I've committed these changes to the kernel Subversion repository
(squeeze-security branch) for a future squeeze-lts update. However I'm
not sure any of these are important enough to upload yet. At present
I'm intending to defer these until a more critical issue needs fixing.
Ben.
linux-2.6 (2.6.32-48squeeze12) UNRELEASED; urgency=medium
* TTY: drop driver reference in tty_open fail path (CVE-2011-5321)
* netlink: fix possible spoofing from non-root processes (CVE-2012-6689)
* IB/core: Prevent integer overflow in ib_umem_get address arithmetic
(CVE-2014-8159)
* eCryptfs: Remove buggy and unnecessary write in file name decode routine
(CVE-2014-9683)
* HID: fix a couple of off-by-ones (CVE-2014-3184)
* ipv6: Don't reduce hop limit for an interface (CVE-2015-2922)
* [amd64] asm/entry: Remove a bogus 'ret_from_fork' optimization
(CVE-2015-2830)
* net: llc: use correct size for sysctl timeout entries (CVE-2015-2041)
* net: rds: use correct size for max unacked packets and bytes
(CVE-2015-2042)
-- Ben Hutchings <ben@decadent.org.uk> Sun, 12 Apr 2015 17:12:31 +0100
--
Ben Hutchings
compatible: Gracefully accepts erroneous data from any source
Attachment:
signature.asc
Description: This is a digitally signed message part