1 Debian package update(s) for nonagon.federez.net
par club-federez@crans.org
apticron report [Thu, 19 Sep 2019 13:49:11 +0200]
========================================================================
apticron has detected that some packages need upgrading on:
nonagon.federez.net
[ 185.230.78.42 2a0c:700:0:23:67:e5ff:fee9:3 ]
The following packages are currently pending an upgrade:
tzdata 2019c-0+deb9u1
========================================================================
Package Details:
apt-listchanges : Lecture des fichiers de modifications (« changelog »)...
apt-listchanges : journaux des modifications (« changelogs »)
-------------------------------------------------------------
--- Modifications pour tzdata ---
tzdata (2019c-0+deb9u1) stretch; urgency=medium
* New upstream version, affecting the following future timestamps:
- Fiji's next DST transitions will be 2019-11-10 and 2020-01-12
instead of 2019-11-03 and 2020-01-19.
- Norfolk Island will observe Australian-style DST starting in
spring 2019. The first transition is on 2019-10-06.
-- Aurelien Jarno <aurel32(a)debian.org> Wed, 18 Sep 2019 00:40:44 +0200
========================================================================
You can perform the upgrade by issuing the command:
apt-get dist-upgrade
as root on nonagon.federez.net
--
apticron
5 années, 7 mois
- 1
- 0
Delayed Mail (still being retried)
par MAILER-DAEMON@quigon.rez-gif.supelec.fr
This is the mail system at host quigon.rez-gif.supelec.fr.
####################################################################
# THIS IS A WARNING ONLY. YOU DO NOT NEED TO RESEND YOUR MESSAGE. #
####################################################################
Your message could not be delivered for more than 4 hour(s).
It will be retried until it is 60 day(s) old.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The mail system
<logwatch(a)federez.net>: host dodecagon.federez.net[195.154.165.76] said: 450
4.7.1 <quigon.rez-gif.supelec.fr>: Helo command rejected: Host not found
(in reply to RCPT TO command)
5 années, 7 mois
- 1
- 0
monit alert -- Exists clamav
par monit@quigon.federez.net
Exists Service clamav
Date: Fri, 13 Sep 2019 02:11:55
Action: alert
Host: quigon.federez.net
Description: process is running with pid 8586
Monit, unique employé de federez,
5 années, 7 mois
- 1
- 0
monit alert -- Exists freshclam
par monit@quigon.federez.net
Exists Service freshclam
Date: Fri, 13 Sep 2019 02:11:54
Action: alert
Host: quigon.federez.net
Description: process is running with pid 8552
Monit, unique employé de federez,
5 années, 7 mois
- 1
- 0
monit alert -- Does not exist clamav
par monit@quigon.federez.net
Does not exist Service clamav
Date: Fri, 13 Sep 2019 02:10:52
Action: restart
Host: quigon.federez.net
Description: process is not running
Monit, unique employé de federez,
5 années, 7 mois
- 1
- 0
***UNCHECKED*** monit alert -- Does not exist freshclam
par monit@quigon.federez.net
Does not exist Service freshclam
Date: Fri, 13 Sep 2019 02:10:51
Action: restart
Host: quigon.federez.net
Description: process is not running
Monit, unique employé de federez,
5 années, 7 mois
- 1
- 0
UNCHECKED contents in mail FROM LOCAL [127.0.0.1]:57088 <monit@quigon.federez.net>
par Content-filter@quigon.federez.net
No viruses were found.
Content type: Unchecked
Internal reference code for the message is 17090-02/2QpY5wXZWAed
First upstream SMTP client IP address: [127.0.0.1] localhost
Return-Path: <monit(a)quigon.federez.net>
From: monit(a)quigon.federez.net
Message-ID: <1568333451.802318525(a)quigon.federez.net>
Subject: monit alert -- Does not exist freshclam
Not quarantined.
The message WILL BE relayed to:
<monitoring(a)federez.net>
5 années, 7 mois
- 1
- 0
38 Debian package update(s) for quigon.federez.net
par root@quigon.federez.net
apticron report [Thu, 12 Sep 2019 22:38:05 +0200]
========================================================================
apticron has detected that some packages need upgrading on:
quigon.federez.net
[ 160.228.155.65 ]
The following packages are currently pending an upgrade:
base-files 9.9+deb9u11
clamav 0.101.4+dfsg-0+deb9u1
clamav-base 0.101.4+dfsg-0+deb9u1
clamav-daemon 0.101.4+dfsg-0+deb9u1
clamav-freshclam 0.101.4+dfsg-0+deb9u1
clamdscan 0.101.4+dfsg-0+deb9u1
gettext-base 0.19.8.1-2+deb9u1
ghostscript 9.26a~dfsg-0+deb9u5
ldap-utils 2.4.44+dfsg-5+deb9u3
libclamav9 0.101.4+dfsg-0+deb9u1
libcups2 2.2.1-8+deb9u4
libcupsimage2 2.2.1-8+deb9u4
libfribidi0 0.19.7-1+deb9u1
libglib2.0-0 2.50.3-2+deb9u1
libglib2.0-data 2.50.3-2+deb9u1
libgs9 9.26a~dfsg-0+deb9u5
libgs9-common 9.26a~dfsg-0+deb9u5
libicu57 57.1-6+deb9u3
libldap-2.4-2 2.4.44+dfsg-5+deb9u3
libldap-common 2.4.44+dfsg-5+deb9u3
libmariadbclient18 10.1.41-0+deb9u1
libnghttp2-14 1.18.1-1+deb9u1
libpam-systemd 232-25+deb9u12
libsystemd0 232-25+deb9u12
libudev1 232-25+deb9u12
libxslt1.1 1.1.29-2.1+deb9u1
linux-image-4.9.0-11-amd64 4.9.189-3
linux-image-amd64 4.9+80+deb9u9
linux-libc-dev 4.9.189-3
openssh-client 1:7.4p1-10+deb9u7
openssh-server 1:7.4p1-10+deb9u7
openssh-sftp-server 1:7.4p1-10+deb9u7
systemd 232-25+deb9u12
systemd-sysv 232-25+deb9u12
udev 232-25+deb9u12
unzip 6.0-21+deb9u2
usbutils 1:007-4+deb9u1
zsh 5.3.1-4+b3
========================================================================
Package Details:
apt-listchanges : Lecture des fichiers de modifications (« changelog »)...
apt-listchanges : journaux des modifications (« changelogs »)
-------------------------------------------------------------
--- Modifications pour base-files ---
base-files (9.9+deb9u11) stretch; urgency=emergency
* Non-maintainer upload.
* Change /etc/debian_version to 9.11, for Debian 9.11 point release.
-- Julien Cristau <jcristau(a)debian.org> Sun, 08 Sep 2019 12:51:39 +0200
base-files (9.9+deb9u10) stretch; urgency=medium
* Change /etc/debian_version to 9.10, for Debian 9.10 point release.
* Add VERSION_CODENAME to os-release. Closes: #829245. Please note
that this is only for stable releases.
-- Santiago Vila <sanvila(a)debian.org> Fri, 30 Aug 2019 14:27:24 +0200
--- Modifications pour ghostscript (ghostscript libgs9 libgs9-common) ---
ghostscript (9.26a~dfsg-0+deb9u5) stretch-security; urgency=high
* Non-maintainer upload by the Security Team.
* make .forceput inaccessible (CVE-2019-14811, CVE-2019-14812,
CVE-2019-14813)
* Issue an error message if an ExtGstate is not found
* PDF interpreter - review .forceput security (CVE-2019-14817)
-- Salvatore Bonaccorso <carnil(a)debian.org> Mon, 02 Sep 2019 14:56:06 +0200
--- Modifications pour nghttp2 (libnghttp2-14) ---
nghttp2 (1.18.1-1+deb9u1) stretch-security; urgency=high
* Fix CVE-2019-9511 and CVE-2019-9513
-- Tomasz Buchert <tomasz(a)debian.org> Fri, 23 Aug 2019 19:05:18 +0200
--- Modifications pour clamav (clamav clamav-base clamav-daemon clamav-freshclam clamdscan) ---
clamav (0.101.4+dfsg-0+deb9u1) stretch; urgency=medium
* Import 0.101.4 (Closes: 921190)
- CVE-2019-12625 (Add scan time limit to limit the processing zip-bombs)
(Closes:934359)
- CVE-2019-12900 (An out of bounds write was possible within ClamAV's
NSIS bzip)
- update symbols file (bump to 101.4 and drop unused cli_strnstr).
-- Sebastian Andrzej Siewior <sebastian(a)breakpoint.cc> Sun, 25 Aug 2019 14:08:40 +0200
clamav (0.101.2+dfsg-0+deb9u1) stretch; urgency=medium
* Import 0.101.2
- CVE-2019-1787 (An out-of-bounds heap read condition may occur when
scanning PDF documents)
- CVE-2019-1789 (An out-of-bounds heap read condition may occur when
scanning PE files)
- CVE-2019-1788 (An out-of-bounds heap write condition may occur when
scanning OLE2 files)
- CVE-2019-1786 (An out-of-bounds heap read condition may occur when
scanning malformed PDF documents)
- CVE-2019-1785 (A path-traversal write condition may occur as a result of
improper input validation when scanning RAR archives)
- CVE-2019-1798 (A use-after-free condition may occur as a result of
improper error handling when scanning nested RAR archives)
- update symbols file
- Remove DetectBrokenExecutables option from clamd template, it is
deprecated.
-- Sebastian Andrzej Siewior <sebastian(a)breakpoint.cc> Fri, 05 Apr 2019 22:07:01 +0200
clamav (0.101.1+dfsg-0+deb9u1) stretch; urgency=medium
[ Scott Kitterman ]
* Increase clamd socket command read timeout to 30 seconds (Closes: #915098)
* Add information to README.Debian on configuring clamav-milter's socket to
work with postfix
* Add lintian override for source-is-missing on test file that happens
to have long line length
[ Sebastian Andrzej Siewior ]
* Import new upstream release.
- update symbol file.
- add new options to the config file.
- package libclamav9
* Import 0.101.1
- update symbol file
- add back the json/curl configure options (don't rely on autodetect).
* Add abstractions/openssl to apparmor's profile. Thanks to intrigeri for
the help (Closes: #913020).
* Load the apparmor profile before starting the daemon. Thanks to intrigeri
for the help (Closes: #903834).
* Add attach_disconnected to freshclam's apparmor profile to hopefully get
it properly working in overlayfs enviroment. Thanks to Vincas Dargis
(Closes: #917648).
* debian/libclamav-dev.install: also install clamav-types.h
-- Sebastian Andrzej Siewior <sebastian(a)breakpoint.cc> Sun, 10 Mar 2019 16:49:51 +0100
--- Modifications pour fribidi (libfribidi0) ---
fribidi (0.19.7-1+deb9u1) stretch; urgency=medium
* Non-maintainer upload.
* libfribidi0-udeb: Fix right-to-left output in textual version of
d-i by installing the shared library files into a multi-arch libdir
(Closes: #917909).
-- Samuel Thibault <sthibault(a)debian.org> Sat, 08 Jun 2019 22:39:38 +0200
--- Modifications pour gettext (gettext-base) ---
gettext (0.19.8.1-2+deb9u1) stretch; urgency=medium
* Stop xgettext() from crashing when run with --its=FILE option.
Patch taken from Debian 10, which in turn was extracted from
upstream git. Should help the inkscape project. Closes: #891347.
See https://gitlab.com/inkscape/inkscape/issues/271 for details.
-- Santiago Vila <sanvila(a)debian.org> Sat, 31 Aug 2019 01:30:22 +0200
--- Modifications pour glib2.0 (libglib2.0-0 libglib2.0-data) ---
glib2.0 (2.50.3-2+deb9u1) stretch; urgency=medium
* Team upload
* d/gbp.conf: Add GNOME team configuration
* d/p/gfile-Limit-access-to-files-when-copying.patch:
When copying files, give the temporary partial copy of the file
suitably restrictive permissions (Closes: #929753; CVE-2019-12450)
* d/p/keyfile-settings-Use-tighter-permissions.patch:
Create directory and file with restrictive permissions when using the
GKeyfileSettingsBackend. Mitigation: in this version of GLib, the
GKeyfileSettingsBackend can only be used explicitly by code, and is
never selected automatically. (Closes: #931234; CVE-2019-13012)
* d/p/gmarkup-Fix-unvalidated-UTF-8-read-in-markup-parsing-erro.patch,
d/p/gmarkup-Avoid-reading-off-the-end-of-a-buffer-when-non-nu.patch:
Avoid buffer read overrun when formatting error messages for invalid
UTF-8 in GMarkup (CVE-2018-16429)
* d/p/gmarkup-Fix-crash-in-error-handling-path-for-closing-elem.patch:
Avoid NULL dereference when parsing invalid GMarkup with a malformed
closing tag not paired with an opening tag (CVE-2018-16429)
-- Simon McVittie <smcv(a)debian.org> Tue, 13 Aug 2019 10:46:20 +0100
--- Modifications pour icu (libicu57) ---
icu (57.1-6+deb9u3) stretch; urgency=medium
* Fix pkgdata command segfault (closes: #893009).
-- Laszlo Boszormenyi (GCS) <gcs(a)debian.org> Wed, 07 Aug 2019 16:30:43 +0000
--- Modifications pour libxslt (libxslt1.1) ---
libxslt (1.1.29-2.1+deb9u1) stretch; urgency=medium
* Non-maintainer upload.
* Fix security framework bypass (CVE-2019-11068) (Closes: #926895, #933743)
* Fix uninitialized read of xsl:number token (CVE-2019-13117)
(Closes: #931321, #933743)
* Fix uninitialized read with UTF-8 grouping chars (CVE-2019-13118)
(Closes: #931320, #933743)
-- Salvatore Bonaccorso <carnil(a)debian.org> Sat, 24 Aug 2019 14:04:13 +0200
--- Modifications pour linux (linux-libc-dev) ---
linux (4.9.189-3) stretch; urgency=medium
* tcp: fix tcp_rtx_queue_tail in case of empty retransmit queue
-- Salvatore Bonaccorso <carnil(a)debian.org> Mon, 02 Sep 2019 09:18:39 +0200
linux (4.9.189-2) stretch; urgency=medium
[ Salvatore Bonaccorso ]
* xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT
(CVE-2019-15538)
[ Ben Hutchings ]
* [s390x] Revert "perf test 6: Fix missing kvm module load for s390"
(fixes FTBFS)
-- Ben Hutchings <ben(a)decadent.org.uk> Fri, 30 Aug 2019 01:48:25 +0100
linux (4.9.189-1) stretch; urgency=medium
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.186
- [x86] Input: elantech - enable middle button support on 2 ThinkPads
- mac80211: mesh: fix RCU warning
- mac80211: free peer keys before vif down in mesh
- netfilter: ipv6: nf_defrag: fix leakage of unqueued fragments
- netfilter: ipv6: nf_defrag: accept duplicate fragments again
- [armhf] Input: imx_keypad - make sure keyboard can always wake up system
- [arm64] KVM: arm/arm64: vgic: Fix kvm_device leak in vgic_its_destroy
- mac80211: only warn once on chanctx_conf being NULL
- md: fix for divide error in status_resync
- bnx2x: Check if transceiver implements DDM before access
- ip6_tunnel: allow not to count pkts on tstats by passing dev as NULL
- net :sunrpc :clnt :Fix xps refcount imbalance on the error path
- udf: Fix incorrect final NOT_ALLOCATED (hole) extent length
- [x86] ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()
- [x86] tls: Fix possible spectre-v1 in do_get_thread_area()
- fscrypt: don't set policy for a dead directory
- USB: serial: ftdi_sio: add ID for isodebug v1
- USB: serial: option: add support for GosunCn ME3630 RNDIS mode
- Revert "serial: 8250: Don't service RX FIFO if interrupts are disabled"
- p54usb: Fix race between disconnect and firmware loading
(CVE-2019-15220)
- usb: gadget: ether: Fix race between gether_disconnect and rx_submit
- [i386] staging: comedi: dt282x: fix a null pointer deref on interrupt
- [x86] staging: comedi: amplc_pci230: fix null pointer deref on interrupt
- carl9170: fix misuse of device driver API
- [x86] VMCI: Fix integer overflow in VMCI handle arrays
- Revert "e1000e: fix cyclic resets at link up with active tx"
- e1000e: start network tx queue only when link is up
- [arm64] crypto: remove accidentally backported files
- perf/core: Fix perf_sample_regs_user() mm check
- [armhf] omap2: remove incorrect __init annotation
- be2net: fix link failure after ethtool offline test
- ppp: mppe: Add softdep to arc4
- sis900: fix TX completion
- dm verity: use message limit for data block corruption message
- [s390x] fix stfle zero padding
- [s390x] qdio: (re-)initialize tiqdio list entries
- [s390x] qdio: don't touch the dsci in tiqdio_add_input_queues()
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.187
- [arm64] efi: Mark __efistub_stext_offset as an absolute symbol explicitly
- [armhf] dmaengine: imx-sdma: fix use-after-free on probe error path
- ath10k: Do not send probe response template for mesh
- ath9k: Check for errors when reading SREV register
- ath6kl: add some bounds checking
- ath: DFS JP domain W56 fixed pulse type 3 RADAR detection
- batman-adv: fix for leaked TVLV handler.
- media: dvb: usb: fix use after free in dvb_usb_device_exit
- media: marvell-ccic: fix DMA s/g desc number calculation
- media: media_device_enum_links32: clean a reserved field
- [armhf,arm64] net: stmmac: dwmac1000: Clear unused address entries
- [armhf,arm64] net: stmmac: dwmac4/5: Clear unused address entries
- signal/pid_namespace: Fix reboot_pid_ns to use send_sig not force_sig
- af_key: fix leaks in key_pol_get_resp and dump_sp.
- xfrm: Fix xfrm sel prefix length validation
- media: mc-device.c: don't memset __user pointer contents
- net: phy: Check against net_device being NULL
- tua6100: Avoid build warnings.
- [armhf] media: wl128x: Fix some error handling in
fm_v4l2_init_video_device()
- cpupower : frequency-set -r option misses the last cpu in related cpu
list
- [s390x] qdio: handle PENDING state for QEBSM devices
- perf cs-etm: Properly set the value of 'old' and 'head' in snapshot mode
- [armhf] gpio: omap: fix lack of irqstatus_raw0 for OMAP4
- [armhf] gpio: omap: ensure irq is enabled before wakeup
- regmap: fix bulk writes on paged registers
- bpf: silence warning messages in core
- rcu: Force inlining of rcu_read_lock()
- blkcg, writeback: dead memcgs shouldn't contribute to writeback ownership
arbitration
- xfrm: fix sa selector validation
- perf evsel: Make perf_evsel__name() accept a NULL argument
- vhost_net: disable zerocopy by default
- ipoib: correcly show a VF hardware address
- EDAC/sysfs: Fix memory leak when creating a csrow object
- ipsec: select crypto ciphers for xfrm_algo
- media: i2c: fix warning same module names
- ntp: Limit TAI-UTC offset
- timer_list: Guard procfs specific code
- [arm64] acpi: ignore 5.1 FADTs that are reported as 5.0
- mt7601u: do not schedule rx_tasklet when the device has been disconnected
- mt7601u: fix possible memory leak when the device is disconnected
- ath10k: fix PCIE device wake up failed
- perf tools: Increase MAX_NR_CPUS and MAX_CACHES
- libata: don't request sense data on !ZAC ATA devices
- [armhf] clocksource/drivers/exynos_mct: Increase priority over ARM arch
timer
- rslib: Fix decoding of shortened codes
- rslib: Fix handling of of caller provided syndrome
- ixgbe: Check DDM existence in transceiver before access
- crypto: asymmetric_keys - select CRYPTO_HASH where needed
- EDAC: Fix global-out-of-bounds write when setting edac_mc_poll_msec
- bcache: check c->gc_thread by IS_ERR_OR_NULL in cache_set_flush()
- iwlwifi: mvm: Drop large non sta frames
- net: usb: asix: init MAC address buffers
- gpiolib: Fix references to gpiod_[gs]et_*value_cansleep() variants
- Bluetooth: hci_bcsp: Fix memory leak in rx_skb
- Bluetooth: 6lowpan: search for destination address in all peers
- Bluetooth: Check state in l2cap_disconnect_rsp
- Bluetooth: validate BLE connection interval updates
- gtp: fix Illegal context switch in RCU read-side critical section.
- gtp: fix use-after-free in gtp_newlink()
- crypto: ghash - fix unaligned memory access in ghash_setkey()
- [arm64] crypto: sha1-ce - correct digest for empty data in finup
- [arm64] crypto: sha2-ce - correct digest for empty data in finup
- crypto: chacha20poly1305 - fix atomic sleep when using async algorithm
- [armhf] regulator: s2mps11: Fix buck7 and buck8 wrong voltages
- [arm64] tegra: Update Jetson TX1 GPU regulator timings
- iwlwifi: pcie: don't service an interrupt that was masked
- tracing/snapshot: Resize spare buffer if size changed
- NFSv4: Handle the special Linux file open access mode
- lib/scatterlist: Fix mapping iterator when sg->offset is greater than
PAGE_SIZE
- ALSA: seq: Break too long mutex context in the write loop
- [x86] ALSA: hda/realtek: apply ALC891 headset fixup to one Dell machine
- media: v4l2: Test type instead of cfg->type in v4l2_ctrl_new_custom()
- [x86] KVM: vPMU: refine kvm_pmu err msg when event creation failed
- [arm64] tegra: Fix AGIC register range
- fs/proc/proc_sysctl.c: fix the default values of i_uid/i_gid on /proc/sys
inodes.
- drm/nouveau/i2c: Enable i2c pads & busses during preinit
- padata: use smp_mb in padata_reorder to avoid orphaned padata jobs
- 9p/virtio: Add cleanup path in p9_virtio_init
- PCI: Do not poll for PME if the device is in D3cold
- Btrfs: add missing inode version, ctime and mtime updates when punching
hole
- libnvdimm/pfn: fix fsdax-mode namespace info-block zero-fields
- take floppy compat ioctls to floppy.c
- [x86] crypto: ccp - Validate the the error value used to index error
messages
- [x86] PCI: hv: Delete the device earlier from hbus->children for hot-
remove
- [x86] PCI: hv: Fix a use-after-free bug in hv_eject_device_work()
- [ppc64el] watchpoint: Restore NV GPRs while returning from exception
- eCryptfs: fix a couple type promotion bugs
- [x86] intel_th: msu: Fix single mode with disabled IOMMU
- Bluetooth: Add SMP workaround Microsoft Surface Precision Mouse bug
- usb: Handle USB3 remote wakeup for LPM enabled devices correctly
- dm bufio: fix deadlock with loop device
- compiler.h: Add read_word_at_a_time() function.
- ext4: allow directory holes
- bnx2x: Prevent load reordering in tx completion processing
- bnx2x: Prevent ptp_task to be rescheduled indefinitely
- igmp: fix memory leak in igmpv3_del_delrec()
- ipv4: don't set IPv6 only flags to IPv4 addresses
- [armhf] net: dsa: mv88e6xxx: wait after reset deactivation
- net: neigh: fix multiple neigh timer scheduling
- net: openvswitch: fix csum updates for MPLS actions
- nfc: fix potential illegal memory access
- rxrpc: Fix send on a connected, but unbound socket
- [x86] sky2: Disable MSI on ASUS P6T
- vrf: make sure skb->data contains ip header to make routing
- macsec: fix use-after-free of skb during RX
- macsec: fix checksumming after decryption
- netrom: fix a memory leak in nr_rx_frame()
- netrom: hold sock when setting skb->destructor
- bonding: validate ip header before check IPPROTO_IGMP
- tcp: Reset bytes_acked and bytes_received when disconnecting
- net: bridge: mcast: fix stale nsrcs pointer in igmp3/mld2 report handling
- net: bridge: mcast: fix stale ipv6 hdr pointer when handling v6 query
- net: bridge: stp: don't cache eth dest pointer before skb pull
- [x86] perf/amd/uncore: Rename 'L2' to 'LLC'
- [x86] perf/amd/uncore: Get correct number of cores sharing last level
cache
- [x86] perf/events/amd/uncore: Fix amd_uncore_llc ID to use pre-defined
cpu_llc_id
- NFSv4: Fix open create exclusive when the server reboots
- nfsd: give out fewer session slots as limit approaches
- nfsd: fix performance-limiting session calculation
- nfsd: Fix overflow causing non-working mounts on 1 TB machines
- [armhf,arm64] drm/panel: simple: Fix panel_simple_dsi_probe
- usb: core: hub: Disable hub-initiated U1/U2
- [armhf] pinctrl: rockchip: fix leaked of_node references
- memstick: Fix error cleanup path of memstick_init
- [arm64] tty: serial: msm_serial: avoid system lockup condition
- serial: 8250: Fix TX interrupt handling condition
- drm/virtio: Add memory barriers for capset cache.
- phy: renesas: rcar-gen2: Fix memory leak at error paths
- [armhf] drm/rockchip: Properly adjust to a true clock in adjusted_mode
- tty: serial_core: Set port active bit in uart_port_activate
- usb: gadget: Zero ffs_io_data
- [ppc64el] pci/of: Fix OF flags parsing for 64bit BARs
- PCI: sysfs: Ignore lockdep for remove attribute
- iio: iio-utils: Fix possible incorrect mask calculation
- [ppc64el] recordmcount: Fix spurious mcount entries on powerpc
- mfd: core: Set fwnode for created devices
- [arm64] mfd: hi655x-pmic: Fix missing return value check for
devm_regmap_init_mmio_clk
- RDMA/i40iw: Set queue pair state when being queried
- perf test mmap-thread-lookup: Initialize variable to suppress memory
sanitizer warning
- RDMA/rxe: Fill in wc byte_len with IB_WC_RECV_RDMA_WITH_IMM
- [ppc64el] boot: add {get, put}_unaligned_be32 to xz_config.h
- f2fs: avoid out-of-range memory access
- mailbox: handle failed named mailbox channel request
- [ppc64el] eeh: Handle hugepages in ioremap space
- 9p: pass the correct prototype to read_cache_page
- mm/mmu_notifier: use hlist_add_head_rcu()
- usb: wusbcore: fix unbalanced get/put cluster_id
- [x86] usb: pci-quirks: Correct AMD PLL quirk detection
- [x86] sysfb_efi: Add quirks for some devices with swapped width and
height
- [x86] speculation/mds: Apply more accurate check on hypervisor platform
- [x86] hpet: Fix division by zero in hpet_time_div()
- ALSA: line6: Fix wrong altsetting for LINE6_PODHD500_1
- ALSA: hda - Add a conexant codec entry to let mute led work
- access: avoid the RCU grace period for the temporary subjective
credentials
- [arm64] dts: marvell: Fix A37xx UART0 register size
- i2c: qup: fixed releasing dma without flush operation completion
- [arm64] compat: Provide definition for COMPAT_SIGMINSTKSZ
(Closes: #904385)
- ISDN: hfcsusb: checking idx of ep configuration
- media: au0828: fix null dereference in error path
- media: cpia2_usb: first wake up, then free in disconnect
- media: radio-raremono: change devm_k*alloc to k*alloc
- sched/fair: Don't free p->numa_faults with concurrent readers
- drivers/pps/pps.c: clear offset flags in PPS_SETPARAMS ioctl
- ceph: hold i_ceph_lock when removing caps for freeing inode
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.188
- [armhf] dts: rockchip: Make rk3288-veyron-minnie run at hs200
- [armhf] dts: rockchip: Make rk3288-veyron-mickey's emmc work again
- [armhf] dts: rockchip: Mark that the rk3288 timer might stop in suspend
- ftrace: Enable trampoline when rec count returns back to one
- kernel/module.c: Only return -EEXIST for modules that have finished
loading
- fs/adfs: super: fix use-after-free bug
- btrfs: fix minimum number of chunk errors for DUP
- ceph: fix improper use of smp_mb__before_atomic()
- ceph: return -ERANGE if virtual xattr value didn't fit in buffer
- [s390x] scsi: zfcp: fix GCC compiler warning emitted with
-Wmaybe-uninitialized
- ACPI: fix false-positive -Wuninitialized warning
- be2net: Signal that the device cannot transmit during reconfiguration
- [x86] apic: Silence -Wtype-limits compiler warnings
- mm/cma.c: fail if fixed declaration can't be honored
- coda: add error handling for fget
- coda: fix build using bare-metal toolchain
- uapi linux/coda_psdev.h: move upc_req definition from uapi to kernel side
headers
- drivers/rapidio/devices/rio_mport_cdev.c: NUL terminate some strings
- ipc/mqueue.c: only perform resource calculation if user valid
- [x86] kvm: Don't call kvm_spurious_fault() from .fixup
- [x86] boot: Remove multiple copy of static function
sanitize_boot_params()
- Btrfs: fix incremental send failure after deduplication
- [armhf,arm64] mmc: dw_mmc: Fix occasional hang after tuning on eMMC
- gpiolib: fix incorrect IRQ requesting of an active-low lineevent
- selinux: fix memory leak in policydb_init()
- [s390x] dasd: fix endless loop after read unit address configuration
- [arm*] drivers/perf: arm_pmu: Fix failure path in PM notifier
- xen/swiotlb: fix condition for calling xen_destroy_contiguous_region()
- IB/mlx5: Fix RSS Toeplitz setup to be aligned with the HW specification
- infiniband: fix race condition between infiniband mlx4, mlx5 driver and
core dumping
- coredump: fix race condition between collapse_huge_page() and core dumping
- eeprom: at24: make spd world-readable again
- Backport minimal compiler_attributes.h to support GCC 9
- include/linux/module.h: copy __init/__exit attrs to init/cleanup_module
- objtool: Support GCC 9 cold subfunction naming scheme
- [x86] mm, gup: prevent get_page() race with munmap in paravirt guest
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.189
- scsi: fcoe: Embed fc_rport_priv in fcoe_rport structure
- [armhf] dts: Add pinmuxing for i2c2 and i2c3 for LogicPD SOM-LV
- [armhf] dts: Add pinmuxing for i2c2 and i2c3 for LogicPD torpedo
- [armhf] dts: logicpd-som-lv: Fix Audio Mute
- [arm64] cpufeature: Fix CTR_EL0 field definitions
- [arm64] cpufeature: Fix feature comparison for CTR_EL0.{CWG,ERG}
- tcp: be more careful in tcp_fragment()
- HID: wacom: fix bit shift for Cintiq Companion 2
- HID: Add quirk for HP X1200 PIXART OEM mouse
- RDMA: Directly cast the sockaddr union to sockaddr
- IB: directly cast the sockaddr union to aockaddr
- objtool: Add machine_real_restart() to the noreturn list
- objtool: Add rewind_stack_do_exit() to the noreturn list
- libceph: use kbasename() and kill ceph_file_part()
- atm: iphase: Fix Spectre v1 vulnerability
- net: bridge: delete local fdb on device init failure
- net: bridge: mcast: don't delete permanent entries when fast leave is
enabled
- net: fix ifindex collision during namespace removal
- net/mlx5: Use reversed order when unregister devices
- net: sched: Fix a possible null-pointer dereference in dequeue_func()
- tipc: compat: allow tipc commands without arguments
- compat_ioctl: pppoe: fix PPPOEIOCSFWD handling
- ip6_tunnel: fix possible use-after-free on xmit
- ife: error out when nla attributes are empty
- bnx2x: Disable multi-cos feature.
- [armhf,arm64] spi: bcm2835: Fix 3-wire mode if DMA is enabled
[ Ben Hutchings ]
* Bump ABI to 11
* siphash: implement HalfSipHash1-3 for hash tables (Closes: #935134)
* netfilter: conntrack: Use consistent ct id hash calculation
(fixes regression in 4.9.168-1+deb9u5)
-- Ben Hutchings <ben(a)decadent.org.uk> Thu, 22 Aug 2019 21:50:36 +0100
linux (4.9.185-1) stretch; urgency=medium
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.185
- [arm64,armhf] usb: chipidea: udc: workaround for endpoint conflict issue
- [amd64] IB/hfi1: Silence txreq allocation warnings
- Input: uinput - add compat ioctl number translation for UI_*_FF_UPLOAD
- apparmor: enforce nullbyte at end of tag string
- parport: Fix mem leak in parport_register_dev_model
- [amd64] IB/hfi1: Insure freeze_work work_struct is canceled on shutdown
- IB/{qib, hfi1, rdmavt}: Correct ibv_devinfo max_mr value
- [mips*] uprobes: remove set but not used variable 'epc'
- [armhf] net: dsa: mv88e6xxx: avoid error message on remove from VLAN 0
- [arm64] net: hns: Fix loopback test failed at copper ports
- [arm64] drm/arm/hdlcd: Allow a bit of clock tolerance
- scsi: ufs: Check that space was properly alloced in copy_query_response
- [s390x] qeth: fix VLAN attribute in bridge_hostnotify udev event
- nvme: Fix u32 overflow in the number of namespace list calculation
- btrfs: start readahead also in seed devices
- can: purge socket error queue on sock destruct
- [ppc64el] powerpc/bpf: use unsigned division instruction for 64-bit
operations
- Bluetooth: Align minimum encryption key size for LE and BR/EDR
connections
- Bluetooth: Fix regression with minimum encryption key size alignment
- cfg80211: fix memory leak of wiphy device name
- mac80211: drop robust management frames from unknown TA
- mac80211: Do not use stack memory with scatterlist for GMAC
- [amd64] IB/hfi1: Avoid hardlockup with flushlist_lock
- 9p/rdma: do not disconnect on down_interruptible EAGAIN
- 9p: acl: fix uninitialized iattr access
- 9p/rdma: remove useless check in cm_event_handler
- 9p: p9dirent_read: check network-provided name length
- fs/proc/array.c: allow reporting eip/esp for all coredumping threads
- [x86] scsi: vmw_pscsi: Fix use-after-free in pvscsi_queue_lck()
- [x86] x86/speculation: Allow guests to use SSBD even if host does not
- NFS/flexfiles: Use the correct TCP timeout for flexfiles I/O
- cpu/speculation: Warn on unsupported mitigations= parameter
- af_packet: Block execution of tasks waiting for transmit to complete in
AF_PACKET
- [arm64,armhf] net: stmmac: fixed new system time seconds value
calculation
- sctp: change to hold sk after auth shkey is created successfully
- tipc: change to use register_pernet_device
- tipc: check msg->req data len in tipc_nl_compat_bearer_disable
- tun: wake up waitqueues after IFF_UP is set
- team: Always enable vlan tx offload
- bonding: Always enable vlan tx offload
- ipv4: Use return value of inet_iif() for __raw_v4_lookup in the while
loop
- net: check before dereferencing netdev_ops during busy poll
- bpf: udp: Avoid calling reuseport's bpf_prog from udp_gro
- bpf: udp: ipv6: Avoid running reuseport's bpf_prog from __udp6_lib_err
- tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
- Bluetooth: Fix faulty expression for minimum encryption key size check
- ASoC: soc-pcm: BE dai needs prepare when pause release after resume
- spi: bitbang: Fix NULL pointer dereference in spi_unregister_master
- ASoC: max98090: remove 24-bit format support if RJ is 0
- scsi: hpsa: correct ioaccel2 chaining
- mm/mlock.c: change count_mm_mlocked_page_nr return type
- [mips*] math-emu: do not use bools for arithmetic
- [armhf] mfd: omap-usb-tll: Fix register offsets
- [armhf] clk: sunxi: fix uninitialized access
- [x86] KVM: degrade WARN to pr_warn_ratelimited
- [x86] drm/i915/dmc: protect against reading random memory
- ALSA: firewire-lib/fireworks: fix miss detection of received MIDI
messages
- ALSA: line6: Fix write on zero-sized buffer
- ALSA: usb-audio: fix sign unintended sign extension on left shifts
- [x86] lib/mpi: Fix karactx leak in mpi_powm
- [armhf] drm/imx: notify drm core before sending event during crtc
disable
- [armhf] drm/imx: only send event on crtc disable if kept disabled
- btrfs: Ensure replaced device doesn't have pending chunk allocation
- [x86] tty: rocket: fix incorrect forward declaration of 'rp_init()'
- [arm64] vdso: Define vdso_{start,end} as array
- [x86] KVM: LAPIC: Fix pending interrupt in IRR blocked by software
disable LAPIC
- [amd64] IB/hfi1: Close PSM sdma_progress sleep window
- [mips*] Add missing EHB in mtc0 -> mfc0 sequence.
- [armhf] dmaengine: imx-sdma: remove BD_INTR for channel0
-- Salvatore Bonaccorso <carnil(a)debian.org> Sun, 21 Jul 2019 14:35:10 +0200
linux (4.9.184-1) stretch; urgency=medium
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.169
- [x86] power: Fix some ordering bugs in __restore_processor_context()
- [amd64] power/64: Use struct desc_ptr for the IDT in struct saved_context
- [i386] power/32: Move SYSENTER MSR restoration to fix_processor_context()
- [x86] power: Make restore_processor_context() sane
- [ppc64el] powerpc/tm: Limit TM code inside PPC_TRANSACTIONAL_MEM
- [ppc64el] Fix invalid use of register expressions
- [ppc64el] powerpc/64s: Add barrier_nospec
- [ppc64el] powerpc/64s: Add support for ori barrier_nospec patching
- [ppc64el] Avoid code patching freed init sections
- [ppc64el] powerpc/64s: Patch barrier_nospec in modules
- [ppc64el] powerpc/64s: Enable barrier_nospec based on firmware settings
- [ppc64el] Use barrier_nospec in copy_from_user()
- [ppc64el] powerpc/64: Use barrier_nospec in syscall entry
- [ppc64el] powerpc/64s: Enhance the information in cpu_show_spectre_v1()
- [ppc64el] powerpc64s: Show ori31 availability in spectre_v1 sysfs file
not v2
- [ppc64el] powerpc/64: Disable the speculation barrier from the command
line
- [ppc64el] powerpc/64: Make stf barrier PPC_BOOK3S_64 specific.
- [ppc64el] powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC
- [ppc64el] powerpc/64: Call setup_barrier_nospec() from setup_arch()
- [ppc64el] powerpc/64: Make meltdown reporting Book3S 64 specific
- [ppc64el] asm: Add a patch_site macro & helpers for patching
instructions
- [ppc64el] powerpc/64s: Add new security feature flags for count cache
flush
- [ppc64el] powerpc/64s: Add support for software count cache flush
- [ppc64el] powerpc/pseries: Query hypervisor for count cache flush
settings
- [ppc64el] powerpc/powernv: Query firmware for count cache flush
settings
- [ppc64el] security: Fix spectre_v2 reporting
- [arm64] kaslr: Reserve size of ARM64_MEMSTART_ALIGN in linear region
- tty: ldisc: add sysctl to prevent autoloading of ldiscs
- ipv6: Fix dangling pointer when ipv6 fragment
- ipv6: sit: reset ip header pointer in ipip6_rcv
- openvswitch: fix flow actions reallocation
- qmi_wwan: add Olicard 600
- sctp: initialize _pad of sockaddr_in before copying to user memory
- tcp: Ensure DCTCP reacts to losses
- vrf: check accept_source_route on the original netdevice
- bnxt_en: Reset device on RX buffer errors.
- bnxt_en: Improve RX consumer index validity check.
- net/mlx5e: Add a lock on tir list
- netns: provide pure entropy for net_hash_mix()
- net: ethtool: not call vzalloc for zero sized memory request
- ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type
- ALSA: seq: Fix OOB-reads from strlcpy
- Btrfs: do not allow trimming when a fs is mounted with the nologreplay
option
- block: do not leak memory in bio_copy_user_iov()
- genirq: Respect IRQCHIP_SKIP_SET_WAKE in irq_chip_set_wake_parent()
- virtio: Honour 'may_reduce_num' in vring_create_virtqueue
- [arm64] futex: Fix FUTEX_WAKE_OP atomic ops with non-zero result value
- [x86] xen: Prevent buffer overflow in privcmd ioctl
- sched/fair: Do not re-read ->h_load_next during hierarchical load
calculation
- PCI: Add function 1 DMA alias quirk for Marvell 9170 SATA controller
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.170
- perf/core: Restore mmap record type correctly
- ext4: add missing brelse() in add_new_gdb_meta_bg()
- ext4: report real fs size after failed resize
- [i386] ALSA: sb8: add a check for request_region
- IB/mlx4: Fix race condition between catas error reset and aliasguid
flows
- [x86] thermal/int340x_thermal: Add additional UUIDs
- [x86] thermal/int340x_thermal: fix mode setting
- perf config: Fix an error in the config template documentation
- perf config: Fix a memory leak in collect_config()
- perf build-id: Fix memory leak in print_sdt_events()
- perf top: Fix error handling in cmd_top()
- perf hist: Add missing map__put() in error case
- perf evsel: Free evsel->counts in perf_evsel__exit()
- [arm64] irqchip/mbigen: Don't clear eventid when freeing an MSI
- [x86] hpet: Prevent potential NULL pointer dereference
- [i386] x86/cpu/cyrix: Use correct macros for Cyrix calls on Geode
processors
- [amd64] iommu/vt-d: Check capability before disabling protected memory
- [x86] hw_breakpoints: Make default case in hw_breakpoint_arch_parse()
return an error
- fix incorrect error code mapping for OBJECTID_NOT_FOUND
- ext4: prohibit fstrim in norecovery mode
- rsi: improve kernel thread handling to fix kernel panic
- 9p: do not trust pdu content for stat item size
- 9p locks: add mount option for lock retry interval
- f2fs: fix to do sanity check with current segment number
- [arm64] serial: uartps: console_setup() can't be placed to init section
- HID: i2c-hid: override HID descriptors for certain devices
- [x86] ACPI / SBS: Fix GPE storm on recent MacBookPro's
- cifs: fallback to older infolevels on findfirst queryinfo retry
- kernel: hung_task.c: disable on suspend
- [armhf] crypto: sha256/arm - fix crash bug in Thumb2 build
- [armhf] crypto: sha512/arm - fix crash bug in Thumb2 build
- [amd64] iommu/dmar: Fix buffer overflow during PCI bus notification
- [arm64,armhf] soc/tegra: pmc: Drop locking from
tegra_powergate_is_powered()
- [armel,armhf] 8839/1: kprobe: make patch_lock a raw_spinlock_t
- appletalk: Fix use-after-free in atalk_proc_exit
- lib/div64.c: off by one in shift
- include/linux/swap.h: use offsetof() instead of custom __swapoffset
macro
- [x86] tpm/tpm_crb: Avoid unaligned reads in crb_recv()
- [arm64,armhf] net: stmmac: Set dma ring length before enabling the DMA
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.171
- bonding: fix event handling for stacked bonds
- net: atm: Fix potential Spectre v1 vulnerabilities
- net: bridge: fix per-port af_packet sockets
- net: bridge: multicast: use rcu to access port list from
br_multicast_start_querier
- net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv
- tcp: tcp_grow_window() needs to respect tcp_space()
- team: set slave to promisc if team is already in promisc mode
- vhost: reject zero size iova range
- ipv4: recompile ip options in ipv4_link_failure
- ipv4: ensure rcu_read_lock() in ipv4_link_failure()
- mmc: sdhci: Fix data command CRC error handling
- [x86] tpm/tpm_i2c_atmel: Return -E2BIG when the transfer is incomplete
- CIFS: keep FileInfo handle live during oplock break
- [x86] KVM: Don't clear EFER during SMM transitions for 32-bit vCPU
- [x86] iio/gyro/bmg160: Use millidegrees for temperature scale
- [x86] io: accel: kxcjk1013: restore the range after resume.
- [x86] staging: comedi: vmk80xx: Fix use of uninitialized semaphore
- [x86] staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf
- [x86] staging: comedi: ni_usb6501: Fix use of uninitialized mutex
- [x86] staging: comedi: ni_usb6501: Fix possible double-free of
->usb_rx_buf
- ALSA: core: Fix card races between register and disconnect
- Revert "scsi: fcoe: clear FC_RP_STARTED flags when receiving a LOGO"
- [x86] Revert "svm: Fix AVIC incomplete IPI emulation"
- [x86] crypto: x86/poly1305 - fix overflow during partial reduction
- [x86] kprobes: Verify stack frame on kretprobe
- kprobes: Mark ftrace mcount handler functions nokprobe
- kprobes: Fix error check when reusing optimized probes
- rt2x00: do not increment sequence number while re-transmitting
- mac80211: do not call driver wake_tx_queue op during reconfig
- [x86] perf/x86/amd: Add event map for AMD Family 17h
- sched/fair: Limit sched_cfs_period_timer() loop to avoid hard lockup
- device_cgroup: fix RCU imbalance in error case
- ALSA: info: Fix racy addition/deletion of nodes
- percpu: stop printing kernel addresses (CVE-2018-5995)
- [x86] i2c-hid: properly terminate i2c_hid_dmi_desc_override_table[] array
- kernel/sysctl.c: fix out-of-bounds access when setting file-max
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.172
- kbuild: simplify ld-option implementation
- cifs: do not attempt cifs operation on smb2+ rename error
- tracing: Fix a memory leak by early error exit in trace_pid_write()
- [mips*] scall64-o32: Fix indirect syscall number load
- trace: Fix preempt_enable_no_resched() abuse
- IB/rdmavt: Fix frwr memory registration
- sched/numa: Fix a possible divide-by-zero
- ceph: ensure d_name stability in ceph_dentry_hash()
- ceph: fix ci->i_head_snapc leak
- nfsd: Don't release the callback slot unless it was actually held
- sunrpc: don't mark uninitialised items as VALID.
- [arm64,armhf] drm/vc4: Fix memory leak during gpu reset.
- [arm64,armhf] drm/vc4: Fix compilation error reported by kbuild test bot
- USB: Add new USB LPM helpers
- USB: Consolidate LPM checks to avoid enabling LPM twice
- vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock
- tipc: handle the err returned from cmd header function
- slip: make slhc_free() silently accept an error pointer
- [x86] intel_th: gth: Fix an off-by-one in output unassigning
- fs/proc/proc_sysctl.c: Fix a NULL pointer dereference
- NFS: Forbid setting AF_INET6 to "struct sockaddr_in"->sin_family.
- netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON
- tipc: check bearer name with right length in
tipc_nl_compat_bearer_enable
- tipc: check link name with right length in tipc_nl_compat_link_set
- ipv4: add sanity checks in ipv4_link_failure()
- net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query
- net: rds: exchange of 8K and 1M pool
- team: fix possible recursive locking when add slaves
- [arm64,armhf] net: stmmac: move stmmac_check_ether_addr() to driver
probe
- ipv4: set the tcp_min_rtt_wlen range from 0 to one day
- ipv6: frags: fix a lockdep false positive
- net: IP defrag: encapsulate rbtree defrag code into callable functions
- ipv6: remove dependency of nf_defrag_ipv6 on ipv6 module
- net: IP6 defrag: use rbtrees for IPv6 defrag
- net: IP6 defrag: use rbtrees in nf_conntrack_reasm.c
- Documentation: Add nospectre_v1 parameter
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.173
- usbnet: ipheth: prevent TX queue timeouts when device not ready
- usbnet: ipheth: fix potential null pointer dereference in
ipheth_carrier_set
- media: vivid: check if the cec_adapter is valid
- [armhf] dts: bcm283x: Fix hdmi hpd gpio pull
- [s390x] limit brk randomization to 32MB
- qlcnic: Avoid potential NULL pointer dereference
- netfilter: nft_set_rbtree: check for inactive element after flag
mismatch
- netfilter: bridge: set skb transport_header before entering
NF_INET_PRE_ROUTING
- usb: gadget: net2280: Fix overrun of OUT messages
- usb: gadget: net2280: Fix net2280_dequeue()
- staging: rtl8712: uninitialized memory in read_bbreg_hdl()
- NFS: Fix a typo in nfs_init_timeout_values()
- scsi: qla4xxx: fix a potential NULL pointer dereference
- usb: u132-hcd: fix resource leak
- ceph: fix use-after-free on symlink traversal
- [s390x] scsi: zfcp: reduce flood of fcrscn1 trace records on
multi-element RSCN
- [x86,arm64] libata: fix using DMA buffers on stack
- gpio: of: Fix of_gpiochip_add() error path
- [amd64] vfio/type1: Limit DMA mappings per container (CVE-2019-3882)
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.174
- ALSA: line6: use dynamic buffers
- ipv4: ip_do_fragment: Preserve skb_iif during fragmentation
- ipv6/flowlabel: wait rcu grace period before put_pid()
- ipv6: invert flowlabel sharing check in process and user mode
- packet: validate msg_namelen in send directly
- bnxt_en: Improve multicast address setup logic.
- net: phy: marvell: Fix buffer overrun with stats counters
- [arm64] proc: Set PTE_NG for table entries to avoid traversing them
twice
- [arm64] mm: print out correct page table entries
- [arm64] mm: don't print out page table entries on EL0 faults
- USB: yurex: Fix protection fault after device removal
- USB: w1 ds2490: Fix bug caused by improper use of altsetting array
- [x86] usb: usbip: fix isoc packet num validation in get_pipe
- USB: core: Fix unterminated string returned by usb_string()
- USB: core: Fix bug caused by duplicate interface PM usage counter
- nvme-loop: init nvmet_ctrl fatal_err_work when allocate
- HID: logitech: check the return value of create_singlethread_workqueue
- HID: debug: fix race condition with between rdesc_show() and device
removal
- batman-adv: Reduce claim hash refcnt only for removed entry
- batman-adv: Reduce tt_local hash refcnt only for removed entry
- batman-adv: Reduce tt_global hash refcnt only for removed entry
- igb: Fix WARN_ONCE on runtime suspend
- net/mlx5: E-Switch, Fix esw manager vport indication for more vport
commands
- bonding: show full hw address in sysfs for slave entries
- [arm64,armhf] net: stmmac: don't overwrite discard_frame status
- [arm64,armhf] net: stmmac: fix dropping of multi-descriptor RX frames
- [arm64,armhf] net: stmmac: don't log oversized frames
- jffs2: fix use-after-free on symlink traversal
- debugfs: fix use-after-free on symlink traversal
- [amd64,ppc64el] vfio/pci: use correct format characters
- scsi: core: add new RDAC LENOVO/DE_Series device
- [x86] scsi: storvsc: Fix calculation of sub-channel count
- [arm64] net: hns: fix KASAN: use-after-free in hns_nic_net_xmit_hw()
- [arm64] net: hns: Use NAPI_POLL_WEIGHT for hns driver
- [arm64] net: hns: Fix WARNING when remove HNS driver with SMMU enabled
- hugetlbfs: fix memory leak for resv_map
- [armel] orion: don't use using 64-bit DMA masks
- [x86] perf/x86/amd: Update generic hardware cache events for Family 17h
- scsi: RDMA/srpt: Fix a credit leak for aborted commands
- selinux: never allow relabeling on context mounts
- [x86] mce: Improve error message when kernel cannot recover, p2
- media: v4l2: i2c: ov7670: Fix PLL bypass register values
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.175
- scsi: libsas: fix a race condition when smp task timeout
(CVE-2018-20836)
- ASoC:soc-pcm:fix a codec fixup issue in TDM case
- [amd64] IB/hfi1: Eliminate opcode tests on mr deref
- [x86] perf/x86/intel: Fix handling of wakeup_events for multi-entry PEBS
- scsi: csiostor: fix missing data copy in csio_scsi_err_handler()
- virtio-blk: limit number of hw queues by nr_cpu_ids
- [amd64] iommu/amd: Set exclusion range correctly
- mm: add 'try_get_page()' helper function
- genirq: Prevent use-after-free and work list corruption
- [arm64,armhf] usb: dwc3: Fix default lpm_nyet_threshold value
- USB: serial: f81232: fix interrupt worker not stop
- usb-storage: Set virt_boundary_mask to avoid SG overflows
- scsi: qla2xxx: Fix incorrect region-size setting in optrom SYSFS
routines
- UAS: fix alignment of scatter/gather segments
- [x86] ASoC: Intel: avoid Oops if DMA setup fails
- timer/debug: Change /proc/timer_stats from 0644 to 0600 (CVE-2017-5967)
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.176
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.177
- netfilter: compat: initialize all fields in xt_init
- bpf: fix struct htab_elem layout
- bpf: convert htab map to hlist_nulls
- [x86] platform/x86: sony-laptop: Fix unintentional fall-through
- USB: serial: fix unthrottle races
- [x86] libnvdimm/namespace: Fix a potential NULL pointer dereference
- HID: input: add mapping for Expose/Overview key
- HID: input: add mapping for keyboard Brightness Up/Down/Toggle keys
- HID: input: add mapping for "Toggle Display" key
- [x86] libnvdimm/btt: Fix a kmemdup failure check
- [s390x] dasd: Fix capacity calculation for large volumes
- mac80211: fix unaligned access in mesh table hash function
- [s390x] 3270: fix lockdep false positive on view->lock
- mISDN: Check address length before reading address family
- [x86] reboot, efi: Use EFI reboot for Acer TravelMate X514-51T
- [x86] KVM: avoid misreporting level-triggered irqs as edge-triggered in
tracing
- init: initialize jump labels before command line option parsing
- ipvs: do not schedule icmp errors from tunnels
- [s390x] ctcm: fix ctcm_new_device error return code
- [armhf] gpu: ipu-v3: dp: fix CSC handling
- rtlwifi: rtl8723ae: Fix missing break in switch statement
- md/raid5: Don't jump to compute_result state from check_result state
- bridge: Fix error path for kobject_init_and_add()
- fib_rules: return 0 directly if an exactly same rule exists when
NLM_F_EXCL not supplied
- packet: Fix error path in packet_init
- vlan: disable SIOCSHWTSTAMP in container
- vrf: sit mtu should not be updated when vrf netdev is the link
- ipv4: Fix raw socket lookup for local traffic
- bonding: fix arp_validate toggling in active-backup mode
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.178
- net: core: another layer of lists, around PF_MEMALLOC skb handling
- locking/rwsem: Prevent decrement of reader count before increment
- [amd64] PCI: hv: Fix a memory leak in hv_eject_device_work()
- [x86] speculation/mds: Revert CPU buffer clear on double fault exit
- [x86] speculation/mds: Improve CPU buffer clear documentation
- [armhf] exynos: Fix a leaked reference by adding missing of_node_put
- [arm64] compat: Reduce address limit
- [arm64] Clear OSDLR_EL1 on CPU boot
- [x86] sched/x86: Save [ER]FLAGS on context switch
- crypto: chacha20poly1305 - set cra_name correctly
- [ppc64el] crypto: vmx - fix copy-paste error in CTR mode
- crypto: crct10dif-generic - fix use via crypto_shash_digest()
- [amd64] crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest()
- ALSA: usb-audio: Fix a memory leak bug
- ALSA: hda/hdmi - Read the pin sense from register when repolling
- ALSA: hda/hdmi - Consider eld_valid when reporting jack event
- ALSA: hda/realtek - EAPD turn on later
- ASoC: max98090: Fix restore of DAPM Muxes
- ASoC: RT5677-SPI: Disable 16Bit SPI Transfers
- ocfs2: fix ocfs2 read inode data panic in ocfs2_iget
- [arm64] mfd: max77620: Fix swapped FPS_PERIOD_MAX_US values
- tty/vt: fix write/write race in ioctl(KDSKBSENT) handler
- jbd2: check superblock mapped prior to committing
- ext4: actually request zeroing of inode table after grow
- ext4: fix ext4_show_options for file systems w/o journal
- Btrfs: do not start a transaction at iterate_extent_inodes()
- bcache: fix a race between cache register and cacheset unregister
- bcache: never set KEY_PTRS of journal key to 0 in journal_reclaim()
- [arm64] ipmi:ssif: compare block number correctly for multi-part return
messages
- crypto: gcm - Fix error return code in crypto_gcm_create_common()
- crypto: gcm - fix incompatibility between "gcm" and "gcm_base"
- crypto: salsa20 - don't access already-freed walk.iv
- fib_rules: fix error in backport of e9919a24d302 ("fib_rules: return
0...")
- writeback: synchronize sync(2) against cgroup writeback membership
switches
- fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going
into workqueue when umount
- ext4: fix data corruption caused by overlapping unaligned and aligned IO
- [x86] ALSA: hda/realtek - Fix for Lenovo B50-70 inverted internal
microphone bug
- [x86] KVM: Skip EFER vs. guest CPUID checks for host-initiated writes
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.179
- net: avoid weird emergency message
- net/mlx4_core: Change the error print to info print
- ppp: deflate: Fix possible crash in deflate_init
- tipc: switch order of device registration to fix a crash
- vsock/virtio: free packets during the socket release
- tipc: fix modprobe tipc failed after switch order of device registration
- vsock/virtio: Initialize core virtio vsock before registering the driver
- md: add mddev->pers to avoid potential NULL pointer dereference
- [x86] intel_th: msu: Fix single mode with IOMMU
- p54: drop device reference count if fails to enable device
- cifs: fix strcat buffer overflow and reduce raciness in
smb21_set_oplock_level()
- NFS4: Fix v4.0 client state corruption when mount
- [arm64,armhf] clk: tegra: Fix PLLM programming on Tegra124+ when PMC
overrides divider
- fuse: fix writepages on 32bit
- fuse: honor RLIMIT_FSIZE in fuse_file_fallocate
- [arm64,armhf] iommu/tegra-smmu: Fix invalid ASID bits on Tegra30/114
- ceph: flush dirty inodes before proceeding with remount
- tracing: Fix partial reading of trace event's id file
- [arm64,armhf] memory: tegra: Fix integer overflow on tick value
calculation
- [x86] perf intel-pt: Fix instructions sampling rate
- [x86] perf intel-pt: Fix improved sample timestamp
- [x86] perf intel-pt: Fix sample timestamp wrt non-taken branches
- PCI: Mark Atheros AR9462 to avoid bus reset
- PCI: Work around Pericom PCIe-to-PCI bridge Retrain Link erratum
- dm delay: fix a crash when invalid device is specified
- xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink
- xfrm6_tunnel: Fix potential panic when unloading xfrm6_tunnel module
- vti4: ipip tunnel deregistration fixes.
- xfrm4: Fix uninitialized memory read in _decode_session4
- mac80211: Fix kernel panic due to use of txq after free
- [arm64,armhf] KVM: arm/arm64: Ensure vcpu target is unset on reset
failure
- power: supply: sysfs: prevent endless uevent loop with
CONFIG_POWER_SUPPLY_DEBUG
- ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour
- Revert "Don't jump to compute_result state from check_result state"
- md/raid: raid5 preserve the writeback action after the parity check
- btrfs: Honour FITRIM range constraints during free space trim
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.180
- ext4: do not delete unlinked inode from orphan list on failed truncate
- [x86] KVM: fix return value for reserved EFER
- bio: fix improper use of smp_mb__before_atomic()
- Revert "scsi: sd: Keep disk read-only when re-reading partition"
- [ppc64el] crypto: vmx - CTR: always increment IV as quadword
- [x86] kvm: svm/avic: fix off-by-one in checking host APIC ID
- [x86] libnvdimm/namespace: Fix label tracking error
- [arm64] Save and restore OSDLR_EL1 across suspend/resume
- gfs2: Fix sign extension bug in gfs2_update_stats
- Btrfs: do not abort transaction at btrfs_update_root() after failure to
COW path
- Btrfs: fix race between ranged fsync and writeback of adjacent ranges
- btrfs: sysfs: don't leak memory when failing add fsid
- fbdev: fix divide error in fb_var_to_videomode
- hugetlb: use same fault hash key for shared and private mappings
- fbdev: fix WARNING in __alloc_pages_nodemask bug
- media: cpia2: Fix use-after-free in cpia2_exit
- media: vivid: use vfree() instead of kfree() for dev->bitmap_cap
- [x86,ppc64el] ssb: Fix possible NULL pointer dereference in
ssb_host_pcmcia_exit
- at76c50x-usb: Don't register led_trigger if usb_register_driver failed
- Revert "btrfs: Honour FITRIM range constraints during free space trim"
- gfs2: Fix lru_count going negative
- cxgb4: Fix error path in cxgb4_init_module
- mmc: core: Verify SD bus width
- [arm64] dmaengine: tegra210-dma: free dma controller in remove()
- [arm64,armhf] ASoC: hdmi-codec: unlock the device on startup errors
- [ppc64el] boot: Fix missing check of lseek() return value
- brcm80211: potential NULL dereference in
brcmf_cfg80211_vndr_cmds_dcmd_handler()
- [armel,armhf] vdso: Remove dependency with the arch_timer driver internals
- sched/cpufreq: Fix kobject memleak
- scsi: qla2xxx: Fix a qla24xx_enable_msix() error path
- iwlwifi: pcie: don't crash on invalid RX interrupt
- w1: fix the resume command API
- [armhf] dmaengine: pl330: _stop: clear interrupt status
- mac80211/cfg80211: update bss channel on channel switch
- mwifiex: prevent an array overflow
- [armhf] crypto: sun4i-ss - Fix invalid calculation of hash end
- bcache: return error immediately in bch_journal_replay()
- bcache: fix failure in journal relplay
- bcache: add failure check to run_cache_set() for journal replay
- [x86] build: Move _etext to actual end of .text
- smpboot: Place the __percpu annotation correctly
- [amd64] mm: Remove in_nmi() warning from 64-bit implementation of
vmalloc_fault()
- HID: logitech-hidpp: use RAP instead of FAP to get the protocol version
- media: au0828: stop video streaming only when last user stops
- audit: fix a memory leak bug
- media: au0828: Fix NULL pointer dereference in
au0828_analog_stream_enable()
- media: pvrusb2: Prevent a buffer overflow
- [ppc64el] numa: improve control of topology updates
- sched/core: Check quota and period overflow at usec to nsec conversion
- sched/core: Handle overflow in cpu_shares_write_u64
- USB: core: Don't unbind interfaces following device reset failure
- [amd64] irq: Limit IST stack overflow check to #DB stack
- i40e: don't allow changes to HW VLAN stripping on active port VLANs
- [arm64] vdso: Fix clock_getres() for CLOCK_REALTIME
- RDMA/cxgb4: Fix null pointer dereference on alloc_skb failure
- hwmon: (vt1211) Use request_muxed_region for Super-IO accesses
- [x86] hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses
- [x86] hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses
- hwmon: (pc87427) Use request_muxed_region for Super-IO accesses
- [x86] hwmon: (f71805f) Use request_muxed_region for Super-IO accesses
- scsi: libsas: Do discovery on empty PHY to update PHY info
- mmc: core: make pwrseq_emmc (partially) support sleepy GPIO controllers
- [arm64] mmc_spi: add a status check for spi_sync_locked
- PM / core: Propagate dev->power.wakeup_path when no callbacks
- rtlwifi: fix a potential NULL pointer dereference
- mwifiex: Fix mem leak in mwifiex_tm_cmd
- brcmfmac: fix missing checks for kmemdup
- brcmfmac: convert dev_init_lock mutex to completion
- brcmfmac: fix race during disconnect when USB completion is in progress
- brcmfmac: fix Oops when bringing up interface during USB disconnect
- scsi: ufs: Fix regulator load and icc-level configuration
- scsi: ufs: Avoid configuring regulator with undefined voltage range
- [arm64] cpu_ops: fix a leaked reference by adding missing of_node_put
- [x86] uaccess, signal: Fix AC=1 bloat
- [amd64] x86/ia32: Fix ia32_restore_sigcontext() AC leak
- chardev: add additional check for minor range overlap
- HID: core: move Usage Page concatenation to Main item
- [armhf] ASoC: eukrea-tlv320: fix a leaked reference by adding missing
of_node_put
- [armhf] ASoC: fsl_utils: fix a leaked reference by adding missing
of_node_put
- cxgb3/l2t: Fix undefined behaviour
- [arm64,armhf] spi: tegra114: reset controller on probe
- [armhf] media: wl128x: prevent two potential buffer overflows
- virtio_console: initialize vtermno value for ports
- [x86,ppc64el] tty: ipwireless: fix missing checks for ioremap
- [x86] mce: Fix machine_check_poll() tests for error types
- usb: core: Add PM runtime calls to usb_hcd_platform_shutdown
- scsi: qla4xxx: avoid freeing unallocated dma memory
- [arm64] dmaengine: tegra210-adma: use devm_clk_*() helpers
- media: m88ds3103: serialize reset messages in m88ds3103_set_frontend
- scsi: lpfc: Fix SLI3 commands being issued on SLI4 devices
- [i386] spi : spi-topcliff-pch: Fix to handle empty DMA buffers
- spi: Fix zero length xfer bug
- drm: Wake up next in drm_read() chain if we are forced to putback the
event
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.181
- ipv6: Consider sk_bound_dev_if when binding a raw socket to an address
- llc: fix skb leak in llc_build_and_send_ui_pkt()
- [armhf] net: fec: fix the clk mismatch in failed_reset path
- net-gro: fix use-after-free read in napi_gro_frags()
- [arm64,armhf] net: stmmac: fix reset gpio free missing
- usbnet: fix kernel crash after disconnect
- tipc: Avoid copying bytes beyond the supplied data
- bnxt_en: Fix aggregation buffer leak under OOM condition.
- ipv4/igmp: fix another memory leak in igmpv3_del_delrec()
- ipv4/igmp: fix build error if !CONFIG_IP_MULTICAST
- [armhf] net: dsa: mv88e6xxx: fix handling of upper half of
STATS_TYPE_PORT
- [armhf] net: mvneta: Fix err code path of probe
- [armhf] net: mvpp2: fix bad MVPP2_TXQ_SCHED_TOKEN_CNTR_REG queue value
- [ppc64el] crypto: vmx - ghash: do nosimd fallback manually
- xen/pciback: Don't disable PCI_COMMAND on PCI device reset.
(CVE-2015-8553)
- Revert "tipc: fix modprobe tipc failed after switch order of device
registration"
- tipc: fix modprobe tipc failed after switch order of device registration
- xhci: update bounce buffer with correct sg num
- xhci: Use %zu for printing size_t type
- xhci: Convert xhci_handshake() to use readl_poll_timeout_atomic()
- usb: xhci: avoid null pointer deref when bos field is NULL
- [x86] usbip: usbip_host: fix BUG: sleeping function called from invalid
context
- [x86] usbip: usbip_host: fix stub_dev lock context imbalance regression
- USB: Fix slab-out-of-bounds write in usb_get_bos_descriptor
- USB: sisusbvga: fix oops in error path of sisusb_probe
- USB: Add LPM quirk for Surface Dock GigE adapter
- USB: rio500: refuse more than one device at a time
- USB: rio500: fix memory leak in close after disconnect
- media: usb: siano: Fix general protection fault in smsusb
- media: usb: siano: Fix false-positive "uninitialized variable" warning
- media: smsusb: better handle optional alignment
- [s390x] scsi: zfcp: fix missing zfcp_port reference put on -EBUSY from
port_remove
- [s390x] scsi: zfcp: fix to prevent port_remove with pure auto scan LUNs
(only sdevs)
- Btrfs: fix race updating log root item during fsync
- [ppc64el] powerpc/perf: Fix MMCRA corruption by bhrb_filter
- ALSA: hda/realtek - Set default power save node to 0
- drm/nouveau/i2c: Disable i2c bus access after ->fini()
- [arm64] tty: serial: msm_serial: Fix XON/XOFF
- memcg: make it work on sparse non-0-node systems
- kernel/signal.c: trace_signal_deliver when signal_group_exit
- CIFS: cifs_read_allocate_pages: don't iterate through whole page array
on ENOMEM
- [x86] drm/vmwgfx: Don't send drm sysfs hotplug events on initial master
set
- binder: Replace "%p" with "%pK" for stable (CVE-2018-20509)
- binder: replace "%p" with "%pK" (CVE-2018-20510)
- fs: prevent page refcount overflow in pipe_buf_get (CVE-2019-11487)
- mm, gup: remove broken VM_BUG_ON_PAGE compound check for hugepages
- mm, gup: ensure real head page is ref-counted when using hugepages
- mm: prevent get_user_pages() from overflowing page refcount
(CVE-2019-11487)
- mm: make page ref count overflow check tighter and more explicit
(CVE-2019-11487)
- media: uvcvideo: Fix uvc_alloc_entity() allocation alignment
- ethtool: fix potential userspace buffer overflow
- neighbor: Call __ipv4_neigh_lookup_noref in neigh_xmit
- net/mlx4_en: ethtool, Remove unsupported SFP EEPROM high pages query
- net: rds: fix memory leak in rds_ib_flush_mr_pool
- pktgen: do not sleep with the thread lock held.
- ipv6: fix EFAULT on sendto with icmpv6 and hdrincl
- ipv6: use READ_ONCE() for inet->hdrincl as in ipv4
- Revert "fib_rules: fix error in backport of e9919a24d302 ("fib_rules:
return 0...")"
- Revert "fib_rules: return 0 directly if an exactly same rule exists when
NLM_F_EXCL not supplied"
- rcu: locking and unlocking need to always be at least barriers
- fuse: fallocate: fix return with locked inode
- [x86] power: Fix 'nosmt' vs hibernation triple fault during resume
- [ppc64el] genwqe: Prevent an integer overflow in the ioctl
- [x86] drm/gma500/cdv: Check vbt config bits when detecting lvds panels
- drm/radeon: prefer lower reference dividers
- [x86] drm/i915: Fix I915_EXEC_RING_MASK
- TTY: serial_core, add ->install
- fs: stream_open - opener for stream-like files so that read and write
can run simultaneously without deadlock
- fuse: Add FOPEN_STREAM to use stream_open()
- ipv4: Define __ipv4_neigh_lookup_noref when CONFIG_INET is disabled
- ethtool: check the return value of get_regs_len
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.182
- tcp: reduce tcp_fastretrans_alert() verbosity
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.183
- fs/fat/file.c: issue flush after the writeback of FAT
- sysctl: return -EINVAL if val violates minmax
- ipc: prevent lockup on alloc_msg and free_msg
- [armhf] prevent tracing IPI_CPU_BACKTRACE
- hugetlbfs: on restore reserve error path retain subpool reservation
- mem-hotplug: fix node spanned pages when we have a node with only
ZONE_MOVABLE
- [armhf,ppc64el] mm/cma.c: fix crash on CMA allocation if bitmap
allocation fails
- mm/slab.c: fix an infinite loop in leaks_show()
- kernel/sys.c: prctl: fix false positive in validate_prctl_map()
- [arm64] drivers: thermal: tsens: Don't print error message on
-EPROBE_DEFER
- [x86] mfd: intel-lpss: Set the device in reset state when init
- mfd: twl6040: Fix device init errors for ACCCTL register
- [x86] perf/intel: Allow PEBS multi-entry in watermark mode
- [arm64] drm/bridge: adv7511: Fix low refresh rate selection
- objtool: Don't use ignore flag for fake jumps
- [arm64] pwm: meson: Use the spin-lock only to protect register
modifications
- ntp: Allow TAI-UTC offset to be set to zero
- f2fs: fix to avoid panic in do_recover_data()
- f2fs: fix to clear dirty inode in error path of f2fs_iget()
- f2fs: fix to do sanity check on valid block count of segment
- configfs: fix possible use-after-free in configfs_register_group
- [armhf] watchdog: imx2_wdt: Fix set_timeout for big timeout values
- watchdog: fix compile time error of pretimeout governors
- [x86] iommu/vt-d: Set intel_iommu_gfx_mapped correctly
- ALSA: hda - Register irq handler after the chip initialization
- nvmem: core: fix read buffer in place
- fuse: retrieve: cap requested size to negotiated max_write
- nfsd: allow fh_want_write to be called twice
- [x86] PCI: Fix PCI IRQ routing table memory leak
- platform/chrome: cros_ec_proto: check for NULL transfer function
- [armhf] clk: rockchip: Turn on "aclk_dmac1" for suspend on rk3288
- [armhf] dts: imx6sx: Specify IMX6SX_CLK_IPG as "ahb" clock to SDMA
- [armhf] dts: imx7d: Specify IMX7D_CLK_IPG as "ipg" clock to SDMA
- [armhf] dts: imx6ul: Specify IMX6UL_CLK_IPG as "ipg" clock to SDMA
- [armhf] dts: imx6sx: Specify IMX6SX_CLK_IPG as "ipg" clock to SDMA
- [armhf] dts: imx6qdl: Specify IMX6QDL_CLK_IPG as "ipg" clock to SDMA
- [ppc64el] PCI: rpadlpar: Fix leaked device_node references in add/remove
paths
- [x86] platform: intel_pmc_ipc: adding error handling
- [x86] video: hgafb: fix potential NULL pointer dereference
- [arm64] PCI: xilinx: Check for __get_free_pages() failure
- [armhf] gpio: gpio-omap: add check for off wake capable gpios
- [x86] dmaengine: idma64: Use actual device for DMA transfers
- [armhf] pwm: tiehrpwm: Update shadow register for disabling PWMs
- [armhf] dts: exynos: Always enable necessary APIO_1V8 and ABB_1V8
regulators on Arndale Octa
- pwm: Fix deadlock warning when removing PWM device
- [armhf] exynos: Fix undefined instruction during Exynos5422 resume
- ALSA: seq: Cover unsubscribe_port() in list_mutex
- ALSA: oxfw: allow PCM capture for Stanton SCS.1m
- libata: Extend quirks for the ST1000LM024 drives with NOLPM quirk
- mm/list_lru.c: fix memory leak in __memcg_init_list_lru_node
- fs/ocfs2: fix race in ocfs2_dentry_attach_lock()
- signal/ptrace: Don't leak unitialized kernel memory with
PTRACE_PEEK_SIGINFO
- ptrace: restore smp_rmb() in __ptrace_may_access()
- media: v4l2-ioctl: clear fields in s_parm
- bcache: fix stack corruption by PRECEDING_KEY()
- cgroup: Use css_tryget() instead of css_tryget_online() in task_get_css()
- [x86] uaccess, kcov: Disable stack protector
- ALSA: seq: Fix race of get-subscription call vs port-delete ioctls
- Drivers: misc: fix out-of-bounds access in function param_set_kgdbts_var
- scsi: lpfc: add check for loss of ndlp when sending RRQ
- [arm64] mm: Inhibit huge-vmap with ptdump
- scsi: bnx2fc: fix incorrect cast to u64 on shift operation
- usbnet: ipheth: fix racing condition
- [x86] KVM: pmu: do not mask the value that is written to fixed PMUs
- [s390x] KVM: fix memory slot handling for KVM_SET_USER_MEMORY_REGION
- [x86] drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to
an invalid read
- [x86] drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define()
- [arm64,armhf] usb: dwc2: Fix DMA cache alignment issues
- USB: Fix chipmunk-like voice when using Logitech C270 for recording audio.
- USB: usb-storage: Add new ID to ums-realtek
- USB: serial: pl2303: add Allied Telesis VT-Kit3
- USB: serial: option: add support for Simcom SIM7500/SIM7600 RNDIS mode
- USB: serial: option: add Telit 0x1260 and 0x1261 compositions
- [armhf] rtc: pcf8523: don't return invalid date when battery is low
- ax25: fix inconsistent lock state in ax25_destroy_timer
- be2net: Fix number of Rx queues used for flow hashing
- ipv6: flowlabel: fl6_sock_lookup() must use atomic_inc_not_zero
- lapb: fixed leak of control-blocks.
- neigh: fix use-after-free read in pneigh_get_next
- [x86] perf/intel/ds: Fix EVENT vs. UEVENT PEBS constraints
- mISDN: make sure device name is NUL terminated
- [x86] CPU/AMD: Don't force the CPB cap when running under a hypervisor
- perf/ring_buffer: Fix exposing a temporarily decreased data_head
- perf/ring_buffer: Add ordering to rb->nest increment
- i2c: dev: fix potential memory leak in i2cdev_ioctl_rdwr
- configfs: Fix use-after-free when accessing sd->s_dentry
- perf data: Fix 'strncat may truncate' build failure with recent gcc
- perf record: Fix s390 missing module symbol and warning for non-root users
- [ppc64el] KVM: Book3S: Use new mutex to synchronize access to rtas token
list
- [ppc64el] KVM: Book3S HV: Don't take kvm->lock around kvm_for_each_vcpu
- scsi: libcxgbi: add a check for NULL pointer in cxgbi_check_route()
- scsi: smartpqi: properly set both the DMA mask and the coherent DMA mask
- scsi: libsas: delete sas port if expander discover failed
- vfs: Abort file_remove_privs() for non-reg. files
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.184
- tcp: refine memory limit test in tcp_fragment() (Closes: #930904)
[ Salvatore Bonaccorso ]
* [x86] Disable R3964 due to lack of security support
* Refresh version.patch for context changes in 4.9.170
* [rt] Drop 0053-arm-kprobe-replace-patch_lock-to-raw-lock.patch applied in
4.9.170
* Revert "x86: stop exporting msr-index.h to userland"
* [rt] Add new signing subkey for Steven Rostedt
* [rt] Update to 4.9.178-rt131:
- futex,rt_mutex: Restructure rt_mutex_finish_proxy_lock()
- Update "kernel/hotplug: restore original cpu mask oncpu/down" to always
call arch_smt_update()
* Refresh 0058-net-ena-complete-host-info-to-match-latest-ENA-spec.patch for
context changes in 4.9.180
* Drop efi-libstub-unify-command-line-param-parsing.patch
* Refresh arm64-add-kernel-config-option-to-set-securelevel-wh.patch for
context changes in 4.9.181
[ Ben Hutchings ]
* Drop "kbuild: Use -nostdinc in compile tests", which is no longer needed.
* [rt] Fix build failure after "genirq: Prevent use-after-free and work
list corruption":
- kthread: Convert worker lock to raw spinlock
- kthread: add a global worker thread.
- genirq: convert affinity_notify swork to kthread
* Bump ABI to 10 and apply deferred changes:
- genirq: Avoid summation loops for /proc/stat
* [ppc64el] Disable PPC_TRANSACTIONAL_MEM (Closes: #866122)
-- Salvatore Bonaccorso <carnil(a)debian.org> Sat, 29 Jun 2019 09:29:10 +0200
--- Modifications pour linux-latest (linux-image-amd64) ---
linux-latest (80+deb9u9) stretch; urgency=medium
* Update to 4.9.0-11
-- Ben Hutchings <ben(a)decadent.org.uk> Mon, 26 Aug 2019 02:22:14 +0100
linux-latest (80+deb9u8) stretch; urgency=medium
* Update to 4.9.0-10
-- Salvatore Bonaccorso <carnil(a)debian.org> Fri, 19 Jul 2019 21:23:23 +0200
--- Modifications pour mariadb-10.1 (libmariadbclient18) ---
mariadb-10.1 (10.1.41-0+deb9u1) stretch; urgency=medium
* SECURITY UPDATE: New upstream version 10.1.41. Includes fixes for the
following security vulnerabilities:
- CVE-2019-2737
- CVE-2019-2739
- CVE-2019-2740
- CVE-2019-2805
* Previous release 10.1.39
includes fixes for the following security vulnerabilities:
- CVE-2019-2627
- CVE-2019-2614
* Amend previous changelog entries to include newly released CVE numbers.
* Gitlab-CI: Sync latest version from Debian Sid but with Stretch adaptions
* Uses respolveip from correct path as per upstream fix (Closes: #928758)
-- Otto Kekäläinen <otto(a)debian.org> Fri, 02 Aug 2019 18:10:23 +0100
--- Modifications pour openldap (ldap-utils libldap-2.4-2 libldap-common) ---
openldap (2.4.44+dfsg-5+deb9u3) stretch; urgency=medium
* Fix slapd to restrict rootDN proxyauthz to its own databases
(CVE-2019-13057) (ITS#9038) (Closes: #932997)
* Fix slapd to enforce sasl_ssf ACL statement on every connection
(CVE-2019-13565) (ITS#9052) (Closes: #932998)
* Fix slapo-rwm to not free original filter when rewritten filter is invalid
(ITS#8964) (Closes: #934277, LP: #1838370)
-- Ryan Tandy <ryan(a)nardis.ca> Sat, 10 Aug 2019 12:17:00 -0700
--- Modifications pour openssh (openssh-client openssh-server openssh-sftp-server) ---
openssh (1:7.4p1-10+deb9u7) stretch; urgency=medium
* Fix deadlock when the keys/principals command produces a lot of
output and a key is matched early (upstream commit
ddd3d34e5c7979ca6f4a3a98a7d219a4ed3d98c2). (Closes: #905226)
-- Moritz Mühlenhoff <jmm(a)debian.org> Mon, 15 Jul 2019 15:32:09 +0200
--- Modifications pour systemd (libpam-systemd libsystemd0 libudev1 systemd systemd-sysv udev) ---
systemd (232-25+deb9u12) stretch; urgency=medium
* networkd: Do not stop ndisc client in case of conf error.
When an NDisc error happens, e.g. in case of a prefix change, do not shut
down the dhcp client. Instead log about it and continue.
Otherwise networkd might fail to renew the DHCPv4 address and lose IPv4
connectivity. (Closes: #930353)
-- Michael Biebl <biebl(a)debian.org> Sun, 21 Jul 2019 20:43:29 +0200
--- Modifications pour unzip ---
unzip (6.0-21+deb9u2) stretch; urgency=medium
* Fix incorrect parsing of 64-bit values in fileio.c. Closes: #929502.
* Apply three patches by Mark Adler to fix CVE-2019-13232.
- Fix bug in undefer_input() that misplaced the input state.
- Detect and reject a zip bomb using overlapped entries.
Bug discovered by David Fifield. Closes: #931433.
- Do not raise a zip bomb alert for a misplaced central directory.
Reported by Peter Green. Closes: #932404.
-- Santiago Vila <sanvila(a)debian.org> Mon, 05 Aug 2019 18:10:06 +0200
--- Modifications pour usbutils ---
usbutils (1:007-4+deb9u1) stretch; urgency=medium
* Update usb.ids. Closes: #927365.
-- Aurelien Jarno <aurel32(a)debian.org> Sat, 03 Aug 2019 12:59:31 +0000
--- Modifications pour cups (libcups2 libcupsimage2) ---
cups (2.2.1-8+deb9u4) stretch; urgency=low
* Fix multiple security/disclosure issues (Closes: #934957)
- CVE-2019-8696 and CVE-2019-8675: Fixed SNMP buffer overflows
- Fixed IPP buffer overflow
- Fixed memory disclosure issue in the scheduler
- Fixed DoS issues in the scheduler
-- Didier Raboud <odyx(a)debian.org> Wed, 21 Aug 2019 09:51:54 +0200
--- Modifications pour zsh ---
zsh (5.3.1-4+b3) stretch; urgency=low, binary-only=yes
* Binary-only non-maintainer upload for amd64; no source changes.
* Rebuild to pick up security updates in dependencies for zsh-static
-- amd64 Build Daemon (binet) <buildd-binet(a)buildd.debian.org> Sat, 25 May 2019 21:00:38 +0000
========================================================================
You can perform the upgrade by issuing the command:
apt-get dist-upgrade
as root on quigon.federez.net
--
apticron
5 années, 7 mois
- 1
- 0
32 Debian package update(s) for nonagon.federez.net
par club-federez@crans.org
apticron report [Thu, 12 Sep 2019 13:49:11 +0200]
========================================================================
apticron has detected that some packages need upgrading on:
nonagon.federez.net
[ 185.230.78.42 2a0c:700:0:23:67:e5ff:fee9:3 ]
The following packages are currently pending an upgrade:
base-files 9.9+deb9u11
gettext-base 0.19.8.1-2+deb9u1
ldap-utils 2.4.44+dfsg-5+deb9u3
libcom-err2 1.44.5-1+deb10u1
libcomerr2 1.44.5-1+deb10u1
libcups2 2.2.1-8+deb9u4
libgd3 2.2.4-2+deb9u5
libglib2.0-0 2.50.3-2+deb9u1
libicu57 57.1-6+deb9u3
libldap-2.4-2 2.4.44+dfsg-5+deb9u3
libldap-common 2.4.44+dfsg-5+deb9u3
libmariadbclient18 10.1.41-0+deb9u1
libncurses6 6.1+20181013-2+deb10u1
libnghttp2-14 1.18.1-1+deb9u1
libpam-systemd 232-25+deb9u12
libsystemd0 232-25+deb9u12
libtinfo6 6.1+20181013-2+deb10u1
libudev1 232-25+deb9u12
libxslt1.1 1.1.29-2.1+deb9u1
linux-libc-dev 4.9.189-3
mariadb-client-10.1 10.1.41-0+deb9u1
mariadb-client-core-10.1 10.1.41-0+deb9u1
mariadb-common 10.1.41-0+deb9u1
openssh-client 1:7.4p1-10+deb9u7
openssh-server 1:7.4p1-10+deb9u7
openssh-sftp-server 1:7.4p1-10+deb9u7
python3-reportbug 7.1.7+deb9u3
reportbug 7.1.7+deb9u3
ssh 1:7.4p1-10+deb9u7
systemd 232-25+deb9u12
unzip 6.0-21+deb9u2
zsh 5.3.1-4+b3
========================================================================
Package Details:
apt-listchanges : Lecture des fichiers de modifications (« changelog »)...
apt-listchanges : journaux des modifications (« changelogs »)
-------------------------------------------------------------
--- Modifications pour base-files ---
base-files (9.9+deb9u11) stretch; urgency=emergency
* Non-maintainer upload.
* Change /etc/debian_version to 9.11, for Debian 9.11 point release.
-- Julien Cristau <jcristau(a)debian.org> Sun, 08 Sep 2019 12:51:39 +0200
base-files (9.9+deb9u10) stretch; urgency=medium
* Change /etc/debian_version to 9.10, for Debian 9.10 point release.
* Add VERSION_CODENAME to os-release. Closes: #829245. Please note
that this is only for stable releases.
-- Santiago Vila <sanvila(a)debian.org> Fri, 30 Aug 2019 14:27:24 +0200
--- Modifications pour libgd2 (libgd3) ---
libgd2 (2.2.4-2+deb9u5) stretch; urgency=high
* Fix CVE-2019-11038: Uninitialized read in gdImageCreateFromXbm
(Closes: #929821)
-- Jonas Meurer <jonas(a)freesources.org> Tue, 11 Jun 2019 17:33:42 +0200
--- Modifications pour nghttp2 (libnghttp2-14) ---
nghttp2 (1.18.1-1+deb9u1) stretch-security; urgency=high
* Fix CVE-2019-9511 and CVE-2019-9513
-- Tomasz Buchert <tomasz(a)debian.org> Fri, 23 Aug 2019 19:05:18 +0200
--- Modifications pour e2fsprogs (libcom-err2 libcomerr2) ---
e2fsprogs (1.44.5-1+deb10u1) buster; urgency=medium
* Fix e4defrag crashes on 32-bit architectures (Closes: #920767)
-- Theodore Y. Ts'o <tytso(a)mit.edu> Fri, 02 Aug 2019 23:49:00 -0400
--- Modifications pour gettext (gettext-base) ---
gettext (0.19.8.1-2+deb9u1) stretch; urgency=medium
* Stop xgettext() from crashing when run with --its=FILE option.
Patch taken from Debian 10, which in turn was extracted from
upstream git. Should help the inkscape project. Closes: #891347.
See https://gitlab.com/inkscape/inkscape/issues/271 for details.
-- Santiago Vila <sanvila(a)debian.org> Sat, 31 Aug 2019 01:30:22 +0200
--- Modifications pour glib2.0 (libglib2.0-0) ---
glib2.0 (2.50.3-2+deb9u1) stretch; urgency=medium
* Team upload
* d/gbp.conf: Add GNOME team configuration
* d/p/gfile-Limit-access-to-files-when-copying.patch:
When copying files, give the temporary partial copy of the file
suitably restrictive permissions (Closes: #929753; CVE-2019-12450)
* d/p/keyfile-settings-Use-tighter-permissions.patch:
Create directory and file with restrictive permissions when using the
GKeyfileSettingsBackend. Mitigation: in this version of GLib, the
GKeyfileSettingsBackend can only be used explicitly by code, and is
never selected automatically. (Closes: #931234; CVE-2019-13012)
* d/p/gmarkup-Fix-unvalidated-UTF-8-read-in-markup-parsing-erro.patch,
d/p/gmarkup-Avoid-reading-off-the-end-of-a-buffer-when-non-nu.patch:
Avoid buffer read overrun when formatting error messages for invalid
UTF-8 in GMarkup (CVE-2018-16429)
* d/p/gmarkup-Fix-crash-in-error-handling-path-for-closing-elem.patch:
Avoid NULL dereference when parsing invalid GMarkup with a malformed
closing tag not paired with an opening tag (CVE-2018-16429)
-- Simon McVittie <smcv(a)debian.org> Tue, 13 Aug 2019 10:46:20 +0100
--- Modifications pour icu (libicu57) ---
icu (57.1-6+deb9u3) stretch; urgency=medium
* Fix pkgdata command segfault (closes: #893009).
-- Laszlo Boszormenyi (GCS) <gcs(a)debian.org> Wed, 07 Aug 2019 16:30:43 +0000
--- Modifications pour libxslt (libxslt1.1) ---
libxslt (1.1.29-2.1+deb9u1) stretch; urgency=medium
* Non-maintainer upload.
* Fix security framework bypass (CVE-2019-11068) (Closes: #926895, #933743)
* Fix uninitialized read of xsl:number token (CVE-2019-13117)
(Closes: #931321, #933743)
* Fix uninitialized read with UTF-8 grouping chars (CVE-2019-13118)
(Closes: #931320, #933743)
-- Salvatore Bonaccorso <carnil(a)debian.org> Sat, 24 Aug 2019 14:04:13 +0200
--- Modifications pour linux (linux-libc-dev) ---
linux (4.9.189-3) stretch; urgency=medium
* tcp: fix tcp_rtx_queue_tail in case of empty retransmit queue
-- Salvatore Bonaccorso <carnil(a)debian.org> Mon, 02 Sep 2019 09:18:39 +0200
linux (4.9.189-2) stretch; urgency=medium
[ Salvatore Bonaccorso ]
* xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT
(CVE-2019-15538)
[ Ben Hutchings ]
* [s390x] Revert "perf test 6: Fix missing kvm module load for s390"
(fixes FTBFS)
-- Ben Hutchings <ben(a)decadent.org.uk> Fri, 30 Aug 2019 01:48:25 +0100
linux (4.9.189-1) stretch; urgency=medium
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.186
- [x86] Input: elantech - enable middle button support on 2 ThinkPads
- mac80211: mesh: fix RCU warning
- mac80211: free peer keys before vif down in mesh
- netfilter: ipv6: nf_defrag: fix leakage of unqueued fragments
- netfilter: ipv6: nf_defrag: accept duplicate fragments again
- [armhf] Input: imx_keypad - make sure keyboard can always wake up system
- [arm64] KVM: arm/arm64: vgic: Fix kvm_device leak in vgic_its_destroy
- mac80211: only warn once on chanctx_conf being NULL
- md: fix for divide error in status_resync
- bnx2x: Check if transceiver implements DDM before access
- ip6_tunnel: allow not to count pkts on tstats by passing dev as NULL
- net :sunrpc :clnt :Fix xps refcount imbalance on the error path
- udf: Fix incorrect final NOT_ALLOCATED (hole) extent length
- [x86] ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()
- [x86] tls: Fix possible spectre-v1 in do_get_thread_area()
- fscrypt: don't set policy for a dead directory
- USB: serial: ftdi_sio: add ID for isodebug v1
- USB: serial: option: add support for GosunCn ME3630 RNDIS mode
- Revert "serial: 8250: Don't service RX FIFO if interrupts are disabled"
- p54usb: Fix race between disconnect and firmware loading
(CVE-2019-15220)
- usb: gadget: ether: Fix race between gether_disconnect and rx_submit
- [i386] staging: comedi: dt282x: fix a null pointer deref on interrupt
- [x86] staging: comedi: amplc_pci230: fix null pointer deref on interrupt
- carl9170: fix misuse of device driver API
- [x86] VMCI: Fix integer overflow in VMCI handle arrays
- Revert "e1000e: fix cyclic resets at link up with active tx"
- e1000e: start network tx queue only when link is up
- [arm64] crypto: remove accidentally backported files
- perf/core: Fix perf_sample_regs_user() mm check
- [armhf] omap2: remove incorrect __init annotation
- be2net: fix link failure after ethtool offline test
- ppp: mppe: Add softdep to arc4
- sis900: fix TX completion
- dm verity: use message limit for data block corruption message
- [s390x] fix stfle zero padding
- [s390x] qdio: (re-)initialize tiqdio list entries
- [s390x] qdio: don't touch the dsci in tiqdio_add_input_queues()
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.187
- [arm64] efi: Mark __efistub_stext_offset as an absolute symbol explicitly
- [armhf] dmaengine: imx-sdma: fix use-after-free on probe error path
- ath10k: Do not send probe response template for mesh
- ath9k: Check for errors when reading SREV register
- ath6kl: add some bounds checking
- ath: DFS JP domain W56 fixed pulse type 3 RADAR detection
- batman-adv: fix for leaked TVLV handler.
- media: dvb: usb: fix use after free in dvb_usb_device_exit
- media: marvell-ccic: fix DMA s/g desc number calculation
- media: media_device_enum_links32: clean a reserved field
- [armhf,arm64] net: stmmac: dwmac1000: Clear unused address entries
- [armhf,arm64] net: stmmac: dwmac4/5: Clear unused address entries
- signal/pid_namespace: Fix reboot_pid_ns to use send_sig not force_sig
- af_key: fix leaks in key_pol_get_resp and dump_sp.
- xfrm: Fix xfrm sel prefix length validation
- media: mc-device.c: don't memset __user pointer contents
- net: phy: Check against net_device being NULL
- tua6100: Avoid build warnings.
- [armhf] media: wl128x: Fix some error handling in
fm_v4l2_init_video_device()
- cpupower : frequency-set -r option misses the last cpu in related cpu
list
- [s390x] qdio: handle PENDING state for QEBSM devices
- perf cs-etm: Properly set the value of 'old' and 'head' in snapshot mode
- [armhf] gpio: omap: fix lack of irqstatus_raw0 for OMAP4
- [armhf] gpio: omap: ensure irq is enabled before wakeup
- regmap: fix bulk writes on paged registers
- bpf: silence warning messages in core
- rcu: Force inlining of rcu_read_lock()
- blkcg, writeback: dead memcgs shouldn't contribute to writeback ownership
arbitration
- xfrm: fix sa selector validation
- perf evsel: Make perf_evsel__name() accept a NULL argument
- vhost_net: disable zerocopy by default
- ipoib: correcly show a VF hardware address
- EDAC/sysfs: Fix memory leak when creating a csrow object
- ipsec: select crypto ciphers for xfrm_algo
- media: i2c: fix warning same module names
- ntp: Limit TAI-UTC offset
- timer_list: Guard procfs specific code
- [arm64] acpi: ignore 5.1 FADTs that are reported as 5.0
- mt7601u: do not schedule rx_tasklet when the device has been disconnected
- mt7601u: fix possible memory leak when the device is disconnected
- ath10k: fix PCIE device wake up failed
- perf tools: Increase MAX_NR_CPUS and MAX_CACHES
- libata: don't request sense data on !ZAC ATA devices
- [armhf] clocksource/drivers/exynos_mct: Increase priority over ARM arch
timer
- rslib: Fix decoding of shortened codes
- rslib: Fix handling of of caller provided syndrome
- ixgbe: Check DDM existence in transceiver before access
- crypto: asymmetric_keys - select CRYPTO_HASH where needed
- EDAC: Fix global-out-of-bounds write when setting edac_mc_poll_msec
- bcache: check c->gc_thread by IS_ERR_OR_NULL in cache_set_flush()
- iwlwifi: mvm: Drop large non sta frames
- net: usb: asix: init MAC address buffers
- gpiolib: Fix references to gpiod_[gs]et_*value_cansleep() variants
- Bluetooth: hci_bcsp: Fix memory leak in rx_skb
- Bluetooth: 6lowpan: search for destination address in all peers
- Bluetooth: Check state in l2cap_disconnect_rsp
- Bluetooth: validate BLE connection interval updates
- gtp: fix Illegal context switch in RCU read-side critical section.
- gtp: fix use-after-free in gtp_newlink()
- crypto: ghash - fix unaligned memory access in ghash_setkey()
- [arm64] crypto: sha1-ce - correct digest for empty data in finup
- [arm64] crypto: sha2-ce - correct digest for empty data in finup
- crypto: chacha20poly1305 - fix atomic sleep when using async algorithm
- [armhf] regulator: s2mps11: Fix buck7 and buck8 wrong voltages
- [arm64] tegra: Update Jetson TX1 GPU regulator timings
- iwlwifi: pcie: don't service an interrupt that was masked
- tracing/snapshot: Resize spare buffer if size changed
- NFSv4: Handle the special Linux file open access mode
- lib/scatterlist: Fix mapping iterator when sg->offset is greater than
PAGE_SIZE
- ALSA: seq: Break too long mutex context in the write loop
- [x86] ALSA: hda/realtek: apply ALC891 headset fixup to one Dell machine
- media: v4l2: Test type instead of cfg->type in v4l2_ctrl_new_custom()
- [x86] KVM: vPMU: refine kvm_pmu err msg when event creation failed
- [arm64] tegra: Fix AGIC register range
- fs/proc/proc_sysctl.c: fix the default values of i_uid/i_gid on /proc/sys
inodes.
- drm/nouveau/i2c: Enable i2c pads & busses during preinit
- padata: use smp_mb in padata_reorder to avoid orphaned padata jobs
- 9p/virtio: Add cleanup path in p9_virtio_init
- PCI: Do not poll for PME if the device is in D3cold
- Btrfs: add missing inode version, ctime and mtime updates when punching
hole
- libnvdimm/pfn: fix fsdax-mode namespace info-block zero-fields
- take floppy compat ioctls to floppy.c
- [x86] crypto: ccp - Validate the the error value used to index error
messages
- [x86] PCI: hv: Delete the device earlier from hbus->children for hot-
remove
- [x86] PCI: hv: Fix a use-after-free bug in hv_eject_device_work()
- [ppc64el] watchpoint: Restore NV GPRs while returning from exception
- eCryptfs: fix a couple type promotion bugs
- [x86] intel_th: msu: Fix single mode with disabled IOMMU
- Bluetooth: Add SMP workaround Microsoft Surface Precision Mouse bug
- usb: Handle USB3 remote wakeup for LPM enabled devices correctly
- dm bufio: fix deadlock with loop device
- compiler.h: Add read_word_at_a_time() function.
- ext4: allow directory holes
- bnx2x: Prevent load reordering in tx completion processing
- bnx2x: Prevent ptp_task to be rescheduled indefinitely
- igmp: fix memory leak in igmpv3_del_delrec()
- ipv4: don't set IPv6 only flags to IPv4 addresses
- [armhf] net: dsa: mv88e6xxx: wait after reset deactivation
- net: neigh: fix multiple neigh timer scheduling
- net: openvswitch: fix csum updates for MPLS actions
- nfc: fix potential illegal memory access
- rxrpc: Fix send on a connected, but unbound socket
- [x86] sky2: Disable MSI on ASUS P6T
- vrf: make sure skb->data contains ip header to make routing
- macsec: fix use-after-free of skb during RX
- macsec: fix checksumming after decryption
- netrom: fix a memory leak in nr_rx_frame()
- netrom: hold sock when setting skb->destructor
- bonding: validate ip header before check IPPROTO_IGMP
- tcp: Reset bytes_acked and bytes_received when disconnecting
- net: bridge: mcast: fix stale nsrcs pointer in igmp3/mld2 report handling
- net: bridge: mcast: fix stale ipv6 hdr pointer when handling v6 query
- net: bridge: stp: don't cache eth dest pointer before skb pull
- [x86] perf/amd/uncore: Rename 'L2' to 'LLC'
- [x86] perf/amd/uncore: Get correct number of cores sharing last level
cache
- [x86] perf/events/amd/uncore: Fix amd_uncore_llc ID to use pre-defined
cpu_llc_id
- NFSv4: Fix open create exclusive when the server reboots
- nfsd: give out fewer session slots as limit approaches
- nfsd: fix performance-limiting session calculation
- nfsd: Fix overflow causing non-working mounts on 1 TB machines
- [armhf,arm64] drm/panel: simple: Fix panel_simple_dsi_probe
- usb: core: hub: Disable hub-initiated U1/U2
- [armhf] pinctrl: rockchip: fix leaked of_node references
- memstick: Fix error cleanup path of memstick_init
- [arm64] tty: serial: msm_serial: avoid system lockup condition
- serial: 8250: Fix TX interrupt handling condition
- drm/virtio: Add memory barriers for capset cache.
- phy: renesas: rcar-gen2: Fix memory leak at error paths
- [armhf] drm/rockchip: Properly adjust to a true clock in adjusted_mode
- tty: serial_core: Set port active bit in uart_port_activate
- usb: gadget: Zero ffs_io_data
- [ppc64el] pci/of: Fix OF flags parsing for 64bit BARs
- PCI: sysfs: Ignore lockdep for remove attribute
- iio: iio-utils: Fix possible incorrect mask calculation
- [ppc64el] recordmcount: Fix spurious mcount entries on powerpc
- mfd: core: Set fwnode for created devices
- [arm64] mfd: hi655x-pmic: Fix missing return value check for
devm_regmap_init_mmio_clk
- RDMA/i40iw: Set queue pair state when being queried
- perf test mmap-thread-lookup: Initialize variable to suppress memory
sanitizer warning
- RDMA/rxe: Fill in wc byte_len with IB_WC_RECV_RDMA_WITH_IMM
- [ppc64el] boot: add {get, put}_unaligned_be32 to xz_config.h
- f2fs: avoid out-of-range memory access
- mailbox: handle failed named mailbox channel request
- [ppc64el] eeh: Handle hugepages in ioremap space
- 9p: pass the correct prototype to read_cache_page
- mm/mmu_notifier: use hlist_add_head_rcu()
- usb: wusbcore: fix unbalanced get/put cluster_id
- [x86] usb: pci-quirks: Correct AMD PLL quirk detection
- [x86] sysfb_efi: Add quirks for some devices with swapped width and
height
- [x86] speculation/mds: Apply more accurate check on hypervisor platform
- [x86] hpet: Fix division by zero in hpet_time_div()
- ALSA: line6: Fix wrong altsetting for LINE6_PODHD500_1
- ALSA: hda - Add a conexant codec entry to let mute led work
- access: avoid the RCU grace period for the temporary subjective
credentials
- [arm64] dts: marvell: Fix A37xx UART0 register size
- i2c: qup: fixed releasing dma without flush operation completion
- [arm64] compat: Provide definition for COMPAT_SIGMINSTKSZ
(Closes: #904385)
- ISDN: hfcsusb: checking idx of ep configuration
- media: au0828: fix null dereference in error path
- media: cpia2_usb: first wake up, then free in disconnect
- media: radio-raremono: change devm_k*alloc to k*alloc
- sched/fair: Don't free p->numa_faults with concurrent readers
- drivers/pps/pps.c: clear offset flags in PPS_SETPARAMS ioctl
- ceph: hold i_ceph_lock when removing caps for freeing inode
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.188
- [armhf] dts: rockchip: Make rk3288-veyron-minnie run at hs200
- [armhf] dts: rockchip: Make rk3288-veyron-mickey's emmc work again
- [armhf] dts: rockchip: Mark that the rk3288 timer might stop in suspend
- ftrace: Enable trampoline when rec count returns back to one
- kernel/module.c: Only return -EEXIST for modules that have finished
loading
- fs/adfs: super: fix use-after-free bug
- btrfs: fix minimum number of chunk errors for DUP
- ceph: fix improper use of smp_mb__before_atomic()
- ceph: return -ERANGE if virtual xattr value didn't fit in buffer
- [s390x] scsi: zfcp: fix GCC compiler warning emitted with
-Wmaybe-uninitialized
- ACPI: fix false-positive -Wuninitialized warning
- be2net: Signal that the device cannot transmit during reconfiguration
- [x86] apic: Silence -Wtype-limits compiler warnings
- mm/cma.c: fail if fixed declaration can't be honored
- coda: add error handling for fget
- coda: fix build using bare-metal toolchain
- uapi linux/coda_psdev.h: move upc_req definition from uapi to kernel side
headers
- drivers/rapidio/devices/rio_mport_cdev.c: NUL terminate some strings
- ipc/mqueue.c: only perform resource calculation if user valid
- [x86] kvm: Don't call kvm_spurious_fault() from .fixup
- [x86] boot: Remove multiple copy of static function
sanitize_boot_params()
- Btrfs: fix incremental send failure after deduplication
- [armhf,arm64] mmc: dw_mmc: Fix occasional hang after tuning on eMMC
- gpiolib: fix incorrect IRQ requesting of an active-low lineevent
- selinux: fix memory leak in policydb_init()
- [s390x] dasd: fix endless loop after read unit address configuration
- [arm*] drivers/perf: arm_pmu: Fix failure path in PM notifier
- xen/swiotlb: fix condition for calling xen_destroy_contiguous_region()
- IB/mlx5: Fix RSS Toeplitz setup to be aligned with the HW specification
- infiniband: fix race condition between infiniband mlx4, mlx5 driver and
core dumping
- coredump: fix race condition between collapse_huge_page() and core dumping
- eeprom: at24: make spd world-readable again
- Backport minimal compiler_attributes.h to support GCC 9
- include/linux/module.h: copy __init/__exit attrs to init/cleanup_module
- objtool: Support GCC 9 cold subfunction naming scheme
- [x86] mm, gup: prevent get_page() race with munmap in paravirt guest
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.189
- scsi: fcoe: Embed fc_rport_priv in fcoe_rport structure
- [armhf] dts: Add pinmuxing for i2c2 and i2c3 for LogicPD SOM-LV
- [armhf] dts: Add pinmuxing for i2c2 and i2c3 for LogicPD torpedo
- [armhf] dts: logicpd-som-lv: Fix Audio Mute
- [arm64] cpufeature: Fix CTR_EL0 field definitions
- [arm64] cpufeature: Fix feature comparison for CTR_EL0.{CWG,ERG}
- tcp: be more careful in tcp_fragment()
- HID: wacom: fix bit shift for Cintiq Companion 2
- HID: Add quirk for HP X1200 PIXART OEM mouse
- RDMA: Directly cast the sockaddr union to sockaddr
- IB: directly cast the sockaddr union to aockaddr
- objtool: Add machine_real_restart() to the noreturn list
- objtool: Add rewind_stack_do_exit() to the noreturn list
- libceph: use kbasename() and kill ceph_file_part()
- atm: iphase: Fix Spectre v1 vulnerability
- net: bridge: delete local fdb on device init failure
- net: bridge: mcast: don't delete permanent entries when fast leave is
enabled
- net: fix ifindex collision during namespace removal
- net/mlx5: Use reversed order when unregister devices
- net: sched: Fix a possible null-pointer dereference in dequeue_func()
- tipc: compat: allow tipc commands without arguments
- compat_ioctl: pppoe: fix PPPOEIOCSFWD handling
- ip6_tunnel: fix possible use-after-free on xmit
- ife: error out when nla attributes are empty
- bnx2x: Disable multi-cos feature.
- [armhf,arm64] spi: bcm2835: Fix 3-wire mode if DMA is enabled
[ Ben Hutchings ]
* Bump ABI to 11
* siphash: implement HalfSipHash1-3 for hash tables (Closes: #935134)
* netfilter: conntrack: Use consistent ct id hash calculation
(fixes regression in 4.9.168-1+deb9u5)
-- Ben Hutchings <ben(a)decadent.org.uk> Thu, 22 Aug 2019 21:50:36 +0100
linux (4.9.185-1) stretch; urgency=medium
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.185
- [arm64,armhf] usb: chipidea: udc: workaround for endpoint conflict issue
- [amd64] IB/hfi1: Silence txreq allocation warnings
- Input: uinput - add compat ioctl number translation for UI_*_FF_UPLOAD
- apparmor: enforce nullbyte at end of tag string
- parport: Fix mem leak in parport_register_dev_model
- [amd64] IB/hfi1: Insure freeze_work work_struct is canceled on shutdown
- IB/{qib, hfi1, rdmavt}: Correct ibv_devinfo max_mr value
- [mips*] uprobes: remove set but not used variable 'epc'
- [armhf] net: dsa: mv88e6xxx: avoid error message on remove from VLAN 0
- [arm64] net: hns: Fix loopback test failed at copper ports
- [arm64] drm/arm/hdlcd: Allow a bit of clock tolerance
- scsi: ufs: Check that space was properly alloced in copy_query_response
- [s390x] qeth: fix VLAN attribute in bridge_hostnotify udev event
- nvme: Fix u32 overflow in the number of namespace list calculation
- btrfs: start readahead also in seed devices
- can: purge socket error queue on sock destruct
- [ppc64el] powerpc/bpf: use unsigned division instruction for 64-bit
operations
- Bluetooth: Align minimum encryption key size for LE and BR/EDR
connections
- Bluetooth: Fix regression with minimum encryption key size alignment
- cfg80211: fix memory leak of wiphy device name
- mac80211: drop robust management frames from unknown TA
- mac80211: Do not use stack memory with scatterlist for GMAC
- [amd64] IB/hfi1: Avoid hardlockup with flushlist_lock
- 9p/rdma: do not disconnect on down_interruptible EAGAIN
- 9p: acl: fix uninitialized iattr access
- 9p/rdma: remove useless check in cm_event_handler
- 9p: p9dirent_read: check network-provided name length
- fs/proc/array.c: allow reporting eip/esp for all coredumping threads
- [x86] scsi: vmw_pscsi: Fix use-after-free in pvscsi_queue_lck()
- [x86] x86/speculation: Allow guests to use SSBD even if host does not
- NFS/flexfiles: Use the correct TCP timeout for flexfiles I/O
- cpu/speculation: Warn on unsupported mitigations= parameter
- af_packet: Block execution of tasks waiting for transmit to complete in
AF_PACKET
- [arm64,armhf] net: stmmac: fixed new system time seconds value
calculation
- sctp: change to hold sk after auth shkey is created successfully
- tipc: change to use register_pernet_device
- tipc: check msg->req data len in tipc_nl_compat_bearer_disable
- tun: wake up waitqueues after IFF_UP is set
- team: Always enable vlan tx offload
- bonding: Always enable vlan tx offload
- ipv4: Use return value of inet_iif() for __raw_v4_lookup in the while
loop
- net: check before dereferencing netdev_ops during busy poll
- bpf: udp: Avoid calling reuseport's bpf_prog from udp_gro
- bpf: udp: ipv6: Avoid running reuseport's bpf_prog from __udp6_lib_err
- tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
- Bluetooth: Fix faulty expression for minimum encryption key size check
- ASoC: soc-pcm: BE dai needs prepare when pause release after resume
- spi: bitbang: Fix NULL pointer dereference in spi_unregister_master
- ASoC: max98090: remove 24-bit format support if RJ is 0
- scsi: hpsa: correct ioaccel2 chaining
- mm/mlock.c: change count_mm_mlocked_page_nr return type
- [mips*] math-emu: do not use bools for arithmetic
- [armhf] mfd: omap-usb-tll: Fix register offsets
- [armhf] clk: sunxi: fix uninitialized access
- [x86] KVM: degrade WARN to pr_warn_ratelimited
- [x86] drm/i915/dmc: protect against reading random memory
- ALSA: firewire-lib/fireworks: fix miss detection of received MIDI
messages
- ALSA: line6: Fix write on zero-sized buffer
- ALSA: usb-audio: fix sign unintended sign extension on left shifts
- [x86] lib/mpi: Fix karactx leak in mpi_powm
- [armhf] drm/imx: notify drm core before sending event during crtc
disable
- [armhf] drm/imx: only send event on crtc disable if kept disabled
- btrfs: Ensure replaced device doesn't have pending chunk allocation
- [x86] tty: rocket: fix incorrect forward declaration of 'rp_init()'
- [arm64] vdso: Define vdso_{start,end} as array
- [x86] KVM: LAPIC: Fix pending interrupt in IRR blocked by software
disable LAPIC
- [amd64] IB/hfi1: Close PSM sdma_progress sleep window
- [mips*] Add missing EHB in mtc0 -> mfc0 sequence.
- [armhf] dmaengine: imx-sdma: remove BD_INTR for channel0
-- Salvatore Bonaccorso <carnil(a)debian.org> Sun, 21 Jul 2019 14:35:10 +0200
linux (4.9.184-1) stretch; urgency=medium
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.169
- [x86] power: Fix some ordering bugs in __restore_processor_context()
- [amd64] power/64: Use struct desc_ptr for the IDT in struct saved_context
- [i386] power/32: Move SYSENTER MSR restoration to fix_processor_context()
- [x86] power: Make restore_processor_context() sane
- [ppc64el] powerpc/tm: Limit TM code inside PPC_TRANSACTIONAL_MEM
- [ppc64el] Fix invalid use of register expressions
- [ppc64el] powerpc/64s: Add barrier_nospec
- [ppc64el] powerpc/64s: Add support for ori barrier_nospec patching
- [ppc64el] Avoid code patching freed init sections
- [ppc64el] powerpc/64s: Patch barrier_nospec in modules
- [ppc64el] powerpc/64s: Enable barrier_nospec based on firmware settings
- [ppc64el] Use barrier_nospec in copy_from_user()
- [ppc64el] powerpc/64: Use barrier_nospec in syscall entry
- [ppc64el] powerpc/64s: Enhance the information in cpu_show_spectre_v1()
- [ppc64el] powerpc64s: Show ori31 availability in spectre_v1 sysfs file
not v2
- [ppc64el] powerpc/64: Disable the speculation barrier from the command
line
- [ppc64el] powerpc/64: Make stf barrier PPC_BOOK3S_64 specific.
- [ppc64el] powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC
- [ppc64el] powerpc/64: Call setup_barrier_nospec() from setup_arch()
- [ppc64el] powerpc/64: Make meltdown reporting Book3S 64 specific
- [ppc64el] asm: Add a patch_site macro & helpers for patching
instructions
- [ppc64el] powerpc/64s: Add new security feature flags for count cache
flush
- [ppc64el] powerpc/64s: Add support for software count cache flush
- [ppc64el] powerpc/pseries: Query hypervisor for count cache flush
settings
- [ppc64el] powerpc/powernv: Query firmware for count cache flush
settings
- [ppc64el] security: Fix spectre_v2 reporting
- [arm64] kaslr: Reserve size of ARM64_MEMSTART_ALIGN in linear region
- tty: ldisc: add sysctl to prevent autoloading of ldiscs
- ipv6: Fix dangling pointer when ipv6 fragment
- ipv6: sit: reset ip header pointer in ipip6_rcv
- openvswitch: fix flow actions reallocation
- qmi_wwan: add Olicard 600
- sctp: initialize _pad of sockaddr_in before copying to user memory
- tcp: Ensure DCTCP reacts to losses
- vrf: check accept_source_route on the original netdevice
- bnxt_en: Reset device on RX buffer errors.
- bnxt_en: Improve RX consumer index validity check.
- net/mlx5e: Add a lock on tir list
- netns: provide pure entropy for net_hash_mix()
- net: ethtool: not call vzalloc for zero sized memory request
- ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type
- ALSA: seq: Fix OOB-reads from strlcpy
- Btrfs: do not allow trimming when a fs is mounted with the nologreplay
option
- block: do not leak memory in bio_copy_user_iov()
- genirq: Respect IRQCHIP_SKIP_SET_WAKE in irq_chip_set_wake_parent()
- virtio: Honour 'may_reduce_num' in vring_create_virtqueue
- [arm64] futex: Fix FUTEX_WAKE_OP atomic ops with non-zero result value
- [x86] xen: Prevent buffer overflow in privcmd ioctl
- sched/fair: Do not re-read ->h_load_next during hierarchical load
calculation
- PCI: Add function 1 DMA alias quirk for Marvell 9170 SATA controller
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.170
- perf/core: Restore mmap record type correctly
- ext4: add missing brelse() in add_new_gdb_meta_bg()
- ext4: report real fs size after failed resize
- [i386] ALSA: sb8: add a check for request_region
- IB/mlx4: Fix race condition between catas error reset and aliasguid
flows
- [x86] thermal/int340x_thermal: Add additional UUIDs
- [x86] thermal/int340x_thermal: fix mode setting
- perf config: Fix an error in the config template documentation
- perf config: Fix a memory leak in collect_config()
- perf build-id: Fix memory leak in print_sdt_events()
- perf top: Fix error handling in cmd_top()
- perf hist: Add missing map__put() in error case
- perf evsel: Free evsel->counts in perf_evsel__exit()
- [arm64] irqchip/mbigen: Don't clear eventid when freeing an MSI
- [x86] hpet: Prevent potential NULL pointer dereference
- [i386] x86/cpu/cyrix: Use correct macros for Cyrix calls on Geode
processors
- [amd64] iommu/vt-d: Check capability before disabling protected memory
- [x86] hw_breakpoints: Make default case in hw_breakpoint_arch_parse()
return an error
- fix incorrect error code mapping for OBJECTID_NOT_FOUND
- ext4: prohibit fstrim in norecovery mode
- rsi: improve kernel thread handling to fix kernel panic
- 9p: do not trust pdu content for stat item size
- 9p locks: add mount option for lock retry interval
- f2fs: fix to do sanity check with current segment number
- [arm64] serial: uartps: console_setup() can't be placed to init section
- HID: i2c-hid: override HID descriptors for certain devices
- [x86] ACPI / SBS: Fix GPE storm on recent MacBookPro's
- cifs: fallback to older infolevels on findfirst queryinfo retry
- kernel: hung_task.c: disable on suspend
- [armhf] crypto: sha256/arm - fix crash bug in Thumb2 build
- [armhf] crypto: sha512/arm - fix crash bug in Thumb2 build
- [amd64] iommu/dmar: Fix buffer overflow during PCI bus notification
- [arm64,armhf] soc/tegra: pmc: Drop locking from
tegra_powergate_is_powered()
- [armel,armhf] 8839/1: kprobe: make patch_lock a raw_spinlock_t
- appletalk: Fix use-after-free in atalk_proc_exit
- lib/div64.c: off by one in shift
- include/linux/swap.h: use offsetof() instead of custom __swapoffset
macro
- [x86] tpm/tpm_crb: Avoid unaligned reads in crb_recv()
- [arm64,armhf] net: stmmac: Set dma ring length before enabling the DMA
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.171
- bonding: fix event handling for stacked bonds
- net: atm: Fix potential Spectre v1 vulnerabilities
- net: bridge: fix per-port af_packet sockets
- net: bridge: multicast: use rcu to access port list from
br_multicast_start_querier
- net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv
- tcp: tcp_grow_window() needs to respect tcp_space()
- team: set slave to promisc if team is already in promisc mode
- vhost: reject zero size iova range
- ipv4: recompile ip options in ipv4_link_failure
- ipv4: ensure rcu_read_lock() in ipv4_link_failure()
- mmc: sdhci: Fix data command CRC error handling
- [x86] tpm/tpm_i2c_atmel: Return -E2BIG when the transfer is incomplete
- CIFS: keep FileInfo handle live during oplock break
- [x86] KVM: Don't clear EFER during SMM transitions for 32-bit vCPU
- [x86] iio/gyro/bmg160: Use millidegrees for temperature scale
- [x86] io: accel: kxcjk1013: restore the range after resume.
- [x86] staging: comedi: vmk80xx: Fix use of uninitialized semaphore
- [x86] staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf
- [x86] staging: comedi: ni_usb6501: Fix use of uninitialized mutex
- [x86] staging: comedi: ni_usb6501: Fix possible double-free of
->usb_rx_buf
- ALSA: core: Fix card races between register and disconnect
- Revert "scsi: fcoe: clear FC_RP_STARTED flags when receiving a LOGO"
- [x86] Revert "svm: Fix AVIC incomplete IPI emulation"
- [x86] crypto: x86/poly1305 - fix overflow during partial reduction
- [x86] kprobes: Verify stack frame on kretprobe
- kprobes: Mark ftrace mcount handler functions nokprobe
- kprobes: Fix error check when reusing optimized probes
- rt2x00: do not increment sequence number while re-transmitting
- mac80211: do not call driver wake_tx_queue op during reconfig
- [x86] perf/x86/amd: Add event map for AMD Family 17h
- sched/fair: Limit sched_cfs_period_timer() loop to avoid hard lockup
- device_cgroup: fix RCU imbalance in error case
- ALSA: info: Fix racy addition/deletion of nodes
- percpu: stop printing kernel addresses (CVE-2018-5995)
- [x86] i2c-hid: properly terminate i2c_hid_dmi_desc_override_table[] array
- kernel/sysctl.c: fix out-of-bounds access when setting file-max
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.172
- kbuild: simplify ld-option implementation
- cifs: do not attempt cifs operation on smb2+ rename error
- tracing: Fix a memory leak by early error exit in trace_pid_write()
- [mips*] scall64-o32: Fix indirect syscall number load
- trace: Fix preempt_enable_no_resched() abuse
- IB/rdmavt: Fix frwr memory registration
- sched/numa: Fix a possible divide-by-zero
- ceph: ensure d_name stability in ceph_dentry_hash()
- ceph: fix ci->i_head_snapc leak
- nfsd: Don't release the callback slot unless it was actually held
- sunrpc: don't mark uninitialised items as VALID.
- [arm64,armhf] drm/vc4: Fix memory leak during gpu reset.
- [arm64,armhf] drm/vc4: Fix compilation error reported by kbuild test bot
- USB: Add new USB LPM helpers
- USB: Consolidate LPM checks to avoid enabling LPM twice
- vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock
- tipc: handle the err returned from cmd header function
- slip: make slhc_free() silently accept an error pointer
- [x86] intel_th: gth: Fix an off-by-one in output unassigning
- fs/proc/proc_sysctl.c: Fix a NULL pointer dereference
- NFS: Forbid setting AF_INET6 to "struct sockaddr_in"->sin_family.
- netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON
- tipc: check bearer name with right length in
tipc_nl_compat_bearer_enable
- tipc: check link name with right length in tipc_nl_compat_link_set
- ipv4: add sanity checks in ipv4_link_failure()
- net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query
- net: rds: exchange of 8K and 1M pool
- team: fix possible recursive locking when add slaves
- [arm64,armhf] net: stmmac: move stmmac_check_ether_addr() to driver
probe
- ipv4: set the tcp_min_rtt_wlen range from 0 to one day
- ipv6: frags: fix a lockdep false positive
- net: IP defrag: encapsulate rbtree defrag code into callable functions
- ipv6: remove dependency of nf_defrag_ipv6 on ipv6 module
- net: IP6 defrag: use rbtrees for IPv6 defrag
- net: IP6 defrag: use rbtrees in nf_conntrack_reasm.c
- Documentation: Add nospectre_v1 parameter
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.173
- usbnet: ipheth: prevent TX queue timeouts when device not ready
- usbnet: ipheth: fix potential null pointer dereference in
ipheth_carrier_set
- media: vivid: check if the cec_adapter is valid
- [armhf] dts: bcm283x: Fix hdmi hpd gpio pull
- [s390x] limit brk randomization to 32MB
- qlcnic: Avoid potential NULL pointer dereference
- netfilter: nft_set_rbtree: check for inactive element after flag
mismatch
- netfilter: bridge: set skb transport_header before entering
NF_INET_PRE_ROUTING
- usb: gadget: net2280: Fix overrun of OUT messages
- usb: gadget: net2280: Fix net2280_dequeue()
- staging: rtl8712: uninitialized memory in read_bbreg_hdl()
- NFS: Fix a typo in nfs_init_timeout_values()
- scsi: qla4xxx: fix a potential NULL pointer dereference
- usb: u132-hcd: fix resource leak
- ceph: fix use-after-free on symlink traversal
- [s390x] scsi: zfcp: reduce flood of fcrscn1 trace records on
multi-element RSCN
- [x86,arm64] libata: fix using DMA buffers on stack
- gpio: of: Fix of_gpiochip_add() error path
- [amd64] vfio/type1: Limit DMA mappings per container (CVE-2019-3882)
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.174
- ALSA: line6: use dynamic buffers
- ipv4: ip_do_fragment: Preserve skb_iif during fragmentation
- ipv6/flowlabel: wait rcu grace period before put_pid()
- ipv6: invert flowlabel sharing check in process and user mode
- packet: validate msg_namelen in send directly
- bnxt_en: Improve multicast address setup logic.
- net: phy: marvell: Fix buffer overrun with stats counters
- [arm64] proc: Set PTE_NG for table entries to avoid traversing them
twice
- [arm64] mm: print out correct page table entries
- [arm64] mm: don't print out page table entries on EL0 faults
- USB: yurex: Fix protection fault after device removal
- USB: w1 ds2490: Fix bug caused by improper use of altsetting array
- [x86] usb: usbip: fix isoc packet num validation in get_pipe
- USB: core: Fix unterminated string returned by usb_string()
- USB: core: Fix bug caused by duplicate interface PM usage counter
- nvme-loop: init nvmet_ctrl fatal_err_work when allocate
- HID: logitech: check the return value of create_singlethread_workqueue
- HID: debug: fix race condition with between rdesc_show() and device
removal
- batman-adv: Reduce claim hash refcnt only for removed entry
- batman-adv: Reduce tt_local hash refcnt only for removed entry
- batman-adv: Reduce tt_global hash refcnt only for removed entry
- igb: Fix WARN_ONCE on runtime suspend
- net/mlx5: E-Switch, Fix esw manager vport indication for more vport
commands
- bonding: show full hw address in sysfs for slave entries
- [arm64,armhf] net: stmmac: don't overwrite discard_frame status
- [arm64,armhf] net: stmmac: fix dropping of multi-descriptor RX frames
- [arm64,armhf] net: stmmac: don't log oversized frames
- jffs2: fix use-after-free on symlink traversal
- debugfs: fix use-after-free on symlink traversal
- [amd64,ppc64el] vfio/pci: use correct format characters
- scsi: core: add new RDAC LENOVO/DE_Series device
- [x86] scsi: storvsc: Fix calculation of sub-channel count
- [arm64] net: hns: fix KASAN: use-after-free in hns_nic_net_xmit_hw()
- [arm64] net: hns: Use NAPI_POLL_WEIGHT for hns driver
- [arm64] net: hns: Fix WARNING when remove HNS driver with SMMU enabled
- hugetlbfs: fix memory leak for resv_map
- [armel] orion: don't use using 64-bit DMA masks
- [x86] perf/x86/amd: Update generic hardware cache events for Family 17h
- scsi: RDMA/srpt: Fix a credit leak for aborted commands
- selinux: never allow relabeling on context mounts
- [x86] mce: Improve error message when kernel cannot recover, p2
- media: v4l2: i2c: ov7670: Fix PLL bypass register values
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.175
- scsi: libsas: fix a race condition when smp task timeout
(CVE-2018-20836)
- ASoC:soc-pcm:fix a codec fixup issue in TDM case
- [amd64] IB/hfi1: Eliminate opcode tests on mr deref
- [x86] perf/x86/intel: Fix handling of wakeup_events for multi-entry PEBS
- scsi: csiostor: fix missing data copy in csio_scsi_err_handler()
- virtio-blk: limit number of hw queues by nr_cpu_ids
- [amd64] iommu/amd: Set exclusion range correctly
- mm: add 'try_get_page()' helper function
- genirq: Prevent use-after-free and work list corruption
- [arm64,armhf] usb: dwc3: Fix default lpm_nyet_threshold value
- USB: serial: f81232: fix interrupt worker not stop
- usb-storage: Set virt_boundary_mask to avoid SG overflows
- scsi: qla2xxx: Fix incorrect region-size setting in optrom SYSFS
routines
- UAS: fix alignment of scatter/gather segments
- [x86] ASoC: Intel: avoid Oops if DMA setup fails
- timer/debug: Change /proc/timer_stats from 0644 to 0600 (CVE-2017-5967)
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.176
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.177
- netfilter: compat: initialize all fields in xt_init
- bpf: fix struct htab_elem layout
- bpf: convert htab map to hlist_nulls
- [x86] platform/x86: sony-laptop: Fix unintentional fall-through
- USB: serial: fix unthrottle races
- [x86] libnvdimm/namespace: Fix a potential NULL pointer dereference
- HID: input: add mapping for Expose/Overview key
- HID: input: add mapping for keyboard Brightness Up/Down/Toggle keys
- HID: input: add mapping for "Toggle Display" key
- [x86] libnvdimm/btt: Fix a kmemdup failure check
- [s390x] dasd: Fix capacity calculation for large volumes
- mac80211: fix unaligned access in mesh table hash function
- [s390x] 3270: fix lockdep false positive on view->lock
- mISDN: Check address length before reading address family
- [x86] reboot, efi: Use EFI reboot for Acer TravelMate X514-51T
- [x86] KVM: avoid misreporting level-triggered irqs as edge-triggered in
tracing
- init: initialize jump labels before command line option parsing
- ipvs: do not schedule icmp errors from tunnels
- [s390x] ctcm: fix ctcm_new_device error return code
- [armhf] gpu: ipu-v3: dp: fix CSC handling
- rtlwifi: rtl8723ae: Fix missing break in switch statement
- md/raid5: Don't jump to compute_result state from check_result state
- bridge: Fix error path for kobject_init_and_add()
- fib_rules: return 0 directly if an exactly same rule exists when
NLM_F_EXCL not supplied
- packet: Fix error path in packet_init
- vlan: disable SIOCSHWTSTAMP in container
- vrf: sit mtu should not be updated when vrf netdev is the link
- ipv4: Fix raw socket lookup for local traffic
- bonding: fix arp_validate toggling in active-backup mode
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.178
- net: core: another layer of lists, around PF_MEMALLOC skb handling
- locking/rwsem: Prevent decrement of reader count before increment
- [amd64] PCI: hv: Fix a memory leak in hv_eject_device_work()
- [x86] speculation/mds: Revert CPU buffer clear on double fault exit
- [x86] speculation/mds: Improve CPU buffer clear documentation
- [armhf] exynos: Fix a leaked reference by adding missing of_node_put
- [arm64] compat: Reduce address limit
- [arm64] Clear OSDLR_EL1 on CPU boot
- [x86] sched/x86: Save [ER]FLAGS on context switch
- crypto: chacha20poly1305 - set cra_name correctly
- [ppc64el] crypto: vmx - fix copy-paste error in CTR mode
- crypto: crct10dif-generic - fix use via crypto_shash_digest()
- [amd64] crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest()
- ALSA: usb-audio: Fix a memory leak bug
- ALSA: hda/hdmi - Read the pin sense from register when repolling
- ALSA: hda/hdmi - Consider eld_valid when reporting jack event
- ALSA: hda/realtek - EAPD turn on later
- ASoC: max98090: Fix restore of DAPM Muxes
- ASoC: RT5677-SPI: Disable 16Bit SPI Transfers
- ocfs2: fix ocfs2 read inode data panic in ocfs2_iget
- [arm64] mfd: max77620: Fix swapped FPS_PERIOD_MAX_US values
- tty/vt: fix write/write race in ioctl(KDSKBSENT) handler
- jbd2: check superblock mapped prior to committing
- ext4: actually request zeroing of inode table after grow
- ext4: fix ext4_show_options for file systems w/o journal
- Btrfs: do not start a transaction at iterate_extent_inodes()
- bcache: fix a race between cache register and cacheset unregister
- bcache: never set KEY_PTRS of journal key to 0 in journal_reclaim()
- [arm64] ipmi:ssif: compare block number correctly for multi-part return
messages
- crypto: gcm - Fix error return code in crypto_gcm_create_common()
- crypto: gcm - fix incompatibility between "gcm" and "gcm_base"
- crypto: salsa20 - don't access already-freed walk.iv
- fib_rules: fix error in backport of e9919a24d302 ("fib_rules: return
0...")
- writeback: synchronize sync(2) against cgroup writeback membership
switches
- fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going
into workqueue when umount
- ext4: fix data corruption caused by overlapping unaligned and aligned IO
- [x86] ALSA: hda/realtek - Fix for Lenovo B50-70 inverted internal
microphone bug
- [x86] KVM: Skip EFER vs. guest CPUID checks for host-initiated writes
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.179
- net: avoid weird emergency message
- net/mlx4_core: Change the error print to info print
- ppp: deflate: Fix possible crash in deflate_init
- tipc: switch order of device registration to fix a crash
- vsock/virtio: free packets during the socket release
- tipc: fix modprobe tipc failed after switch order of device registration
- vsock/virtio: Initialize core virtio vsock before registering the driver
- md: add mddev->pers to avoid potential NULL pointer dereference
- [x86] intel_th: msu: Fix single mode with IOMMU
- p54: drop device reference count if fails to enable device
- cifs: fix strcat buffer overflow and reduce raciness in
smb21_set_oplock_level()
- NFS4: Fix v4.0 client state corruption when mount
- [arm64,armhf] clk: tegra: Fix PLLM programming on Tegra124+ when PMC
overrides divider
- fuse: fix writepages on 32bit
- fuse: honor RLIMIT_FSIZE in fuse_file_fallocate
- [arm64,armhf] iommu/tegra-smmu: Fix invalid ASID bits on Tegra30/114
- ceph: flush dirty inodes before proceeding with remount
- tracing: Fix partial reading of trace event's id file
- [arm64,armhf] memory: tegra: Fix integer overflow on tick value
calculation
- [x86] perf intel-pt: Fix instructions sampling rate
- [x86] perf intel-pt: Fix improved sample timestamp
- [x86] perf intel-pt: Fix sample timestamp wrt non-taken branches
- PCI: Mark Atheros AR9462 to avoid bus reset
- PCI: Work around Pericom PCIe-to-PCI bridge Retrain Link erratum
- dm delay: fix a crash when invalid device is specified
- xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink
- xfrm6_tunnel: Fix potential panic when unloading xfrm6_tunnel module
- vti4: ipip tunnel deregistration fixes.
- xfrm4: Fix uninitialized memory read in _decode_session4
- mac80211: Fix kernel panic due to use of txq after free
- [arm64,armhf] KVM: arm/arm64: Ensure vcpu target is unset on reset
failure
- power: supply: sysfs: prevent endless uevent loop with
CONFIG_POWER_SUPPLY_DEBUG
- ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour
- Revert "Don't jump to compute_result state from check_result state"
- md/raid: raid5 preserve the writeback action after the parity check
- btrfs: Honour FITRIM range constraints during free space trim
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.180
- ext4: do not delete unlinked inode from orphan list on failed truncate
- [x86] KVM: fix return value for reserved EFER
- bio: fix improper use of smp_mb__before_atomic()
- Revert "scsi: sd: Keep disk read-only when re-reading partition"
- [ppc64el] crypto: vmx - CTR: always increment IV as quadword
- [x86] kvm: svm/avic: fix off-by-one in checking host APIC ID
- [x86] libnvdimm/namespace: Fix label tracking error
- [arm64] Save and restore OSDLR_EL1 across suspend/resume
- gfs2: Fix sign extension bug in gfs2_update_stats
- Btrfs: do not abort transaction at btrfs_update_root() after failure to
COW path
- Btrfs: fix race between ranged fsync and writeback of adjacent ranges
- btrfs: sysfs: don't leak memory when failing add fsid
- fbdev: fix divide error in fb_var_to_videomode
- hugetlb: use same fault hash key for shared and private mappings
- fbdev: fix WARNING in __alloc_pages_nodemask bug
- media: cpia2: Fix use-after-free in cpia2_exit
- media: vivid: use vfree() instead of kfree() for dev->bitmap_cap
- [x86,ppc64el] ssb: Fix possible NULL pointer dereference in
ssb_host_pcmcia_exit
- at76c50x-usb: Don't register led_trigger if usb_register_driver failed
- Revert "btrfs: Honour FITRIM range constraints during free space trim"
- gfs2: Fix lru_count going negative
- cxgb4: Fix error path in cxgb4_init_module
- mmc: core: Verify SD bus width
- [arm64] dmaengine: tegra210-dma: free dma controller in remove()
- [arm64,armhf] ASoC: hdmi-codec: unlock the device on startup errors
- [ppc64el] boot: Fix missing check of lseek() return value
- brcm80211: potential NULL dereference in
brcmf_cfg80211_vndr_cmds_dcmd_handler()
- [armel,armhf] vdso: Remove dependency with the arch_timer driver internals
- sched/cpufreq: Fix kobject memleak
- scsi: qla2xxx: Fix a qla24xx_enable_msix() error path
- iwlwifi: pcie: don't crash on invalid RX interrupt
- w1: fix the resume command API
- [armhf] dmaengine: pl330: _stop: clear interrupt status
- mac80211/cfg80211: update bss channel on channel switch
- mwifiex: prevent an array overflow
- [armhf] crypto: sun4i-ss - Fix invalid calculation of hash end
- bcache: return error immediately in bch_journal_replay()
- bcache: fix failure in journal relplay
- bcache: add failure check to run_cache_set() for journal replay
- [x86] build: Move _etext to actual end of .text
- smpboot: Place the __percpu annotation correctly
- [amd64] mm: Remove in_nmi() warning from 64-bit implementation of
vmalloc_fault()
- HID: logitech-hidpp: use RAP instead of FAP to get the protocol version
- media: au0828: stop video streaming only when last user stops
- audit: fix a memory leak bug
- media: au0828: Fix NULL pointer dereference in
au0828_analog_stream_enable()
- media: pvrusb2: Prevent a buffer overflow
- [ppc64el] numa: improve control of topology updates
- sched/core: Check quota and period overflow at usec to nsec conversion
- sched/core: Handle overflow in cpu_shares_write_u64
- USB: core: Don't unbind interfaces following device reset failure
- [amd64] irq: Limit IST stack overflow check to #DB stack
- i40e: don't allow changes to HW VLAN stripping on active port VLANs
- [arm64] vdso: Fix clock_getres() for CLOCK_REALTIME
- RDMA/cxgb4: Fix null pointer dereference on alloc_skb failure
- hwmon: (vt1211) Use request_muxed_region for Super-IO accesses
- [x86] hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses
- [x86] hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses
- hwmon: (pc87427) Use request_muxed_region for Super-IO accesses
- [x86] hwmon: (f71805f) Use request_muxed_region for Super-IO accesses
- scsi: libsas: Do discovery on empty PHY to update PHY info
- mmc: core: make pwrseq_emmc (partially) support sleepy GPIO controllers
- [arm64] mmc_spi: add a status check for spi_sync_locked
- PM / core: Propagate dev->power.wakeup_path when no callbacks
- rtlwifi: fix a potential NULL pointer dereference
- mwifiex: Fix mem leak in mwifiex_tm_cmd
- brcmfmac: fix missing checks for kmemdup
- brcmfmac: convert dev_init_lock mutex to completion
- brcmfmac: fix race during disconnect when USB completion is in progress
- brcmfmac: fix Oops when bringing up interface during USB disconnect
- scsi: ufs: Fix regulator load and icc-level configuration
- scsi: ufs: Avoid configuring regulator with undefined voltage range
- [arm64] cpu_ops: fix a leaked reference by adding missing of_node_put
- [x86] uaccess, signal: Fix AC=1 bloat
- [amd64] x86/ia32: Fix ia32_restore_sigcontext() AC leak
- chardev: add additional check for minor range overlap
- HID: core: move Usage Page concatenation to Main item
- [armhf] ASoC: eukrea-tlv320: fix a leaked reference by adding missing
of_node_put
- [armhf] ASoC: fsl_utils: fix a leaked reference by adding missing
of_node_put
- cxgb3/l2t: Fix undefined behaviour
- [arm64,armhf] spi: tegra114: reset controller on probe
- [armhf] media: wl128x: prevent two potential buffer overflows
- virtio_console: initialize vtermno value for ports
- [x86,ppc64el] tty: ipwireless: fix missing checks for ioremap
- [x86] mce: Fix machine_check_poll() tests for error types
- usb: core: Add PM runtime calls to usb_hcd_platform_shutdown
- scsi: qla4xxx: avoid freeing unallocated dma memory
- [arm64] dmaengine: tegra210-adma: use devm_clk_*() helpers
- media: m88ds3103: serialize reset messages in m88ds3103_set_frontend
- scsi: lpfc: Fix SLI3 commands being issued on SLI4 devices
- [i386] spi : spi-topcliff-pch: Fix to handle empty DMA buffers
- spi: Fix zero length xfer bug
- drm: Wake up next in drm_read() chain if we are forced to putback the
event
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.181
- ipv6: Consider sk_bound_dev_if when binding a raw socket to an address
- llc: fix skb leak in llc_build_and_send_ui_pkt()
- [armhf] net: fec: fix the clk mismatch in failed_reset path
- net-gro: fix use-after-free read in napi_gro_frags()
- [arm64,armhf] net: stmmac: fix reset gpio free missing
- usbnet: fix kernel crash after disconnect
- tipc: Avoid copying bytes beyond the supplied data
- bnxt_en: Fix aggregation buffer leak under OOM condition.
- ipv4/igmp: fix another memory leak in igmpv3_del_delrec()
- ipv4/igmp: fix build error if !CONFIG_IP_MULTICAST
- [armhf] net: dsa: mv88e6xxx: fix handling of upper half of
STATS_TYPE_PORT
- [armhf] net: mvneta: Fix err code path of probe
- [armhf] net: mvpp2: fix bad MVPP2_TXQ_SCHED_TOKEN_CNTR_REG queue value
- [ppc64el] crypto: vmx - ghash: do nosimd fallback manually
- xen/pciback: Don't disable PCI_COMMAND on PCI device reset.
(CVE-2015-8553)
- Revert "tipc: fix modprobe tipc failed after switch order of device
registration"
- tipc: fix modprobe tipc failed after switch order of device registration
- xhci: update bounce buffer with correct sg num
- xhci: Use %zu for printing size_t type
- xhci: Convert xhci_handshake() to use readl_poll_timeout_atomic()
- usb: xhci: avoid null pointer deref when bos field is NULL
- [x86] usbip: usbip_host: fix BUG: sleeping function called from invalid
context
- [x86] usbip: usbip_host: fix stub_dev lock context imbalance regression
- USB: Fix slab-out-of-bounds write in usb_get_bos_descriptor
- USB: sisusbvga: fix oops in error path of sisusb_probe
- USB: Add LPM quirk for Surface Dock GigE adapter
- USB: rio500: refuse more than one device at a time
- USB: rio500: fix memory leak in close after disconnect
- media: usb: siano: Fix general protection fault in smsusb
- media: usb: siano: Fix false-positive "uninitialized variable" warning
- media: smsusb: better handle optional alignment
- [s390x] scsi: zfcp: fix missing zfcp_port reference put on -EBUSY from
port_remove
- [s390x] scsi: zfcp: fix to prevent port_remove with pure auto scan LUNs
(only sdevs)
- Btrfs: fix race updating log root item during fsync
- [ppc64el] powerpc/perf: Fix MMCRA corruption by bhrb_filter
- ALSA: hda/realtek - Set default power save node to 0
- drm/nouveau/i2c: Disable i2c bus access after ->fini()
- [arm64] tty: serial: msm_serial: Fix XON/XOFF
- memcg: make it work on sparse non-0-node systems
- kernel/signal.c: trace_signal_deliver when signal_group_exit
- CIFS: cifs_read_allocate_pages: don't iterate through whole page array
on ENOMEM
- [x86] drm/vmwgfx: Don't send drm sysfs hotplug events on initial master
set
- binder: Replace "%p" with "%pK" for stable (CVE-2018-20509)
- binder: replace "%p" with "%pK" (CVE-2018-20510)
- fs: prevent page refcount overflow in pipe_buf_get (CVE-2019-11487)
- mm, gup: remove broken VM_BUG_ON_PAGE compound check for hugepages
- mm, gup: ensure real head page is ref-counted when using hugepages
- mm: prevent get_user_pages() from overflowing page refcount
(CVE-2019-11487)
- mm: make page ref count overflow check tighter and more explicit
(CVE-2019-11487)
- media: uvcvideo: Fix uvc_alloc_entity() allocation alignment
- ethtool: fix potential userspace buffer overflow
- neighbor: Call __ipv4_neigh_lookup_noref in neigh_xmit
- net/mlx4_en: ethtool, Remove unsupported SFP EEPROM high pages query
- net: rds: fix memory leak in rds_ib_flush_mr_pool
- pktgen: do not sleep with the thread lock held.
- ipv6: fix EFAULT on sendto with icmpv6 and hdrincl
- ipv6: use READ_ONCE() for inet->hdrincl as in ipv4
- Revert "fib_rules: fix error in backport of e9919a24d302 ("fib_rules:
return 0...")"
- Revert "fib_rules: return 0 directly if an exactly same rule exists when
NLM_F_EXCL not supplied"
- rcu: locking and unlocking need to always be at least barriers
- fuse: fallocate: fix return with locked inode
- [x86] power: Fix 'nosmt' vs hibernation triple fault during resume
- [ppc64el] genwqe: Prevent an integer overflow in the ioctl
- [x86] drm/gma500/cdv: Check vbt config bits when detecting lvds panels
- drm/radeon: prefer lower reference dividers
- [x86] drm/i915: Fix I915_EXEC_RING_MASK
- TTY: serial_core, add ->install
- fs: stream_open - opener for stream-like files so that read and write
can run simultaneously without deadlock
- fuse: Add FOPEN_STREAM to use stream_open()
- ipv4: Define __ipv4_neigh_lookup_noref when CONFIG_INET is disabled
- ethtool: check the return value of get_regs_len
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.182
- tcp: reduce tcp_fastretrans_alert() verbosity
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.183
- fs/fat/file.c: issue flush after the writeback of FAT
- sysctl: return -EINVAL if val violates minmax
- ipc: prevent lockup on alloc_msg and free_msg
- [armhf] prevent tracing IPI_CPU_BACKTRACE
- hugetlbfs: on restore reserve error path retain subpool reservation
- mem-hotplug: fix node spanned pages when we have a node with only
ZONE_MOVABLE
- [armhf,ppc64el] mm/cma.c: fix crash on CMA allocation if bitmap
allocation fails
- mm/slab.c: fix an infinite loop in leaks_show()
- kernel/sys.c: prctl: fix false positive in validate_prctl_map()
- [arm64] drivers: thermal: tsens: Don't print error message on
-EPROBE_DEFER
- [x86] mfd: intel-lpss: Set the device in reset state when init
- mfd: twl6040: Fix device init errors for ACCCTL register
- [x86] perf/intel: Allow PEBS multi-entry in watermark mode
- [arm64] drm/bridge: adv7511: Fix low refresh rate selection
- objtool: Don't use ignore flag for fake jumps
- [arm64] pwm: meson: Use the spin-lock only to protect register
modifications
- ntp: Allow TAI-UTC offset to be set to zero
- f2fs: fix to avoid panic in do_recover_data()
- f2fs: fix to clear dirty inode in error path of f2fs_iget()
- f2fs: fix to do sanity check on valid block count of segment
- configfs: fix possible use-after-free in configfs_register_group
- [armhf] watchdog: imx2_wdt: Fix set_timeout for big timeout values
- watchdog: fix compile time error of pretimeout governors
- [x86] iommu/vt-d: Set intel_iommu_gfx_mapped correctly
- ALSA: hda - Register irq handler after the chip initialization
- nvmem: core: fix read buffer in place
- fuse: retrieve: cap requested size to negotiated max_write
- nfsd: allow fh_want_write to be called twice
- [x86] PCI: Fix PCI IRQ routing table memory leak
- platform/chrome: cros_ec_proto: check for NULL transfer function
- [armhf] clk: rockchip: Turn on "aclk_dmac1" for suspend on rk3288
- [armhf] dts: imx6sx: Specify IMX6SX_CLK_IPG as "ahb" clock to SDMA
- [armhf] dts: imx7d: Specify IMX7D_CLK_IPG as "ipg" clock to SDMA
- [armhf] dts: imx6ul: Specify IMX6UL_CLK_IPG as "ipg" clock to SDMA
- [armhf] dts: imx6sx: Specify IMX6SX_CLK_IPG as "ipg" clock to SDMA
- [armhf] dts: imx6qdl: Specify IMX6QDL_CLK_IPG as "ipg" clock to SDMA
- [ppc64el] PCI: rpadlpar: Fix leaked device_node references in add/remove
paths
- [x86] platform: intel_pmc_ipc: adding error handling
- [x86] video: hgafb: fix potential NULL pointer dereference
- [arm64] PCI: xilinx: Check for __get_free_pages() failure
- [armhf] gpio: gpio-omap: add check for off wake capable gpios
- [x86] dmaengine: idma64: Use actual device for DMA transfers
- [armhf] pwm: tiehrpwm: Update shadow register for disabling PWMs
- [armhf] dts: exynos: Always enable necessary APIO_1V8 and ABB_1V8
regulators on Arndale Octa
- pwm: Fix deadlock warning when removing PWM device
- [armhf] exynos: Fix undefined instruction during Exynos5422 resume
- ALSA: seq: Cover unsubscribe_port() in list_mutex
- ALSA: oxfw: allow PCM capture for Stanton SCS.1m
- libata: Extend quirks for the ST1000LM024 drives with NOLPM quirk
- mm/list_lru.c: fix memory leak in __memcg_init_list_lru_node
- fs/ocfs2: fix race in ocfs2_dentry_attach_lock()
- signal/ptrace: Don't leak unitialized kernel memory with
PTRACE_PEEK_SIGINFO
- ptrace: restore smp_rmb() in __ptrace_may_access()
- media: v4l2-ioctl: clear fields in s_parm
- bcache: fix stack corruption by PRECEDING_KEY()
- cgroup: Use css_tryget() instead of css_tryget_online() in task_get_css()
- [x86] uaccess, kcov: Disable stack protector
- ALSA: seq: Fix race of get-subscription call vs port-delete ioctls
- Drivers: misc: fix out-of-bounds access in function param_set_kgdbts_var
- scsi: lpfc: add check for loss of ndlp when sending RRQ
- [arm64] mm: Inhibit huge-vmap with ptdump
- scsi: bnx2fc: fix incorrect cast to u64 on shift operation
- usbnet: ipheth: fix racing condition
- [x86] KVM: pmu: do not mask the value that is written to fixed PMUs
- [s390x] KVM: fix memory slot handling for KVM_SET_USER_MEMORY_REGION
- [x86] drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to
an invalid read
- [x86] drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define()
- [arm64,armhf] usb: dwc2: Fix DMA cache alignment issues
- USB: Fix chipmunk-like voice when using Logitech C270 for recording audio.
- USB: usb-storage: Add new ID to ums-realtek
- USB: serial: pl2303: add Allied Telesis VT-Kit3
- USB: serial: option: add support for Simcom SIM7500/SIM7600 RNDIS mode
- USB: serial: option: add Telit 0x1260 and 0x1261 compositions
- [armhf] rtc: pcf8523: don't return invalid date when battery is low
- ax25: fix inconsistent lock state in ax25_destroy_timer
- be2net: Fix number of Rx queues used for flow hashing
- ipv6: flowlabel: fl6_sock_lookup() must use atomic_inc_not_zero
- lapb: fixed leak of control-blocks.
- neigh: fix use-after-free read in pneigh_get_next
- [x86] perf/intel/ds: Fix EVENT vs. UEVENT PEBS constraints
- mISDN: make sure device name is NUL terminated
- [x86] CPU/AMD: Don't force the CPB cap when running under a hypervisor
- perf/ring_buffer: Fix exposing a temporarily decreased data_head
- perf/ring_buffer: Add ordering to rb->nest increment
- i2c: dev: fix potential memory leak in i2cdev_ioctl_rdwr
- configfs: Fix use-after-free when accessing sd->s_dentry
- perf data: Fix 'strncat may truncate' build failure with recent gcc
- perf record: Fix s390 missing module symbol and warning for non-root users
- [ppc64el] KVM: Book3S: Use new mutex to synchronize access to rtas token
list
- [ppc64el] KVM: Book3S HV: Don't take kvm->lock around kvm_for_each_vcpu
- scsi: libcxgbi: add a check for NULL pointer in cxgbi_check_route()
- scsi: smartpqi: properly set both the DMA mask and the coherent DMA mask
- scsi: libsas: delete sas port if expander discover failed
- vfs: Abort file_remove_privs() for non-reg. files
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.184
- tcp: refine memory limit test in tcp_fragment() (Closes: #930904)
[ Salvatore Bonaccorso ]
* [x86] Disable R3964 due to lack of security support
* Refresh version.patch for context changes in 4.9.170
* [rt] Drop 0053-arm-kprobe-replace-patch_lock-to-raw-lock.patch applied in
4.9.170
* Revert "x86: stop exporting msr-index.h to userland"
* [rt] Add new signing subkey for Steven Rostedt
* [rt] Update to 4.9.178-rt131:
- futex,rt_mutex: Restructure rt_mutex_finish_proxy_lock()
- Update "kernel/hotplug: restore original cpu mask oncpu/down" to always
call arch_smt_update()
* Refresh 0058-net-ena-complete-host-info-to-match-latest-ENA-spec.patch for
context changes in 4.9.180
* Drop efi-libstub-unify-command-line-param-parsing.patch
* Refresh arm64-add-kernel-config-option-to-set-securelevel-wh.patch for
context changes in 4.9.181
[ Ben Hutchings ]
* Drop "kbuild: Use -nostdinc in compile tests", which is no longer needed.
* [rt] Fix build failure after "genirq: Prevent use-after-free and work
list corruption":
- kthread: Convert worker lock to raw spinlock
- kthread: add a global worker thread.
- genirq: convert affinity_notify swork to kthread
* Bump ABI to 10 and apply deferred changes:
- genirq: Avoid summation loops for /proc/stat
* [ppc64el] Disable PPC_TRANSACTIONAL_MEM (Closes: #866122)
-- Salvatore Bonaccorso <carnil(a)debian.org> Sat, 29 Jun 2019 09:29:10 +0200
--- Modifications pour mariadb-10.1 (libmariadbclient18 mariadb-client-10.1 mariadb-client-core-10.1 mariadb-common) ---
mariadb-10.1 (10.1.41-0+deb9u1) stretch; urgency=medium
* SECURITY UPDATE: New upstream version 10.1.41. Includes fixes for the
following security vulnerabilities:
- CVE-2019-2737
- CVE-2019-2739
- CVE-2019-2740
- CVE-2019-2805
* Previous release 10.1.39
includes fixes for the following security vulnerabilities:
- CVE-2019-2627
- CVE-2019-2614
* Amend previous changelog entries to include newly released CVE numbers.
* Gitlab-CI: Sync latest version from Debian Sid but with Stretch adaptions
* Uses respolveip from correct path as per upstream fix (Closes: #928758)
-- Otto Kekäläinen <otto(a)debian.org> Fri, 02 Aug 2019 18:10:23 +0100
--- Modifications pour ncurses (libncurses6 libtinfo6) ---
ncurses (6.1+20181013-2+deb10u1) buster; urgency=medium
* Drop "rep" from xterm-new and derived terminfo descriptions
(Closes: #933053).
-- Sven Joachim <svenjoac(a)gmx.de> Mon, 05 Aug 2019 20:03:21 +0200
--- Modifications pour openldap (ldap-utils libldap-2.4-2 libldap-common) ---
openldap (2.4.44+dfsg-5+deb9u3) stretch; urgency=medium
* Fix slapd to restrict rootDN proxyauthz to its own databases
(CVE-2019-13057) (ITS#9038) (Closes: #932997)
* Fix slapd to enforce sasl_ssf ACL statement on every connection
(CVE-2019-13565) (ITS#9052) (Closes: #932998)
* Fix slapo-rwm to not free original filter when rewritten filter is invalid
(ITS#8964) (Closes: #934277, LP: #1838370)
-- Ryan Tandy <ryan(a)nardis.ca> Sat, 10 Aug 2019 12:17:00 -0700
--- Modifications pour openssh (openssh-client openssh-server openssh-sftp-server ssh) ---
openssh (1:7.4p1-10+deb9u7) stretch; urgency=medium
* Fix deadlock when the keys/principals command produces a lot of
output and a key is matched early (upstream commit
ddd3d34e5c7979ca6f4a3a98a7d219a4ed3d98c2). (Closes: #905226)
-- Moritz Mühlenhoff <jmm(a)debian.org> Mon, 15 Jul 2019 15:32:09 +0200
--- Modifications pour reportbug (python3-reportbug reportbug) ---
reportbug (7.1.7+deb9u3) stretch; urgency=medium
* Non-maintainer upload.
* Exclude *.pyc from source package.
* reportbug/utils.py
- update release names, following Buster releases, patch by Nicolas
Braud-Santoni; Closes: #932524, #931609
-- Andreas Beckmann <anbe(a)debian.org> Thu, 29 Aug 2019 16:19:25 +0200
--- Modifications pour systemd (libpam-systemd libsystemd0 libudev1 systemd) ---
systemd (232-25+deb9u12) stretch; urgency=medium
* networkd: Do not stop ndisc client in case of conf error.
When an NDisc error happens, e.g. in case of a prefix change, do not shut
down the dhcp client. Instead log about it and continue.
Otherwise networkd might fail to renew the DHCPv4 address and lose IPv4
connectivity. (Closes: #930353)
-- Michael Biebl <biebl(a)debian.org> Sun, 21 Jul 2019 20:43:29 +0200
--- Modifications pour unzip ---
unzip (6.0-21+deb9u2) stretch; urgency=medium
* Fix incorrect parsing of 64-bit values in fileio.c. Closes: #929502.
* Apply three patches by Mark Adler to fix CVE-2019-13232.
- Fix bug in undefer_input() that misplaced the input state.
- Detect and reject a zip bomb using overlapped entries.
Bug discovered by David Fifield. Closes: #931433.
- Do not raise a zip bomb alert for a misplaced central directory.
Reported by Peter Green. Closes: #932404.
-- Santiago Vila <sanvila(a)debian.org> Mon, 05 Aug 2019 18:10:06 +0200
--- Modifications pour cups (libcups2) ---
cups (2.2.1-8+deb9u4) stretch; urgency=low
* Fix multiple security/disclosure issues (Closes: #934957)
- CVE-2019-8696 and CVE-2019-8675: Fixed SNMP buffer overflows
- Fixed IPP buffer overflow
- Fixed memory disclosure issue in the scheduler
- Fixed DoS issues in the scheduler
-- Didier Raboud <odyx(a)debian.org> Wed, 21 Aug 2019 09:51:54 +0200
--- Modifications pour zsh ---
zsh (5.3.1-4+b3) stretch; urgency=low, binary-only=yes
* Binary-only non-maintainer upload for amd64; no source changes.
* Rebuild to pick up security updates in dependencies for zsh-static
-- amd64 Build Daemon (binet) <buildd-binet(a)buildd.debian.org> Sat, 25 May 2019 21:00:38 +0000
========================================================================
You can perform the upgrade by issuing the command:
apt-get dist-upgrade
as root on nonagon.federez.net
--
apticron
5 années, 7 mois
- 1
- 0
38 Debian package update(s) for quigon.federez.net
par root@quigon.federez.net
apticron report [Wed, 11 Sep 2019 22:38:04 +0200]
========================================================================
apticron has detected that some packages need upgrading on:
quigon.federez.net
[ 160.228.155.65 ]
The following packages are currently pending an upgrade:
base-files 9.9+deb9u11
clamav 0.101.4+dfsg-0+deb9u1
clamav-base 0.101.4+dfsg-0+deb9u1
clamav-daemon 0.101.4+dfsg-0+deb9u1
clamav-freshclam 0.101.4+dfsg-0+deb9u1
clamdscan 0.101.4+dfsg-0+deb9u1
gettext-base 0.19.8.1-2+deb9u1
ghostscript 9.26a~dfsg-0+deb9u5
ldap-utils 2.4.44+dfsg-5+deb9u3
libclamav9 0.101.4+dfsg-0+deb9u1
libcups2 2.2.1-8+deb9u4
libcupsimage2 2.2.1-8+deb9u4
libfribidi0 0.19.7-1+deb9u1
libglib2.0-0 2.50.3-2+deb9u1
libglib2.0-data 2.50.3-2+deb9u1
libgs9 9.26a~dfsg-0+deb9u5
libgs9-common 9.26a~dfsg-0+deb9u5
libicu57 57.1-6+deb9u3
libldap-2.4-2 2.4.44+dfsg-5+deb9u3
libldap-common 2.4.44+dfsg-5+deb9u3
libmariadbclient18 10.1.41-0+deb9u1
libnghttp2-14 1.18.1-1+deb9u1
libpam-systemd 232-25+deb9u12
libsystemd0 232-25+deb9u12
libudev1 232-25+deb9u12
libxslt1.1 1.1.29-2.1+deb9u1
linux-image-4.9.0-11-amd64 4.9.189-3
linux-image-amd64 4.9+80+deb9u9
linux-libc-dev 4.9.189-3
openssh-client 1:7.4p1-10+deb9u7
openssh-server 1:7.4p1-10+deb9u7
openssh-sftp-server 1:7.4p1-10+deb9u7
systemd 232-25+deb9u12
systemd-sysv 232-25+deb9u12
udev 232-25+deb9u12
unzip 6.0-21+deb9u2
usbutils 1:007-4+deb9u1
zsh 5.3.1-4+b3
========================================================================
Package Details:
apt-listchanges : Lecture des fichiers de modifications (« changelog »)...
apt-listchanges : journaux des modifications (« changelogs »)
-------------------------------------------------------------
--- Modifications pour base-files ---
base-files (9.9+deb9u11) stretch; urgency=emergency
* Non-maintainer upload.
* Change /etc/debian_version to 9.11, for Debian 9.11 point release.
-- Julien Cristau <jcristau(a)debian.org> Sun, 08 Sep 2019 12:51:39 +0200
base-files (9.9+deb9u10) stretch; urgency=medium
* Change /etc/debian_version to 9.10, for Debian 9.10 point release.
* Add VERSION_CODENAME to os-release. Closes: #829245. Please note
that this is only for stable releases.
-- Santiago Vila <sanvila(a)debian.org> Fri, 30 Aug 2019 14:27:24 +0200
--- Modifications pour ghostscript (ghostscript libgs9 libgs9-common) ---
ghostscript (9.26a~dfsg-0+deb9u5) stretch-security; urgency=high
* Non-maintainer upload by the Security Team.
* make .forceput inaccessible (CVE-2019-14811, CVE-2019-14812,
CVE-2019-14813)
* Issue an error message if an ExtGstate is not found
* PDF interpreter - review .forceput security (CVE-2019-14817)
-- Salvatore Bonaccorso <carnil(a)debian.org> Mon, 02 Sep 2019 14:56:06 +0200
--- Modifications pour nghttp2 (libnghttp2-14) ---
nghttp2 (1.18.1-1+deb9u1) stretch-security; urgency=high
* Fix CVE-2019-9511 and CVE-2019-9513
-- Tomasz Buchert <tomasz(a)debian.org> Fri, 23 Aug 2019 19:05:18 +0200
--- Modifications pour clamav (clamav clamav-base clamav-daemon clamav-freshclam clamdscan) ---
clamav (0.101.4+dfsg-0+deb9u1) stretch; urgency=medium
* Import 0.101.4 (Closes: 921190)
- CVE-2019-12625 (Add scan time limit to limit the processing zip-bombs)
(Closes:934359)
- CVE-2019-12900 (An out of bounds write was possible within ClamAV's
NSIS bzip)
- update symbols file (bump to 101.4 and drop unused cli_strnstr).
-- Sebastian Andrzej Siewior <sebastian(a)breakpoint.cc> Sun, 25 Aug 2019 14:08:40 +0200
clamav (0.101.2+dfsg-0+deb9u1) stretch; urgency=medium
* Import 0.101.2
- CVE-2019-1787 (An out-of-bounds heap read condition may occur when
scanning PDF documents)
- CVE-2019-1789 (An out-of-bounds heap read condition may occur when
scanning PE files)
- CVE-2019-1788 (An out-of-bounds heap write condition may occur when
scanning OLE2 files)
- CVE-2019-1786 (An out-of-bounds heap read condition may occur when
scanning malformed PDF documents)
- CVE-2019-1785 (A path-traversal write condition may occur as a result of
improper input validation when scanning RAR archives)
- CVE-2019-1798 (A use-after-free condition may occur as a result of
improper error handling when scanning nested RAR archives)
- update symbols file
- Remove DetectBrokenExecutables option from clamd template, it is
deprecated.
-- Sebastian Andrzej Siewior <sebastian(a)breakpoint.cc> Fri, 05 Apr 2019 22:07:01 +0200
clamav (0.101.1+dfsg-0+deb9u1) stretch; urgency=medium
[ Scott Kitterman ]
* Increase clamd socket command read timeout to 30 seconds (Closes: #915098)
* Add information to README.Debian on configuring clamav-milter's socket to
work with postfix
* Add lintian override for source-is-missing on test file that happens
to have long line length
[ Sebastian Andrzej Siewior ]
* Import new upstream release.
- update symbol file.
- add new options to the config file.
- package libclamav9
* Import 0.101.1
- update symbol file
- add back the json/curl configure options (don't rely on autodetect).
* Add abstractions/openssl to apparmor's profile. Thanks to intrigeri for
the help (Closes: #913020).
* Load the apparmor profile before starting the daemon. Thanks to intrigeri
for the help (Closes: #903834).
* Add attach_disconnected to freshclam's apparmor profile to hopefully get
it properly working in overlayfs enviroment. Thanks to Vincas Dargis
(Closes: #917648).
* debian/libclamav-dev.install: also install clamav-types.h
-- Sebastian Andrzej Siewior <sebastian(a)breakpoint.cc> Sun, 10 Mar 2019 16:49:51 +0100
--- Modifications pour fribidi (libfribidi0) ---
fribidi (0.19.7-1+deb9u1) stretch; urgency=medium
* Non-maintainer upload.
* libfribidi0-udeb: Fix right-to-left output in textual version of
d-i by installing the shared library files into a multi-arch libdir
(Closes: #917909).
-- Samuel Thibault <sthibault(a)debian.org> Sat, 08 Jun 2019 22:39:38 +0200
--- Modifications pour gettext (gettext-base) ---
gettext (0.19.8.1-2+deb9u1) stretch; urgency=medium
* Stop xgettext() from crashing when run with --its=FILE option.
Patch taken from Debian 10, which in turn was extracted from
upstream git. Should help the inkscape project. Closes: #891347.
See https://gitlab.com/inkscape/inkscape/issues/271 for details.
-- Santiago Vila <sanvila(a)debian.org> Sat, 31 Aug 2019 01:30:22 +0200
--- Modifications pour glib2.0 (libglib2.0-0 libglib2.0-data) ---
glib2.0 (2.50.3-2+deb9u1) stretch; urgency=medium
* Team upload
* d/gbp.conf: Add GNOME team configuration
* d/p/gfile-Limit-access-to-files-when-copying.patch:
When copying files, give the temporary partial copy of the file
suitably restrictive permissions (Closes: #929753; CVE-2019-12450)
* d/p/keyfile-settings-Use-tighter-permissions.patch:
Create directory and file with restrictive permissions when using the
GKeyfileSettingsBackend. Mitigation: in this version of GLib, the
GKeyfileSettingsBackend can only be used explicitly by code, and is
never selected automatically. (Closes: #931234; CVE-2019-13012)
* d/p/gmarkup-Fix-unvalidated-UTF-8-read-in-markup-parsing-erro.patch,
d/p/gmarkup-Avoid-reading-off-the-end-of-a-buffer-when-non-nu.patch:
Avoid buffer read overrun when formatting error messages for invalid
UTF-8 in GMarkup (CVE-2018-16429)
* d/p/gmarkup-Fix-crash-in-error-handling-path-for-closing-elem.patch:
Avoid NULL dereference when parsing invalid GMarkup with a malformed
closing tag not paired with an opening tag (CVE-2018-16429)
-- Simon McVittie <smcv(a)debian.org> Tue, 13 Aug 2019 10:46:20 +0100
--- Modifications pour icu (libicu57) ---
icu (57.1-6+deb9u3) stretch; urgency=medium
* Fix pkgdata command segfault (closes: #893009).
-- Laszlo Boszormenyi (GCS) <gcs(a)debian.org> Wed, 07 Aug 2019 16:30:43 +0000
--- Modifications pour libxslt (libxslt1.1) ---
libxslt (1.1.29-2.1+deb9u1) stretch; urgency=medium
* Non-maintainer upload.
* Fix security framework bypass (CVE-2019-11068) (Closes: #926895, #933743)
* Fix uninitialized read of xsl:number token (CVE-2019-13117)
(Closes: #931321, #933743)
* Fix uninitialized read with UTF-8 grouping chars (CVE-2019-13118)
(Closes: #931320, #933743)
-- Salvatore Bonaccorso <carnil(a)debian.org> Sat, 24 Aug 2019 14:04:13 +0200
--- Modifications pour linux (linux-libc-dev) ---
linux (4.9.189-3) stretch; urgency=medium
* tcp: fix tcp_rtx_queue_tail in case of empty retransmit queue
-- Salvatore Bonaccorso <carnil(a)debian.org> Mon, 02 Sep 2019 09:18:39 +0200
linux (4.9.189-2) stretch; urgency=medium
[ Salvatore Bonaccorso ]
* xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT
(CVE-2019-15538)
[ Ben Hutchings ]
* [s390x] Revert "perf test 6: Fix missing kvm module load for s390"
(fixes FTBFS)
-- Ben Hutchings <ben(a)decadent.org.uk> Fri, 30 Aug 2019 01:48:25 +0100
linux (4.9.189-1) stretch; urgency=medium
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.186
- [x86] Input: elantech - enable middle button support on 2 ThinkPads
- mac80211: mesh: fix RCU warning
- mac80211: free peer keys before vif down in mesh
- netfilter: ipv6: nf_defrag: fix leakage of unqueued fragments
- netfilter: ipv6: nf_defrag: accept duplicate fragments again
- [armhf] Input: imx_keypad - make sure keyboard can always wake up system
- [arm64] KVM: arm/arm64: vgic: Fix kvm_device leak in vgic_its_destroy
- mac80211: only warn once on chanctx_conf being NULL
- md: fix for divide error in status_resync
- bnx2x: Check if transceiver implements DDM before access
- ip6_tunnel: allow not to count pkts on tstats by passing dev as NULL
- net :sunrpc :clnt :Fix xps refcount imbalance on the error path
- udf: Fix incorrect final NOT_ALLOCATED (hole) extent length
- [x86] ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()
- [x86] tls: Fix possible spectre-v1 in do_get_thread_area()
- fscrypt: don't set policy for a dead directory
- USB: serial: ftdi_sio: add ID for isodebug v1
- USB: serial: option: add support for GosunCn ME3630 RNDIS mode
- Revert "serial: 8250: Don't service RX FIFO if interrupts are disabled"
- p54usb: Fix race between disconnect and firmware loading
(CVE-2019-15220)
- usb: gadget: ether: Fix race between gether_disconnect and rx_submit
- [i386] staging: comedi: dt282x: fix a null pointer deref on interrupt
- [x86] staging: comedi: amplc_pci230: fix null pointer deref on interrupt
- carl9170: fix misuse of device driver API
- [x86] VMCI: Fix integer overflow in VMCI handle arrays
- Revert "e1000e: fix cyclic resets at link up with active tx"
- e1000e: start network tx queue only when link is up
- [arm64] crypto: remove accidentally backported files
- perf/core: Fix perf_sample_regs_user() mm check
- [armhf] omap2: remove incorrect __init annotation
- be2net: fix link failure after ethtool offline test
- ppp: mppe: Add softdep to arc4
- sis900: fix TX completion
- dm verity: use message limit for data block corruption message
- [s390x] fix stfle zero padding
- [s390x] qdio: (re-)initialize tiqdio list entries
- [s390x] qdio: don't touch the dsci in tiqdio_add_input_queues()
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.187
- [arm64] efi: Mark __efistub_stext_offset as an absolute symbol explicitly
- [armhf] dmaengine: imx-sdma: fix use-after-free on probe error path
- ath10k: Do not send probe response template for mesh
- ath9k: Check for errors when reading SREV register
- ath6kl: add some bounds checking
- ath: DFS JP domain W56 fixed pulse type 3 RADAR detection
- batman-adv: fix for leaked TVLV handler.
- media: dvb: usb: fix use after free in dvb_usb_device_exit
- media: marvell-ccic: fix DMA s/g desc number calculation
- media: media_device_enum_links32: clean a reserved field
- [armhf,arm64] net: stmmac: dwmac1000: Clear unused address entries
- [armhf,arm64] net: stmmac: dwmac4/5: Clear unused address entries
- signal/pid_namespace: Fix reboot_pid_ns to use send_sig not force_sig
- af_key: fix leaks in key_pol_get_resp and dump_sp.
- xfrm: Fix xfrm sel prefix length validation
- media: mc-device.c: don't memset __user pointer contents
- net: phy: Check against net_device being NULL
- tua6100: Avoid build warnings.
- [armhf] media: wl128x: Fix some error handling in
fm_v4l2_init_video_device()
- cpupower : frequency-set -r option misses the last cpu in related cpu
list
- [s390x] qdio: handle PENDING state for QEBSM devices
- perf cs-etm: Properly set the value of 'old' and 'head' in snapshot mode
- [armhf] gpio: omap: fix lack of irqstatus_raw0 for OMAP4
- [armhf] gpio: omap: ensure irq is enabled before wakeup
- regmap: fix bulk writes on paged registers
- bpf: silence warning messages in core
- rcu: Force inlining of rcu_read_lock()
- blkcg, writeback: dead memcgs shouldn't contribute to writeback ownership
arbitration
- xfrm: fix sa selector validation
- perf evsel: Make perf_evsel__name() accept a NULL argument
- vhost_net: disable zerocopy by default
- ipoib: correcly show a VF hardware address
- EDAC/sysfs: Fix memory leak when creating a csrow object
- ipsec: select crypto ciphers for xfrm_algo
- media: i2c: fix warning same module names
- ntp: Limit TAI-UTC offset
- timer_list: Guard procfs specific code
- [arm64] acpi: ignore 5.1 FADTs that are reported as 5.0
- mt7601u: do not schedule rx_tasklet when the device has been disconnected
- mt7601u: fix possible memory leak when the device is disconnected
- ath10k: fix PCIE device wake up failed
- perf tools: Increase MAX_NR_CPUS and MAX_CACHES
- libata: don't request sense data on !ZAC ATA devices
- [armhf] clocksource/drivers/exynos_mct: Increase priority over ARM arch
timer
- rslib: Fix decoding of shortened codes
- rslib: Fix handling of of caller provided syndrome
- ixgbe: Check DDM existence in transceiver before access
- crypto: asymmetric_keys - select CRYPTO_HASH where needed
- EDAC: Fix global-out-of-bounds write when setting edac_mc_poll_msec
- bcache: check c->gc_thread by IS_ERR_OR_NULL in cache_set_flush()
- iwlwifi: mvm: Drop large non sta frames
- net: usb: asix: init MAC address buffers
- gpiolib: Fix references to gpiod_[gs]et_*value_cansleep() variants
- Bluetooth: hci_bcsp: Fix memory leak in rx_skb
- Bluetooth: 6lowpan: search for destination address in all peers
- Bluetooth: Check state in l2cap_disconnect_rsp
- Bluetooth: validate BLE connection interval updates
- gtp: fix Illegal context switch in RCU read-side critical section.
- gtp: fix use-after-free in gtp_newlink()
- crypto: ghash - fix unaligned memory access in ghash_setkey()
- [arm64] crypto: sha1-ce - correct digest for empty data in finup
- [arm64] crypto: sha2-ce - correct digest for empty data in finup
- crypto: chacha20poly1305 - fix atomic sleep when using async algorithm
- [armhf] regulator: s2mps11: Fix buck7 and buck8 wrong voltages
- [arm64] tegra: Update Jetson TX1 GPU regulator timings
- iwlwifi: pcie: don't service an interrupt that was masked
- tracing/snapshot: Resize spare buffer if size changed
- NFSv4: Handle the special Linux file open access mode
- lib/scatterlist: Fix mapping iterator when sg->offset is greater than
PAGE_SIZE
- ALSA: seq: Break too long mutex context in the write loop
- [x86] ALSA: hda/realtek: apply ALC891 headset fixup to one Dell machine
- media: v4l2: Test type instead of cfg->type in v4l2_ctrl_new_custom()
- [x86] KVM: vPMU: refine kvm_pmu err msg when event creation failed
- [arm64] tegra: Fix AGIC register range
- fs/proc/proc_sysctl.c: fix the default values of i_uid/i_gid on /proc/sys
inodes.
- drm/nouveau/i2c: Enable i2c pads & busses during preinit
- padata: use smp_mb in padata_reorder to avoid orphaned padata jobs
- 9p/virtio: Add cleanup path in p9_virtio_init
- PCI: Do not poll for PME if the device is in D3cold
- Btrfs: add missing inode version, ctime and mtime updates when punching
hole
- libnvdimm/pfn: fix fsdax-mode namespace info-block zero-fields
- take floppy compat ioctls to floppy.c
- [x86] crypto: ccp - Validate the the error value used to index error
messages
- [x86] PCI: hv: Delete the device earlier from hbus->children for hot-
remove
- [x86] PCI: hv: Fix a use-after-free bug in hv_eject_device_work()
- [ppc64el] watchpoint: Restore NV GPRs while returning from exception
- eCryptfs: fix a couple type promotion bugs
- [x86] intel_th: msu: Fix single mode with disabled IOMMU
- Bluetooth: Add SMP workaround Microsoft Surface Precision Mouse bug
- usb: Handle USB3 remote wakeup for LPM enabled devices correctly
- dm bufio: fix deadlock with loop device
- compiler.h: Add read_word_at_a_time() function.
- ext4: allow directory holes
- bnx2x: Prevent load reordering in tx completion processing
- bnx2x: Prevent ptp_task to be rescheduled indefinitely
- igmp: fix memory leak in igmpv3_del_delrec()
- ipv4: don't set IPv6 only flags to IPv4 addresses
- [armhf] net: dsa: mv88e6xxx: wait after reset deactivation
- net: neigh: fix multiple neigh timer scheduling
- net: openvswitch: fix csum updates for MPLS actions
- nfc: fix potential illegal memory access
- rxrpc: Fix send on a connected, but unbound socket
- [x86] sky2: Disable MSI on ASUS P6T
- vrf: make sure skb->data contains ip header to make routing
- macsec: fix use-after-free of skb during RX
- macsec: fix checksumming after decryption
- netrom: fix a memory leak in nr_rx_frame()
- netrom: hold sock when setting skb->destructor
- bonding: validate ip header before check IPPROTO_IGMP
- tcp: Reset bytes_acked and bytes_received when disconnecting
- net: bridge: mcast: fix stale nsrcs pointer in igmp3/mld2 report handling
- net: bridge: mcast: fix stale ipv6 hdr pointer when handling v6 query
- net: bridge: stp: don't cache eth dest pointer before skb pull
- [x86] perf/amd/uncore: Rename 'L2' to 'LLC'
- [x86] perf/amd/uncore: Get correct number of cores sharing last level
cache
- [x86] perf/events/amd/uncore: Fix amd_uncore_llc ID to use pre-defined
cpu_llc_id
- NFSv4: Fix open create exclusive when the server reboots
- nfsd: give out fewer session slots as limit approaches
- nfsd: fix performance-limiting session calculation
- nfsd: Fix overflow causing non-working mounts on 1 TB machines
- [armhf,arm64] drm/panel: simple: Fix panel_simple_dsi_probe
- usb: core: hub: Disable hub-initiated U1/U2
- [armhf] pinctrl: rockchip: fix leaked of_node references
- memstick: Fix error cleanup path of memstick_init
- [arm64] tty: serial: msm_serial: avoid system lockup condition
- serial: 8250: Fix TX interrupt handling condition
- drm/virtio: Add memory barriers for capset cache.
- phy: renesas: rcar-gen2: Fix memory leak at error paths
- [armhf] drm/rockchip: Properly adjust to a true clock in adjusted_mode
- tty: serial_core: Set port active bit in uart_port_activate
- usb: gadget: Zero ffs_io_data
- [ppc64el] pci/of: Fix OF flags parsing for 64bit BARs
- PCI: sysfs: Ignore lockdep for remove attribute
- iio: iio-utils: Fix possible incorrect mask calculation
- [ppc64el] recordmcount: Fix spurious mcount entries on powerpc
- mfd: core: Set fwnode for created devices
- [arm64] mfd: hi655x-pmic: Fix missing return value check for
devm_regmap_init_mmio_clk
- RDMA/i40iw: Set queue pair state when being queried
- perf test mmap-thread-lookup: Initialize variable to suppress memory
sanitizer warning
- RDMA/rxe: Fill in wc byte_len with IB_WC_RECV_RDMA_WITH_IMM
- [ppc64el] boot: add {get, put}_unaligned_be32 to xz_config.h
- f2fs: avoid out-of-range memory access
- mailbox: handle failed named mailbox channel request
- [ppc64el] eeh: Handle hugepages in ioremap space
- 9p: pass the correct prototype to read_cache_page
- mm/mmu_notifier: use hlist_add_head_rcu()
- usb: wusbcore: fix unbalanced get/put cluster_id
- [x86] usb: pci-quirks: Correct AMD PLL quirk detection
- [x86] sysfb_efi: Add quirks for some devices with swapped width and
height
- [x86] speculation/mds: Apply more accurate check on hypervisor platform
- [x86] hpet: Fix division by zero in hpet_time_div()
- ALSA: line6: Fix wrong altsetting for LINE6_PODHD500_1
- ALSA: hda - Add a conexant codec entry to let mute led work
- access: avoid the RCU grace period for the temporary subjective
credentials
- [arm64] dts: marvell: Fix A37xx UART0 register size
- i2c: qup: fixed releasing dma without flush operation completion
- [arm64] compat: Provide definition for COMPAT_SIGMINSTKSZ
(Closes: #904385)
- ISDN: hfcsusb: checking idx of ep configuration
- media: au0828: fix null dereference in error path
- media: cpia2_usb: first wake up, then free in disconnect
- media: radio-raremono: change devm_k*alloc to k*alloc
- sched/fair: Don't free p->numa_faults with concurrent readers
- drivers/pps/pps.c: clear offset flags in PPS_SETPARAMS ioctl
- ceph: hold i_ceph_lock when removing caps for freeing inode
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.188
- [armhf] dts: rockchip: Make rk3288-veyron-minnie run at hs200
- [armhf] dts: rockchip: Make rk3288-veyron-mickey's emmc work again
- [armhf] dts: rockchip: Mark that the rk3288 timer might stop in suspend
- ftrace: Enable trampoline when rec count returns back to one
- kernel/module.c: Only return -EEXIST for modules that have finished
loading
- fs/adfs: super: fix use-after-free bug
- btrfs: fix minimum number of chunk errors for DUP
- ceph: fix improper use of smp_mb__before_atomic()
- ceph: return -ERANGE if virtual xattr value didn't fit in buffer
- [s390x] scsi: zfcp: fix GCC compiler warning emitted with
-Wmaybe-uninitialized
- ACPI: fix false-positive -Wuninitialized warning
- be2net: Signal that the device cannot transmit during reconfiguration
- [x86] apic: Silence -Wtype-limits compiler warnings
- mm/cma.c: fail if fixed declaration can't be honored
- coda: add error handling for fget
- coda: fix build using bare-metal toolchain
- uapi linux/coda_psdev.h: move upc_req definition from uapi to kernel side
headers
- drivers/rapidio/devices/rio_mport_cdev.c: NUL terminate some strings
- ipc/mqueue.c: only perform resource calculation if user valid
- [x86] kvm: Don't call kvm_spurious_fault() from .fixup
- [x86] boot: Remove multiple copy of static function
sanitize_boot_params()
- Btrfs: fix incremental send failure after deduplication
- [armhf,arm64] mmc: dw_mmc: Fix occasional hang after tuning on eMMC
- gpiolib: fix incorrect IRQ requesting of an active-low lineevent
- selinux: fix memory leak in policydb_init()
- [s390x] dasd: fix endless loop after read unit address configuration
- [arm*] drivers/perf: arm_pmu: Fix failure path in PM notifier
- xen/swiotlb: fix condition for calling xen_destroy_contiguous_region()
- IB/mlx5: Fix RSS Toeplitz setup to be aligned with the HW specification
- infiniband: fix race condition between infiniband mlx4, mlx5 driver and
core dumping
- coredump: fix race condition between collapse_huge_page() and core dumping
- eeprom: at24: make spd world-readable again
- Backport minimal compiler_attributes.h to support GCC 9
- include/linux/module.h: copy __init/__exit attrs to init/cleanup_module
- objtool: Support GCC 9 cold subfunction naming scheme
- [x86] mm, gup: prevent get_page() race with munmap in paravirt guest
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.189
- scsi: fcoe: Embed fc_rport_priv in fcoe_rport structure
- [armhf] dts: Add pinmuxing for i2c2 and i2c3 for LogicPD SOM-LV
- [armhf] dts: Add pinmuxing for i2c2 and i2c3 for LogicPD torpedo
- [armhf] dts: logicpd-som-lv: Fix Audio Mute
- [arm64] cpufeature: Fix CTR_EL0 field definitions
- [arm64] cpufeature: Fix feature comparison for CTR_EL0.{CWG,ERG}
- tcp: be more careful in tcp_fragment()
- HID: wacom: fix bit shift for Cintiq Companion 2
- HID: Add quirk for HP X1200 PIXART OEM mouse
- RDMA: Directly cast the sockaddr union to sockaddr
- IB: directly cast the sockaddr union to aockaddr
- objtool: Add machine_real_restart() to the noreturn list
- objtool: Add rewind_stack_do_exit() to the noreturn list
- libceph: use kbasename() and kill ceph_file_part()
- atm: iphase: Fix Spectre v1 vulnerability
- net: bridge: delete local fdb on device init failure
- net: bridge: mcast: don't delete permanent entries when fast leave is
enabled
- net: fix ifindex collision during namespace removal
- net/mlx5: Use reversed order when unregister devices
- net: sched: Fix a possible null-pointer dereference in dequeue_func()
- tipc: compat: allow tipc commands without arguments
- compat_ioctl: pppoe: fix PPPOEIOCSFWD handling
- ip6_tunnel: fix possible use-after-free on xmit
- ife: error out when nla attributes are empty
- bnx2x: Disable multi-cos feature.
- [armhf,arm64] spi: bcm2835: Fix 3-wire mode if DMA is enabled
[ Ben Hutchings ]
* Bump ABI to 11
* siphash: implement HalfSipHash1-3 for hash tables (Closes: #935134)
* netfilter: conntrack: Use consistent ct id hash calculation
(fixes regression in 4.9.168-1+deb9u5)
-- Ben Hutchings <ben(a)decadent.org.uk> Thu, 22 Aug 2019 21:50:36 +0100
linux (4.9.185-1) stretch; urgency=medium
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.185
- [arm64,armhf] usb: chipidea: udc: workaround for endpoint conflict issue
- [amd64] IB/hfi1: Silence txreq allocation warnings
- Input: uinput - add compat ioctl number translation for UI_*_FF_UPLOAD
- apparmor: enforce nullbyte at end of tag string
- parport: Fix mem leak in parport_register_dev_model
- [amd64] IB/hfi1: Insure freeze_work work_struct is canceled on shutdown
- IB/{qib, hfi1, rdmavt}: Correct ibv_devinfo max_mr value
- [mips*] uprobes: remove set but not used variable 'epc'
- [armhf] net: dsa: mv88e6xxx: avoid error message on remove from VLAN 0
- [arm64] net: hns: Fix loopback test failed at copper ports
- [arm64] drm/arm/hdlcd: Allow a bit of clock tolerance
- scsi: ufs: Check that space was properly alloced in copy_query_response
- [s390x] qeth: fix VLAN attribute in bridge_hostnotify udev event
- nvme: Fix u32 overflow in the number of namespace list calculation
- btrfs: start readahead also in seed devices
- can: purge socket error queue on sock destruct
- [ppc64el] powerpc/bpf: use unsigned division instruction for 64-bit
operations
- Bluetooth: Align minimum encryption key size for LE and BR/EDR
connections
- Bluetooth: Fix regression with minimum encryption key size alignment
- cfg80211: fix memory leak of wiphy device name
- mac80211: drop robust management frames from unknown TA
- mac80211: Do not use stack memory with scatterlist for GMAC
- [amd64] IB/hfi1: Avoid hardlockup with flushlist_lock
- 9p/rdma: do not disconnect on down_interruptible EAGAIN
- 9p: acl: fix uninitialized iattr access
- 9p/rdma: remove useless check in cm_event_handler
- 9p: p9dirent_read: check network-provided name length
- fs/proc/array.c: allow reporting eip/esp for all coredumping threads
- [x86] scsi: vmw_pscsi: Fix use-after-free in pvscsi_queue_lck()
- [x86] x86/speculation: Allow guests to use SSBD even if host does not
- NFS/flexfiles: Use the correct TCP timeout for flexfiles I/O
- cpu/speculation: Warn on unsupported mitigations= parameter
- af_packet: Block execution of tasks waiting for transmit to complete in
AF_PACKET
- [arm64,armhf] net: stmmac: fixed new system time seconds value
calculation
- sctp: change to hold sk after auth shkey is created successfully
- tipc: change to use register_pernet_device
- tipc: check msg->req data len in tipc_nl_compat_bearer_disable
- tun: wake up waitqueues after IFF_UP is set
- team: Always enable vlan tx offload
- bonding: Always enable vlan tx offload
- ipv4: Use return value of inet_iif() for __raw_v4_lookup in the while
loop
- net: check before dereferencing netdev_ops during busy poll
- bpf: udp: Avoid calling reuseport's bpf_prog from udp_gro
- bpf: udp: ipv6: Avoid running reuseport's bpf_prog from __udp6_lib_err
- tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
- Bluetooth: Fix faulty expression for minimum encryption key size check
- ASoC: soc-pcm: BE dai needs prepare when pause release after resume
- spi: bitbang: Fix NULL pointer dereference in spi_unregister_master
- ASoC: max98090: remove 24-bit format support if RJ is 0
- scsi: hpsa: correct ioaccel2 chaining
- mm/mlock.c: change count_mm_mlocked_page_nr return type
- [mips*] math-emu: do not use bools for arithmetic
- [armhf] mfd: omap-usb-tll: Fix register offsets
- [armhf] clk: sunxi: fix uninitialized access
- [x86] KVM: degrade WARN to pr_warn_ratelimited
- [x86] drm/i915/dmc: protect against reading random memory
- ALSA: firewire-lib/fireworks: fix miss detection of received MIDI
messages
- ALSA: line6: Fix write on zero-sized buffer
- ALSA: usb-audio: fix sign unintended sign extension on left shifts
- [x86] lib/mpi: Fix karactx leak in mpi_powm
- [armhf] drm/imx: notify drm core before sending event during crtc
disable
- [armhf] drm/imx: only send event on crtc disable if kept disabled
- btrfs: Ensure replaced device doesn't have pending chunk allocation
- [x86] tty: rocket: fix incorrect forward declaration of 'rp_init()'
- [arm64] vdso: Define vdso_{start,end} as array
- [x86] KVM: LAPIC: Fix pending interrupt in IRR blocked by software
disable LAPIC
- [amd64] IB/hfi1: Close PSM sdma_progress sleep window
- [mips*] Add missing EHB in mtc0 -> mfc0 sequence.
- [armhf] dmaengine: imx-sdma: remove BD_INTR for channel0
-- Salvatore Bonaccorso <carnil(a)debian.org> Sun, 21 Jul 2019 14:35:10 +0200
linux (4.9.184-1) stretch; urgency=medium
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.169
- [x86] power: Fix some ordering bugs in __restore_processor_context()
- [amd64] power/64: Use struct desc_ptr for the IDT in struct saved_context
- [i386] power/32: Move SYSENTER MSR restoration to fix_processor_context()
- [x86] power: Make restore_processor_context() sane
- [ppc64el] powerpc/tm: Limit TM code inside PPC_TRANSACTIONAL_MEM
- [ppc64el] Fix invalid use of register expressions
- [ppc64el] powerpc/64s: Add barrier_nospec
- [ppc64el] powerpc/64s: Add support for ori barrier_nospec patching
- [ppc64el] Avoid code patching freed init sections
- [ppc64el] powerpc/64s: Patch barrier_nospec in modules
- [ppc64el] powerpc/64s: Enable barrier_nospec based on firmware settings
- [ppc64el] Use barrier_nospec in copy_from_user()
- [ppc64el] powerpc/64: Use barrier_nospec in syscall entry
- [ppc64el] powerpc/64s: Enhance the information in cpu_show_spectre_v1()
- [ppc64el] powerpc64s: Show ori31 availability in spectre_v1 sysfs file
not v2
- [ppc64el] powerpc/64: Disable the speculation barrier from the command
line
- [ppc64el] powerpc/64: Make stf barrier PPC_BOOK3S_64 specific.
- [ppc64el] powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC
- [ppc64el] powerpc/64: Call setup_barrier_nospec() from setup_arch()
- [ppc64el] powerpc/64: Make meltdown reporting Book3S 64 specific
- [ppc64el] asm: Add a patch_site macro & helpers for patching
instructions
- [ppc64el] powerpc/64s: Add new security feature flags for count cache
flush
- [ppc64el] powerpc/64s: Add support for software count cache flush
- [ppc64el] powerpc/pseries: Query hypervisor for count cache flush
settings
- [ppc64el] powerpc/powernv: Query firmware for count cache flush
settings
- [ppc64el] security: Fix spectre_v2 reporting
- [arm64] kaslr: Reserve size of ARM64_MEMSTART_ALIGN in linear region
- tty: ldisc: add sysctl to prevent autoloading of ldiscs
- ipv6: Fix dangling pointer when ipv6 fragment
- ipv6: sit: reset ip header pointer in ipip6_rcv
- openvswitch: fix flow actions reallocation
- qmi_wwan: add Olicard 600
- sctp: initialize _pad of sockaddr_in before copying to user memory
- tcp: Ensure DCTCP reacts to losses
- vrf: check accept_source_route on the original netdevice
- bnxt_en: Reset device on RX buffer errors.
- bnxt_en: Improve RX consumer index validity check.
- net/mlx5e: Add a lock on tir list
- netns: provide pure entropy for net_hash_mix()
- net: ethtool: not call vzalloc for zero sized memory request
- ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type
- ALSA: seq: Fix OOB-reads from strlcpy
- Btrfs: do not allow trimming when a fs is mounted with the nologreplay
option
- block: do not leak memory in bio_copy_user_iov()
- genirq: Respect IRQCHIP_SKIP_SET_WAKE in irq_chip_set_wake_parent()
- virtio: Honour 'may_reduce_num' in vring_create_virtqueue
- [arm64] futex: Fix FUTEX_WAKE_OP atomic ops with non-zero result value
- [x86] xen: Prevent buffer overflow in privcmd ioctl
- sched/fair: Do not re-read ->h_load_next during hierarchical load
calculation
- PCI: Add function 1 DMA alias quirk for Marvell 9170 SATA controller
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.170
- perf/core: Restore mmap record type correctly
- ext4: add missing brelse() in add_new_gdb_meta_bg()
- ext4: report real fs size after failed resize
- [i386] ALSA: sb8: add a check for request_region
- IB/mlx4: Fix race condition between catas error reset and aliasguid
flows
- [x86] thermal/int340x_thermal: Add additional UUIDs
- [x86] thermal/int340x_thermal: fix mode setting
- perf config: Fix an error in the config template documentation
- perf config: Fix a memory leak in collect_config()
- perf build-id: Fix memory leak in print_sdt_events()
- perf top: Fix error handling in cmd_top()
- perf hist: Add missing map__put() in error case
- perf evsel: Free evsel->counts in perf_evsel__exit()
- [arm64] irqchip/mbigen: Don't clear eventid when freeing an MSI
- [x86] hpet: Prevent potential NULL pointer dereference
- [i386] x86/cpu/cyrix: Use correct macros for Cyrix calls on Geode
processors
- [amd64] iommu/vt-d: Check capability before disabling protected memory
- [x86] hw_breakpoints: Make default case in hw_breakpoint_arch_parse()
return an error
- fix incorrect error code mapping for OBJECTID_NOT_FOUND
- ext4: prohibit fstrim in norecovery mode
- rsi: improve kernel thread handling to fix kernel panic
- 9p: do not trust pdu content for stat item size
- 9p locks: add mount option for lock retry interval
- f2fs: fix to do sanity check with current segment number
- [arm64] serial: uartps: console_setup() can't be placed to init section
- HID: i2c-hid: override HID descriptors for certain devices
- [x86] ACPI / SBS: Fix GPE storm on recent MacBookPro's
- cifs: fallback to older infolevels on findfirst queryinfo retry
- kernel: hung_task.c: disable on suspend
- [armhf] crypto: sha256/arm - fix crash bug in Thumb2 build
- [armhf] crypto: sha512/arm - fix crash bug in Thumb2 build
- [amd64] iommu/dmar: Fix buffer overflow during PCI bus notification
- [arm64,armhf] soc/tegra: pmc: Drop locking from
tegra_powergate_is_powered()
- [armel,armhf] 8839/1: kprobe: make patch_lock a raw_spinlock_t
- appletalk: Fix use-after-free in atalk_proc_exit
- lib/div64.c: off by one in shift
- include/linux/swap.h: use offsetof() instead of custom __swapoffset
macro
- [x86] tpm/tpm_crb: Avoid unaligned reads in crb_recv()
- [arm64,armhf] net: stmmac: Set dma ring length before enabling the DMA
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.171
- bonding: fix event handling for stacked bonds
- net: atm: Fix potential Spectre v1 vulnerabilities
- net: bridge: fix per-port af_packet sockets
- net: bridge: multicast: use rcu to access port list from
br_multicast_start_querier
- net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv
- tcp: tcp_grow_window() needs to respect tcp_space()
- team: set slave to promisc if team is already in promisc mode
- vhost: reject zero size iova range
- ipv4: recompile ip options in ipv4_link_failure
- ipv4: ensure rcu_read_lock() in ipv4_link_failure()
- mmc: sdhci: Fix data command CRC error handling
- [x86] tpm/tpm_i2c_atmel: Return -E2BIG when the transfer is incomplete
- CIFS: keep FileInfo handle live during oplock break
- [x86] KVM: Don't clear EFER during SMM transitions for 32-bit vCPU
- [x86] iio/gyro/bmg160: Use millidegrees for temperature scale
- [x86] io: accel: kxcjk1013: restore the range after resume.
- [x86] staging: comedi: vmk80xx: Fix use of uninitialized semaphore
- [x86] staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf
- [x86] staging: comedi: ni_usb6501: Fix use of uninitialized mutex
- [x86] staging: comedi: ni_usb6501: Fix possible double-free of
->usb_rx_buf
- ALSA: core: Fix card races between register and disconnect
- Revert "scsi: fcoe: clear FC_RP_STARTED flags when receiving a LOGO"
- [x86] Revert "svm: Fix AVIC incomplete IPI emulation"
- [x86] crypto: x86/poly1305 - fix overflow during partial reduction
- [x86] kprobes: Verify stack frame on kretprobe
- kprobes: Mark ftrace mcount handler functions nokprobe
- kprobes: Fix error check when reusing optimized probes
- rt2x00: do not increment sequence number while re-transmitting
- mac80211: do not call driver wake_tx_queue op during reconfig
- [x86] perf/x86/amd: Add event map for AMD Family 17h
- sched/fair: Limit sched_cfs_period_timer() loop to avoid hard lockup
- device_cgroup: fix RCU imbalance in error case
- ALSA: info: Fix racy addition/deletion of nodes
- percpu: stop printing kernel addresses (CVE-2018-5995)
- [x86] i2c-hid: properly terminate i2c_hid_dmi_desc_override_table[] array
- kernel/sysctl.c: fix out-of-bounds access when setting file-max
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.172
- kbuild: simplify ld-option implementation
- cifs: do not attempt cifs operation on smb2+ rename error
- tracing: Fix a memory leak by early error exit in trace_pid_write()
- [mips*] scall64-o32: Fix indirect syscall number load
- trace: Fix preempt_enable_no_resched() abuse
- IB/rdmavt: Fix frwr memory registration
- sched/numa: Fix a possible divide-by-zero
- ceph: ensure d_name stability in ceph_dentry_hash()
- ceph: fix ci->i_head_snapc leak
- nfsd: Don't release the callback slot unless it was actually held
- sunrpc: don't mark uninitialised items as VALID.
- [arm64,armhf] drm/vc4: Fix memory leak during gpu reset.
- [arm64,armhf] drm/vc4: Fix compilation error reported by kbuild test bot
- USB: Add new USB LPM helpers
- USB: Consolidate LPM checks to avoid enabling LPM twice
- vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock
- tipc: handle the err returned from cmd header function
- slip: make slhc_free() silently accept an error pointer
- [x86] intel_th: gth: Fix an off-by-one in output unassigning
- fs/proc/proc_sysctl.c: Fix a NULL pointer dereference
- NFS: Forbid setting AF_INET6 to "struct sockaddr_in"->sin_family.
- netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON
- tipc: check bearer name with right length in
tipc_nl_compat_bearer_enable
- tipc: check link name with right length in tipc_nl_compat_link_set
- ipv4: add sanity checks in ipv4_link_failure()
- net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query
- net: rds: exchange of 8K and 1M pool
- team: fix possible recursive locking when add slaves
- [arm64,armhf] net: stmmac: move stmmac_check_ether_addr() to driver
probe
- ipv4: set the tcp_min_rtt_wlen range from 0 to one day
- ipv6: frags: fix a lockdep false positive
- net: IP defrag: encapsulate rbtree defrag code into callable functions
- ipv6: remove dependency of nf_defrag_ipv6 on ipv6 module
- net: IP6 defrag: use rbtrees for IPv6 defrag
- net: IP6 defrag: use rbtrees in nf_conntrack_reasm.c
- Documentation: Add nospectre_v1 parameter
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.173
- usbnet: ipheth: prevent TX queue timeouts when device not ready
- usbnet: ipheth: fix potential null pointer dereference in
ipheth_carrier_set
- media: vivid: check if the cec_adapter is valid
- [armhf] dts: bcm283x: Fix hdmi hpd gpio pull
- [s390x] limit brk randomization to 32MB
- qlcnic: Avoid potential NULL pointer dereference
- netfilter: nft_set_rbtree: check for inactive element after flag
mismatch
- netfilter: bridge: set skb transport_header before entering
NF_INET_PRE_ROUTING
- usb: gadget: net2280: Fix overrun of OUT messages
- usb: gadget: net2280: Fix net2280_dequeue()
- staging: rtl8712: uninitialized memory in read_bbreg_hdl()
- NFS: Fix a typo in nfs_init_timeout_values()
- scsi: qla4xxx: fix a potential NULL pointer dereference
- usb: u132-hcd: fix resource leak
- ceph: fix use-after-free on symlink traversal
- [s390x] scsi: zfcp: reduce flood of fcrscn1 trace records on
multi-element RSCN
- [x86,arm64] libata: fix using DMA buffers on stack
- gpio: of: Fix of_gpiochip_add() error path
- [amd64] vfio/type1: Limit DMA mappings per container (CVE-2019-3882)
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.174
- ALSA: line6: use dynamic buffers
- ipv4: ip_do_fragment: Preserve skb_iif during fragmentation
- ipv6/flowlabel: wait rcu grace period before put_pid()
- ipv6: invert flowlabel sharing check in process and user mode
- packet: validate msg_namelen in send directly
- bnxt_en: Improve multicast address setup logic.
- net: phy: marvell: Fix buffer overrun with stats counters
- [arm64] proc: Set PTE_NG for table entries to avoid traversing them
twice
- [arm64] mm: print out correct page table entries
- [arm64] mm: don't print out page table entries on EL0 faults
- USB: yurex: Fix protection fault after device removal
- USB: w1 ds2490: Fix bug caused by improper use of altsetting array
- [x86] usb: usbip: fix isoc packet num validation in get_pipe
- USB: core: Fix unterminated string returned by usb_string()
- USB: core: Fix bug caused by duplicate interface PM usage counter
- nvme-loop: init nvmet_ctrl fatal_err_work when allocate
- HID: logitech: check the return value of create_singlethread_workqueue
- HID: debug: fix race condition with between rdesc_show() and device
removal
- batman-adv: Reduce claim hash refcnt only for removed entry
- batman-adv: Reduce tt_local hash refcnt only for removed entry
- batman-adv: Reduce tt_global hash refcnt only for removed entry
- igb: Fix WARN_ONCE on runtime suspend
- net/mlx5: E-Switch, Fix esw manager vport indication for more vport
commands
- bonding: show full hw address in sysfs for slave entries
- [arm64,armhf] net: stmmac: don't overwrite discard_frame status
- [arm64,armhf] net: stmmac: fix dropping of multi-descriptor RX frames
- [arm64,armhf] net: stmmac: don't log oversized frames
- jffs2: fix use-after-free on symlink traversal
- debugfs: fix use-after-free on symlink traversal
- [amd64,ppc64el] vfio/pci: use correct format characters
- scsi: core: add new RDAC LENOVO/DE_Series device
- [x86] scsi: storvsc: Fix calculation of sub-channel count
- [arm64] net: hns: fix KASAN: use-after-free in hns_nic_net_xmit_hw()
- [arm64] net: hns: Use NAPI_POLL_WEIGHT for hns driver
- [arm64] net: hns: Fix WARNING when remove HNS driver with SMMU enabled
- hugetlbfs: fix memory leak for resv_map
- [armel] orion: don't use using 64-bit DMA masks
- [x86] perf/x86/amd: Update generic hardware cache events for Family 17h
- scsi: RDMA/srpt: Fix a credit leak for aborted commands
- selinux: never allow relabeling on context mounts
- [x86] mce: Improve error message when kernel cannot recover, p2
- media: v4l2: i2c: ov7670: Fix PLL bypass register values
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.175
- scsi: libsas: fix a race condition when smp task timeout
(CVE-2018-20836)
- ASoC:soc-pcm:fix a codec fixup issue in TDM case
- [amd64] IB/hfi1: Eliminate opcode tests on mr deref
- [x86] perf/x86/intel: Fix handling of wakeup_events for multi-entry PEBS
- scsi: csiostor: fix missing data copy in csio_scsi_err_handler()
- virtio-blk: limit number of hw queues by nr_cpu_ids
- [amd64] iommu/amd: Set exclusion range correctly
- mm: add 'try_get_page()' helper function
- genirq: Prevent use-after-free and work list corruption
- [arm64,armhf] usb: dwc3: Fix default lpm_nyet_threshold value
- USB: serial: f81232: fix interrupt worker not stop
- usb-storage: Set virt_boundary_mask to avoid SG overflows
- scsi: qla2xxx: Fix incorrect region-size setting in optrom SYSFS
routines
- UAS: fix alignment of scatter/gather segments
- [x86] ASoC: Intel: avoid Oops if DMA setup fails
- timer/debug: Change /proc/timer_stats from 0644 to 0600 (CVE-2017-5967)
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.176
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.177
- netfilter: compat: initialize all fields in xt_init
- bpf: fix struct htab_elem layout
- bpf: convert htab map to hlist_nulls
- [x86] platform/x86: sony-laptop: Fix unintentional fall-through
- USB: serial: fix unthrottle races
- [x86] libnvdimm/namespace: Fix a potential NULL pointer dereference
- HID: input: add mapping for Expose/Overview key
- HID: input: add mapping for keyboard Brightness Up/Down/Toggle keys
- HID: input: add mapping for "Toggle Display" key
- [x86] libnvdimm/btt: Fix a kmemdup failure check
- [s390x] dasd: Fix capacity calculation for large volumes
- mac80211: fix unaligned access in mesh table hash function
- [s390x] 3270: fix lockdep false positive on view->lock
- mISDN: Check address length before reading address family
- [x86] reboot, efi: Use EFI reboot for Acer TravelMate X514-51T
- [x86] KVM: avoid misreporting level-triggered irqs as edge-triggered in
tracing
- init: initialize jump labels before command line option parsing
- ipvs: do not schedule icmp errors from tunnels
- [s390x] ctcm: fix ctcm_new_device error return code
- [armhf] gpu: ipu-v3: dp: fix CSC handling
- rtlwifi: rtl8723ae: Fix missing break in switch statement
- md/raid5: Don't jump to compute_result state from check_result state
- bridge: Fix error path for kobject_init_and_add()
- fib_rules: return 0 directly if an exactly same rule exists when
NLM_F_EXCL not supplied
- packet: Fix error path in packet_init
- vlan: disable SIOCSHWTSTAMP in container
- vrf: sit mtu should not be updated when vrf netdev is the link
- ipv4: Fix raw socket lookup for local traffic
- bonding: fix arp_validate toggling in active-backup mode
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.178
- net: core: another layer of lists, around PF_MEMALLOC skb handling
- locking/rwsem: Prevent decrement of reader count before increment
- [amd64] PCI: hv: Fix a memory leak in hv_eject_device_work()
- [x86] speculation/mds: Revert CPU buffer clear on double fault exit
- [x86] speculation/mds: Improve CPU buffer clear documentation
- [armhf] exynos: Fix a leaked reference by adding missing of_node_put
- [arm64] compat: Reduce address limit
- [arm64] Clear OSDLR_EL1 on CPU boot
- [x86] sched/x86: Save [ER]FLAGS on context switch
- crypto: chacha20poly1305 - set cra_name correctly
- [ppc64el] crypto: vmx - fix copy-paste error in CTR mode
- crypto: crct10dif-generic - fix use via crypto_shash_digest()
- [amd64] crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest()
- ALSA: usb-audio: Fix a memory leak bug
- ALSA: hda/hdmi - Read the pin sense from register when repolling
- ALSA: hda/hdmi - Consider eld_valid when reporting jack event
- ALSA: hda/realtek - EAPD turn on later
- ASoC: max98090: Fix restore of DAPM Muxes
- ASoC: RT5677-SPI: Disable 16Bit SPI Transfers
- ocfs2: fix ocfs2 read inode data panic in ocfs2_iget
- [arm64] mfd: max77620: Fix swapped FPS_PERIOD_MAX_US values
- tty/vt: fix write/write race in ioctl(KDSKBSENT) handler
- jbd2: check superblock mapped prior to committing
- ext4: actually request zeroing of inode table after grow
- ext4: fix ext4_show_options for file systems w/o journal
- Btrfs: do not start a transaction at iterate_extent_inodes()
- bcache: fix a race between cache register and cacheset unregister
- bcache: never set KEY_PTRS of journal key to 0 in journal_reclaim()
- [arm64] ipmi:ssif: compare block number correctly for multi-part return
messages
- crypto: gcm - Fix error return code in crypto_gcm_create_common()
- crypto: gcm - fix incompatibility between "gcm" and "gcm_base"
- crypto: salsa20 - don't access already-freed walk.iv
- fib_rules: fix error in backport of e9919a24d302 ("fib_rules: return
0...")
- writeback: synchronize sync(2) against cgroup writeback membership
switches
- fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going
into workqueue when umount
- ext4: fix data corruption caused by overlapping unaligned and aligned IO
- [x86] ALSA: hda/realtek - Fix for Lenovo B50-70 inverted internal
microphone bug
- [x86] KVM: Skip EFER vs. guest CPUID checks for host-initiated writes
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.179
- net: avoid weird emergency message
- net/mlx4_core: Change the error print to info print
- ppp: deflate: Fix possible crash in deflate_init
- tipc: switch order of device registration to fix a crash
- vsock/virtio: free packets during the socket release
- tipc: fix modprobe tipc failed after switch order of device registration
- vsock/virtio: Initialize core virtio vsock before registering the driver
- md: add mddev->pers to avoid potential NULL pointer dereference
- [x86] intel_th: msu: Fix single mode with IOMMU
- p54: drop device reference count if fails to enable device
- cifs: fix strcat buffer overflow and reduce raciness in
smb21_set_oplock_level()
- NFS4: Fix v4.0 client state corruption when mount
- [arm64,armhf] clk: tegra: Fix PLLM programming on Tegra124+ when PMC
overrides divider
- fuse: fix writepages on 32bit
- fuse: honor RLIMIT_FSIZE in fuse_file_fallocate
- [arm64,armhf] iommu/tegra-smmu: Fix invalid ASID bits on Tegra30/114
- ceph: flush dirty inodes before proceeding with remount
- tracing: Fix partial reading of trace event's id file
- [arm64,armhf] memory: tegra: Fix integer overflow on tick value
calculation
- [x86] perf intel-pt: Fix instructions sampling rate
- [x86] perf intel-pt: Fix improved sample timestamp
- [x86] perf intel-pt: Fix sample timestamp wrt non-taken branches
- PCI: Mark Atheros AR9462 to avoid bus reset
- PCI: Work around Pericom PCIe-to-PCI bridge Retrain Link erratum
- dm delay: fix a crash when invalid device is specified
- xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink
- xfrm6_tunnel: Fix potential panic when unloading xfrm6_tunnel module
- vti4: ipip tunnel deregistration fixes.
- xfrm4: Fix uninitialized memory read in _decode_session4
- mac80211: Fix kernel panic due to use of txq after free
- [arm64,armhf] KVM: arm/arm64: Ensure vcpu target is unset on reset
failure
- power: supply: sysfs: prevent endless uevent loop with
CONFIG_POWER_SUPPLY_DEBUG
- ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour
- Revert "Don't jump to compute_result state from check_result state"
- md/raid: raid5 preserve the writeback action after the parity check
- btrfs: Honour FITRIM range constraints during free space trim
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.180
- ext4: do not delete unlinked inode from orphan list on failed truncate
- [x86] KVM: fix return value for reserved EFER
- bio: fix improper use of smp_mb__before_atomic()
- Revert "scsi: sd: Keep disk read-only when re-reading partition"
- [ppc64el] crypto: vmx - CTR: always increment IV as quadword
- [x86] kvm: svm/avic: fix off-by-one in checking host APIC ID
- [x86] libnvdimm/namespace: Fix label tracking error
- [arm64] Save and restore OSDLR_EL1 across suspend/resume
- gfs2: Fix sign extension bug in gfs2_update_stats
- Btrfs: do not abort transaction at btrfs_update_root() after failure to
COW path
- Btrfs: fix race between ranged fsync and writeback of adjacent ranges
- btrfs: sysfs: don't leak memory when failing add fsid
- fbdev: fix divide error in fb_var_to_videomode
- hugetlb: use same fault hash key for shared and private mappings
- fbdev: fix WARNING in __alloc_pages_nodemask bug
- media: cpia2: Fix use-after-free in cpia2_exit
- media: vivid: use vfree() instead of kfree() for dev->bitmap_cap
- [x86,ppc64el] ssb: Fix possible NULL pointer dereference in
ssb_host_pcmcia_exit
- at76c50x-usb: Don't register led_trigger if usb_register_driver failed
- Revert "btrfs: Honour FITRIM range constraints during free space trim"
- gfs2: Fix lru_count going negative
- cxgb4: Fix error path in cxgb4_init_module
- mmc: core: Verify SD bus width
- [arm64] dmaengine: tegra210-dma: free dma controller in remove()
- [arm64,armhf] ASoC: hdmi-codec: unlock the device on startup errors
- [ppc64el] boot: Fix missing check of lseek() return value
- brcm80211: potential NULL dereference in
brcmf_cfg80211_vndr_cmds_dcmd_handler()
- [armel,armhf] vdso: Remove dependency with the arch_timer driver internals
- sched/cpufreq: Fix kobject memleak
- scsi: qla2xxx: Fix a qla24xx_enable_msix() error path
- iwlwifi: pcie: don't crash on invalid RX interrupt
- w1: fix the resume command API
- [armhf] dmaengine: pl330: _stop: clear interrupt status
- mac80211/cfg80211: update bss channel on channel switch
- mwifiex: prevent an array overflow
- [armhf] crypto: sun4i-ss - Fix invalid calculation of hash end
- bcache: return error immediately in bch_journal_replay()
- bcache: fix failure in journal relplay
- bcache: add failure check to run_cache_set() for journal replay
- [x86] build: Move _etext to actual end of .text
- smpboot: Place the __percpu annotation correctly
- [amd64] mm: Remove in_nmi() warning from 64-bit implementation of
vmalloc_fault()
- HID: logitech-hidpp: use RAP instead of FAP to get the protocol version
- media: au0828: stop video streaming only when last user stops
- audit: fix a memory leak bug
- media: au0828: Fix NULL pointer dereference in
au0828_analog_stream_enable()
- media: pvrusb2: Prevent a buffer overflow
- [ppc64el] numa: improve control of topology updates
- sched/core: Check quota and period overflow at usec to nsec conversion
- sched/core: Handle overflow in cpu_shares_write_u64
- USB: core: Don't unbind interfaces following device reset failure
- [amd64] irq: Limit IST stack overflow check to #DB stack
- i40e: don't allow changes to HW VLAN stripping on active port VLANs
- [arm64] vdso: Fix clock_getres() for CLOCK_REALTIME
- RDMA/cxgb4: Fix null pointer dereference on alloc_skb failure
- hwmon: (vt1211) Use request_muxed_region for Super-IO accesses
- [x86] hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses
- [x86] hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses
- hwmon: (pc87427) Use request_muxed_region for Super-IO accesses
- [x86] hwmon: (f71805f) Use request_muxed_region for Super-IO accesses
- scsi: libsas: Do discovery on empty PHY to update PHY info
- mmc: core: make pwrseq_emmc (partially) support sleepy GPIO controllers
- [arm64] mmc_spi: add a status check for spi_sync_locked
- PM / core: Propagate dev->power.wakeup_path when no callbacks
- rtlwifi: fix a potential NULL pointer dereference
- mwifiex: Fix mem leak in mwifiex_tm_cmd
- brcmfmac: fix missing checks for kmemdup
- brcmfmac: convert dev_init_lock mutex to completion
- brcmfmac: fix race during disconnect when USB completion is in progress
- brcmfmac: fix Oops when bringing up interface during USB disconnect
- scsi: ufs: Fix regulator load and icc-level configuration
- scsi: ufs: Avoid configuring regulator with undefined voltage range
- [arm64] cpu_ops: fix a leaked reference by adding missing of_node_put
- [x86] uaccess, signal: Fix AC=1 bloat
- [amd64] x86/ia32: Fix ia32_restore_sigcontext() AC leak
- chardev: add additional check for minor range overlap
- HID: core: move Usage Page concatenation to Main item
- [armhf] ASoC: eukrea-tlv320: fix a leaked reference by adding missing
of_node_put
- [armhf] ASoC: fsl_utils: fix a leaked reference by adding missing
of_node_put
- cxgb3/l2t: Fix undefined behaviour
- [arm64,armhf] spi: tegra114: reset controller on probe
- [armhf] media: wl128x: prevent two potential buffer overflows
- virtio_console: initialize vtermno value for ports
- [x86,ppc64el] tty: ipwireless: fix missing checks for ioremap
- [x86] mce: Fix machine_check_poll() tests for error types
- usb: core: Add PM runtime calls to usb_hcd_platform_shutdown
- scsi: qla4xxx: avoid freeing unallocated dma memory
- [arm64] dmaengine: tegra210-adma: use devm_clk_*() helpers
- media: m88ds3103: serialize reset messages in m88ds3103_set_frontend
- scsi: lpfc: Fix SLI3 commands being issued on SLI4 devices
- [i386] spi : spi-topcliff-pch: Fix to handle empty DMA buffers
- spi: Fix zero length xfer bug
- drm: Wake up next in drm_read() chain if we are forced to putback the
event
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.181
- ipv6: Consider sk_bound_dev_if when binding a raw socket to an address
- llc: fix skb leak in llc_build_and_send_ui_pkt()
- [armhf] net: fec: fix the clk mismatch in failed_reset path
- net-gro: fix use-after-free read in napi_gro_frags()
- [arm64,armhf] net: stmmac: fix reset gpio free missing
- usbnet: fix kernel crash after disconnect
- tipc: Avoid copying bytes beyond the supplied data
- bnxt_en: Fix aggregation buffer leak under OOM condition.
- ipv4/igmp: fix another memory leak in igmpv3_del_delrec()
- ipv4/igmp: fix build error if !CONFIG_IP_MULTICAST
- [armhf] net: dsa: mv88e6xxx: fix handling of upper half of
STATS_TYPE_PORT
- [armhf] net: mvneta: Fix err code path of probe
- [armhf] net: mvpp2: fix bad MVPP2_TXQ_SCHED_TOKEN_CNTR_REG queue value
- [ppc64el] crypto: vmx - ghash: do nosimd fallback manually
- xen/pciback: Don't disable PCI_COMMAND on PCI device reset.
(CVE-2015-8553)
- Revert "tipc: fix modprobe tipc failed after switch order of device
registration"
- tipc: fix modprobe tipc failed after switch order of device registration
- xhci: update bounce buffer with correct sg num
- xhci: Use %zu for printing size_t type
- xhci: Convert xhci_handshake() to use readl_poll_timeout_atomic()
- usb: xhci: avoid null pointer deref when bos field is NULL
- [x86] usbip: usbip_host: fix BUG: sleeping function called from invalid
context
- [x86] usbip: usbip_host: fix stub_dev lock context imbalance regression
- USB: Fix slab-out-of-bounds write in usb_get_bos_descriptor
- USB: sisusbvga: fix oops in error path of sisusb_probe
- USB: Add LPM quirk for Surface Dock GigE adapter
- USB: rio500: refuse more than one device at a time
- USB: rio500: fix memory leak in close after disconnect
- media: usb: siano: Fix general protection fault in smsusb
- media: usb: siano: Fix false-positive "uninitialized variable" warning
- media: smsusb: better handle optional alignment
- [s390x] scsi: zfcp: fix missing zfcp_port reference put on -EBUSY from
port_remove
- [s390x] scsi: zfcp: fix to prevent port_remove with pure auto scan LUNs
(only sdevs)
- Btrfs: fix race updating log root item during fsync
- [ppc64el] powerpc/perf: Fix MMCRA corruption by bhrb_filter
- ALSA: hda/realtek - Set default power save node to 0
- drm/nouveau/i2c: Disable i2c bus access after ->fini()
- [arm64] tty: serial: msm_serial: Fix XON/XOFF
- memcg: make it work on sparse non-0-node systems
- kernel/signal.c: trace_signal_deliver when signal_group_exit
- CIFS: cifs_read_allocate_pages: don't iterate through whole page array
on ENOMEM
- [x86] drm/vmwgfx: Don't send drm sysfs hotplug events on initial master
set
- binder: Replace "%p" with "%pK" for stable (CVE-2018-20509)
- binder: replace "%p" with "%pK" (CVE-2018-20510)
- fs: prevent page refcount overflow in pipe_buf_get (CVE-2019-11487)
- mm, gup: remove broken VM_BUG_ON_PAGE compound check for hugepages
- mm, gup: ensure real head page is ref-counted when using hugepages
- mm: prevent get_user_pages() from overflowing page refcount
(CVE-2019-11487)
- mm: make page ref count overflow check tighter and more explicit
(CVE-2019-11487)
- media: uvcvideo: Fix uvc_alloc_entity() allocation alignment
- ethtool: fix potential userspace buffer overflow
- neighbor: Call __ipv4_neigh_lookup_noref in neigh_xmit
- net/mlx4_en: ethtool, Remove unsupported SFP EEPROM high pages query
- net: rds: fix memory leak in rds_ib_flush_mr_pool
- pktgen: do not sleep with the thread lock held.
- ipv6: fix EFAULT on sendto with icmpv6 and hdrincl
- ipv6: use READ_ONCE() for inet->hdrincl as in ipv4
- Revert "fib_rules: fix error in backport of e9919a24d302 ("fib_rules:
return 0...")"
- Revert "fib_rules: return 0 directly if an exactly same rule exists when
NLM_F_EXCL not supplied"
- rcu: locking and unlocking need to always be at least barriers
- fuse: fallocate: fix return with locked inode
- [x86] power: Fix 'nosmt' vs hibernation triple fault during resume
- [ppc64el] genwqe: Prevent an integer overflow in the ioctl
- [x86] drm/gma500/cdv: Check vbt config bits when detecting lvds panels
- drm/radeon: prefer lower reference dividers
- [x86] drm/i915: Fix I915_EXEC_RING_MASK
- TTY: serial_core, add ->install
- fs: stream_open - opener for stream-like files so that read and write
can run simultaneously without deadlock
- fuse: Add FOPEN_STREAM to use stream_open()
- ipv4: Define __ipv4_neigh_lookup_noref when CONFIG_INET is disabled
- ethtool: check the return value of get_regs_len
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.182
- tcp: reduce tcp_fastretrans_alert() verbosity
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.183
- fs/fat/file.c: issue flush after the writeback of FAT
- sysctl: return -EINVAL if val violates minmax
- ipc: prevent lockup on alloc_msg and free_msg
- [armhf] prevent tracing IPI_CPU_BACKTRACE
- hugetlbfs: on restore reserve error path retain subpool reservation
- mem-hotplug: fix node spanned pages when we have a node with only
ZONE_MOVABLE
- [armhf,ppc64el] mm/cma.c: fix crash on CMA allocation if bitmap
allocation fails
- mm/slab.c: fix an infinite loop in leaks_show()
- kernel/sys.c: prctl: fix false positive in validate_prctl_map()
- [arm64] drivers: thermal: tsens: Don't print error message on
-EPROBE_DEFER
- [x86] mfd: intel-lpss: Set the device in reset state when init
- mfd: twl6040: Fix device init errors for ACCCTL register
- [x86] perf/intel: Allow PEBS multi-entry in watermark mode
- [arm64] drm/bridge: adv7511: Fix low refresh rate selection
- objtool: Don't use ignore flag for fake jumps
- [arm64] pwm: meson: Use the spin-lock only to protect register
modifications
- ntp: Allow TAI-UTC offset to be set to zero
- f2fs: fix to avoid panic in do_recover_data()
- f2fs: fix to clear dirty inode in error path of f2fs_iget()
- f2fs: fix to do sanity check on valid block count of segment
- configfs: fix possible use-after-free in configfs_register_group
- [armhf] watchdog: imx2_wdt: Fix set_timeout for big timeout values
- watchdog: fix compile time error of pretimeout governors
- [x86] iommu/vt-d: Set intel_iommu_gfx_mapped correctly
- ALSA: hda - Register irq handler after the chip initialization
- nvmem: core: fix read buffer in place
- fuse: retrieve: cap requested size to negotiated max_write
- nfsd: allow fh_want_write to be called twice
- [x86] PCI: Fix PCI IRQ routing table memory leak
- platform/chrome: cros_ec_proto: check for NULL transfer function
- [armhf] clk: rockchip: Turn on "aclk_dmac1" for suspend on rk3288
- [armhf] dts: imx6sx: Specify IMX6SX_CLK_IPG as "ahb" clock to SDMA
- [armhf] dts: imx7d: Specify IMX7D_CLK_IPG as "ipg" clock to SDMA
- [armhf] dts: imx6ul: Specify IMX6UL_CLK_IPG as "ipg" clock to SDMA
- [armhf] dts: imx6sx: Specify IMX6SX_CLK_IPG as "ipg" clock to SDMA
- [armhf] dts: imx6qdl: Specify IMX6QDL_CLK_IPG as "ipg" clock to SDMA
- [ppc64el] PCI: rpadlpar: Fix leaked device_node references in add/remove
paths
- [x86] platform: intel_pmc_ipc: adding error handling
- [x86] video: hgafb: fix potential NULL pointer dereference
- [arm64] PCI: xilinx: Check for __get_free_pages() failure
- [armhf] gpio: gpio-omap: add check for off wake capable gpios
- [x86] dmaengine: idma64: Use actual device for DMA transfers
- [armhf] pwm: tiehrpwm: Update shadow register for disabling PWMs
- [armhf] dts: exynos: Always enable necessary APIO_1V8 and ABB_1V8
regulators on Arndale Octa
- pwm: Fix deadlock warning when removing PWM device
- [armhf] exynos: Fix undefined instruction during Exynos5422 resume
- ALSA: seq: Cover unsubscribe_port() in list_mutex
- ALSA: oxfw: allow PCM capture for Stanton SCS.1m
- libata: Extend quirks for the ST1000LM024 drives with NOLPM quirk
- mm/list_lru.c: fix memory leak in __memcg_init_list_lru_node
- fs/ocfs2: fix race in ocfs2_dentry_attach_lock()
- signal/ptrace: Don't leak unitialized kernel memory with
PTRACE_PEEK_SIGINFO
- ptrace: restore smp_rmb() in __ptrace_may_access()
- media: v4l2-ioctl: clear fields in s_parm
- bcache: fix stack corruption by PRECEDING_KEY()
- cgroup: Use css_tryget() instead of css_tryget_online() in task_get_css()
- [x86] uaccess, kcov: Disable stack protector
- ALSA: seq: Fix race of get-subscription call vs port-delete ioctls
- Drivers: misc: fix out-of-bounds access in function param_set_kgdbts_var
- scsi: lpfc: add check for loss of ndlp when sending RRQ
- [arm64] mm: Inhibit huge-vmap with ptdump
- scsi: bnx2fc: fix incorrect cast to u64 on shift operation
- usbnet: ipheth: fix racing condition
- [x86] KVM: pmu: do not mask the value that is written to fixed PMUs
- [s390x] KVM: fix memory slot handling for KVM_SET_USER_MEMORY_REGION
- [x86] drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to
an invalid read
- [x86] drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define()
- [arm64,armhf] usb: dwc2: Fix DMA cache alignment issues
- USB: Fix chipmunk-like voice when using Logitech C270 for recording audio.
- USB: usb-storage: Add new ID to ums-realtek
- USB: serial: pl2303: add Allied Telesis VT-Kit3
- USB: serial: option: add support for Simcom SIM7500/SIM7600 RNDIS mode
- USB: serial: option: add Telit 0x1260 and 0x1261 compositions
- [armhf] rtc: pcf8523: don't return invalid date when battery is low
- ax25: fix inconsistent lock state in ax25_destroy_timer
- be2net: Fix number of Rx queues used for flow hashing
- ipv6: flowlabel: fl6_sock_lookup() must use atomic_inc_not_zero
- lapb: fixed leak of control-blocks.
- neigh: fix use-after-free read in pneigh_get_next
- [x86] perf/intel/ds: Fix EVENT vs. UEVENT PEBS constraints
- mISDN: make sure device name is NUL terminated
- [x86] CPU/AMD: Don't force the CPB cap when running under a hypervisor
- perf/ring_buffer: Fix exposing a temporarily decreased data_head
- perf/ring_buffer: Add ordering to rb->nest increment
- i2c: dev: fix potential memory leak in i2cdev_ioctl_rdwr
- configfs: Fix use-after-free when accessing sd->s_dentry
- perf data: Fix 'strncat may truncate' build failure with recent gcc
- perf record: Fix s390 missing module symbol and warning for non-root users
- [ppc64el] KVM: Book3S: Use new mutex to synchronize access to rtas token
list
- [ppc64el] KVM: Book3S HV: Don't take kvm->lock around kvm_for_each_vcpu
- scsi: libcxgbi: add a check for NULL pointer in cxgbi_check_route()
- scsi: smartpqi: properly set both the DMA mask and the coherent DMA mask
- scsi: libsas: delete sas port if expander discover failed
- vfs: Abort file_remove_privs() for non-reg. files
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.184
- tcp: refine memory limit test in tcp_fragment() (Closes: #930904)
[ Salvatore Bonaccorso ]
* [x86] Disable R3964 due to lack of security support
* Refresh version.patch for context changes in 4.9.170
* [rt] Drop 0053-arm-kprobe-replace-patch_lock-to-raw-lock.patch applied in
4.9.170
* Revert "x86: stop exporting msr-index.h to userland"
* [rt] Add new signing subkey for Steven Rostedt
* [rt] Update to 4.9.178-rt131:
- futex,rt_mutex: Restructure rt_mutex_finish_proxy_lock()
- Update "kernel/hotplug: restore original cpu mask oncpu/down" to always
call arch_smt_update()
* Refresh 0058-net-ena-complete-host-info-to-match-latest-ENA-spec.patch for
context changes in 4.9.180
* Drop efi-libstub-unify-command-line-param-parsing.patch
* Refresh arm64-add-kernel-config-option-to-set-securelevel-wh.patch for
context changes in 4.9.181
[ Ben Hutchings ]
* Drop "kbuild: Use -nostdinc in compile tests", which is no longer needed.
* [rt] Fix build failure after "genirq: Prevent use-after-free and work
list corruption":
- kthread: Convert worker lock to raw spinlock
- kthread: add a global worker thread.
- genirq: convert affinity_notify swork to kthread
* Bump ABI to 10 and apply deferred changes:
- genirq: Avoid summation loops for /proc/stat
* [ppc64el] Disable PPC_TRANSACTIONAL_MEM (Closes: #866122)
-- Salvatore Bonaccorso <carnil(a)debian.org> Sat, 29 Jun 2019 09:29:10 +0200
--- Modifications pour linux-latest (linux-image-amd64) ---
linux-latest (80+deb9u9) stretch; urgency=medium
* Update to 4.9.0-11
-- Ben Hutchings <ben(a)decadent.org.uk> Mon, 26 Aug 2019 02:22:14 +0100
linux-latest (80+deb9u8) stretch; urgency=medium
* Update to 4.9.0-10
-- Salvatore Bonaccorso <carnil(a)debian.org> Fri, 19 Jul 2019 21:23:23 +0200
--- Modifications pour mariadb-10.1 (libmariadbclient18) ---
mariadb-10.1 (10.1.41-0+deb9u1) stretch; urgency=medium
* SECURITY UPDATE: New upstream version 10.1.41. Includes fixes for the
following security vulnerabilities:
- CVE-2019-2737
- CVE-2019-2739
- CVE-2019-2740
- CVE-2019-2805
* Previous release 10.1.39
includes fixes for the following security vulnerabilities:
- CVE-2019-2627
- CVE-2019-2614
* Amend previous changelog entries to include newly released CVE numbers.
* Gitlab-CI: Sync latest version from Debian Sid but with Stretch adaptions
* Uses respolveip from correct path as per upstream fix (Closes: #928758)
-- Otto Kekäläinen <otto(a)debian.org> Fri, 02 Aug 2019 18:10:23 +0100
--- Modifications pour openldap (ldap-utils libldap-2.4-2 libldap-common) ---
openldap (2.4.44+dfsg-5+deb9u3) stretch; urgency=medium
* Fix slapd to restrict rootDN proxyauthz to its own databases
(CVE-2019-13057) (ITS#9038) (Closes: #932997)
* Fix slapd to enforce sasl_ssf ACL statement on every connection
(CVE-2019-13565) (ITS#9052) (Closes: #932998)
* Fix slapo-rwm to not free original filter when rewritten filter is invalid
(ITS#8964) (Closes: #934277, LP: #1838370)
-- Ryan Tandy <ryan(a)nardis.ca> Sat, 10 Aug 2019 12:17:00 -0700
--- Modifications pour openssh (openssh-client openssh-server openssh-sftp-server) ---
openssh (1:7.4p1-10+deb9u7) stretch; urgency=medium
* Fix deadlock when the keys/principals command produces a lot of
output and a key is matched early (upstream commit
ddd3d34e5c7979ca6f4a3a98a7d219a4ed3d98c2). (Closes: #905226)
-- Moritz Mühlenhoff <jmm(a)debian.org> Mon, 15 Jul 2019 15:32:09 +0200
--- Modifications pour systemd (libpam-systemd libsystemd0 libudev1 systemd systemd-sysv udev) ---
systemd (232-25+deb9u12) stretch; urgency=medium
* networkd: Do not stop ndisc client in case of conf error.
When an NDisc error happens, e.g. in case of a prefix change, do not shut
down the dhcp client. Instead log about it and continue.
Otherwise networkd might fail to renew the DHCPv4 address and lose IPv4
connectivity. (Closes: #930353)
-- Michael Biebl <biebl(a)debian.org> Sun, 21 Jul 2019 20:43:29 +0200
--- Modifications pour unzip ---
unzip (6.0-21+deb9u2) stretch; urgency=medium
* Fix incorrect parsing of 64-bit values in fileio.c. Closes: #929502.
* Apply three patches by Mark Adler to fix CVE-2019-13232.
- Fix bug in undefer_input() that misplaced the input state.
- Detect and reject a zip bomb using overlapped entries.
Bug discovered by David Fifield. Closes: #931433.
- Do not raise a zip bomb alert for a misplaced central directory.
Reported by Peter Green. Closes: #932404.
-- Santiago Vila <sanvila(a)debian.org> Mon, 05 Aug 2019 18:10:06 +0200
--- Modifications pour usbutils ---
usbutils (1:007-4+deb9u1) stretch; urgency=medium
* Update usb.ids. Closes: #927365.
-- Aurelien Jarno <aurel32(a)debian.org> Sat, 03 Aug 2019 12:59:31 +0000
--- Modifications pour cups (libcups2 libcupsimage2) ---
cups (2.2.1-8+deb9u4) stretch; urgency=low
* Fix multiple security/disclosure issues (Closes: #934957)
- CVE-2019-8696 and CVE-2019-8675: Fixed SNMP buffer overflows
- Fixed IPP buffer overflow
- Fixed memory disclosure issue in the scheduler
- Fixed DoS issues in the scheduler
-- Didier Raboud <odyx(a)debian.org> Wed, 21 Aug 2019 09:51:54 +0200
--- Modifications pour zsh ---
zsh (5.3.1-4+b3) stretch; urgency=low, binary-only=yes
* Binary-only non-maintainer upload for amd64; no source changes.
* Rebuild to pick up security updates in dependencies for zsh-static
-- amd64 Build Daemon (binet) <buildd-binet(a)buildd.debian.org> Sat, 25 May 2019 21:00:38 +0000
========================================================================
You can perform the upgrade by issuing the command:
apt-get dist-upgrade
as root on quigon.federez.net
--
apticron
5 années, 7 mois
- 1
- 0