Re: Uploading linux (3.2.63-1)

To: debian-kernel@lists.debian.org
Cc: debian-release@lists.debian.org
Subject: Re: Uploading linux (3.2.63-1)
From: Moritz Mühlenhoff <jmm@inutil.org>
Date: Wed, 24 Sep 2014 17:36:24 +0200
Message-id: <[🔎] slrnm25p7o.33m.jmm@inutil.org>
References: <[🔎] 1411527264.3659.13.camel@decadent.org.uk>

Ben Hutchings <ben@decadent.org.uk> schrieb:
>
> --=-6AOvsZRHpAv99mjPeare
> Content-Type: text/plain; charset="UTF-8"
> Content-Transfer-Encoding: quoted-printable
>
> I intend to upload linux version 3.2.63-1 to stable-proposed-updates
> later this week.  This will include all the fixes that went into stable
> updates 3.2.61-63 inclusive, including fixes for these security issues:
>
> CVE-2014-3181            HID/magicmouse: buffer overflow
> CVE-2014-3182            HID/logitech-dj: out-of-bounds read
> CVE-2014-3183/3184/3185  USB/serial/whiteheat: multiple buffer overflows
> CVE-2014-3186            HID/picolcd: buffer overflow
> CVE-2014-3601            kvm: guest-controllable memory leak
> CVE-2014-4171            shmem: reader can block hole punch indefinitely
> CVE-2014-4608            lzo: integer overflow
> CVE-2014-5077            sctp: remote denial of service
> CVE-2014-5471/5472       isofs: unbound recursion allowing stack overflow
> =20
> I also cherry-picked fixes for:
>
> CVE-2014-6410            udf: infinite loop when processing indirect ICBs
> CVE-2014-6416/6417/6418  libceph: buffer overflow and related bugs
>
> If any of these look serious enough, I could also prepare a security
> update.

As discussed earlier, scheduling these for the next point update is fine.

Cheers,
        Moritz

Reply to:

References:
- Uploading linux (3.2.63-1)
  - From: Ben Hutchings <ben@decadent.org.uk>

Prev by Date: Upcoming stable point release (7.7)
Next by Date: Bug#762390: Patch for hppa arch
Previous by thread: Uploading linux (3.2.63-1)
Next by thread: Re: Uploading linux (3.2.63-1)
Index(es):
- Date
- Thread