Changelog
linux-2.6 (2.6.38-4) unstable; urgency=low
* usb-audio: Define another USB ID for a buggy USB MIDI cable (Closes: #617743) * net: Enable BATMAN_ADV as module (Closes: #622361) * Add stable 2.6.38.3, including: - eCryptfs: Unlock page in write_begin error path - irda: validate peer name and attribute lengths (CVE-2011-1180) - irda: prevent heap corruption on invalid nickname - nilfs2: fix data loss in mmap page write for hole blocks - ALSA: pcm: fix infinite loop in snd_pcm_update_hw_ptr0() - inotify: fix double free/corruption of stuct user - perf: Fix task_struct reference leak - ROSE: prevent heap corruption with bad facilities (CVE-2011-1493) - [x86] mtrr, pat: Fix one cpu getting out of sync during resume - Input: synaptics - fix crash in synaptics_module_init() - ath9k: fix a chip wakeup related crash in ath9k_start - mac80211: fix a crash in minstrel_ht in HT mode with no supported MCS rates - UBIFS: fix oops on error path in read_pnode - quota: Don't write quota info in dquot_commit() - mm: avoid wrapping vm_pgoff in mremap() - wl12xx: fix potential buffer overflow in testmode nvs push - Bluetooth: sco: fix information leak to userspace (CVE-2011-1078) - bridge: netfilter: fix information leak (CVE-2011-1080) - Bluetooth: bnep: fix buffer overflow (CVE-2011-1079) - netfilter: ip_tables: fix infoleak to userspace (CVE-2011-1171) - netfilter: arp_tables: fix infoleak to userspace (CVE-2011-1170) - [x86] Revert "x86: Cleanup highmap after brk is concluded" (Closes: #621072) - Squashfs: handle corruption of directory structure - ext4: fix a double free in ext4_register_li_request - ext4: fix credits computing for indirect mapped files - nfsd: fix auth_domain reference leak on nlm operations - nfsd4: fix oops on lock failure - char/tpm: Fix unitialized usage of data buffer (CVE-2011-1160) - ipv6: netfilter: ip6_tables: fix infoleak to userspace (CVE-2011-1172) - econet: 4 byte infoleak to the network (CVE-2011-1173) - sound/oss: remove offset from load_patch callbacks (CVE-2011-1476, CVE-2011-1477) - inotify: fix double free/corruption of stuct user (CVE-2011-1479) For the complete list of changes, see: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.3 * Add stable 2.6.38.4, including: - vm: Fix vm_pgoff wrap in stack expansion - cifs: Always do is_path_accessible check in cifs_mount - cifs: Check for private_data before trying to put it - sn9c102: Restrict world-wirtable sysfs files - UBIFS: Restrict world-writable debugfs files - vm: Fix mlock() on stack guard page - UBIFS: Fix assertion warnings - perf: Fix task context scheduling - fib: Add rtnl locking in ip_fib_net_exit - l2tp: Fix possible oops on l2tp_eth module unload - ipv6: Fix duplicate /proc/sys/net/ipv6/neigh directory entries. - net_sched: fix ip_tos2prio - pppoe: drop PPPOX_ZOMBIEs in pppoe_flush_dev - xfrm: Refcount destination entry on xfrm_lookup - vlan: Take into account needed_headroom - bridge: Reset IPCB when entering IP stack on NF_FORWARD - futex: Set FLAGS_HAS_TIMEOUT during futex_wait restart setup - oom-kill: Remove boost_dying_task_prio() - UBIFS: Fix oops when R/O file-system is fsync'ed - sched: Fix erroneous all_pinned logic - vmscan: all_unreclaimable() use zone->all_unreclaimable as a name - next_pidmap: fix overflow condition - proc: Do proper range check on readdir offset - [powerpc] Fix oops if scan_dispatch_log is called too early - ehci: Unlink unused QHs when the controller is stopped - USB: Fix formatting of SuperSpeed endpoints in /proc/bus/usb/devices - xhci: Fix math in xhci_get_endpoint_interval() - xhci: Also free streams when resetting devices - USB: Fix unplug of device with active streams - bluetooth: Fix HCI_RESET command synchronization - bridge: Reset IPCB in br_parse_ip_options - ip: ip_options_compile() resilient to NULL skb route For the complete list of changes, see: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.4 * [s390] pfault: fix token handling (Closes: #622570) -- Ben Hutchings <email address hidden> Sat, 23 Apr 2011 03:17:53 +0100