Changelog
linux-2.6 (2.6.32-41) stable; urgency=low
[ Ben Hutchings ]
* ipv6: make fragment identifications less predictable (CVE-2011-2699)
- fix NULL dereference in udp6_ufo_fragment (see #643817)
* Add longterm release 2.6.32.52:
- Revert "clockevents: Set noop handler in clockevents_exchange_device()",
included in stable update 2.6.32.50 (Closes: #653398)
* Add longterm release 2.6.32.53, including:
- cfq-iosched: fix cfq_cic_link() race confition
For the complete list of changes, see:
http://www.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.32/ChangeLog-2.6.32.53
and the bug report which this closes: #655049.
* Add longterm release 2.6.32.54, including:
- drivers/usb/class/cdc-acm.c: clear dangling pointer
- asix: fix infinite loop in rx_fixup()
- SCSI: scsi_dh: check queuedata pointer before proceeding further
- xfs: validate acl count; fix acl count validation (CVE-2012-0044)
For the complete list of changes, see:
http://www.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.32/ChangeLog-2.6.32.54
and the bug report which this closes: #655816.
* Refine the fix for CVE-2011-4127, based on mainline Linux:
- Do not restrict processes that have CAP_SYS_RAWIO
- Log a warning when an ioctl is forbidden (with rate-limiting,
and excluding CDROM_GET_CAPABILITY)
- Fix the ide-floppy and ub drivers
- Fix the ub driver properly (not included in Debian configurations)
[ Ian Campbell ]
* xen: Set XEN_MAX_DOMAIN_MEMORY to 70G for 64 bit domains. (Closes: #645052)
[ Jonathan Nieder ]
* [x86] ACPI: fix corrupt DSDT by enabling acpi=copy_dsdt automatically on
more known-bad Toshiba models (Closes: #598104)
[ Arnaud Patard ]
* [armel] Backport 88f6282 from mainline (Closes: #655316)
-- Ben Hutchings <email address hidden> Sun, 15 Jan 2012 03:37:31 +0000
