lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20070121160900.GI9093@stusta.de>
Date:	Sun, 21 Jan 2007 17:09:00 +0100
From:	Adrian Bunk <bunk@...sta.de>
To:	linux-kernel@...r.kernel.org
Subject: Linux 2.6.16.38

Security fixes since 2.6.16.37:
- CVE-2006-4814: Fix incorrect user space access locking in mincore()
- CVE-2006-5173: i386: save/restore eflags in context switch
- CVE-2006-5749: Call init_timer() for ISDN PPP CCP reset state timer
- CVE-2006-5755: x86_64: Don't leak NT bit into next task
- CVE-2006-5757/CVE-2006-6060: grow_buffers() infinite loop fix
- CVE-2006-5823: corrupted cramfs filesystems cause kernel oops
- CVE-2006-6053: handle ext3 directory corruption better
- CVE-2006-6054: ext2: skip pages past number of blocks in ext2_find_entry
- CVE-2006-6056: hfs_fill_super returns success even if no root inode
- CVE-2006-6106: Bluetooth: Add packet size checks for CAPI messages


Location:
ftp://ftp.kernel.org/pub/linux/kernel/v2.6/

git tree:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-2.6.16.y.git

RSS feed of the git tree:
http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=rss


Changes since 2.6.16.37:

Adrian Bunk (6):
      fix the UML compilation
      USB_RTL8150 must select MII to avoid link errors.
      x86_64: re-add a newline to RESTORE_CONTEXT
      Linux 2.6.16.38-rc1
      Linux 2.6.16.38-rc2
      Linux 2.6.16.38

Andi Kleen (1):
      x86_64: Don't leak NT bit into next task (CVE-2006-5755)

Andrew Morton (2):
      grow_buffers() infinite loop fix (CVE-2006-5757/CVE-2006-6060)
      ibmtr section fixes

Andrey Mirkin (1):
      skip data conversion in compat_sys_mount when data_page is NULL

Arnaud Patard (1):
      ALSA: emu10k1: Fix outl() in snd_emu10k1_resume_regs()

Badari Pulavarty (1):
      Fix for shmem_truncate_range() BUG_ON()

Chuck Ebbert (2):
      x86_64: fix ia32 syscall count
      ebtables: check struct type before computing gap

Chuck Short (1):
      drm: allow detection of new VIA chipsets

Clemens Ladisch (1):
      ALSA: snd_rtctimer: handle RTC interrupts with a tasklet

Dave Airlie (1):
      drm: Add the P4VM800PRO PCI ID.

David Brownell (1):
      SPI/MTD: mtd_dataflash oops prevention

David L Stevens (1):
      [IPV4/IPV6]: Fix inet{,6} device initialization order.

David S. Miller (1):
      [SOUND] Sparc CS4231: Use 64 for period_bytes_min

Dirk Eibach (1):
      i2c: fix broken ds1337 initialization

Eric Sandeen (3):
      hfs_fill_super returns success even if no root inode (CVE-2006-6056)
      ext2: skip pages past number of blocks in ext2_find_entry (CVE-2006-6054)
      handle ext3 directory corruption better (CVE-2006-6053)

Fabrice Knevez (1):
      [SUNKBD]: Fix sunkbd_enable(sunkbd, 0); obvious.

Georg Chini (1):
      [SOUND] Sparc CS4231: Fix IRQ return value and initialization.

Jason Gaston (2):
      PCI: irq: irq and pci_ids patch for Intel ICH9
      i2c-i801: SMBus patch for Intel ICH9

Jean Delvare (1):
      V4L: cx88: Fix leadtek_eeprom tagging

John Heffner (1):
      TCP: Fix and simplify microsecond rtt sampling

Linus Torvalds (2):
      Fix incorrect user space access locking in mincore() (CVE-2006-4814)
      i386: save/restore eflags in context switch (CVE-2006-5173)

Marcel Holtmann (2):
      Call init_timer() for ISDN PPP CCP reset state timer (CVE-2006-5749)
      Bluetooth: Add packet size checks for CAPI messages (CVE-2006-6106)

Maxime Bizon (1):
      i2c-mv64xxx: Fix random oops at boot

Mikael Pettersson (1):
      USB: Fix alignment of buffer passed down to ->hub_control()

Miklos Szeredi (1):
      fuse: fix hang on SMP

Paolo 'Blaisorblade' Giarrusso (2):
      uml: fix processor selection
      UML: fix the MODE_TT compilation

Patrick McHardy (1):
      NET_SCHED: Fix fallout from dev->qdisc RCU change

Peter Zijlstra (1):
      rtc: lockdep fix/workaround

Phillip Lougher (1):
      corrupted cramfs filesystems cause kernel oops (CVE-2006-5823)

Robert Olsson (1):
      [PKTGEN]: Fix module load/unload races.

Rudolf Marek (1):
      i2c-viapro: Add support for the VT8237A and VT8251

Takashi Iwai (1):
      ALSA: Fix initiailization of user-space controls

Willy Tarreau (1):
      rio: typo in bitwise AND expression.

YOSHIFUJI Hideaki (1):
      [IPV6] Fix joining all-node multicast group.


 Documentation/i2c/busses/i2c-viapro   |    7 
 Makefile                              |    2 
 arch/i386/Kconfig.cpu                 |    3 
 arch/i386/kernel/entry.S              |    2 
 arch/i386/pci/irq.c                   |    6 
 arch/um/os-Linux/process.c            |    5 
 arch/um/os-Linux/skas/process.c       |    1 
 arch/x86_64/kernel/entry.S            |    4 
 arch/x86_64/kernel/setup64.c          |    4 
 drivers/char/drm/drm_pciids.h         |    4 
 drivers/char/rio/rio_linux.c          |    2 
 drivers/char/rtc.c                    |    5 
 drivers/i2c/busses/Kconfig            |   19 +-
 drivers/i2c/busses/i2c-i801.c         |    2 
 drivers/i2c/busses/i2c-mv64xxx.c      |    4 
 drivers/i2c/busses/i2c-viapro.c       |    8 +
 drivers/i2c/chips/ds1337.c            |    8 -
 drivers/input/keyboard/sunkbd.c       |    2 
 drivers/isdn/i4l/isdn_ppp.c           |    1 
 drivers/media/video/cx88/cx88-cards.c |    2 
 drivers/mtd/devices/mtd_dataflash.c   |    2 
 drivers/net/tokenring/ibmtr.c         |    4 
 drivers/usb/core/hcd.c                |    3 
 drivers/usb/net/Kconfig               |    1 
 fs/buffer.c                           |   21 ++
 fs/compat.c                           |    2 
 fs/cramfs/inode.c                     |    2 
 fs/ext2/dir.c                         |    8 +
 fs/ext3/dir.c                         |    3 
 fs/ext3/namei.c                       |    9 +
 fs/fuse/dir.c                         |   29 ++--
 fs/fuse/file.c                        |   12 +
 fs/fuse/inode.c                       |    4 
 fs/hfs/super.c                        |    2 
 include/asm-i386/system.h             |    8 -
 include/asm-x86_64/ia32_unistd.h      |    2 
 include/asm-x86_64/system.h           |   22 ++-
 include/linux/pci_ids.h               |    7 
 mm/mincore.c                          |  183 +++++++++++---------------
 mm/shmem.c                            |    7 
 net/bluetooth/cmtp/capi.c             |   39 ++++-
 net/bridge/netfilter/ebtables.c       |    3 
 net/core/dev.c                        |   14 +
 net/core/pktgen.c                     |   20 ++
 net/ipv4/devinet.c                    |    5 
 net/ipv4/tcp_input.c                  |   16 +-
 net/ipv6/addrconf.c                   |   12 +
 net/ipv6/mcast.c                      |    6 
 net/sched/cls_api.c                   |    4 
 net/sched/sch_api.c                   |   16 +-
 net/sched/sch_generic.c               |   66 ++-------
 sound/core/control.c                  |    1 
 sound/core/rtctimer.c                 |   17 +-
 sound/pci/emu10k1/emu10k1_main.c      |    4 
 sound/sparc/cs4231.c                  |   26 +--
 55 files changed, 409 insertions(+), 262 deletions(-)

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ