[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Stretch openstack image updated to version 9.0.2-20170623

Thanks to Vincent Bernat for pointing out that the 9.0.1-20170620
rebuild was buggy and dod *not* contain the expected security
update. I've just filed a bug against the build script in
openstack-debian-images (#865648) and rebuilt again. We now have
9.0.2-20180623 and I've verified the contents now.

Apologies for any confusion... :-(


Just released, including a stack of security updates:


Updates in 3 source package(s), 16 binary package(s):

  Source glibc, binaries: libc-bin:amd64 libc-l10n:amd64 libc6:amd64 locales:amd64 locales-all:amd64 multiarch-support:amd64 libc-bin:arm64 libc-l10n:arm64 libc6:arm64 locales:arm64 locales-all:arm64 multiarch-support:arm64  
  glibc (2.24-11+deb9u1) stretch-security; urgency=medium
    * debian/patches/any/local-CVE-2017-1000366-rtld-LD_AUDIT.diff,
      debian/patches/any/local-CVE-2017-1000366-rtld-LD_PRELOAD.diff: add
      patches to protect the dynamic linker against stack clashes
    * debian/patches/any/cvs-vectorized-strcspn-guards.diff: patch backported
      from upstream to allow usage of strcspn in ld.so.
    * debian/patches/any/cvs-hwcap-AT_SECURE.diff: patch backported from
      upstream to disable HWCAP for AT_SECURE programs.

  Source gnutls28, binaries: libgnutls30:amd64 libgnutls30:arm64  
  gnutls28 (3.5.8-5+deb9u1) stretch-security; urgency=high
    * 36_CVE-2017-7507_*.patch: Pulled from 3.5.13, fix crash upon receiving
      well-formed status_request extension. GNUTLS-SA-2017-4/CVE-2017-7507
      Closes: #864560
    * Upload is identical to 3.5.8-6 except for the version number.

  Source linux, binaries: linux-image-4.9.0-3-amd64:amd64 linux-image-4.9.0-3-arm64:arm64  
  linux (4.9.30-2+deb9u1) stretch-security; urgency=high
    * mm: enlarge stack guard gap (CVE-2017-1000364)
    * mm: allow to configure stack gap size
    * mm, proc: cap the stack gap for unpopulated growing vmas
    * mm, proc: drop priv parameter from is_stack
    * mm: do not collapse stack gap into THP
    * fold me "mm: allow to configure stack gap size"

Steve McIntyre, Cambridge, UK.                                steve@einval.com
  Mature Sporty Personal
  More Innovation More Adult
  A Man in Dandism
  Powered Midship Specialty

Attachment: signature.asc
Description: PGP signature

Reply to: