[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20070121160900.GI9093@stusta.de>
Date: Sun, 21 Jan 2007 17:09:00 +0100
From: Adrian Bunk <bunk@...sta.de>
To: linux-kernel@...r.kernel.org
Subject: Linux 2.6.16.38
Security fixes since 2.6.16.37:
- CVE-2006-4814: Fix incorrect user space access locking in mincore()
- CVE-2006-5173: i386: save/restore eflags in context switch
- CVE-2006-5749: Call init_timer() for ISDN PPP CCP reset state timer
- CVE-2006-5755: x86_64: Don't leak NT bit into next task
- CVE-2006-5757/CVE-2006-6060: grow_buffers() infinite loop fix
- CVE-2006-5823: corrupted cramfs filesystems cause kernel oops
- CVE-2006-6053: handle ext3 directory corruption better
- CVE-2006-6054: ext2: skip pages past number of blocks in ext2_find_entry
- CVE-2006-6056: hfs_fill_super returns success even if no root inode
- CVE-2006-6106: Bluetooth: Add packet size checks for CAPI messages
Location:
ftp://ftp.kernel.org/pub/linux/kernel/v2.6/
git tree:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-2.6.16.y.git
RSS feed of the git tree:
http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=rss
Changes since 2.6.16.37:
Adrian Bunk (6):
fix the UML compilation
USB_RTL8150 must select MII to avoid link errors.
x86_64: re-add a newline to RESTORE_CONTEXT
Linux 2.6.16.38-rc1
Linux 2.6.16.38-rc2
Linux 2.6.16.38
Andi Kleen (1):
x86_64: Don't leak NT bit into next task (CVE-2006-5755)
Andrew Morton (2):
grow_buffers() infinite loop fix (CVE-2006-5757/CVE-2006-6060)
ibmtr section fixes
Andrey Mirkin (1):
skip data conversion in compat_sys_mount when data_page is NULL
Arnaud Patard (1):
ALSA: emu10k1: Fix outl() in snd_emu10k1_resume_regs()
Badari Pulavarty (1):
Fix for shmem_truncate_range() BUG_ON()
Chuck Ebbert (2):
x86_64: fix ia32 syscall count
ebtables: check struct type before computing gap
Chuck Short (1):
drm: allow detection of new VIA chipsets
Clemens Ladisch (1):
ALSA: snd_rtctimer: handle RTC interrupts with a tasklet
Dave Airlie (1):
drm: Add the P4VM800PRO PCI ID.
David Brownell (1):
SPI/MTD: mtd_dataflash oops prevention
David L Stevens (1):
[IPV4/IPV6]: Fix inet{,6} device initialization order.
David S. Miller (1):
[SOUND] Sparc CS4231: Use 64 for period_bytes_min
Dirk Eibach (1):
i2c: fix broken ds1337 initialization
Eric Sandeen (3):
hfs_fill_super returns success even if no root inode (CVE-2006-6056)
ext2: skip pages past number of blocks in ext2_find_entry (CVE-2006-6054)
handle ext3 directory corruption better (CVE-2006-6053)
Fabrice Knevez (1):
[SUNKBD]: Fix sunkbd_enable(sunkbd, 0); obvious.
Georg Chini (1):
[SOUND] Sparc CS4231: Fix IRQ return value and initialization.
Jason Gaston (2):
PCI: irq: irq and pci_ids patch for Intel ICH9
i2c-i801: SMBus patch for Intel ICH9
Jean Delvare (1):
V4L: cx88: Fix leadtek_eeprom tagging
John Heffner (1):
TCP: Fix and simplify microsecond rtt sampling
Linus Torvalds (2):
Fix incorrect user space access locking in mincore() (CVE-2006-4814)
i386: save/restore eflags in context switch (CVE-2006-5173)
Marcel Holtmann (2):
Call init_timer() for ISDN PPP CCP reset state timer (CVE-2006-5749)
Bluetooth: Add packet size checks for CAPI messages (CVE-2006-6106)
Maxime Bizon (1):
i2c-mv64xxx: Fix random oops at boot
Mikael Pettersson (1):
USB: Fix alignment of buffer passed down to ->hub_control()
Miklos Szeredi (1):
fuse: fix hang on SMP
Paolo 'Blaisorblade' Giarrusso (2):
uml: fix processor selection
UML: fix the MODE_TT compilation
Patrick McHardy (1):
NET_SCHED: Fix fallout from dev->qdisc RCU change
Peter Zijlstra (1):
rtc: lockdep fix/workaround
Phillip Lougher (1):
corrupted cramfs filesystems cause kernel oops (CVE-2006-5823)
Robert Olsson (1):
[PKTGEN]: Fix module load/unload races.
Rudolf Marek (1):
i2c-viapro: Add support for the VT8237A and VT8251
Takashi Iwai (1):
ALSA: Fix initiailization of user-space controls
Willy Tarreau (1):
rio: typo in bitwise AND expression.
YOSHIFUJI Hideaki (1):
[IPV6] Fix joining all-node multicast group.
Documentation/i2c/busses/i2c-viapro | 7
Makefile | 2
arch/i386/Kconfig.cpu | 3
arch/i386/kernel/entry.S | 2
arch/i386/pci/irq.c | 6
arch/um/os-Linux/process.c | 5
arch/um/os-Linux/skas/process.c | 1
arch/x86_64/kernel/entry.S | 4
arch/x86_64/kernel/setup64.c | 4
drivers/char/drm/drm_pciids.h | 4
drivers/char/rio/rio_linux.c | 2
drivers/char/rtc.c | 5
drivers/i2c/busses/Kconfig | 19 +-
drivers/i2c/busses/i2c-i801.c | 2
drivers/i2c/busses/i2c-mv64xxx.c | 4
drivers/i2c/busses/i2c-viapro.c | 8 +
drivers/i2c/chips/ds1337.c | 8 -
drivers/input/keyboard/sunkbd.c | 2
drivers/isdn/i4l/isdn_ppp.c | 1
drivers/media/video/cx88/cx88-cards.c | 2
drivers/mtd/devices/mtd_dataflash.c | 2
drivers/net/tokenring/ibmtr.c | 4
drivers/usb/core/hcd.c | 3
drivers/usb/net/Kconfig | 1
fs/buffer.c | 21 ++
fs/compat.c | 2
fs/cramfs/inode.c | 2
fs/ext2/dir.c | 8 +
fs/ext3/dir.c | 3
fs/ext3/namei.c | 9 +
fs/fuse/dir.c | 29 ++--
fs/fuse/file.c | 12 +
fs/fuse/inode.c | 4
fs/hfs/super.c | 2
include/asm-i386/system.h | 8 -
include/asm-x86_64/ia32_unistd.h | 2
include/asm-x86_64/system.h | 22 ++-
include/linux/pci_ids.h | 7
mm/mincore.c | 183 +++++++++++---------------
mm/shmem.c | 7
net/bluetooth/cmtp/capi.c | 39 ++++-
net/bridge/netfilter/ebtables.c | 3
net/core/dev.c | 14 +
net/core/pktgen.c | 20 ++
net/ipv4/devinet.c | 5
net/ipv4/tcp_input.c | 16 +-
net/ipv6/addrconf.c | 12 +
net/ipv6/mcast.c | 6
net/sched/cls_api.c | 4
net/sched/sch_api.c | 16 +-
net/sched/sch_generic.c | 66 ++-------
sound/core/control.c | 1
sound/core/rtctimer.c | 17 +-
sound/pci/emu10k1/emu10k1_main.c | 4
sound/sparc/cs4231.c | 26 +--
55 files changed, 409 insertions(+), 262 deletions(-)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists