Changelog
linux (3.2.65-1) wheezy; urgency=medium
* New upstream stable update:
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.64
- percpu: fix pcpu_alloc_pages() failure path
- percpu: perform tlb flush after pcpu_map_pages() failure
- cgroup: reject cgroup names with '\n'
- [s390*] KVM: Fix user triggerable bug in dead code
- regmap: Fix handling of volatile registers for format_write() chips
- Revert "iwlwifi: dvm: don't enable CTS to self" (regression in 3.2.62)
- aio: add missing smp_rmb() in read_events_ring
- block: Fix dev_t minor allocation lifetime
- uwb: init beacon cache entry before registering uwb device
- perf: Fix a race condition in perf_remove_from_context()
- libceph: gracefully handle large reply messages from the mon
- libceph: add process_one_ticket() helper
- libceph: do not hard code max auth ticket len
- usb: hub: take hub->hdev reference when processing from eventlist
- futex: Unlock hb->lock in futex_wait_requeue_pi() error path
- alarmtimer: Return relative times in timer_gettime
- alarmtimer: Do not signal SIGEV_NONE timers
- alarmtimer: Lock k_itimer during timer callback
- vfs: don't bugger nd->seq on set_root_rcu() from follow_dotdot_rcu()
- vfs: Fold follow_mount_rcu() into follow_dotdot_rcu()
- vfs: be careful with nd->inode in path_init() and follow_dotdot_rcu()
- iscsi-target: Fix memory corruption in iscsit_logout_post_handler_diffcid
- NFSv4: Fix another bug in the close/open_downgrade code
- libiscsi: fix potential buffer overrun in __iscsi_conn_send_pdu
- nl80211: clear skb cb before passing to netlink
- ALSA: pcm: fix fifo_size frame calculation
- Fix nasty 32-bit overflow bug in buffer i/o code.
- sched: Fix unreleased llc_shared_mask bit during CPU hotplug
- [armhf] 8165/1: alignment: don't break misaligned NEON load/store
- nilfs2: fix data loss with mmap()
- ocfs2/dlm: do not get resource spinlock if lockres is new
(regression in 3.2)
- shmem: fix nlink for rename overwrite directory
- mm: migrate: Close race between migration completion and mprotect
- perf: fix perf bug in fork()
- [mips*] Fix forgotten preempt_enable() when CPU has inclusive pcaches
- ipv4: move route garbage collector to work queue
- ipv4: avoid parallel route cache gc executions
- ipv4: disable bh while doing route gc
- ipv6: reallocate addrconf router for ipv6 address when lo device up
(regression in 3.2.50)
- [x86] kvm,vmx: Preserve CR4 across VM entry
- ipvs: avoid netns exit crash on ip_vs_conn_drop_conntrack
- ring-buffer: Fix infinite spin in reading buffer (regression in 3.2.63)
- genhd: fix leftover might_sleep() in blk_free_devt()
- [x86] KVM: Fix far-jump to non-canonical check
(regression in 3.2.63-2+deb7u1)
- l2tp: fix race while getting PMTU on PPP pseudo-wire
* New upstream stable update:
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.65
- [x86] kvm: fix stale mmio cache bug
- UBIFS: fix a race condition
- [s390*] KVM: unintended fallthrough for external call
- ext4: check EA value offset when loading
- v4l2-common: fix overflow in v4l_bound_align_image()
- Revert "lzo: properly check for overruns"
- lzo: check for length overrun in variable length encoding.
- NFSv4: fix open/lock state recovery error handling
- NFSv4.1: Fix an NFSv4.1 state renewal regression
- target: Fix queue full status NULL pointer for SCF_TRANSPORT_TASK_SENSE
- vfs: fix data corruption when blocksize < pagesize for mmaped data
- dm bufio: update last_accessed when relinking a buffer
- ext4: don't orphan or truncate the boot loader inode
- ext4: add ext4_iget_normal() which is to be used for dir tree lookups
- ecryptfs: avoid to access NULL pointer when write metadata in xattr
- fs: make cont_expand_zero interruptible
- fix misuses of f_count() in ppp and netlink
- block: fix alignment_offset math that assumes io_min is a power-of-2
- fanotify: enable close-on-exec on events' fd when requested in
fanotify_init()
- selinux: fix inode security list corruption
- random: add and use memzero_explicit() for clearing data
- dm raid: ensure superblock's size matches device's logical block size
- scsi: Fix error handling in SCSI_IOCTL_SEND_COMMAND
- usb: serial: ftdi_sio: add "bricked" FTDI device PID
- nfsd4: fix crash on unknown operation number
- [x86] kvm: don't kill guest on unknown exit reason
- posix-timers: Fix stack info leak in timer_create()
- futex: Fix a race condition between REQUEUE_PI and task death
- ALSA: pcm: Zero-clear reserved fields of PCM status ioctl in compat mode
- zap_pte_range: update addr when forcing flush after TLB batching faiure
- mm, thp: fix collapsing of hugepages on madvise
- lib/bitmap.c: fix undefined shift in __bitmap_shift_{left|right}()
- ext4: fix overflow when updating superblock backups after resize
- ext4: bail out from make_indexed_dir() on first error
- tracing/syscalls: Fix perf syscall tracing when syscall_nr == -1
- tracing/syscalls: Ignore numbers outside NR_syscalls' range
- mac80211: fix use-after-free in defragmentation
- xhci: no switching back on non-ULT Haswell (regression in 3.2.53)
- audit: keep inode pinned
- libceph: do not crash on large auth tickets
- firewire: cdev: prevent kernel stack leaking into ioctl arguments
- iio: Fix IIO_EVENT_CODE_EXTRACT_DIR bit mask
- [x86] Require exact match for 'noxsave' command line option
- [amd64] mm: Mark data/bss/brk to nx
- [amd64] mm: Set NX across entire PMD at boot
- SUNRPC: Fix locking around callback channel reply receive
- bnx2fc: do not add shared skbs to the fcoe_rx_list
- Revert "xhci: clear root port wake on bits if controller isn't wake-up
capable" (regression in 3.2.62)
- [amd64] ALSA: hda - Limit 40bit DMA for AMD HDMI controllers
- mei: add mei_quirk_probe function
- tcp: be more strict before accepting ECN negociation
- hpsa: fix a race in cmd_free/scsi_done
- mm: Remove false WARN_ON from pagecache_isize_extended()
[ Ben Hutchings ]
* [rt] Update to 3.2.64-rt94:
- sched: Do not clear PF_NO_SETAFFINITY flag in select_fallback_rq()
- workqueue: Prevent deadlock/stall on RT
- hrtimer:fix the miss of hrtimer_peek_ahead_timers in nort code
- lockdep: Fix backport of "Correctly annotate hardirq context in
irq_exit()"
* drm, agp: Update to 3.4.105:
- drm/i915: Remove bogus __init annotation from DMI callbacks
- drm/vmwgfx: Fix a potential infinite spin waiting for fifo idle
- drm/radeon: add connector quirk for fujitsu board
* [x86] KVM: Don't report guest userspace emulation error to userspace
(CVE-2014-7842)
* [x86] kvm: Clear paravirt_enabled on KVM guests for espfix32's benefit
(CVE-2014-8134)
* isofs: Fix infinite looping over CE entries (CVE-2014-9420)
-- Ben Hutchings <email address hidden> Mon, 29 Dec 2014 02:50:43 +0100