linux (3.13.0-128.177) trusty; urgency=low * CVE-2017-1000112 - ipv4: Should use consistent conditional judgement for ip fragment in __ip_append_data and ip_finish_output - ipv6: Don't use ufo handling on later transformed packets - ipv6: Should use consistent conditional judgement for ip6 fragment between __ip6_append_data and ip6_finish_output - udp: avoid ufo handling on IP payload compression packets - net: account for current skb length when deciding about UFO - udp: consistently apply ufo or fragmentation * CVE-2017-1000111 - net-packet: fix race in packet_set_ring on PACKET_RESERVE -- Stefan Bader <email address hidden> Mon, 07 Aug 2017 14:20:13 +0200