Salvatore Bonaccorso
f335c0cfcc
unix: properly account for FDs passed over unix sockets (CVE-2013-4312)
2016-01-17 09:27:47 +01:00
Ben Hutchings
10211ef4c3
[x86] drm/vmwgfx: Fix a width / pitch mismatch on framebuffer updates
2016-01-16 04:04:53 +00:00
Ben Hutchings
74cadf39f7
block/sd: Fix device-imposed transfer length limits ( Closes : #805252 )
2016-01-16 03:50:08 +00:00
Ben Hutchings
18e70e2c53
Add some security fixes
2016-01-14 23:39:40 +00:00
Ben Hutchings
d2547e3561
xen/gntdev: Grant maps should not be subject to NUMA balancing ( Closes : #810472 )
2016-01-08 19:32:35 +00:00
Ben Hutchings
e148000b24
ptrace: Fix ABI change for priv-esc fix
2016-01-02 16:27:28 +00:00
Ben Hutchings
eafb4c30fd
Revert "xhci: don't finish a TD if we get a short transfer event mid TD"
...
Closes : #808602 , #808953 , regression in 4.3-rc7
2016-01-02 03:09:56 +00:00
Ben Hutchings
50c5af2358
[armhf] crypto: sun4i-ss - add missing statesize ( Closes : #808625 )
2016-01-01 19:46:24 +00:00
Ben Hutchings
50263628e4
[x86] drm/i915: Don't compare has_drrs strictly in pipe config ( Closes : #808720 )
2016-01-01 19:24:50 +00:00
Ben Hutchings
45e2ecad07
drm/nouveau/pmu: do not assume a PMU is present ( Closes : #809481 )
2016-01-01 18:41:43 +00:00
Salvatore Bonaccorso
abab5c2745
[x86] kvm: Reload pit counters for all channels when restoring state (CVE-2015-7513)
2015-12-31 15:49:59 +01:00
Ben Hutchings
e57c91d886
KEYS: Fix race between read and revoke (CVE-2015-7550)
2015-12-31 02:53:31 +00:00
Ben Hutchings
a52be96b10
Regroup patches in series
2015-12-27 14:11:18 +00:00
Ben Hutchings
3fac5cf03c
ptrace: being capable wrt a process requires mapped uids/gids
2015-12-27 06:19:08 +00:00
Ben Hutchings
7b6f99cec5
[xen] pciback: Fix state validation in MSI control operations (CVE-2015-8551, CVE-2015-8852, XSA-157)
2015-12-27 05:54:06 +00:00
Ben Hutchings
94b974ce0f
[xen] Fix race conditions in back-end drivers (CVE-2015-8550, XSA-155)
2015-12-27 05:49:13 +00:00
Ben Hutchings
1ff79b037c
bluetooth: Validate socket address length in sco_sock_bind() (CVE-2015-8575)
2015-12-27 04:26:45 +00:00
Ben Hutchings
e9708970a6
pptp: verify sockaddr_len in pptp_bind() and pptp_connect() (CVE-2015-8569)
2015-12-27 04:26:45 +00:00
Ben Hutchings
5db0f0e307
block: ensure to split after potentially bouncing a bio ( Closes : #809082 )
2015-12-27 04:26:45 +00:00
Salvatore Bonaccorso
d6b9e3f082
ovl: fix permission checking for setattr (CVE-2015-8660)
2015-12-24 06:42:25 +01:00
Ben Hutchings
ee4980cb32
[armhf,sparc64] Force ZONE_DMA to be enabled, reversing ABI change in 4.3.3 (fixes FTBFS)
2015-12-17 17:59:24 +00:00
Ben Hutchings
ca0bbf698b
tipc: Fix kfree_skb() of uninitialised pointer (regression in 4.3.3)
2015-12-15 21:25:16 +00:00
Ben Hutchings
8fd06d9868
vrf: Fix broken backport of "vrf: fix double free and memory corruption on register_netdevice failure" in 4.3.3
2015-12-15 17:44:38 +00:00
Ben Hutchings
c4e89babe4
Update to 4.3.3
...
Drop 3 security fixes that were included in it.
2015-12-15 17:40:55 +00:00
Ben Hutchings
61acdc692c
net: add validation for the socket syscall protocol argument (CVE-2015-8543)
2015-12-14 20:59:45 +00:00
Ben Hutchings
2f38533595
[armhf] Add support for Odroid-XU4 ( Closes : #804850 )
2015-12-13 00:34:44 +00:00
Ben Hutchings
405f12a12b
[x86] nouveau: bios: return actual size of the buffer retrieved via _ROM ( Closes : #772716 )
2015-12-13 00:34:44 +00:00
Ben Hutchings
efc870db16
[x86] drm/i915: Mark uneven memory banks on gen4 desktop as unknown swizzling ( Closes : #780363 )
2015-12-12 22:53:37 +00:00
Ben Hutchings
d89f74a7ba
[armel/kirkwood] dts: Fix QNAP TS219 power-off ( Closes : #807696 )
2015-12-11 18:36:54 +00:00
Ben Hutchings
26e03c2621
Update to 4.3.1
2015-12-09 23:48:47 +00:00
Ben Hutchings
12dc87aa9c
Release linux (4.2.6-2).
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAVmHQq+e/yOyVhhEJAQoKGw/+L3omCHQc+jEfre5v9KaKEFfDn/5wh2fF
C1U2n9tW3Dje//k1t5IalN2bxugjg86lvyobnNo+fP3GxbEftr0OJFKspWDlREcT
epebhVQwzIY5ilNaayIqU8+wO6N/Ocy7kDspDjT7aqKFs5ZxmKReR6mvqZzYtJX5
W6lrinX03bcBLaFGgHOFJeI/6JapVC8LxQPiek2NYuEAnMsGdN0CDpZRqsmgNtjn
PBYbfsfk/JMubr+2ddksZcQTPKoK5fcbbgHRgN76eKDEGZ9XychWlhA8VANw+dhx
I572cypGXxfV6AoLky7VcP8WKmWQVNWsXTMaFd8j0703xF/ands/Ic8mZOiftfh9
9Qg6yhDt16zBPk+6Ct2ce04TAEdaY6Zr4WZdYphgVrkoZQrMc1PUVJkg6cPC7bKZ
XANEWus39vJmHIM82ETY2BpZ8+kdFqehWpo0PM8kCfL06fAm3inIsKDa7iyrpLbJ
DSdrQiRPeGr9jjB6mOuAIw/Otlq+M8kHfBGD1lgf7luLWOuP7z67mj2kjhNUP+pI
yKZI6+xbwZ79+Sr6ZFQBPDVH400zbvinV0B3xV+ZUU/3ze6j3QVFEuA9KsqAVqN6
R9CiQJ3lP3SL64P9FMQDfQL75HD0CZnEULlqDIYAzBmtz2B/H0lhrODoO2oZHHKT
jmxxrVLxbPg=
=jlfq
-----END PGP SIGNATURE-----
Merge tag 'debian/4.2.6-2'
Exclude one new patch that's already in 4.3, and the ABI stuff.
Remove items from the open changelog entry that are now redundant.
2015-12-04 18:03:02 +00:00
Ben Hutchings
b1805eb5b3
[x86] drm/i915: shut up gen8+ SDE irq dmesg noise ( Closes : #806304 )
...
(cherry picked from commit fd13855f77
)
2015-12-04 01:18:53 +00:00
Ben Hutchings
7517e45eec
qxl: Enable by default ( Closes : #779515 )
...
(cherry picked from commit 7f648db4e2
)
2015-12-04 01:14:07 +00:00
Ben Hutchings
4668d13b75
Btrfs: fix truncation of compressed and inlined extents (CVE-2015-8374)
2015-12-03 00:50:36 +00:00
Ben Hutchings
1060c43c3d
ppp, slip: Validate VJ compression slot parameters completely (CVE-2015-7799)
...
Plus a preparatory fix to isdn_ppp.
2015-12-03 00:48:31 +00:00
Ben Hutchings
045f1d7a16
unix: avoid use-after-free in ep_remove_wait_queue (CVE-2013-7446)
2015-12-03 00:45:29 +00:00
Ben Hutchings
fd13855f77
[x86] drm/i915: shut up gen8+ SDE irq dmesg noise ( Closes : #806304 )
2015-11-26 20:47:26 +00:00
Ben Hutchings
22ad2142d1
media: usbvision: fix crash on detecting device with invalid configuration
...
(CVE-2015-7833, partly fixed in 4.2.6-1)
Also update headers of the previous patch to match the commit in
media_tree.git.
2015-11-24 17:09:48 +00:00
Ian Campbell
00e7e4e3ed
[x86] Xen: expose a more realistic max p2m size in the shared info
...
Fixes migration (Closes : #797205 )
2015-11-21 13:48:44 +00:00
Salvatore Bonaccorso
1d08805288
[x86] KVM: rename update_db_bp_intercept to update_bp_intercept
2015-11-10 22:14:32 +01:00
Salvatore Bonaccorso
45bf582b02
[x86] KVM: svm: unconditionally intercept #DB (CVE-2015-8104)
2015-11-10 22:14:32 +01:00
Ben Hutchings
b531af6929
Release linux (4.2.6-1).
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAVkIVT+e/yOyVhhEJAQo9JxAAzMhh283CLxwNC9+oJKEpfD/ve+WLEcKI
7TiyttUesYegG0/5JAPU//S8LyHOXeu+6vqEO0NzReCTGdQi4oXZTpUQA9KNzCTF
TLsdFBa6z5mRYcRHeGVYjmhKr8MTVRumXv/3WTVSwp71t1W7dce4qTboMsFr/kmk
c6rGv5GNTtpHpyjevIrLAkBq83rwdbPz6dtNnBAna38awY61a7snFPr81WUvNu3I
uVD5Dcm+efAzL/tPSxwdZRhQ7Qi5SnqUgP/c/3keDYeCLgj87FxdXK4vlJvkgmQs
VGX/D9VyCQvFbtWmEtAdOJHqu2LuYd0ZljFvx3Fo59KHDm6GV60jsHaGYjc8a6o1
F7r6vaRGMLDtZhjFeYwVgJYCcHmQ8RO0fuKe4hslaiItg1rKLV738SrVRzl/oTq+
l/HwdWxyeEbqMi1rc8bzwnFaet2Av+eArEfsla4uul1ZgNwkGbV/qZjDW/lIHcLS
7cIYdiiv719AVU9rRR1JZR+92k4MsDaqerKNUl72yHr6F8YMY0T10GY5ddlyzAjD
gbOkqcAIxlwVdxzXjzVUdA6T2R7edEbGnVtSaqKdFJUgRuGMqqGlcQ5xsK3CN4LC
YlbHa2y90BpOro6E6d4Tt4dLBvq49PQ2QJio8JJNtIrpAEjN41xIXUD1AOsLvC56
S737q+9MAIg=
=Bxdo
-----END PGP SIGNATURE-----
Merge tag 'debian/4.2.6-1'
Refresh some patches.
2015-11-10 16:12:32 +00:00
Ben Hutchings
7f79eccf5e
Update to 4.2.6
2015-11-10 11:32:17 +00:00
Ben Hutchings
ef1fd62260
[x86] KVM: Intercept #AC to avoid guest->host denial-of-service (CVE-2015-5307)
2015-11-08 15:13:48 +00:00
Ben Hutchings
b2076bbc37
media/vivid-osd: fix info leak in ioctl (CVE-2015-7884)
2015-11-08 15:01:04 +00:00
Ben Hutchings
ed853af7cb
RDS: fix race condition when sending a message on unbound socket (CVE-2015-7990)
2015-11-08 14:48:48 +00:00
Ben Hutchings
222755c823
usbvision: fix overflow of interfaces array (CVE-2015-7833)
2015-11-08 14:48:04 +00:00
Ben Hutchings
e317536be0
mv643xx_eth: Re-enable TSO, fixed upstream in 4.3
2015-11-07 14:23:40 +00:00
Ben Hutchings
7f648db4e2
qxl: Enable by default ( Closes : #779515 )
2015-11-07 14:19:28 +00:00
Ben Hutchings
c5e06b9078
Update to 4.3
2015-11-02 10:29:06 +00:00