Author: Moritz Muehlenhoff
Revision Date: 2014-05-12 19:38:43 UTC

[ Moritz Muehlenhoff ]
* CVE-2014-0196: Jiri Slaby discovered a race condition in the pty
  layer, which could lead to denial of service or privilege escalation.
* CVE-2014-1737 / CVE-2014-1738: Matthew Daley discovered that
  missing input sanitising in the FDRAWCMD ioctl and an information
  leak could result in privilege escalation.

Author: maximilian attems
Revision Date: 2012-06-06 10:25:57 UTC

* New upstream release: http://kernelnewbies.org/Linux_3.4
* New upstream stable update:
  http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.1

[ maximilian attems ]
* Enable DM_VERITY, NF_CONNTRACK_TIMEOUT, NF_CT_NETLINK_TIMEOUT,
  IP_NF_MATCH_RPFILTER, IP6_NF_MATCH_RPFILTER, NETFILTER_NETLINK_ACCT,
  NETFILTER_XT_MATCH_NFACCT, NET_SCH_PLUG, SCSI_UFSHCD, SCSI_VIRTIO,
  NET_TEAM, ATH6KL.

[ Ben Hutchings ]
* DFSG: Remove the new vs6624 driver, which contains non-free firmware
* aufs: Update to aufs3.4-20120521
* [rt] Update to 3.4-rt8 and reenable

Author: Ben Hutchings
Revision Date: 2012-06-01 13:15:48 UTC

* New upstream stable update:
  http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.19
  - hpsa: Fix problem with MSA2xxx devices (Closes: #661057)
  - IB/core: Fix mismatch between locked and pinned pages
  - iommu: Fix off by one in dmar_get_fault_reason()
  - vfs: make AIO use the proper rw_verify_area() area helpers
  - HID: logitech: read all 32 bits of report type bitfield (Closes: #671292)
  - USB: Remove races in devio.c
  - ext{3,4}: Fix error handling on inode bitmap corruption
  - uvcvideo: Fix ENUMINPUT handling
  - dl2k: Clean up rio_ioctl (CVE-2012-2313)
  - [x86] MCE: Fix vm86 handling for 32bit mce handler
  - [x86] mce: Fix check for processor context when machine check was taken.
  - ethtool: Null-terminate filename passed to ethtool_ops::flash_device
  - NFSv4: Fix buffer overflows in ACL support (CVE-2012-2375)
    + Avoid reading past buffer when calling GETACL
    + Avoid beyond bounds copy while caching ACL

[ Ben Hutchings ]
* be2net: Backport most changes up to Linux 3.5-rc1, thanks to
  Sarveshwar Bandi (Closes: #673391)
  - Add support for Skyhawk cards
* net/sched: Add codel and fq_codel from Linux 3.5-rc1
* [x86] udeb: Add hyperv-modules containing Hyper-V paravirtualised drivers
* [x86] ata_piix: defer disks to the Hyper-V drivers by default
* [x86] drm/i915:: Disable FBC on SandyBridge (Closes: #675022)
* AppArmor: compatibility patch for v5 interface (Closes: #661151)
* hugepages: fix use after free bug in "quota" handling (CVE-2012-2133)
* [x86] mm: pmd_read_atomic: fix 32bit PAE pmd walk vs pmd_populate SMP race
  condition (CVE-2012-2373)
* hugetlb: fix resv_map leak in error path (CVE-2012-2390)
* [SCSI] fix scsi_wait_scan (Closes: #647436)

Author: Ben Hutchings
Revision Date: 2012-06-01 13:15:48 UTC

* New upstream stable update:
  http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.19
  - hpsa: Fix problem with MSA2xxx devices (Closes: #661057)
  - IB/core: Fix mismatch between locked and pinned pages
  - iommu: Fix off by one in dmar_get_fault_reason()
  - vfs: make AIO use the proper rw_verify_area() area helpers
  - HID: logitech: read all 32 bits of report type bitfield (Closes: #671292)
  - USB: Remove races in devio.c
  - ext{3,4}: Fix error handling on inode bitmap corruption
  - uvcvideo: Fix ENUMINPUT handling
  - dl2k: Clean up rio_ioctl (CVE-2012-2313)
  - [x86] MCE: Fix vm86 handling for 32bit mce handler
  - [x86] mce: Fix check for processor context when machine check was taken.
  - ethtool: Null-terminate filename passed to ethtool_ops::flash_device
  - NFSv4: Fix buffer overflows in ACL support (CVE-2012-2375)
    + Avoid reading past buffer when calling GETACL
    + Avoid beyond bounds copy while caching ACL

[ Ben Hutchings ]
* be2net: Backport most changes up to Linux 3.5-rc1, thanks to
  Sarveshwar Bandi (Closes: #673391)
  - Add support for Skyhawk cards
* net/sched: Add codel and fq_codel from Linux 3.5-rc1
* [x86] udeb: Add hyperv-modules containing Hyper-V paravirtualised drivers
* [x86] ata_piix: defer disks to the Hyper-V drivers by default
* [x86] drm/i915:: Disable FBC on SandyBridge (Closes: #675022)
* AppArmor: compatibility patch for v5 interface (Closes: #661151)
* hugepages: fix use after free bug in "quota" handling (CVE-2012-2133)
* [x86] mm: pmd_read_atomic: fix 32bit PAE pmd walk vs pmd_populate SMP race
  condition (CVE-2012-2373)
* hugetlb: fix resv_map leak in error path (CVE-2012-2390)
* [SCSI] fix scsi_wait_scan (Closes: #647436)

Author: dann frazier
Revision Date: 2012-03-03 22:24:34 UTC

Revert: [powerpc] oprofile: Handle events that raise an exception without
overflowing (CVE-2011-4347).