[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted linux 3.16.72-1 (all source) into oldoldstable

Hash: SHA512

Format: 1.8
Date: Tue, 13 Aug 2019 19:44:18 +0100
Binary: linux-doc-3.16 linux-manual-3.16 linux-source-3.16 linux-support-3.16.0-10
Source: linux
Architecture: all source
Version: 3.16.72-1
Distribution: jessie-security
Urgency: high
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: Ben Hutchings <ben@decadent.org.uk>
 linux-doc-3.16 - Linux kernel specific documentation for version 3.16
 linux-manual-3.16 - Linux kernel API manual pages for version 3.16
 linux-source-3.16 - Linux kernel source for version 3.16 with Debian patches
 linux-support-3.16.0-10 - Support files for Linux 3.16
 linux (3.16.72-1) jessie-security; urgency=high
   * New upstream stable update:
     - ipv6: check sk sk_type and protocol early in ip_mroute_set/getsockopt
     - xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink
     - Staging: iio: meter: fixed typo
     - iio: Use kmalloc_array() in iio_scan_mask_set()
     - iio: Fix scan mask selection
     - perf/core: Restore mmap record type correctly
     - ext4: fix data corruption caused by unaligned direct AIO
     - ext4: add missing brelse() in add_new_gdb_meta_bg()
     - xfrm6_tunnel: Fix potential panic when unloading xfrm6_tunnel module
     - IB/mlx4: Fix race condition between catas error reset and aliasguid flows
     - staging: speakup_soft: Fix alternate speech with other synths
     - netfilter: bridge: set skb transport_header before entering
     - udf: Fix crash on IO error during truncate
     - sctp: get sctphdr by offset in sctp_compute_cksum
     - NFS: fix mount/umount race in nlmclnt.
     - [armhf] imx6q: cpuidle: fix bug that CPU might not wake up at expected
     - USB: serial: ftdi_sio: add additional NovaTech products
     - device_cgroup: fix RCU imbalance in error case
     - net-sysfs: call dev_hold if kobject_init_and_add success
     - tcp: do not use ipv6 header for ipv4 flow
     - dccp: do not use ipv6 header for ipv4 flow
     - [i386] 3c515: fix integer overflow warning
     - [armhf] dts: pfla02: increase phy reset duration
     - USB: serial: mos7720: fix mos_parport refcount imbalance on error path
     - staging: rtl8712: uninitialized memory in read_bbreg_hdl()
     - ALSA: rawmidi: Fix potential Spectre v1 vulnerability (CVE-2017-5753)
     - ALSA: seq: oss: Fix Spectre v1 vulnerability (CVE-2017-5753)
     - [x86] iommu/vt-d: Check capability before disabling protected memory
     - futex: Ensure that futex address is aligned in handle_futex_death()
     - ALSA: pcm: Fix possible OOB access in PCM oss plugins
     - xhci: Don't let USB3 ports stuck in polling state prevent suspend
     - batman-adv: Reduce claim hash refcnt only for removed entry
     - batman-adv: Reduce tt_local hash refcnt only for removed entry
     - batman-adv: Reduce tt_global hash refcnt only for removed entry
     - ALSA: pcm: Don't suspend stream in unrecoverable PCM state
     - net: phy: don't clear BMCR in genphy_soft_reset
     - USB: serial: cp210x: add new device id
     - afs: Fix StoreData op marshalling
     - KVM: Reject device ioctls from processes other than the VM's creator
     - [x86] kvm: IA32_ARCH_CAPABILITIES is always supported
     - [x86] KVM: Emulate MSR_IA32_ARCH_CAPABILITIES on AMD hosts
     - fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links
     - iio: core: fix a possible circular locking dependency
     - dm table: propagate BDI_CAP_STABLE_WRITES to fix sporadic checksum errors
     - dccp: Fix memleak in __feat_register_sp
     - xfrm4: Fix header checks in _decode_session4.
     - xfrm4: Reload skb header pointers after calling pskb_may_pull.
     - xfrm4: Fix uninitialized memory read in _decode_session4
     - sched/fair: Do not re-read ->h_load_next during hierarchical load
     - btrfs: prop: fix vanished compression property after failed set
     - btrfs: correctly validate compression type
     - dm: disable DISCARD if the underlying storage no longer supports it
     - mtd: cfi: fix deadloop in cfi_cmdset_0002.c do_write_buffer
     - xen: Prevent buffer overflow in privcmd ioctl
     - ALSA: seq: Fix OOB-reads from strlcpy
     - PCI: Add function 1 DMA alias quirk for Marvell 9170 SATA controller
     - sunrpc: don't mark uninitialised items as VALID.
     - lib/string.c: implement a basic bcmp
     - ACPICA: Namespace: remove address node from global list after method
     - block: do not leak memory in bio_copy_user_iov()
     - net: bridge: multicast: use rcu to access port list from
     - [x86] iommu/amd: Set exclusion range correctly
     - rt2x00: do not increment sequence number while re-transmitting
     - vxge: fix return of a free'd memblock on a failed dma mapping
     - [x86] speculation: Prevent deadlock on ssb_state::lock
     - USB: core: Fix unterminated string returned by usb_string()
     - [x86] staging: comedi: vmk80xx: Fix use of uninitialized semaphore
     - [x86] staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf
     - kvm: mmu: Fix overflow on kvm mmu page limit calculation
     - cifs: fix handle leak in smb2_query_symlink()
     - CIFS: keep FileInfo handle live during oplock break
     - sched/fair: Limit sched_cfs_period_timer() loop to avoid hard lockup
     - ALSA: core: Fix card races between register and disconnect
     - tipc: set sysctl_tipc_rmem and named_timeout right range
     - [x86] kprobes: Verify stack frame on kretprobe
     - kprobes: Mark ftrace mcount handler functions nokprobe
     - [x86] kprobes: Avoid kretprobe recursion bug
     - USB: core: Fix bug caused by duplicate interface PM usage counter
     - team: fix possible recursive locking when add slaves
     - netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON
     - mac80211: don't attempt to rename ERR_PTR() debugfs dirs
     - ceph: ensure d_name stability in ceph_dentry_hash()
     - cifs: do not attempt cifs operation on smb2+ rename error
     - net/rose: fix unbound loop in rose_loopback_timer()
     - USB: yurex: Fix protection fault after device removal
     - USB: w1 ds2490: Fix bug caused by improper use of altsetting array
     - usb: usbip: fix isoc packet num validation in get_pipe
     - sched/numa: Fix a possible divide-by-zero
     - l2tp: use rcu_dereference_sk_user_data() in l2tp_udp_encap_recv()
     - trace: Fix preempt_enable_no_resched() abuse
     - fs/proc/proc_sysctl.c: Fix a NULL pointer dereference
     - slip: make slhc_free() silently accept an error pointer
     - ipv6: invert flowlabel sharing check in process and user mode
     - ipv6/flowlabel: wait rcu grace period before put_pid()
     - l2ip: fix possible use-after-free
     - packet: in recvmsg msg_name return at least sizeof sockaddr_ll
     - packet: validate msg_namelen in send directly
     - ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour
     - [amd64] Add mitigation for Spectre v1 swapgs (CVE-2019-1125):
       + cpufeatures: Renumber feature word 7
       + asm/entry: Disentangle error_entry/exit gsbase/ebx/usermode code
       + entry: Really create an error-entry-from-usermode code path
       + entry: Fix context tracking state warning when load_gs_index fails
       + speculation: Prepare entry code for Spectre v1 swapgs mitigations
       + speculation: Enable Spectre v1 swapgs mitigations
       + entry: Use JMP instead of JMPQ
       + speculation/swapgs: Exclude ATOMs from speculation through SWAPGS
     - vhost-net: set packet weight of tx polling to 2 * vq size
     - vhost_net: use packet weight for rx handler, too
     - vhost_net: introduce vhost_exceeds_weight()
     - vhost: introduce vhost_exceeds_weight()
     - vhost_net: fix possible infinite loop (CVE-2019-3900)
     - vhost: scsi: add weight support (CVE-2019-3900)
     - Bluetooth: hci_uart: check for missing tty operations (CVE-2019-10207)
     - Input: gtco - bounds check collection indent level (CVE-2019-13631)
     - floppy: fix div-by-zero in setup_format_params (CVE-2019-14284)
     - floppy: fix out-of-bounds read in next_valid_format
     - floppy: fix invalid pointer dereference in drive_name
     - floppy: fix out-of-bounds read in copy_buffer (CVE-2019-14283)
     - proc: meminfo: estimate available memory more conservatively
     - mm/page_alloc.c: calculate 'available' memory in a separate function
     - xen: let alloc_xenballooned_pages() fail if not enough memory free
     - Revert "inet: update the IP ID generation algorithm to higher standards."
     - ipv6: Select fragment id during UFO segmentation if not set.
     - Revert "drivers/net, ipv6: Select IPv6 fragment idents for virtio UFO
     - ipv6: Fix fragment id assignment on LE arches.
     - ipv6: Make __ipv6_select_ident static
     - ipv6: call ipv6_proxy_select_ident instead of ipv6_select_ident in
     - ipv4: hash net ptr into fragmentation bucket selection
     - ipv4: ip_tunnel: use net namespace from rtable not socket
     - ipv6: hash net ptr into fragmentation bucket selection
     - siphash: add cryptographically secure PRF
     - inet: switch IP ID generator to siphash (CVE-2019-10638)
     - netfilter: ctnetlink: don't use conntrack/expect object addresses as id
     - scsi: libsas: fix a race condition when smp task timeout (CVE-2018-20836)
   [ Ben Hutchings ]
   * [amd64] Revert "cpufeatures: Renumber feature word 7" to avoid an ABI
   * inet: Avoid ABI change for IP ID hash change
   * vhost: Ignore ABI changes
   * Partially revert "USB: core: Fix bug caused by duplicate interface …"
     to avoid an ABI change
   * tcp: Clear sk_send_head after purging the write queue
   * kretprobe: Ignore ABI changes
   * macvtap, tun: Avoid ABI change in 3.16.72
   * siphash: implement HalfSipHash1-3 for hash tables (avoids build regression
     for WireGuard)
 8342fee28dc821625e6102fba53752423db6edf3 143027 linux_3.16.72-1.dsc
 e13b5789e904e6c306326744cb7ccce5ad4cc861 82064636 linux_3.16.72.orig.tar.xz
 ea266af6812e628e01046efc3a4194a00d1b90ad 1850732 linux_3.16.72-1.debian.tar.xz
 a271e33ad2efb9ca8a6ff3b422dc12359f7e4ee6 459446 linux-support-3.16.0-10_3.16.72-1_all.deb
 af8bc9f3322a6ad9044dd21935714fc0cfee8f2b 8409288 linux-doc-3.16_3.16.72-1_all.deb
 0968d6ab250c18df416b9b3401906e03b40a9c67 3818154 linux-manual-3.16_3.16.72-1_all.deb
 7fd2a290281fab6c832f85589722c4102bb0f5ab 83912208 linux-source-3.16_3.16.72-1_all.deb
 06cf487bf6056bbd0dd74e8facd055821f2a42e6e636df559bf2baa5bb99b6eb 143027 linux_3.16.72-1.dsc
 367ea4f50be1d6463d4da5a48b1eba395a8c26451f067e2bf15bed74cb539553 82064636 linux_3.16.72.orig.tar.xz
 08ec4734dfff44994df50da306c6028dc02f768288a4a81408117a878935f373 1850732 linux_3.16.72-1.debian.tar.xz
 31272af33c6805aab0409b347d24277e5fadbadf05535195ca157540d1938ab9 459446 linux-support-3.16.0-10_3.16.72-1_all.deb
 38a20931e2b56bc1a3e8dd341404e26d8591d3ce6a5deb93a88cd6edf2e02624 8409288 linux-doc-3.16_3.16.72-1_all.deb
 a7eebccf5e889dd54649afbe753c1a22b8f49e8b3a5244b3bf6d171b6b04db79 3818154 linux-manual-3.16_3.16.72-1_all.deb
 cef604941f065b988eada478094784cff0b54e3a96bc4c600a495872cdaa404e 83912208 linux-source-3.16_3.16.72-1_all.deb
 137244fb72435b99dba1a4393076bd92 143027 kernel optional linux_3.16.72-1.dsc
 95891b771239e1aa658d9d47b3150380 82064636 kernel optional linux_3.16.72.orig.tar.xz
 451ce71dc4c35437f39c94f0f01b04d9 1850732 kernel optional linux_3.16.72-1.debian.tar.xz
 b021d5982fd23e668a2187e4c1cd8e14 459446 devel optional linux-support-3.16.0-10_3.16.72-1_all.deb
 a2c5fc4b44cbed72d9f70ffef8a2e9c6 8409288 doc optional linux-doc-3.16_3.16.72-1_all.deb
 92d21a8ba370f37bf8ea4f404f4f73ba 3818154 doc optional linux-manual-3.16_3.16.72-1_all.deb
 81ab1724ccab26bd9a921bc734f38651 83912208 kernel optional linux-source-3.16_3.16.72-1_all.deb



Reply to: