diff --git a/debian/changelog b/debian/changelog index 8402a13f0..1a3153c91 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,10 +1,49 @@ -linux (3.14.8-1) UNRELEASED; urgency=medium +linux (3.14.9-1) UNRELEASED; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.8 - Target/iscsi,iser: Avoid accepting transport connections during stop stage - iser-target: Fix multi network portal shutdown regression + https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.9 + - target: Fix NULL pointer dereference for XCOPY in target_put_sess_cmd + (regression in 3.14.6) + - iscsi-target: Reject mutual authentication with reflected CHAP_C + - ima: audit log files opened with O_DIRECT flag + - ima: introduce ima_kernel_read() (regression in 3.10) + - evm: prohibit userspace writing 'security.evm' HMAC value + - net: Use netlink_ns_capable to verify the permisions of netlink messages + (CVE-2014-0181) + - netlink: Only check file credentials for implicit destinations + - qlcnic: info leak in qlcnic_dcb_peer_app_info() + - ipv6: Fix regression caused by efe4208 in udp_v6_mcast_next() + (regression in 3.13) + - netlink: rate-limit leftover bytes warning and print process name + - bridge: Prevent insertion of FDB entry with disallowed vlan + - net: tunnels - enable module autoloading + - [sparc] net: filter: fix typo in sparc BPF JIT + - sfc: PIO:Restrict to 64bit arch and use 64-bit writes. + (regression in 3.13) + - ipv4: fix a race in ip4_datagram_release_cb() + - sctp: Fix sk_ack_backlog wrap-around problem + - udp: ipv4: do not waste time in __udp4_lib_mcast_demux_lookup + (regression in 3.13) + - USB: cdc-acm: Fix various bugs in power management + - USB: cdc-acm: fix I/O after failed open + - [x86] hv: use correct order when freeing monitor_pages + - ASoC: dapm: Make sure to always update the DAPM graph in _put_volsw() + (regression in 3.12) + - lzo: properly check for overruns (CVE-2014-4608) + - lz4: ensure length does not wrap (CVE-2014-4608) + - ALSA: compress: Cancel the optimization of compiler and fix the size of + struct for all platform. + - ALSA: control: Protect user controls against concurrent access + (CVE-2014-4652) + - ALSA: control: Fix replacing user controls (CVE-2014-4654, CVE-2014-4655) + - ALSA: control: Don't access controls outside of protected regions + (CVE-2014-4653) + - ALSA: control: Make sure that id->index does not overflow; + Handle numid overflow (CVE-2014-4656) [ Ben Hutchings ] * aufs: Update to aufs3.14-20140616: diff --git a/debian/config/defines b/debian/config/defines index 653fb8a91..6ca079f67 100644 --- a/debian/config/defines +++ b/debian/config/defines @@ -18,6 +18,10 @@ ignore-changes: i8042_* ps2_* serio_* +# Private to the team modules + module:drivers/net/team/team +# Apparently not used OOT + sock_diag_put_filterinfo [base] arches: diff --git a/debian/patches/debian/alsa-avoid-abi-change-for-cve-2014-4652-fix.patch b/debian/patches/debian/alsa-avoid-abi-change-for-cve-2014-4652-fix.patch new file mode 100644 index 000000000..8543612ac --- /dev/null +++ b/debian/patches/debian/alsa-avoid-abi-change-for-cve-2014-4652-fix.patch @@ -0,0 +1,33 @@ +From: Ben Hutchings +Date: Sun, 29 Jun 2014 02:05:57 +0100 +Subject: ALSA: Avoid ABI change for CVE-2014-4652 fix +Forwarded: not-needed + +Move the new member snd_card::user_ctl_lock to the end of the structure +and hide it from genksyms. struct snd_card is always allocated by +snd_card_create() in sound/core/init.c and user_ctl_lock is used in +sound/core/control.c, and these are part of the same module so they +are sure to be consistent. + +--- a/include/sound/core.h ++++ b/include/sound/core.h +@@ -121,8 +121,6 @@ struct snd_card { + int user_ctl_count; /* count of all user controls */ + struct list_head controls; /* all controls for this card */ + struct list_head ctl_files; /* active control files */ +- struct mutex user_ctl_lock; /* protects user controls against +- concurrent access */ + + struct snd_info_entry *proc_root; /* root for soundcard specific files */ + struct snd_info_entry *proc_id; /* the card id */ +@@ -149,6 +147,10 @@ struct snd_card { + struct snd_mixer_oss *mixer_oss; + int mixer_oss_change_count; + #endif ++#ifndef __GENKSYMS__ ++ struct mutex user_ctl_lock; /* protects user controls against ++ concurrent access */ ++#endif + }; + + #ifdef CONFIG_PM diff --git a/debian/patches/debian/sockdiag-avoid-abi-change-in-3.14.5.patch b/debian/patches/debian/sockdiag-avoid-abi-change-in-3.14.5.patch deleted file mode 100644 index 812e8e619..000000000 --- a/debian/patches/debian/sockdiag-avoid-abi-change-in-3.14.5.patch +++ /dev/null @@ -1,41 +0,0 @@ -From: Ben Hutchings -Date: Sun, 01 Jun 2014 20:38:59 +0100 -Subject: sockdiag: Avoid ABI change in 3.14.5 -Forwarded: not-needed - -Add the user_namespace parameter back to sock_diag_put_filterinfo(), -but don't use it there. - ---- a/include/linux/sock_diag.h -+++ b/include/linux/sock_diag.h -@@ -23,7 +23,7 @@ int sock_diag_check_cookie(void *sk, __u - void sock_diag_save_cookie(void *sk, __u32 *cookie); - - int sock_diag_put_meminfo(struct sock *sk, struct sk_buff *skb, int attr); --int sock_diag_put_filterinfo(struct sock *sk, -+int sock_diag_put_filterinfo(struct user_namespace *user_ns, struct sock *sk, - struct sk_buff *skb, int attrtype); - - #endif ---- a/net/core/sock_diag.c -+++ b/net/core/sock_diag.c -@@ -49,7 +49,7 @@ int sock_diag_put_meminfo(struct sock *s - } - EXPORT_SYMBOL_GPL(sock_diag_put_meminfo); - --int sock_diag_put_filterinfo(struct sock *sk, -+int sock_diag_put_filterinfo(struct user_namespace *user_ns __always_unused, struct sock *sk, - struct sk_buff *skb, int attrtype) - { - struct nlattr *attr; ---- a/net/packet/diag.c -+++ b/net/packet/diag.c -@@ -172,7 +172,7 @@ static int sk_diag_fill(struct sock *sk, - goto out_nlmsg_trim; - - if ((req->pdiag_show & PACKET_SHOW_FILTER) && -- sock_diag_put_filterinfo(sk, skb, PACKET_DIAG_FILTER)) -+ sock_diag_put_filterinfo(user_ns, sk, skb, PACKET_DIAG_FILTER)) - goto out_nlmsg_trim; - - return nlmsg_end(skb, nlh); diff --git a/debian/patches/series b/debian/patches/series index 6048134dc..fd0d28c2a 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -84,7 +84,6 @@ features/arm/ARM-sun4i-dt-Add-USB-host-bindings.patch debian/libata-avoid-abi-change-in-3.14.4.patch debian/dm-avoid-abi-change-in-3.14.4.patch debian/net-revert-lockdep-changes-in-3.14.5.patch -debian/sockdiag-avoid-abi-change-in-3.14.5.patch debian/target-avoid-abi-change-in-3.14.5.patch debian/netfilter-avoid-abi-change-in-3.14.5.patch bugfix/mips/MIPS-Fix-branch-emulation-of-branch-likely-instructi.patch @@ -92,3 +91,4 @@ debian/drivers-base-platform-avoid-abi-change-in-3.14.6.patch debian/dma-avoid-abi-change-in-3.14.6.patch debian/vfs-avoid-abi-change-for-cve-2014-4014.patch bugfix/all/SCSI-Fix-spurious-request-sense-in-error-handling.patch +debian/alsa-avoid-abi-change-for-cve-2014-4652-fix.patch