On Wed, 2013-03-20 at 14:56 +0000, Ben Hutchings wrote:
> Since 3.2.39-2 went into testing, it's about time for another upload.
> There are many important bug fixes pending (still more bugs to fix,
> though; in particular some more DRM regressions showed up).
>
> I'm intending to release 3.2.41 in a few minutes, and will try to
> integrate this with the wheezy branch after that.
That almost worked, but:
1. I forgot to adjust the kernel-wedge configuration for ia64. I've
done a test build just to make sure it's right now.
2. Installation into linux-headers-common failed on most architectures,
not detected immediately because only the last process in a pipeline is
normally checked. I've added 'set -o pipefail' in appropriate places.
I collected up several more security fixes and fixed a silly hardware
support regression due to config renaming, and am now uploading:
linux (3.2.41-2) unstable; urgency=low
* [ia64] udeb: Remove efi-modules package; make kernel-image provide
efi-modules (fixes FTBFS)
* linux-headers: Fix file installation on architectures without
Kbuild.platforms (Closes: #703800)
* [x86] drm/i915: bounds check execbuffer relocation count (CVE-2013-0913)
* [x86] drm: Enable DRM_GMA500 as module, replacing DRM_PSB (Closes: #703506)
- Enable DRM_GMA600, DRM_GMA3600, DRM_MEDFIELD
* [x86] KVM: x86: fix for buffer overflow in handling of MSR_KVM_SYSTEM_TIME
(CVE-2013-1796)
* [x86] KVM: x86: Convert MSR_KVM_SYSTEM_TIME to use gfn_to_hva_cache
functions (CVE-2013-1797)
* KVM: Fix bounds checking in ioapic indirect register reads (CVE-2013-1798)
-- Ben Hutchings <ben@decadent.org.uk> Mon, 25 Mar 2013 15:17:44 +0000
Ben.
--
Ben Hutchings
I'm not a reverse psychological virus. Please don't copy me into your sig.
Attachment:
signature.asc
Description: This is a digitally signed message part