[ubuntu/xenial-proposed] linux-euclid 4.4.0-9019.20 (Accepted)

Andy Whitcroft apw at canonical.com
Tue Oct 24 07:59:40 UTC 2017

linux-euclid (4.4.0-9019.20) xenial; urgency=low

  * autoreconstruct -- ensure potentially empty directories are rebuild too
    Fixes FTBS when starting to use an orig tarball.

  * CVE-2017-7533
    - dentry name snapshots

  * CVE-2017-7374
    - fscrypt: remove broken support for detecting keyring key revocation

  * CVE-2017-7184
    - xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window
    - xfrm_user: validate XFRM_MSG_NEWAE incoming ESN size harder

  * CVE-2017-2636
    - TTY: n_hdlc, fix lockdep false positive
    - tty: n_hdlc: get rid of racy n_hdlc.tbuf

  * CVE-2017-1000364
    - mm: vma_adjust: remove superfluous confusing update in remove_next == 1 case
    - mm: larger stack guard gap, between vmas
    - Allow stack to grow up to address space limit
    - mm: fix new crash in unmapped_area_topdown()
    - mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack
    - mm/mmap.c: expand_downwards: don't require the gap if !vm_prev

  * CVE-2017-1000251
    - Bluetooth: Properly check L2CAP config option output buffer length

  * CVE-2017-1000112
    - ipv4: Should use consistent conditional judgement for ip fragment in
      __ip_append_data and ip_finish_output
    - ipv6: Don't use ufo handling on later transformed packets
    - udp: avoid ufo handling on IP payload compression packets
    - ipv6: Should use consistent conditional judgement for ip6 fragment between
      __ip6_append_data and ip6_finish_output
    - net: account for current skb length when deciding about UFO
    - udp: consistently apply ufo or fragmentation

  * CVE-2017-1000111
    - packet: fix tp_reserve race in packet_set_ring

  * Fix CVE-2017-7308 (LP: #1678009)
    - net/packet: fix overflow in check for priv area size
    - net/packet: fix overflow in check for tp_frame_nr
    - net/packet: fix overflow in check for tp_reserve

Date: 2017-10-12 18:46:21.241140+00:00
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Xenial-changes mailing list