3) UNRELEASED; urgency=medium
  
 +  [ Ben Hutchings ]
+   * [x86] KVM: fix singlestepping over syscall (CVE-2017-7518)
+   * binfmt_elf: use ELF_ET_DYN_BASE only for PIE (CVE-2017-1000370,
+     CVE-2017-1000371)
+   * ALSA: timer: Fix race between read and ioctl (CVE-2017-1000380)
+   * ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT
+     (CVE-2017-1000380)
+   * xfrm: policy: check policy direction value (CVE-2017-11600)
+   * packet: fix tp_reserve race in packet_set_ring (CVE-2017-1000111)
+   * ipv6: Should use consistent conditional judgement for ip6 fragment
+     between __ip6_append_data and ip6_finish_output
+   * udp: consistently apply ufo or fragmentation (CVE-2017-1000112)
 +  * [armhf] udeb: Add sunxi_wdt to kernel-image (Closes: #866130)
 +  * udeb: Add dm-raid to md-modules (Closes: #868251)
 +  * [arm64] sound: Enable SND_HDA_INTEL as module (Closes: #867611)
 +  * [x86] ideapad-laptop: Add various IdeaPad models to no_hw_rfkill list
 +    (Closes: #866706)
 +  * [x86] pinctrl: cherryview: Add terminate entry for dmi_system_id tables
 +  * firmware: dmi: Add DMI_PRODUCT_FAMILY identification string
 +  * firmware: dmi: Avoid ABI break for DMI_PRODUCT_FAMILY
 +  * [x86] pinctrl: cherryview: Extend the Chromebook DMI quirk to Intel_Strago
 +    systems (Closes: #862723)
 +  * [armhf] Add ARM Mali Midgard device tree bindings and gpu node for rk3288
 +    (thanks to Guillaume Tucker) (Closes: #865646)
  
 - -- Ben Hutchings <ben at decadent.org.uk>  Sun, 06 Aug 2017 15:21:20 +0100
 +  [ Cyril Brulebois ]
 +  * [arm64,armhf] udeb: Ship usb3503 module in usb-modules, needed for
 +    e.g. Arndale development boards, thanks to Wei Liu (Closes: #865645).
 +
 +  [ Salvatore Bonaccorso ]
 +  * [powerpc*] kernel: Fix FP and vector register restoration.
 +    Thanks to Gabriel F. T. Gomes for the report and analysis.
 +    (Closes: #868902)
 +
 + -- Ben Hutchings <ben at decadent.org.uk>  Sun, 16 Jul 2017 21:54:09 +0100
  
+ linux (4.9.30-2+deb9u3) stretch-security; urgency=high
+ 
+   * [x86] drm/vmwgfx: limit the number of mip levels in
+     vmw_gb_surface_define_ioctl() (CVE-2017-7346)
+   * rxrpc: Fix several cases where a padded len isn't checked in ticket decode
+     (CVE-2017-7482)
+   * brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx()
+     (CVE-2017-7541)
+   * ipv6: avoid overflow of offset in ip6_find_1stfragopt (CVE-2017-7542)
+   * [x86] drm/vmwgfx: Make sure backup_handle is always valid (CVE-2017-9605)
+   * drm/virtio: don't leak bo on drm_gem_object_init failure (CVE-2017-10810)
+   * xen-blkback: don't leak stack data via response ring (CVE-2017-10911)
+   * mqueue: fix a use-after-free in sys_mq_notify() (CVE-2017-11176)
+   * fs/exec.c: account for argv/envp pointers (CVE-2017-1000365)
+   * dentry name snapshots (CVE-2017-7533)
+ 
+  -- Salvatore Bonaccorso <carnil at debian.org>  Sun, 06 Aug 2017 06:24:47 +0200
+ 
  linux (4.9.30-2+deb9u2) stretch-security; urgency=high
  
    * Revert changes in version 4.9.30-2+deb9u1 (Closes: #865303)

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git

More information about the Kernel-svn-changes mailing list