blob: 805b420d550ad1d5aebc9923d1724a9c6417a5a8 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
<define-tag description>LTS security update</define-tag>
<define-tag moreinfo>
<p>Non-maintainer upload by the Squeeze LTS and Kernel Teams.</p>
<p>New upstream stable release 2.6.32.65, see
<a href="http://lkml.org/lkml/2014/12/13/81">http://lkml.org/lkml/2014/12/13/81</a> for more information.</p>
<p>The stable release 2.6.32.65 includes the following new commits compared
to the previous 2.6.32-48squeeze9 package:</p>
<ul>
<li>USB: whiteheat: Added bounds checking for bulk command response
(<a href="https://security-tracker.debian.org/tracker/CVE-2014-3185">CVE-2014-3185</a>)</li>
<li>net: sctp: fix panic on duplicate ASCONF chunks (<a href="https://security-tracker.debian.org/tracker/CVE-2014-3687">CVE-2014-3687</a>)</li>
<li>net: sctp: fix remote memory pressure from excessive queueing
(<a href="https://security-tracker.debian.org/tracker/CVE-2014-3688">CVE-2014-3688</a>)</li>
<li>udf: Avoid infinite loop when processing indirect ICBs (<a href="https://security-tracker.debian.org/tracker/CVE-2014-6410">CVE-2014-6410</a>)</li>
<li>net: sctp: fix NULL pointer dereference in af->from_addr_param on
malformed packet (<a href="https://security-tracker.debian.org/tracker/CVE-2014-7841">CVE-2014-7841</a>)</li>
<li>mac80211: fix fragmentation code, particularly for encryption
(<a href="https://security-tracker.debian.org/tracker/CVE-2014-8709">CVE-2014-8709</a>)</li>
<li>ttusb-dec: buffer overflow in ioctl (<a href="https://security-tracker.debian.org/tracker/CVE-2014-8884">CVE-2014-8884</a>)</li>
</ul>
<p>We recommend that you upgrade your linux-2.6 packages.</p>
<p>We apologize for a minor cosmetic glitch:</p>
<p>The following commits were already included in 2.6.32-48squeeze9 despite
claims in debian/changelog they were only fixed in 2.6.32-48squeez10:</p>
<ul>
<li>vlan: Don't propagate flag changes on down interfaces.</li>
<li>sctp: Fix double-free introduced by bad backport in 2.6.32.62</li>
<li>md/raid6: Fix misapplied backport in 2.6.32.64</li>
<li>block: add missing blk_queue_dead() checks</li>
<li>block: Fix blk_execute_rq_nowait() dead queue handling</li>
<li>proc connector: Delete spurious memset in proc_exit_connector()</li>
</ul>
</define-tag>
# do not modify the following line
#include "$(ENGLISHDIR)/lts/security/2014/dla-118.data"
# $Id$
|
