Changelog
linux (3.9.8-1) unstable; urgency=low
* New upstream stable update:
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.9.7
- b43: stop format string leaking into error msgs (CVE-2013-2852)
- ACPI / video: Do not bind to device objects with a scan handler
- libceph: must hold mutex for reset_changed_osds()
- ceph: ceph_pagelist_append might sleep while atomic
- rbd: don't destroy ceph_opts in rbd_add()
- Bluetooth: Fix missing length checks for L2CAP signalling PDUs
- kmsg: honor dmesg_restrict sysctl on /dev/kmsg
- memcg: don't initialize kmem-cache destroying work for root caches
- md/raid1: consider WRITE as successful only if at least one non-Faulty
and non-rebuilding drive completed it.
- md/raid1,5,10: Disable WRITE SAME until a recovery strategy is in place
- [x86] Modify UEFI anti-bricking code
- powerpc: Fix stack overflow crash in resume_kernel when ftracing
- USB: pl2303: fix device initialisation at open
- USB: f81232: fix device initialisation at open
- USB: spcp8x5: fix device initialisation at open
* New upstream stable update:
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.9.8
- ARM: 7752/1: errata: LoUIS bit field in CLIDR register is incorrect
- clk: remove notifier from list before freeing it
- [hppa] make interrupt and interruption stack allocation reentrant
- ACPI / dock: Take ACPI scan lock in write_undock()
- net: fec: fix kernel oops when plug/unplug cable many times
- tcp: fix tcp_md5_hash_skb_data()
- net/802/mrp: fix lockdep splat
- ipv6: fix possible crashes in ip6_cork_release()
- r8169: fix offloaded tx checksum for small packets.
- xfrm: properly handle invalid states as an error
- ip_tunnel: fix kernel panic with icmp_dest_unreach
- net: Block MSG_CMSG_COMPAT in send(m)msg and recv(m)msg
- net: force a reload of first item in hlist_nulls_for_each_entry_rcu
- vhost_net: clear msg.control for non-zerocopy case during tx
- net: sctp: fix NULL pointer dereference in socket destruction
- team: check return value of team_get_port_by_index_rcu() for NULL
- team: move add to port list before port enablement
- l2tp: Fix PPP header erasure and memory leak
- sctp: fully initialize sctp_outq in sctp_outq_init
- macvtap: set transport header before passing skb to lower device
- tuntap: set transport header before passing it to kernel
- packet: set transport header before doing xmit
- netback: set transport header before passing it to kernel
- net_sched: better precise estimation on packet length for untrusted
packets
- firmware loader: fix use-after-free by double abort
- target/iscsi: don't corrupt bh_count in iscsit_stop_time2retain_timer()
- rbd: use the correct length for format 2 object names
- perf: Fix perf mmap bugs
- perf: Fix mmap() accounting hole
[ Ben Hutchings ]
* yama: Disable ptrace restrictions by default, and change boot message
to indicate this (Closes: #712740)
* fanotify: info leak in copy_event_to_user() (CVE-2013-2148)
* drivers/cdrom/cdrom.c: use kzalloc() for failing hardware (CVE-2013-2164)
* block: do not pass disk names as format strings (CVE-2013-2851)
-- Ben Hutchings <email address hidden> Sat, 29 Jun 2013 18:44:21 +0100
