Changelog
linux (3.2.41-1) unstable; urgency=low
* New upstream stable update:
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.40
- ext4: return ENOMEM if sb_getblk() fails
- ext4: fix possible use-after-free with AIO
- s390/kvm: Fix store status for ACRS/FPRS
- staging: comedi: disallow COMEDI_DEVCONFIG on non-board minors
- ext4: fix race in ext4_mb_add_n_trim()
- UBIFS: fix double free of ubifs_orphan objects
- hrtimer: Prevent hrtimer_enqueue_reprogram race
- nfsd: Fix memleak
- x86: Do not leak kernel page mapping locations
- USB: usb-storage: unusual_devs update for Super TOP SATA bridge
- posix-cpu-timers: Fix nanosleep task_struct leak
- NFSv4.1: Don't decode skipped layoutgets
- cgroup: fix exit() vs rmdir() race
- cpuset: fix cpuset_print_task_mems_allowed() vs rename() race
- ext4: fix xattr block allocation/release with bigalloc
- mm: fix pageblock bitmap allocation
- target: Add missing mapped_lun bounds checking during make_mappedlun
setup
- b43: Increase number of RX DMA slots
- posix-timer: Don't call idr_find() with out-of-range ID
- fs: Fix possible use-after-free with AIO
- powerpc/kexec: Disable hard IRQ before kexec
- mmu_notifier_unregister NULL Pointer deref and multiple ->release()
callouts
- tmpfs: fix use-after-free of mempolicy object (CVE-2013-1767)
- ocfs2: fix possible use-after-free with AIO
- ocfs2: fix ocfs2_init_security_and_acl() to initialize acl correctly
- ocfs2: ac->ac_allow_chain_relink=0 won't disable group relink
- idr: fix a subtle bug in idr_get_next()
- idr: make idr_get_next() good for rcu_read_lock()
- idr: fix top layer handling
- sysctl: fix null checking in bin_dn_node_address()
- nbd: fsync and kill block device on shutdown
- s390/timer: avoid overflow when programming clock comparator
(regression in 3.2.38)
- xen-pciback: rate limit error messages from xen_pcibk_enable_msi{,x}()
(CVE-2013-0231)
- xen-netback: correctly return errors from netbk_count_requests()
- xen-netback: cancel the credit timer when taking the vif down
- ipv6: use a stronger hash for tcp
- staging: comedi: ni_labpc: correct differential channel sequence for
AI commands
- staging: comedi: ni_labpc: set up command4 register *after* command3
- vhost: fix length for cross region descriptor (CVE-2013-0311)
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.41
- NFS: Don't allow NFS silly-renamed files to be deleted, no signal
- ARM: VFP: fix emulation of second VFP instruction
- md: fix two bugs when attempting to resize RAID0 array.
- proc connector: reject unprivileged listener bumps
- cifs: ensure that cifs_get_root() only traverses directories
- dm: fix truncated status strings
- hw_random: make buffer usable in scatterlist. (real fix for #701784)
- efi_pstore: Check remaining space with QueryVariableInfo() before
writing data
- efi: be more paranoid about available space when creating variables
(Closes: #703574)
- vfs: fix pipe counter breakage
- xen/pciback: Don't disable a PCI device that is already disabled.
- ALSA: seq: Fix missing error handling in snd_seq_timer_open()
- ext3: Fix format string issues (CVE-2013-1848)
- keys: fix race with concurrent install_user_keyrings() (CVE-2013-1792)
- USB: cdc-wdm: fix buffer overflow (CVE-2013-1860)
- signal: always clear sa_restorer on execve (CVE-2013-0914)
- crypto: user - fix info leaks in report API (CVE-2013-2546,
CVE-2013-2547, CVE-2013-2548)
- Fix: compat_rw_copy_check_uvector() misuse in aio, readv, writev, and
security keys
- batman-adv: bat_socket_read missing checks
- batman-adv: Only write requested number of byte to user buffer
- mm/hotplug: correctly add new zone to all other nodes' zone lists
(CVE-2012-5517)
- btrfs: use rcu_barrier() to wait for bdev puts at unmount
[ Aurelien Jarno]
* [mips,mipsel] Disable VGA_CONSOLE and ignore the corresponding ABI
change. It is completely broken on MIPS.
* headers: Include Kbuild.platforms and Platform files in -common to
fix out-of-tree building on mips and mipsel.
* [{mips,mipsel}/{4,5}kc-malta] Enable HW_RANDOM as module so that both
flavours have a consistent configuration.
[ Ben Hutchings ]
* [x86] ata_piix: reenable MS Virtual PC guests (fixes regression in
3.2.19-1)
* test-patches: Clean up all previous test patches, whether or not they
were applied
* test-patches: Add --fuzz option to allow testing patches that have fuzz
* [x86] efi: Fix processor-specific memcpy() build error (Closes: #698581)
* udeb: Add hid-topseed to input-modules (Closes: #702611)
* [x86] drm/i915: Unconditionally initialise the interrupt workers,
thanks to Bjørn Mork (Closes: #692607)
* efi: Ensure efivars is loaded on EFI systems (Closes: #703363)
- [x86] Use a platform device to trigger loading of efivars
- [ia64] Change EFI_VARS from module to built-in
* efivars: Work around serious firmware bugs
- Allow disabling use as a pstore backend
- Add module parameter to disable use as a pstore backend
* [x86] Set EFI_VARS_PSTORE_DEFAULT_DISABLE=y
- explicitly calculate length of VariableName
- Handle duplicate names from get_next_variable()
* efi_pstore: Introducing workqueue updating sysfs
* efivars: pstore: Do not check size when erasing variable
* efivars: Remove check for 50% full on write
* kmsg_dump: Only dump kernel log in error cases (Closes: #703386)
- kexec: remove KMSG_DUMP_KEXEC
- kmsg_dump: don't run on non-error paths by default
* [x86] i915: initialize CADL in opregion (Closes: #703271)
* drm, agp: Update to 3.4.37:
- drm/radeon/dce6: fix display powergating
- drm: don't add inferred modes for monitors that don't support them
- drm/i915: Increase the RC6p threshold.
* signal: Fix use of missing sa_restorer field (build regression
introduced by fix for CVE-2013-0914)
* rds: limit the size allocated by rds_message_alloc()
* rtnl: fix info leak on RTM_GETLINK request for VF devices
* dcbnl: fix various netlink info leaks
* [s390] mm: fix flush_tlb_kernel_range()
* [powerpc] Fix cputable entry for 970MP rev 1.0
* vhost/net: fix heads usage of ubuf_info
* udf: avoid info leak on export (CVE-2012-6548)
* isofs: avoid info leak on export (CVE-2012-6549)
* [x86,powerpc/powerpc64] random: Change HW_RANDOM back from built-in to
module, as we now have a real fix for #701784
* [rt] Update to 3.2.40-rt60
-- Ben Hutchings <email address hidden> Sat, 23 Mar 2013 03:54:34 +0000