[Kernel-packages] [Bug 1555353] Re: CVE-2016-3135
This bug was fixed in the package linux-raspi2 - 4.4.0-1019.25 --- linux-raspi2 (4.4.0-1019.25) xenial; urgency=low [ Seth Forshee ] * Release Tracking Bug - LP: #1605715 [ Ubuntu: 4.4.0-33.52 ] * Release Tracking Bug - LP: #1605709 * [regression] NFS client: access problems after updating to kernel 4.4.0-31-generic (LP: #1603719) - SAUCE: (namespace) Bypass sget() capability check for nfs linux-raspi2 (4.4.0-1018.24) xenial; urgency=low [ Seth Forshee ] * Release Tracking Bug - LP: #1604457 * Drop superseded namespace mount patches (LP: #1604830) - UBUNTU: SAUCE: fs: Ensure the mounter of a filesystem is privileged towards its inodes - UBUNTU: SAUCE: quota: Treat superblock owner as privilged - UBUNTU: SAUCE: kernfs: Always set super block owner to init_user_ns - UBUNTU: SAUCE: proc: Always set super block owner to init_user_ns * UBUNTU: [Config] updateconfigs after 4.4.0-32.51 rebase (LP: #1603483) [ Kamal Mostafa ] * [Debian] embed derivative target name in release tag (LP: #1599924) [ Ubuntu: 4.4.0-32.51 ] * Release Tracking Bug - LP: #1604443 * thinkpad yoga 260 wacom touchscreen not working (LP: #1603975) - HID: wacom: break out parsing of device and registering of input - HID: wacom: Initialize hid_data.inputmode to -1 - HID: wacom: Support switching from vendor-defined device mode on G9 and G11 * changelog: add CVEs as first class citizens (LP: #1604344) - use CVE numbers in changelog * [Xenial] Include Huawei PCIe SSD hio kernel driver (LP: #1603483) - SAUCE: import Huawei ES3000_V2 (2.1.0.23) - SAUCE: hio: bio_endio() no longer takes errors arg - SAUCE: hio: blk_queue make_request_fn now returns a blk_qc_t - SAUCE: hio: use alloc_cpumask_var to avoid -Wframe-larger-than - SAUCE: hio: fix mask maybe-uninitialized warning - [config] enable CONFIG_HIO (Huawei ES3000_V2 PCIe SSD driver) - SAUCE: hio: Makefile and Kconfig * CVE-2016-5243 (LP: #1589036) - tipc: fix an infoleak in tipc_nl_compat_link_dump - tipc: fix nl compat regression for link statistics * CVE-2016-4470 - KEYS: potential uninitialized variable * integer overflow in xt_alloc_table_info (LP: #1555353) - netfilter: x_tables: check for size overflow * CVE-2016-3135: - Revert "UBUNTU: SAUCE: (noup) netfilter: x_tables: check for size overflow" * CVE-2016-4440 (LP: #1584192) - kvm:vmx: more complete state update on APICv on/off * the system hangs in the dma driver when reboot or shutdown on a baytrail-m laptop (LP: #1602579) - dmaengine: dw: platform: power on device on shutdown - ACPI / LPSS: override power state for LPSS DMA device * Add proper palm detection support for MS Precision Touchpad (LP: #1593124) - Revert "HID: multitouch: enable palm rejection if device implements confidence usage" - HID: multitouch: enable palm rejection for Windows Precision Touchpad * Add support for Intel 8265 Bluetooth ([8087:0A2B]) (LP: #1599068) - Bluetooth: Add support for Intel Bluetooth device 8265 [8087:0a2b] * CVE-2016-4794 (LP: #1581871) - percpu: fix synchronization between chunk->map_extend_work and chunk destruction - percpu: fix synchronization between synchronous map extension and chunk destruction * Xenial update to v4.4.15 stable release (LP: #1601952) - net_sched: fix pfifo_head_drop behavior vs backlog - net: Don't forget pr_fmt on net_dbg_ratelimited for CONFIG_DYNAMIC_DEBUG - sit: correct IP protocol used in ipip6_err - esp: Fix ESN generation under UDP encapsulation - netem: fix a use after free - ipmr/ip6mr: Initialize the last assert time of mfc entries. - Bridge: Fix ipv6 mc snooping if bridge has no ipv6 address - sock_diag: do not broadcast raw socket destruction - bpf, perf: delay release of BPF prog after grace period - neigh: Explicitly declare RCU-bh read side critical section in neigh_xmit() - net: macb: fix default configuration for GMAC on AT91 - net: alx: Work around the DMA RX overflow issue - bpf: try harder on clones when writing into skb - AX.25: Close socket connection on session completion - crypto: ux500 - memmove the right size - crypto: user - re-add size check for CRYPTO_MSG_GETALG - USB: uas: Fix slave queue_depth not being set - usb: quirks: Fix sorting - usb: quirks: Add no-lpm quirk for Acer C120 LED Projector - usb: musb: only restore devctl when session was set in backup - usb: musb: Stop bulk endpoint while queue is rotated - usb: musb: Ensure rx reinit occurs for shared_fifo endpoints - usb: musb: host: correct cppi dma channel for isoch transfer - usb: xhci-plat: properly handle probe deferral for devm_clk_get() - USB: xhci: Add broken streams quirk for Frescologic device id 1009 - xhci: Fix handling timeouted commands on hosts in weird states. - USB: mos7720:
[Kernel-packages] [Bug 1555353] Re: CVE-2016-3135
This bug was fixed in the package linux-raspi2 - 4.4.0-1019.25 --- linux-raspi2 (4.4.0-1019.25) xenial; urgency=low [ Seth Forshee ] * Release Tracking Bug - LP: #1605715 [ Ubuntu: 4.4.0-33.52 ] * Release Tracking Bug - LP: #1605709 * [regression] NFS client: access problems after updating to kernel 4.4.0-31-generic (LP: #1603719) - SAUCE: (namespace) Bypass sget() capability check for nfs linux-raspi2 (4.4.0-1018.24) xenial; urgency=low [ Seth Forshee ] * Release Tracking Bug - LP: #1604457 * Drop superseded namespace mount patches (LP: #1604830) - UBUNTU: SAUCE: fs: Ensure the mounter of a filesystem is privileged towards its inodes - UBUNTU: SAUCE: quota: Treat superblock owner as privilged - UBUNTU: SAUCE: kernfs: Always set super block owner to init_user_ns - UBUNTU: SAUCE: proc: Always set super block owner to init_user_ns * UBUNTU: [Config] updateconfigs after 4.4.0-32.51 rebase (LP: #1603483) [ Kamal Mostafa ] * [Debian] embed derivative target name in release tag (LP: #1599924) [ Ubuntu: 4.4.0-32.51 ] * Release Tracking Bug - LP: #1604443 * thinkpad yoga 260 wacom touchscreen not working (LP: #1603975) - HID: wacom: break out parsing of device and registering of input - HID: wacom: Initialize hid_data.inputmode to -1 - HID: wacom: Support switching from vendor-defined device mode on G9 and G11 * changelog: add CVEs as first class citizens (LP: #1604344) - use CVE numbers in changelog * [Xenial] Include Huawei PCIe SSD hio kernel driver (LP: #1603483) - SAUCE: import Huawei ES3000_V2 (2.1.0.23) - SAUCE: hio: bio_endio() no longer takes errors arg - SAUCE: hio: blk_queue make_request_fn now returns a blk_qc_t - SAUCE: hio: use alloc_cpumask_var to avoid -Wframe-larger-than - SAUCE: hio: fix mask maybe-uninitialized warning - [config] enable CONFIG_HIO (Huawei ES3000_V2 PCIe SSD driver) - SAUCE: hio: Makefile and Kconfig * CVE-2016-5243 (LP: #1589036) - tipc: fix an infoleak in tipc_nl_compat_link_dump - tipc: fix nl compat regression for link statistics * CVE-2016-4470 - KEYS: potential uninitialized variable * integer overflow in xt_alloc_table_info (LP: #1555353) - netfilter: x_tables: check for size overflow * CVE-2016-3135: - Revert "UBUNTU: SAUCE: (noup) netfilter: x_tables: check for size overflow" * CVE-2016-4440 (LP: #1584192) - kvm:vmx: more complete state update on APICv on/off * the system hangs in the dma driver when reboot or shutdown on a baytrail-m laptop (LP: #1602579) - dmaengine: dw: platform: power on device on shutdown - ACPI / LPSS: override power state for LPSS DMA device * Add proper palm detection support for MS Precision Touchpad (LP: #1593124) - Revert "HID: multitouch: enable palm rejection if device implements confidence usage" - HID: multitouch: enable palm rejection for Windows Precision Touchpad * Add support for Intel 8265 Bluetooth ([8087:0A2B]) (LP: #1599068) - Bluetooth: Add support for Intel Bluetooth device 8265 [8087:0a2b] * CVE-2016-4794 (LP: #1581871) - percpu: fix synchronization between chunk->map_extend_work and chunk destruction - percpu: fix synchronization between synchronous map extension and chunk destruction * Xenial update to v4.4.15 stable release (LP: #1601952) - net_sched: fix pfifo_head_drop behavior vs backlog - net: Don't forget pr_fmt on net_dbg_ratelimited for CONFIG_DYNAMIC_DEBUG - sit: correct IP protocol used in ipip6_err - esp: Fix ESN generation under UDP encapsulation - netem: fix a use after free - ipmr/ip6mr: Initialize the last assert time of mfc entries. - Bridge: Fix ipv6 mc snooping if bridge has no ipv6 address - sock_diag: do not broadcast raw socket destruction - bpf, perf: delay release of BPF prog after grace period - neigh: Explicitly declare RCU-bh read side critical section in neigh_xmit() - net: macb: fix default configuration for GMAC on AT91 - net: alx: Work around the DMA RX overflow issue - bpf: try harder on clones when writing into skb - AX.25: Close socket connection on session completion - crypto: ux500 - memmove the right size - crypto: user - re-add size check for CRYPTO_MSG_GETALG - USB: uas: Fix slave queue_depth not being set - usb: quirks: Fix sorting - usb: quirks: Add no-lpm quirk for Acer C120 LED Projector - usb: musb: only restore devctl when session was set in backup - usb: musb: Stop bulk endpoint while queue is rotated - usb: musb: Ensure rx reinit occurs for shared_fifo endpoints - usb: musb: host: correct cppi dma channel for isoch transfer - usb: xhci-plat: properly handle probe deferral for devm_clk_get() - USB: xhci: Add broken streams quirk for Frescologic device id 1009 - xhci: Fix handling timeouted commands on hosts in weird states. - USB: mos7720:
[Kernel-packages] [Bug 1555353] Re: CVE-2016-3135
This bug was fixed in the package linux-snapdragon - 4.4.0-1022.25 --- linux-snapdragon (4.4.0-1022.25) xenial; urgency=low [ Seth Forshee ] * Release Tracking Bug - LP: #1605716 [ Ubuntu: 4.4.0-33.52 ] * Release Tracking Bug - LP: #1605709 * [regression] NFS client: access problems after updating to kernel 4.4.0-31-generic (LP: #1603719) - SAUCE: (namespace) Bypass sget() capability check for nfs linux-snapdragon (4.4.0-1021.24) xenial; urgency=low [ Seth Forshee ] * Release Tracking Bug - LP: #1604458 * Drop superseded namespace mount patches (LP: #1604830) - UBUNTU: SAUCE: fs: Ensure the mounter of a filesystem is privileged towards its inodes - UBUNTU: SAUCE: quota: Treat superblock owner as privilged - UBUNTU: SAUCE: kernfs: Always set super block owner to init_user_ns - UBUNTU: SAUCE: proc: Always set super block owner to init_user_ns * UBUNTU: [Config] updateconfigs after 4.4.0-32.51 rebase (LP: #1603483) [ Kamal Mostafa ] * [Debian] embed derivative target name in release tag (LP: #1599924) [ Ubuntu: 4.4.0-32.51 ] * Release Tracking Bug - LP: #1604443 * thinkpad yoga 260 wacom touchscreen not working (LP: #1603975) - HID: wacom: break out parsing of device and registering of input - HID: wacom: Initialize hid_data.inputmode to -1 - HID: wacom: Support switching from vendor-defined device mode on G9 and G11 * changelog: add CVEs as first class citizens (LP: #1604344) - use CVE numbers in changelog * [Xenial] Include Huawei PCIe SSD hio kernel driver (LP: #1603483) - SAUCE: import Huawei ES3000_V2 (2.1.0.23) - SAUCE: hio: bio_endio() no longer takes errors arg - SAUCE: hio: blk_queue make_request_fn now returns a blk_qc_t - SAUCE: hio: use alloc_cpumask_var to avoid -Wframe-larger-than - SAUCE: hio: fix mask maybe-uninitialized warning - [config] enable CONFIG_HIO (Huawei ES3000_V2 PCIe SSD driver) - SAUCE: hio: Makefile and Kconfig * CVE-2016-5243 (LP: #1589036) - tipc: fix an infoleak in tipc_nl_compat_link_dump - tipc: fix nl compat regression for link statistics * CVE-2016-4470 - KEYS: potential uninitialized variable * integer overflow in xt_alloc_table_info (LP: #1555353) - netfilter: x_tables: check for size overflow * CVE-2016-3135: - Revert "UBUNTU: SAUCE: (noup) netfilter: x_tables: check for size overflow" * CVE-2016-4440 (LP: #1584192) - kvm:vmx: more complete state update on APICv on/off * the system hangs in the dma driver when reboot or shutdown on a baytrail-m laptop (LP: #1602579) - dmaengine: dw: platform: power on device on shutdown - ACPI / LPSS: override power state for LPSS DMA device * Add proper palm detection support for MS Precision Touchpad (LP: #1593124) - Revert "HID: multitouch: enable palm rejection if device implements confidence usage" - HID: multitouch: enable palm rejection for Windows Precision Touchpad * Add support for Intel 8265 Bluetooth ([8087:0A2B]) (LP: #1599068) - Bluetooth: Add support for Intel Bluetooth device 8265 [8087:0a2b] * CVE-2016-4794 (LP: #1581871) - percpu: fix synchronization between chunk->map_extend_work and chunk destruction - percpu: fix synchronization between synchronous map extension and chunk destruction * Xenial update to v4.4.15 stable release (LP: #1601952) - net_sched: fix pfifo_head_drop behavior vs backlog - net: Don't forget pr_fmt on net_dbg_ratelimited for CONFIG_DYNAMIC_DEBUG - sit: correct IP protocol used in ipip6_err - esp: Fix ESN generation under UDP encapsulation - netem: fix a use after free - ipmr/ip6mr: Initialize the last assert time of mfc entries. - Bridge: Fix ipv6 mc snooping if bridge has no ipv6 address - sock_diag: do not broadcast raw socket destruction - bpf, perf: delay release of BPF prog after grace period - neigh: Explicitly declare RCU-bh read side critical section in neigh_xmit() - net: macb: fix default configuration for GMAC on AT91 - net: alx: Work around the DMA RX overflow issue - bpf: try harder on clones when writing into skb - AX.25: Close socket connection on session completion - crypto: ux500 - memmove the right size - crypto: user - re-add size check for CRYPTO_MSG_GETALG - USB: uas: Fix slave queue_depth not being set - usb: quirks: Fix sorting - usb: quirks: Add no-lpm quirk for Acer C120 LED Projector - usb: musb: only restore devctl when session was set in backup - usb: musb: Stop bulk endpoint while queue is rotated - usb: musb: Ensure rx reinit occurs for shared_fifo endpoints - usb: musb: host: correct cppi dma channel for isoch transfer - usb: xhci-plat: properly handle probe deferral for devm_clk_get() - USB: xhci: Add broken streams quirk for Frescologic device id 1009 - xhci: Fix handling timeouted commands on hosts in weird states. -
[Kernel-packages] [Bug 1555353] Re: CVE-2016-3135
This bug was fixed in the package linux-snapdragon - 4.4.0-1022.25 --- linux-snapdragon (4.4.0-1022.25) xenial; urgency=low [ Seth Forshee ] * Release Tracking Bug - LP: #1605716 [ Ubuntu: 4.4.0-33.52 ] * Release Tracking Bug - LP: #1605709 * [regression] NFS client: access problems after updating to kernel 4.4.0-31-generic (LP: #1603719) - SAUCE: (namespace) Bypass sget() capability check for nfs linux-snapdragon (4.4.0-1021.24) xenial; urgency=low [ Seth Forshee ] * Release Tracking Bug - LP: #1604458 * Drop superseded namespace mount patches (LP: #1604830) - UBUNTU: SAUCE: fs: Ensure the mounter of a filesystem is privileged towards its inodes - UBUNTU: SAUCE: quota: Treat superblock owner as privilged - UBUNTU: SAUCE: kernfs: Always set super block owner to init_user_ns - UBUNTU: SAUCE: proc: Always set super block owner to init_user_ns * UBUNTU: [Config] updateconfigs after 4.4.0-32.51 rebase (LP: #1603483) [ Kamal Mostafa ] * [Debian] embed derivative target name in release tag (LP: #1599924) [ Ubuntu: 4.4.0-32.51 ] * Release Tracking Bug - LP: #1604443 * thinkpad yoga 260 wacom touchscreen not working (LP: #1603975) - HID: wacom: break out parsing of device and registering of input - HID: wacom: Initialize hid_data.inputmode to -1 - HID: wacom: Support switching from vendor-defined device mode on G9 and G11 * changelog: add CVEs as first class citizens (LP: #1604344) - use CVE numbers in changelog * [Xenial] Include Huawei PCIe SSD hio kernel driver (LP: #1603483) - SAUCE: import Huawei ES3000_V2 (2.1.0.23) - SAUCE: hio: bio_endio() no longer takes errors arg - SAUCE: hio: blk_queue make_request_fn now returns a blk_qc_t - SAUCE: hio: use alloc_cpumask_var to avoid -Wframe-larger-than - SAUCE: hio: fix mask maybe-uninitialized warning - [config] enable CONFIG_HIO (Huawei ES3000_V2 PCIe SSD driver) - SAUCE: hio: Makefile and Kconfig * CVE-2016-5243 (LP: #1589036) - tipc: fix an infoleak in tipc_nl_compat_link_dump - tipc: fix nl compat regression for link statistics * CVE-2016-4470 - KEYS: potential uninitialized variable * integer overflow in xt_alloc_table_info (LP: #1555353) - netfilter: x_tables: check for size overflow * CVE-2016-3135: - Revert "UBUNTU: SAUCE: (noup) netfilter: x_tables: check for size overflow" * CVE-2016-4440 (LP: #1584192) - kvm:vmx: more complete state update on APICv on/off * the system hangs in the dma driver when reboot or shutdown on a baytrail-m laptop (LP: #1602579) - dmaengine: dw: platform: power on device on shutdown - ACPI / LPSS: override power state for LPSS DMA device * Add proper palm detection support for MS Precision Touchpad (LP: #1593124) - Revert "HID: multitouch: enable palm rejection if device implements confidence usage" - HID: multitouch: enable palm rejection for Windows Precision Touchpad * Add support for Intel 8265 Bluetooth ([8087:0A2B]) (LP: #1599068) - Bluetooth: Add support for Intel Bluetooth device 8265 [8087:0a2b] * CVE-2016-4794 (LP: #1581871) - percpu: fix synchronization between chunk->map_extend_work and chunk destruction - percpu: fix synchronization between synchronous map extension and chunk destruction * Xenial update to v4.4.15 stable release (LP: #1601952) - net_sched: fix pfifo_head_drop behavior vs backlog - net: Don't forget pr_fmt on net_dbg_ratelimited for CONFIG_DYNAMIC_DEBUG - sit: correct IP protocol used in ipip6_err - esp: Fix ESN generation under UDP encapsulation - netem: fix a use after free - ipmr/ip6mr: Initialize the last assert time of mfc entries. - Bridge: Fix ipv6 mc snooping if bridge has no ipv6 address - sock_diag: do not broadcast raw socket destruction - bpf, perf: delay release of BPF prog after grace period - neigh: Explicitly declare RCU-bh read side critical section in neigh_xmit() - net: macb: fix default configuration for GMAC on AT91 - net: alx: Work around the DMA RX overflow issue - bpf: try harder on clones when writing into skb - AX.25: Close socket connection on session completion - crypto: ux500 - memmove the right size - crypto: user - re-add size check for CRYPTO_MSG_GETALG - USB: uas: Fix slave queue_depth not being set - usb: quirks: Fix sorting - usb: quirks: Add no-lpm quirk for Acer C120 LED Projector - usb: musb: only restore devctl when session was set in backup - usb: musb: Stop bulk endpoint while queue is rotated - usb: musb: Ensure rx reinit occurs for shared_fifo endpoints - usb: musb: host: correct cppi dma channel for isoch transfer - usb: xhci-plat: properly handle probe deferral for devm_clk_get() - USB: xhci: Add broken streams quirk for Frescologic device id 1009 - xhci: Fix handling timeouted commands on hosts in weird states. -
[Kernel-packages] [Bug 1555353] Re: CVE-2016-3135
This bug was fixed in the package linux-raspi2 - 4.4.0-1019.25 --- linux-raspi2 (4.4.0-1019.25) xenial; urgency=low [ Seth Forshee ] * Release Tracking Bug - LP: #1605715 [ Ubuntu: 4.4.0-33.52 ] * Release Tracking Bug - LP: #1605709 * [regression] NFS client: access problems after updating to kernel 4.4.0-31-generic (LP: #1603719) - SAUCE: (namespace) Bypass sget() capability check for nfs linux-raspi2 (4.4.0-1018.24) xenial; urgency=low [ Seth Forshee ] * Release Tracking Bug - LP: #1604457 * Drop superseded namespace mount patches (LP: #1604830) - UBUNTU: SAUCE: fs: Ensure the mounter of a filesystem is privileged towards its inodes - UBUNTU: SAUCE: quota: Treat superblock owner as privilged - UBUNTU: SAUCE: kernfs: Always set super block owner to init_user_ns - UBUNTU: SAUCE: proc: Always set super block owner to init_user_ns * UBUNTU: [Config] updateconfigs after 4.4.0-32.51 rebase (LP: #1603483) [ Kamal Mostafa ] * [Debian] embed derivative target name in release tag (LP: #1599924) [ Ubuntu: 4.4.0-32.51 ] * Release Tracking Bug - LP: #1604443 * thinkpad yoga 260 wacom touchscreen not working (LP: #1603975) - HID: wacom: break out parsing of device and registering of input - HID: wacom: Initialize hid_data.inputmode to -1 - HID: wacom: Support switching from vendor-defined device mode on G9 and G11 * changelog: add CVEs as first class citizens (LP: #1604344) - use CVE numbers in changelog * [Xenial] Include Huawei PCIe SSD hio kernel driver (LP: #1603483) - SAUCE: import Huawei ES3000_V2 (2.1.0.23) - SAUCE: hio: bio_endio() no longer takes errors arg - SAUCE: hio: blk_queue make_request_fn now returns a blk_qc_t - SAUCE: hio: use alloc_cpumask_var to avoid -Wframe-larger-than - SAUCE: hio: fix mask maybe-uninitialized warning - [config] enable CONFIG_HIO (Huawei ES3000_V2 PCIe SSD driver) - SAUCE: hio: Makefile and Kconfig * CVE-2016-5243 (LP: #1589036) - tipc: fix an infoleak in tipc_nl_compat_link_dump - tipc: fix nl compat regression for link statistics * CVE-2016-4470 - KEYS: potential uninitialized variable * integer overflow in xt_alloc_table_info (LP: #1555353) - netfilter: x_tables: check for size overflow * CVE-2016-3135: - Revert "UBUNTU: SAUCE: (noup) netfilter: x_tables: check for size overflow" * CVE-2016-4440 (LP: #1584192) - kvm:vmx: more complete state update on APICv on/off * the system hangs in the dma driver when reboot or shutdown on a baytrail-m laptop (LP: #1602579) - dmaengine: dw: platform: power on device on shutdown - ACPI / LPSS: override power state for LPSS DMA device * Add proper palm detection support for MS Precision Touchpad (LP: #1593124) - Revert "HID: multitouch: enable palm rejection if device implements confidence usage" - HID: multitouch: enable palm rejection for Windows Precision Touchpad * Add support for Intel 8265 Bluetooth ([8087:0A2B]) (LP: #1599068) - Bluetooth: Add support for Intel Bluetooth device 8265 [8087:0a2b] * CVE-2016-4794 (LP: #1581871) - percpu: fix synchronization between chunk->map_extend_work and chunk destruction - percpu: fix synchronization between synchronous map extension and chunk destruction * Xenial update to v4.4.15 stable release (LP: #1601952) - net_sched: fix pfifo_head_drop behavior vs backlog - net: Don't forget pr_fmt on net_dbg_ratelimited for CONFIG_DYNAMIC_DEBUG - sit: correct IP protocol used in ipip6_err - esp: Fix ESN generation under UDP encapsulation - netem: fix a use after free - ipmr/ip6mr: Initialize the last assert time of mfc entries. - Bridge: Fix ipv6 mc snooping if bridge has no ipv6 address - sock_diag: do not broadcast raw socket destruction - bpf, perf: delay release of BPF prog after grace period - neigh: Explicitly declare RCU-bh read side critical section in neigh_xmit() - net: macb: fix default configuration for GMAC on AT91 - net: alx: Work around the DMA RX overflow issue - bpf: try harder on clones when writing into skb - AX.25: Close socket connection on session completion - crypto: ux500 - memmove the right size - crypto: user - re-add size check for CRYPTO_MSG_GETALG - USB: uas: Fix slave queue_depth not being set - usb: quirks: Fix sorting - usb: quirks: Add no-lpm quirk for Acer C120 LED Projector - usb: musb: only restore devctl when session was set in backup - usb: musb: Stop bulk endpoint while queue is rotated - usb: musb: Ensure rx reinit occurs for shared_fifo endpoints - usb: musb: host: correct cppi dma channel for isoch transfer - usb: xhci-plat: properly handle probe deferral for devm_clk_get() - USB: xhci: Add broken streams quirk for Frescologic device id 1009 - xhci: Fix handling timeouted commands on hosts in weird states. - USB: mos7720:
[Kernel-packages] [Bug 1555353] Re: CVE-2016-3135
This bug was fixed in the package linux-snapdragon - 4.4.0-1022.25 --- linux-snapdragon (4.4.0-1022.25) xenial; urgency=low [ Seth Forshee ] * Release Tracking Bug - LP: #1605716 [ Ubuntu: 4.4.0-33.52 ] * Release Tracking Bug - LP: #1605709 * [regression] NFS client: access problems after updating to kernel 4.4.0-31-generic (LP: #1603719) - SAUCE: (namespace) Bypass sget() capability check for nfs linux-snapdragon (4.4.0-1021.24) xenial; urgency=low [ Seth Forshee ] * Release Tracking Bug - LP: #1604458 * Drop superseded namespace mount patches (LP: #1604830) - UBUNTU: SAUCE: fs: Ensure the mounter of a filesystem is privileged towards its inodes - UBUNTU: SAUCE: quota: Treat superblock owner as privilged - UBUNTU: SAUCE: kernfs: Always set super block owner to init_user_ns - UBUNTU: SAUCE: proc: Always set super block owner to init_user_ns * UBUNTU: [Config] updateconfigs after 4.4.0-32.51 rebase (LP: #1603483) [ Kamal Mostafa ] * [Debian] embed derivative target name in release tag (LP: #1599924) [ Ubuntu: 4.4.0-32.51 ] * Release Tracking Bug - LP: #1604443 * thinkpad yoga 260 wacom touchscreen not working (LP: #1603975) - HID: wacom: break out parsing of device and registering of input - HID: wacom: Initialize hid_data.inputmode to -1 - HID: wacom: Support switching from vendor-defined device mode on G9 and G11 * changelog: add CVEs as first class citizens (LP: #1604344) - use CVE numbers in changelog * [Xenial] Include Huawei PCIe SSD hio kernel driver (LP: #1603483) - SAUCE: import Huawei ES3000_V2 (2.1.0.23) - SAUCE: hio: bio_endio() no longer takes errors arg - SAUCE: hio: blk_queue make_request_fn now returns a blk_qc_t - SAUCE: hio: use alloc_cpumask_var to avoid -Wframe-larger-than - SAUCE: hio: fix mask maybe-uninitialized warning - [config] enable CONFIG_HIO (Huawei ES3000_V2 PCIe SSD driver) - SAUCE: hio: Makefile and Kconfig * CVE-2016-5243 (LP: #1589036) - tipc: fix an infoleak in tipc_nl_compat_link_dump - tipc: fix nl compat regression for link statistics * CVE-2016-4470 - KEYS: potential uninitialized variable * integer overflow in xt_alloc_table_info (LP: #1555353) - netfilter: x_tables: check for size overflow * CVE-2016-3135: - Revert "UBUNTU: SAUCE: (noup) netfilter: x_tables: check for size overflow" * CVE-2016-4440 (LP: #1584192) - kvm:vmx: more complete state update on APICv on/off * the system hangs in the dma driver when reboot or shutdown on a baytrail-m laptop (LP: #1602579) - dmaengine: dw: platform: power on device on shutdown - ACPI / LPSS: override power state for LPSS DMA device * Add proper palm detection support for MS Precision Touchpad (LP: #1593124) - Revert "HID: multitouch: enable palm rejection if device implements confidence usage" - HID: multitouch: enable palm rejection for Windows Precision Touchpad * Add support for Intel 8265 Bluetooth ([8087:0A2B]) (LP: #1599068) - Bluetooth: Add support for Intel Bluetooth device 8265 [8087:0a2b] * CVE-2016-4794 (LP: #1581871) - percpu: fix synchronization between chunk->map_extend_work and chunk destruction - percpu: fix synchronization between synchronous map extension and chunk destruction * Xenial update to v4.4.15 stable release (LP: #1601952) - net_sched: fix pfifo_head_drop behavior vs backlog - net: Don't forget pr_fmt on net_dbg_ratelimited for CONFIG_DYNAMIC_DEBUG - sit: correct IP protocol used in ipip6_err - esp: Fix ESN generation under UDP encapsulation - netem: fix a use after free - ipmr/ip6mr: Initialize the last assert time of mfc entries. - Bridge: Fix ipv6 mc snooping if bridge has no ipv6 address - sock_diag: do not broadcast raw socket destruction - bpf, perf: delay release of BPF prog after grace period - neigh: Explicitly declare RCU-bh read side critical section in neigh_xmit() - net: macb: fix default configuration for GMAC on AT91 - net: alx: Work around the DMA RX overflow issue - bpf: try harder on clones when writing into skb - AX.25: Close socket connection on session completion - crypto: ux500 - memmove the right size - crypto: user - re-add size check for CRYPTO_MSG_GETALG - USB: uas: Fix slave queue_depth not being set - usb: quirks: Fix sorting - usb: quirks: Add no-lpm quirk for Acer C120 LED Projector - usb: musb: only restore devctl when session was set in backup - usb: musb: Stop bulk endpoint while queue is rotated - usb: musb: Ensure rx reinit occurs for shared_fifo endpoints - usb: musb: host: correct cppi dma channel for isoch transfer - usb: xhci-plat: properly handle probe deferral for devm_clk_get() - USB: xhci: Add broken streams quirk for Frescologic device id 1009 - xhci: Fix handling timeouted commands on hosts in weird states. -
[Kernel-packages] [Bug 1555353] Re: CVE-2016-3135
** Summary changed: - integer overflow in xt_alloc_table_info + CVE-2016-3135 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-armadaxp in Ubuntu. https://bugs.launchpad.net/bugs/1555353 Title: CVE-2016-3135 Status in linux package in Ubuntu: Fix Released Status in linux-armadaxp package in Ubuntu: Invalid Status in linux-flo package in Ubuntu: New Status in linux-goldfish package in Ubuntu: New Status in linux-lts-quantal package in Ubuntu: Invalid Status in linux-lts-raring package in Ubuntu: Invalid Status in linux-lts-saucy package in Ubuntu: Invalid Status in linux-lts-trusty package in Ubuntu: Invalid Status in linux-lts-utopic package in Ubuntu: Invalid Status in linux-lts-vivid package in Ubuntu: Invalid Status in linux-lts-wily package in Ubuntu: Invalid Status in linux-lts-xenial package in Ubuntu: Invalid Status in linux-mako package in Ubuntu: New Status in linux-manta package in Ubuntu: Invalid Status in linux-raspi2 package in Ubuntu: New Status in linux-snapdragon package in Ubuntu: New Status in linux-ti-omap4 package in Ubuntu: Invalid Status in linux source package in Precise: Invalid Status in linux-armadaxp source package in Precise: Invalid Status in linux-flo source package in Precise: Invalid Status in linux-goldfish source package in Precise: Invalid Status in linux-lts-quantal source package in Precise: Invalid Status in linux-lts-raring source package in Precise: Invalid Status in linux-lts-saucy source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Invalid Status in linux-lts-utopic source package in Precise: Invalid Status in linux-lts-vivid source package in Precise: Invalid Status in linux-lts-wily source package in Precise: Invalid Status in linux-lts-xenial source package in Precise: Invalid Status in linux-mako source package in Precise: Invalid Status in linux-manta source package in Precise: Invalid Status in linux-raspi2 source package in Precise: Invalid Status in linux-snapdragon source package in Precise: Invalid Status in linux-ti-omap4 source package in Precise: Invalid Status in linux source package in Trusty: Invalid Status in linux-armadaxp source package in Trusty: Invalid Status in linux-flo source package in Trusty: Invalid Status in linux-goldfish source package in Trusty: Invalid Status in linux-lts-quantal source package in Trusty: Invalid Status in linux-lts-raring source package in Trusty: Invalid Status in linux-lts-saucy source package in Trusty: Invalid Status in linux-lts-trusty source package in Trusty: Invalid Status in linux-lts-utopic source package in Trusty: Invalid Status in linux-lts-vivid source package in Trusty: Invalid Status in linux-lts-wily source package in Trusty: Fix Released Status in linux-lts-xenial source package in Trusty: Fix Released Status in linux-mako source package in Trusty: Invalid Status in linux-manta source package in Trusty: Invalid Status in linux-raspi2 source package in Trusty: Invalid Status in linux-snapdragon source package in Trusty: Invalid Status in linux-ti-omap4 source package in Trusty: Invalid Status in linux source package in Wily: Fix Released Status in linux-armadaxp source package in Wily: Invalid Status in linux-flo source package in Wily: New Status in linux-goldfish source package in Wily: New Status in linux-lts-quantal source package in Wily: Invalid Status in linux-lts-raring source package in Wily: Invalid Status in linux-lts-saucy source package in Wily: Invalid Status in linux-lts-trusty source package in Wily: Invalid Status in linux-lts-utopic source package in Wily: Invalid Status in linux-lts-vivid source package in Wily: Invalid Status in linux-lts-wily source package in Wily: Invalid Status in linux-lts-xenial source package in Wily: Invalid Status in linux-mako source package in Wily: New Status in linux-manta source package in Wily: New Status in linux-raspi2 source package in Wily: Fix Released Status in linux-snapdragon source package in Wily: Invalid Status in linux-ti-omap4 source package in Wily: Invalid Status in linux source package in Xenial: Fix Released Status in linux-armadaxp source package in Xenial: Invalid Status in linux-flo source package in Xenial: New Status in linux-goldfish source package in Xenial: New Status in linux-lts-quantal source package in Xenial: Invalid Status in linux-lts-raring source package in Xenial: Invalid Status in linux-lts-saucy source package in Xenial: Invalid Status in linux-lts-trusty source package in Xenial: Invalid Status in linux-lts-utopic source package in Xenial: Invalid Status in linux-lts-vivid source package in Xenial: Invalid Status in linux-lts-wily source package in Xenial: Invalid Status in linux-lts-xenial source package in Xenial: Invalid Status in linux-mako
