lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <9c2783dfae10ef2d1e9b08bcc1e562c5@local>
Date:	Fri, 15 May 2015 10:05:30 +0200
From:	Willy Tarreau <w@....eu>
To:	linux-kernel@...r.kernel.org, stable@...r.kernel.org
Subject: [ 00/48] 2.6.32.66-longterm review

This is the start of the longterm review cycle for the 2.6.32.66 release.
All patches will be posted as a response to this one. If anyone has any
issue with these being applied, please let me know. If anyone is a
maintainer of the proper subsystem, and wants to add a Signed-off-by: line
to the patch, please respond with it. If anyone thinks some important
patches are missing and should be added prior to the release, please
report them quickly with their respective mainline commit IDs.

Responses should be made by Thu May 21 10:05:29 CEST 2015.
Anything received after that time might be too late. If someone
wants a bit more time for a deeper review, please let me know.

NOTE: 2.6.32 is approaching end of support. There will probably be one
or maybe two other versions issued in the next 3-6 months, and that will
be all, at least for me. Adding to this the time it can take to validate
and deploy in some environments, it probably makes sense to start to
think about switching to another longterm branch. 3.2 and 3.4 are good
candidates for those seeking rock-solid versions. Longterm branches and
their projected EOLs are listed here :

     https://www.kernel.org/category/releases.html

The whole patch series can be found in one patch at :
     https://kernel.org/pub/linux/kernel/v2.6/longterm-review/patch-2.6.32.66-rc1.gz

The shortlog and diffstat are appended below.

Thanks,
Willy

===============

Al Viro (1):
      rxrpc: bogus MSG_PEEK test in rxrpc_recvmsg()

Alexey Khoroshilov (1):
      sound/oss: fix deadlock in sequencer_ioctl(SNDCTL_SEQ_OUTOFBAND)

Alexey Kodanev (1):
      net: sysctl_net_core: check SNDBUF and RCVBUF for min length

Andy Lutomirski (10):
      x86/asm/traps: Disable tracing and kprobes in fixup_bad_iret and sync_regs
      x86/tls: Validate TLS entries to protect espfix
      x86, tls, ldt: Stop checking lm in LDT_empty
      x86, tls: Interpret an all-zero struct user_desc as "no segment"
      x86_64, switch_to(): Load TLS descriptors before switching DS and ES
      x86/tls: Disallow unusual TLS segments
      x86/tls: Don't validate lm in set_thread_area() after all
      x86, kvm: Clear paravirt_enabled on KVM guests for espfix32's benefit
      x86_64, vdso: Fix the vdso address randomization algorithm
      x86/asm/entry/64: Remove a bogus 'ret_from_fork' optimization

Ani Sinha (1):
      net:socket: set msg_namelen to 0 if msg_name is passed as NULL in msghdr struct from userland.

Arnd Bergmann (1):
      rds: avoid potential stack overflow

Ben Hutchings (1):
      splice: Apply generic position and size checks to each write

Benjamin Coddington (1):
      lockd: Try to reconnect if statd has moved

Borislav Petkov (1):
      x86, cpu, amd: Add workaround for family 16h, erratum 793

D.S. Ljungmark (1):
      ipv6: Don't reduce hop limit for an interface

Dan Carpenter (1):
      ipvs: uninitialized data with IP_VS_IPV6

Daniel Borkmann (2):
      net: sctp: fix memory leak in auth key management
      net: sctp: fix slab corruption from use after free on INIT collisions

Eli Cohen (1):
      IB/core: Avoid leakage from kernel to user space

Eric Dumazet (2):
      tcp: make connect() mem charging friendly
      tcp: avoid looping in tcp_send_fin()

Florian Westphal (2):
      netfilter: conntrack: disable generic tracking for known protocols
      ppp: deflate: never return len larger than output buffer

Hector Marco-Gisbert (1):
      ASLR: fix stack randomization on 64-bit systems

Ian Abbott (1):
      spi: spidev: fix possible arithmetic overflow for multi-transfer message

Ignacy Gawędzki (1):
      ematch: Fix auto-loading of ematch modules.

Jan Kara (3):
      isofs: Fix infinite looping over CE entries
      isofs: Fix unchecked printing of ER records
      scsi: Fix error handling in SCSI_IOCTL_SEND_COMMAND

Jann Horn (1):
      fs: take i_mutex during prepare_binprm for set[ug]id executables

Jiri Pirko (1):
      ipv4: fix nexthop attlen check in fib_nh_match

Kirill A. Shutemov (1):
      pagemap: do not leak physical addresses to non-privileged userspace

Mathias Krause (1):
      posix-timers: Fix stack info leak in timer_create()

Matthew Thode (1):
      net: reject creation of netdev names with colons

Michal Kubeček (1):
      udp: only allow UFO for packets from SOCK_DGRAM sockets

Robert Baldyga (1):
      serial: samsung: wait for transfer completion before clock disable

Sasha Levin (2):
      net: llc: use correct size for sysctl timeout entries
      net: rds: use correct size for max unacked packets and bytes

Sebastian Phn (1):
      ip_forward: Drop frames with attached skb->sk

Sergei Antonov (1):
      hfsplus: fix B-tree corruption after insertion at position 0

Shachar Raindel (1):
      IB/uverbs: Prevent integer overflow in ib_umem_get address arithmetic

Shai Fultheim (1):
      x86: Conditionally update time when ack-ing pending irqs

Steffen Klassert (1):
      ipv4: Don't use ufo handling on later transformed packets

bingtian.ly@...bao.com (1):
      net: avoid to hang up on sending due to sysctl configuration overflow.

 arch/x86/include/asm/desc.h                |  20 ++++--
 arch/x86/include/asm/ldt.h                 |   7 ++
 arch/x86/include/asm/msr-index.h           |   1 +
 arch/x86/kernel/apic/apic.c                |  12 ++--
 arch/x86/kernel/cpu/amd.c                  |  10 +++
 arch/x86/kernel/entry_64.S                 |  13 ++--
 arch/x86/kernel/kvm.c                      |   9 ++-
 arch/x86/kernel/kvmclock.c                 |   1 -
 arch/x86/kernel/process_64.c               | 101 +++++++++++++++++++++--------
 arch/x86/kernel/tls.c                      |  62 +++++++++++++++++-
 arch/x86/kernel/traps.c                    |   4 +-
 arch/x86/mm/mmap.c                         |   6 +-
 arch/x86/vdso/vma.c                        |  36 +++++++---
 block/scsi_ioctl.c                         |   3 +-
 drivers/infiniband/core/umem.c             |   8 +++
 drivers/infiniband/core/uverbs_main.c      |   1 +
 drivers/net/ppp_deflate.c                  |   2 +-
 drivers/serial/samsung.c                   |   4 ++
 drivers/spi/spidev.c                       |   5 +-
 fs/binfmt_elf.c                            |   5 +-
 fs/exec.c                                  |  65 ++++++++++++-------
 fs/hfsplus/brec.c                          |  20 +++---
 fs/isofs/rock.c                            |   9 +++
 fs/lockd/mon.c                             |   6 ++
 fs/ocfs2/file.c                            |   8 ++-
 fs/proc/task_mmu.c                         |  10 +++
 fs/splice.c                                |   8 ++-
 kernel/posix-timers.c                      |   1 +
 net/core/dev.c                             |   2 +-
 net/core/sysctl_net_core.c                 |  19 ++++--
 net/ipv4/fib_semantics.c                   |   2 +-
 net/ipv4/ip_forward.c                      |   3 +
 net/ipv4/ip_output.c                       |   3 +-
 net/ipv4/sysctl_net_ipv4.c                 |  13 ++--
 net/ipv4/tcp_output.c                      |  52 ++++++++-------
 net/ipv6/ip6_output.c                      |   3 +-
 net/ipv6/ndisc.c                           |   9 ++-
 net/llc/sysctl_net_llc.c                   |   8 +--
 net/netfilter/ipvs/ip_vs_ftp.c             |  10 +--
 net/netfilter/nf_conntrack_proto_generic.c |  26 +++++++-
 net/rds/iw_rdma.c                          |  40 +++++++-----
 net/rds/sysctl.c                           |   4 +-
 net/rxrpc/ar-recvmsg.c                     |   2 +-
 net/sched/ematch.c                         |   1 +
 net/sctp/associola.c                       |   1 -
 net/sctp/auth.c                            |   2 -
 net/socket.c                               |   3 +
 sound/oss/sequencer.c                      |  12 +---
 48 files changed, 465 insertions(+), 187 deletions(-)
--


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ