linux (3.16.7-ckt20-1+deb8u2) jessie-security; urgency=medium
* [xen] Fix race conditions in back-end drivers (CVE-2015-8550, XSA-155)
* [xen] pciback: Fix state validation in MSI control operations
(CVE-2015-8551, CVE-2015-8852, XSA-157)
* pptp: verify sockaddr_len in pptp_bind() and pptp_connect() (CVE-2015-8569)
* bluetooth: Validate socket address length in sco_sock_bind() (CVE-2015-8575)
* ptrace: being capable wrt a process requires mapped uids/gids
(CVE-2015-8709)
* KEYS: Fix race between read and revoke (CVE-2015-7550)
* [x86] KVM: Reload pit counters for all channels when restoring state
(CVE-2015-7513)
* udp: properly support MSG_PEEK with truncated buffers
(Closes: #808293, regression in 3.16.7-ckt17)
* Revert "xhci: don't finish a TD if we get a short transfer event mid TD"
(Closes: #808602, #808953, regression in 3.16.7-ckt20)
-- Ben Hutchings <email address hidden> Sat, 02 Jan 2016 03:31:39 +0000