linux (4.9.144-3.1) stretch; urgency=high * Non-maintainer upload. * Fix boot breakage on 32-bit arm (closes: #922478). Thanks to Adrian Bunk for spotting the mistake. -- Julien Cristau Tue, 19 Feb 2019 10:05:39 +0100 linux (4.9.144-3) stretch; urgency=medium * libceph: fix CEPH_FEATURE_CEPHX_V2 check in calc_signature() (regression in 4.9.144) -- Ben Hutchings Sat, 02 Feb 2019 15:53:59 +0100 linux (4.9.144-2) stretch; urgency=medium * [mips*] inst: Avoid ABI change in 4.9.136 (fixes FTBFS) * efi/libstub: Unify command line param parsing (fixes FTBFS on arm64) -- Ben Hutchings Mon, 21 Jan 2019 21:57:31 +0000 linux (4.9.144-1) stretch; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.136 - xfrm: Validate address prefix lengths in the xfrm selector. - xfrm6: call kfree_skb when skb is toobig - mac80211: Always report TX status - cfg80211: reg: Init wiphy_idx in regulatory_hint_core() - mac80211: fix pending queue hang due to TX_DROP - cfg80211: Address some corner cases in scan result channel updating - mac80211: TDLS: fix skb queue/priority assignment - [armel,armhf] 8799/1: mm: fix pci_ioremap_io() offset check - xfrm: validate template mode - nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT - mac80211_hwsim: do not omit multicast announce of first added radio - Bluetooth: SMP: fix crash in unpairing - qed: Avoid implicit enum conversion in qed_roce_mode_to_flavor - qed: Avoid constant logical operation warning in qed_vf_pf_acquire - asix: Check for supported Wake-on-LAN modes - ax88179_178a: Check for supported Wake-on-LAN modes - lan78xx: Check for supported Wake-on-LAN modes - sr9800: Check for supported Wake-on-LAN modes - r8152: Check for supported Wake-on-LAN Modes - smsc75xx: Check for Wake-on-LAN modes - smsc95xx: Check for Wake-on-LAN modes - perf/ring_buffer: Prevent concurent ring buffer access - [x86] perf/x86/intel/uncore: Fix PCI BDF address of M3UPI on SKX - [armhf] net: fec: fix rare tx timeout - net: cxgb3_main: fix a missing-check bug - perf symbols: Fix memory corruption because of zero length symbols - mm/memory_hotplug.c: fix overflow in test_pages_in_a_zone() - [mips*] microMIPS: Fix decoding of swsp16 instruction - [mips*] Handle non word sized instructions when examining frame - scsi: aacraid: Fix typo in blink status - f2fs: fix multiple f2fs_add_link() having same name for inline dentry - igb: Remove superfluous reset to PHY and page 0 selection - ACPI: sysfs: Make ACPI GPE mask kernel parameter cover all GPEs - PCI: Disable MSI for HiSilicon Hip06/Hip07 only in Root Port mode - [arm64,armhf] i2c: bcm2835: Avoid possible NULL ptr dereference - efi/fb: Correct PCI_STD_RESOURCE_END usage - ipv6: set rt6i_protocol properly in the route when it is installed - [x86] platform: acer-wmi: setup accelerometer when ACPI device was found - IB/ipoib: Do not warn if IPoIB debugfs doesn't exist - IB/core: Fix the validations of a multicast LID in attach or detach operations - rxe: Fix a sleep-in-atomic bug in post_one_send - nvme-pci: fix CMB sysfs file removal in reset path - net: phy: marvell: Limit 88m1101 autoneg errata to 88E1145 as well. - net/mlx5: Fix command completion after timeout access invalid structure - tipc: Fix tipc_sk_reinit handling of -EAGAIN - tipc: fix a race condition of releasing subscriber object - bnxt_en: Don't use rtnl lock to protect link change logic in workqueue. - [armhf] dts: bcm283x: Reserve first page for firmware - btrfs: fiemap: Cache and merge fiemap extent before submit it to user - [arm64] reset: hi6220: Set module license so that it can be loaded - [x86] ASoC: Intel: Skylake: Fix to parse consecutive string tkns in manifest - mac80211: fix TX aggregation start/stop callback race - libata: fix error checking in in ata_parse_force_one() - [armhf] net: ethernet: stmmac: Fix altr_tse_pcs SGMII Initialization - [i386] x86/cpu/cyrix: Add alternative Device ID of Geode GX1 SoC - [armhf] gpu: ipu-v3: Fix CSI selection for VDIC - [arm64,armhf] net: stmmac: ensure jumbo_frm error return is correctly checked for -ve value - Btrfs: clear EXTENT_DEFRAG bits in finish_ordered_io - ufs: we need to sync inode before freeing it - net/mlx5e: Fix fixpoint divide exception in mlx5e_am_stats_compare - ip6_tunnel: Correct tos value in collect_md mode - net/mlx5: Fix driver load error flow when firmware is stuck - perf evsel: Fix probing of precise_ip level for default cycles event - perf probe: Fix probe definition for inlined functions - net/mlx5: Fix health work queue spin lock to IRQ safe - [armhf] usb: dwc3: omap: remove IRQ_NOAUTOEN used with shared irq - [armhf] clk: samsung: Fix m2m scaler clock on Exynos542x - rds: ib: Fix missing call to rds_ib_dev_put in rds_ib_setup_qp - qed: Warn PTT usage by wrong hw-function - ocfs2: fix deadlock caused by recursive locking in xattr - net: cdc_ncm: GetNtbFormat endian fix - sctp: use right member as the param of list_for_each_entry - ALSA: hda - No loopback on ALC299 codec - ath10k: convert warning about non-existent OTP board id to debug message - ipv6: fix cleanup ordering for ip6_mr failure - IB/ipoib: Fix lockdep issue found on ipoib_ib_dev_heavy_flush - IB/rxe: put the pool on allocation failure - nbd: only set MSG_MORE when we have more to send - mm/frame_vector.c: release a semaphore in 'get_vaddr_frames()' - IB/mlx5: Avoid passing an invalid QP type to firmware - scsi: qla2xxx: Avoid double completion of abort command - drm: bochs: Don't remove uninitialized fbdev framebuffer - i40e: avoid NVM acquire deadlock during NVM update - Revert "IB/ipoib: Update broadcast object if PKey value was changed in index 0" - Btrfs: incremental send, fix invalid memory access - [arm64] drm/msm: Fix possible null dereference on failure of get_pages() - l2tp: remove configurable payload offset - macsec: fix memory leaks when skb_to_sgvec fails - perf/core: Fix locking for children siblings group read - cifs: Use ULL suffix for 64-bit constant - futex: futex_wake_op, do not fail on invalid op - ALSA: hda - Fix incorrect usage of IS_REACHABLE() - enic: do not overwrite error code - bonding: ratelimit failed speed/duplex update warning - nvmet: fix space padding in serial number - iio: buffer: fix the function signature to match implementation - [x86] paravirt: Fix some warning messages - IB/mlx4: Fix an error handling path in 'mlx4_ib_rereg_user_mr()' - libertas: call into generic suspend code before turning off power - xhci: Fix USB3 NULL pointer dereference at logical disconnect. - [armhf] dts: imx53-qsb: disable 1.2GHz OPP - rxrpc: Don't check RXRPC_CALL_TX_LAST after calling rxrpc_rotate_tx_window() - rxrpc: Only take the rwind and mtu values from latest ACK - [x86] net: ena: fix NULL dereference due to untimely napi initialization - fs/fat/fatent.c: add cond_resched() to fat_count_free_clusters() - mtd: spi-nor: Add support for is25wp series chips - Revert "netfilter: ipv6: nf_defrag: drop skb dst before queueing" - bridge: do not add port to router list when receives query with source 0.0.0.0 - net: bridge: remove ipv6 zero address check in mcast queries - ipv6: mcast: fix a use-after-free in inet6_mc_check - ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are called - llc: set SOCK_RCU_FREE in llc_sap_add_socket() - net/ipv6: Fix index counter for unicast addresses in in6_dump_addrs - net: sched: gred: pass the right attribute to gred_change_table_def() - net: socket: fix a missing-check bug - [arm64,armhf] net: stmmac: Fix stmmac_mdio_reset() when building stmmac as modules - net: udp: fix handling of CHECKSUM_COMPLETE packets - r8169: fix NAPI handling under high load - sctp: fix race on sctp_id2asoc - vhost: Fix Spectre V1 vulnerability - ethtool: fix a privilege escalation bug - bonding: fix length of actor system - net: drop skb on failure in ip_check_defrag() - net: fix pskb_trim_rcsum_slow() with odd trim offset - rtnetlink: Disallow FDB configuration for non-Ethernet device - ip6_tunnel: Fix encapsulation layout - crypto: shash - Fix a sleep-in-atomic bug in shash_setkey_unaligned - ahci: don't ignore result code of ahci_reset_controller() - xfs: truncate transaction does not modify the inobt - cachefiles: fix the race between cachefiles_bury_object() and rmdir(2) - ptp: fix Spectre v1 vulnerability - drm/edid: Add 6 bpc quirk for BOE panel in HP Pavilion 15-n233sl - RDMA/ucma: Fix Spectre v1 vulnerability - IB/ucm: Fix Spectre v1 vulnerability - cdc-acm: correct counting of UART states in serial state notification - usb: gadget: storage: Fix Spectre v1 vulnerability - USB: fix the usbfs flag sanitization for control transfers - Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15IGM - sched/fair: Fix throttle_list starvation with low CFS quota - [x86] percpu: Fix this_cpu_read() - [x86] time: Correct the attribute on jiffies' definition - posix-timers: Sanitize overrun handling (CVE-2018-12896) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.137 - bcache: fix miss key refill->end in writeback - jffs2: free jffs2_sb_info through jffs2_kill_sb() - pcmcia: Implement CLKRUN protocol disabling for Ricoh bridges - [arm64] ipmi: Fix timer race with module unload - [hppa/parisc] Fix address in HPMC IVA - [hppa/parisc] Fix map_pages() to not overwrite existing pte entries - ALSA: hda - Add quirk for ASUS G751 laptop - ALSA: hda - Fix headphone pin config for ASUS G751 - ALSA: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) - ALSA: ca0106: Disable IZD on SB0570 DAC to fix audio pops - [x86] speculation: Enable cross-hyperthread spectre v2 STIBP mitigation - [x86] corruption-check: Fix panic in memory_corruption_check() when boot option without value is provided - [x86] speculation: Support Enhanced IBRS on future CPUs - Revert "perf tools: Fix PMU term format max value calculation" - xfrm: policy: use hlist rcu variants on insert - sched/fair: Fix the min_vruntime update logic in dequeue_entity() - perf cpu_map: Align cpu map synthesized events properly. - [x86] fpu: Remove second definition of fpu in __fpu__restore_sig() - net: qla3xxx: Remove overflowing shift statement - locking/lockdep: Fix debug_locks off performance problem - tun: Consistently configure generic netdev params via rtnetlink - [s390x] sthyi: Fix machine name validity indication - [armhf] hwmon: (pwm-fan) Set fan speed to 0 on suspend - perf tools: Free temporary 'sys' string in read_event_files() - perf tools: Cleanup trace-event-info 'tdata' leak - perf strbuf: Match va_{add,copy} with va_end - mmc: sdhci-pci-o2micro: Add quirk for O2 Micro dev 0x8620 rev 0x01 - iwlwifi: pcie: avoid empty free RB queue - [i386] x86/olpc: Indicate that legacy PC XO-1 platform should not register RTC - [arm64,armhf] cpufreq: dt: Try freeing static OPPs only if we have added them - Bluetooth: btbcm: Add entry for BCM4335C0 UART bluetooth - [arm64] pinctrl: qcom: spmi-mpp: Fix err handling of pmic_mpp_set_mux - brcmfmac: fix for proper support of 160MHz bandwidth - kprobes: Return error if we fail to reuse kprobe instead of BUG_ON() - ACPI / LPSS: Add alternative ACPI HIDs for Cherry Trail DMA controllers - [arm64] pinctrl: qcom: spmi-mpp: Fix drive strength setting - [arm64] pinctrl: spmi-mpp: Fix pmic_mpp_config_get() to be compliant - [arm64] pinctrl: ssbi-gpio: Fix pm8xxx_pin_config_get() to be compliant - ixgbevf: VF2VF TCP RSS - ath10k: schedule hardware restart if WMI command times out - cgroup, netclassid: add a preemption point to write_classid - scsi: esp_scsi: Track residual for PIO transfers - scsi: megaraid_sas: fix a missing-check bug - RDMA/core: Do not expose unsupported counters - IB/ipoib: Clear IPCB before icmp_send - tpm: suppress transmit cmd error logs when TPM 1.2 is disabled/deactivated - [x86] VMCI: Resource wildcard match fixed - ext4: fix argument checking in EXT4_IOC_MOVE_EXT - MD: fix invalid stored role for a disk - PCI/MSI: Warn and return error if driver enables MSI/MSI-X twice - [arm64,armhf] usb: chipidea: Prevent unbalanced IRQ disable - [amd64] driver/dma/ioat: Call del_timer_sync() without holding prep_lock - uio: ensure class is registered before devices - scsi: lpfc: Correct soft lockup when running mds diagnostics - signal: Always deliver the kernel's SIGKILL and SIGSTOP to a pid namespace init - ALSA: hda: Check the non-cached stream buffers more explicitly - [armhf] dts: exynos: Remove "cooling-{min|max}-level" for CPU nodes - [armhf] dts: exynos: Add missing cooling device properties for CPUs - [armhf] dts: exynos: Convert exynos5250.dtsi to opp-v2 bindings - [armhf] dts: exynos: Mark 1 GHz CPU OPP as suspend OPP on Exynos5250 - xen-swiotlb: use actually allocated size on check physical continuous - [x86] tpm: Restore functionality to xen vtpm driver. - xen/blkfront: avoid NULL blkfront_info dereference on device removal - [x86] xen: fix race in xen_qlock_wait() - [x86] xen: make xen_qlock_wait() nestable - libertas: don't set URB_ZERO_PACKET on IN USB transfer - [x86] usbip:vudc: BUG kmalloc-2048 (Not tainted): Poison overwritten - iwlwifi: mvm: check return value of rs_rate_from_ucode_rate() - [x86] libnvdimm: Hold reference on parent while scheduling async init - [x86] ASoC: intel: skylake: Add missing break in skl_tplg_get_token() - jbd2: fix use after free in jbd2_log_do_checkpoint() - gfs2_meta: ->mount() can get NULL dev_name - ext4: initialize retries variable in ext4_da_write_inline_data_begin() - ext4: propagate error from dquot_initialize() in EXT4_IOC_FSSETXATTR - HID: hiddev: fix potential Spectre v1 - EDAC, {i7core,sb,skx}_edac: Fix uncorrected error counting - [amd64] EDAC, skx_edac: Fix logical channel intermediate decoding - PCI: Add Device IDs for Intel GPU "spurious interrupt" quirk - [ppc64el] signal/GenWQE: Fix sending of SIGKILL - crypto: lrw - Fix out-of bounds access on counter overflow - crypto: tcrypt - fix ghash-generic speed test - ima: fix showing large 'violations' or 'runtime_measurements_count' - hugetlbfs: dirty pages as they are added to pagecache - [armhf] w1: omap-hdq: fix missing bus unregister at removal - smb3: allow stats which track session and share reconnects to be reset - smb3: do not attempt cifs operation in smb3 query info error path - smb3: on kerberos mount if server doesn't specify auth type use krb5 - printk: Fix panic caused by passing log_buf_len to command line - genirq: Fix race on spurious interrupt detection - NFSv4.1: Fix the r/wsize checking - nfsd: Fix an Oops in free_session() - lockd: fix access beyond unterminated strings in prints - dm ioctl: harden copy_params()'s copy_from_user() from malicious users - [powerpc*] msi: Fix compile error on mpc83xx - [mips*] OCTEON: fix out of bounds array access on CN68XX - media: v4l2-tpg: fix kernel oops when enabling HFLIP and OSD - [x86] xen: fix xen_qlock_wait() - media: em28xx: use a default format if TRY_FMT fails - media: tvp5150: avoid going past array on v4l2_querymenu() - media: em28xx: fix input name for Terratec AV 350 - media: em28xx: make v4l2-compliance happier by starting sequence on zero - [arm64] lse: remove -fcall-used-x0 flag - rpmsg: smd: fix memory leak on channel create - Cramfs: fix abad comparison when wrap-arounds occur - [arm64,armhf] soc/tegra: pmc: Fix child-node lookup - btrfs: Handle owner mismatch gracefully when walking up tree - btrfs: locking: Add extra check in btrfs_init_new_buffer() to avoid deadlock - btrfs: fix error handling in free_log_tree - btrfs: iterate all devices during trim, instead of fs_devices::alloc_list - btrfs: don't attempt to trim devices that don't support it - btrfs: wait on caching when putting the bg cache - btrfs: reset max_extent_size on clear in a bitmap - btrfs: make sure we create all new block groups - Btrfs: fix wrong dentries after fsync of file that got its parent replaced - btrfs: qgroup: Dirty all qgroups before rescan - Btrfs: fix null pointer dereference on compressed write path error - btrfs: set max_extent_size properly - MD: fix invalid stored role for a disk - try2 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.138 - [powerpc*] powerpc/eeh: Fix possible null deref in eeh_dump_dev_log() - tty: check name length in tty_find_polling_driver() - [powerpc*] nohash: fix undefined behaviour when testing page size support - [armhf] drm/omap: fix memory barrier bug in DMM driver - media: pci: cx23885: handle adding to list failure - [mips*] kexec: Mark CPU offline before disabling local IRQ - [powerpc*] boot: Ensure _zimage_start is a weak symbol - [mips*] PCI: Call pcie_bus_configure_settings() to set MPS/MRRS - media: tvp5150: fix width alignment during set_selection() - 9p locks: fix glock.client_id leak in do_lock - 9p: clear dangling pointers in p9stat_free - cdrom: fix improper type cast, which can leat to information leak. (CVE-2018-18710) - scsi: qla2xxx: Fix incorrect port speed being set for FC adapters - scsi: qla2xxx: shutdown chip if reset fail - fuse: Fix use-after-free in fuse_dev_do_read() - fuse: Fix use-after-free in fuse_dev_do_write() - fuse: fix blocked_waitq wakeup - fuse: set FR_SENT while locked - mm: do not bug_on on incorrect length in __mm_populate() - e1000: avoid null pointer dereference on invalid stat type - e1000: fix race condition between e1000_down() and e1000_watchdog - bna: ethtool: Avoid reading past end of buffer - [hppa/parisc] Align os_hpmc_size on word boundary - [hppa/parisc] Fix HPMC handler by increasing size to multiple of 16 bytes - [hppa/parisc] Fix exported address of os_hpmc handler - [mips64el,mipsel] Loongson-3: Fix CPU UART irq delivery problem - [mips64le,mipsel] Loongson-3: Fix BRIDGE irq delivery problem - [armhf] clk: s2mps11: Fix matching when built as module and DT node contains compatible - [armhf] clk: rockchip: Fix static checker warning in rockchip_ddrclk_get_parent call - libceph: bump CEPH_MSG_MAX_DATA_LEN - Revert "ceph: fix dentry leak in splice_dentry()" - mach64: fix display corruption on big endian machines - mach64: fix image corruption due to reading accelerator registers - [arm64] reset: hisilicon: fix potential NULL pointer dereference - vhost/scsi: truncate T10 PI iov_iter to prot_bytes - ocfs2: fix a misuse a of brelse after failing ocfs2_check_dir_entry - mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings - netfilter: conntrack: fix calculation of next bucket number in early_drop - termios, tty/tty_baudrate.c: fix buffer overrun - Btrfs: fix cur_offset in the error case for nocow - Btrfs: fix data corruption due to cloning of eof block - clockevents/drivers/i8253: Add support for PIT shutdown quirk - ext4: add missing brelse() update_backups()'s error path - ext4: add missing brelse() in set_flexbg_block_bitmap()'s error path - ext4: add missing brelse() add_new_gdb_meta_bg()'s error path - ext4: avoid potential extra brelse in setup_new_flex_group_blocks() - ext4: fix possible inode leak in the retry loop of ext4_resize_fs() - ext4: avoid buffer leak in ext4_orphan_add() after prior errors - ext4: fix missing cleanup if ext4_alloc_flex_bg_array() fails while resizing - ext4: avoid possible double brelse() in add_new_gdb() on error path - ext4: fix possible leak of sbi->s_group_desc_leak in error path - ext4: fix possible leak of s_journal_flag_rwsem in error path - ext4: release bs.bh before re-using in ext4_xattr_block_find() - ext4: fix buffer leak in ext4_xattr_move_to_block() on error path - ext4: fix buffer leak in __ext4_read_dirblock() on error path - mount: Retest MNT_LOCKED in do_umount - mount: Don't allow copying MNT_UNBINDABLE|MNT_LOCKED mounts - mount: Prevent MNT_DETACH from disconnecting locked mounts - sunrpc: correct the computation for page_ptr when truncating - nfsd: COPY and CLONE operations require the saved filehandle to be set - rtc: hctosys: Add missing range error reporting - fuse: fix use-after-free in fuse_direct_IO() - fuse: fix leaked notify reply - configfs: replace strncpy with memcpy - lib/ubsan.c: don't mark __ubsan_handle_builtin_unreachable as noreturn - hugetlbfs: fix kernel BUG at fs/hugetlbfs/inode.c:444! - mm: migration: fix migration of huge PMD shared pages - [armhf] drm/rockchip: Allow driver to be shutdown on reboot/kexec - drm/dp_mst: Check if primary mstb is null - [x86] drm/i915/hdmi: Add HDMI 2.0 audio clock recovery N values - [x86] drm/i915/execlists: Force write serialisation into context image vs execution - [arm64] KVM: Fix caching of host MDCR_EL2 value https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.139 - flow_dissector: do not dissect l4 ports for fragments - ip_tunnel: don't force DF when MTU is locked - net-gro: reset skb->pkt_type in napi_reuse_skb() - sctp: not allow to set asoc prsctp_enable by sockopt - tg3: Add PHY reset for 5717/5719/5720 in change ring and flow control paths - usbnet: smsc95xx: disable carrier check while suspending - inet: frags: better deal with smp races - ipv6: Fix PMTU updates for UDP/raw sockets in presence of VRF - kbuild: Add better clang cross build support - kbuild: clang: add -no-integrated-as to KBUILD_[AC]FLAGS - kbuild: Consolidate header generation from ASM offset information - kbuild: consolidate redundant sed script ASM offset generation - kbuild: fix asm-offset generation to work with clang - kbuild: drop -Wno-unknown-warning-option from clang options - kbuild, LLVMLinux: Add -Werror to cc-option to support clang - kbuild: use -Oz instead of -Os when using clang - kbuild: Add support to generate LLVM assembly files - modules: mark __inittest/__exittest as __maybe_unused - [x86] kbuild: Use cc-option to enable -falign-{jumps/loops} - [amd64] crypto, x86: aesni - fix token pasting for clang - kbuild: Add __cc-option macro - [x86] build: Use __cc-option for boot code compiler options - [x86] build: Specify stack alignment for clang - kbuild: clang: Disable 'address-of-packed-member' warning - [arm64] crypto: arm64/sha - avoid non-standard inline asm tricks - [x86] boot: #undef memcpy() et al in string.c - [arm64] efi/libstub/arm64: Use hidden attribute for struct screen_info reference - [arm64] efi/libstub/arm64: Force 'hidden' visibility for section markers - efi/libstub: Preserve .debug sections after absolute relocation check - [arm64] efi/libstub/arm64: Set -fpie when building the EFI stub - [x86] build: Fix stack alignment for CLang - [x86] build: Use cc-option to validate stack alignment parameter - Kbuild: use -fshort-wchar globally - [arm64] uaccess: suppress spurious clang warning - [armel,armhf] add more CPU part numbers for Cortex and Brahma B15 CPUs - [armel,armhf] bugs: prepare processor bug infrastructure - [armel,armhf] bugs: hook processor bug checking into SMP and suspend paths - [armel,armhf] bugs: add support for per-processor bug checking - [armel,armhf] spectre: add Kconfig symbol for CPUs vulnerable to Spectre - [armel,armhf] spectre-v2: harden branch predictor on context switches - [armel,armhf] spectre-v2: add Cortex A8 and A15 validation of the IBE bit - [armel,armhf] spectre-v2: harden user aborts in kernel space - [armel,armhf] spectre-v2: add firmware based hardening - [armel,armhf] spectre-v2: warn about incorrect context switching functions - [armel,armhf] KVM: invalidate BTB on guest exit for Cortex-A12/A17 - [armel,armhf] KVM: invalidate icache on guest exit for Cortex-A15 - [armel,armhf] spectre-v2: KVM: invalidate icache on guest exit for Brahma B15 - [armel,armhf] KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling - [armel,armhf] KVM: report support for SMCCC_ARCH_WORKAROUND_1 - [armel,armhf] spectre-v1: add speculation barrier (csdb) macros - [armel,armhf] spectre-v1: add array_index_mask_nospec() implementation - [armel,armhf] spectre-v1: fix syscall entry - [armel,armhf] signal: copy registers using __copy_from_user() - [armel,armhf] vfp: use __copy_from_user() when restoring VFP state - [armel,armhf] oabi-compat: copy semops using __copy_from_user() - [armel,armhf] use __inttype() in get_user() - [armel,armhf] spectre-v1: use get_user() for __get_user() - [armel,armhf] spectre-v1: mitigate user accesses https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.140 - Revert "x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation" - Revert "ipv6: set rt6i_protocol properly in the route when it is installed" https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.141 - cifs: don't dereference smb_file_target before null check - reiserfs: propagate errors from fill_with_dentries() properly - hfs: prevent btree data loss on root split - hfsplus: prevent btree data loss on root split - drm/edid: Add 6 bpc quirk for BOE panel. - clk: fixed-rate: fix of_node_get-put imbalance - fs/exofs: fix potential memory leak in mount option parsing - [armhf] clk: samsung: exynos5420: Enable PERIS clocks for suspend - [x86] platform/x86: acerhdf: Add BIOS entry for Gateway LT31 v1.3307 - [arm64] percpu: Initialize ret in the default case - netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net - netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment() - netfilter: xt_IDLETIMER: add sysfs filename checking routine - [s390x] qeth: fix HiperSockets sniffer - [ppc64el] hwmon: (ibmpowernv) Remove bogus __init annotations - clk: fixed-factor: fix of_node_get-put imbalance - qed: Fix memory/entry leak in qed_init_sp_request() - qed: Fix blocking/unlimited SPQ entries leak - zram: close udev startup race condition as default groups - SUNRPC: drop pointless static qualifier in xdr_get_next_encode_buffer() - gfs2: Put bitmap buffers in put_super - btrfs: Enhance btrfs_trim_fs function to handle error better - btrfs: Ensure btrfs_trim_fs can trim the whole filesystem - btrfs: fix pinned underflow after transaction aborted - Revert "media: videobuf2-core: don't call memop 'finish' when queueing" - Revert "Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV" - media: v4l: event: Add subscription to list before calling "add" operation - uio: Fix an Oops on load - usb: cdc-acm: add entry for Hiro (Conexant) modem - USB: quirks: Add no-lpm quirk for Raydium touchscreens - usb: quirks: Add delay-init quirk for Corsair K70 LUX RGB - USB: misc: appledisplay: add 20" Apple Cinema Display - [x86] ACPI / platform: Add SMB0001 HID to forbidden_id_list - HID: uhid: forbid UHID_CREATE under KERNEL_DS or elevated privileges - libceph: fall back to sendmsg for slab pages https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.142 - usb: core: Fix hub port connection events lost - [arm64,armhf] usb: dwc3: core: Clean up ULPI device - usb: xhci: fix timeout for transition from RExit to U0 - MAINTAINERS: Add Sasha as a stable branch maintainer - gpio: don't free unallocated ida on gpiochip_add_data_with_key() error path - iwlwifi: mvm: support sta_statistics() even on older firmware - iwlwifi: mvm: fix regulatory domain update when the firmware starts - brcmfmac: fix reporting support for 160 MHz channels - tools/power/cpupower: fix compilation with STATIC=true - v9fs_dir_readdir: fix double-free on p9stat_read error - selinux: Add __GFP_NOWARN to allocation at str_read() - bfs: add sanity check at bfs_fill_super() - sctp: clear the transport of some out_chunk_list chunks in sctp_assoc_rm_peer - gfs2: Don't leave s_fs_info pointing to freed memory in init_sbd - llc: do not use sk_eat_skb() - mm: don't warn about large allocations for slab - drm/ast: change resolution may cause screen blurred - drm/ast: fixed cursor may disappear sometimes - drm/ast: Remove existing framebuffers before loading driver - can: dev: can_get_echo_skb(): factor out non sending code to __can_get_echo_skb() - can: dev: __can_get_echo_skb(): replace struct can_frame by canfd_frame to access frame length - can: dev: __can_get_echo_skb(): Don't crash the kernel if can_priv::echo_skb is accessed out of bounds - can: dev: __can_get_echo_skb(): print error message, if trying to echo non existing skb - IB/core: Fix for core panic - [amd64] IB/hfi1: Eliminate races in the SDMA send error path - usb: xhci: Prevent bus suspend if a port connect change or polling state is detected - [arm64] pinctrl: meson: fix pinconf bias disable - [armhf] cpufreq: imx6q: add return value check for voltage scale - floppy: fix race condition in __floppy_read_block_0() - [powerpc*] io: Fix the IO workarounds code to work with Radix - [x86] perf/x86/intel/uncore: Add more IMC PCI IDs for KabyLake and CoffeeLake CPUs - SUNRPC: Fix a bogus get/put in generic_key_to_expire() - [powerpc*] numa: Suppress "VPHN is not supported" messages - [arm64,armhf] efi/arm: Revert deferred unmap of early memmap mapping - tmpfs: make lseek(SEEK_DATA/SEK_HOLE) return ENXIO with a negative offset - of: add helper to lookup compatible child node - ath10k: fix kernel panic due to race in accessing arvif list - Input: xpad - add product ID for Xbox One S pad - Input: xpad - fix Xbox One rumble stopping after 2.5 secs - Input: xpad - correctly sort vendor id's - Input: xpad - move reporting xbox one home button to common function - Input: xpad - simplify error condition in init_output - Input: xpad - don't depend on endpoint order - Input: xpad - fix stuck mode button on Xbox One S pad - Input: xpad - restore LED state after device resume - Input: xpad - support some quirky Xbox One pads - Input: xpad - sort supported devices by USB ID - Input: xpad - sync supported devices with xboxdrv - Input: xpad - add USB IDs for Mad Catz Brawlstick and Razer Sabertooth - Input: xpad - sync supported devices with 360Controller - Input: xpad - sync supported devices with XBCD - Input: xpad - constify usb_device_id - Input: xpad - fix PowerA init quirk for some gamepad models - Input: xpad - validate USB endpoint type during probe - Input: xpad - add support for PDP Xbox One controllers - Input: xpad - add PDP device id 0x02a4 - Input: xpad - fix some coding style issues - Input: xpad - avoid using __set_bit() for capabilities - Input: xpad - add GPD Win 2 Controller USB IDs - Input: xpad - fix GPD Win 2 controller name - Input: xpad - add support for Xbox1 PDP Camo series gamepad - mwifiex: prevent register accesses after host is sleeping - mwifiex: report error to PCIe for suspend failure - mwifiex: Fix NULL pointer dereference in skb_dequeue() - mwifiex: fix p2p device doesn't find in scan problem - scsi: ufs: fix bugs related to null pointer access and array size - scsi: ufshcd: Fix race between clk scaling and ungate work - scsi: ufs: fix race between clock gating and devfreq scaling work - scsi: ufshcd: release resources if probe fails - tty: wipe buffer. - tty: wipe buffer if not echoing data - usb: xhci: fix uninitialized completion when USB3 port got wrong status - sched/core: Allow __sched_setscheduler() in interrupts when PI is not used - namei: allow restricted O_CREAT of FIFOs and regular files - lan78xx: Read MAC address from DT if present - [s390x] mm: Check for valid vma before zapping in gmap_discard - net: ieee802154: 6lowpan: fix frag reassembly - Revert "evm: Translate user/group ids relative to s_user_ns when computing HMAC" - ima: always measure and audit files in policy - ima: re-introduce own integrity cache lock - ima: re-initialize iint->atomic_flags https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.143 - mm/huge_memory: rename freeze_page() to unmap_page() - mm/huge_memory.c: reorder operations in __split_huge_page_tail() - mm/huge_memory: splitting set mapping+index before unfreeze - mm/huge_memory: fix lockdep complaint on 32-bit i_size_read() - mm/khugepaged: collapse_shmem() stop if punched or truncated - shmem: shmem_charge: verify max_block is not exceeded before inode update - shmem: introduce shmem_inode_acct_block - mm/khugepaged: fix crashes due to misaccounted holes - mm/khugepaged: collapse_shmem() remember to clear holes - mm/khugepaged: minor reorderings in collapse_shmem() - mm/khugepaged: collapse_shmem() without freezing new_page - mm/khugepaged: collapse_shmem() do not crash on Compound - media: em28xx: Fix use-after-free when disconnecting - [arm64,armhf] Revert "wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout()" - net: skb_scrub_packet(): Scrub offload_fwd_mark - [s390x] qeth: fix length check in SNMP processing - usbnet: ipheth: fix potential recvmsg bug and recvmsg bug 2 - [x86] kvm: mmu: Fix race in emulated page table writes - [x86] kvm: svm: Ensure an IBPB on all affected CPUs when freeing a vmcb - [x86] KVM: Fix scan ioapic use-before-initialization (CVE-2018-19407) - Btrfs: ensure path name is null terminated at btrfs_control_ioctl - [x86] perf/x86/intel: Move branch tracing setup to the Intel-specific source file - [x86] perf/x86/intel: Add generic branch tracing check to intel_pmu_has_bts() - fs: fix lost error code in dio_complete - [i386] ALSA: wss: Fix invalid snd_free_pages() at error path - ALSA: ac97: Fix incorrect bit shift at AC97-SPSA control write - ALSA: control: Fix race between adding and removing a user element - [sparc] ALSA: sparc: Fix invalid snd_free_pages() at error path - ext2: fix potential use after free - btrfs: release metadata before running delayed refs - USB: usb-storage: Add new IDs to ums-realtek - usb: core: quirks: add RESET_RESUME quirk for Cherry G230 Stream series - Revert "usb: dwc3: gadget: skip Set/Clear Halt when invalid" - mm: use swp_offset as key in shmem_replace_page() - [x86] Drivers: hv: vmbus: check the creation_status in vmbus_establish_gpadl() - [amd64] misc: mic/scif: fix copy-paste error in scif_create_remote_lookup - [armhf] bus: arm-cci: remove unnecessary unreachable() - [armhf] trusted_foundations: do not use naked function - [x86] efi/libstub: Make file I/O chunking x86-specific https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.144 - kernfs: Replace strncpy with memcpy - ip_tunnel: Fix name string concatenate in __ip_tunnel_create() - scsi: bfa: convert to strlcpy/strlcat - [x86] staging: rts5208: fix gcc-8 logic error warning - [amd64] x86/power/64: Use char arrays for asm function names - iser: set sector for ambiguous mr status errors - uprobes: Fix handle_swbp() vs. unregister() + register() race once more - [mips*] fix mips_get_syscall_arg o32 check - IB/mlx5: Avoid load failure due to unknown link width - drm/ast: Fix incorrect free on ioregs - drm: set is_master to 0 upon drm_new_set_master() failure - scsi: scsi_devinfo: cleanly zero-pad devinfo strings - scsi: csiostor: Avoid content leaks and casts - [x86] svm: Add mutex_lock to protect apic_access_page_done on AMD systems - Input: xpad - quirk all PDP Xbox One gamepads - Input: elan_i2c - add ELAN0620 to the ACPI table - Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15ARR - Input: elan_i2c - add support for ELAN0621 touchpad - btrfs: Always try all copies when reading extent buffers - Btrfs: fix use-after-free when dumping free space - udf: Allow mounting volumes with incorrect identification strings - [arm64,armhf] reset: make optional functions really optional - [arm64,armhf] reset: core: fix reset_control_put - reset: fix optional reset_control_get stubs to return NULL - [arm64,armhf] reset: add exported __reset_control_get, return NULL if optional - [arm64,armhf] reset: make device_reset_optional() really optional - reset: remove remaining WARN_ON() in - mm: cleancache: fix corruption on missed inode invalidation (CVE-2018-16862) - net: qed: use correct strncpy() size - tipc: use destination length for copy string - libceph: drop len argument of *verify_authorizer_reply() - libceph: no need to drop con->mutex for ->get_authorizer() - libceph: store ceph_auth_handshake pointer in ceph_connection - libceph: factor out __prepare_write_connect() - libceph: factor out __ceph_x_decrypt() - libceph: factor out encrypt_authorizer() - libceph: add authorizer challenge (CVE-2018-1128) - libceph: implement CEPHX_V2 calculation mode (CVE-2018-1129) - libceph: weaken sizeof check in ceph_x_verify_authorizer_reply() - libceph: check authorizer reply/challenge length before reading - bpf: Prevent memory disambiguation attack (CVE-2018-3639) - wil6210: missing length check in wmi_set_ie (CVE-2018-5848) - btrfs: validate type when reading a chunk (CVE-2018-14611) - btrfs: Verify that every chunk has corresponding block group at mount time (CVE-2018-14612) - btrfs: Refactor check_leaf function for later expansion - btrfs: Check if item pointer overlaps with the item itself - btrfs: Add sanity check for EXTENT_DATA when reading out leaf - btrfs: Add checker for EXTENT_CSUM - btrfs: Move leaf and node validation checker to tree-checker.c - btrfs: struct-funcs, constify readers - btrfs: tree-checker: Enhance btrfs_check_node output - btrfs: tree-checker: Fix false panic for sanity test - btrfs: tree-checker: Add checker for dir item - btrfs: tree-checker: use %zu format string for size_t - btrfs: tree-check: reduce stack consumption in check_dir_item - btrfs: tree-checker: Verify block_group_item (CVE-2018-14613) - btrfs: tree-checker: Detect invalid and empty essential trees (CVE-2018-14612) - btrfs: Check that each block group has corresponding chunk at mount time (CVE-2018-14610) - btrfs: tree-checker: Check level for leaves and nodes - btrfs: tree-checker: Fix misleading group system information - f2fs: fix race condition in between free nid allocator/initializer (CVE-2017-18249) - f2fs: detect wrong layout - f2fs: return error during fill_super - f2fs: check blkaddr more accuratly before issue a bio - f2fs: sanity check on sit entry - f2fs: enhance sanity_check_raw_super() to avoid potential overflow - f2fs: clean up with is_valid_blkaddr() - f2fs: introduce and spread verify_blkaddr - f2fs: fix to do sanity check with secs_per_zone (CVE-2018-13100) - f2fs: fix to do sanity check with user_block_count (CVE-2018-13097) - f2fs: Add sanity_check_inode() function - f2fs: fix to do sanity check with node footer and iblocks (CVE-2018-13096) - f2fs: fix to do sanity check with block address in main area - f2fs: fix missing up_read - f2fs: fix to do sanity check with block address in main area v2 (CVE-2018-14616) - f2fs: free meta pages if sanity check for ckpt is failed - f2fs: fix to do sanity check with cp_pack_start_sum (CVE-2018-14614) - xfs: don't fail when converting shortform attr to long form during ATTR_REPLACE (CVE-2018-18690) - hugetlbfs: fix bug in pgoff overflow checking [ Ben Hutchings ] * drivers/net/ethernet: Ignore ABI changes (fixes FTBFS on arm64; Closes: #914556) * libcpupower: Hide private function and drop it from .symbols file * Revert "elevator: fix truncation of icq_cache_name" to avoid ABI change * reset: Avoid ABI changes in 4.9.144 * esp_scsi: Ignore ABI changes * snd-hda: Ignore ABI changes * posix-timers: Avoid ABI change in 4.9.136 * sched: Avoid ABI change in 4.9.136 * [armel,armhf] Avoid ABI change in 4.9.139 [ Noah Meyerhans ] * [arm64] PCI: Enable HOTPLUG_PCI and HOTPLUG_PCI_ACPI (Closes: #915231) * drivers/net/ethernet/amazon: Backport ENA 2.0.2 network driver (Closes: #915229) [ Salvatore Bonaccorso ] * [rt] Refresh 0159-genirq-Allow-disabling-of-softirq-processing-in-irq-.patch for context changes in 4.9.137 * Refresh mips-loongson-3-support-irq_set_affinity-in-i8259-ch.patch for context changes in 4.9.138 * Refresh kbuild-use-nostdinc-in-compile-tests.patch for context changes in 4.9.139 * Refresh inet-frags-avoid-abi-change-in-4.9.134.patch for context changes in 4.9.139 * scripts/mod: Update modpost wrapper for 4.9.139. Upstream commit cf0c3e68aa81 "kbuild: fix asm-offset generation to work with clang" changed the macros used by devicetable-offsets.c. Copy the new sed code from upstream scripts/Makefile.lib. Originates from the same change for 4.12 done by Ben Hutchings. * Refresh media-v4l-avoid-abi-change-in-4.9.131.patch for context changes in 4.9.141 * Refresh fs-enable-link-security-restrictions-by-default.patch for context changes in 4.9.142 * Refresh inet-frags-avoid-abi-change-in-4.9.134.patch for context changes in 4.9.142 [ Michal Simek ] * [arm64] Enable Xilinx ZynqMP SoC and drivers -- Ben Hutchings Sun, 30 Dec 2018 23:27:02 +0000 linux (4.9.135-1) stretch; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.131 - crypto: skcipher - Fix -Wstringop-truncation warnings - tsl2550: fix lux1_input error in low light - [x86] vmci: type promotion bug in qp_host_get_user_memory() - [amd64] numa_emulation: Fix emulated-to-physical node mapping - [x86] staging: rts5208: fix missing error check on call to rtsx_write_register - uwb: hwa-rc: fix memory leak at probe - [arm64,armhf] power: vexpress: fix corruption in notifier registration - [amd64] iommu/amd: make sure TLB to be flushed before IOVA freed - Bluetooth: Add a new Realtek 8723DE ID 0bda:b009 - USB: serial: kobil_sct: fix modem-status error handling - 6lowpan: iphc: reset mac_header after decompress to fix panic - [s390x] mm: correct allocate_pgste proc_handler callback - power: remove possible deadlock when unregistering power_supply - IB/core: type promotion bug in rdma_rw_init_one_mr() - [powerpc*] kdump: Handle crashkernel memory reservation failure - [x86] tsc: Add missing header to tsc_msr.c - [armhf] hwmod: RTC: Don't assume lock/unlock will be called with irq enabled - [x86] entry/64: Add two more instruction suffixes - scsi: target/iscsi: Make iscsit_ta_authentication() respect the output buffer size - scsi: klist: Make it safe to use klists in atomic context - [powerpc/powerpc64,ppc64*] scsi: ibmvscsi: Improve strings handling - usb: wusbcore: security: cast sizeof to int for comparison - [ppc64el] powerpc/powernv/ioda2: Reduce upper limit for DMA window size - alarmtimer: Prevent overflow for relative nanosleep (CVE-2018-13053) - [s390x] extmem: fix gcc 8 stringop-overflow warning - [armhf] media: omap3isp: zero-initialize the isp cam_xclk{a,b} initial data - drivers/tty: add error handling for pcmcia_loop_config - [x86] media: tm6000: add error handling for dvb_register_adapter - ALSA: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge - ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock - rndis_wlan: potential buffer overflow in rndis_wlan_auth_indication() - [arm64,armhf] wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout() - [armhf] mvebu: declare asm symbols as character arrays in pmsu.c - HID: hid-ntrig: add error handling for sysfs_create_group - [x86] perf/x86/intel/lbr: Fix incomplete LBR call stack - scsi: bnx2i: add error handling for ioremap_nocache - scsi: megaraid_sas: Update controller info during resume - [x86] EDAC, i7core: Fix memleaks and use-after-free on probe and remove - ASoC: dapm: Fix potential DAI widget pointer deref when linking DAIs - nfsd: fix corrupted reply to badly ordered compound - EDAC: Fix memleak in module init error path - [armhf] dts: dra7: fix DCAN node addresses - [arm64] spi: tegra20-slink: explicitly enable/disable clock - [arm*] regulator: fix crash caused by null driver data - USB: fix error handling in usb_driver_claim_interface() - USB: handle NULL config in usb_find_alt_setting() - slub: make ->cpu_partial unsigned int - media: uvcvideo: Support realtek's UVC 1.5 device - USB: usbdevfs: sanitize flags more - USB: usbdevfs: restore warning for nonsensical flags - Revert "usb: cdc-wdm: Fix a sleep-in-atomic-context bug in service_outstanding_interrupt()" - USB: remove LPM management from usb_driver_claim_interface() - Input: elantech - enable middle button of touchpad on ThinkPad P72 - IB/srp: Avoid that sg_reset -d ${srp_device} triggers an infinite loop - [amd64] IB/hfi1: Invalid user input can result in crash - [amd64] IB/hfi1: Fix context recovery when PBC has an UnsupportedVL - scsi: target: iscsi: Use bin2hex instead of a re-implementation - [armhf] serial: imx: restore handshaking irq for imx1 - [amd64] IB/hfi1: Fix SL array bounds check - qed: Wait for ready indication before rereading the shmem - qed: Wait for MCP halt and resume commands to take place - [arm*] thermal: of-thermal: disable passive polling when thermal zone is disabled - [arm64] net: hns: fix length and page_offset overflow when CONFIG_ARM64_64K_PAGES - [arm64] net: hns: fix skb->truesize underestimation - e1000: check on netif_running() before calling e1000_up() - e1000: ensure to free old tx/rx rings in set_ringparam() - hwmon: (adt7475) Make adt7475_read_word() return errors - [x86] drm/amdgpu: Enable/disable gfx PG feature in rlc safe mode - [arm*] smccc-1.1: Make return values unsigned long - [arm*] smccc-1.1: Handle function result as parameters - [x86] i2c: i801: Allow ACPI AML access I/O ports not reserved for SMBus - media: v4l: event: Prevent freeing event subscriptions while accessed https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.132 - [arm64] serial: mvebu-uart: Fix reporting of effective CSIZE to userspace - time: Introduce jiffies64_to_nsecs() - mac80211: Run TXQ teardown code before de-registering interfaces - [ppc64el] KVM: PPC: Book3S HV: Don't truncate HPTE index in xlate function - mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X - mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X - mac80211: mesh: fix HWMP sequence numbering to follow standard - [arm64] net: hns: add netif_carrier_off before change speed and duplex - cfg80211: nl80211_update_ft_ies() to validate NL80211_ATTR_IE - gpio: Fix crash due to registration race - RAID10 BUG_ON in raise_barrier when force is true and conf->barrier is 0 - fs/cifs: don't translate SFM_SLASH (U+F026) to backslash - cfg80211: fix a type issue in ieee80211_chandef_to_operating_class() - mac80211: fix a race between restart and CSA flows - mac80211: Fix station bandwidth setting after channel switch - mac80211: don't Tx a deauth frame if the AP forbade Tx - mac80211: shorten the IBSS debug messages - mm: madvise(MADV_DODUMP): allow hugetlbfs pages - HID: add support for Apple Magic Keyboards - HID: hid-saitek: Add device ID for RAT 7 Contagion - perf evsel: Fix potential null pointer dereference in perf_evsel__new_idx() - [ppc64el] perf probe powerpc: Ignore SyS symbols irrespective of endianness - RDMA/ucma: check fd type in ucma_migrate_id() - USB: yurex: Check for truncation in yurex_read() - nvmet-rdma: fix possible bogus dereference under heavy load - net/mlx5: Consider PCI domain in search for next dev - drm/nouveau/TBDdevinit: don't fail when PMU/PRE_OS is missing from VBIOS - dm raid: fix rebuild of specific devices by updating superblock - fs/cifs: suppress a string overflow warning - [x86] net: ena: fix driver when PAGE_SIZE == 64kB - [x86] perf/x86/intel: Add support/quirk for the MISPREDICT bit on Knights Landing CPUs - dm thin metadata: try to avoid ever aborting transactions - [arm64] jump_label.h: use asm_volatile_goto macro instead of "asm goto" - r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED - [s390x] qeth: use vzalloc for QUERY OAT buffer - [s390x] qeth: don't dump past end of unknown HW header - cifs: read overflow in is_valid_oplock_break() - xen/manage: don't complain about an empty value in control/sysrq node - xen: avoid crash in disable_hotplug_cpu - xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage - sysfs: Do not return POSIX ACL xattrs via listxattr - smb2: fix missing files in root share directory listing - ALSA: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760 - [x86] crypto: qat - Fix KASAN stack-out-of-bounds bug in adf_probe() - gpiolib: Free the last requested descriptor - proc: restrict kernel stack dumps to root (CVE-2018-17972) - ocfs2: fix locking for res->tracking and dlm->tracking_list - dm thin metadata: fix __udivdi3 undefined on 32-bit https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.133 - mm/vmstat.c: skip NR_TLB_REMOTE_FLUSH* properly - [amd64] x86/vdso: Fix asm constraints on vDSO syscall fallbacks - [amd64] x86/vdso: Fix vDSO syscall fallback asm constraint regression - PCI: Reprogram bridge prefetch registers on resume - mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP mode keys - PM / core: Clear the direct_complete flag on errors - dm cache metadata: ignore hints array being too small during resize - dm cache: fix resize crash if user doesn't reload cache table - xhci: Add missing CAS workaround for Intel Sunrise Point xHCI - USB: serial: simple: add Motorola Tetra MTP6550 id - tty: Drop tty->count on tty_reopen() failure - cgroup: Fix deadlock in cpu hotplug path - ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait - ath10k: fix kernel panic issue during pci probe - f2fs: fix invalid memory access - ucma: fix a use-after-free in ucma_resolve_ip() - ubifs: Check for name being NULL while mounting - ath10k: fix scan crash due to incorrect length calculation - ebtables: arpreply: Add the standard target sanity check - [x86] fpu: Remove use_eager_fpu() - [x86] fpu: Remove struct fpu::counter - Revert "perf: sync up x86/.../cpufeatures.h" - [x86] fpu: Finish excising 'eagerfpu' https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.134 - [armhf] mfd: omap-usb-host: Fix dts probe of children - scsi: iscsi: target: Don't use stack buffer for scatterlist - scsi: qla2xxx: Fix an endian bug in fcpcmd_is_corrupted() - sound: enable interrupt after dma buffer initialization - [arm64,armhf] stmmac: fix valid numbers of unicast filter entries - [x86] kvm/lapic: always disable MMIO interface in x2APIC mode - ext4: Fix error code in ext4_xattr_set_entry() - mm/vmstat.c: fix outdated vmstat_text - mach64: detect the dot clock divider correctly on sparc - [x86] i2c: i2c-scmi: fix for i2c_smbus_write_block_data - xhci: Don't print a warning when setting link state for disabled ports - bnxt_en: Fix TX timeout during netpoll. - bonding: avoid possible dead-lock - ip6_tunnel: be careful when accessing the inner header - ip_tunnel: be careful when accessing the inner header - ipv4: fix use-after-free in ip_cmsg_recv_dstaddr() - ipv6: take rcu lock in rawv6_send_hdrinc() - [armhf] net: dsa: bcm_sf2: Call setup during switch resume - ]arm64] net: hns: fix for unmapping problem when SMMU is on - net: ipv4: update fnhe_pmtu when first hop's MTU changes - net/ipv6: Display all addresses in output of /proc/net/if_inet6 - net/usb: cancel pending work when unbinding smsc75xx - qlcnic: fix Tx descriptor corruption on 82xx devices - qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface - team: Forbid enslaving team device to itself - [armhf] net: dsa: bcm_sf2: Fix unbind ordering - [armhf] net: mvpp2: Extract the correct ethtype from the skb for tx csum offload - rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096 - tcp/dccp: fix lockdep issue when SYN is backlogged - inet: make sure to grab rcu_read_lock before using ireq->ireq_opt - inet: frags: change inet_frags_init_net() return value - inet: frags: add a pointer to struct netns_frags - inet: frags: refactor ipfrag_init() - inet: frags: refactor ipv6_frag_init() - inet: frags: refactor lowpan_net_frag_init() - ipv6: export ip6 fragments sysctl to unprivileged users - rhashtable: add schedule points - inet: frags: use rhashtables for reassembly units - inet: frags: remove some helpers - inet: frags: get rif of inet_frag_evicting() - inet: frags: remove inet_frag_maybe_warn_overflow() - inet: frags: do not clone skb in ip_expire() - ipv6: frags: rewrite ip6_expire_frag_queue() - inet: frags: get rid of ipfrag_skb_cb/FRAG_CB - ip: discard IPv4 datagrams with overlapping segments. - net: speed up skb_rbtree_purge() - net: modify skb_rbtree_purge to return the truesize of all purged skbs. - ipv6: defrag: drop non-last frags smaller than min mtu - net: pskb_trim_rcsum() and CHECKSUM_COMPLETE are friends - net: add rb_to_skb() and other rb tree helpers - ip: use rb trees for IP frag queue. - ip: add helpers to process in-order fragments faster. - ip: process in-order fragments efficiently - ip: frags: fix crash in ip_do_fragment() - ipv4: frags: precedence bug in ip_expire() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.135 - media: af9035: prevent buffer overflow on write - batman-adv: Fix segfault when writing to throughput_override - batman-adv: Fix segfault when writing to sysfs elp_interval - batman-adv: Prevent duplicated nc_node entry - batman-adv: Prevent duplicated softif_vlan entry - batman-adv: Prevent duplicated global TT entry - batman-adv: Prevent duplicated tvlv handler - batman-adv: fix backbone_gw refcount on queue_work() failure - batman-adv: fix hardif_neigh refcount on queue_work() failure - [armhf] clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs - [powerpc*/*64*] scsi: ibmvscsis: Fix a stringop-overflow warning - [powerpc*/*64*] scsi: ibmvscsis: Ensure partition name is properly NUL terminated - [arm64] drm: mali-dp: Call drm_crtc_vblank_reset on device init - scsi: sd: don't crash the host on invalid commands - net/mlx4: Use cpumask_available for eq->affinity_mask - [powerpc*] tm: Fix userspace r13 corruption - [powerpc*] tm: Avoid possible userspace r1 corruption on reclaim - [amd64] iommu/amd: Return devid as alias for ACPI HID devices - mremap: properly flush TLB before releasing the page (CVE-2018-18281) - mm: Preserve _PAGE_DEVMAP across mprotect() calls - netfilter: check for seqadj ext existence before adding it in nf_nat_setup_info - HID: quirks: fix support for Apple Magic Keyboards - usb: gadget: serial: fix oops when data rx'd after close - sched/cputime: Convert kcpustat to nsecs - sched/cputime: Increment kcpustat directly on irqtime account - sched/cputime: Fix ksoftirqd cputime accounting regression - [x86] HV: properly delay KVP packets when negotiation is in progress [ Ben Hutchings ] * Resolve ABI changes caused by upstream fix for CVE-2018-5391: - Revert "inet: frags: fix ip6frag_low_thresh boundary" - Revert "inet: frags: reorganize struct netns_frags" - Revert "rhashtable: reorganize struct rhashtable layout" - Revert "inet: frags: break the 2GB limit for frags storage" - inet: frags: Avoid ABI change in 4.9.134 - sk_buff: Avoid ABI change in 4.9.134 - snmp: Remove the ReasmOverlaps statistic - ipv6: Ignore ABI changes in fragment reassembly functions * [x86] fpu: Avoid ABI change in 4.9.133 * power: Avoid ABI change in 4.9.131 * slub: Avoid ABI change in 4.9.131 * media: v4l: Avoid ABI change in 4.9.131 * netdev: Hide netdev_notifier_info_ext from modules * [x86] Revert "x86/mm: Expand static page table for fixmap space" * Revert "tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline()", which does not fix a real security issue -- Salvatore Bonaccorso Sun, 11 Nov 2018 15:03:44 +0100 linux (4.9.130-2) stretch; urgency=medium [ Salvatore Bonaccorso ] * Ignore ABI change for return_address. Fixes "FTBFS on armel/armhf: ABI change for return_address". Modules will use their own inline copy. Thanks to Cyril Brulebois for the analysis (Closes: #911421) -- Ben Hutchings Sat, 27 Oct 2018 19:46:16 +0100 linux (4.9.130-1) stretch; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.111 - [x86] spectre_v1: Disable compiler optimizations over array_index_mask_nospec() - [x86] mce: Improve error message when kernel cannot recover - [x86] mce: Check for alternate indication of machine check recovery on Skylake - [x86] mce: Fix incorrect "Machine check from unknown source" message - [x86] mce: Do not overwrite MCi_STATUS in mce_no_way_out() - [x86] Call fixup_exception() before notify_die() in math_error() - [m68k] mm: Adjust VM area to be unmapped by gap size for __iounmap() - [sh4] serial: sh-sci: Use spin_{try}lock_irqsave instead of open coding version - usb: do not reset if a low-speed or full-speed device timed out - 1wire: family module autoload fails because of upper/lower case mismatch. - ASoC: dapm: delete dapm_kcontrol_data paths list before freeing it - lib/vsprintf: Remove atomic-unsafe support for %pCr - [mips*] ftrace: fix static function graph tracing - branch-check: fix long->int truncation when profiling branches - ipmi:bt: Set the timeout before doing a capabilities check - Bluetooth: hci_qca: Avoid missing rampatch failure with userspace fw loader - fuse: atomic_o_trunc should truncate pagecache - fuse: don't keep dead fuse_conn at fuse_fill_super(). - fuse: fix control dir setup and teardown - [powerpc*] mm/hash: Add missing isync prior to kernel stack SLB switch - [powerpc*] ptrace: Fix setting 512B aligned breakpoints with PTRACE_SET_DEBUGREG - [powerpc*] /ptrace: Fix enforcement of DAWR constraints - [powerpc*] powernv/ioda2: Remove redundant free of TCE pages - [poewrpc*] cpuidle: powernv: Fix promotion from snooze if next state disabled - [powerpc*] fadump: Unregister fadump on kexec down path. - [arm*] 8764/1: kgdb: fix NUMREGBYTES so that gdb_regs[] is the correct size - [arm64] kpti: Use early_param for kpti= command-line option - [arm64] mm: Ensure writes to swapper are ordered wrt subsequent cache maintenance - IB/qib: Fix DMA api warning with debug kernel - IB/{hfi1, qib}: Add handling of kernel restart - IB/mlx5: Fetch soft WQE's on fatal error state - IB/isert: Fix for lib/dma_debug check_sync warning - IB/isert: fix T10-pi check mask setting - RDMA/mlx4: Discard unknown SQP work requests - mtd: cfi_cmdset_0002: Change write buffer to check correct value - mtd: cfi_cmdset_0002: Use right chip in do_ppb_xxlock() - mtd: cfi_cmdset_0002: fix SEGV unlocking multiple chips - mtd: cfi_cmdset_0002: Fix unlocking requests crossing a chip boudary - mtd: cfi_cmdset_0002: Avoid walking all chips when unlocking. - PCI: Add ACS quirk for Intel 7th & 8th Gen mobile - PCI: Add ACS quirk for Intel 300 series - PCI: pciehp: Clear Presence Detect and Data Link Layer Status Changed on resume - printk: fix possible reuse of va_list variable - [mips*] io: Add barrier after register read in inX() - time: Make sure jiffies_to_msecs() preserves non-zero time periods - Btrfs: fix return value on rename exchange failure - Btrfs: fix unexpected cow in run_delalloc_nocow - iio:buffer: make length types match kfifo types - scsi: qla2xxx: Fix setting lower transfer speed if GPSC fails - [s390x] scsi: zfcp: fix missing SCSI trace for result of eh_host_reset_handler - [s390x] scsi: zfcp: fix missing SCSI trace for retry of abort / scsi_eh TMF - [s390x] scsi: zfcp: fix misleading REC trigger trace where erp_action setup failed - [s390x] scsi: zfcp: fix missing REC trigger trace on terminate_rport_io early return - [s390x] scsi: zfcp: fix missing REC trigger trace on terminate_rport_io for ERP_FAILED - [s390x] scsi: zfcp: fix missing REC trigger trace for all objects in ERP_FAILED - [s390x] scsi: zfcp: fix missing REC trigger trace on enqueue without ERP thread - linvdimm, pmem: Preserve read-only setting for pmem devices - md: fix two problems with setting the "re-add" device state. - ubi: fastmap: Cancel work upon detach - ubi: fastmap: Correctly handle interrupted erasures in EBA - UBIFS: Fix potential integer overflow in allocation - [x86] mfd: intel-lpss: Program REMAP register in PIO mode - perf tools: Fix symbol and object code resolution for vdso32 and vdsox32 - perf intel-pt: Fix sync_switch INTEL_PT_SS_NOT_TRACING - perf intel-pt: Fix decoding to accept CBR between FUP and corresponding TIP - perf intel-pt: Fix MTC timing after overflow - perf intel-pt: Fix "Unexpected indirect branch" error - perf intel-pt: Fix packet decoding of CYC packets - media: v4l2-compat-ioctl32: prevent go past max size - media: cx231xx: Add support for AverMedia DVD EZMaker 7 - media: dvb_frontend: fix locking issues at dvb_frontend_get_event() - nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir - NFSv4: Fix possible 1-byte stack overflow in nfs_idmap_read_and_verify_message - NFSv4: Revert commit 5f83d86cf531d ("NFSv4.x: Fix wraparound issues..") - video: uvesafb: Fix integer overflow in allocation (CVE-2018-13406) - Input: elan_i2c - add ELAN0618 (Lenovo v330 15IKB) ACPI ID - pwm: lpss: platform: Save/restore the ctrl register over a suspend/resume - rbd: flush rbd_dev->watch_dwork after watch is unregistered - [x86] mm: fix devmem_is_allowed() for sub-page System RAM intersections - xen: Remove unnecessary BUG_ON from __unbind_from_irq() - udf: Detect incorrect directory size - Input: elan_i2c_smbus - fix more potential stack buffer overflows - Input: elantech - enable middle button of touchpads on ThinkPad P52 - Input: elantech - fix V4 report decoding for module with middle key - ALSA: hda/realtek - Fix pop noise on Lenovo P50 & co - ALSA: hda/realtek - Add a quirk for FSC ESPRIMO U9210 - block: Fix transfer when chunk sectors exceeds max - dm thin: handle running out of data space vs concurrent discard https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.112 - usb: cdc_acm: Add quirk for Uniden UBC125 scanner - USB: serial: cp210x: add CESINEL device ids - USB: serial: cp210x: add Silicon Labs IDs for Windows Update - [arm64,armhf] usb: dwc2: fix the incorrect bitmaps for the ports of multi_tt hub - n_tty: Fix stall at n_tty_receive_char_special(). - n_tty: Access echo_* variables carefully. - vt: prevent leaking uninitialized data to userspace via /dev/vcs* - ipv4: Fix error return value in fib_convert_metrics() - [x86] kprobes: Do not modify singlestep buffer while resuming - netfilter: nf_tables: use WARN_ON_ONCE instead of BUG_ON in nft_do_chain() - net: phy: micrel: fix crash when statistic requested for KSZ9031 phy - [armhf] dts: imx6q: Use correct SDMA script for SPI5 core - IB/hfi1: Fix user context tail allocation for DMA_RTAIL - mm: hugetlb: yield when prepping struct pages - tracing: Fix missing return symbol in function_graph output - scsi: sg: mitigate read/write abuse - [s390x] Correct register corruption in critical section cleanup - drbd: fix access after free - cifs: Fix infinite loop when using hard mount option - drm/udl: fix display corruption of the last line - ext4: include the illegal physical block in the bad map ext4_error msg - ext4: add more mount time checks of the superblock - ext4: check superblock mapped prior to committing - mlxsw: spectrum: Forbid linking of VLAN devices to devices that have uppers - [x86] HID: i2c-hid: Fix "incomplete report" noise - HID: hiddev: fix potential Spectre v1 - HID: debug: check length before copy_to_user() (CVE-2018-9516) - PM / OPP: Update voltage in case freq == old_freq - Kbuild: fix # escaping in .cmd files for future Make - media: cx25840: Use subdev host data for PLL override - mm, page_alloc: do not break __GFP_THISNODE by zonelist reset - dm bufio: avoid sleeping while holding the dm_bufio lock - dm bufio: drop the lock when doing GFP_NOIO allocation - [armhf] mtd: rawnand: mxc: set spare area size register explicitly - dm bufio: don't take the lock in dm_bufio_shrink_count - mtd: cfi_cmdset_0002: Change definition naming to retry write operation - mtd: cfi_cmdset_0002: Change erase functions to retry for error - mtd: cfi_cmdset_0002: Change erase functions to check chip good only - netfilter: nf_log: don't hold nf_log_mutex during user access - [x86] staging: comedi: quatech_daqp_cs: fix no-op loop daqp_ao_insn_write() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.113 - nvme: validate admin queue before unquiesce - [mips*] Call dump_stack() from show_regs() - [mips*] Fix ioremap() RAM check - mmc: dw_mmc: fix card threshold control configuration - [x86] ibmasm: don't write out of bounds in read handler - ata: Fix ZBC_OUT command block check - ata: Fix ZBC_OUT all bit handling - vmw_balloon: fix inflation with batching - ahci: Disable LPM on Lenovo 50 series laptops with a too old BIOS - USB: serial: ch341: fix type promotion bug in ch341_control_in() - USB: serial: cp210x: add another USB ID for Qivicon ZigBee stick - USB: serial: keyspan_pda: fix modem-status error handling - USB: yurex: fix out-of-bounds uaccess in read handler (CVE-2018-16276) - USB: serial: mos7840: fix status-register error handling - usb: quirks: add delay quirks for Corsair Strafe - xhci: xhci-mem: off by one in xhci_stream_id_to_ring() - HID: usbhid: add quirk for innomedia INNEX GENESIS/ATARI adapter - ALSA: hda - Handle pm failure during hotplug - fs, elf: make sure to page align bss in load_elf_library - tools build: fix # escaping in .cmd files for future Make - [arm64,armhf] i2c: tegra: Fix NACK error handling - iw_cxgb4: correctly enforce the max reg_mr depth - nvme-pci: Remap CMB SQ entries on every controller reset - [x86] uprobes: Remove incorrect WARN_ON() in uprobe_init_insn() - netfilter: nf_queue: augment nfqa_cfg_policy - netfilter: x_tables: initialise match/target check parameter struct - loop: add recursion validation to LOOP_CHANGE_FD - PM / hibernate: Fix oops at snapshot_write() - loop: remember whether sysfs_create_group() was done https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.114 - [mips*] Use async IPIs for arch_trigger_cpumask_backtrace() - compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations - [x86] asm: Add _ASM_ARG* constants for argument registers to - [x86] paravirt: Make native_save_fl() extern inline - mtd: m25p80: consider max message size in m25p80_read - atm: zatm: Fix potential Spectre v1 - ipvlan: fix IFLA_MTU ignored on NEWLINK - net: dccp: avoid crash in ccid3_hc_rx_send_feedback() - net: dccp: switch rx_tstamp_last_feedback to monotonic clock - net/mlx5: Fix incorrect raw command length parsing - net/mlx5: Fix wrong size allocation for QoS ETC TC regitster - net_sched: blackhole: tell upper qdisc about dropped packets - net: sungem: fix rx checksum support - qed: Fix use of incorrect size in memcpy call. - qed: Limit msix vectors in kdump kernel to the minimum required count. - qmi_wwan: add support for the Dell Wireless 5821e module - r8152: napi hangup fix after disconnect - tcp: fix Fast Open key endianness - tcp: prevent bogus FRTO undos with non-SACK flows - vhost_net: validate sock before trying to put its fd - net/packet: fix use-after-free - net/mlx5: Fix command interface race in polling mode - net: cxgb3_main: fix potential Spectre v1 - rtlwifi: rtl8821ae: fix firmware is not ready to run - net: lan78xx: Fix race in tx pending skb size calculation - netfilter: ebtables: reject non-bridge targets - reiserfs: fix buffer overflow with long warning messages - KEYS: DNS: fix parsing multiple options - netfilter: ipv6: nf_defrag: drop skb dst before queueing - rds: avoid unenecessary cong_update in loop transport - net/nfc: Avoid stalls when nfc_alloc_send_skb() returned NULL. - [arm64] assembler: introduce ldr_this_cpu - [arm64] KVM: Store vcpu on the stack during __guest_enter() - [arm*] KVM: Convert kvm_host_cpu_state to a static per-cpu allocation - [arm64] KVM: Change hyp_panic()s dependency on tpidr_el2 - [arm64] alternatives: use tpidr_el2 on VHE hosts - [arm64] KVM: Stop save/restoring host tpidr_el1 on VHE - [arm64] alternatives: Add dynamic patching feature - [arm*] KVM: Do not use kern_hyp_va() with kvm_vgic_global_state - [arm64] KVM: Avoid storing the vcpu pointer on the stack - [arm*] smccc: Add SMCCC-specific return codes - [arm64] Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1 - [arm64] Add per-cpu infrastructure to call ARCH_WORKAROUND_2 - [arm64] Add ARCH_WORKAROUND_2 probing - [arm64] Add 'ssbd' command-line option - [arm64] ssbd: Add global mitigation state accessor - [arm64] ssbd: Skip apply_ssbd if not using dynamic mitigation - [arm64] ssbd: Restore mitigation status on CPU resume - [arm64] ssbd: Introduce thread flag to control userspace mitigation - [arm64] ssbd: Add prctl interface for per-thread mitigation - [arm64] KVM: Add HYP per-cpu accessors - [arm64] KVM: Add ARCH_WORKAROUND_2 support for guests - [arm64] KVM: Handle guest's ARCH_WORKAROUND_2 requests - [arm64] KVM: Add ARCH_WORKAROUND_2 discovery through ARCH_FEATURES_FUNC_ID - string: drop __must_check from strscpy() and restore strscpy() usages in cgroup https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.115 - KVM/Eventfd: Avoid crash when assign and deassign specific eventfd in parallel. - [x86] apm: Don't access __preempt_count with zeroed fs - [x86] MCE: Remove min interval polling limitation - fat: fix memory allocation failure handling of match_strdup() - ALSA: rawmidi: Change resized buffers atomically (CVE-2018-10902) - mm: memcg: fix use after free in mem_cgroup_iter() - mm/huge_memory.c: fix data loss when splitting a file pmd - vfio/pci: Fix potential Spectre v1 - [x86] drm/i915: Fix hotplug irq ack on i965/g4x - gen_stats: Fix netlink stats dumping in the presence of padding - ipv4: Return EINVAL when ping_group_range sysctl doesn't map to user ns - ipv6: fix useless rol32 call on hash - lib/rhashtable: consider param->min_size when setting initial table size - net: diag: Don't double-free TCP_NEW_SYN_RECV sockets in tcp_abort - net/ipv4: Set oif in fib_compute_spec_dst - net: phy: fix flag masking in __set_phy_supported - ptp: fix missing break in switch - qmi_wwan: add support for Quectel EG91 - tg3: Add higher cpu clock for 5762. - net: usb: asix: replace mii_nway_restart in resume path - net: Don't copy pfmemalloc flag in __copy_skb_header() - skbuff: Unconditionally copy pfmemalloc in __skb_clone() - xhci: Fix perceived dead host due to runtime suspend race with event handler - xprtrdma: Return -ENOBUFS when no pages are available - block: do not use interruptible wait anywhere https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.116 - [mips*] Fix off-by-one in pci_resource_to_user() - ip: hash fragments consistently - ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull - net/mlx4_core: Save the qpn from the input modifier in RST2INIT wrapper - net: skb_segment() should not return NULL - net/mlx5: Adjust clock overflow work period - net/mlx5e: Don't allow aRFS for encapsulated packets - net/mlx5e: Fix quota counting in aRFS expire flow - multicast: do not restore deleted record source filter mode to new one - net: phy: consider PHY_IGNORE_INTERRUPT in phy_start_aneg_priv - rtnetlink: add rtnl_link_state check in rtnl_configure_link - tcp: fix dctcp delayed ACK schedule - tcp: helpers to send special DCTCP ack - tcp: do not cancel delay-AcK on DCTCP special ACK - tcp: do not delay ACK in DCTCP upon CE status change - usb: cdc_acm: Add quirk for Castles VEGA3000 - usb: core: handle hub C_PORT_OVER_CURRENT condition - usb: gadget: f_fs: Only return delayed status when len is 0 - driver core: Partially revert "driver core: correct device's shutdown order" https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.117 - Input: elan_i2c - add ACPI ID for lenovo ideapad 330 - Input: i8042 - add Lenovo LaVie Z to the i8042 reset list - Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST - [x86] kvm, mm: account shadow page tables to kmemcg - tracing: Fix double free of event_trigger_data - tracing: Fix possible double free in event_enable_trigger_func() - kthread, tracing: Don't expose half-written comm when creating kthreads - tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure - tracing: Quiet gcc warning about maybe unused link variable - [arm64] fix vmemmap BUILD_BUG_ON() triggering on !vmemmap setups - [arm64,armhf] usb: dwc2: Fix DMA alignment to start at allocated boundary - kcov: ensure irq code sees a valid area - xen/netfront: raise max number of slots in xennet_get_responses() - ALSA: emu10k1: add error handling for snd_ctl_add - ALSA: fm801: add error handling for snd_ctl_add - nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo - mm: vmalloc: avoid racy handling of debugobjects in vunmap - mm/slub.c: add __printf verification to slab_err() - rtc: ensure rtc_set_alarm fails when alarms are not supported - perf tools: Fix pmu events parsing rule - netfilter: ipset: List timing out entries with "timeout 1" instead of zero - infiniband: fix a possible use-after-free bug (CVE-2018-14734) - [powerpc*] powerpc/eeh: Fix use-after-release of EEH driver - hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common() - [powerpc*] powerpc/64s: Fix compiler store ordering to SLB shadow area - RDMA/mad: Convert BUG_ONs to error flows - netfilter: nf_tables: check msg_type before nft_trans_set(trans) - pnfs: Don't release the sequence slot until we've processed layoutget on open - disable loading f2fs module on PAGE_SIZE > 4KB - f2fs: fix error path of move_data_page - f2fs: fix to don't trigger writeback during recovery - f2fs: fix to wait page writeback during revoking atomic write - f2fs: Fix deadlock in shutdown ioctl - f2fs: fix race in between GC and atomic open - usbip: usbip_detach: Fix memory, udev context and udev leak - [x86] perf/x86/intel/uncore: Correct fixed counter index check in generic code - [x86] perf/x86/intel/uncore: Correct fixed counter index check for NHM - iwlwifi: pcie: fix race in Rx buffer allocator - Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning - Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011 - ASoC: dpcm: fix BE dai not hw_free and shutdown - [arm64,armhf] mfd: cros_ec: Fail early if we cannot identify the EC - mwifiex: handle race during mwifiex_usb_disconnect - wlcore: sdio: check for valid platform device data before suspend - media: tw686x: Fix incorrect vb2_mem_ops GFP flags - media: videobuf2-core: don't call memop 'finish' when queueing - btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups - btrfs: qgroup: Finish rescan when hit the last leaf of extent tree - PCI: Prevent sysfs disable of device while driver is attached - ath: Add regulatory mapping for FCC3_ETSIC - ath: Add regulatory mapping for ETSI8_WORLD - ath: Add regulatory mapping for APL13_WORLD - ath: Add regulatory mapping for APL2_FCCA - ath: Add regulatory mapping for Uganda - ath: Add regulatory mapping for Tanzania - ath: Add regulatory mapping for Serbia - ath: Add regulatory mapping for Bermuda - ath: Add regulatory mapping for Bahamas - [powerpc*] chrp/time: Make some functions static, add missing header include - [powerpc*] powermac: Add missing prototype for note_bootable_part() - [powerpc*] powermac: Mark variable x as unused - [powerpc*] 8xx: fix invalid register expression in head_8xx.S - [powerpc*] bpf: powerpc64: pad function address loads with NOPs - PCI: pciehp: Request control of native hotplug only if supported - mwifiex: correct histogram data with appropriate index - ima: based on policy verify firmware signatures (pre-allocated buffer) - fscrypt: use unbound workqueue for decryption - scsi: ufs: fix exception event handling - ALSA: emu10k1: Rate-limit error messages about page errors - [armhf] regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops - md: fix NULL dereference of mddev->pers in remove_and_add_spares() - ixgbevf: fix MAC address changes through ixgbevf_set_mac() - ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback - [arm64] cmpwait: Clear event register before arming exclusive monitor - HID: hid-plantronics: Re-resend Update to map button for PTT products - drm/radeon: fix mode_valid's return type - [powerpc*] embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet - HID: i2c-hid: check if device is there before really probing - nvmem: properly handle returned value nvmem_reg_read - tty: Fix data race in tty_insert_flip_string_fixed_flag - dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA - libata: Fix command retry decision - media: media-device: fix ioctl function types - media: saa7164: Fix driver name in debug output - brcmfmac: Add support for bcm43364 wireless chipset - [s390x] cpum_sf: Add data entry sizes to sampling trailer entry - perf: fix invalid bit in diagnostic entry - bnxt_en: Check unsupported speeds in bnxt_update_link() on PF only. - scsi: 3w-9xxx: fix a missing-check bug - scsi: 3w-xxxx: fix a missing-check bug - scsi: megaraid: silence a static checker bug - [x86] staging: lustre: o2iblnd: fix race at kiblnd_connect_peer - [armhf] thermal: exynos: fix setting rising_threshold for Exynos5433 - bpf: fix references to free_bpf_prog_info() in comments - media: siano: get rid of __le32/__le16 cast warnings - drm/atomic: Handling the case when setting old crtc for plane - ALSA: hda/ca0132: fix build failure when a local macro is defined - mmc: dw_mmc: update actual clock for mmc debugfs - mmc: pwrseq: Use kmalloc_array instead of stack VLA - dt-bindings: pinctrl: meson: add support for the Meson8m2 SoC - dt-bindings: net: meson-dwmac: new compatible name for AXG SoC - stop_machine: Use raw spinlocks - [arm64,armhf] memory: tegra: Do not handle spurious interrupts - [arm64,armhf] memory: tegra: Apply interrupts mask per SoC - [x86] drm/gma500: fix psb_intel_lvds_mode_valid()'s return type - ipconfig: Correctly initialise ic_nameservers - rsi: Fix 'invalid vdd' warning in mmc - audit: allow not equal op for audit by executable - [x86] staging: lustre: llite: correct removexattr detection - [x86] staging: lustre: ldlm: free resource when ldlm_lock_create() fails. - serial: core: Make sure compiler barfs for 16-byte earlycon names - usb: hub: Don't wait for connect state at resume for powered-off ports - crypto: authencesn - don't leak pointers to authenc keys - crypto: authenc - don't leak pointers to authenc keys - [armhf] media: omap3isp: fix unbalanced dma_iommu_mapping - scsi: scsi_dh: replace too broad "TP9" string with the exact models - scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs - media: si470x: fix __be16 annotations - drm: Add DP PSR2 sink enable bit - random: mix rdrand with entropy sent in from userspace - squashfs: be more careful about metadata corruption - ext4: fix inline data updates with checksums enabled - ext4: check for allocation block validity with block group locked - RDMA/uverbs: Protect from attempts to create flows on unsupported QP https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.118 - ipv4: remove BUG_ON() from fib_compute_spec_dst - net: ena: Fix use of uninitialized DMA address bits field - [arm64] net: fix amd-xgbe flow-control issue - net: lan78xx: fix rx handling before first packet is send - NET: stmmac: align DMA stuff to largest cache line length - tcp_bbr: fix bw probing to raise in-flight data for very small BDPs - xen-netfront: wait xenbus state change when load module manually - tcp: do not force quickack when receiving out-of-order packets - tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode - tcp: do not aggressively quick ack after ECN events - tcp: refactor tcp_ecn_check_ce to remove sk type cast - tcp: add one more quick ack after after ECN events - [x86] pinctrl: intel: Read back TX buffer state - sched/wait: Remove the lockless swait_active() check in swake_up*() - bonding: avoid lockdep confusion in bond_get_stats() - inet: frag: enforce memory limits earlier - ipv4: frags: handle possible skb truesize change - net: dsa: Do not suspend/resume closed slave_dev - netlink: Fix spectre v1 gadget in netlink_create() - net: stmmac: Fix WoL for PCI-based setups - squashfs: more metadata hardening - squashfs: more metadata hardenings - can: ems_usb: Fix memory leak on ems_usb_disconnect() - net: socket: fix potential spectre v1 gadget in socketcall - virtio_balloon: fix another race between migration and ballooning - [x86] kvm: vmx: fix vpid leak - [x86] crypto: padlock-aes - Fix Nano workaround data corruption - drm/vc4: Reset ->{x, y}_scaling[1] when dealing with uniplanar formats - scsi: sg: fix minor memory leak in error path https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.119 - scsi: qla2xxx: Fix ISP recovery on unload - scsi: qla2xxx: Return error when TMF returns - genirq: Make force irq threading setup more robust - nohz: Fix local_timer_softirq_pending() - netlink: Do not subscribe to non-existent groups - netlink: Don't shift with UB on nlk->ngroups - netlink: Don't shift on 64 for ngroups - ACPI / PCI: Bail early in acpi_pci_add_bus() if there is no ACPI handle - ring_buffer: tracing: Inherit the tracing setting to next ring buffer - [armhf] i2c: imx: Fix reinit_completion() use - Btrfs: fix file data corruption after cloning a range and fsync - tcp: add tcp_ooo_try_coalesce() helper - kmemleak: clear stale pointers from task stacks - fork: unconditionally clear stack on fork - IB/hfi1: Fix incorrect mixing of ERR_PTR and NULL return values https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.120 - ext4: fix check to prevent initializing reserved inodes - [x86] tpm: fix race condition in tpm_common_write() - [hppa/parisc] Enable CONFIG_MLONGCALLS by default - [hppa/parisc] Define mb() and add memory barriers to assembler unlock sequences - Mark HI and TASKLET softirq synchronous - xen/netfront: don't cache skb_shinfo() - ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices - scsi: sr: Avoid that opening a CD-ROM hangs with runtime power management enabled - root dentries need RCU-delayed freeing - make sure that __dentry_kill() always invalidates d_seq, unhashed or not - fix mntput/mntput race - fix __legitimize_mnt()/mntput() race - IB/core: Make testing MR flags for writability a static inline function - IB/mlx4: Mark user MR as writable if actual virtual memory is writable - IB/ocrdma: fix out of bounds access to local buffer - [x86] paravirt: Fix spectre-v2 mitigations for paravirt guests (CVE-2018-15594) - [x86] speculation: Protect against userspace-userspace spectreRSB CVE-2018-15572) - [x86] kprobes Fix %p uses in error messages - [x86] irqflags: Provide a declaration for native_save_fl https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.121 - [i386] mm: Disable ioremap free page handling on x86-PAE - kbuild: verify that $DEPMOD is installed - crypto: vmac - require a block cipher with 128-bit block size - crypto: vmac - separate tfm and request context - Bluetooth: hidp: buffer overflow in hidp_process_report (CVE-2018-9363) - ioremap: Update pgtable free interfaces with addr - [x86] mm: Add TLB purge to free pmd/pte page interfaces https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.122 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.123 - dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart() - l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache - llc: use refcount_inc_not_zero() for llc_sap_find() - vsock: split dwork to avoid reinitializations - ip6_tunnel: use the right value for ipv4 min mtu check in ip6_tnl_xmit - net_sched: Fix missing res info when create new tc_index filter - net_sched: fix NULL pointer dereference when delete tcindex filter - ALSA: hda - Sleep for 10ms after entering D3 on Conexant codecs - ALSA: hda - Turn CX8200 into D3 as well upon reboot - ALSA: vx222: Fix invalid endian conversions - ALSA: virmidi: Fix too long output trigger loop - ALSA: cs5535audio: Fix invalid endian conversion - ALSA: hda: Correct Asrock B85M-ITX power_save blacklist entry - ALSA: memalloc: Don't exceed over the requested size - ALSA: vxpocket: Fix invalid endian conversions - cls_matchall: fix tcf_unbind_filter missing - USB: serial: sierra: fix potential deadlock at close - USB: option: add support for DW5821e - ACPI / PM: save NVS memory for ASUS 1025C laptop - tty: serial: 8250: Revert NXP SC16C2552 workaround - serial: 8250_dw: always set baud rate in dw8250_set_termios - serial: 8250_dw: Add ACPI support for uart on Broadcom SoC - [x86] mm: Simplify p[g4um]d_page() macros - Bluetooth: avoid killing an already killed socket https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.124 - [x86] entry/64: Remove %ebx handling from error_entry/exit (CVE-2018-14678) - [arm64,armhf] usb: dwc3: of-simple: fix use-after-free on remove - [arm64] dts: ns2: Fix I2C controller interrupt type - [arm64] drm: mali-dp: Enable Global SE interrupts mask for DP500 - IB/rxe: Fix missing completion for mem_reg work requests - libahci: Fix possible Spectre-v1 pmp indexing in ahci_led_store() - [arm64,armhf] usb: dwc2: fix isoc split in transfer with no data - usb: gadget: composite: fix delayed_status race condition when set_interface - [arm64,armhf] usb: gadget: dwc2: fix memory leak in gadget_init() - xen: add error handling for xenbus_printf - scsi: xen-scsifront: add error handling for xenbus_printf - xen/scsiback: add error handling for xenbus_printf - [arm64] make secondary_start_kernel() notrace - qed: Add sanity check for SIMD fastpath handler. - enic: initialize enic->rfs_h.lock in enic_probe - net: hamradio: use eth_broadcast_addr - net: propagate dev_get_valid_name return code - [armhf] net: stmmac: socfpga: add additional ocp reset line for Stratix10 - nvmet: reset keep alive timer in controller enable - [armhf] net: davinci_emac: match the mdio device against its compatible if possible - [arm64,armhf] KVM: Drop resource size check for GICV window - locking/lockdep: Do not record IRQ state within lockdep code - ipv6: mcast: fix unsolicited report interval after receiving querys - Smack: Mark inode instant in smack_task_to_inode - batman-adv: Fix bat_ogm_iv best gw refcnt after netlink dump - batman-adv: Fix bat_v best gw refcnt after netlink dump - cxgb4: when disabling dcb set txq dcb priority to 0 - [x86] iio: pressure: bmp280: fix relative humidity unit - brcmfmac: stop watchdog before detach and free everything - ALSA: seq: Fix UBSAN warning at SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT ioctl - [arm64,armhf] usb: xhci: remove the code build warning - usb: xhci: increase CRS timeout value - NFC: pn533: Fix wrong GFP flag usage - perf test session topology: Fix test on s390 - perf report powerpc: Fix crash if callchain is empty - perf bench: Fix numa report output code - netfilter: nf_log: fix uninit read in nf_log_proc_dostring - ceph: fix dentry leak in splice_dentry() - [armhf] dmaengine: pl330: report BURST residue granularity - [arm64] dmaengine: k3dma: Off by one in k3_of_dma_simple_xlate() - md/raid10: fix that replacement cannot complete recovery after reassemble - nl80211: relax ht operation checks for mesh - [s390x] bpf, s390: fix potential memleak when later bpf_jit_prog fails - bnx2x: Fix receiving tx-timeout in error or recovery state. - acpi/nfit: fix cmd_rc for acpi_nfit_ctl to always return a value - ipvlan: call dev_change_flags when ipvlan mode is reset - HID: wacom: Correct touch maximum XY of 2nd-gen Intuos - tracing: Use __printf markup to silence compiler - smsc75xx: Add workaround for gigabit link up hardware errata. - ieee802154: 6lowpan: set IFLA_LINK - netfilter: x_tables: set module owner for icmp(6) matches - ipv6: make ipv6_renew_options() interrupt/kernel safe - [arm*] pxa: irq: fix handling of ICMR registers in suspend/resume - net/sched: act_tunnel_key: fix NULL dereference when 'goto chain' is used - ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem - ieee802154: at86rf230: use __func__ macro for debug messages - ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem - netfilter: nf_conntrack: Fix possible possible crash on module loading. - bnxt_en: Always set output parameters in bnxt_get_max_rings(). - bnxt_en: Fix for system hang if request_irq fails - nfit: fix unchecked dereference in acpi_nfit_ctl - RDMA/mlx5: Fix memory leak in mlx5_ib_create_srq() error path - [arm*] 8780/1: ftrace: Only set kernel memory back to read-only after boot - [armhf] DRA7/OMAP5: Enable ACTLR[0] (Enable invalidates of BTB) for secondary cores - [armhf] dts: am3517.dtsi: Disable reference to OMAP3 OTG controller - ixgbe: Be more careful when modifying MAC filters - packet: reset network header if packet shorter than ll reserved space - qlogic: check kstrtoul() for errors - tcp: remove DELAYED ACK events in DCTCP - drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply() - net: usb: rtl8150: demote allmulti message to dev_dbg() - tcp: identify cryptic messages as TCP seq # bugs - KVM: irqfd: fix race between EPOLLHUP and irq_bypass_register_consumer - ext4: fix spectre gadget in ext4_mb_regular_allocator() - [hppa/parisc] Remove ordered stores from syscall.S - xfrm_user: prevent leaking 2 bytes of kernel memory - netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state - packet: refine ring v3 block size test to hold one frame - [hppa/parisc] Remove unnecessary barriers from spinlock.h - PCI: hotplug: Don't leak pci_slot on registration failure - PCI: Skip MPS logic for Virtual Functions (VFs) - PCI: pciehp: Fix use-after-free on unplug - PCI: pciehp: Fix unprotected list iteration in IRQ handler - [armhf] i2c: imx: Fix race condition in dma read - reiserfs: fix broken xattr handling (heap corruption, bad retval) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.125 - vti6: fix PMTU caching and reporting on xmit - xfrm: fix missing dst_release() after policy blocking lbcast and multicast - xfrm: free skb if nlsk pointer is NULL - mac80211: add stations tied to AP_VLANs during hw reconfig - nl80211: Add a missing break in parse_station_flags - [arm64] drm/bridge: adv7511: Reset registers on hotplug - scsi: libiscsi: fix possible NULL pointer dereference in case of TMF - [armhf] drm/imx: imx-ldb: disable LDB on driver bind - [armhf] drm/imx: imx-ldb: check if channel is enabled before printing warning - usb: gadget: f_uac2: fix endianness of 'struct cntrl_*_lay3' - [ppc64el] bpf, ppc64: fix unexpected r0=0 exit path inside bpf_xadd - [x86] tools/power turbostat: fix -S on UP systems - qed: Fix possible race for the link state value. - qed: Correct Multicast API to reflect existence of 256 approximate buckets. - atl1c: reserve min skb headroom - [x86] perf/x86/amd/ibs: Don't access non-started event - bnx2x: Fix invalid memory access in rss hash config path. - qmi_wwan: fix interface number for DW5821e production firmware - [x86] boot: Fix if_changed build flip/flop bug - fscache: Allow cancelled operations to be enqueued - cachefiles: Fix refcounting bug in backing-file read monitoring - cachefiles: Wait rather than BUG'ing on "Unexpected object collision" - zswap: re-check zswap_is_full() after do zswap_shrink() - [x86] tools/power turbostat: Read extended processor family from CPUID - enic: handle mtu change for vf properly - squashfs metadata 2: electric boogaloo - Squashfs: Compute expected length from inode size rather than block length - drivers: net: lmc: fix case value for target abort error - memcg: remove memcg_cgroup::id from IDR on mem_cgroup_css_alloc() failure - scsi: fcoe: drop frames in ELS LOGO error path - scsi: fcoe: clear FC_RP_STARTED flags when receiving a LOGO - [x86] scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED - mm/memory.c: check return value of ioremap_prot - sched/sysctl: Check user input value of sysctl_sched_time_avg - Cipso: cipso_v4_optptr enter infinite loop (CVE-2018-10938) - [x86] mei: don't update offset in write - cifs: add missing debug entries for kconfig options - cifs: check kmalloc before use - smb3: enumerating snapshots was leaving part of the data off end - smb3: Do not send SMB3 SET_INFO if nothing changed - smb3: don't request leases in symlink creation and query - [arm64] kprobes: Fix %p uses in error messages - [arm64] mm: check for upper PAGE_SHIFT bits in pfn_valid() - [s390x] kvm: fix deadlock when killed by oom - ext4: check for NUL characters in extended attribute's name - ext4: sysfs: print ext4_super_block fields as little-endian - ext4: reset error code in ext4_find_entry in fallback - [arm64,armhf] KVM: Skip updating PTE entry if no change - [arm64,armhf] KVM: Skip updating PMD entry if no change - [x86] speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit - [x86] speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (Closes: #907581) - [x86] speculation/l1tf: Suggest what to do on systems with too much RAM - [x86] process: Re-export start_thread() - [x86] KVM: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled - [x86] kvm/vmx: Remove duplicate l1d flush definitions - fuse: Don't access pipe->buffers without pipe_lock() - fuse: fix initial parallel dirops - fuse: fix double request_end() - fuse: fix unlocked access to processing queue - fuse: umount should wait for all requests - fuse: Fix oops at process_init_reply() - fuse: Add missed unlock_page() to fuse_readpages_fill() - udl-kms: change down_interruptible to down - udl-kms: handle allocation failure - udl-kms: fix crash due to uninitialized memory - b43legacy/leds: Ensure NUL-termination of LED name string - b43/leds: Ensure NUL-termination of LED name string - ASoC: dpcm: don't merge format from invalid codec dai - ASoC: sirf: Fix potential NULL pointer dereference - [x86] irqflags: Mark native_restore_fl extern inline - [x86] spectre: Add missing family 6 check to microcode check - [x86] speculation/l1tf: Increase l1tf memory limit for Nehalem+ (Closes: #907581) - [x86] entry/64: Wipe KASAN stack shadow before rewind_stack_do_exit() - [s390x] qdio: reset old sbal_state flags - [s390x] pci: fix out of bounds access during irq setup - kprobes: Make list and blacklist root user read only - [mips*] lib: Provide MIPS64r6 __multi3() for GCC < 7 - scsi: sysfs: Introduce sysfs_{un,}break_active_protection() - scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock - iscsi target: fix session creation failure handling - [armhf] clk: rockchip: fix clk_i2sout parent selection bits on rk3399 - PM / clk: signedness bug in of_pm_clk_add_clks() - cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (CVE-2018-16658) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.126 - net: 6lowpan: fix reserved space for single frames - net: mac802154: tx: expand tailroom if necessary - 9p/net: Fix zero-copy path in the 9p virtio transport - [x86] drm/i915/userptr: reject zero user_size - libertas: fix suspend and resume for SDIO connected cards - [arm64] mailbox: xgene-slimpro: Fix potential NULL pointer dereference - [ppc64el] powerpc/pseries: Fix endianness while restoring of r3 in MCE handler. - PCI: Add wrappers for dev_printk() - [ppc64el] powerpc/powernv/pci: Work around races in PCI bridge enabling - [ppc64el] cxl: Fix wrong comparison in cxl_adapter_context_get() - ib_srpt: Fix a use-after-free in srpt_close_ch() - RDMA/rxe: Set wqe->status correctly if an unexpected response is received - fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed - 9p/virtio: fix off-by-one error in sg list bounds check - net/9p/client.c: version pointer uninitialized - net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() - dm thin: stop no_space_timeout worker when switching to write-mode - dm cache metadata: save in-core policy_hint_size to on-disk superblock - uart: fix race between uart_put_char() and uart_shutdown() - [x86] vmw_balloon: fix inflation of 64-bit GFNs - [x86] vmw_balloon: do not use 2MB without batching - [x86] vmw_balloon: VMCI_DOORBELL_SET does not check status - [x86] vmw_balloon: fix VMCI use when balloon built into kernel - [armhf] rtc: omap: fix potential crash on power off - tracing: Do not call start/stop() functions when tracing_on does not change - tracing/blktrace: Fix to allow setting same value - uprobes: Use synchronize_rcu() not synchronize_sched() - [arm64] mfd: hi655x: Fix regmap area declared size for hi655x - 9p: fix multiple NULL-pointer-dereferences - PM / sleep: wakeup: Fix build error caused by missing SRCU support - [x86] KVM: VMX: fixes for vmentry_l1d_flush module parameter - pnfs/blocklayout: off by one in bl_map_stripe() - NFSv4 client live hangs after live data migration recovery - Replace magic for trusting the secondary keyring with #define - [amd64] Fix kexec forbidding kernels signed with keys in the secondary keyring to boot - mm/tlb: Remove tlb_remove_table() non-concurrent condition - [x86] iommu/vt-d: Add definitions for PFSID - [x86] iommu/vt-d: Fix dev iotlb pfsid use - userns: move user access out of the mutex - ubifs: Fix memory leak in lprobs self-check - Revert "UBIFS: Fix potential integer overflow in allocation" - ubifs: Check data node size before truncate - ubifs: Fix synced_i_size calculation for xattr inodes - [armhf] pwm: tiehrpwm: Fix disabling of output of PWMs - fb: fix lost console when the user unplugs a USB adapter - udlfb: set optimal write delay - getxattr: use correct xattr length - [x86] libnvdimm: fix ars_status output length calculation - printk/tracing: Do not trace printk_nmi_enter() - bcache: release dc->writeback_lock properly in bch_writeback_thread() - perf auxtrace: Fix queue resize - [ppc64el] crypto: vmx - Fix sleep-in-atomic bugs - fs/quota: Fix spectre gadget in do_quotactl https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.127 - [i386] speculation/l1tf: Fix up pte->pfn conversion for PAE - act_ife: fix a potential use-after-free - ipv4: tcp: send zero IPID for RST and ACK sent in SYN-RECV and TIME-WAIT state - net: sched: Fix memory exposure from short TCA_U32_SEL - qlge: Fix netdev features configuration. - r8169: add support for NCube 8168 network card - tcp: do not restart timewait timer on rst reception - vti6: remove !skb->ignore_df check from vti6_xmit() - sctp: hold transport before accessing its asoc in sctp_transport_get_next - vhost: correctly check the iova range when waking virtqueue - [x86] hv_netvsc: ignore devices that are not PCI - act_ife: move tcfa_lock down to where necessary - act_ife: fix a potential deadlock - net: sched: action_ife: take reference to meta module - cifs: check if SMB2 PDU size has been padded and suppress the warning - hfsplus: don't return 0 when fill_super() failed - hfs: prevent crash on exit from failed search - sunrpc: Don't use stack buffer with scatterlist - fork: don't copy inconsistent signal handler state to child - reiserfs: change j_timestamp type to time64_t - hfsplus: fix NULL dereference in hfsplus_lookup() (CVE-2018-14617) - fat: validate ->i_start before using - scripts: modpost: check memory allocation results - virtio: pci-legacy: Validate queue pfn - mm/fadvise.c: fix signed overflow UBSAN complaint - fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() - ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() - [mips*] mfd: sm501: Set coherent_dma_mask when creating subdevices - [x86] platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 - net/9p/trans_fd.c: fix race by holding the lock - net/9p: fix error path of p9_virtio_probe - [ppc64el] perf probe powerpc: Fix trace event post-processing - block: bvec_nr_vecs() returns value for wrong slab - [s390x] dasd: fix hanging offline processing due to canceled worker - [s390x] dasd: fix panic for failed online processing - [x86] ACPI / scan: Initialize status to ACPI_STA_DEFAULT - scsi: aic94xx: fix an error code in aic94xx_init() - [armel,armhf] PCI: mvebu: Fix I/O space end address calculation - dm kcopyd: avoid softlockup in run_complete_job - RDS: IB: fix 'passing zero to ERR_PTR()' warning - smb3: fix reset of bytes read and written stats - SMB3: Number of requests sent should be displayed for SMB3 not just CIFS - [ppc64el] powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX. - [armhf] clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in rk3399 - btrfs: replace: Reset on-disk dev stats value after replace - btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized (CVE-2018-14609) - btrfs: Don't remove block group that still has pinned down bytes - [arm64] rockchip: Force CONFIG_PM on Rockchip systems - [arm*] rockchip: Force CONFIG_PM on Rockchip systems - drm/edid: Add 6 bpc quirk for SDC panel in Lenovo B50-80 - tcp: Revert "tcp: tcp_probe: use spin_lock_bh()" - [i386] pae: use 64 bit atomic xchg function in native_ptep_get_and_clear - irda: Fix memory leak caused by repeated binds of irda socket (CVE-2018-6554) - irda: Only insert new objects into the global database via setsockopt (CVE-2018-6555) - enic: do not call enic_change_mtu in enic_probe - Fix backport of "mm: numa: avoid waiting on freed migrated pages" - sch_htb: fix crash on init failure - sch_multiq: fix double free on init failure - sch_hhf: fix null pointer dereference on init failure - sch_netem: avoid null pointer deref on init failure - sch_tbf: fix two null pointer dereferences on init failure - [x86] mei: me: allow runtime pm for platform with D0i3 - [s390x] lib: use expoline for all bcr instructions - btrfs: use correct compare function of dirty_metadata_bytes - [arm64] Fix mismatched cache line size detection - [arm64] Handle mismatched cache type https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.128 - [x86] i2c: i801: fix DNV's SMBCTRL register offset - [s390x] KVM: s390: vsie: copy wrapping keys to right place - ALSA: hda - Fix cancel_work_sync() stall from jackpoll work - cfq: Give a chance for arming slice idle timer in case of group_idle - kthread: Fix use-after-free if kthread fork fails - [mips*] kthread: fix boot hang (regression) on MIPS/OpenRISC - [x86] staging: rt5208: Fix a sleep-in-atomic bug in xd_copy_page - [x86] staging/rts5208: Fix read overflow in memcpy - IB/rxe: do not copy extra stack memory to skb - block,blkcg: use __GFP_NOWARN for best-effort allocations in blkcg - nl80211: fix null-ptr dereference on invalid mesh configuration - locking/rwsem-xadd: Fix missed wakeup due to reordering of load - selinux: use GFP_NOWAIT in the AVC kmem_caches - locking/osq_lock: Fix osq_lock queue corruption - mm, vmscan: clear PGDAT_WRITEBACK when zone is balanced - mm: remove seemingly spurious reclaimability check from laptop_mode gating - [amd64] misc: mic: SCIF Fix scif_get_new_port() error handling - Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV - [arm64,armhf] gpio: tegra: Move driver registration to subsys_init level - scsi: target: fix __transport_register_session locking - md/raid5: fix data corruption of replacements after originals dropped - timers: Clear timer_base::must_forward_clk with timer_base::lock held - [arm64,armhf] misc: ti-st: Fix memory leak in the error path of probe() - uio: potential double frees if __uio_register_device() fails - [x86] tty: rocket: Fix possible buffer overwrite on register_PCI - f2fs: do not set free of current section - perf tools: Allow overriding MAX_NR_CPUS at compile time - NFSv4.0 fix client reference leak in callback - ath9k: report tx status on EOSP - ath9k_hw: fix channel maximum power level test - ath10k: prevent active scans on potential unusable channels - [arm64,armhf] wlcore: Set rx_status boottime_ns field on rx - [mips*] Fix ISA virt/bus conversion for non-zero PHYS_OFFSET - ata: libahci: Correct setting of DEVSLP register - scsi: 3ware: fix return 0 on the error path of probe - ath10k: disable bundle mgmt tx completion event support - Bluetooth: hidp: Fix handling of strncpy for hid->name information - [x86] mm: Remove in_nmi() warning from vmalloc_fault() - [x86] gpio: ml-ioh: Fix buffer underwrite on probe error path - [armhf] net: mvneta: fix mtu change on port without link - f2fs: try grabbing node page lock aggressively in sync scenario - f2fs: fix to skip GC if type in SSA and SIT is inconsistent - [x86] tpm/tpm_i2c_infineon: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT) - f2fs: fix to do sanity check with reserved blkaddr of inline inode (CVE-2018-13099) - [mips*] Octeon: add missing of_node_put() - [mips*] generic: fix missing of_node_put() - net: dcb: For wild-card lookups, use priority -1, not 0 - Input: atmel_mxt_ts - only use first T9 instance - [ppc64el] partitions/aix: append null character to print data from disk - [ppc64el] partitions/aix: fix usage of uninitialized lv_info and lvname structures - f2fs: Fix uninitialized return in f2fs_ioc_shutdown() - [armhf] mfd: ti_am335x_tscadc: Fix struct clk memory leak - f2fs: fix to do sanity check with {sit,nat}_ver_bitmap_bytesize - NFSv4.1: Fix a potential layoutget/layoutrecall deadlock - [mips*] WARN_ON invalid DMA cache maintenance, not BUG_ON - RDMA/cma: Do not ignore net namespace for unbound cm_id - xhci: Fix use-after-free in xhci_free_virt_device - netfilter: x_tables: avoid stack-out-of-bounds read in xt_copy_counters_from_user - mtd: ubi: wl: Fix error return code in ubi_wl_init() - autofs: fix autofs_sbi() does not check super block type - mm: get rid of vmacache_flush_all() entirely (CVE-2018-17182) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.129 - be2net: Fix memory leak in be_cmd_get_profile_config() - rds: fix two RCU related problems - net/mlx5: Fix use-after-free in self-healing flow - net/mlx5: Fix debugfs cleanup in the device init/remove flow - [arm64] iommu/arm-smmu-v3: sync the OVACKFLG to PRIQ consumer register - [i386] ALSA: msnd: Fix the default sample sizes - ALSA: usb-audio: Fix multiple definitions in AU0828_DEVICE() macro - xfrm: fix 'passing zero to ERR_PTR()' warning - gfs2: Special-case rindex for gfs2_grow - clk: clk-fixed-factor: Clear OF_POPULATED flag in case of failure - media: tw686x: Fix oops on buffer alloc failure - [armhf] dmaengine: pl330: fix irq race with terminate_all - media: videobuf2-core: check for q->error in vb2_core_qbuf() - IB/rxe: Drop QP0 silently - gfs2: Don't reject a supposedly full bitmap if we have blocks reserved - fbdev: Distinguish between interlaced and progressive modes - [ppc64el] powerpc/powernv: opal_put_chars partial write fix - mac80211: restrict delayed tailroom needed decrement - Smack: Fix handling of IPv4 traffic received by PF_INET6 sockets - [arm64,armhf] efi/arm: preserve early mapping of UEFI memory map longer for BGRT - nfp: avoid buffer leak when FW communication fails - xen-netfront: fix queue name setting - [arm64] dts: qcom: db410c: Fix Bluetooth LED trigger - [arm64] dts: qcom: msm8974-hammerhead: increase load on l20 for sdhci - [s390x] qeth: fix race in used-buffer accounting - [s390x] qeth: reset layer2 attribute on layer switch - [arm64,armhf] KVM: arm/arm64: Fix vgic init race - drivers/base: stop new probing during shutdown - [arm64] dmaengine: mv_xor_v2: kill the tasklets upon exit - xen-netfront: fix warn message as irq device name has '/' - RDMA/cma: Protect cma dev list with lock - [x86] pstore: Fix incorrect persistent ram buffer mapping - xen/netfront: fix waiting for xenbus state change - [armhf] mmc: omap_hsmmc: fix wakeirq handling on removal - misc: hmc6352: fix potential Spectre v1 - usb: Don't die twice if PCI xhci host is not responding in resume - [x86] mei: ignore not found client in the enumeration - USB: Add quirk to support DJI CineSSD - usb: uas: add support for more quirk flags - usb: Avoid use-after-free by flushing endpoints early in usb_set_interface() - usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in u132_get_frame() - USB: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB controller - USB: net2280: Fix erroneous synchronization change - USB: serial: io_ti: fix array underflow in completion handler - usb: misc: uss720: Fix two sleep-in-atomic-context bugs - USB: serial: ti_usb_3410_5052: fix array underflow in completion handler - USB: yurex: Fix buffer over-read in yurex_write() - usb: cdc-wdm: Fix a sleep-in-atomic-context bug in service_outstanding_interrupt() - Revert "cdc-acm: implement put_char() and flush_chars()" - cifs: prevent integer overflow in nxt_dir_entry() - CIFS: fix wrapping bugs in num_entries() - perf/core: Force USER_DS when recording user stack data - NFSv4.1 fix infinite loop on I/O. - binfmt_elf: Respect error return from `regset->active' - audit: fix use-after-free in audit_add_watch - mtdchar: fix overflows in adjustment of `count` - configfs: fix registered group removal - efi/esrt: Only call efi_mem_reserve() for boot services memory - [armhf] gpu: ipu-v3: csi: pass back mbus_code_to_bus_cfg error codes - [arm64,armhf] mmc: tegra: prevent HS200 on Tegra 3 - mmc: sdhci: do not try to use 3.3V signaling if not supported - drm/nouveau: tegra: Detach from ARM DMA/IOMMU mapping - [amd64] drm/amdkfd: Fix error codes in kfd_get_process - ALSA: pcm: Fix snd_interval_refine first/last with open min/max - [arm64] pinctrl: qcom: spmi-gpio: Fix pmic_gpio_config_get() to be compliant - [x86] mei: bus: type promotion bug in mei_nfc_if_version() - [mips*] VDSO: Match data page cache colouring when D$ aliases - Fix link state change interrupts identification (Closes: #896911) + e1000e: Remove Other from EIAC + Partial revert "e1000e: Avoid receiver overrun interrupt bursts" + e1000e: Fix queue interrupt re-raising in Other interrupt + e1000e: Avoid missed interrupts following ICR read + Revert "e1000e: Separate signaling for link check/link up" + e1000e: Fix link check race condition https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.130 - [x86] NFC: Fix possible memory corruption when handling SHDLC I-Frame commands - NFC: Fix the number of pipes - ALSA: bebob: fix memory leak for M-Audio FW1814 and ProjectMix I/O at error path - ALSA: bebob: use address returned by kmalloc() instead of kernel stack for streaming DMA mapping - ALSA: emu10k1: fix possible info leak to userspace on SNDRV_EMU10K1_IOCTL_INFO - ALSA: firewire-digi00x: fix memory leak of private data - ALSA: firewire-tascam: fix memory leak of private data - ALSA: fireworks: fix memory leak of response buffer at error path - ALSA: oxfw: fix memory leak for model-dependent data at error path - ALSA: oxfw: fix memory leak of discovered stream formats at error path - ALSA: oxfw: fix memory leak of private data - [x86] platform/x86: alienware-wmi: Correct a memory leak - xen/netfront: don't bug in case of too many frags - [x86] xen/x86/vpmu: Zero struct pt_regs before calling into sample handling code - Revert "PCI: Add ACS quirk for Intel 300 series" - ring-buffer: Allow for rescheduling when removing pages - mm: shmem.c: Correctly annotate new inodes for lockdep - gso_segment: Reset skb->mac_len after modifying network header - ipv6: fix possible use-after-free in ip6_xmit() - net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT - [x86] net: hp100: fix always-true check for link up state - udp4: fix IP_CMSG_CHECKSUM for connected sockets - neighbour: confirm neigh entries when ARP packet is received - ocfs2: fix ocfs2 read block panic - drm/nouveau/drm/nouveau: Fix bogus drm_kms_helper_poll_enable() placement - drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume() in connector_detect() - drm/nouveau/drm/nouveau: Prevent handling ACPI HPD events too early - [arm64,armhf] drm/vc4: Fix the "no scaling" case on multi-planar YUV formats - tty: vt_ioctl: fix potential Spectre v1 - ext4: check to make sure the rename(2)'s destination is not freed - ext4: avoid divide by zero fault when deleting corrupted inline directories - ext4: recalucate superblock checksum after updating free blocks/inodes - ext4: fix online resize's handling of a too-small final block group - ext4: fix online resizing for bigalloc file systems with a 1k block size - ext4: don't mark mmp buffer head dirty - ext4: show test_dummy_encryption mount option in /proc/mounts - sched/fair: Fix vruntime_normalized() for remote non-migration wakeup - HID: sony: Update device ids - HID: sony: Support DS4 dongle - [arm64] PCI: aardvark: Size bridges before resources allocation - vmw_balloon: include asm/io.h - iw_cxgb4: only allow 1 flush on user qps [ Salvatore Bonaccorso ] * [rt] Update to 4.9.115-rt93 * [rt] Drop 0145-stop_machine-Use-raw-spinlocks.patch patch * [rt] Drop 0144-stop_machine-convert-stop_machine_run-to-PREEMPT_RT.patch patch * [rt] Refresh 0225-fs-dcache-use-swait_queue-instead-of-waitqueue.patch patch * [rt] Refresh 0156-softirq-Split-softirq-locks.patch patch for context changes in 4.9.120 * [rt] Refresh 0161-softirq-wake-the-timer-softirq-if-needed.patch for context changes in 4.9.120 * [rt] Refresh 0001-timer-make-the-base-lock-raw.patch for context changes in 4.9.128 * [rt] Refresh 0162-timers-Don-t-wake-ktimersoftd-on-every-tick.patch for context changes in 4.9.128 * [rt] Refresh 0163-Revert-timers-Don-t-wake-ktimersoftd-on-every-tick.patch for context changes in 4.9.128 * [rt] Refresh 0246-irqwork-push-most-work-into-softirq-context.patch for context changes in 4.9.128 * [rt] Refresh 0247-irqwork-Move-irq-safe-work-to-irq-context.patch for context changes in 4.9.128 * NFC: Ignore ABI changes [ Ben Hutchings ] * [arm64] cpucaps: Avoid ABI changes in 4.9.114 * iio: Avoid ABI change in 4.9.111 * exec: Avoid ABI change in 4.9.116 * net: Avoid ABI change in 4.9.115 * Revert "netfilter: ipv6: nf_defrag: reduce struct net memory waste" to avoid an ABI change * Revert core changes in "tcp: remove DELAYED ACK events in DCTCP" to avoid an ABI change * string: Avoid ABI change in 4.9.114 * Revert "proc/sysctl: prune stale dentries during unregistering" etc. to avoid an ABI change * tcp: Avoid ABI change in 4.9.116 * vmw_vsock: Ignore ABI changes * loop: Ignore ABI changes * KVM: Ignore ABI changes on all architectures * xen: Ignore ABI changes * [x86] cpu: Avoid ABI change in 4.9.125 * [mips*] Revert "MIPS: Correct the 64-bit DSP accumulator register size" temporarily to avoid an ABI change * debian/control: Point Vcs URLs to Salsa * README.Debian: Update URLs that were pointing to Alioth * mm: Avoid ABI change in 4.9.128 [ Moritz Muehlenhoff ] * megaraid_sas: Add support for Perc 740P/840 (Closes: #890034) -- Salvatore Bonaccorso Wed, 10 Oct 2018 07:14:31 +0200 linux (4.9.110-3+deb9u6) stretch-security; urgency=high * [arm64] KVM: Tighten guest core register access from userspace (CVE-2018-18021) * [arm64] KVM: Sanitize PSTATE.M when being set from userspace (CVE-2018-18021) * xen-netback: fix input validation in xenvif_set_hash_mapping() (CVE-2018-15471) -- Salvatore Bonaccorso Mon, 08 Oct 2018 08:05:17 +0200 linux (4.9.110-3+deb9u5) stretch-security; urgency=high [ Salvatore Bonaccorso ] * irda: Fix memory leak caused by repeated binds of irda socket (CVE-2018-6554) * irda: Only insert new objects into the global database via setsockopt (CVE-2018-6555) * mm: get rid of vmacache_flush_all() entirely (CVE-2018-17182) * floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (CVE-2018-7755) * Bluetooth: hidp: buffer overflow in hidp_process_report (CVE-2018-9363) * ALSA: rawmidi: Change resized buffers atomically (CVE-2018-10902) * scsi: target: iscsi: Use hex2bin instead of a re-implementation (CVE-2018-14633) * [x86] entry/64: Remove %ebx handling from error_entry/exit (CVE-2018-14678) * infiniband: fix a possible use-after-free bug (CVE-2018-14734) * [x86] speculation: Protect against userspace-userspace spectreRSB (CVE-2018-15572) * [x86] paravirt: Fix spectre-v2 mitigations for paravirt guests (CVE-2018-15594) [ Ben Hutchings ] * mm: Avoid ABI change for CVE-2018-17182 fix * HID: debug: check length before copy_to_user() (CVE-2018-9516) * Cipso: cipso_v4_optptr enter infinite loop (CVE-2018-10938) * f2fs: fix to do sanity check with reserved blkaddr of inline inode (CVE-2018-13099) * btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized (CVE-2018-14609) * hfsplus: fix NULL dereference in hfsplus_lookup() (CVE-2018-14617) * USB: yurex: fix out-of-bounds uaccess in read handler (CVE-2018-16276) * cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (CVE-2018-16658) -- Ben Hutchings Sun, 30 Sep 2018 17:37:51 +0100 linux (4.9.110-3+deb9u4) stretch-security; urgency=high * init: rename and re-order boot_cpu_state_init() Adresses boot failures on arm* systems. (Closes: #906769) * Sync "cpu/hotplug: Boot HT siblings at least once" from 4.9.120 * Sync "cpu/hotplug: Non-SMP machines do not make use of booted_once" from 4.9.120 * Refresh features/all/rt/0157-softirq-Split-softirq-locks.patch patch. Adjust context after applying "init: rename and re-order boot_cpu_state_init()". -- Salvatore Bonaccorso Tue, 21 Aug 2018 16:50:09 +0200 linux (4.9.110-3+deb9u3) stretch-security; urgency=high [ Salvatore Bonaccorso ] * Add L1 Terminal Fault fixes (CVE-2018-3620, CVE-2018-3646) - [x86] speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT - [x86] mm: move _PAGE_SWP_SOFT_DIRTY from bit 7 to bit 1 - [x86] speculation/l1tf: Change order of offset/type in swap entry - [x86] speculation/l1tf: Protect swap entries against L1TF - [x86] speculation/l1tf: Protect PROT_NONE PTEs against speculation - [x86] speculation/l1tf: Make sure the first page is always reserved - [x86] speculation/l1tf: Add sysfs reporting for l1tf - [x86] speculation/l1tf: Disallow non privileged high MMIO PROT_NONE mappings - [x86] speculation/l1tf: Limit swap file size to MAX_PA/2 - [x86] bugs: Move the l1tf function and define pr_fmt properly - [x86] smp: Provide topology_is_primary_thread() - [x86] topology: Provide topology_smt_supported() - cpu/hotplug: Make bringup/teardown of smp threads symmetric - cpu/hotplug: Split do_cpu_down() - cpu/hotplug: Provide knobs to control SMT - [x86] cpu: Remove the pointless CPU printout - [x86] cpu/AMD: Remove the pointless detect_ht() call - [x86] cpu/common: Provide detect_ht_early() - [x86] cpu/topology: Provide detect_extended_topology_early() - [x86] cpu/intel: Evaluate smp_num_siblings early - [x86] CPU/AMD: Do not check CPUID max ext level before parsing SMP info - [x86] cpu/AMD: Evaluate smp_num_siblings early - [x86] apic: Ignore secondary threads if nosmt=force - [x86] speculation/l1tf: Extend 64bit swap file size limit - [x86] cpufeatures: Add detection of L1D cache flush support. - [x86] CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings - [x86] speculation/l1tf: Protect PAE swap entries against L1TF - [x86] speculation/l1tf: Fix up pte->pfn conversion for PAE - Revert "[x86] apic: Ignore secondary threads if nosmt=force" - cpu/hotplug: Boot HT siblings at least once - [x86] KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being present - [x86] KVM/VMX: Add module argument for L1TF mitigation - [x86] KVM/VMX: Add L1D flush algorithm - [x86] KVM/VMX: Add L1D MSR based flush - [x86] KVM/VMX: Add L1D flush logic - kvm: nVMX: Update MSR load counts on a VMCS switch - [x86] KVM/VMX: Split the VMX MSR LOAD structures to have an host/guest numbers - [x86] KVM/VMX: Add find_msr() helper function - [x86] KVM/VMX: Separate the VMX AUTOLOAD guest/host number accounting - [x86] KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER only MSRs - [x86] KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required - cpu/hotplug: Online siblings when SMT control is turned on - [x86] litf: Introduce vmx status variable - [x86] kvm: Drop L1TF MSR list approach - [x86] l1tf: Handle EPT disabled state proper - [x86] kvm: Move l1tf setup function - [x86] kvm: Add static key for flush always - [x86] kvm: Serialize L1D flush parameter setter - [x86] kvm: Allow runtime control of L1D flush - cpu/hotplug: Expose SMT control init function - cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early - [x86] bugs, kvm: Introduce boot-time control of L1TF mitigations - Documentation: Add section about CPU vulnerabilities - [x86] KVM/VMX: Initialize the vmx_l1d_flush_pages' content - Documentation/l1tf: Fix typos - cpu/hotplug: detect SMT disabled by BIOS - [x86] KVM/VMX: Don't set l1tf_flush_l1d to true from vmx_l1d_flush() - [x86] KVM/VMX: Replace 'vmx_l1d_flush_always' with 'vmx_l1d_flush_cond' - [x86] KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() - [x86] irq: Demote irq_cpustat_t::__softirq_pending to u16 - [x86] KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d - [x86] Don't include linux/irq.h from asm/hardirq.h - [x86] irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d - [x86] KVM/VMX: Don't set l1tf_flush_l1d from vmx_handle_external_intr() - Documentation/l1tf: Remove Yonah processors from not vulnerable list - [x86] KVM: x86: Add a framework for supporting MSR-based features - KVM: SVM: Add MSR-based feature support for serializing LFENCE - [x86] KVM: X86: Introduce kvm_get_msr_feature() - [x86] KVM: X86: Allow userspace to define the microcode version - KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR - [x86] speculation: Simplify sysfs report of VMX L1TF vulnerability - [x86] speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry - KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry - cpu/hotplug: Fix SMT supported evaluation - [x86] speculation/l1tf: Invert all not present mappings - [x86] speculation/l1tf: Make pmd/pud_mknotpresent() invert - [x86] mm/pat: Make set_memory_np() L1TF safe - [x86] mm/kmmio: Make the tracer robust against L1TF - tools headers: Synchronise x86 cpufeatures.h for L1TF additions - [x86] microcode: Do not upload microcode if CPUs are offline - [x86] microcode: Allow late microcode loading with SMT disabled - [x86] smp: fix non-SMP broken build due to redefinition of apic_id_is_primary_thread - cpu/hotplug: Non-SMP machines do not make use of booted_once - [x86] init: fix build with CONFIG_SWAP=n - [x86] speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED architectures - [x86] cpu/amd: Limit cpu_core_id fixup to families older than F17h - [x86] CPU/AMD: Have smp_num_siblings and cpu_llc_id always be present - [x86] l1tf: Fix build error seen if CONFIG_KVM_INTEL is disabled - [x86] i8259: Add missing include file - [x86] speculation/l1tf: Exempt zeroed PTEs from inversion [ Yves-Alexis Perez ] * [rt] refresh 0284-cpu-rt-Rework-cpu-down-for-PREEMPT_RT and 0286-kernel-cpu-fix-cpu-down-problem-if-kthread-s-cpu-is- context after applying L1TF fixes. * [rt] update 0281-random-Make-it-work-on-rt to fix builds with recent compilers. [ Ben Hutchings ] * Bump ABI to 8 -- Salvatore Bonaccorso Sun, 19 Aug 2018 15:36:38 +0200 linux (4.9.110-3+deb9u2) stretch-security; urgency=high * Revert "net: increase fragment memory usage limits" -- Salvatore Bonaccorso Mon, 13 Aug 2018 21:31:37 +0200 linux (4.9.110-3+deb9u1) stretch-security; urgency=high [ Romain Perier ] * fs: Fix up non-directory creation in SGID directories (CVE-2018-13405) [ Salvatore Bonaccorso ] * tcp: free batches of packets in tcp_prune_ofo_queue() * tcp: avoid collapses in tcp_prune_queue() if possible * tcp: detect malicious patterns in tcp_collapse_ofo_queue() * tcp: call tcp_drop() from tcp_data_queue_ofo() -- Salvatore Bonaccorso Fri, 03 Aug 2018 20:30:23 +0200 linux (4.9.110-3) stretch; urgency=medium [ Salvatore Bonaccorso ] * cdc_ncm: avoid padding beyond end of skb (Closes: #893393) * Revert "sit: reload iphdr in ipip6_rcv" (Closes: #903776) -- Ben Hutchings Mon, 23 Jul 2018 17:47:13 +0100 linux (4.9.110-2) stretch; urgency=medium [ Cyril Brulebois ] * udeb: Add virtio_console to virtio-modules (Closes: #903122). [ Ben Hutchings ] * [x86] xen: Fix boot regression in PV domains (Closes: #903767): - x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths - x86/cpu: Re-apply forced caps every time CPU caps are re-read * ext4: fix false negatives *and* false positives in ext4_check_descriptors() (Closes: #903838) * xen-netfront: Fix regressions in 4.9.104 (Closes: #903914): - Fix mismatched rtnl_unlock - Update features after registering netdev -- Ben Hutchings Wed, 18 Jul 2018 18:57:56 +0100 linux (4.9.110-1) stretch; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.108 - tpm: do not suspend/resume if power stays on - tpm: self test failure should not cause suspend to fail - mmap: introduce sane default mmap limits - mmap: relax file size limit for regular files - btrfs: define SUPER_FLAG_METADUMP_V2 - drm: set FMODE_UNSIGNED_OFFSET for drm files - bnx2x: use the right constant - dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect() - enic: set DMA mask to 47 bit - ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds - ipv4: remove warning in ip_recv_error - isdn: eicon: fix a missing-check bug - net/packet: refine check for priv area size - net: usb: cdc_mbim: add flag FLAG_SEND_ZLP - packet: fix reserve calculation - qed: Fix mask for physical address in ILT entry - sctp: not allow transport timeout value less than HZ/5 for hb_timer - team: use netdev_features_t instead of u32 - vhost: synchronize IOTLB message with dev cleanup - vrf: check the original netdevice for generating redirect - net/mlx4: Fix irq-unsafe spinlock usage - rtnetlink: validate attributes in do_setlink() - net: phy: broadcom: Fix bcm_write_exp() - net: metrics: add proper netlink validation - dm bufio: avoid false-positive Wmaybe-uninitialized warning - objtool: complete e390f9a port for v4.9.106 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.109 - [x86] fpu: Hard-disable lazy FPU mode - bonding: correctly update link status during mii-commit phase - bonding: fix active-backup transition - bonding: require speed/duplex only for 802.3ad, alb and tlb - nvme-pci: initialize queue memory before interrupts - af_key: Always verify length of provided sadb_key - [x86] crypto, x86/fpu: Remove X86_FEATURE_EAGER_FPU #ifdef from the crc32c code - nvmet: Move serial number from controller to subsystem - nvmet: don't report 0-bytes in serial number - nvmet: don't overwrite identify sn/fr with 0-bytes - gpio: No NULL owner - [x86] KVM: introduce linear_{read,write}_system - [x86] KVM: pass kvm_vcpu to kvm_read_guest_virt and kvm_write_guest_virt_system - usbip: vhci_sysfs: fix potential Spectre v1 (CVE-2017-5753) - [armhf] serial: samsung: fix maxburst parameter for DMA transactions - [armhf] serial: 8250: omap: Fix idling of clocks for unused uarts - [x86] vmw_balloon: fixing double free when batching mode is off - [armhf,arm64] tty: pl011: Avoid spuriously stuck-off interrupts - [x86] kvm: use correct privilege level for sgdt/sidt/fxsave/fxrstor access (CVE-2018-10853) - [powerpc*] crypto: vmx - Remove overly verbose printk from AES init routines - [armhf] crypto: omap-sham - fix memleak https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.110 - xfrm6: avoid potential infinite loop in _decode_session6() - netfilter: ebtables: handle string from userspace with care - ipvs: fix buffer overflow with sync daemon and service - iwlwifi: pcie: compare with number of IRQs requested for, not number of CPUs - atm: zatm: fix memcmp casting - [x86] platform: asus-wmi: Fix NULL pointer dereference - Revert "Btrfs: fix scrub to repair raid6 corruption" - tcp: do not overshoot window_clamp in tcp_rcv_space_adjust() - Btrfs: make raid6 rebuild retry more - [armhf] usb: musb: fix remote wakeup racing with suspend - bonding: re-evaluate force_primary when the primary slave name changes - ipv6: allow PMTU exceptions to local routes - net/sched: act_simple: fix parsing of TCA_DEF_DATA - tcp: verify the checksum of the first data segment in a new connection - ext4: fix hole length detection in ext4_ind_map_blocks() - ext4: update mtime in ext4_punch_hole even if no blocks are released - ext4: fix fencepost error in check for inode count overflow during resize - driver core: Don't ignore class_dir_create_and_add() failure. - Btrfs: fix clone vs chattr NODATASUM race - Btrfs: fix memory and mount leak in btrfs_ioctl_rm_dev_v2() - btrfs: scrub: Don't use inode pages for device replace - ALSA: hda - Handle kzalloc() failure in snd_hda_attach_pcm_stream() - smb3: on reconnect set PreviousSessionId field - cpufreq: Fix new policy initialization during limits updates via sysfs - libata: zpodd: make arrays cdb static, reduces object code size - libata: zpodd: small read overflow in eject_tray() - libata: Drop SanDisk SD7UB3Q*G1001 NOLPM quirk - [x86] HID: intel_ish-hid: ipc: register more pm callbacks to support hibernation - vhost: fix info leak due to uninitialized memory (CVE-2018-1118) - fs/binfmt_misc.c: do not allow offset overflow [ Ben Hutchings ] * netfilter: xt_hashlimit: Fix integer divide round to zero. (Closes: #872907) * [arm64,powerpc*,x86] drm/ast: Add support for new chips and boards (Closes: #860900): - drm/ast: const'ify mode setting tables - drm/ast: Remove spurrious include - drm/ast: Fix calculation of MCLK - drm/ast: Base support for AST2500 - drm/ast: Fixed vram size incorrect issue on POWER - drm/ast: Factor mmc_test code in POST code - drm/ast: Rename ast_init_dram_2300 to ast_post_chip_2300 - drm/ast: POST code for the new AST2500 * ext4: add corruption check in ext4_xattr_set_entry() (CVE-2018-10879) * ext4: always verify the magic number in xattr blocks (CVE-2018-10879) * ext4: always check block group bounds in ext4_init_block_bitmap() (CVE-2018-10878) * ext4: make sure bitmaps and the inode table don't overlap with bg descriptors (CVE-2018-10878) * ext4: only look at the bg_flags field if it is valid (CVE-2018-10876) * ext4: verify the depth of extent tree in ext4_find_extent() (CVE-2018-10877) * ext4: clear i_data in ext4_inode_info when removing inline data (CVE-2018-10881) * ext4: never move the system.data xattr out of the inode body (CVE-2018-10880) * jbd2: don't mark block as modified if the handle is out of credits (CVE-2018-10883) * ext4: avoid running out of journal credits when appending to an inline file (CVE-2018-10883) * ext4: add more inode number paranoia checks (CVE-2018-10882) * sr: pass down correctly sized SCSI sense buffer (CVE-2018-11506) * nvme: Ignore ABI changes * tpm: Ignore ABI changes [ Romain Perier ] * jfs: Fix inconsistency between memory allocation and ea_buf->max_size (CVE-2018-12233) -- Ben Hutchings Thu, 05 Jul 2018 02:29:30 +0100 linux (4.9.107-1) stretch; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.89 - drm: qxl: Don't alloc fbdev if emulation is not supported - selinux: check for address length in selinux_socket_bind() - [x86] x86/mm: Make mmap(MAP_32BIT) work correctly - perf sort: Fix segfault with basic block 'cycles' sort dimension - [x86] x86/mce: Handle broadcasted MCE gracefully with kexec - ath10k: fix fetching channel during potential radar detection - usb: misc: lvs: fix race condition in disconnect handling - zd1211rw: fix NULL-deref at probe - batman-adv: handle race condition for claims between gateways - [x86] x86/boot/32: Defer resyncing initial_page_table until per-cpu is set up - media: i2c/soc_camera: fix ov6650 sensor getting wrong clock - timers, sched_clock: Update timeout for clock wrap - sched: act_csum: don't mangle TCP and UDP GSO packets - PCI: hv: Properly handle PCI bus remove - PCI: hv: Lock PCI bus on device eject - i40e/i40evf: Fix use after free in Rx cleanup path - scsi: be2iscsi: Check tag in beiscsi_mccq_compl_wait - mm: Fix false-positive VM_BUG_ON() in page_cache_{get,add}_speculative() - f2fs: relax node version check for victim data in gc - drm/ttm: never add BO that failed to validate to the LRU list - powerpc/mm/hugetlb: Filter out hugepage size not supported by page table layout - NFC: nfcmrvl: double free on error path - [powerpc*] powerpc: Avoid taking a data miss on every userspace instruction miss - printk: Correctly handle preemption in console_unlock() - drm: rcar-du: Handle event when disabling CRTCs - apparmor: Make path_max parameter readonly - iommu/iova: Fix underflow bug in __alloc_and_insert_iova_range - kvm: nVMX: Disallow userspace-injected exceptions in guest mode - [mips*] MIPS: BPF: Quit clobbering callee saved registers in JIT code. - [mips*] MIPS: BPF: Fix multiple problems in JIT skb access helpers. - [mips*] MIPS: r2-on-r6-emu: Fix BLEZL and BGTZL identification - [mips*] MIPS: r2-on-r6-emu: Clear BLTZALL and BGEZALL debugfs counters - v4l: vsp1: Prevent multiple streamon race commencing pipeline early - regulator: isl9305: fix array size - md/raid6: Fix anomily when recovering a single device in RAID6. - [powerpc*] powerpc/nohash: Fix use of mmu_has_feature() in setup_initial_memory_limit() - usb: dwc2: Make sure we disconnect the gadget state - [arm*] drivers/perf: arm_pmu: handle no platform_device - [x86] kprobes/x86: Set kprobes pages read-only - Bluetooth: Avoid bt_accept_unlink() double unlinking - Bluetooth: 6lowpan: fix delay work init in add_peer_chan() - wil6210: fix memory access violation in wil_memcpy_from/toio_32 - sched: Stop switched_to_rt() from sending IPIs to offline CPUs - sched: Stop resched_cpu() from sending IPIs to offline CPUs - mwifiex: cfg80211: do not change virtual interface during scan processing - media: cpia2: Fix a couple off by one bugs - drm/amdkfd: Fix memory leaks in kfd topology - [i386] x86/boot/32: Fix UP boot on Quark and possibly other platforms - [i386] x86/vm86/32: Fix POPF emulation - [i386] x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32-bit kernels - [x86] x86/speculation: Remove Skylake C2 from Speculation Control microcode blacklist - [x86] x86/mm: Fix vmalloc_fault to use pXd_large - ALSA: pcm: Fix UAF in snd_pcm_oss_get_formats() - ALSA: seq: Fix possible UAF in snd_seq_check_queue() - fs: Teach path_connected to handle nfs filesystems with multiple roots. - lock_parent() needs to recheck if dentry got __dentry_kill'ed under it - btrfs: alloc_chunk: fix DUP stripe size handling - btrfs: Fix use-after-free when cleaning up fs_devs with a single stale device https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.90 - tpm: fix potential buffer overruns caused by bit glitches on the bus - SMB3: Validate negotiate request must always be signed - CIFS: Enable encryption during session setup phase (CVE-2018-1066) - ath: Fix updating radar flags for coutry code India - mwifiex: don't leak 'chan_stats' on reset - [x86] x86/reboot: Turn off KVM when halting a CPU - IB/ipoib: Fix deadlock between ipoib_stop and mcast join flow - HSI: ssi_protocol: double free in ssip_pn_xmit() - IB/mlx4: Take write semaphore when changing the vma struct - IB/mlx4: Change vma from shared to private - IB/mlx5: Take write semaphore when changing the vma struct - IB/mlx5: Change vma from shared to private - ibmvnic: Disable irq prior to close - netfilter: xt_CT: fix refcnt leak on error path - tipc: check return value of nlmsg_new - wan: pc300too: abort path on failure - qlcnic: fix unchecked return value - infiniband/uverbs: Fix integer overflows - pNFS: Fix use after free issues in pnfs_do_read() - xprtrdma: Cancel refresh worker during buffer shutdown - NFS: don't try to cross a mountpount when there isn't one there. - mt7601u: check return value of alloc_skb - libertas: check return value of alloc_workqueue - rndis_wlan: add return value validation - Btrfs: fix incorrect space accounting after failure to insert inline extent - Btrfs: send, fix file hole not being preserved due to inline extent - Btrfs: fix extent map leak during fallocate error path - mac80211: don't parse encrypted management frames in ieee80211_frame_acked - mtip32xx: use runtime tag to initialize command header - [x86] x86/KASLR: Fix kexec kernel boot crash when KASLR randomization fails - mac80211: Fix possible sband related NULL pointer de-reference - netfilter: x_tables: unlock on error in xt_find_table_lock() - IB/hfi1: Fix softlockup issue - ipmi/watchdog: fix wdog hang on panic waiting for ipmi response - drm/amdgpu: fix gpu reset crash - qed: Unlock on error in qed_vf_pf_acquire() - bnx2x: Align RX buffers - [ppc*] power: supply: isp1704: Fix unchecked return value of devm_kzalloc - [ppc*] power: supply: pda_power: move from timer to delayed_work - md/raid10: skip spare disk as 'first' disk - ACPI / power: Delay turning off unused power resources after suspend - tcm_fileio: Prevent information leak for short reads - video: fbdev: udlfb: Fix buffer on stack - sm501fb: don't return zero on failure path in sm501fb_start() - pNFS: Fix a deadlock when coalescing writes and returning the layout - net: hns: fix ethtool_get_strings overflow in hns driver - cifs: small underflow in cnvrtDosUnixTm() - ath10k: fix out of bounds access to local buffer - block/mq: Cure cpu hotplug lock inversion - Bluetooth: btqcomsmd: Fix skb double free corruption - media: c8sectpfe: fix potential NULL pointer dereference in c8sectpfe_timer_interrupt - drm/msm: fix leak in failed get_pages - RDMA/iwpm: Fix uninitialized error code in iwpm_send_mapinfo() - rtlwifi: rtl_pci: Fix the bug when inactiveps is enabled. - media: bt8xx: Fix err 'bt878_probe()' - dmaengine: zynqmp_dma: Fix race condition in the probe - drm/tilcdc: ensure nonatomic iowrite64 is not used - mmc: avoid removing non-removable hosts during suspend - IB/ipoib: Avoid memory leak if the SA returns a different DGID - RDMA/cma: Use correct size when writing netlink stats - iommu/vt-d: clean up pr_irq if request_threaded_irq fails - RDMA/ocrdma: Fix permissions for OCRDMA_RESET_STATS - IB/mlx5: Fix out-of-bounds read in create_raw_packet_qp_rq - RDMA/ucma: Fix access to non-initialized CM_ID object https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.91 - libata: fix length validation of ATAPI-relayed SCSI commands - libata: Apply NOLPM quirk to Crucial MX100 512GB SSDs - libata: disable LPM for Crucial BX100 SSD 500GB drive - libata: Enable queued TRIM for Samsung SSD 860 - libata: Apply NOLPM quirk to Crucial M500 480 and 960GB SSDs - libata: Make Crucial BX100 500GB LPM quirk apply to all firmware versions - libata: Modify quirks for MX100 to limit NCQ_TRIM quirk to MU01 version - nfsd: remove blocked locks on client teardown - mm/vmalloc: add interfaces to free unmapped page table - drm: udl: Properly check framebuffer mmap offsets (CVE-2018-8781) - mtd: nand: fsl_ifc: Fix eccstat array overflow for IFC ver >= 2.0.0 - staging: ncpfs: memory corruption in ncp_read_kernel() (CVE-2018-8822) - can: cc770: Fix use after free in cc770_tx_interrupt() - kvm/x86: fix icebp instruction handling (CVE-2018-1087) - [x86] x86/entry/64: Don't use IST entry for #BP stack (CVE-2018-8897) - bpf: skip unnecessary capability check https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.92 - scsi: sg: don't return bogus Sg_requests - net sched actions: return explicit error when tunnel_key mode is not specified - ppp: avoid loop in xmit recursion detection code - sch_netem: fix skb leak in netem_enqueue() - ieee802154: 6lowpan: fix possible NULL deref in lowpan_device_event() - net: Fix hlist corruptions in inet_evict_bucket() - dccp: check sk for closed state in dccp_sendmsg() (CVE-2018-1130) - ipv6: fix access to non-linear packet in ndisc_fill_redirect_hdr_option() - l2tp: do not accept arbitrary sockets - net: ethernet: arc: Fix a potential memory leak if an optional regulator is deferred - netlink: avoid a double skb free in genlmsg_mcast() - team: Fix double free in error path - soc/fsl/qbman: fix issue in qman_delete_cgr_safe() - net: hns: Fix a skb used after free bug https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.93 - mtd: jedec_probe: Fix crash in jedec_read_mfr() - ALSA: pcm: potential uninitialized return values - perf/hwbp: Simplify the perf-hwbp code, fix documentation (CVE-2018-1000199) - kprobes/x86: Fix to set RWX bits correctly before releasing trampoline - arm64: avoid overflow in VA_START and PAGE_OFFSET - xfrm_user: uncoditionally validate esn replay attribute struct - RDMA/ucma: Check AF family prior resolving address - RDMA/ucma: Fix use-after-free access in ucma_close - RDMA/ucma: Ensure that CM_ID exists prior to access it - RDMA/ucma: Check that device is connected prior to access it - RDMA/ucma: Check that device exists prior to accessing it - RDMA/ucma: Introduce safer rdma_addr_size() variants - net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms() - xfrm: Refuse to insert 32 bit userspace socket policies on 64 bit systems - netfilter: bridge: ebt_among: add more missing match size checks - Bluetooth: Fix missing encryption refresh on Security Request - scsi: virtio_scsi: always read VPD pages for multiqueue too - usb: dwc2: Improve gadget state disconnection handling - [arm64] arm64: mm: Use non-global mappings for kernel space - [arm64] arm64: mm: Move ASID from TTBR0 to TTBR1 - [arm64] arm64: mm: Allocate ASIDs in pairs - [arm64] arm64: mm: Add arm64_kernel_unmapped_at_el0 helper - [arm64] arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI - [arm64] arm64: factor out entry stack manipulation - module: extend 'rodata=off' boot cmdline parameter to module mappings - [arm64] entry: Add exception trampoline page for exceptions from EL0 - [arm64] mm: Map entry trampoline into trampoline and kernel page tables - [arm64] entry: Explicitly pass exception level to kernel_ventry macro - [arm64] entry: Hook up entry trampoline to exception vectors - [arm64] tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks - [arm64] entry: Add fake CPU feature for unmapping the kernel at EL0 - [arm64] kaslr: Put kernel vectors address in separate data page - [arm64] use RET instruction for exiting the trampoline - [arm64] Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0 - [arm64] Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry - [arm64] Take into account ID_AA64PFR0_EL1.CSV3 - [arm64] Allow checking of a CPU-local erratum - [arm64] capabilities: Handle duplicate entries for a capability - [arm64] cputype: Add MIDR values for Cavium ThunderX2 CPUs - [arm64] Turn on KPTI only on CPUs that need it - [arm64] kpti: Make use of nG dependent on arm64_kernel_unmapped_at_el0() - [arm64] kpti: Add ->enable callback to remap swapper using nG mappings - [arm64] Force KPTI to be disabled on Cavium ThunderX - [arm64] entry: Reword comment about post_ttbr_update_workaround - [arm64] idmap: Use "awx" flags for .idmap.text .pushsection directives - media: usbtv: prevent double free in error case (CVE-2017-17975) - crypto: ahash - Fix early termination in hash walk - crypto: x86/cast5-avx - fix ECB encryption when long sg follows short one - net: hns: Fix ethtool private flags (CVE-2017-18222) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.94 - [x86] x86/asm: Don't use RBP as a temporary register in csum_partial_copy_generic() - IB/srpt: Avoid that aborting a command triggers a kernel warning - af_key: Fix slab-out-of-bounds in pfkey_compile_policy. - bna: Avoid reading past end of buffer - qlge: Avoid reading past end of buffer - ubi: fastmap: Fix slab corruption - drivers/misc/vmw_vmci/vmci_queue_pair.c: fix a couple integer overflow tests - perf/callchain: Force USER_DS when invoking perf_callchain_user() - Input: elan_i2c - check if device is there before really probing - KVM: PPC: Book3S PR: Check copy_to/from_user return values - [arm64] arm64: perf: Ignore exclude_hv when kernel is running in HYP - [arm] KVM: arm: Restore banked registers and physical timer access on hyp_panic() - [arm64] KVM: arm64: Restore host physical timer access on hyp_panic() - usb: dwc3: keystone: check return value - ata: libahci: properly propagate return value of platform_get_irq() - ipmr: vrf: Find VIFs using the actual device - uio: fix incorrect memory leak cleanup - net: x25: fix one potential use-after-free issue - USB: ene_usb6250: fix SCSI residue overwriting - net/wan/fsl_ucc_hdlc: fix unitialized variable warnings - net/wan/fsl_ucc_hdlc: fix incorrect memory allocation - mlxsw: spectrum: Avoid possible NULL pointer dereference - scsi: csiostor: fix use after free in csio_hw_use_fwconfig() - [powerpc*] powerpc/mm: Fix virt_addr_valid() etc. on 64-bit hash - ath5k: fix memory leak on buf on failed eeprom read - ext4: handle the rest of ext4_mb_load_buddy() ENOMEM errors - md-cluster: fix potential lock issue in add_new_disk - ray_cs: Avoid reading past end of buffer - net/wan/fsl_ucc_hdlc: fix muram allocation error - perf/core: Fix error handling in perf_event_alloc() - selinux: do not check open permission on sockets - block: fix an error code in add_partition() - libceph: NULL deref on crush_decode() error path - perf report: Fix off-by-one for non-activation frames - netfilter: ctnetlink: fix incorrect nf_ct_put during hash resize - scsi: bnx2fc: fix race condition in bnx2fc_get_host_stats() - fix race in drivers/char/random.c:get_reg() - ext4: fix off-by-one on max nr_pages in ext4_find_unwritten_pgoff() - tcp: better validation of received ack sequences - net: llc: add lock_sock in llc_ui_bind to avoid a race condition - drm/msm: Take the mutex before calling msm_gem_new_impl - thermal: power_allocator: fix one race condition issue for thermal_instances list - VFS: close race between getcwd() and d_move() - PM / devfreq: Fix potential NULL pointer dereference in governor_store - media: videobuf2-core: don't go out of the buffer range - blk-mq: fix race between updating nr_hw_queues and switching io sched - wl1251: check return from call to wl1251_acx_arp_ip_filter - hdlcdrv: Fix divide by zero in hdlcdrv_ioctl - [x86] x86/efi: Disable runtime services on kexec kernel if booted with efi=old_map - ovl: filter trusted xattr for non-admin - dmaengine: imx-sdma: Handle return value of clk_prepare_enable - backlight: Report error on failure - [arm64] arm64: futex: Fix undefined behaviour with FUTEX_OP_OPARG_SHIFT usage - net: freescale: fix potential null pointer dereference - KVM: SVM: do not zero out segment attributes if segment is unusable or not present - clk: scpi: fix return type of __scpi_dvfs_round_rate - drm/amdkfd: NULL dereference involving create_process() - qlcnic: Fix a sleep-in-atomic bug in qlcnic_82xx_hw_write_wx_2M and qlcnic_82xx_hw_read_wx_2M - [arm64] arm64: kernel: restrict /dev/mem read() calls to linear region - mISDN: Fix a sleep-in-atomic bug - RDMA/iw_cxgb4: Avoid touch after free error in ARP failure handlers - RDMA/hfi1: fix array termination by appending NULL to attr array - bio-integrity: Do not allocate integrity context for bio w/o data - skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow - macsec: check return value of skb_to_sgvec always - e1000e: fix race condition around skb_tstamp_tx() - igb: fix race condition with PTP_TX_IN_PROGRESS bits - cx25840: fix unchecked return values - mceusb: sporadic RX truncation corruption fix - nvme: fix hang in remove path - KVM: nVMX: Update vmcs12->guest_linear_address on nested VM-exit - crypto: omap-sham - buffer handling fixes for hashing later - crypto: omap-sham - fix closing of hash with separate finalize call - net: ena: fix race condition between submit and completion admin command - [s390x] s390/dasd: fix hanging safe offline - drm/vc4: Fix resource leak in 'vc4_get_hang_state_ioctl()' in error handling path - scsi: libsas: fix memory leak in sas_smp_get_phy_events() (CVE-2018-7757) - blk-mq: fix kernel oops in blk_mq_tag_idle() - ipv6: the entire IPv6 header chain must fit the first fragment - net: fix possible out-of-bound read in skb_network_protocol() - net/ipv6: Fix route leaking between VRFs - net/ipv6: Increment OUTxxx counters after netfilter hook - netlink: make sure nladdr has correct size in netlink_connect() - net/sched: fix NULL dereference in the error path of tcf_bpf_init() - pptp: remove a buggy dst release in pptp_connect() - r8169: fix setting driver_data after register_netdev - sctp: do not leak kernel memory to user space - sctp: sctp_sockaddr_af must check minimal addr length for AF_INET6 - net: fool proof dev_valid_name() - ip_tunnel: better validate user provided tunnel names - ipv6: sit: better validate user provided tunnel names - ip6_gre: better validate user provided tunnel names - ip6_tunnel: better validate user provided tunnel names - vti6: better validate user provided tunnel names - net/sched: fix NULL dereference in the error path of tunnel_key_init() - net/sched: fix NULL dereference on the error path of tcf_skbmod_init() - vhost: validate log when IOTLB is enabled - vhost_net: add missing lock nesting notation - net/mlx4_core: Fix memory leak while delete slave's resources - vrf: Fix use after free and double free in vrf_finish_output https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.95 - media: v4l2-compat-ioctl32: don't oops on overlay - parisc: Fix out of array access in match_pci_device() - perf intel-pt: Fix overlap detection to identify consecutive buffers correctly - perf intel-pt: Fix timestamp following overflow - perf/core: Fix use-after-free in uprobe_perf_close() - [arm64] arm64: barrier: Add CSDB macros to control data-value prediction - [arm64] arm64: Implement array_index_mask_nospec() - [arm64] arm64: move TASK_* definitions to - [arm64] arm64: Make USER_DS an inclusive limit - [arm64] arm64: Use pointer masking to limit uaccess speculation - [arm64] arm64: entry: Ensure branch through syscall table is bounded under speculation - [arm64] arm64: uaccess: Prevent speculative use of the current addr_limit - [arm64] arm64: uaccess: Don't bother eliding access_ok checks in __{get, put}_user - [arm64] arm64: uaccess: Mask __user pointers for __arch_{clear, copy_*}_user - [arm64] arm64: cpufeature: __this_cpu_has_cap() shouldn't stop early - [arm64] arm64: Run enable method for errata work arounds on late CPUs - [arm64] arm64: cpufeature: Pass capability structure to ->enable callback - [arm64] arm64: Factor out TTBR0_EL1 post-update workaround into a specific asm macro - [arm64] arm64: Move post_ttbr_update_workaround to C code - [arm64] arm64: Add skeleton to harden the branch predictor against aliasing attacks - [arm64] arm64: Move BP hardening to check_and_switch_context - [arm64] arm64: KVM: Use per-CPU vector when BP hardening is enabled - [arm64] arm64: entry: Apply BP hardening for high-priority synchronous exceptions - [arm64] arm64: entry: Apply BP hardening for suspicious interrupts from EL0 - [arm64] arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75 - [arm64] arm64: cpu_errata: Allow an erratum to be match for all revisions of a core - [arm64] arm64: Implement branch predictor hardening for affected Cortex-A CPUs - [arm64] arm64: Branch predictor hardening for Cavium ThunderX2 - [arm64] arm64: KVM: Increment PC after handling an SMC trap - [arm64] arm/arm64: KVM: Consolidate the PSCI include files - [arm64] arm/arm64: KVM: Add PSCI_VERSION helper - [arm64] arm/arm64: KVM: Add smccc accessors to PSCI code - [arm64] arm/arm64: KVM: Implement PSCI 1.0 support - [arm64] arm/arm64: KVM: Advertise SMCCC v1.1 - [arm64] arm64: KVM: Make PSCI_VERSION a fast path - [arm64] arm/arm64: KVM: Turn kvm_psci_version into a static inline - [arm64] arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support - [arm64] arm64: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling - [arm64] firmware/psci: Expose PSCI conduit - [arm64] firmware/psci: Expose SMCCC version through psci_ops - [arm64] arm/arm64: smccc: Make function identifiers an unsigned quantity - [arm64] arm/arm64: smccc: Implement SMCCC v1.1 inline primitive - [arm64] arm64: Add ARM_SMCCC_ARCH_WORKAROUND_1 BP hardening support - [arm64] arm64: Kill PSCI_GET_VERSION as a variant-2 workaround - block/loop: fix deadlock after loop_set_status - rtl8187: Fix NULL pointer dereference in priv->conf_mutex - hwmon: (ina2xx) Fix access to uninitialized mutex - slip: Check if rstate is initialized before uncompressing - [arm64] arm64: futex: Mask __user pointers prior to dereference https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.96 - tty: make n_tty_read() always abort if hangup is in progress - ubifs: Check ubifs_wbuf_sync() return code - ubi: Fix error for write access - resource: fix integer overflow at reallocation - ipc/shm: fix use-after-free of shm file via remap_file_pages() - usb: musb: gadget: misplaced out of bounds check - xen-netfront: Fix hang on device removal - regmap: Fix reversed bounds check in regmap_raw_write() - USB: gadget: f_midi: fixing a possible double-free in f_midi - USB:fix USB3 devices behind USB3 hubs not resuming at hibernate thaw - smb3: Fix root directory when server returns inode number of zero - HID: i2c-hid: fix size check and type usage - random: use a tighter cap in credit_entropy_bits_safe() - ext4: fail ext4_iget for root directory if unallocated (CVE-2018-1092) - RDMA/rxe: Fix an out-of-bounds read - ALSA: pcm: Fix UAF at PCM release via PCM timer access - dmaengine: at_xdmac: fix rare residue corruption - libnvdimm, namespace: use a safe lookup for dimm device name - iommu/vt-d: Fix a potential memory leak - mmc: jz4740: Fix race condition in IRQ mask update - pwm: rcar: Fix a condition to prevent mismatch value setting to duty - thermal: imx: Fix race condition in imx_thermal_probe() - ext4: don't allow r/w mounts if metadata blocks overlap the superblock - drm/amdgpu: Fix always_valid bos multiple LRU insertions. - drm/amdgpu: Fix PCIe lane width calculation - drm/rockchip: Clear all interrupts before requesting the IRQ - drm/radeon: Fix PCIe lane width calculation - ALSA: line6: Use correct endpoint type for midi output - ALSA: rawmidi: Fix missing input substream checks in compat ioctls - ALSA: hda - New VIA controller suppor no-snoop path - random: fix crng_ready() test (CVE-2018-1108) - random: crng_reseed() should lock the crng instance that it is modifying - random: add new ioctl RNDRESEEDCRNG - HID: hidraw: Fix crash on HIDIOCGFEATURE with a destroyed device - MIPS: uaccess: Add micromips clobbers to bzero invocation - MIPS: memset.S: EVA & fault support for small_memset - MIPS: memset.S: Fix return of __clear_user from Lpartial_fixup - MIPS: memset.S: Fix clobber of v1 in last_fixup - [powerpc*] powerpc/eeh: Fix enabling bridge MMIO windows - [powerpc*] powerpc/lib: Fix off-by-one in alternate feature patching - udf: Fix leak of UTF-16 surrogates into encoded strings - jffs2_kill_sb(): deal with failed allocations - hypfs_kill_super(): deal with failed allocations - orangefs_kill_sb(): deal with allocation failures - rpc_pipefs: fix double-dput() - Don't leak MNT_INTERNAL away from internal mounts - autofs: mount point create should honour passed in mode - mm/filemap.c: fix NULL pointer in page_cache_tree_insert() - fanotify: fix logic of events on child - writeback: safer lock nesting - block/mq: fix potential deadlock during cpu hotplug https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.97 - cifs: do not allow creating sockets except with SMB1 posix exensions - [x86] x86/tsc: Prevent 32bit truncation in calc_hpet_ref() - drm/vc4: Fix memory leak during BO teardown - drm/i915: Fix LSPCON TMDS output buffer enabling from low-power state - power: supply: bq2415x: check for NULL acpi_id to avoid null pointer dereference - OF: Prevent unaligned access in of_alias_scan() - jbd2: fix use after free in kjournald2() - perf: Return proper values for user stack errors - RDMA/mlx5: Fix NULL dereference while accessing XRC_TGT QPs - mac80211_hwsim: fix use-after-free bug in hwsim_exit_net - [s390] s390: introduce CPU alternatives - [s390] s390: enable CPU alternatives unconditionally - [s390] KVM: s390: wire up bpb feature - [s390] s390: scrub registers on kernel entry and KVM exit - [s390] s390: add optimized array_index_mask_nospec - [s390] s390/alternative: use a copy of the facility bit mask - [s390] s390: add options to change branch prediction behaviour for the kernel - [s390] s390: run user space and KVM guests with modified branch prediction - [s390] s390: introduce execute-trampolines for branches - [s390] KVM: s390: force bp isolation for VSIE - [s390] s390: Replace IS_ENABLED(EXPOLINE_*) with IS_ENABLED(CONFIG_EXPOLINE_*) - [s390] s390: do not bypass BPENTER for interrupt system calls - [s390] s390/entry.S: fix spurious zeroing of r0 - [s390] s390: move nobp parameter functions to nospec-branch.c - [s390] s390: add automatic detection of the spectre defense - [s390] s390: report spectre mitigation via syslog - [s390] s390: add sysfs attributes for spectre - [s390] s390: correct nospec auto detection init order - [s390] s390: correct module section names for expoline code revert - KEYS: DNS: limit the length of option strings - l2tp: check sockaddr length in pppol2tp_connect() - net: validate attribute sizes in neigh_dump_table() - llc: delete timers synchronously in llc_sk_free() - tcp: don't read out-of-bounds opsize - packet: fix bitfield update race - pppoe: check sockaddr length in pppoe_connect() - vlan: Fix reading memory beyond skb->tail in skb_vlan_tagged_multi - sctp: do not check port in sctp_inet6_cmp_addr - llc: hold llc_sap before release_sock() - llc: fix NULL pointer deref for SOCK_ZAPPED - net: fix deadlock while clearing neighbor proxy table - net: af_packet: fix race in PACKET_{R|T}X_RING - cdrom: information leak in cdrom_ioctl_media_changed() (CVE-2018-10940) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.98 - ext4: prevent right-shifting extents beyond EXT_MAX_BLOCKS - ext4: set h_journal if there is a failure starting a reserved handle - ext4: add validity checks for bitmap block numbers (CVE-2018-1093) - ext4: fix bitmap position validation - random: set up the NUMA crng instances after the CRNG is fully initialized - random: fix possible sleeping allocation from irq context - random: rate limit unseeded randomness warnings - usbip: usbip_event: fix to not print kernel pointer address - usbip: usbip_host: fix to hold parent lock for device_attach() calls - usbip: vhci_hcd: Fix usb device and sockfd leaks - virtio_console: free buffers after reset - drm/virtio: fix vq wait_event condition - tty: Don't call panic() at tty_ldisc_init() - tty: Use __GFP_NOFAIL for tty_ldisc_get() - ALSA: dice: fix error path to destroy initialized stream data - ALSA: opl3: Hardening for potential Spectre v1 - ALSA: asihpi: Hardening for potential Spectre v1 - ALSA: hdspm: Hardening for potential Spectre v1 - ALSA: rme9652: Hardening for potential Spectre v1 - ALSA: control: Hardening for potential Spectre v1 - ALSA: seq: oss: Fix unbalanced use lock for synth MIDI device - ALSA: seq: oss: Hardening for potential Spectre v1 - ALSA: hda: Hardening for potential Spectre v1 - ALSA: hda/realtek - Add some fixes for ALC233 - mtd: cfi: cmdset_0001: Do not allow read/write to suspend erase block. - mtd: cfi: cmdset_0001: Workaround Micron Erase suspend bug. - mtd: cfi: cmdset_0002: Do not allow read/write to suspend erase block. - kobject: don't use WARN for registration failures - PCI: aardvark: Fix PCIe Max Read Request Size setting - ARM: amba: Fix race condition with driver_override - ARM: amba: Don't read past the end of sysfs "driver_override" buffer - crypto: drbg - set freed buffers to NULL - libceph: un-backoff on tick when we have a authenticated session - libceph: reschedule a tick in finish_hunting() - libceph: validate con->state at the top of try_write() - [powerpc*] cpufreq: powernv: Fix hardlockup due to synchronous smp_call in timer interrupt - [powerpc*] powerpc/eeh: Fix race with driver un/bind https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.99 - perf/core: Fix the perf_cpu_time_max_percent check (CVE-2018-18255) - ALSA: seq: Fix races at MIDI encoding in snd_virmidi_output_trigger() - Input: leds - fix out of bound access - xfs: prevent creating negative-sized file via INSERT_RANGE - RDMA/cxgb4: release hw resources on device removal - RDMA/mlx5: Protect from shift operand overflow - IB/mlx5: Use unlimited rate when static rate is not supported - IB/hfi1: Fix NULL pointer dereference when invalid num_vls is used - drm/vmwgfx: Fix a buffer object leak - drm/bridge: vga-dac: Fix edid memory leak - usb: musb: host: fix potential NULL pointer dereference - usb: musb: trace: fix NULL pointer dereference in musb_g_tx() - platform/x86: asus-wireless: Fix NULL pointer dereference https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.100 - ipvs: fix rtnl_lock lockups caused by start_sync_thread - crypto: af_alg - fix possible uninit-value in alg_bind() - netlink: fix uninit-value in netlink_sendmsg - net: fix rtnh_ok() - net: initialize skb->peeked when cloning - net: fix uninit-value in __hw_addr_add_ex() - dccp: initialize ireq->ir_mark - soreuseport: initialise timewait reuseport field - tcp: fix TCP_REPAIR_QUEUE bound checking - bdi: Fix oops in wb_workfn() - [powerpc*] KVM: PPC: Book3S HV: Fix trap number return from __kvmppc_vcore_entry - f2fs: fix a dead loop in f2fs_fiemap() (CVE-2018-18257) - arm64: Add work around for Arm Cortex-A55 Erratum 1024718 - gpioib: do not free unrequested descriptors - rfkill: gpio: fix memory leak in probe error path - net: atm: Fix potential Spectre v1 - atm: zatm: Fix potential Spectre v1 - tracing/uprobe_event: Fix strncpy corner case - [x86] perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_* - [x86] perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr - [x86] perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver - perf/core: Fix possible Spectre-v1 indexing for ->aux_pages[] - [x86] perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.101 - ipv4: fix memory leaks in udp_sendmsg, ping_v4_sendmsg - llc: better deal with too small mtu - net: ethernet: sun: niu set correct packet size in skb - net: ethernet: ti: cpsw: fix packet leaking in dual_mac mode - net/mlx4_en: Verify coalescing parameters are in range - net_sched: fq: take care of throttled flows before reuse - tg3: Fix vunmap() BUG_ON() triggered from tg3_free_consistent(). - futex: Remove duplicated code and fix undefined behaviour - proc: do not access cmdline nor environ from file-backed areas (CVE-2018-1120) - kernel/exit.c: avoid undefined behaviour when calling wait4() (CVE-2018-10087) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.102 - usbip: usbip_host: fix NULL-ptr deref and use-after-free errors (CVE-2018-5814) - [arm*] KVM: arm/arm64: VGIC/ITS: protect kvm_read_guest() calls with SRCU lock - [powerpc*] powerpc/powernv: Fix NVRAM sleep in invalid context when crashing - s390: remove indirect branch from do_softirq_own_stack - efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32' definition for mixed mode - Btrfs: fix xattr loss after power failure - btrfs: fix crash when trying to resume balance without the resume flag - [x86] x86/amd: don't set X86_BUG_SYSRET_SS_ATTRS when running under Xen - btrfs: fix reading stale metadata blocks after degraded raid1 mounts - [x86] x86/nospec: Simplify alternative_msr_write() - [x86] x86/bugs: Concentrate bug detection into a separate function - [x86] x86/bugs: Concentrate bug reporting into a separate function - [x86] x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - [x86] x86/bugs, KVM: Support the combination of guest and host IBRS - [x86] x86/bugs: Expose /sys/../spec_store_bypass - [x86] x86/cpufeatures: Add X86_FEATURE_RDS - [x86] x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - [x86] x86/bugs/intel: Set proper CPU features and setup RDS - [x86] x86/bugs: Whitelist allowed SPEC_CTRL MSR values - [x86] x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - [x86] x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - prctl: Add speculation control prctls - [x86] process: Optimize TIF checks in __switch_to_xtra() - [x86] process: Correct and optimize TIF_BLOCKSTEP switch - [x86] process: Optimize TIF_NOTSC switch - [x86] x86/process: Allow runtime control of Speculative Store Bypass (CVE-2018-3639) - [x86] x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - [x86] x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - [x86] x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - KVM: SVM: Move spec control call after restore of GS - [x86] x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP - [x86] x86/cpu/AMD: Fix erratum 1076 (CPB bit) - [x86] x86/speculation: Add virtualized speculative store bypass disable support https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.103 - net: test tailroom before appending to linear skb - packet: in packet_snd start writing at link layer allocation - sock_diag: fix use-after-free read in __sk_free - ext2: fix a block leak - [s390x] s390/crc32-vx: use expoline for indirect branches - [s390x] s390/lib: use expoline for indirect branches - [s390x] s390/ftrace: use expoline for indirect branches - [s390x] s390/kernel: use expoline for indirect branches - [s390x] s390: extend expoline to BC instructions - [s390x] s390: use expoline thunks in the BPF JIT - scsi: libsas: defer ata device eh commands to libata (CVE-2018-10021) - scsi: sg: allocate with __GFP_ZERO in sg_build_indirect() (CVE-2018-1000204) - scsi: zfcp: fix infinite iteration on ERP ready list - cfg80211: limit wiphy names to 128 bytes - [x86] x86/kexec: Avoid double free_page() upon do_kexec_load() failure - usb: gadget: core: Fix use-after-free of usb_request - usb: cdc_acm: prevent race at write to acm while system resumes - USB: OHCI: Fix NULL dereference in HCDs using HCD_LOCAL_MEM - usb: gadget: ffs: Execute copy_to_user() with USER_DS set - usb: gadget: udc: change comparison to bitshift when dealing with a mask - media: em28xx: USB bulk packet size fix - scsi: fas216: fix sense buffer initialization - scsi: sym53c8xx_2: iterator underflow in sym_getsync() - scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo() - scsi: qla2xxx: Avoid triggering undefined behavior in qla2x00_mbx_completion() - scsi: aacraid: fix shutdown crash when init fails - scsi: aacraid: Insure command thread is not recursively stopped - scsi: lpfc: Fix soft lockup in lpfc worker thread during LIP testing - media: dmxdev: fix error code for invalid ioctls - media: s3c-camif: fix out-of-bounds array access - media: cx25821: prevent out-of-bounds read on array card - serial: xuartps: Fix out-of-bounds access through DT alias - serial: samsung: Fix out-of-bounds access through serial port index - serial: mxs-auart: Fix out-of-bounds access through serial port index - serial: imx: Fix out-of-bounds access through serial port index - serial: fsl_lpuart: Fix out-of-bounds access through DT alias - serial: arc_uart: Fix out-of-bounds access through DT alias - rtc: hctosys: Ensure system time doesn't overflow time_t - rtc: tx4939: avoid unintended sign extension on a 24 bit shift https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.104 - [mips] MIPS: c-r4k: Fix data corruption related to cache coherence - affs_lookup(): close a race with affs_remove_link() - aio: fix io_destroy(2) vs. lookup_ioctx() race - do d_instantiate/unlock_new_inode combinations safely - libata: Blacklist some Sandisk SSDs for NCQ - libata: blacklist Micron 500IT SSD with MU01 firmware - IB/hfi1: Use after free race condition in send context error path - Revert "ipc/shm: Fix shmat mmap nil-page protection" - ipc/shm: fix shmat() nil address after round-down when remapping - kernel/sys.c: fix potential Spectre v1 issue - kernel/signal.c: avoid undefined behaviour in kill_something_info (CVE-2018-10124) - KVM/VMX: Expose SSBD properly to guests - firewire-ohci: work around oversized DMA reads on JMicron controllers - i40iw: Zero-out consumer key on allocate stag for FMR - iommu/vt-d: Use domain instead of cache fetching - mac80211_hwsim: fix possible memory leak in hwsim_new_radio_nl() (CVE-2018-8087) - btrfs: Fix out of bounds access in btrfs_search_slot - Btrfs: fix scrub to repair raid6 corruption - HID: roccat: prevent an out of bounds read in kovaplus_profile_activated() - jffs2: Fix use-after-free bug in jffs2_iget()'s error handling path - RDMA/mlx5: Avoid memory leak in case of XRCD dealloc failure - gianfar: prevent integer wrapping in the rx handler - tcp_nv: fix potential integer overflow in tcpnv_acked - kvm: Map PFN-type memory regions as writable (if possible) - mm/mempolicy: fix the check of nodemask from user - mm/mempolicy: add nodes_empty check in SYSC_migrate_pages - mm: pin address_space before dereferencing it while isolating an LRU page - mm/fadvise: discard partial page if endbyte is also EOF - drm/nouveau/pmu/fuc: don't use movw directly anymore - netfilter: ipv6: nf_defrag: Kill frag queue on RFC2460 failure - [x86] x86/power: Fix swsusp_arch_resume prototype - firmware: dmi_scan: Fix handling of empty DMI strings - xen-netfront: Fix race between device setup and open - xen/grant-table: Use put_page instead of free_page - RDS: IB: Fix null pointer issue - [arm64] arm64: spinlock: Fix theoretical trylock() A-B-A with LSE atomics - bcache: fix for allocator and register thread race - bcache: fix for data collapse after re-attaching an attached device - bcache: return attach error when no cache set exist - [x86] vfs/proc/kcore, x86/mm/kcore: Fix SMAP fault when dumping vsyscall user page - ptr_ring: prevent integer overflow when calculating size - [arm] ARM: OMAP2+: timer: fix a kmemleak caused in omap_get_timer_dt - iwlwifi: mvm: fix security bug in PN checking - rxrpc: Work around usercopy check - mac80211: fix a possible leak of station stats - mac80211: fix calling sleeping function in atomic context - md raid10: fix NULL deference in handle_write_completed() - locking/xchg/alpha: Add unconditional memory barrier to cmpxchg() - md: raid5: avoid string overflow warning - kernel/relay.c: limit kmalloc size to KMALLOC_MAX_SIZE - PKCS#7: fix direct verification of SignerInfo signature - locking/xchg/alpha: Fix xchg() and cmpxchg() memory ordering bugs - macvlan: fix use-after-free in macvlan_common_newlink() - md: fix a potential deadlock of raid5/raid10 reshape - md/raid1: fix NULL pointer dereference - ceph: fix dentry leak when failing to init debugfs - [arm] ARM: orion5x: Revert commit 4904dbda41c8. closes: #892057 - dmaengine: rcar-dmac: fix max_chunk_size for R-Car Gen3 - bcache: fix kcrashes with fio in RAID5 backend dev - RDMA/qedr: Fix kernel panic when running fio over NFSoRDMA - RDMA/qedr: Fix iWARP write and send with immediate - IB/mlx4: Fix corruption of RoCEv2 IPv4 GIDs - fbdev: Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in sbusfb_ioctl_helper(). (CVE-2018-6412) - fsl/fman: avoid sleeping in atomic context while adding an address - net: qcom/emac: Use proper free methods during TX - net: smsc911x: Fix unload crash when link is up - IB/core: Fix possible crash to access NULL netdev - batman-adv: fix header size check in batadv_dbg_arp() - batman-adv: Fix skbuff rcsum on packet reroute - vti4: Don't count header length twice on tunnel setup - vti4: Don't override MTU passed on link creation via IFLA_MTU - brcmfmac: Fix check for ISO3166 code - mm/mempolicy.c: avoid use uninitialized preferred_node - mm, thp: do not cause memcg oom for thp - [x86] x86/mm: Do not forbid _PAGE_RW before init for __ro_after_init - fs/proc/proc_sysctl.c: fix potential page fault while unregistering sysctl table - swap: divide-by-zero when zero length swap file on ssd - mm: fix races between address_space dereference and free in page_evicatable - Btrfs: fix NULL pointer dereference in log_dir_items - btrfs: Fix possible softlock on single core machines - xen/acpi: off by one in read_acpi_id() - ACPI: acpi_pad: Fix memory leak in power saving threads - [powerpc*] powerpc/perf: Prevent kernel address leak to userspace via BHRB buffer - [powerpc*] powerpc/perf: Fix kernel address leak via sampling registers - net/mlx5: Protect from command bit overflow - ath10k: Fix kernel panic while using worker (ath10k_sta_rc_update_wk) - ipmi_ssif: Fix kernel panic at msg_done_handler - [powerpc*] powerpc: Add missing prototype for arch_irq_work_raise() - f2fs: fix to check extent cache in f2fs_drop_extent_tree - dmaengine: pl330: fix a race condition in case of threaded irqs - audit: return on memory error to avoid null pointer dereference - netlabel: If PF_INET6, check sk_buff ip header version https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.105 - Revert "vti4: Don't override MTU passed on link creation via IFLA_MTU" https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.106 - x86/xen: Add unwind hint annotations to xen_setup_gdt https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.107 - [arm64] arm64: lse: Add early clobbers to some input/output asm operands - [powerpc*] powerpc/64s: Clear PCR on boot - xfs: detect agfl count corruption and reset agfl - tracing: Fix crash when freeing instances with event triggers - selinux: KASAN: slab-out-of-bounds in xattr_getsecurity - tcp: avoid integer overflows in tcp_rcv_space_adjust() - [arm64] arm64: Add hypervisor safe helper for checking constant capabilities - [powerpc*] powerpc/rfi-flush: Move out of HARDLOCKUP_DETECTOR #ifdef - [powerpc*] powerpc/pseries: Support firmware disable of RFI flush - [powerpc*] powerpc/powernv: Support firmware disable of RFI flush - [powerpc*] powerpc/rfi-flush: Always enable fallback flush on pseries - [powerpc*] powerpc/rfi-flush: Differentiate enabled and patched flush types - [powerpc*] powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration - [powerpc*] powerpc: Add security feature flags for Spectre/Meltdown - [powerpc*] powerpc/pseries: Set or clear security feature flags - [powerpc*] powerpc/powernv: Set or clear security feature flags - [powerpc*] powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - [powerpc*] powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - [powerpc*] powerpc/64s: Wire up cpu_show_spectre_v1() - [powerpc*] powerpc/64s: Wire up cpu_show_spectre_v2() - [powerpc*] powerpc/pseries: Fix clearing of security feature flags - [powerpc*] powerpc: Move default security feature flags - [powerpc*] powerpc/pseries: Restore default security feature flags on setup - [powerpc*] powerpc/64s: Fix section mismatch warnings from setup_rfi_flush() - [powerpc*] powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit - net/mlx4_en: fix potential use-after-free with dma_unmap_page - iio:kfifo_buf: check for uint overflow - mm: fix the NULL mapping case in __isolate_lru_page() - serial: pl011: add console matching function [ Steve McIntyre ] * Backports for Qualcomm Centriq machines. Closes: #896775 - [arm64] Backport support for Qualcomm Centriq onboard emac NIC - [arm64] Backport workaround for erratum E1041 [ Romain Perier ] * [armhf] MFD: Enable MFD_TPS65217 (Closes: #897590) [ Salvatore Bonaccorso ] * nfsd: increase DRC cache limit (Closes: #898137) [ Yves-Alexis Perez ] * [rt] Update patchset to 4.9.98-rt76 - don't apply "drivers/net: Use disable_irq_nosync() in 8139too" since it's already included upstream - removed "rtmutex: Fix PI chain order integrity" - fs/aio: simple simple work * Bump ABI to 7 - remove all ignored ABI changes since ABI 6 - remove all patches reverting ABI changes since ABI 6 * [rt] "fs/dcache: disable preemption on i_dir_seq's write side" edited for fuzz after 4.9.106. [ Ben Hutchings ] * random: Make getranndom() ready earlier (see #897599) -- Ben Hutchings Wed, 13 Jun 2018 04:48:46 +0100 linux (4.9.88-1+deb9u1) stretch-security; urgency=high [ Salvatore Bonaccorso ] * [x86] x86/entry/64: Don't use IST entry for #BP stack (CVE-2018-8897) * [x86] kvm: fix icebp instruction handling (CVE-2018-1087) [ Ben Hutchings ] * Revert "random: fix crng_ready() test" (Closes: #897599), reopening CVE-2018-1108 -- Ben Hutchings Mon, 07 May 2018 23:38:25 +0100 linux (4.9.88-1) stretch-security; urgency=high * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.83 - ext4: fix a race in the ext4 shutdown path - ext4: save error to disk in __ext4_grp_locked_error() - console/dummy: leave .con_font_get set to NULL - rtlwifi: rtl8821ae: Fix connection lost problem correctly - target/iscsi: avoid NULL dereference in CHAP auth error path - Btrfs: fix deadlock in run_delalloc_nocow - Btrfs: fix crash due to not cleaning up tree log block's dirty bits - Btrfs: fix extent state leak from tree log - Btrfs: fix unexpected -EEXIST when creating new inode - ALSA: seq: Fix racy pool initializations (CVE-2018-7566) - ocfs2: try a blocking lock before return AOP_TRUNCATED_PAGE - [s390] s390: fix handling of -1 in set{,fs}[gu]id16 syscalls - [x86] x86/entry/64/compat: Clear registers for compat syscalls, to reduce speculation attack surface (hardening for Spectre) - [x86] x86/speculation: Update Speculation Control microcode blacklist - [x86] x86/speculation: Correct Speculation Control microcode blacklist again - [x86] KVM/x86: Reduce retpoline performance impact in slot_handle_level_range(), by always inlining iterator helper methods - [x86] X86/nVMX: Properly set spec_ctrl and pred_cmd before merging MSRs - vfs: don't do RCU lookup of empty pathnames - media: r820t: fix r820t_write_reg for KASAN https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.84 - cfg80211: check dev_set_name() return value - xfrm: skip policies marked as dead while rehashing - mm,vmscan: Make unregister_shrinker() no-op if register_shrinker() failed. - xfrm: Fix stack-out-of-bounds read on socket policy lookup. - xfrm: check id proto in validate_tmpl() - sctp: set frag_point in sctp_setsockopt_maxseg correctly - drm: Require __GFP_NOFAIL for the legacy drm_modeset_lock_all - selinux: ensure the context is NUL terminated in security_context_to_sid_core() - [x86] KVM: x86: fix escape of guest dr6 to the host - netfilter: x_tables: fix int overflow in xt_alloc_table_info() - netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target} - netfilter: ipt_CLUSTERIP: fix out-of-bounds accesses in clusterip_tg_check() - netfilter: on sockopt() acquire sock lock only in the required scope - netfilter: xt_cgroup: initialize info->priv in cgroup_mt_check_v1() - netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insert - crypto: hash - prevent using keyed hashes without setting key - [arm*] ARM: dts: Fix omap4 hang with GPS connected to USB by using wakeupgen - sctp: only update outstanding_bytes for transmitted queue when doing prsctp_prune - net_sched: red: Avoid devision by zero - net_sched: red: Avoid illegal values - btrfs: Fix possible off-by-one in btrfs_search_path_in_tree - 509: fix printing uninitialized stack memory when OID is empty - dmaengine: at_hdmac: fix potential NULL pointer dereference in atc_prep_dma_interleaved - clk: fix a panic error caused by accessing NULL pointer - xfrm: Fix stack-out-of-bounds with misconfigured transport mode policies. - drm/armada: fix leak of crtc structure - [x86] mm/early_ioremap: Fix boot hang with earlyprintk=efi,keep - [x86] x86/mm/kmmio: Fix mmiotrace for page unaligned addresses - hippi: Fix a Fix a possible sleep-in-atomic bug in rr_close - [powerpc*] powerpc/64s: Fix conversion of slb_miss_common to use RFI_TO_USER/KERNEL - [powerpc*] powerpc/64s: Simple RFI macro conversions - [powerpc*] powerpc/64s: Improve RFI L1-D cache flush fallback - crypto: talitos - fix Kernel Oops on hashing an empty file - ALSA: hda/ca0132 - fix possible NULL pointer use - [x86] KVM: async_pf: Fix #DF due to inject "Page not Present" and "Page Ready" exceptions simultaneously - crypto: s5p-sss - Fix kernel Oops in AES-ECB mode https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.85 - netfilter: drop outermost socket lock in getsockopt() - X.509: fix BUG_ON() when hash algorithm is unsupported - PKCS#7: fix certificate chain verification - RDMA/uverbs: Protect from command mask overflow - iio: buffer: check if a buffer has been set up when poll is called - iio: adis_lib: Initialize trigger before requesting interrupt - irqchip/gic-v3: Use wmb() instead of smb_wmb() in gic_raise_softirq() - ohci-hcd: Fix race condition caused by ohci_urb_enqueue() and io_watchdog_func() - usb: ohci: Proper handling of ed_rm_list to handle race condition between usb_kill_urb() and finish_unlinks() - ]arm64] arm64: Disable unhandled signal log messages by default - Revert "usb: musb: host: don't start next rx urb if current one failed" - X.509: fix NULL dereference when restricting key with unsupported_sig - mm: avoid spurious 'bad pmd' warning messages - [x86] x86/entry/64: Clear extra registers beyond syscall arguments, to reduce speculation attack surface https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.86 - i2c: designware: must wait for enable - f2fs: fix a bug caused by NULL extent tree (CVE-2017-18193) - mtd: nand: gpmi: Fix failure when a erased page has a bitflip at BBM - mtd: nand: brcmnand: Zero bitflip is not an error - [arm*] ARM: 8731/1: Fix csum_partial_copy_from_user() stack mismatch - sget(): handle failures of register_shrinker() - drm/nouveau/pci: do a msi rearm on init - mac80211_hwsim: Fix a possible sleep-in-atomic bug in hwsim_get_radio_nl - tipc: error path leak fixes in tipc_enable_bearer() - tipc: fix tipc_mon_delete() oops in tipc_enable_bearer() error path - tg3: Add workaround to restrict 5762 MRRS to 2048 - tg3: Enable PHY reset in MTU change path for 5720 - bnx2x: Improve reliability in case of nested PCI errors - IB/mlx5: Fix mlx5_ib_alloc_mr error flow - genirq: Guard handle_bad_irq log messages - IB/mlx4: Fix mlx4_ib_alloc_mr error flow - IB/ipoib: Fix race condition in neigh creation - xfs: quota: fix missed destroy of qi_tree_lock - xfs: quota: check result of register_shrinker() - macvlan: Fix one possible double free - e1000: fix disabling already-disabled warning - drm/ttm: check the return value of kzalloc - nl80211: Check for the required netlink attribute presence - bnxt_en: Fix the 'Invalid VF' id check in bnxt_vf_ndo_prep routine. - xen-netfront: enable device after manual module load - mdio-sun4i: Fix a memory leak - xen/gntdev: Fix off-by-one error when unmapping with holes - xen/gntdev: Fix partial gntdev_mmap() cleanup - sctp: make use of pre-calculated len - net: gianfar_ptp: move set_fipers() to spinlock protecting area https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.87 - [x86] tpm: st33zp24: fix potential buffer overruns caused by bit glitches on the bus - [x86] tpm_i2c_infineon: fix potential buffer overruns caused by bit glitches on the bus - [x86] tpm_i2c_nuvoton: fix potential buffer overruns caused by bit glitches on the bus - [x86] tpm_tis: fix potential buffer overruns caused by bit glitches on the bus - [x86] tpm: constify transmit data pointers - [x86] tpm-dev-common: Reject too short writes - ALSA: usb-audio: Add a quirck for B&W PX headphones - ALSA: hda: Add a power_save blacklist - ALSA: hda - Fix pincfg at resume on Lenovo T470 dock - timers: Forward timer base before migrating timers - [hppa] parisc: Fix ordering of cache and TLB flushes - dax: fix vma_is_fsdax() helper - [x86] xen: Zero MSR_IA32_SPEC_CTRL before suspend - [x86] platform/intel-mid: Handle Intel Edison reboot correctly - media: m88ds3103: don't call a non-initalized function - nospec: Allow index argument to have const-qualified type - [armel,armhf] mvebu: Fix broken PL310_ERRATA_753970 selects - KVM: mmu: Fix overlap between public and private memslots - [x86] KVM: Remove indirect MSR op calls from SPEC_CTRL - [x86] KVM/VMX: Optimize vmx_vcpu_run() and svm_vcpu_run() by marking the RDMSR path as unlikely() - PCI/ASPM: Deal with missing root ports in link state handling - dm io: fix duplicate bio completion due to missing ref count - [armhf] dts: LogicPD SOM-LV: Fix I2C1 pinmux - [armhf] dts: LogicPD Torpedo: Fix I2C1 pinmux - [x86] mm: Give each mm TLB flush generation a unique ID - [x86] speculation: Use Indirect Branch Prediction Barrier in context switch - md: only allow remove_and_add_spares when no sync_thread running. - netlink: put module reference if dump start fails - [x86] apic/vector: Handle legacy irq data correctly - bridge: check brport attr show in brport_show - fib_semantics: Don't match route with mismatching tclassid - hdlc_ppp: carrier detect ok, don't turn off negotiation - ipv6 sit: work around bogus gcc-8 -Wrestrict warning - net: fix race on decreasing number of TX queues - net: ipv4: don't allow setting net.ipv4.route.min_pmtu below 68 - netlink: ensure to loop over all netns in genlmsg_multicast_allns() - ppp: prevent unregistered channels from connecting to PPP units - udplite: fix partial checksum initialization - sctp: fix dst refcnt leak in sctp_v4_get_dst - net: phy: fix phy_start to consider PHY_IGNORE_INTERRUPT - tcp: Honor the eor bit in tcp_mtu_probe - rxrpc: Fix send in rxrpc_send_data_packet() - tcp_bbr: better deal with suboptimal GSO - sctp: fix dst refcnt leak in sctp_v6_get_dst() - [s390x] qeth: fix underestimated count of buffer elements - [s390x] qeth: fix SETIP command handling - [s390x] qeth: fix overestimated count of buffer elements - [s390x] qeth: fix IP removal on offline cards - [s390x] qeth: fix double-free on IP add/remove race - [s390x] qeth: fix IP address lookup for L3 devices - [s390x] qeth: fix IPA command submission race - sctp: verify size of a new chunk in _sctp_make_chunk() (CVE-2018-5803) - net: mpls: Pull common label check into helper - mpls, nospec: Sanitize array index in mpls_label_ok() - bpf: fix wrong exposure of map_flags into fdinfo for lpm - bpf: fix mlock precharge on arraymaps - bpf, x64: implement retpoline for tail call - bpf, arm64: fix out of bounds access in tail call - bpf: add schedule points in percpu arrays management - bpf, ppc64: fix out of bounds access in tail call - btrfs: preserve i_mode if __btrfs_set_acl() fails https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.88 - RDMA/ucma: Limit possible option size - RDMA/ucma: Check that user doesn't overflow QP state - RDMA/mlx5: Fix integer overflow while resizing CQ - [x86] drm/i915: Try EDID bitbanging on HDMI after failed read - scsi: qla2xxx: Fix NULL pointer crash due to active timer for ABTS - [x86] drm/i915: Always call to intel_display_set_init_power() in resume_early. - workqueue: Allow retrieval of current task's work struct - drm: Allow determining if current task is output poll worker - drm/nouveau: Fix deadlock on runtime suspend - drm/radeon: Fix deadlock on runtime suspend - drm/amdgpu: Fix deadlock on runtime suspend - drm/amdgpu: Notify sbios device ready before send request - drm/radeon: fix KV harvesting - drm/amdgpu: fix KV harvesting - drm/amdgpu:Correct max uvd handles - drm/amdgpu:Always save uvd vcpu_bo in VM Mode - [mips*/octeon] irq: Check for null return on kzalloc allocation - loop: Fix lost writes caused by missing flag - virtio_ring: fix num_free handling in error case - [s390x] KVM: fix memory overwrites when not using SCA entries - kbuild: Handle builtin dtb file names containing hyphens - IB/mlx5: Fix incorrect size of klms in the memory region - bcache: fix crashes in duplicate cache device register - bcache: don't attach backing with duplicate UUID - [x86] MCE: Serialize sysfs changes (CVE-2018-7995) - perf tools: Fix trigger class trigger_on() - [x86] spectre_v2: Don't check microcode versions when running under hypervisors - ALSA: hda/realtek: Limit mic boost on T480 - ALSA: hda/realtek - Fix dock line-out volume on Dell Precision 7520 - ALSA: hda/realtek - Make dock sound work on ThinkPad L570 - ALSA: seq: Don't allow resizing pool in use - ALSA: seq: More protection for concurrent write and ioctl races - ALSA: hda: add dock and led support for HP EliteBook 820 G3 - ALSA: hda: add dock and led support for HP ProBook 640 G2 - nospec: Kill array_index_nospec_mask_check() - nospec: Include dependency - Revert "x86/retpoline: Simplify vmexit_fill_RSB()" - [x86] speculation: Use IBRS if available before calling into firmware - [x86] retpoline: Support retpoline builds with Clang - [x86] speculation, objtool: Annotate indirect calls/jumps for objtool - [x86] boot, objtool: Annotate indirect jump in secondary_startup_64() - [x86] speculation: Move firmware_restrict_branch_speculation_*() from C to CPP - [x86] paravirt, objtool: Annotate indirect calls - watchdog: hpwdt: SMBIOS check - watchdog: hpwdt: Check source of NMI - watchdog: hpwdt: fix unused variable warning - watchdog: hpwdt: Remove legacy NMI sourcing. - [armhf] omap2: hide omap3_save_secure_ram on non-OMAP3 builds - Input: tca8418_keypad - remove double read of key event register - tc358743: fix register i2c_rd/wr function fix - netfilter: add back stackpointer size checks (CVE-2018-1065) - netfilter: x_tables: fix missing timer initialization in xt_LED - netfilter: nat: cope with negative port range - netfilter: IDLETIMER: be syzkaller friendly - netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets (CVE-2018-1068) - netfilter: bridge: ebt_among: add missing match size checks - netfilter: ipv6: fix use-after-free Write in nf_nat_ipv6_manip_pkt - netfilter: x_tables: pass xt_counters struct instead of packet counter - netfilter: x_tables: pass xt_counters struct to counter allocator - netfilter: x_tables: pack percpu counter allocations - ext4: inplace xattr block update fails to deduplicate blocks - ubi: Fix race condition between ubi volume creation and udev - scsi: qla2xxx: Replace fcport alloc with qla2x00_alloc_fcport - NFS: Fix an incorrect type in struct nfs_direct_req - NFS: Fix unstable write completion - [x86] module: Detect and skip invalid relocations - [x86] Treat R_X86_64_PLT32 as R_X86_64_PC32 - serial: sh-sci: prevent lockup on full TTY buffers - tty/serial: atmel: add new version check for usart - uas: fix comparison for error code - [x86] staging: comedi: fix comedi_nsamples_left. - USB: storage: Add JMicron bridge 152d:2567 to unusual_devs.h - usbip: vudc: fix null pointer dereference on udc->lock - usb: quirks: add control message delay for 1b1c:1b20 - usb: usbmon: Read text within supplied buffer size - usb: gadget: f_fs: Fix use-after-free in ffs_fs_kill_sb() - serial: 8250_pci: Add Brainboxes UC-260 4 port serial device - serial: core: mark port as initialized in autoconfig - earlycon: add reg-offset to physical address before mapping - PCI: dwc: Fix enumeration end when reaching root subordinate [Yves-Alexis Perez] * [powerpc*] drop RFI patches, now included upstream [ Salvatore Bonaccorso ] * [rt] Refresh 0001-timer-make-the-base-lock-raw.patch context * [rt] Update to 4.9.84-rt62 * blkcg: fix double free of new_blkg in blkcg_init_queue (CVE-2018-7480) * CIFS: Enable encryption during session setup phase (CVE-2018-1066) * staging: ncpfs: memory corruption in ncp_read_kernel() (CVE-2018-8822) * [arm64] net: hns: Fix a skb used after free bug (CVE-2017-18218) * media: usbtv: prevent double free in error case (CVE-2017-17975) * [arm64] net: hns: fix ethtool_get_strings overflow in hns driver * [arm64] net: hns: Fix ethtool private flags (CVE-2017-18222) * scsi: libsas: fix memory leak in sas_smp_get_phy_events() (CVE-2018-7757) * ext4: add validity checks for bitmap block numbers (CVE-2018-1093) * ext4: fix bitmap position validation * ext4: fail ext4_iget for root directory if unallocated (CVE-2018-1092) * random: fix crng_ready() test (CVE-2018-1108) * random: set up the NUMA crng instances after the CRNG is fully initialized * random: crng_reseed() should lock the crng instance that it is modifying * random: fix possible sleeping allocation from irq context * perf/hwbp: Simplify the perf-hwbp code, fix documentation (CVE-2018-1000199) [ Ben Hutchings ] * [x86] Revert "x86/cpu: Rename cpu_data.x86_mask to cpu_data.x86_stepping" to avoid an ABI change * [x86] mm: Avoid ABI change for addition of ctx_id * [x86] cpu: Avoid ABI change in 4.9.83 * crypto: hash: Avoid ABI change in 4.9.84 * fs: Avoid ABI change in 4.9.85 * [x86] nospec: Ignore ABI change for removal of __clear_rsb and __fill_rsb, previously exported for use by KVM * [x86] Ignore ABI change for cpu_tlbstate, apparently not used externally * jbd2: Ignore ABI changes * tpm_tis: Ignore ABI changes * ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent (CVE-2017-18216) * ocfs2: ip_alloc_sem should be taken in ocfs2_get_block() (CVE-2017-18224) * f2fs: fix a panic caused by NULL flush_cmd_control (CVE-2017-18241) * f2fs: fix a dead loop in f2fs_fiemap() (CVE-2017-18257) * mm/hugetlb.c: don't call region_abort if region_chg fails * hugetlbfs: fix offset overflow in hugetlbfs mmap * hugetlbfs: check for pgoff value overflow (CVE-2018-7740) * mac80211_hwsim: fix possible memory leak in hwsim_new_radio_nl() (CVE-2018-8087) * drm: udl: Properly check framebuffer mmap offsets (CVE-2018-8781) * xfs: set format back to extents if xfs_bmap_extents_to_btree (CVE-2018-10323) * debian/lib/python/debian_linux/gencontrol.py: Allow uploads to *-security with a simple revision -- Salvatore Bonaccorso Sun, 29 Apr 2018 09:19:40 +0200 linux (4.9.82-1+deb9u3) stretch-security; urgency=medium * [powerpc] Backport more RFI flush related patches from 4.9.84. Closes: #891249. * [powerpc] Ignore ABI change in paca. -- Aurelien Jarno Fri, 02 Mar 2018 08:52:22 +0100 linux (4.9.82-1+deb9u2) stretch-security; urgency=high * [x86] linux-headers: use correct version in linux-compiler-gcc-6-x86 dependency. -- Yves-Alexis Perez Wed, 21 Feb 2018 16:29:03 +0100 linux (4.9.82-1+deb9u1) stretch-security; urgency=high [ Yves-Alexis Perez ] * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.81 - [powerpc*] powerpc/64s: Add support for RFI flush of L1-D cache (CVE-2017-5754, Meltdown) - [powerpc*] powerpc/64s: Support disabling RFI flush with no_rfi_flush and nopti - [powerpc*] powerpc/64s: Allow control of RFI flush via debugfs - [x86] kaiser: fix intel_bts perf crashes - [x86] x86/pti: Make unpoison of pgd for trusted boot work for real - kaiser: allocate pgd with order 0 when pti=off - serial: core: mark port as initialized after successful IRQ change - ip6mr: fix stale iterator - net: igmp: add a missing rcu locking section - qlcnic: fix deadlock bug - tcp: release sk_frag.page in tcp_disconnect - soreuseport: fix mem leak in reuseport_add_sock() - KEYS: encrypted: fix buffer overread in valid_master_desc() - [x86] x86/retpoline: Remove the esp/rsp thunk - [x86] KVM: x86: Make indirect calls in emulator speculation safe (CVE-2017-5715, Spectre#2) - KVM: VMX: Make indirect call speculation safe - module/retpoline: Warn about missing retpoline in module - [x86] x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - [x86] x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes - [x86] x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support - [x86] x86/entry/64: Remove the SYSCALL64 fast path - [x86] x86/asm: Move 'status' from thread_struct to thread_info - Documentation: Document array_index_nospec - [x86] x86: Implement array_index_mask_nospec - [x86] x86: Introduce barrier_nospec - [x86] x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec - [x86] x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec - [x86] x86/get_user: Use pointer masking to limit speculation - [x86] x86/syscall: Sanitize syscall table de-references under speculation - vfs, fdtable: Prevent bounds-check bypass via speculative execution (CVE-2017-5753, Spectre#1) - nl80211: Sanitize array index in parse_txq_params (CVE-2017-5753, Spectre#1) - [x86] x86/spectre: Report get_user mitigation for spectre_v1 - x86/paravirt: Remove 'noreplace-paravirt' cmdline option - x86/kvm: Update spectre-v1 mitigation (CVE-2017-5753, Spectre#1) - KVM: nVMX: mark vmcs12 pages dirty on L2 exit - KVM/x86: Add IBPB support (CVE-2017-5715, Spectre#2) - KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES - KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL - KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL - [x86] x86/microcode: Do the family check first * [x86] Rewrite "Make x32 syscall support conditional on a kernel parameter" to use a static key * [x86] linux-compiler-gcc-6-x86: Add versioned dependency on gcc-6 for retpoline support * [powerpc] powerpc/64s: Simple RFI macro conversions (fix FTBFS) * Add myself to Uploaders since I did the last few uploads to Stretch. https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.82 - CIFS: zero sensitive data when freeing - posix-timer: Properly check sigevent->sigev_notify - dccp: CVE-2017-8824: use-after-free in DCCP code - media: dvb-usb-v2: lmedm04: Improve logic checking of warm start - media: dvb-usb-v2: lmedm04: move ts2020 attach to dm04_lme2510_tuner - ubi: fastmap: Erase outdated anchor PEBs during attach - ubi: block: Fix locking for idr_alloc/idr_remove - nsfs: mark dentry with DCACHE_RCUACCESS - media: v4l2-compat-ioctl32.c: refactor compat ioctl32 logic - crypto: caam - fix endless loop when DECO acquire fails - crypto: sha512-mb - initialize pending lengths correctly - KVM: nVMX: Fix races when sending nested PI while dest enters/leaves L2 - KVM: arm/arm64: Handle CPU_PM_ENTER_FAILED - media: dvb-frontends: fix i2c access helpers for KASAN - media: ts2020: avoid integer overflows on 32 bit machines - fs/proc/kcore.c: use probe_kernel_read() instead of memcpy() - kernel/relay.c: revert "kernel/relay.c: fix potential memory leak" - pipe: actually allow root to exceed the pipe buffer limits - ACPI: sbshc: remove raw pointer from printk() message (CVE-2018-5750) - acpi, nfit: fix register dimm error handling * Remove patches included in 4.9.82 * Bump ABI to 6, remove all ignored ABI changes since ABI 5. * Remove all patches handling or reverting ABI changes. * [x86] linux-headers: Depend on updated linux-compiler-gcc-6-x86 for retpoline support. * [x86] Add versioned build-dependency on gcc-6 for retpoline support. * [rt] Update to 4.9.76-rt61 except patches refreshed locally since 4.9.76. * [rt] Add gpg key for Julia Cartwright (0x0A120DD923EEDD5F) to upstream keyring [ Ben Hutchings ] * abiupdate.py: Add support for security mirrors -- Yves-Alexis Perez Mon, 19 Feb 2018 16:10:58 +0100 linux (4.9.80-2) stretch; urgency=medium * scsi: ignore ABI change in hisi_sas. -- Yves-Alexis Perez Fri, 09 Feb 2018 13:58:52 +0100 linux (4.9.80-1) stretch; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.66 - [s390x] fix transactional execution control register handling - [s390x] runtime instrumention: fix possible memory corruption - [s390x] disassembler: add missing end marker for e7 table - [s390x] disassembler: increase show_code buffer size - ACPI / EC: Fix regression related to triggering source of EC event handling - [x86] mm: fix use-after-free of vma during userfaultfd fault - ipv6: only call ip6_route_dev_notify() once for NETDEV_UNREGISTER - vsock: use new wait API for vsock_stream_sendmsg() - sched: Make resched_cpu() unconditional - lib/mpi: call cond_resched() from mpi_powm() loop - [x86] decoder: Add new TEST instruction pattern - [arm64] Implement arch-specific pte_access_permitted() - [armhf/armmp-lpae] 8722/1: mm: make STRICT_KERNEL_RWX effective for LPAE - [armhf/armmp-lpae] 8721/1: mm: dump: check hardware RO bit for LPAE - [arm64] PCI: Set Cavium ACS capability quirk flags to assert RR/CR/SV/UF - dm bufio: fix integer overflow when limiting maximum cache size - dm: allocate struct mapped_device with kvzalloc - [mips*] pci: Remove KERN_WARN instance inside the mt7620 driver - dm: fix race between dm_get_from_kobject() and __dm_destroy() - [mips*] Fix odd fp register warnings with MIPS64r2 - [mips*] Fix an n32 core file generation regset support regression - rt2x00usb: mark device removed when get ENOENT usb error - autofs: don't fail mount for transient error - nilfs2: fix race condition that causes file system corruption - eCryptfs: use after free in ecryptfs_release_messaging() - libceph: don't WARN() if user tries to add invalid key - bcache: check ca->alloc_thread initialized before wake up it - isofs: fix timestamps beyond 2027 - NFS: Fix typo in nomigration mount option - nfs: Fix ugly referral attributes - NFS: Avoid RCU usage in tracepoints - nfsd: deal with revoked delegations appropriately - rtlwifi: rtl8192ee: Fix memory leak when loading firmware - rtlwifi: fix uninitialized rtlhal->last_suspend_sec time - ata: fixes kernel crash while tracing ata_eh_link_autopsy event - ext4: fix interaction between i_size, fallocate, and delalloc after a crash - ALSA: pcm: update tstamp only if audio_tstamp changed - ALSA: usb-audio: Add sanity checks to FE parser - ALSA: usb-audio: Fix potential out-of-bound access at parsing SU - ALSA: usb-audio: Add sanity checks in v2 clock parsers - ALSA: timer: Remove kernel warning at compat ioctl error paths - ALSA: hda: Fix too short HDMI/DP chmap reporting - ALSA: hda/realtek - Fix ALC700 family no sound issue - fix a page leak in vhost_scsi_iov_to_sgl() error recovery - fs/9p: Compare qid.path in v9fs_test_inode - iscsi-target: Fix non-immediate TMR reference leak - target: Fix QUEUE_FULL + SCSI task attribute handling - [armhf] mtd: nand: omap2: Fix subpage write - mtd: nand: Fix writing mtdoops to nand flash. - mtd: nand: mtk: fix infinite ECC decode IRQ issue - p54: don't unregister leds when they are not initialized - block: Fix a race between blk_cleanup_queue() and timeout handling - [armhf,arm64] irqchip/gic-v3: Fix ppi-partitions lookup - lockd: double unregister of inetaddr notifiers - [x86] KVM: nVMX: set IDTR and GDTR limits when loading L1 host state - [x86] KVM: SVM: obey guest PAT - SUNRPC: Fix tracepoint storage issues with svc_recv and svc_rqst_status - [armhf] clk: ti: dra7-atl-clock: fix child-node lookups - libnvdimm, pfn: make 'resource' attribute only readable by root - libnvdimm, namespace: fix label initialization to use valid seq numbers - libnvdimm, namespace: make 'resource' attribute only readable by root - IB/srpt: Do not accept invalid initiator port names - IB/srp: Avoid that a cable pull can trigger a kernel crash - NFC: fix device-allocation error return - fm10k,i40e,i40evf,igb,igbvf,ixgbe,ixgbevf: Use smp_rmb rather than read_barrier_depends - [powerpc*] signal: Properly handle return value from uprobe_deny_signal() - media: Don't do DMA on stack for firmware upload in the AS102 driver - media: rc: check for integer overflow - media: v4l2-ctrl: Fix flags field on Control events - sched/rt: Simplify the IPI based RT balancing logic - fscrypt: lock mutex before checking for bounce page pool - net/9p: Switch to wait_event_killable() - PM / OPP: Add missing of_node_put(np) - [x86] Revert "drm/i915: Do not rely on wm preservation for ILK watermarks" closes: #884001 - e1000e: Fix error path in link detection - e1000e: Fix return value test - e1000e: Separate signaling for link check/link up - e1000e: Avoid receiver overrun interrupt bursts - RDS: make message size limit compliant with spec - RDS: RDMA: return appropriate error on rdma map failures - RDS: RDMA: fix the ib_map_mr_sg_zbva() argument - PCI: Apply _HPX settings only to relevant devices - [armhf] clk: sunxi-ng: A31: Fix spdif clock register - [armhf] clk: sunxi-ng: fix PLL_CPUX adjusting on A33 - fscrypt: use ENOKEY when file cannot be created w/o key - fscrypt: use ENOTDIR when setting encryption policy on nondirectory - net: Allow IP_MULTICAST_IF to set index to L3 slave - net: 3com: typhoon: typhoon_init_one: fix incorrect return values - rt2800: set minimum MPDU and PSDU lengths to sane values - adm80211: return an error if adm8211_alloc_rings() fails - mwifiex: sdio: fix use after free issue for save_adapter - ath10k: fix incorrect txpower set by P2P_DEVICE interface - ath10k: ignore configuring the incorrect board_id - ath10k: fix potential memory leak in ath10k_wmi_tlv_op_pull_fw_stats() - bnxt_en: Set default completion ring for async events. - ath10k: set CTS protection VDEV param only if VDEV is up - ALSA: hda - Apply ALC269_FIXUP_NO_SHUTUP on HDA_FIXUP_ACT_PROBE - drm: Apply range restriction after color adjustment when allocation - [arm64] clk: qcom: ipq4019: Add all the frequencies for apss cpu - mac80211: Remove invalid flag operations in mesh TSF synchronization - mac80211: Suppress NEW_PEER_CANDIDATE event if no room - adm80211: add checks for dma mapping errors - iio: light: fix improper return value - netfilter: nft_queue: use raw_smp_processor_id() - netfilter: nf_tables: fix oob access - [armel,armhf] crypto: marvell - Copy IVDIG before launching partial DMA ahash requests - btrfs: return the actual error value from from btrfs_uuid_tree_iterate - [s390x] kbuild: enable modversions for symbols exported from asm - cec: when canceling a message, don't overwrite old status info - cec: CEC_MSG_GIVE_FEATURES should abort for CEC version < 2 - cec: update log_addr[] before finishing configuration - nvmet: fix KATO offset in Set Features - xen: xenbus driver must not accept invalid transaction ids https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.67 - [armhf] dts: LogicPD Torpedo: Fix camera pin mux - [armhf] dts: omap3: logicpd-torpedo-37xx-devkit: Fix MMC1 cd-gpio - mm/cma: fix alloc_contig_range ret code/potential leak - mm, hugetlbfs: introduce ->split() to vm_operations_struct - mm/madvise.c: fix madvise() infinite loop under special circumstances - btrfs: clear space cache inode generation always - nfsd: Fix stateid races between OPEN and CLOSE - nfsd: Fix another OPEN stateid race - nfsd: fix panic in posix_unblock_lock called from nfs4_laundromat - [armhf] mfd: twl4030-power: Fix pmic for boards that need vmmc1 on reboot - [armhf] OMAP2+: Fix WL1283 Bluetooth Baud Rate - [x86] KVM: pvclock: Handle first-time write to pvclock-page contains random junk - [x86] KVM: Exit to user-mode on #UD intercept when emulator requires - [x86] KVM: inject exceptions produced by x86_decode_insn - [x86] KVM: lapic: Split out x2apic ldr calculation - [x86] KVM: lapic: Fixup LDR on load in x2apic - mmc: core: Do not leave the block driver in a suspended state - mmc: core: prepend 0x to OCR entry in sysfs - eeprom: at24: fix reading from 24MAC402/24MAC602 - eeprom: at24: correctly set the size for at24mac402 - eeprom: at24: check at24_read/write arguments - [x86,alpha] i2c: i801: Fix Failed to allocate irq -2147483648 error - hwmon: (jc42) optionally try to disable the SMBUS timeout - nvme-pci: add quirk for delay before CHK RDY for WDC SN200 - Revert "drm/radeon: dont switch vt on suspend" - drm/amdgpu: potential uninitialized variable in amdgpu_vce_ring_parse_cs() - drm/amdgpu: Potential uninitialized variable in amdgpu_vm_update_directories() - drm/radeon: fix atombios on big endian - [armhf,arm64] drm/panel: simple: Add missing panel_simple_unprepare() calls - [arm64] drm/hisilicon: Ensure LDI regs are properly configured. - drm/ttm: once more fix ttm_buffer_object_transfer - drm/amd/pp: fix typecast error in powerplay. - NFS: revalidate "." etc correctly on "open". - [x86] drm/i915: Don't try indexed reads to alternate slave addresses - [x86] drm/i915: Prevent zero length "index" write https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.68 - bcache: only permit to recovery read error when cache device is clean - bcache: recover data from backing when data is clean - Revert "crypto: caam - get rid of tasklet" - mm, oom_reaper: gather each vma to prevent leaking TLB entry - uas: Always apply US_FL_NO_ATA_1X quirk to Seagate devices - usb: quirks: Add no-lpm quirk for KY-688 USB 3.1 Type-C Hub - [s390x] runtime instrumentation: simplify task exit handling - ima: fix hash algorithm initialization - [s390x] pci: do not require AIS facility - serial: 8250_fintek: Fix rs485 disablement on invalid ioctl() - staging: rtl8188eu: avoid a null dereference on pmlmepriv - [arm64] mmc: sdhci-msm: fix issue with power irq - serial: 8250: Preserve DLD[7:4] for PORT_XR17V35X - [x86] entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() - [x86] EDAC, sb_edac: Fix missing break in switch - [armel,armhf] sysrq : fix Show Regs call trace on ARM - usbip: tools: Install all headers needed for libusbip development - [x86] kprobes: Disable preemption in ftrace-based jprobes - iio: adc: ti-ads1015: add 10% to conversion wait time - dax: Avoid page invalidation races and unnecessary radix tree traversals - net/mlx4_en: Fix type mismatch for 32-bit systems - l2tp: take remote address into account in l2tp_ip and l2tp_ip6 socket lookups - usb: gadget: f_fs: Fix ExtCompat descriptor validation - libcxgb: fix error check for ip6_route_output() - [armhf] OMAP2+: Fix WL1283 Bluetooth Baud Rate - vti6: fix device register to report IFLA_INFO_KIND - be2net: fix accesses to unicast list - be2net: fix unicast list filling - net/appletalk: Fix kernel memory disclosure - libfs: Modify mount_pseudo_xattr to be clear it is not a userspace mount - mm: fix remote numa hits statistics - mac80211: calculate min channel width correctly - nfs: Don't take a reference on fl->fl_file for LOCK operation - [armhf,arm64] KVM: Fix occasional warning from the timer work function - mac80211: prevent skb/txq mismatch - NFSv4: Fix client recovery when server reboots multiple times - [x86] perf/intel: Account interrupts for PEBS errors - [powerpc*] mm: Fix memory hotplug BUG() on radix - qla2xxx: Fix wrong IOCB type assumption - drm/amdgpu: fix bug set incorrect value to vce register - net: sctp: fix array overrun read on sctp_timer_tbl - [x86] fpu: Set the xcomp_bv when we fake up a XSAVES area - drm/amdgpu: fix unload driver issue for virtual display - mac80211: don't try to sleep in rate_control_rate_init() - RDMA/qedr: Return success when not changing QP state - RDMA/qedr: Fix RDMA CM loopback - tipc: fix nametbl_lock soft lockup at module exit - tipc: fix cleanup at module unload - [armhf] dmaengine: pl330: fix double lock - tcp: correct memory barrier usage in tcp_check_space() - nvmet: cancel fatal error and flush async work before free controller - gtp: clear DF bit on GTP packet tx - gtp: fix cross netns recv on gtp socket - net: phy: micrel: KSZ8795 do not set SUPPORTED_[Asym_]Pause - [arm64] net: thunderx: avoid dereferencing xcv when NULL - be2net: fix initial MAC setting - [powerpc*] vfio/spapr: Fix missing mutex unlock when creating a window - mm: avoid returning VM_FAULT_RETRY from ->page_mkwrite handlers - xen-netfront: Improve error handling during initialization - cec: initiator should be the same as the destination for, poll - xen-netback: vif counters from int/long to u64 - net: fec: fix multicast filtering hardware setup - dma-buf/dma-fence: Extract __dma_fence_is_later() - dma-buf/sw-sync: Fix the is-signaled test to handle u32 wraparound - dma-buf/sw-sync: Prevent user overflow on timeline advance - dma-buf/sw-sync: sync_pt is private and of fixed size - dma-buf/sw-sync: Fix locking around sync_timeline lists - dma-buf/sw-sync: Use an rbtree to sort fences in the timeline - dma-buf/sw_sync: move timeline_fence_ops around - dma-buf/sw_sync: clean up list before signaling the fence - dma-fence: Clear fence->status during dma_fence_init() - dma-fence: Wrap querying the fence->status - dma-fence: Introduce drm_fence_set_error() helper - dma-buf/sw_sync: force signal all unsignaled fences on dying timeline - dma-buf/sync_file: hold reference to fence when creating sync_file - usb: hub: Cycle HUB power when initialization fails - usb: xhci: fix panic in xhci_free_virt_devices_depth_first - USB: core: Add type-specific length check of BOS descriptors - USB: Increase usbfs transfer limit - USB: devio: Prevent integer overflow in proc_do_submiturb() - USB: usbfs: Filter flags passed in from user space - usb: host: fix incorrect updating of offset - xen-netfront: avoid crashing on resume after a failure in talk_to_netback() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.69 - can: kvaser_usb: free buf in error paths - can: kvaser_usb: Fix comparison bug in kvaser_usb_read_bulk_callback() - can: kvaser_usb: ratelimit errors if incomplete messages are received - can: kvaser_usb: cancel urb on -EPIPE and -EPROTO - can: ems_usb: cancel urb on -EPIPE and -EPROTO - can: esd_usb2: cancel urb on -EPIPE and -EPROTO - can: usb_8dev: cancel urb on -EPIPE and -EPROTO - virtio: release virtio index when fail to device_register - [x86] hv: kvp: Avoid reading past allocated blocks from KVP file - isa: Prevent NULL dereference in isa_bus driver callbacks - scsi: dma-mapping: always provide dma_get_cache_alignment - scsi: use dma_get_cache_alignment() as minimum DMA alignment - scsi: libsas: align sata_device's rps_resp on a cacheline - efi: Move some sysfs files to be read-only by root - efi/esrt: Use memunmap() instead of kfree() to free the remapping - ASN.1: fix out-of-bounds read when parsing indefinite length item - ASN.1: check for error from ASN1_OP_END__ACT actions - X.509: reject invalid BIT STRING for subjectPublicKey - X.509: fix comparisons of ->pkey_algo - [x86] PCI: Make broadcom_postcore_init() check acpi_disabled - [x86] KVM: fix APIC page invalidation - btrfs: fix missing error return in btrfs_drop_snapshot - ALSA: pcm: prevent UAF in snd_pcm_info - ALSA: seq: Remove spurious WARN_ON() at timer check - ALSA: usb-audio: Fix out-of-bound error - ALSA: usb-audio: Add check return value for usb_string() - [x86] iommu/vt-d: Fix scatterlist offset handling - smp/hotplug: Move step CPUHP_AP_SMPCFD_DYING to the correct place - [s390x] fix compat system call table - [s390x] KVM: Fix skey emulation permission check - [powerpc*] 64s: Initialize ISAv3 MMU registers before setting partition table - brcmfmac: change driver unbind order of the sdio function devices - media: dvb: i2c transfers over usb cannot be done from stack - [armhf,arm64] KVM: fix VTTBR_BADDR_MASK BUG_ON off-by-one - [armhf,arm64] KVM: Fix broken GICH_ELRSR big endian conversion - [armhf,arm64] KVM: vgic-irqfd: Fix MSI entry allocation - [armhf,arm64] KVM: vgic-its: Check result of allocation before use - [arm64] fpsimd: Prevent registers leaking from dead tasks - [armhf] bus: arm-cci: Fix use of smp_processor_id() in preemptible context - usb: f_fs: Force Reserved1=1 in OS_DESC_EXT_COMPAT - [armel,armhf] BUG if jumping to usermode address in kernel mode - [armel,armhf] avoid faulting on qemu - thp: reduce indentation level in change_huge_pmd() - thp: fix MADV_DONTNEED vs. numa balancing race - mm: drop unused pmdp_huge_get_and_clear_notify() - [armel,armhf] 8657/1: uaccess: consistently check object sizes - vti6: Don't report path MTU below IPV6_MIN_MTU. - [armhf] OMAP2+: gpmc-onenand: propagate error on initialization failure - [x86] platform/uv/BAU: Fix HUB errors by remove initial write to sw-ack register - sched/fair: Make select_idle_cpu() more aggressive - [x86] hpet: Prevent might sleep splat on resume - [powerpc*] 64: Invalidate process table caching after setting process table - lirc: fix dead lock between open and wakeup_filter - module: set __jump_table alignment to 8 - [powerpc*] 64: Fix checksum folding in csum_add() - [armhf] OMAP2+: Fix device node reference counts - [armhf] OMAP2+: Release device node after it is no longer needed. - usb: gadget: configs: plug memory leak - USB: gadgetfs: Fix a potential memory leak in 'dev_config()' - [armhf,arm64] usb: dwc3: gadget: Fix system suspend/resume on TI platforms - usb: gadget: udc: net2280: Fix tmp reusage in net2280 driver - [x86] kvm: nVMX: VMCLEAR should not cause the vCPU to shut down - libata: drop WARN from protocol error in ata_sff_qc_issue() - workqueue: trigger WARN if queue_delayed_work() is called with NULL @wq - scsi: qla2xxx: Fix ql_dump_buffer - scsi: lpfc: Fix crash during Hardware error recovery on SLI3 adapters - [armhf] irqchip/crossbar: Fix incorrect type of register size - [x86] KVM: nVMX: reset nested_run_pending if the vCPU is going to be reset - [armhf,arm64] KVM: Survive unknown traps from guests - [armhf,arm64] KVM: VGIC: Fix command handling while ITS being disabled - bnx2x: prevent crash when accessing PTP with interface down - bnx2x: fix possible overrun of VFPF multicast addresses array - bnx2x: fix detection of VLAN filtering feature for VF - bnx2x: do not rollback VF MAC/VLAN filters we did not configure - rds: tcp: Sequence teardown of listen and acceptor sockets to avoid races - [powerpc*] ibmvnic: Fix overflowing firmware/hardware TX queue - [powerpc*] ibmvnic: Allocate number of rx/tx buffers agreed on by firmware - ipv6: reorder icmpv6_init() and ip6_mr_init() - blk-mq: initialize mq kobjects in blk_mq_init_allocated_queue() - zram: set physical queue limits to avoid array out of bounds accesses - netfilter: don't track fragmented packets - [powerpc*] axonram: Fix gendisk handling - drm/amd/amdgpu: fix console deadlock if late init failed - [powerpc*] powernv/ioda2: Gracefully fail if too many TCE levels requested - [x86] EDAC, i5000, i5400: Fix use of MTR_DRAM_WIDTH macro - [x86] EDAC, i5000, i5400: Fix definition of NRECMEMB register - kbuild: pkg: use --transform option to prefix paths in tar - coccinelle: fix parallel build with CHECK=scripts/coccicheck - mac80211_hwsim: Fix memory leak in hwsim_new_radio_nl() - gre6: use log_ecn_error module parameter in ip6_tnl_rcv() - route: also update fnhe_genid when updating a route cache - route: update fnhe_expires for redirect when the fnhe exists - NFS: Fix a typo in nfs_rename() - sunrpc: Fix rpc_task_begin trace point - xfs: fix forgotten rcu read unlock when skipping inode reclaim - block: wake up all tasks blocked in get_request() - zsmalloc: calling zs_map_object() from irq is a bug - sctp: do not free asoc when it is already dead in sctp_sendmsg - sctp: use the right sk after waking up from wait_buf sleep - bpf: fix lockdep splat - atm: horizon: Fix irq release error - xfrm: Copy policy family in clone_policy - IB/mlx4: Increase maximal message size under UD QP - IB/mlx5: Assign send CQ and recv CQ of UMR QP - afs: Connect up the CB.ProbeUuid https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.70 - [s390x] qeth: fix early exit from error path - tipc: fix memory leak in tipc_accept_from_sock() - rds: Fix NULL pointer dereference in __rds_rdma_map - sit: update frag_off info - packet: fix crash in fanout_demux_rollover() - net/packet: fix a race in packet_bind() and packet_notifier() - usbnet: fix alignment for frames with no ethernet header - stmmac: reset last TSO segment size after device open - tcp/dccp: block bh before arming time_wait timer - [s390x] qeth: build max size GSO skbs on L2 devices - [s390x] qeth: fix GSO throughput regression - [s390x] qeth: fix thinko in IPv4 multicast address tracking - tipc: call tipc_rcv() only if bearer is up in tipc_udp_recv() - Fix handling of verdicts after NF_QUEUE - ipmi: Stop timers before cleaning up the module - [s390x] always save and restore all registers on context switch - usb: gadget: ffs: Forbid usb_ep_alloc_request from sleeping - fix kcm_clone() - [armhf,arm64] KVM: vgic-its: Preserve the revious read from the pending table - [powerpc*] 64: Fix checksum folding in csum_tcpudp_nofold and ip_fast_csum_nofold - kbuild: do not call cc-option before KBUILD_CFLAGS initialization - ipvlan: fix ipv6 outbound device - audit: ensure that 'audit=1' actually enables audit for PID 1 - md: free unused memory after bitmap resize - RDMA/cxgb4: Annotate r2 and stag as __be32 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.71 - mfd: fsl-imx25: Clean up irq settings during removal - crypto: rsa - fix buffer overread when stripping leading zeroes - autofs: fix careless error in recent commit - tracing: Allocate mask_str buffer dynamically - USB: uas and storage: Add US_FL_BROKEN_FUA for another JMicron JMS567 ID - usbip: fix stub_rx: get_pipe() to validate endpoint number (CVE-2017-16912) - usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input (CVE-2017-16913) - usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer (CVE-2017-16914) - ceph: drop negative child dentries before try pruning inode's alias - usb: xhci: fix TDS for MTK xHCI1.1 - xhci: Don't add a virt_dev to the devs array before it's fully allocated - nfs: don't wait on commit in nfs_commit_inode() if there were no commit requests - sched/rt: Do not pull from current CPU if only one CPU to pull - eeprom: at24: change nvmem stride to 1 - dmaengine: dmatest: move callback wait queue to thread context - ext4: fix fdatasync(2) after fallocate(2) operation - ext4: fix crash when a directory's i_size is too small - mac80211: Fix addition of mesh configuration element - [x86] KVM: nVMX: do not warn when MSR bitmap address is not backed - md-cluster: free md_cluster_info if node leave cluster - userfaultfd: shmem: __do_fault requires VM_FAULT_NOPAGE - userfaultfd: selftest: vm: allow to build in vm/ directory - net: initialize msg.msg_flags in recvfrom - bnxt_en: Ignore 0 value in autoneg supported speed from firmware. - net: bcmgenet: correct the RBUF_OVFL_CNT and RBUF_ERR_CNT MIB values - net: bcmgenet: correct MIB access of UniMAC RUNT counters - net: bcmgenet: reserved phy revisions must be checked first - net: bcmgenet: power down internal phy if open or resume fails - net: bcmgenet: synchronize irq0 status between the isr and task - net: bcmgenet: Power up the internal PHY before probing the MII - rxrpc: Wake up the transmitter if Rx window size increases on the peer - net/mlx5: Fix create autogroup prev initializer - net/mlx5: Don't save PCI state when PCI error is detected - drm/amdgpu: fix parser init error path to avoid crash in parser fini - NFSD: fix nfsd_minorversion(.., NFSD_AVAIL) - NFSD: fix nfsd_reset_versions for NFSv4. - [armhf] drm/omap: fix dmabuf mmap for dma_alloc'ed buffers - netfilter: bridge: honor frag_max_size when refragmenting - blk-mq: Fix tagset reinit in the presence of cpu hot-unplug - writeback: fix memory leak in wb_queue_work() - net: wimax/i2400m: fix NULL-deref at probe - dmaengine: Fix array index out of bounds warning in __get_unmap_pool() - irqchip/mvebu-odmi: Select GENERIC_MSI_IRQ_DOMAIN - net: Resend IGMP memberships upon peer notification. - qed: Align CIDs according to DORQ requirement - qed: Fix mapping leak on LL2 rx flow - qed: Fix interrupt flags on Rx LL2 - scsi: hpsa: update check for logical volume status - scsi: hpsa: limit outstanding rescans - scsi: hpsa: do not timeout reset operations - fjes: Fix wrong netdevice feature flags - drm/radeon/si: add dpm quirk for Oland - [x86] Drivers: hv: util: move waiting for release to hv_utils_transport itself - iwlwifi: mvm: cleanup pending frames in DQA mode - sched/deadline: Add missing update_rq_clock() in dl_task_timer() - sched/deadline: Make sure the replenishment timer fires in the next period - sched/deadline: Throttle a constrained deadline task activated after the deadline - sched/deadline: Use deadline instead of period when calculating overflow - drm/radeon: reinstate oland workaround for sclk - afs: Fix missing put_page() - afs: Populate group ID from vnode status - afs: Adjust mode bits processing - afs: Deal with an empty callback array - afs: Flush outstanding writes when an fd is closed - afs: Migrate vlocation fields to 64-bit - afs: Prevent callback expiry timer overflow - afs: Fix the maths in afs_fs_store_data() - afs: Invalid op ID should abort with RXGEN_OPCODE - afs: Better abort and net error handling - afs: Populate and use client modification time - afs: Fix page leak in afs_write_begin() - afs: Fix afs_kill_pages() - afs: Fix abort on signal while waiting for call completion - nvme-loop: fix a possible use-after-free when destroying the admin queue - nvmet: confirm sq percpu has scheduled and switched to atomic - nvmet-rdma: Fix a possible uninitialized variable dereference - net/mlx4_core: Avoid delays during VF driver device shutdown - net: mpls: Fix nexthop alive tracking on down events - rxrpc: Ignore BUSY packets on old calls - tty: don't panic on OOM in tty_set_ldisc() - tty: fix data race in tty_ldisc_ref_wait() - perf symbols: Fix symbols__fixup_end heuristic for corner cases - efi/esrt: Cleanup bad memory map log messages - NFSv4.1 respect server's max size in CREATE_SESSION - btrfs: add missing memset while reading compressed inline extents - target: Use system workqueue for ALUA transitions - target: fix ALUA transition timeout handling - target: fix race during implicit transition work flushes - [x86] Revert "x86/acpi: Set persistent cpuid <-> nodeid mapping when booting" - HID: cp2112: fix broken gpio_direction_input callback - sfc: don't warn on successful change of MAC - video: udlfb: Fix read EDID timeout - rtc: pcf8563: fix output clock rate - [x86] ASoC: Intel: Skylake: Fix uuid_module memory leak in failure case - [armhf] dmaengine: ti-dma-crossbar: Correct am335x/am43xx mux value type - PCI/PME: Handle invalid data when reading Root Status - powerpc/powernv/cpufreq: Fix the frequency read by /proc/cpuinfo - PCI: Do not allocate more buses than available in parent - netfilter: ipvs: Fix inappropriate output of procfs - [powerpc*] opal: Fix EBUSY bug in acquiring tokens - [powerpc*] ipic: Fix status get and status clear - [x86] platform: intel_punit_ipc: Fix resource ioremap warning - target/iscsi: Fix a race condition in iscsit_add_reject_from_cmd() - iscsi-target: fix memory leak in lio_target_tiqn_addtpg() - target:fix condition return in core_pr_dump_initiator_port() - target/file: Do not return error for UNMAP if length is zero - badblocks: fix wrong return value in badblocks_set if badblocks are disabled - [x86] iommu/amd: Limit the IOVA page range to the specified addresses - xfs: truncate pagecache before writeback in xfs_setattr_size() - crypto: tcrypt - fix buffer lengths in test_aead_speed() - mm: Handle 0 flags in _calc_vm_trans() macro - [armhf] clk: imx6: refine hdmi_isfr's parent to make HDMI work on i.MX6 SoCs w/o VPU - [arm64] clk: hi6220: mark clock cs_atb_syspll as critical - [armhf,arm64] clk: tegra: Fix cclk_lp divisor register - ppp: Destroy the mutex when cleanup - thermal/drivers/step_wise: Fix temperature regulation misbehavior - scsi: scsi_debug: write_same: fix error report - GFS2: Take inode off order_write list when setting jdata flag - bcache: explicitly destroy mutex while exiting - bcache: fix wrong cache_misses statistics - Ib/hfi1: Return actual operational VLs in port info query - [x86] platform: hp_accel: Add quirk for HP ProBook 440 G4 - nvme: use kref_get_unless_zero in nvme_find_get_ns - l2tp: cleanup l2tp_tunnel_delete calls - xfs: fix log block underflow during recovery cycle verification - xfs: fix incorrect extent state in xfs_bmap_add_extent_unwritten_real - RDMA/cxgb4: Declare stag as __be32 - PCI: Detach driver before procfs & sysfs teardown on device remove - scsi: hpsa: cleanup sas_phy structures in sysfs when unloading - scsi: hpsa: destroy sas transport properties before scsi_host - [powerpc*] perf/hv-24x7: Fix incorrect comparison in memord - tty fix oops when rmmod 8250 - raid5: Set R5_Expanded on parity devices as well as data. - scsi: scsi_devinfo: Add REPORTLUN2 to EMC SYMMETRIX blacklist entry - IB/core: Fix calculation of maximum RoCE MTU - vt6655: Fix a possible sleep-in-atomic bug in vt6655_suspend - rtl8188eu: Fix a possible sleep-in-atomic bug in rtw_createbss_cmd - rtl8188eu: Fix a possible sleep-in-atomic bug in rtw_disassoc_cmd - scsi: sd: change manage_start_stop to bool in sysfs interface - scsi: sd: change allow_restart to bool in sysfs interface - scsi: bfa: integer overflow in debugfs - udf: Avoid overflow when session starts at large offset - macvlan: Only deliver one copy of the frame to the macvlan interface - RDMA/cma: Avoid triggering undefined behavior - IB/ipoib: Grab rtnl lock on heavy flush when calling ndo_open/stop - icmp: don't fail on fragment reassembly time exceeded - ath9k: fix tx99 potential info leak https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.72 - cxl: Check if vphb exists before iterating over AFU devices - [arm64] Initialise high_memory global variable earlier - kvm: fix usage of uninit spinlock in avic_vm_destroy() - [armhf] kprobes: Fix the return address of multiple kretprobes - [armhf] kprobes: Align stack to 8-bytes in test code - nvme-loop: handle cpu unplug when re-establishing the controller - cpuidle: Validate cpu_dev in cpuidle_add_sysfs() - r8152: fix the list rx_done may be used without initialization - crypto: deadlock between crypto_alg_sem/rtnl_mutex/genl_mutex - vsock: track pkt owner vsock - vhost-vsock: add pkt cancel capability - vsock: cancel packets when failing to connect - sch_dsmark: fix invalid skb_cow() usage - bna: integer overflow bug in debugfs - sctp: out_qlen should be updated when pruning unsent queue - usb: gadget: f_uvc: Sanity check wMaxPacketSize for SuperSpeed - usb: gadget: udc: remove pointer dereference after free - netfilter: nfnl_cthelper: fix runtime expectation policy updates - netfilter: nfnl_cthelper: Fix memory leak - [armhf] iommu/exynos: Workaround FLPD cache flush issues for SYSMMU v5 - r8152: fix the rx early size of RTL8153 - tipc: fix nametbl deadlock at tipc_nametbl_unsubscribe - inet: frag: release spinlock before calling icmp_send() - scsi: lpfc: Fix PT2PT PRLI reject - [x86] kvm: vmx: Flush TLB when the APIC-access address changes - [x86] KVM: correct async page present tracepoint - [x86] KVM: VMX: Fix enable VPID conditions - [armhf] dts: ti: fix PCI bus dtc warnings - [x86] hwmon: (asus_atk0110) fix uninitialized data access - HID: xinmo: fix for out of range for THT 2P arcade controller. - ASoC: STI: Fix reader substream pointer set - r8152: prevent the driver from transmitting packets with carrier off - [s390x] qeth: size calculation outbound buffers - [s390x] qeth: no ETH header for outbound AF_IUCV - bna: avoid writing uninitialized data into hw registers - i40iw: Receive netdev events post INET_NOTIFIER state - IB/core: Protect against self-requeue of a cq work item - infiniband: Fix alignment of mmap cookies to support VIPT caching - nbd: set queue timeout properly - net: Do not allow negative values for busy_read and busy_poll sysctl interfaces - IB/rxe: double free on error - IB/rxe: increment msn only when completing a request - i40e: Do not enable NAPI on q_vectors that have no rings - RDMA/iser: Fix possible mr leak on device removal event - irda: vlsi_ir: fix check for DMA mapping errors - netfilter: nfnl_cthelper: fix a race when walk the nf_ct_helper_hash table - netfilter: nf_nat_snmp: Fix panic when snmp_trap_helper fails to register - [armhf] dts: am335x-evmsk: adjust mmc2 param to allow suspend - cpufreq: Fix creation of symbolic links to policy directories - net: ipconfig: fix ic_close_devs() use-after-free - [x86] KVM: pci-assign: do not map smm memory slot pages in vt-d page tables - virtio-balloon: use actual number of stats for stats queue buffers - virtio_balloon: prevent uninitialized variable use - isdn: kcapi: avoid uninitialized data - xhci: plat: Register shutdown for xhci_plat - netfilter: nfnetlink_queue: fix secctx memory leak - Btrfs: fix an integer overflow check - [armel,armhf] dma-mapping: disallow dma_get_sgtable() for non-kernel managed memory - [powerpc*] cpuidle: powernv: Pass correct drv->cpumask for registration - bnxt_en: Fix NULL pointer dereference in reopen failure path - [armhf,arm64] backlight: pwm_bl: Fix overflow condition - [armhf,arm64] rtc: pl031: make interrupt optional - kvm, mm: account kvm related kmem slabs to kmemcg - net: phy: at803x: Change error to EINVAL for invalid MAC - PCI: Avoid bus reset if bridge itself is broken - scsi: cxgb4i: fix Tx skb leak - scsi: mpt3sas: Fix IO error occurs on pulling out a drive from RAID1 volume created on two SATA drive - PCI: Create SR-IOV virtfn/physfn links before attaching driver - PM / OPP: Move error message to debug level - igb: check memory allocation failure - ixgbe: fix use of uninitialized padding - IB/rxe: check for allocation failure on elem - PCI/AER: Report non-fatal errors only to the affected endpoint - tracing: Exclude 'generic fields' from histograms - fm10k: fix mis-ordered parameters in declaration for .ndo_set_vf_bw - scsi: lpfc: Fix secure firmware updates - scsi: lpfc: PLOGI failures during NPIV testing - vfio/pci: Virtualize Maximum Payload Size - fm10k: ensure we process SM mbx when processing VF mbx - net: ipv6: send NS for DAD when link operationally up - [armhf] clk: sunxi-ng: sun6i: Rename HDMI DDC clock to avoid name collision - tcp: fix under-evaluated ssthresh in TCP Vegas - rtc: set the alarm to the next expiring timer - cpuidle: fix broadcast control when broadcast can not be entered - [arm64] thermal: hisilicon: Handle return value of clk_prepare_enable - [arm64] thermal/drivers/hisi: Fix missing interrupt enablement - [arm64] thermal/drivers/hisi: Fix kernel panic on alarm interrupt - [arm64] thermal/drivers/hisi: Simplify the temperature/step computation - [arm64] thermal/drivers/hisi: Fix multiple alarm interrupts firing - [mips*] math-emu: Fix final emulation phase for certain instructions - [x86] platform: asus-wireless: send an EV_SYN/SYN_REPORT between state changes https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.73 - ACPI: APEI / ERST: Fix missing error handling in erst_reader() - ALSA: rawmidi: Avoid racy info ioctl via ctl device - spi: xilinx: Detect stall with Unknown commands - [x86] KVM: X86: Fix load RFLAGS w/o the fixed bit - [x86] kvm: x86: fix RSM when PCID is non-zero - [armhf] clk: sunxi: sun9i-mmc: Implement reset callback for reset controls - [powerpc*] powerpc/perf: Dereference BHRB entries safely - bpf/verifier: Fix states_equal() comparison of pointer and UNKNOWN https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.74 - tracing: Remove extra zeroing out of the ring buffer page - tracing: Fix possible double free on failure of allocating trace buffer - tracing: Fix crash when it fails to alloc ring buffer - ring-buffer: Mask out the info bits when returning buffer page length - ASoC: wm_adsp: Fix validation of firmware and coeff lengths - [x86] x86/vm86/32: Switch to flush_tlb_mm_range() in mark_screen_rdonly() - [x86] x86/mm: Remove flush_tlb() and flush_tlb_current_task() - [x86] x86/mm: Make flush_tlb_mm_range() more predictable - [x86] x86/mm: Reimplement flush_tlb_page() using flush_tlb_mm_range() - [x86] x86/mm: Remove the UP asm/tlbflush.h code, always use the (formerly) SMP code - [x86] x86/mm: Disable PCID on 32-bit kernels - [x86] x86/mm: Add the 'nopcid' boot option to turn off PCID - [x86] x86/mm: Enable CR4.PCIDE on supported systems - [amd64] x86/mm/64: Fix reboot interaction with CR4.PCIDE - kbuild: add '-fno-stack-check' to kernel build options - ipv4: igmp: guard against silly MTU values - ipv6: mcast: better catch silly mtu values - ptr_ring: add barriers - RDS: Check cmsg_len before dereferencing CMSG_DATA - tg3: Fix rx hang on MTU change with 5717/5719 - net: ipv4: fix for a race condition in raw_sendmsg - ipv4: Fix use-after-free when flushing FIB tables - net: bridge: fix early call to br_stp_change_bridge_id and plug newlink leaks - net: Fix double free and memory corruption in get_net_ns_by_id() (CVE-2017-15129) - net/mlx5e: Fix possible deadlock of VXLAN lock - net/mlx5e: Prevent possible races in VXLAN control flow - usbip: fix usbip bind writing random string after command in match_busid - usbip: prevent leaking socket pointer address in messages - usbip: stub: stop printing kernel pointer addresses in messages - usbip: vhci: stop printing kernel pointer addresses in messages - USB: Fix off by one in type-specific length check of BOS SSP capability - nohz: Prevent a timer interrupt storm in tick_nohz_stop_sched_tick() - [x86] x86/smpboot: Remove stale TLB flush invocations - n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.75 - [x86] x86/boot: Add early cmdline parsing for options with arguments - [amd64] KAISER: Kernel Address Isolation - [amd64] kaiser: merged update - [amd64] kaiser: do not set _PAGE_NX on pgd_none - [amd64] kaiser: stack map PAGE_SIZE at THREAD_SIZE-PAGE_SIZE - [amd64] kaiser: fix build and FIXME in alloc_ldt_struct() - [amd64] kaiser: KAISER depends on SMP - [amd64] kaiser: fix regs to do_nmi() ifndef CONFIG_KAISER - [amd64] kaiser: fix perf crashes - [amd64] kaiser: ENOMEM if kaiser_pagetable_walk() NULL - [amd64] kaiser: tidied up asm/kaiser.h somewhat - [amd64] kaiser: tidied up kaiser_add/remove_mapping slightly - [amd64] kaiser: align addition to x86/mm/Makefile - [amd64] kaiser: cleanups while trying for gold link - [amd64] kaiser: name that 0x1000 KAISER_SHADOW_PGD_OFFSET - [amd64] kaiser: delete KAISER_REAL_SWITCH option - [amd64] kaiser: vmstat show NR_KAISERTABLE as nr_overhead - [amd64] kaiser: enhanced by kernel and user PCIDs - [amd64] kaiser: load_new_mm_cr3() let SWITCH_USER_CR3 flush user - [amd64] kaiser: PCID 0 for kernel and 128 for user - [amd64] kaiser: x86_cr3_pcid_noflush and x86_cr3_pcid_user - [amd64] kaiser: paranoid_entry pass cr3 need to paranoid_exit - [amd64] kaiser: kaiser_remove_mapping() move along the pgd - [amd64] kaiser: fix unlikely error in alloc_ldt_struct() - [amd64] kaiser: add "nokaiser" boot option, using ALTERNATIVE - [amd64] x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling - [amd64] x86/kaiser: Check boottime cmdline params - [amd64] kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush - [amd64] kaiser: drop is_atomic arg to kaiser_pagetable_walk() - [amd64] kaiser: asm/tlbflush.h handle noPGE at lower level - [amd64] kaiser: kaiser_flush_tlb_on_return_to_user() check PCID - [amd64] x86/paravirt: Dont patch flush_tlb_single - [amd64] x86/kaiser: Reenable PARAVIRT - [amd64] kaiser: disabled on Xen PV - [amd64] x86/kaiser: Move feature detection up - [amd64] KPTI: Rename to PAGE_TABLE_ISOLATION - [amd64] KPTI: Report when enabled - [amd64] kaiser: Set _PAGE_NX only if supported https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.76 - crypto: n2 - cure use after free - crypto: chacha20poly1305 - validate the digest size - crypto: pcrypt - fix freeing pcrypt instances (CVE-2017-18075) - nbd: fix use-after-free of rq/bio in the xmit path - [arm] iommu/arm-smmu-v3: Don't free page table ops twice - [arm] iommu/arm-smmu-v3: Cope with duplicated Stream IDs - [x86] x86/microcode/AMD: Add support for fam17h microcode loading - [hppa] parisc: Fix alignment of pa_tlb_lock in assembly on 32-bit SMP kernel - [x86] Map the vsyscall page with _PAGE_USER https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.77 - mac80211: Add RX flag to indicate ICV stripped - ath10k: rebuild crypto header in rx data frames - [x86] KVM: Fix stack-out-of-bounds read in write_mmio - [mips] MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA - [x86] kvm: vmx: Scrub hardware GPRs at VM-exit (mitigates Spectre / CVE-2017-5715 and CVE-2017-5753) - ALSA: pcm: Remove incorrect snd_BUG_ON() usages - RDS: Heap OOB write in rds_message_alloc_sgs() (CVE-2018-5332) - RDS: null pointer dereference in rds_atomic_free_op (CVE-2018-5333) - ipv6: fix possible mem leaks in ipv6_make_skb() - mlxsw: spectrum_router: Fix NULL pointer deref - crypto: algapi - fix NULL dereference in crypto_remove_spawns() - [x86] x86/microcode/intel: Extend BDW late-loading with a revision check - [x86] KVM: x86: Add memory barrier on vmcs field lookup (mitigates Spectre#2 / CVE-2017-5715) - [x86] kaiser: Set _PAGE_NX only if supported - bpf: prevent out-of-bounds speculation (mitigates Spectre#1 / CVE-2017-5753) - bpf, array: fix overflow in max_entries and undefined behavior in index_mask - USB: fix usbmon BUG trigger - usbip: remove kernel addresses from usb device and urb debug msgs - usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious input - usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null xfer buffer - Bluetooth: Prevent stack info leak from the EFS element.(CVE-2017-1000410) - [x86] x86/retpoline: Add initial retpoline support (mitigates Spectre#2 / CVE-2017-5715) - [x86] x86/spectre: Add boot time option to select Spectre v2 mitigation - [x86] x86/retpoline/crypto: Convert crypto assembler indirect jumps - [x86] x86/retpoline/entry: Convert entry assembler indirect jumps - [x86] x86/retpoline/ftrace: Convert ftrace assembler indirect jumps - [x86] x86/retpoline/hyperv: Convert assembler indirect jumps - [x86] x86/retpoline/xen: Convert Xen hypercall indirect jumps - [x86] x86/retpoline/checksum32: Convert assembler indirect jumps - [x86] x86/retpoline/irq32: Convert assembler indirect jumps - [x86] x86/retpoline: Fill return stack buffer on vmexit - [x86] x86/pti/efi: broken conversion from efi to kernel page table https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.78 - futex: Prevent overflow by strengthen input validation - ALSA: seq: Make ioctls race-free - af_key: fix buffer overread in verify_address_len() - af_key: fix buffer overread in parse_exthdrs() - iser-target: Fix possible use-after-free in connection establishment error - [x86] x86/retpoline: Fill RSB on context switch for affected CPUs - [x86] x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB macros - module: Add retpoline tag to VERMAGIC - [x86] x86/mm/pkeys: Fix fill_sig_info_pkey - [x86] x86/tsc: Fix erroneous TSC rate on Skylake Xeon - pipe: avoid round_pipe_size() nr_pages overflow on 32-bit - [x86] x86/apic/vector: Fix off by one in error path - Input: ALPS - fix multi-touch decoding on SS4 plus touchpads - Input: 88pm860x-ts - fix child-node lookup - Input: twl6040-vibra - fix child-node lookup - Input: twl4030-vibra - fix sibling-node lookup - proc: fix coredump vs read /proc/*/stat race - libata: apply MAX_SEC_1024 to all LITEON EP1 series devices - workqueue: avoid hard lockups in show_workqueue_state() - dm btree: fix serious bug in btree_split_beneath() - dm thin metadata: THIN_MAX_CONCURRENT_LOCKS should be 6 - [arm64] arm64: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls - [x86] x86/cpu, x86/pti: Do not enable PTI on AMD processors - usbip: fix warning in vhci_hcd_probe/lockdep_init_map - [x86] x86/mce: Make machine check speculation protected - [x86] retpoline: Introduce start/end markers of indirect thunk - [x86] x86/retpoline: Optimize inline assembler for vmexit_fill_RSB https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.79 - [i386] x86/asm/32: Make sync_core() handle missing CPUID on all 32-bit kernels - usbip: prevent vhci_hcd driver from leaking a socket pointer address (CVE-2017-16911) - usbip: Fix potential format overflow in userspace tools - [arm*] KVM: arm/arm64: Check pagesize when allocating a hugepage at Stage 2 - [amd64] Prevent timer value 0 for MWAITX - drivers: base: cacheinfo: fix boot error message when acpi is enabled - mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack - ACPICA: Namespace: fix operand cache leak - netfilter: nfnetlink_cthelper: Add missing permission checks - netfilter: xt_osf: Add missing permission checks - fs/fcntl: f_setown, avoid undefined behaviour - Revert "module: Add retpoline tag to VERMAGIC" - orangefs: fix deadlock; do not write i_size in read_iter - um: link vmlinux with -no-pie - vsyscall: Fix permissions for emulate mode with KAISER/PTI - ipv6: fix udpv6 sendmsg crash caused by too small MTU - ipv6: ip6_make_skb() needs to clear cork.base.dst - net: igmp: fix source address check for IGMPv3 reports - net: qdisc_pkt_len_init() should be more robust - net: tcp: close sock if net namespace is exiting - pppoe: take ->needed_headroom of lower device into account on xmit - r8169: fix memory corruption on retrieval of hardware statistics. - sctp: do not allow the v4 socket to bind a v4mapped v6 address - sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf - flow_dissector: properly cap thoff field - perf/x86/amd/power: Do not load AMD power module on !AMD platforms - x86/microcode/intel: Extend BDW late-loading further with LLC size check - bpf: fix bpf_tail_call() x64 JIT - bpf: avoid false sharing of map refcount with max_entries - bpf: fix divides by zero - bpf: fix 32-bit divide by zero - nfsd: auth: Fix gid sorting when rootsquash enabled https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.80 - loop: fix concurrent lo_open/lo_release (CVE-2018-5344) - gpio: Fix kernel stack leak to userspace - crypto: aesni - handle zero length dst buffer - crypto: sha3-generic - fixes for alignment and big endian operation - HID: wacom: EKR: ensure devres groups at higher indexes are released - igb: Free IRQs when device is hotplugged - drm/vc4: Account for interrupts in flight - [x86] KVM: x86: emulator: Return to user-mode on L1 CPL=0 emulation failure - [x86] KVM: x86: Don't re-execute instruction when not passing CR2 value - [x86] KVM: X86: Fix operand/address-size during instruction decoding - [x86] KVM: x86: ioapic: Fix level-triggered EOI and IOAPIC reconfigure race - [x86] KVM: x86: ioapic: Clear Remote IRR when entry is switched to edge-triggered - ACPI / bus: Leave modalias empty for devices which are not present - [x86] KVM: x86: ioapic: Preserve read-only values in the redirection table - btrfs: fix deadlock when writing out space cache - [x86] KVM: X86: Fix softlockup when get the current kvmclock - KVM: VMX: Fix rflags cache during vCPU reset - xfs: always free inline data before resetting inode fork during ifree - kmemleak: add scheduling point to kmemleak_scan() - scsi: aacraid: Prevent crash in case of free interrupt during scsi EH path - scsi: ufs: ufshcd: fix potential NULL pointer dereference in ufshcd_config_vreg - usb: gadget: don't dereference g until after it has been null checked - tty: fix data race between tty_init_dev and flush of buf - USB: serial: io_edgeport: fix possible sleep-in-atomic - usbip: prevent bind loops on devices attached to vhci_hcd [ Ben Hutchings ] * [rt] Update to 4.9.68-rt60: - Revert "memcontrol: Prevent scheduling while atomic in cgroup code" - Revert "fs: jbd2: pull your plug when waiting for space" - rtmutex: Fix lock stealing logic - cpu_pm: replace raw_notifier to atomic_notifier - PM / CPU: replace raw_notifier with atomic_notifier (fixup) - kernel/hrtimer: migrate deferred timer on CPU down - net: take the tcp_sk_lock lock with BH disabled - kernel/hrtimer: don't wakeup a process while holding the hrtimer base lock - kernel/hrtimer/hotplug: don't wake ktimersoftd while holding the hrtimer base lock - Bluetooth: avoid recursive locking in hci_send_to_channel() - iommu/amd: Use raw_cpu_ptr() instead of get_cpu_ptr() for ->flush_queue - rt/locking: allow recursive local_trylock() - locking/rtmutex: don't drop the wait_lock twice - net: use trylock in icmp_sk * e1000e: Fix e1000_check_for_copper_link_ich8lan return value. (see bug #885348) * [s390x] Un-revert upstream change moving exports to assembly sources [ Yves-Alexis Perez ] * mm, hugetlbfs: Avoid ABI change in 4.9.67. * dma-fence: Avoid ABI change in 4.9.68. * lib/genalloc: Avoid ABI change in 4.9.69. * Ignore ABI changes in inet_diag, SCTP, vsock, NVME, MD and libsas drivers, prevent FTBFS. * debian/patches: drop patches included upstream: - bugfix/all/e1000e-fix-e1000_check_for_copper_link_ich8lan-return-value.patch - bugfix/all/kvm-fix-stack-out-of-bounds-read-in-write_mmio.patch - bugfix/all/bluetooth-prevent-stack-info-leak-from-the-efs-element.patch - bugfix/all/mm-mmap.c-do-not-blow-on-prot_none-map_fixed-holes-i.patch - bugfix/all/netfilter-nfnetlink_cthelper-add-missing-permission-.patch - bugfix/all/netfilter-xt_osf-add-missing-permission-checks.patch - bugfix/all/nfsd-auth-Fix-gid-sorting-when-rootsquash-enabled.patch * bpf: avoid ABI changes in 4.9.77 and 4.9.79. * Ignore ABI change for cpu_tlbstate (symbol not exported _GPL anymore) * sched/rt: Avoid ABI change in 4.9.66. * Ignore ABI change for tcp_cong_avoid_ai and tcp_slow_start. * RT patchset: - fix context against 4.9.78 (164, 165, 229, 230) - refresh for fuzz (228) * mm: Avoid ABI change in 4.9.79. * usbip: ignore ABI change in 4.9.79. * cpupower: check for CPU existence has been fixed upstream, although a bit differently than the included patch. [ Salvatore Bonaccorso ] * nfsd: auth: Fix gid sorting when rootsquash enabled (CVE-2018-1000028) -- Yves-Alexis Perez Sun, 04 Feb 2018 21:11:44 +0100 linux (4.9.65-3+deb9u2) stretch-security; urgency=high * x86: setup PCID, preparation work for KPTI. - x86/mm/64: Fix reboot interaction with CR4.PCIDE - x86/mm: Add the 'nopcid' boot option to turn off PCID - x86/mm: Disable PCID on 32-bit kernels - x86/mm: Enable CR4.PCIDE on supported systems * [amd64] Implement Kernel Page Table Isolation (KPTI, aka KAISER) (CVE-2017-5754) - kaiser: add "nokaiser" boot option, using ALTERNATIVE - kaiser: align addition to x86/mm/Makefile - kaiser: asm/tlbflush.h handle noPGE at lower level - kaiser: cleanups while trying for gold link - kaiser: delete KAISER_REAL_SWITCH option - kaiser: disabled on Xen PV - kaiser: do not set _PAGE_NX on pgd_none - kaiser: drop is_atomic arg to kaiser_pagetable_walk() - kaiser: enhanced by kernel and user PCIDs - kaiser: ENOMEM if kaiser_pagetable_walk() NULL - kaiser: fix build and FIXME in alloc_ldt_struct() - kaiser: fix perf crashes - kaiser: fix regs to do_nmi() ifndef CONFIG_KAISER - kaiser: fix unlikely error in alloc_ldt_struct() - kaiser: KAISER depends on SMP - kaiser: kaiser_flush_tlb_on_return_to_user() check PCID - kaiser: kaiser_remove_mapping() move along the pgd - KAISER: Kernel Address Isolation - x86_64: KAISER - do not map kernel in user mode - kaiser: load_new_mm_cr3() let SWITCH_USER_CR3 flush user - kaiser: merged update - kaiser: name that 0x1000 KAISER_SHADOW_PGD_OFFSET - kaiser: paranoid_entry pass cr3 need to paranoid_exit - kaiser: PCID 0 for kernel and 128 for user - kaiser: stack map PAGE_SIZE at THREAD_SIZE-PAGE_SIZE - kaiser: tidied up asm/kaiser.h somewhat - kaiser: tidied up kaiser_add/remove_mapping slightly - kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush - kaiser: vmstat show NR_KAISERTABLE as nr_overhead - kaiser: x86_cr3_pcid_noflush and x86_cr3_pcid_user - KPTI: Rename to PAGE_TABLE_ISOLATION - KPTI: Report when enabled - x86/boot: Add early cmdline parsing for options with arguments - x86/kaiser: Check boottime cmdline params - x86/kaiser: Move feature detection up - x86/kaiser: Reenable PARAVIRT - x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling - x86/paravirt: Dont patch flush_tlb_single * Bump ABI to 5. -- Yves-Alexis Perez Thu, 04 Jan 2018 12:12:40 +0100 linux (4.9.65-3+deb9u1) stretch-security; urgency=high * dccp: CVE-2017-8824: use-after-free in DCCP code * media: dvb-usb-v2: lmedm04: Improve logic checking of warm start (CVE-2017-16538) * media: dvb-usb-v2: lmedm04: move ts2020 attach to dm04_lme2510_tuner (CVE-2017-16538) * media: hdpvr: Fix an error handling path in hdpvr_probe() (CVE-2017-16644) * bpf/verifier: Fix multiple security issues: - adjust insn_aux_data when patching insns - fix branch pruning logic - reject out-of-bounds stack pointer calculation - fix incorrect sign extension in check_alu_op() (CVE-2017-16995) - Fix states_equal() comparison of pointer and UNKNOWN * netfilter: nfnetlink_cthelper: Add missing permission checks (CVE-2017-17448) * netlink: Add netns check on taps (CVE-2017-17449) * netfilter: xt_osf: Add missing permission checks (CVE-2017-17450) * USB: core: prevent malicious bNumInterfaces overflow (CVE-2017-17558) * net: ipv4: fix for a race condition in raw_sendmsg (CVE-2017-17712) * [armhf,arm64,x86] KVM: Fix stack-out-of-bounds read in write_mmio (CVE-2017-17741) * crypto: salsa20 - fix blkcipher_walk API usage (CVE-2017-17805) * crypto: hmac - require that the underlying hash algorithm is unkeyed (CVE-2017-17806) * KEYS: add missing permission check for request_key() destination (CVE-2017-17807) * [x86] KVM: VMX: remove I/O port 0x80 bypass on Intel hosts (CVE-2017-1000407) * bluetooth: Prevent stack info leak from the EFS element. (CVE-2017-1000410) -- Ben Hutchings Sat, 23 Dec 2017 00:39:51 +0000 linux (4.9.65-3) stretch; urgency=medium [ Salvatore Bonaccorso ] * xen/time: do not decrease steal time after live migration on xen (Closes: #871608) -- Ben Hutchings Sun, 03 Dec 2017 19:41:55 +0000 linux (4.9.65-2) stretch; urgency=medium * [s390x] qeth: Ignore ABI changes (fixes FTBFS) -- Ben Hutchings Sun, 03 Dec 2017 17:22:42 +0000 linux (4.9.65-1) stretch; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.52 - mm: prevent double decrease of nr_reserved_highatomic - IB/{qib, hfi1}: Avoid flow control testing for RDMA write operation - IB/addr: Fix setting source address in addr6_resolve() - tty: improve tty_insert_flip_char() fast path - tty: improve tty_insert_flip_char() slow path - tty: fix __tty_insert_flip_char regression - [x86] pinctrl/amd: save pin registers over suspend/resume - [mips*] math-emu: .: Fix quiet NaN propagation - [mips*] math-emu: .: Fix cases of both inputs zero - [mips*] math-emu: .: Fix cases of both inputs negative - [mips*] math-emu: .: Fix cases of input values with opposite signs - [mips*] math-emu: .: Fix cases of both infinite inputs - [mips*] math-emu: MINA.: Fix some cases of infinity and zero inputs - [mips*] math-emu: Handle zero accumulator case in MADDF and MSUBF separately - [mips*] math-emu: .: Fix NaN propagation - [mips*] math-emu: .: Fix some cases of infinite inputs - [mips*] math-emu: .: Fix some cases of zero inputs - [mips*] math-emu: .: Clean up "maddf_flags" enumeration - [mips*] math-emu: .S: Fix accuracy (32-bit case) - [mips*] math-emu: .D: Fix accuracy (64-bit case) - [x86] crypto: ccp - Fix XTS-AES-128 support on v5 CCPs - crypto: AF_ALG - remove SGL terminator indicator when chaining - ext4: fix incorrect quotaoff if the quota feature is enabled - ext4: fix quota inconsistency during orphan cleanup for read-only mounts - [powerpc*] Fix DAR reporting when alignment handler faults - block: Relax a check in blk_start_queue() - md/bitmap: disable bitmap_resize for file-backed bitmaps. - skd: Avoid that module unloading triggers a use-after-free - skd: Submit requests to firmware before triggering the doorbell - [s390x] scsi: zfcp: fix queuecommand for scsi_eh commands when DIX enabled - [s390x] scsi: zfcp: add handling for FCP_RESID_OVER to the fcp ingress path - [s390x] scsi: zfcp: fix capping of unsuccessful GPN_FT SAN response trace records - [s390x] scsi: zfcp: fix passing fsf_req to SCSI trace on TMF to correlate with HBA - [s390x] scsi: zfcp: fix missing trace records for early returns in TMF eh handlers - [s390x] scsi: zfcp: fix payload with full FCP_RSP IU in SCSI trace records - [s390x] scsi: zfcp: trace HBA FSF response by default on dismiss or timedout late response - [s390x] scsi: zfcp: trace high part of "new" 64 bit SCSI LUN - scsi: megaraid_sas: set minimum value of resetwaittime to be 1 secs - scsi: megaraid_sas: Check valid aen class range to avoid kernel panic - scsi: megaraid_sas: Return pended IOCTLs with cmd_status MFI_STAT_WRONG_STATE in case adapter is dead - [x86] scsi: storvsc: fix memory leak on ring buffer busy - scsi: sg: remove 'save_scat_len' - scsi: sg: use standard lists for sg_requests - scsi: sg: off by one in sg_ioctl() - scsi: sg: factor out sg_fill_request_table() - scsi: sg: fixup infoleak when using SG_GET_REQUEST_TABLE - scsi: qla2xxx: Correction to vha->vref_count timeout - ftrace: Fix selftest goto location on error - ftrace: Fix memleak when unregistering dynamic ops when tracing disabled - tracing: Add barrier to trace_printk() buffer nesting modification - tracing: Apply trace_clock changes to instance max buffer - [x86] PCI: shpchp: Enable bridge bus mastering if MSI is enabled - PCI: pciehp: Report power fault only once until we clear it - net/netfilter/nf_conntrack_core: Fix net_conntrack_lock() - [s390x] mm: fix local TLB flushing vs. detach of an mm address space - [s390x] mm: fix race on mm->context.flush_mm - media: v4l2-compat-ioctl32: Fix timespec conversion - media: uvcvideo: Prevent heap overflow when accessing mapped controls - PM / devfreq: Fix memory leak when fail to register device - bcache: initialize dirty stripes in flash_dev_run() - bcache: Fix leak of bdev reference - bcache: do not subtract sectors_to_gc for bypassed IO - bcache: correct cache_dirty_target in __update_writeback_rate() - bcache: Correct return value for sysfs attach errors - bcache: fix for gc and write-back race - bcache: fix bch_hprint crash and improve output https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.53 - cifs: release cifs root_cred after exit_cifs - cifs: release auth_key.response for reconnect. - fs/proc: Report eip/esp in /prod/PID/stat for coredumping - mac80211: fix VLAN handling with TXQs - mac80211_hwsim: Use proper TX power - mac80211: flush hw_roc_start work before cancelling the ROC - genirq: Make sparse_irq_lock protect what it should protect - [powerpc*] KVM: Book3S: Fix race and leak in kvm_vm_ioctl_create_spapr_tce() - [powerpc*] KVM: Book3S HV: Protect updates to spapr_tce_tables list - tracing: Fix trace_pipe behavior for instance traces - tracing: Erase irqsoff trace with empty write - md/raid5: fix a race condition in stripe batch - md/raid5: preserve STRIPE_ON_UNPLUG_LIST in break_stripe_batch_list - drm/radeon: disable hard reset in hibernate for APUs - crypto: drbg - fix freeing of resources - security/keys: properly zero out sensitive key material in big_key - security/keys: rewrite all of big_key crypto - KEYS: fix writing past end of user-supplied buffer in keyring_read() - KEYS: prevent creating a different user's keyrings - KEYS: prevent KEYCTL_READ on negative key (CVE-2017-12192) - [powerpc*] pseries: Fix parent_dn reference leak in add_dt_node() - [powerpc*] tm: Flush TM only if CPU has TM feature - [powerpc*] ftrace: Pass the correct stack pointer for DYNAMIC_FTRACE_WITH_REGS - [s390x] mm: fix write access check in gup_huge_pmd() - PM: core: Fix device_pm_check_callbacks() - cifs: Fix SMB3.1.1 guest authentication to Samba - SMB3: Warn user if trying to sign connection that authenticated as guest - SMB: Validate negotiate (to protect against downgrade) even if signing off - SMB3: Don't ignore O_SYNC/O_DSYNC and O_DIRECT flags - vfs: Return -ENXIO for negative SEEK_HOLE / SEEK_DATA offsets - iw_cxgb4: remove the stid on listen create failure - iw_cxgb4: put ep reference in pass_accept_req() - seccomp: fix the usage of get/put_seccomp_filter() in seccomp_get_filter() - [arm64] Make sure SPsel is always set - [arm64] fault: Route pte translation faults via do_translation_fault - [x86] KVM: VMX: extract __pi_post_block - [x86] KVM: VMX: avoid double list add with VT-d posted interrupts - [x86] KVM: VMX: simplify and fix vmx_vcpu_pi_load - [x86] kvm: Handle async PF in RCU read-side critical sections - xfs: validate bdev support for DAX inode flag - [armhf] etnaviv: fix gem object list corruption - PCI: Fix race condition with driver_override - btrfs: fix NULL pointer dereference from free_reloc_roots() - btrfs: propagate error to btrfs_cmp_data_prepare caller - btrfs: prevent to set invalid default subvolid - [x86] mm: Fix fault error path using unsafe vma pointer - [x86] fpu: Don't let userspace set bogus xcomp_bv - gfs2: Fix debugfs glocks dump - timer/sysctl: Restrict timer migration sysctl values to 0 and 1 - [x86] KVM: VMX: do not change SN bit in vmx_update_pi_irte() - [x86] KVM: VMX: remove WARN_ON_ONCE in kvm_vcpu_trigger_posted_interrupt - [powerpc*] cxl: Fix driver use count - [x86] KVM: VMX: use cmpxchg64 - swiotlb-xen: implement xen_swiotlb_dma_mmap callback https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.54 - drm_fourcc: Fix DRM_FORMAT_MOD_LINEAR #define - drm: bridge: add DT bindings for TI ths8135 - GFS2: Fix reference to ERR_PTR in gfs2_glock_iter_next - [x86] drm/i915: Fix the overlay frontbuffer tracking - [armhf] dts: exynos: Add CPU OPPs for Exynos4412 Prime - [armhf] clk: sunxi-ng: fix PLL_CPUX adjusting on H3 - RDS: RDMA: Fix the composite message user notification - [mips*] Ensure bss section ends on a long-aligned address - scsi: be2iscsi: Add checks to validate CID alloc/free - [armhf] dts: am335x-chilisom: Wakeup from RTC-only state by power on event - igb: re-assign hw address pointer on reset after PCI error - hwmon: (gl520sm) Fix overflows and crash seen when writing into limit attributes - IB/rxe: Add a runtime check in alloc_index() - IB/rxe: Fix a MR reference leak in check_rkey() - [x86] drm/i915/psr: disable psr2 for resolution greater than 32X20 - serial: 8250: moxa: Store num_ports in brd - serial: 8250_port: Remove dangerous pr_debug() - IB/ipoib: Fix deadlock over vlan_mutex - IB/ipoib: rtnl_unlock can not come after free_netdev - IB/ipoib: Replace list_del of the neigh->list with list_del_init - [amd64] drm/amdkfd: fix improper return value on error - USB: serial: mos7720: fix control-message error handling - USB: serial: mos7840: fix control-message error handling - sfc: get PIO buffer size from the NIC - partitions/efi: Fix integer overflow in GPT size calculation - ASoC: dapm: handle probe deferrals - audit: log 32-bit socketcalls - ath10k: prevent sta pointer rcu violation - [armhf,arm64] iommu/arm-smmu: Set privileged attribute to 'default' instead of 'unprivileged' - [armhf,arm64] usb: chipidea: vbus event may exist before starting gadget - ASoC: dapm: fix some pointer error handling - [arm64] drm: mali-dp: Fix destination size handling when rotating - [arm64] drm: mali-dp: Fix transposed horizontal/vertical flip - HID: wacom: release the resources before leaving despite devm - net: core: Prevent from dereferencing null pointer when releasing SKB - net/packet: check length in getsockopt() called with PACKET_HDRLEN - team: fix memory leaks - udp: disable inner UDP checksum offloads in IPsec case - qed: Fix possible system hang in the dcbnl-getdcbx() path. - mmc: sdio: fix alignment issue in struct sdio_func - bridge: netlink: register netdevice before executing changelink - Btrfs: fix segmentation fault when doing dio read - Btrfs: fix potential use-after-free for cloned bio - sata_via: Enable hotplug only on VT6421 - hugetlbfs: initialize shared policy as part of inode allocation - netfilter: invoke synchronize_rcu after set the _hook_ to NULL - [mips*] IRQ Stack: Unwind IRQ stack onto task stack - nvme-rdma: handle cpu unplug when re-establishing the controller - netfilter: nfnl_cthelper: fix incorrect helper->expect_class_max - nfs: make nfs4_cb_sv_ops static - [x86] cpufreq: intel_pstate: Update pid_params.sample_rate_ns in pid_param_set() - [x86] acpi: Restore the order of CPU IDs - [armhf,arm64] iommu/io-pgtable-arm: Check for leaf entry before dereferencing it - mm/cgroup: avoid panic when init with low memory - rds: ib: add error handle - md/raid10: submit bio directly to replacement disk - netfilter: nf_tables: set pktinfo->thoff at AH header if found - [arm64] i2c: meson: fix wrong variable usage in meson_i2c_put_data - xfs: remove kmem_zalloc_greedy - libata: transport: Remove circular dependency at free time - tools/power turbostat: bugfix: GFXMHz column not changing - IB/qib: fix false-postive maybe-uninitialized warning - ttpci: address stringop overflow warning - [s390x] mm: make pmdp_invalidate() do invalidation only https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.55 - USB: gadgetfs: Fix crash caused by inadequate synchronization - USB: gadgetfs: fix copy_to_user while holding spinlock - usb-storage: unusual_devs entry to fix write-access regression for Seagate external drives - usb-storage: fix bogus hardware error messages for ATA pass-thru devices - ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor (CVE-2017-16529) - usb: pci-quirks.c: Corrected timeout values used in handshake - USB: cdc-wdm: ignore -EPIPE from GetEncapsulatedResponse - USB: dummy-hcd: fix connection failures (wrong speed) - USB: dummy-hcd: fix infinite-loop resubmission bug - USB: dummy-hcd: Fix erroneous synchronization change - usb: gadget: mass_storage: set msg_registered after msg registered - USB: g_mass_storage: Fix deadlock when driver is unbound - USB: uas: fix bug in handling of alternate settings (CVE-2017-16530) - USB: core: harden cdc_parse_cdc_header (CVE-2017-16534) - usb: Increase quirk delay for USB devices - USB: fix out-of-bounds in usb_set_configuration (CVE-2017-16531) - xhci: fix finding correct bus_state structure for USB 3.1 hosts - xhci: Fix sleeping with spin_lock_irq() held in ASmedia 1042A workaround - xhci: set missing SuperSpeedPlus Link Protocol bit in roothub descriptor - [x86] Revert "xhci: Limit USB2 port wake support for AMD Promontory hosts" - [armhf] iio: adc: twl4030: Fix an error handling path in 'twl4030_madc_probe()' - [armhf] iio: adc: twl4030: Disable the vusb3v1 rugulator in the error handling path of 'twl4030_madc_probe()' - iio: core: Return error for failed read_reg - uwb: properly check kthread_run return value (CVE-2017-16526) - uwb: ensure that endpoint is interrupt - mm, oom_reaper: skip mm structs with mmu notifiers - lib/ratelimit.c: use deferred printk() version - Revert "ALSA: echoaudio: purge contradictions between dimension matrix members and total number of members" - ALSA: usx2y: Suppress kernel warning at page allocation failures - net: sched: fix use-after-free in tcf_action_destroy and tcf_del_walker - sctp: potential read out of bounds in sctp_ulpevent_type_enabled() - tcp: update skb->skb_mstamp more carefully - bpf/verifier: reject BPF_ALU64|BPF_END - tcp: fix data delivery rate - udpv6: Fix the checksum computation when HW checksum does not apply - ip6_gre: skb_push ipv6hdr before packing the header in ip6gre_header - net: phy: Fix mask value write on gmii2rgmii converter speed register - ip6_tunnel: do not allow loading ip6_tunnel if ipv6 is disabled in cmdline - net/sched: cls_matchall: fix crash when used with classful qdisc - tcp: fastopen: fix on syn-data transmit failure - [powerpc,ppc64] net: emac: Fix napi poll list corruption - packet: hold bind lock when rebinding to fanout hook (CVE-2017-15649) - bpf: one perf event close won't free bpf program attached by another perf event - net_sched: always reset qdisc backlog in qdisc_reset() - vti: fix use after free in vti_tunnel_xmit/vti6_tnl_xmit - l2tp: Avoid schedule while atomic in exit_net - l2tp: fix race condition in l2tp_tunnel_delete - tun: bail out from tun_get_user() if the skb is empty - net: dsa: Fix network device registration order - packet: in packet_do_bind, test fanout with bind_lock held (CVE-2017-15649) - packet: only test po->has_vnet_hdr once in packet_snd - net: Set sk_prot_creator when cloning sockets to the right proto - netlink: do not proceed if dump's start() errs - ip6_gre: ip6gre_tap device should keep dst - ip6_tunnel: update mtu properly for ARPHRD_ETHER tunnel device in tx path - tipc: use only positive error codes in messages - net: rtnetlink: fix info leak in RTM_GETSTATS call - [powerpc*/*64*]: Use emergency stack for kernel TM Bad Thing program checks (CVE-2017-1000255) - [powerpc*] tm: Fix illegal TM state in signal handler (CVE-2017-1000255) - percpu: make this_cpu_generic_read() atomic w.r.t. interrupts - driver core: platform: Don't read past the end of "driver_override" buffer - [x86] Drivers: hv: fcopy: restore correct transfer length - ftrace: Fix kmemleak in unregister_ftrace_graph - HID: i2c-hid: allocate hid buffers for real worst case - HID: wacom: leds: Don't try to control the EKR's read-only LEDs - HID: wacom: Always increment hdev refcount within wacom_get_hdev_data - HID: wacom: bits shifted too much for 9th and 10th buttons - netlink: fix nla_put_{u8,u16,u32} for KASAN - iwlwifi: mvm: use IWL_HCMD_NOCOPY for MCAST_FILTER_CMD - iwlwifi: add workaround to disable wide channels in 5GHz - scsi: sd: Do not override max_sectors_kb sysfs setting - brcmfmac: add length check in brcmf_cfg80211_escan_handler() (CVE-2017-0786) - brcmfmac: setup passive scan if requested by user-space - [x86] drm/i915/bios: ignore HDMI on port A - nvme-pci: Use PCI bus address for data/queues in CMB - mmc: core: add driver strength selection when selecting hs400es - sched/cpuset/pm: Fix cpuset vs. suspend-resume bugs - vfs: deny copy_file_range() for non regular files - ext4: fix data corruption for mmap writes - ext4: don't allow encrypted operations without keys - f2fs: don't allow encrypted operations without keys https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.56 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.57 - ext4: in ext4_seek_{hole,data}, return -ENXIO for negative offsets - CIFS: Reconnect expired SMB sessions - nl80211: Define policy for packet pattern attributes - rcu: Allow for page faults in NMI handlers - USB: dummy-hcd: Fix deadlock caused by disconnect detection - [mips*] math-emu: Remove pr_err() calls from fpu_emu() - [armhf] dmaengine: edma: Align the memcpy acnt array size with the transfer - [armhf] dmaengine: ti-dma-crossbar: Fix possible race condition with dma_inuse - HID: usbhid: fix out-of-bounds bug (CVE-2017-16533) - crypto: shash - Fix zero-length shash ahash digest crash - [x86] KVM: MMU: always terminate page walks at level 1 - [x86] KVM: nVMX: fix guest CR4 loading when emulating L2 to L1 exit - [x86] iommu/amd: Finish TLB flush in amd_iommu_unmap() - device property: Track owner device of device property - fs/mpage.c: fix mpage_writepage() for pages with buffers - ALSA: usb-audio: Kill stray URB at exiting (CVE-2017-16527) - ALSA: seq: Fix use-after-free at creating a port (CVE-2017-15265) - ALSA: seq: Fix copy_from_user() call inside lock - ALSA: caiaq: Fix stray URB at probe error path - ALSA: line6: Fix missing initialization before error path - ALSA: line6: Fix leftover URB at error-path during probe - [x86] drm/i915/edp: Get the Panel Power Off timestamp after panel is off - [x86] drm/i915: Read timings from the correct transcoder in intel_crtc_mode_get() - [x86] drm/i915/bios: parse DDI ports also for CHV for HDMI DDC pin and DP AUX channel - usb: gadget: configfs: Fix memory leak of interface directory data - usb: gadget: composite: Fix use-after-free in usb_composite_overwrite_options - direct-io: Prevent NULL pointer access in submit_page_section - fix unbalanced page refcounting in bio_map_user_iov (CVE-2017-12190) - more bio_map_user_iov() leak fixes - bio_copy_user_iov(): don't ignore ->iov_offset - USB: serial: console: fix use-after-free after failed setup (CVE-2017-16525) - [x86] alternatives: Fix alt_max_short macro to really be a max() - [x86] KVM: nVMX: update last_nonleaf_level when initializing nested EPT (CVE-2017-12188) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.58 - [mips*] Fix minimum alignment requirement of IRQ stack - xen-netback: Use GFP_ATOMIC to allocate hash - irqchip/crossbar: Fix incorrect type of local variables - initramfs: finish fput() before accessing any binary from initramfs - mac80211_hwsim: check HWSIM_ATTR_RADIO_NAME length - qed: Don't use attention PTT for configuring BW - mac80211: fix power saving clients handling in iwlwifi - net/mlx4_en: fix overflow in mlx4_en_init_timestamp() - netfilter: nf_ct_expect: Change __nf_ct_expect_check() return value. - f2fs: do SSR for data when there is enough free space - sched/fair: Update rq clock before changing a task's CPU affinity - Btrfs: send, fix failure to rename top level inode due to name collision - f2fs: do not wait for writeback in write_begin - md/linear: shutup lockdep warnning - net/mlx4_core: Fix VF overwrite of module param which disables DMFS on new probed PFs - mm/memory_hotplug: set magic number to page->freelist instead of page->lru.next - ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock - scsi: scsi_dh_emc: return success in clariion_std_inquiry() - drm/amdgpu: refuse to reserve io mem for split VRAM buffers - [armhf] net: mvpp2: release reference to txq_cpu[] entry after unmapping - qede: Prevent index problems in loopback test - qed: Reserve doorbell BAR space for present CPUs - qed: Read queue state before releasing buffer - ceph: don't update_dentry_lease unless we actually got one - ceph: fix bogus endianness change in ceph_ioctl_set_layout - ceph: clean up unsafe d_parent accesses in build_dentry_path - uapi: fix linux/mroute6.h userspace compilation errors - [amd64] IB/hfi1: Use static CTLE with Preset 6 for integrated HFIs - [amd64] IB/hfi1: Allocate context data on memory node - target/iscsi: Fix unsolicited data seq_end_offset calculation - hrtimer: Catch invalid clockids again - nfsd/callback: Cleanup callback cred on shutdown - [powerpc*] perf: Add restrictions to PMC5 in power9 DD1 - drm/nouveau/gr/gf100-: fix ccache error logging - regulator: core: Resolve supplies before disabling unused regulators - btmrvl: avoid double-disable_irq() race - [x86] EDAC, mce_amd: Print IPID and Syndrome on a separate line - usb: dwc3: gadget: Correct ISOC DATA PIDs for short packets https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.59 - USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor() (CVE-2017-16535) - usb: hub: Allow reset retry for USB2 devices on connect bounce - can: gs_usb: fix busy loop if no more TX context is available - iio: dummy: events: Add missing break - [armhf] usb: musb: sunxi: Explicitly release USB PHY on exit - [armhf] usb: musb: Check for host-mode using is_host_active() on reset interrupt - xhci: Identify USB 3.1 capable hosts by their port protocol capability - can: esd_usb2: Fix can_dlc value for received RTR, frames - drm/nouveau/bsp/g92: disable by default - drm/nouveau/mmu: flush tlbs before deleting page tables - ALSA: seq: Enable 'use' locking in all configurations - ALSA: hda: Remove superfluous '-' added by printk conversion - ALSA: hda: Abort capability probe at invalid register read - [x86] i2c: ismt: Separate I2C block read from SMBus block read - i2c: piix4: Fix SMBus port selection for AMD Family 17h chips - brcmfmac: Add check for short event packets - brcmsmac: make some local variables 'static const' to reduce stack size - [armel,armhf] bus: mbus: fix window size calculation for 4GB windows - [i386] clockevents/drivers/cs5535: Improve resilience to spurious interrupts - rtlwifi: rtl8821ae: Fix connection lost problem - [x86] microcode/intel: Disable late loading on model 79 - KEYS: encrypted: fix dereference of NULL user_key_payload - lib/digsig: fix dereference of NULL user_key_payload - KEYS: don't let add_key() update an uninstantiated key (CVE-2017-15299) - pkcs7: Prevent NULL pointer dereference, since sinfo is not always set. - [x86] vmbus: fix missing signaling in hv_signal_on_read() - xfs: don't unconditionally clear the reflink flag on zero-block files - xfs: evict CoW fork extents when performing finsert/fcollapse - fs/xfs: Use %pS printk format for direct addresses - xfs: report zeroed or not correctly in xfs_zero_range() - xfs: update i_size after unwritten conversion in dio completion - xfs: perag initialization should only touch m_ag_max_usable for AG 0 - xfs: Capture state of the right inode in xfs_iflush_done - xfs: always swap the cow forks when swapping extents - xfs: handle racy AIO in xfs_reflink_end_cow - xfs: Don't log uninitialised fields in inode structures - xfs: move more RT specific code under CONFIG_XFS_RT - xfs: don't change inode mode if ACL update fails - xfs: reinit btree pointer on attr tree inactivation walk - xfs: handle error if xfs_btree_get_bufs fails - xfs: cancel dirty pages on invalidation - xfs: trim writepage mapping to within eof - fscrypt: fix dereference of NULL user_key_payload - KEYS: Fix race between updating and finding a negative key (CVE-2017-15951) - FS-Cache: fix dereference of NULL user_key_payload https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.60 - workqueue: replace pool->manager_arb mutex with a flag - ceph: unlock dangling spinlock in try_flush_caps() - usb: xhci: Handle error condition in xhci_stop_device() - [powerpc*] KVM: Fix oops when checking KVM_CAP_PPC_HTM (CVE-2017-15306) - fuse: fix READDIRPLUS skipping an entry - xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap() - Input: gtco - fix potential out-of-bound access (CVE-2017-16643) - assoc_array: Fix a buggy node-splitting case - [s390x] scsi: zfcp: fix erp_action use-before-initialize in REC action trace - scsi: sg: Re-fix off by one in sg_fill_request_table() - drm/amd/powerplay: fix uninitialized variable - [armhf] can: sun4i: fix loopback mode - can: kvaser_usb: Correct return value in printout - can: kvaser_usb: Ignore CMD_FLUSH_QUEUE_REPLY messages - cfg80211: fix connect/disconnect edge cases - ipsec: Fix aborted xfrm policy dump crash (CVE-2017-16939) - [armhf] regulator: fan53555: fix I2C device ids - ecryptfs: fix dereference of NULL user_key_payload https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.61 - ALSA: timer: Add missing mutex lock for compat ioctls - ALSA: seq: Fix nested rwsem annotation for lockdep splat - cifs: check MaxPathNameComponentLength != 0 before using it (Closes: #880504) - KEYS: return full count in keyring_read() if buffer is too small - KEYS: fix out-of-bounds read during ASN.1 parsing - [arm64] ensure __dump_instr() checks addr_limit - [armhf,arm64] KVM: set right LR register value for 32 bit guest when inject abort - [armhf,arm64] kvm: Disable branch profiling in HYP code - [armel,armhf] 8715/1: add a private asm/unaligned.h - drm/amdgpu: return -ENOENT from uvd 6.0 early init for harvesting - ocfs2: fstrim: Fix start offset of first cluster group during fstrim - [x86] drm/i915/edp: read edp display control registers unconditionally - [arm64] drm/msm: Fix potential buffer overflow issue - [arm64] drm/msm: fix an integer overflow test - cpufreq: Do not clear real_cpus mask on policy init - [x86] crypto: ccp - Set the AES size field for all modes - IB/mlx5: Assign DSCP for R-RoCE QPs Address Path - PM / wakeirq: report a wakeup_event on dedicated wekup irq - scsi: megaraid_sas: Do not set fp_possible if TM capable for non-RW syspdIO, change fp_possible to bool - [armhf] mfd: axp20x: Fix axp288 PEK_DBR and PEK_DBF irqs being swapped - bnxt_en: Added PCI IDs for BCM57452 and BCM57454 ASICs - staging: rtl8712u: Fix endian settings for structs describing network packets - PCI/MSI: Return failure when msix_setup_entries() fails - ext4: fix stripe-unaligned allocations - ext4: do not use stripe_width if it is not set - [x86] net/ena: change driver's default timeouts - drm/amdgpu: when dpm disabled, also need to stop/start vce. - perf tools: Only increase index if perf_evsel__new_idx() succeeds - iwlwifi: mvm: use the PROBE_RESP_QUEUE to send deauth to unknown station - [armhf,arm64] clocksource/drivers/arm_arch_timer: Add dt binding for hisilicon-161010101 erratum - net: phy: dp83867: Recover from "port mirroring" N/A MODE4 - cx231xx: Fix I2C on Internal Master 3 Bus - ath10k: fix reading sram contents for QCA4019 - [armhf] clk: sunxi-ng: Check kzalloc() for errors and cleanup error path - [armhf] mtd: nand: sunxi: Fix the non-polling case in sunxi_nfc_wait_events() - xen/manage: correct return value check on xenbus_scanf() - scsi: aacraid: Process Error for response I/O - [x86] platform: intel_mid_thermal: Fix module autoload - [x86] staging: lustre: llite: don't invoke direct_IO for the EOF case - [x86] staging: lustre: hsm: stack overrun in hai_dump_data_field - [x86] staging: lustre: ptlrpc: skip lock if export failed - [x86] staging: lustre: lmv: Error not handled for lmv_find_target - brcmfmac: check brcmf_bus_get_memdump result for error - vfs: open() with O_CREAT should not create inodes with unknown ids - [x86] ASoC: Intel: boards: remove .pm_ops in all Atom/DPCM machine drivers - [armhf] exynos4-is: fimc-is: Unmap region obtained by of_iomap() - [x86] mei: return error on notification request to a disconnected client - [s390x] dasd: check for device error pointer within state change interrupts - [s390x] prng: Adjust generation of entropy to produce real 256 bits. - [s390x] crypto: Extend key length check for AES-XTS in fips mode. - bt8xx: fix memory leak - [armhf] drm/exynos: g2d: prevent integer overflow in - PCI: Avoid possible deadlock on pci_lock and p->pi_lock - [powerpc*/*64*]: Don't try to use radix MMU under a hypervisor - xen: don't print error message in case of missing Xenstore entry - [armel,armhf] dts: mvebu: pl310-cache disable double-linefill https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.62 - [armel,armhf] PCI: mvebu: Handle changes to the bridge windows while enabled - sched/core: Add missing update_rq_clock() call in sched_move_task() - xen/netback: set default upper limit of tx/rx queues to 8 - [x86] EDAC, amd64: Add x86cpuid sanity check during init - PM / OPP: Error out on failing to add static OPPs for v1 bindings - [armhf] clk: samsung: exynos5433: Add IDs for PHYCLK_MIPIDPHY0_* clocks - drm: drm_minor_register(): Clean up debugfs on failure - [powerpc*] KVM: Book 3S: XICS: correct the real mode ICP rejecting counter - [armhf,arm64] iommu/arm-smmu-v3: Clear prior settings when updating STEs - [x86] pinctrl: baytrail: Fix debugfs offset output - [powerpc*] corenet: explicitly disable the SDHC controller on kmcoge4 - [powerpc*] cxl: Force psl data-cache flush during device shutdown - [arm64] dma-mapping: Only swizzle DMA ops for IOMMU_DOMAIN_DMA - [powerpc*] crypto: vmx - disable preemption to enable vsx in aes_ctr.c - [arm64] drm: mali-dp: fix Lx_CONTROL register fields clobber - iio: trigger: free trigger resource correctly - [x86] iio: proximity: sx9500: claim direct mode during raw proximity reads - libertas: fix improper return value - usb: hcd: initialize hcd->flags to 0 when rm hcd - netfilter: nft_meta: deal with PACKET_LOOPBACK in netdev family - brcmfmac: setup wiphy bands after registering it first - rt2800usb: mark tx failure on timeout - apparmor: fix undefined reference to `aa_g_hash_policy' - IPsec: do not ignore crypto err in ah4 input - [x86] EDAC, amd64: Save and return err code from probe_one_instance() - [s390x] topology: make "topology=off" parameter work - [powerpc] sched/cputime: Fix stale scaled stime on context switch - IB/ipoib: Change list_del to list_del_init in the tx object - [armhf] dts: STiH410-family: fix wrong parent clock frequency - [s390x] qeth: fix retrieval of vipa and proxy-arp addresses - [s390x] qeth: issue STARTLAN as first IPA command - [arm64] wcn36xx: Don't use the destroyed hal_mutex - IB/rxe: Fix reference leaks in memory key invalidation code - [armhf] clk: mvebu: adjust AP806 CPU clock frequencies to production chip - [x86] platform: hp-wmi: Fix detection for dock and tablet mode - cdc_ncm: Set NTB format again after altsetting switch for Huawei devices - KEYS: trusted: sanitize all key material - KEYS: trusted: fix writing past end of buffer in trusted_read() - [x86] platform: hp-wmi: Fix error value for hp_wmi_tablet_state - [x86] platform: hp-wmi: Do not shadow error values - [x86] uaccess, sched/preempt: Verify access_ok() context - workqueue: Fix NULL pointer dereference - crypto: ccm - preserve the IV buffer - [x86] crypto: sha1-mb - fix panic due to unaligned access - [x86] crypto: sha256-mb - fix panic due to unaligned access - KEYS: fix NULL pointer dereference during ASN.1 parsing [ver #2] - [armel,armhf] 8720/1: ensure dump_instr() checks addr_limit - ALSA: seq: Fix OSS sysex delivery in OSS emulation - [x86] drm/i915: Do not rely on wm preservation for ILK watermarks - [mips*] Fix CM region target definitions - [mips*] SMP: Use a completion event to signal CPU up - [mips*] Fix race on setting and getting cpu_online_mask - [mips*] SMP: Fix deadlock & online race - [armhf] ASoC: sun4i-spdif: remove legacy dapm components - rbd: use GFP_NOIO for parent stat and data requests - [x86] drm/vmwgfx: Fix Ubuntu 17.10 Wayland black screen issue - [arm64] drm/bridge: adv7511: Rework adv7511_power_on/off() so they can be reused internally - [arm64] drm/bridge: adv7511: Reuse __adv7511_power_on/off() when probing EDID - [arm64] drm/bridge: adv7511: Re-write the i2c address before EDID probing - [armhf] can: sun4i: handle overrun in RX FIFO - [x86] smpboot: Make optimization of delay calibration work correctly - [x86] oprofile/ppro: Do not use __this_cpu*() in preemptible context https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.63 - gso: fix payload length when gso_size is zero - tun/tap: sanitize TUNSETSNDBUF input - ipv6: addrconf: increment ifp refcount before ipv6_del_addr() - netlink: do not set cb_running if dump's start() errs - net: call cgroup_sk_alloc() earlier in sk_clone_lock() - tcp: fix tcp_mtu_probe() vs highest_sack - l2tp: check ps->sock before running pppol2tp_session_ioctl() - tun: call dev_get_valid_name() before register_netdevice() - sctp: add the missing sock_owned_by_user check in sctp_icmp_redirect - tcp/dccp: fix ireq->opt races - packet: avoid panic in packet_getsockopt() - soreuseport: fix initialization race - ipv6: flowlabel: do not leave opt->tot_len with garbage - sctp: full support for ipv6 ip_nonlocal_bind & IP_FREEBIND - tcp/dccp: fix lockdep splat in inet_csk_route_req() - tcp/dccp: fix other lockdep splats accessing ireq_opt - net/unix: don't show information about sockets from other namespaces - tap: double-free in error path in tap_open() - ipip: only increase err_count for some certain type icmp in ipip_err - ip6_gre: only increase err_count for some certain type icmpv6 in ip6gre_err - ip6_gre: update dst pmtu if dev mtu has been updated by toobig in __gre6_xmit - tun: allow positive return values on dev_get_valid_name() call - sctp: reset owner sk for data chunks on out queues when migrating a sock - net_sched: avoid matching qdisc with zero handle - ppp: fix race in ppp device destruction - mac80211: accept key reinstall without changing anything (CVE-2017-13080) - mac80211: use constant time comparison with keys - mac80211: don't compare TKIP TX MIC key in reinstall prevention (CVE-2017-13080) - usb: usbtest: fix NULL pointer dereference (CVE-2017-16532) - Input: ims-psu - check if CDC union descriptor is sane (CVE-2017-16645) - ALSA: seq: Cancel pending autoload work at unbinding device (CVE-2017-16528) - netfilter: nat: avoid use of nf_conn_nat extension - netfilter: nat: Revert "netfilter: nat: convert nat bysrc hash to rhashtable" - brcmfmac: remove setting IBSS mode when stopping AP - [arm64,mips*] security/keys: add CONFIG_KEYS_COMPAT to Kconfig (Closes: #881830) - target/iscsi: Fix iSCSI task reassignment handling - qla2xxx: Fix incorrect tcm_qla2xxx_free_cmd use during TMR ABORT (v2) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.64 - media: imon: Fix null-ptr-deref in imon_probe (CVE-2017-16537) - media: dib0700: fix invalid dvb_detach argument (CVE-2017-16646) - [armel,armhf] crypto: reduce priority of bit-sliced AES cipher - Bluetooth: btusb: fix QCA Rome suspend/resume - [armhf,arm64] extcon: Remove potential problem when calling extcon_register_notifier() - [armhf] extcon: palmas: Check the parent instance to prevent the NULL - fm10k: request reset when mbx->state changes - [armhf] dts: Fix compatible for ti81xx uarts for 8250 - [armhf] dts: Fix am335x and dm814x scm syscon to probe children - [armhf] OMAP2+: Fix init for multiple quirks for the same SoC - [armhf] dts: Fix omap3 off mode pull defines - [armhf] dts: omap5-uevm: Allow bootloader to configure USB Ethernet MAC - igb: reset the PHY before reading the PHY ID - igb: close/suspend race in netif_device_detach - igb: Fix hw_dbg logging in igb_update_flash_i210 - scsi: ufs: add capability to keep auto bkops always enabled - tcp: provide timestamps for partial writes - staging: rtl8188eu: fix incorrect ERROR tags from logs - [x86] irq, trace: Add __irq_entry annotation to x86's platform IRQ handlers - scsi: lpfc: Add missing memory barrier - scsi: lpfc: FCoE VPort enable-disable does not bring up the VPort - scsi: lpfc: Correct host name in symbolic_name field - scsi: lpfc: Correct issue leading to oops during link reset - scsi: lpfc: Clear the VendorVersion in the PLOGI/PLOGI ACC payload - ALSA: vx: Don't try to update capture stream before running - ALSA: vx: Fix possible transfer overflow - [armhf] drm/omap: panel-sony-acx565akm.c: Add MODULE_ALIAS - [x86] gpu: drm: mgag200: mgag200_main:- Handle error from pci_iomap - [arm64] dts: NS2: reserve memory for Nitro firmware - ixgbe: Configure advertised speeds correctly for KR/KX backplane - ixgbe: fix AER error handling - ixgbe: handle close/suspend race with netif_device_detach/present - ixgbe: Fix reporting of 100Mb capability - ixgbe: Reduce I2C retry count on X550 devices - ixgbe: add mask for 64 RSS queues - ixgbe: do not disable FEC from the driver - [mips*] End asm function prologue macros with .insn - [mips*] init: Ensure bootmem does not corrupt reserved memory - [mips*] init: Ensure reserved memory regions are not added to bootmem - [mips*] traps: Ensure L1 & L2 ECC checking match for CM3 systems - crypto: dh - Don't permit 'p' to be 0 - crypto: dh - Don't permit 'key' or 'g' size longer than 'p' - USB: usbfs: compute urb->actual_length for isochronous - usb: gadget: f_fs: Fix use-after-free in ffs_free_inst - USB: serial: garmin_gps: fix I/O after failed probe and remove - USB: serial: garmin_gps: fix memory leak on probe errors - [x86] MCE/AMD: Always give panic severity for UC errors in kernel context - brcmfmac: don't preset all channels as disabled https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.65 - tcp_nv: fix division by zero in tcpnv_acked() - net: vrf: correct FRA_L3MDEV encode type - tcp: do not mangle skb->cb[] in tcp_make_synack() - netfilter/ipvs: clear ipvs_property flag when SKB net namespace changed - bonding: discard lowest hash bit for 802.3ad layer3+4 - net: cdc_ether: fix divide by 0 on bad descriptors (CVE-2017-16649) - net: qmi_wwan: fix divide by 0 on bad descriptors (CVE-2017-16650) - qmi_wwan: Add missing skb_reset_mac_header-call - net: usb: asix: fill null-ptr-deref in asix_suspend (CVE-2017-16647) - vlan: fix a use-after-free in vlan_device_event() - af_netlink: ensure that NLMSG_DONE never fails in dumps - sctp: do not peel off an assoc from one netns to another one (CVE-2017-15115) - net/sctp: Always set scope_id in sctp_inet6_skb_msgname - crypto: dh - fix memleak in setkey - crypto: dh - Fix double free of ctx->p - ima: do not update security.ima if appraisal status is not INTEGRITY_PASS - [armhf] serial: omap: Fix EFR write on RTS deassertion - serial: 8250_fintek: Fix finding base_port with activated SuperIO - ocfs2: fix cluster hang after a node dies - ocfs2: should wait dio before inode lock in ocfs2_setattr() - ipmi: fix unsigned long underflow - mm/page_alloc.c: broken deferred calculation - coda: fix 'kernel memory exposure attempt' in fsync - mm/pagewalk.c: report holes in hugetlb ranges [ Ben Hutchings ] * [armhf] dts: exynos: Add dwc3 SUSPHY quirk (Closes: #843448) * [mips*] Remove pt_regs adjustments in indirect syscall handler (Closes: #867358) * [arm64] brcmfmac: Enable BRCMFMAC_SDIO (Closes: #877911) * l2tp: Ignore ABI change * [armel,armhf] mbus: Ignore ABI change * usb: gadget: Ignore ABI change * [s390x] mm: Avoid ABI change in 4.9.52 * mac80211: Avoid ABI change in 4.9.53 * mmc: sdio: Avoid ABI change in 4.9.54 * KEYS: Limit ABI change in 4.9.59 * netfilter: nat: Avoid ABI change in 4.9.63 * mm/page_alloc: Avoid ABI change in 4.9.65 * Revert "phy: increase size of MII_BUS_ID_SIZE and bus_id" to avoid ABI change * Revert "bpf: one perf event close won't free bpf program attached ..." to avoid ABI change * [rt] Add new signing subkey for Steven Rostedt * [rt] Update to 4.9.61-rt52: - Revert "pci: Use __wake_up_all_locked in pci_unblock_user_cfg_access()" - drivers/zram: fix zcomp_stream_get() smp_processor_id() use in preemptible code - fs/dcache: disable preemption on i_dir_seq's write side - tpm_tis: fix stall after iowrite*()s - fs: convert two more BH_Uptodate_Lock related bitspinlocks - locking/rt-mutex: fix deadlock in device mapper / block-IO - md/raid5: do not disable interrupts * mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack (Closes: #865416) * mm/mmap.c: expand_downwards: don't require the gap if !vm_prev * mmap: Remember the MAP_FIXED flag as VM_FIXED * [x86] mmap: Add an exception to the stack gap for Hotspot JVM compatibility (Closes: #865303) [ Salvatore Bonaccorso ] * media: cx231xx-cards: fix NULL-deref on missing association descriptor (CVE-2017-16536) * mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d() (CVE-2017-1000405) -- Ben Hutchings Sat, 02 Dec 2017 15:53:59 +0000 linux (4.9.51-1) stretch; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.48 - [x86] i2c: ismt: Don't duplicate the receive length for block reads - [x86] i2c: ismt: Return EMSGSIZE for block reads with bogus length - crypto: algif_skcipher - only call put_page on referenced and used pages - mm, uprobes: fix multiple free of ->uprobes_state.xol_area - mm, madvise: ensure poisoned pages are removed from per-cpu lists - ceph: fix readpage from fscache - cpumask: fix spurious cpumask_of_node() on non-NUMA multi-node configs - cpuset: Fix incorrect memory_pressure control file mapping - CIFS: Fix maximum SMB2 header size - lib/mpi: kunmap after finishing accessing buffer - drm/ttm: Fix accounting error when fail to get pages for pool - [armhf,arm64] kvm: Force reading uncached stage2 PGD - epoll: fix race between ep_poll_callback(POLLFREE) and ep_free()/ep_remove() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.49 - usb:xhci:Fix regression when ATI chipsets detected - [armhf] USB: musb: fix external abort on suspend - USB: core: Avoid race of async_completed() w/ usbdev_release() - [x86] staging/rts5208: fix incorrect shift to extract upper nybble - driver core: bus: Fix a potential double free - ath10k: fix memory leak in rx ring buffer allocation - Input: trackpoint - assume 3 buttons when buttons detection fails - rtlwifi: rtl_pci_probe: Fix fail path of _rtl_pci_find_adapter - dlm: avoid double-free on error path in dlm_device_{register,unregister} - mwifiex: correct channel stat buffer overflows - [s390x] mm: avoid empty zero pages for KVM guests to avoid postcopy hangs - drm/nouveau/pci/msi: disable MSI on big-endian platforms by default - scsi: sg: protect against races between mmap() and SG_SET_RESERVED_SIZE - scsi: sg: recheck MMAP_IO request length with lock held - [arm64] drm/bridge: adv7511: Use work_struct to defer hotplug handing to out of irq context - [arm64] drm/bridge: adv7511: Switch to using drm_kms_helper_hotplug_event() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.50 - [armhf] mtd: nand: mxc: Fix mxc_v1 ooblayout - nvme-fabrics: generate spec-compliant UUID NQNs - btrfs: resume qgroup rescan on rw remount - mm/memory.c: fix mem_cgroup_oom_disable() call missing - ALSA: msnd: Optimize / harden DSP and MIDI loops - [arm64] dts: marvell: armada-37xx: Fix GIC maintenance interrupt - [armhf] 8692/1: mm: abort uaccess retries upon fatal signal - NFS: Fix 2 use after free issues in the I/O code - NFS: Sync the correct byte range during synchronous writes https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.51 - ipv6: accept 64k - 1 packet length in ip6_find_1stfragopt() - ipv6: add rcu grace period before freeing fib6_node - macsec: add genl family module alias - udp: on peeking bad csum, drop packets even if not at head - qlge: avoid memcpy buffer overflow - [x86] netvsc: fix deadlock betwen link status and removal - cxgb4: Fix stack out-of-bounds read due to wrong size to t4_record_mbox() - kcm: do not attach PF_KCM sockets to avoid deadlock - Revert "net: phy: Correctly process PHY_HALTED in phy_stop_machine()" - bridge: switchdev: Clear forward mark when transmitting packet - Revert "net: use lib/percpu_counter API for fragmentation mem accounting" - Revert "net: fix percpu memory leaks" - gianfar: Fix Tx flow control deactivation - vhost_net: correctly check tx avail during rx busy polling - ip6_gre: update mtu properly in ip6gre_err - ipv6: fix memory leak with multiple tables during netns destruction - ipv6: fix typo in fib6_net_exit() - sctp: fix missing wake ups in some situations - ip_tunnel: fix setting ttl and tos value in collect_md mode - f2fs: let fill_super handle roll-forward errors - f2fs: check hot_data for roll-forward recovery - [amd64] fsgsbase: Fully initialize FS and GS state in start_thread_common - [amd64] fsgsbase: Report FSBASE and GSBASE correctly in core dumps - [amd64] switch_to: Rewrite FS/GS switching yet again to fix AMD CPUs - xfs: fix spurious spin_is_locked() assert failures on non-smp kernels - xfs: push buffer of flush locked dquot to avoid quotacheck deadlock - xfs: try to avoid blowing out the transaction reservation when bunmaping a shared extent - xfs: release bli from transaction properly on fs shutdown - xfs: remove bli from AIL before release on transaction abort - xfs: don't allow bmap on rt files - xfs: free uncommitted transactions during log recovery - xfs: free cowblocks and retry on buffered write ENOSPC - xfs: don't crash on unexpected holes in dir/attr btrees - xfs: check _btree_check_block value - xfs: set firstfsb to NULLFSBLOCK before feeding it to _bmapi_write - xfs: check _alloc_read_agf buffer pointer before using - xfs: fix quotacheck dquot id overflow infinite loop - xfs: fix multi-AG deadlock in xfs_bunmapi - xfs: Fix per-inode DAX flag inheritance - xfs: fix inobt inode allocation search optimization - xfs: clear MS_ACTIVE after finishing log recovery - xfs: don't leak quotacheck dquots when cow recovery - iomap: fix integer truncation issues in the zeroing and dirtying helpers - xfs: write unmount record for ro mounts - xfs: toggle readonly state around xfs_log_mount_finish - xfs: Properly retry failed inode items in case of error during buffer writeback - xfs: fix recovery failure when log record header wraps log end - xfs: always verify the log tail during recovery - xfs: fix log recovery corruption error due to tail overwrite - xfs: handle -EFSCORRUPTED during head/tail verification - xfs: stop searching for free slots in an inode chunk when there are none - xfs: evict all inodes involved with log redo item - xfs: check for race with xfs_reclaim_inode() in xfs_ifree_cluster() - xfs: don't log dirty ranges for ordered buffers - xfs: skip bmbt block ino validation during owner change - xfs: move bmbt owner change to last step of extent swap - xfs: disallow marking previously dirty buffers as ordered - xfs: relog dirty buffers during swapext bmbt owner change - xfs: disable per-inode DAX flag - xfs: fix incorrect log_flushed on fsync - xfs: don't set v3 xflags for v2 inodes - xfs: open code end_buffer_async_write in xfs_finish_page_writeback - md/raid5: release/flush io in raid5_do_work() - ipv6: Fix may be used uninitialized warning in rt6_check [ Ben Hutchings ] * Fix regressions caused by fix for CVE-2016-7097 (Closes: #873026): - ext4: preserve i_mode if __ext4_set_acl() fails - ext4: Don't clear SGID when inheriting ACLs * [mips{,64}el/loongson-3] Add support for Loongson-3A/B 3000 CPUs, thanks to YunQiang Su (Closes: #871701): - Add Loongson-3A R3 basic support - Add NMI handler support - Support 4 packages in CPU Hwmon driver - IRQ balancing for PCI devices - support irq_set_affinity() in i8259 chip - Make enum loongson_cpu_type more clear * [ppc64el] Invalidate ERAT on powersave wakeup for POWER9, thanks to Michael Neuling (Closes: #868887) * ip6_fib: Avoid ABI change in 4.9.51 * inet_frag: Limit ABI change in 4.9.51 * nfs: Ignore ABI change in 4.9.50 -- Ben Hutchings Thu, 28 Sep 2017 19:27:56 +0200 linux (4.9.47-1) stretch; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.31 - driver: vrf: Fix one possible use-after-free issue - [s390x] qeth: handle sysfs error during initialization - [s390x] qeth: unbreak OSM and OSN support - [s390x] qeth: avoid null pointer dereference on OSN - [s390x] qeth: add missing hash table initializations - [arm64] bpf: fix faulty emission of map access in tail calls - netem: fix skb_orphan_partial() - net: fix compile error in skb_orphan_partial() - tcp: avoid fragmenting peculiar skbs in SACK - sctp: fix src address selection if using secondary addresses for ipv6 - net/packet: fix missing net_device reference release - net/mlx5e: Use the correct pause values for ethtool advertising - net/mlx5e: Fix ethtool pause support and advertise reporting - tcp: eliminate negative reordering in tcp_clean_rtx_queue - net: Improve handling of failures on link and route dumps - bridge: netlink: check vlan_default_pvid range - qmi_wwan: add another Lenovo EM74xx device ID - bridge: start hello_timer when enabling KERNEL_STP in br_stp_start - bonding: fix accounting of active ports in 3ad - net/mlx5: Avoid using pending command interface slots - net: phy: marvell: Limit errata to 88m1101 - vlan: Fix tcp checksum offloads in Q-in-Q vlans - be2net: Fix offload features for Q-in-Q packets - virtio-net: enable TSO/checksum offloads for Q-in-Q vlans - tcp: avoid fastopen API to be used on AF_UNSPEC - sctp: fix ICMP processing if skb is non-linear - ipv4: add reference counting to metrics - bpf: add bpf_clone_redirect to bpf_helper_changes_pkt_data - fs/ufs: Set UFS default maximum bytes per file - [powerpc*] spufs: Fix hash faults for kernel regions - drivers/tty: 8250: only call fintek_8250_probe when doing port I/O - i2c: i2c-tiny-usb: fix buffer not being DMA capable - [x86] MCE: Export memory_error() - acpi, nfit: Fix the memory error check in nfit_handle_mce() - Revert "ACPI / button: Change default behavior to lid_init_state=open" - mmc: sdhci-iproc: suppress spurious interrupt with Multiblock read - iscsi-target: Always wait for kthread_should_stop() before kthread exit - ibmvscsis: Clear left-over abort_cmd pointers - ibmvscsis: Fix the incorrect req_lim_delta - HID: wacom: Have wacom_tpc_irq guard against possible NULL dereference - nvme-rdma: support devices with queue size < 32 - nvme: use blk_mq_start_hw_queues() in nvme_kill_queues() - nvme: avoid to use blk_mq_abort_requeue_list() - scsi: mpt3sas: Force request partial completion alignment - drm/radeon/ci: disable mclk switching for high refresh rates (v2) - drm/radeon: Unbreak HPD handling for r600+ - drm/radeon: Fix vram_size/visible values in DRM_RADEON_GEM_INFO ioctl - pcmcia: remove left-over %Z format - ALSA: hda - apply STAC_9200_DELL_M22 quirk for Dell Latitude D430 - mm/migrate: fix refcount handling when !hugepage_migration_supported() - mlock: fix mlock count can not decrease in race condition - mm: consider memblock reservations for deferred memory initialization sizing - RDMA/qib,hfi1: Fix MR reference count leak on write with immediate - [x86] boot: Use CROSS_COMPILE prefix for readelf - ksm: prevent crash after write_protect_page fails - slub/memcg: cure the brainless abuse of sysfs attributes - mm/slub.c: trace free objects at KERN_INFO - [x86] drm/gma500/psb: Actually use VBT mode when it is found - xfs: Fix missed holes in SEEK_HOLE implementation - xfs: use ->b_state to fix buffer I/O accounting release race - xfs: fix off-by-one on max nr_pages in xfs_find_get_desired_pgoff() - xfs: verify inline directory data forks - xfs: rework the inline directory verifiers - xfs: fix kernel memory exposure problems - xfs: use dedicated log worker wq to avoid deadlock with cil wq - xfs: fix over-copying of getbmap parameters from userspace - xfs: actually report xattr extents via iomap - xfs: drop iolock from reclaim context to appease lockdep - xfs: fix integer truncation in xfs_bmap_remap_alloc - xfs: handle array index overrun in xfs_dir2_leaf_readbuf() - xfs: prevent multi-fsb dir readahead from reading random blocks - xfs: fix up quotacheck buffer list error handling - xfs: support ability to wait on new inodes - xfs: update ag iterator to support wait on new inodes - xfs: wait on new inodes during quotaoff dquot release - xfs: reserve enough blocks to handle btree splits when remapping - xfs: fix use-after-free in xfs_finish_page_writeback - xfs: fix indlen accounting error on partial delalloc conversion - xfs: BMAPX shouldn't barf on inline-format directories - xfs: bad assertion for delalloc an extent that start at i_size - xfs: xfs_trans_alloc_empty - xfs: avoid mount-time deadlock in CoW extent recovery - xfs: fix unaligned access in xfs_btree_visit_blocks - xfs: Fix off-by-in in loop termination in xfs_find_get_desired_pgoff() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.32 - bnx2x: Fix Multi-Cos - vxlan: eliminate cached dst leak - cxgb4: avoid enabling napi twice to the same queue - tcp: disallow cwnd undo when switching congestion control - vxlan: fix use-after-free on deletion - net: ping: do not abuse udp_poll() - net/ipv6: Fix CALIPSO causing GPF with datagram support - net: ethoc: enable NAPI before poll may be scheduled - net: stmmac: fix completely hung TX when using TSO - net: bridge: start hello timer only if device is up - serial: ifx6x60: fix use-after-free on module unload - ptrace: Properly initialize ptracer_cred on fork - crypto: asymmetric_keys - handle EBUSY due to backlog correctly - KEYS: fix dereferencing NULL payload with nonzero length - KEYS: fix freeing uninitialized memory in key_update() - KEYS: encrypted: avoid encrypting/decrypting stack buffers - crypto: drbg - wait for crypto op not signal safe - crypto: gcm - wait for crypto op not signal safe - drm/amdgpu/ci: disable mclk switching for high refresh rates (v2) - nfsd4: fix null dereference on replay - nfsd: Fix up the "supattr_exclcreat" attributes - efi: Don't issue error message when booted under Xen - kvm: async_pf: fix rcu_irq_enter() with irqs enabled - [x86] KVM: cpuid: Fix read/write out-of-bounds vulnerability in cpuid emulation - [arm64] KVM: Preserve RES1 bits in SCTLR_EL2 - [arm64] KVM: Allow unaligned accesses at EL2 - [armhf] KVM: Allow unaligned accesses at HYP - KVM: async_pf: avoid async pf injection when in guest mode - [armhf,arm64] KVM: vgic-v3: Do not use Active+Pending state for a HW interrupt - [armhf,arm64] KVM: vgic-v2: Do not use Active+Pending state for a HW interrupt - dmaengine: usb-dmac: Fix DMAOR AE bit definition - dmaengine: ep93xx: Always start from BASE0 - dmaengine: ep93xx: Don't drain the transfers in terminate_all() - dmaengine: mv_xor_v2: handle mv_xor_v2_prep_sw_desc() error properly - dmaengine: mv_xor_v2: properly handle wrapping in the array of HW descriptors - dmaengine: mv_xor_v2: do not use descriptors not acked by async_tx - dmaengine: mv_xor_v2: enable XOR engine after its configuration - dmaengine: mv_xor_v2: fix tx_submit() implementation - dmaengine: mv_xor_v2: remove interrupt coalescing - dmaengine: mv_xor_v2: set DMA mask to 40 bits - cfq-iosched: fix the delay of cfq_group's vdisktime under iops mode - xen/privcmd: Support correctly 64KB page granularity when mapping memory - ext4: fix SEEK_HOLE - ext4: keep existing extra fields when inode expands - ext4: fix data corruption with EXT4_GET_BLOCKS_ZERO - ext4: fix fdatasync(2) after extent manipulation operations - drm: Fix oops + Xserver hang when unplugging USB drm devices - usb: gadget: f_mass_storage: Serialize wake and sleep execution - usb: chipidea: udc: fix NULL pointer dereference if udc_start failed - usb: chipidea: debug: check before accessing ci_role - staging/lustre/lov: remove set_fs() call from lov_getstripe() - iio: adc: bcm_iproc_adc: swap primary and secondary isr handler's - iio: light: ltr501 Fix interchanged als/ps register field - iio: proximity: as3935: fix AS3935_INT mask - iio: proximity: as3935: fix iio_trigger_poll issue - mei: make sysfs modalias format similar as uevent modalias - cpufreq: cpufreq_register_driver() should return -ENODEV if init fails - target: Re-add check to reject control WRITEs with overflow data - [arm64] drm/msm: Expose our reservation object when exporting a dmabuf. - ahci: Acer SA5-271 SSD Not Detected Fix - cgroup: Prevent kill_css() from being called more than once - Input: elantech - add Fujitsu Lifebook E546/E557 to force crc_enabled - cpuset: consider dying css as offline - fs: add i_blocksize() - ufs: restore proper tail allocation - fix ufs_isblockset() - ufs: restore maintaining ->i_blocks - ufs: set correct ->s_maxsize - ufs_extend_tail(): fix the braino in calling conventions of ufs_new_fragments() - ufs_getfrag_block(): we only grab ->truncate_mutex on block creation path - cxl: Fix error path on bad ioctl - cxl: Avoid double free_irq() for psl,slice interrupts - btrfs: use correct types for page indices in btrfs_page_exists_in_range - btrfs: fix memory leak in update_space_info failure path - [armhf,arm64] KVM: Handle possible NULL stage2 pud when ageing pages - scsi: qla2xxx: don't disable a not previously enabled PCI device - scsi: qla2xxx: Modify T262 FW dump template to specify same start/end to debug customer issues - scsi: qla2xxx: Set bit 15 for DIAG_ECHO_TEST MBC - scsi: qla2xxx: Fix mailbox pointer error in fwdump capture - [powerpc*] sysdev/simple_gpio: Fix oops in gpio save_regs function - [powerpc*] numa: Fix percpu allocations to be NUMA aware - [powerpc*] hotplug-mem: Fix missing endian conversion of aa_index - [powerpc*] kernel: Fix FP and vector register restoration (Closes: #868902) - [powerpc*] kernel: Initialize load_tm on task creation - [x86] drm/vmwgfx: Handle vmalloc() failure in vmw_local_fifo_reserve() - drm/nouveau/tmr: fully separate alarm execution/pending lists - ALSA: timer: Fix race between read and ioctl (CVE-2017-1000380) - ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT (CVE-2017-1000380) - ASoC: Fix use-after-free at card unregistration - cpu/hotplug: Drop the device lock on error - drivers: char: mem: Fix wraparound check to allow mappings up to the end - serial: sh-sci: Fix panic when serial console and DMA are enabled - [arm64] traps: fix userspace cache maintenance emulation on a tagged pointer - [arm64] hw_breakpoint: fix watchpoint matching for tagged pointers - [arm64] entry: improve data abort handling of tagged pointers - [armel,armhf] 8637/1: Adjust memory boundaries after reservations - usercopy: Adjust tests to deal with SMAP/PAN - [x86] drm/i915/vbt: don't propagate errors from intel_bios_init() - [x86] drm/i915/vbt: split out defaults that are set when there is no VBT - cpufreq: schedutil: move cached_raw_freq to struct sugov_policy - cpufreq: schedutil: Fix per-CPU structure initialization in sugov_start() - netfilter: nft_set_rbtree: handle element re-addition after deletion https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.33 - PCI/PM: Add needs_resume flag to avoid suspend complete optimization - [x86] drm/i915: Prevent the system suspend complete optimization - partitions/msdos: FreeBSD UFS2 file systems are not recognized - netfilter: nf_conntrack_sip: fix wrong memory initialisation - ibmvnic: Fix endian errors in error reporting output - ibmvnic: Fix endian error when requesting device capabilities - net: xilinx_emaclite: fix freezes due to unordered I/O - net: xilinx_emaclite: fix receive buffer overflow - tcp: tcp_probe: use spin_lock_bh() - ipv6: Handle IPv4-mapped src to in6addr_any dst. - ipv6: Inhibit IPv4-mapped src address on the wire. - tipc: Fix tipc_sk_reinit race conditions - gfs2: Use rhashtable walk interface in glock_hash_walk - NET: Fix /proc/net/arp for AX.25 - ibmvnic: Call napi_disable instead of napi_enable in failure path - ibmvnic: Initialize completion variables before starting work - NET: mkiss: Fix panic - net: hns: Fix the device being used for dma mapping during TX - sierra_net: Skip validating irrelevant fields for IDLE LSIs - sierra_net: Add support for IPv6 and Dual-Stack Link Sense Indications - i2c: piix4: Request the SMBUS semaphore inside the mutex - i2c: piix4: Fix request_region size - [powerpc*] powernv: Properly set "host-ipi" on IPIs - kernel/ucount.c: mark user_header with kmemleak_ignore() - net: thunderx: Fix PHY autoneg for SGMII QLM mode - ipv6: addrconf: fix generation of new temporary addresses - vfio/spapr_tce: Set window when adding additional groups to container - ipv6: Fix IPv6 packet loss in scenarios involving roaming + snooping switches - PM / runtime: Avoid false-positive warnings from might_sleep_if() - jump label: pass kbuild_cflags when checking for asm goto support - shmem: fix sleeping from atomic context - kasan: respect /proc/sys/kernel/traceoff_on_warning - log2: make order_base_2() behave correctly on const input value zero - ethtool: do not vzalloc(0) on registers dump - net: phy: Fix lack of reference count on PHY driver - net: phy: Fix PHY module checks and NULL deref in phy_attach_direct() - net: fix ndo_features_check/ndo_fix_features comment ordering - fscache: Fix dead object requeue - fscache: Clear outstanding writes when disabling a cookie - FS-Cache: Initialise stores_lock in netfs cookie - ipv6: fix flow labels when the traffic class is non-0 - drm/nouveau: prevent userspace from deleting client object - drm/nouveau/fence/g84-: protect against concurrent access to semaphore buffers - net/mlx4_core: Avoid command timeouts during VF driver device shutdown - gianfar: synchronize DMA API usage by free_skb_rx_queue w/ gfar_new_page - [x86] pinctrl: baytrail: Rectify debounce support (part 2) - cec: fix wrong last_la determination - drm: prevent double-(un)registration for connectors - drm: Don't race connector registration - net: adaptec: starfire: add checks for dma mapping errors - [x86] drm/i915: Check for NULL i915_vma in intel_unpin_fb_obj() - net/mlx5: E-Switch, Err when retrieving steering name-space fails - net/mlx5: Return EOPNOTSUPP when failing to get steering name-space - net: phy: micrel: add support for KSZ8795 - gtp: add genl family modules alias - drm/nouveau: Intercept ACPI_VIDEO_NOTIFY_PROBE - drm/nouveau: Rename acpi_work to hpd_work - drm/nouveau: Handle fbcon suspend/resume in seperate worker - drm/nouveau: Don't enabling polling twice on runtime resume - drm/nouveau: Fix drm poll_helper handling - drm/ast: Fixed system hanged if disable P2A - ravb: unmap descriptors when freeing rings - nfs: Fix "Don't increment lock sequence ID after NFS4ERR_MOVED" - nvmet-rdma: Fix missing dma sync to nvme data structures - r8152: avoid start_xmit to call napi_schedule during autosuspend - r8152: check rx after napi is enabled - r8152: re-schedule napi for tx - r8152: fix rtl8152_post_reset function - r8152: avoid start_xmit to schedule napi when napi is disabled - bnxt_en: Fix bnxt_reset() in the slow path task. - bnxt_en: Enhance autoneg support. - bnxt_en: Fix RTNL lock usage on bnxt_update_link(). - bnxt_en: Fix RTNL lock usage on bnxt_get_port_module_status(). - sctp: sctp gso should set feature with NETIF_F_SG when calling skb_segment - sctp: sctp_addr_id2transport should verify the addr before looking up assoc - usb: musb: Fix external abort on non-linefetch for musb_irq_work() - romfs: use different way to generate fsid for BLOCK or MTD - frv: add atomic64_add_unless() - frv: add missing atomic64 operations - proc: add a schedule point in proc_pid_readdir() - userfaultfd: fix SIGBUS resulting from false rwsem wakeups - kernel/watchdog.c: move hardlockup detector to separate file - kernel/watchdog.c: move shared definitions to nmi.h - kernel/watchdog: prevent false hardlockup on overloaded system - [x86] vhost/vsock: handle vhost_vq_init_access() error - tipc: ignore requests when the connection state is not CONNECTED - tipc: fix connection refcount error - tipc: add subscription refcount to avoid invalid delete - tipc: fix nametbl_lock soft lockup at node/link events - netfilter: nf_tables: fix set->nelems counting with no NLM_F_EXCL - netfilter: nft_log: restrict the log prefix length to 127 - RDMA/qedr: Dispatch port active event from qedr_add - RDMA/qedr: Fix and simplify memory leak in PD alloc - RDMA/qedr: Don't reset QP when queues aren't flushed - RDMA/qedr: Don't spam dmesg if QP is in error state - RDMA/qedr: Return max inline data in QP query result - [s390x] kvm: do not rely on the ILC on kvm host protection fauls - [x86] drm/i915: Workaround VLV/CHV DSI scanline counter hardware fail - [x86] drm/i915: Always recompute watermarks when distrust_bios_wm is set, v2. https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.34 - fs: pass on flags in compat_writev - configfs: Fix race between create_link and configfs_rmdir - can: gs_usb: fix memory leak in gs_cmd_reset() - ila_xlat: add missing hash secret initialization - cpufreq: conservative: Allow down_threshold to take values from 1 to 10 - vb2: Fix an off by one error in 'vb2_plane_vaddr' - mac80211: don't look at the PM bit of BAR frames - mac80211/wpa: use constant time memory comparison for MACs - drm/amdgpu: Fix overflow of watermark calcs at > 4k resolutions. - [x86] drm/i915: Fix GVT-g PVINFO version compatibility check - usb: musb: dsps: keep VBUS on for host-only mode - mac80211: fix CSA in IBSS mode - mac80211: fix packet statistics for fast-RX - mac80211: fix IBSS presp allocation size - mac80211: strictly check mesh address extension mode - mac80211: fix dropped counter in multiqueue RX - mac80211: don't send SMPS action frame in AP mode when not needed - [armhf,arm64] drm/vc4: Fix OOPSes from trying to cache a partially constructed BO. - serial: efm32: Fix parity management in 'efm32_uart_console_get_options()' - serial: sh-sci: Fix late enablement of AUTORTS - [i386] mm: Set the '__vmalloc_start_set' flag in initmem_init() - mfd: omap-usb-tll: Fix inverted bit use for USB TLL mode - staging: rtl8188eu: prevent an underflow in rtw_check_beacon_data() - staging: iio: tsl2x7x_core: Fix standard deviation calculation - iio: st_pressure: Fix data sign - iio: proximity: as3935: recalibrate RCO after resume - iio: adc: ti_am335x_adc: allocating too much in probe - IB/mlx5: Fix kernel to user leak prevention logic - usb: gadget: udc: renesas_usb3: fix pm_runtime functions calling - usb: gadget: udc: renesas_usb3: fix deadlock by spinlock - usb: gadget: udc: renesas_usb3: lock for PN_ registers access - USB: hub: fix SS max number of ports - usb: core: fix potential memory leak in error path during hcd creation - USB: usbip: fix nonconforming hub descriptor - pvrusb2: reduce stack usage pvr2_eeprom_analyze() - USB: gadget: dummy_hcd: fix hub-descriptor removable fields - usb: r8a66597-hcd: select a different endpoint on timeout - usb: r8a66597-hcd: decrease timeout - ath10k: fix napi crash during rmmod when probe firmware fails - misc: mic: double free on ioctl error path - drivers/misc/c2port/c2port-duramar2150.c: checking for NULL instead of IS_ERR() - usb: xhci: Fix USB 3.1 supported protocol parsing - usb: xhci: ASMedia ASM1042A chipset need shorts TX quirk - USB: gadget: fix GPF in gadgetfs - USB: gadgetfs, dummy-hcd, net2280: fix locking for callbacks - mm/memory-failure.c: use compound_head() flags for huge pages - swap: cond_resched in swap_cgroup_prepare() - iio: imu: inv_mpu6050: add accel lpf setting for chip >= MPU6500 - sched/core: Idle_task_exit() shouldn't use switch_mm_irqs_off() - genirq: Release resources in __setup_irq() error path - alarmtimer: Prevent overflow of relative timers - usb: gadget: composite: Fix function used to free memory - usb: dwc3: exynos fix axius clock error path to do cleanup - [mips*] Fix bnezc/jialc return address calculation - [mips*] .its targets depend on vmlinux - vTPM: Fix missing NULL check - alarmtimer: Rate limit periodic intervals - Allow stack to grow up to address space limit https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.35 - clk: sunxi-ng: a31: Correct lcd1-ch1 clock register offset - xen/blkback: fix disconnect while I/Os in flight - ALSA: firewire-lib: Fix stall of process context at packet error - ALSA: pcm: Don't treat NULL chmap as a fatal error - [powerpc*] perf: Fix oops when kthread execs user process - autofs: sanity check status reported with AUTOFS_DEV_IOCTL_FAIL - lib/cmdline.c: fix get_options() overflow while parsing ranges - [x86] perf/intel: Add 1G DTLB load/store miss support for SKL - [s390x] KVM: gaccess: fix real-space designation asce handling for gmap shadows - [powerpc*] KVM: Book3S HV: Preserve userspace HTM state properly - [powerpc*] KVM: Book3S HV: Context-switch EBB registers properly - CIFS: Improve readdir verbosity - cxgb4: notify uP to route ctrlq compl to rdma rspq - HID: Add quirk for Dell PIXART OEM mouse - signal: Only reschedule timers on signals timers have sent - [powerpc*] kprobes: Pause function_graph tracing during jprobes handling - powerpc/64s: Handle data breakpoints in Radix mode - Input: i8042 - add Fujitsu Lifebook AH544 to notimeout list - brcmfmac: add parameter to pass error code in firmware callback - brcmfmac: use firmware callback upon failure to load - brcmfmac: unbind all devices upon failure in firmware callback - time: Fix clock->read(clock) race around clocksource changes - time: Fix CLOCK_MONOTONIC_RAW sub-nanosecond accounting - [arm64] vdso: Fix nsec handling for CLOCK_MONOTONIC_RAW - target: Fix kref->refcount underflow in transport_cmd_finish_abort - iscsi-target: Fix delayed logout processing greater than SECONDS_FOR_LOGOUT_COMP - iscsi-target: Reject immediate data underflow larger than SCSI transfer length - drm/radeon: add a PX quirk for another K53TK variant - drm/radeon: add a quirk for Toshiba Satellite L20-183 - drm/amdgpu/atom: fix ps allocation size for EnableDispPowerGating - drm/amdgpu: adjust default display clock - of: Add check to of_scan_flat_dt() before accessing initial_boot_params - mtd: spi-nor: fix spansion quad enable - usb: gadget: f_fs: avoid out of bounds access on comp_desc - rt2x00: avoid introducing a USB dependency in the rt2x00lib module - net: phy: Initialize mdio clock at probe function - dmaengine: bcm2835: Fix cyclic DMA period splitting - spi: double time out tolerance - net: phy: fix marvell phy status reading - jump label: fix passing kbuild_cflags when checking for asm goto support - brcmfmac: fix uninitialized warning in brcmf_usb_probe_phase2() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.36 - ipv6: release dst on error in ip6_dst_lookup_tail - net: don't call strlen on non-terminated string in dev_set_alias() - decnet: dn_rtmsg: Improve input length sanitization in dnrmg_receive_user_skb - net: Zero ifla_vf_info in rtnl_fill_vfinfo() - net: vrf: Make add_fib_rules per network namespace flag - af_unix: Add sockaddr length checks before accessing sa_family in bind and connect handlers - Fix an intermittent pr_emerg warning about lo becoming free. - sctp: disable BH in sctp_for_each_endpoint - net: caif: Fix a sleep-in-atomic bug in cfpkt_create_pfx - net: tipc: Fix a sleep-in-atomic bug in tipc_msg_reverse - net/mlx5e: Added BW check for DIM decision mechanism - net/mlx5e: Fix wrong indications in DIM due to counter wraparound - proc: snmp6: Use correct type in memset - igmp: acquire pmc lock for ip_mc_clear_src() - igmp: add a missing spin_lock_init() - ipv6: fix calling in6_ifa_hold incorrectly for dad work - sctp: return next obj by passing pos + 1 into sctp_transport_get_idx - net/mlx5e: Avoid doing a cleanup call if the profile doesn't have it - net/mlx5: Wait for FW readiness before initializing command interface - net/mlx5e: Fix timestamping capabilities reporting - decnet: always not take dst->__refcnt when inserting dst into hash table - net: 8021q: Fix one possible panic caused by BUG_ON in free_netdev - sfc: provide dummy definitions of vswitch functions - ipv6: Do not leak throw route references - rtnetlink: add IFLA_GROUP to ifla_policy - netfilter: xt_TCPMSS: add more sanity tests on tcph->doff - netfilter: synproxy: fix conntrackd interaction - NFSv4: fix a reference leak caused WARNING messages - xen/blkback: don't use xen_blkif_get() in xen-blkback kthread - drm/ast: Handle configuration without P2A bridge - mm, swap_cgroup: reschedule when neeed in swap_cgroup_swapoff() - [mips*] head: Reorder instructions missing a delay slot - [mips*] Avoid accidental raw backtrace - [mips*] pm-cps: Drop manual cache-line alignment of ready_count - [mips*] Fix IRQ tracing & lockdep when rescheduling - ALSA: hda - Fix endless loop of codec configure - ALSA: hda - set input_path bitmap to zero after moving it to new place - NFSv4.1: Fix a race in nfs4_proc_layoutget - gpiolib: fix filtering out unwanted events - [x86] drm/vmwgfx: Free hash table allocated by cmdbuf managed res mgr - dm thin: do not queue freed thin mapping for next stage processing - [x86] mm: Fix boot crash caused by incorrect loop count calculation in sync_global_pgds() - usb: gadget: f_fs: Fix possibe deadlock - l2tp: fix race in l2tp_recv_common() - l2tp: ensure session can't get removed during pppol2tp_session_ioctl() - l2tp: fix duplicate session creation - l2tp: hold session while sending creation notifications - l2tp: take a reference on sessions used in genetlink handlers - mm: numa: avoid waiting on freed migrated pages - net: ethtool: add support for 2500BaseT and 5000BaseT link modes - net: phy: add an option to disable EEE advertisement - dt-bindings: net: add EEE capability constants - net: phy: fix sign type error in genphy_config_eee_advert - net: phy: use boolean dt properties for eee broken modes - dt: bindings: net: use boolean dt properties for eee broken modes - [arm64] dts: meson-gxbb-odroidc2: fix GbE tx link breakage - xen/blkback: don't free be structure too early - [x86] KVM: fix fixing of hypercalls - scsi: sd: Fix wrong DPOFUA disable in sd_read_cache_type - stmmac: add missing of_node_put - scsi: lpfc: Set elsiocb contexts to NULL after freeing it - qla2xxx: Terminate exchange if corrupted - qla2xxx: Fix erroneous invalid handle message - drm/amdgpu: fix program vce instance logic error. - drm/amdgpu: add support for new hainan variants - net: phy: dp83848: add DP83620 PHY support - [x86] perf/intel: Handle exclusive threadid correctly on CPU hotplug - net: korina: Fix NAPI versus resources freeing - [powerpc*] eeh: Enable IO path on permanent error - net: ethtool: Initialize buffer when querying device channel settings - xen-netback: fix memory leaks on XenBus disconnect - xen-netback: protect resource cleaning on XenBus disconnect - bnxt_en: Fix "uninitialized variable" bug in TPA code path. - bpf: don't trigger OOM killer under pressure with map alloc - objtool: Fix IRET's opcode - gianfar: Do not reuse pages from emergency reserve - Btrfs: Fix deadlock between direct IO and fast fsync - Btrfs: fix truncate down when no_holes feature is enabled - virtio_console: fix a crash in config_work_handler - swiotlb-xen: update dev_addr after swapping pages - xen-netfront: Fix Rx stall during network stress and OOM - scsi: virtio_scsi: Reject commands when virtqueue is broken - iwlwifi: fix kernel crash when unregistering thermal zone - [x86] platform: ideapad-laptop: handle ACPI event 1 - amd-xgbe: Check xgbe_init() return code - net: dsa: Check return value of phy_connect_direct() - drm/amdgpu: check ring being ready before using - vfio/spapr: fail tce_iommu_attach_group() when iommu_data is null - mlxsw: spectrum_router: Correctly reallocate adjacency entries - virtio_net: fix PAGE_SIZE > 64k - ip6_tunnel: must reload ipv6h in ip6ip6_tnl_xmit() - vxlan: do not age static remote mac entries - ibmveth: Add a proper check for the availability of the checksum features - kernel/panic.c: add missing \n - [x86] perf/intel/uncore: Fix hardcoded socket 0 assumption in the Haswell init code - [x86] pinctrl: intel: Set pin direction properly - net: phy: marvell: fix Marvell 88E1512 used in SGMII mode - mac80211: recalculate min channel width on VHT opmode changes - [x86] perf/intel: Use ULL constant to prevent undefined shift behaviour - HID: i2c-hid: Add sleep between POWER ON and RESET - scsi: lpfc: avoid double free of resource identifiers - spi: davinci: use dma_mapping_error() - [arm64] assembler: make adr_l work in modules under KASLR - net: thunderx: acpi: fix LMAC initialization - drm/radeon/si: load special ucode for certain MC configs - drm/amd/powerplay: fix vce cg logic error on CZ/St. - drm/amd/powerplay: refine vce dpm update code on Cz. - pmem: return EIO on read_pmem() failure - mac80211: initialize SMPS field in HT capabilities - [x86] tsc: Add the Intel Denverton Processor to native_calibrate_tsc() - [x86] mpx: Use compatible types in comparison to fix sparse error - perf/core: Fix sys_perf_event_open() vs. hotplug - [x86] perf: Reject non sampling events with precise_ip - aio: fix lock dep warning - coredump: Ensure proper size of sparse core files - swiotlb: ensure that page-sized mappings are page-aligned - [s390x] ctl_reg: make __ctl_load a full memory barrier - usb: dwc2: gadget: Fix GUSBCFG.USBTRDTIM value - be2net: fix status check in be_cmd_pmac_add() - be2net: don't delete MAC on close on unprivileged BE3 VFs - be2net: fix MAC addr setting on privileged BE3 VFs - perf probe: Fix to show correct locations for events on modules - net: phy: dp83867: allow RGMII_TXID/RGMII_RXID interface types - tipc: allocate user memory with GFP_KERNEL flag - perf probe: Fix to probe on gcc generated functions in modules - net/mlx4_core: Eliminate warning messages for SRQ_LIMIT under SRIOV - sctp: check af before verify address in sctp_addr_id2transport - ip6_tunnel, ip6_gre: fix setting of DSCP on encapsulated packets - ravb: Fix use-after-free on `ifconfig eth0 down` - mm/vmalloc.c: huge-vmap: fail gracefully on unexpected huge vmap mappings - xfrm: fix stack access out of bounds with CONFIG_XFRM_SUB_POLICY - xfrm: NULL dereference on allocation failure - xfrm: Oops on error in pfkey_msg2xfrm_state() - netfilter: use skb_to_full_sk in ip_route_me_harder - watchdog: bcm281xx: Fix use of uninitialized spinlock. - sched/loadavg: Avoid loadavg spikes caused by delayed NO_HZ accounting - spi: When no dma_chan map buffers with spi_master's parent - spi: fix device-node leaks - regulator: tps65086: Fix expected switch DT node names - regulator: tps65086: Fix DT node referencing in of_parse_cb - [armhf] OMAP2+: omap_device: Sync omap_device and pm_runtime after probe defer - [armhf] dts: OMAP3: Fix MFG ID EEPROM - [arm64] ACPI: Fix BAD_MADT_GICC_ENTRY() macro implementation - [armel,armhf] 8685/1: ensure memblock-limit is pmd-aligned - [x86] tools arch: Sync arch/x86/lib/memcpy_64.S with the kernel - [x86] boot/KASLR: Fix kexec crash due to 'virt_addr' calculation bug - [x86] mpx: Correctly report do_mpx_bt_fault() failures to user-space - [x86] mm: Fix flush_tlb_page() on Xen - ocfs2: o2hb: revert hb threshold to keep compatible - iommu/vt-d: Don't over-free page table directories - iommu: Handle default domain attach failure - iommu/dma: Don't reserve PCI I/O windows - iommu/amd: Fix incorrect error handling in amd_iommu_bind_pasid() - iommu/amd: Fix interrupt remapping when disable guest_mode - cpufreq: s3c2416: double free on driver init error path - clk: scpi: don't add cpufreq device if the scpi dvfs node is disabled - brcmfmac: avoid writing channel out of allocated array - i2c: brcmstb: Fix START and STOP conditions - mtd: nand: brcmnand: Check flash #WP pin status before nand erase/program - [arm64] fix NULL dereference in have_cpu_die() - [x86] KVM: fix emulation of RSM and IRET instructions - [x86] KVM: vPMU: fix undefined shift in intel_pmu_refresh() - [x86] KVM: zero base3 of unusable segments - [x86] KVM: nVMX: Fix exception injection https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.37 - fs: add a VALID_OPEN_FLAGS - fs: completely ignore unknown open flags - driver core: platform: fix race condition with driver_override (CVE-2017-12146) - ceph: choose readdir frag based on previous readdir reply - tracing/kprobes: Allow to create probe with a module name starting with a digit - media: entity: Fix stream count check - usb: dwc3: replace %p with %pK - USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick - Add USB quirk for HVR-950q to avoid intermittent device resets - usb: usbip: set buffer pointers to NULL after free - usb: Fix typo in the definition of Endpoint[out]Request - USB: core: fix device node leak - mac80211_hwsim: Replace bogus hrtimer clockid - sysctl: don't print negative flag for proc_douintvec - sysctl: report EINVAL if value is larger than UINT_MAX for proc_douintvec - [arm64] pinctrl: qcom: ipq4019: add missing pingroups for pins > 70 - [arm64] pinctrl: meson: meson8b: fix the NAND DQS pins - [x86] pinctrl: cherryview: Add terminate entry for dmi_system_id tables - [armhf] pinctrl: sunxi: Fix SPDIF function name for A83T - xhci: Limit USB2 port wake support for AMD Promontory hosts - gfs2: Fix glock rhashtable rcu bug - tpm: fix a kernel memory leak in tpm-sysfs.c - [x86] uaccess: Optimize copy_user_enhanced_fast_string() for short strings - ath10k: override CE5 config for QCA9377 - KEYS: Fix an error code in request_master_key() - crypto: drbg - Fixes panic in wait_for_completion call - RDMA/uverbs: Check port number supplied by user verbs cmds - rt286: add Thinkpad Helix 2 to force_combo_jack_table https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.38 - Add "shutdown" to "struct class". - tpm: Issue a TPM2_Shutdown for TPM2 devices. - perf thread_map: Correctly size buffer used with dirent->dt_name - perf tests: Avoid possible truncation with dirent->d_name + snprintf - perf bench numa: Avoid possible truncation when using snprintf() - perf header: Fix handling of PERF_EVENT_UPDATE__SCALE - perf scripting perl: Fix compile error with some perl5 versions - perf probe: Fix to probe on gcc generated symbols for offline kernel - perf probe: Add error checks to offline probe post-processing - md: fix incorrect use of lexx_to_cpu in does_sb_need_changing - md: fix super_offset endianness in super_1_rdev_size_change - locking/rwsem-spinlock: Fix EINTR branch in __down_write_common() - staging: vt6556: vnt_start Fix missing call to vnt_key_init_table. - staging: comedi: fix clean-up of comedi_class in comedi_init() - crypto: caam - fix gfp allocation flags (part I) - crypto: rsa-pkcs1pad - use constant time memory comparison for MACs - ext4: check return value of kstrtoull correctly in reserved_clusters_store - [x86] mm/pat: Don't report PAT on CPUs that don't support it - saa7134: fix warm Medion 7134 EEPROM read https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.39 - xen-netfront: Rework the fix for Rx stall during OOM and network stress - net_sched: fix error recovery at qdisc creation - net: sched: Fix one possible panic when no destroy callback - net/phy: micrel: configure intterupts after autoneg workaround - ipv6: avoid unregistering inet6_dev for loopback - net: dp83640: Avoid NULL pointer dereference. - tcp: reset sk_rx_dst in tcp_disconnect() - net: prevent sign extension in dev_get_stats() - bridge: mdb: fix leak on complete_info ptr on fail path - rocker: move dereference before free - bpf: prevent leaking pointer via xadd on unpriviledged - net: handle NAPI_GRO_FREE_STOLEN_HEAD case also in napi_frags_finish() - net/mlx5: Cancel delayed recovery work when unloading the driver - liquidio: fix bug in soft reset failure detection - net/mlx5e: Fix TX carrier errors report in get stats ndo - ipv6: dad: don't remove dynamic addresses if link is down - vxlan: fix hlist corruption - net: core: Fix slab-out-of-bounds in netdev_stats_to_stats64 - net: ipv6: Compare lwstate in detecting duplicate nexthops - vrf: fix bug_on triggered by rx when destroying a vrf - rds: tcp: use sock_create_lite() to create the accept socket - brcmfmac: Fix a memory leak in error handling path in 'brcmf_cfg80211_attach' - brcmfmac: Fix glom_skb leak in brcmf_sdiod_recv_chain - sfc: don't read beyond unicast address list - cfg80211: Define nla_policy for NL80211_ATTR_LOCAL_MESH_POWER_MODE - cfg80211: Validate frequencies nested in NL80211_ATTR_SCAN_FREQUENCIES - cfg80211: Check if PMKID attribute is of expected size - cfg80211: Check if NAN service ID is of expected size - irqchip/gic-v3: Fix out-of-bound access in gic_set_affinity - thp, mm: fix crash due race in MADV_FREE handling - kernel/extable.c: mark core_kernel_text notrace - mm/list_lru.c: fix list_lru_count_node() to be race free - fs/dcache.c: fix spin lockup issue on nlru->lock - binfmt_elf: use ELF_ET_DYN_BASE only for PIE (CVE-2017-1000370, CVE-2017-1000371) - [armel,armhf] move ELF_ET_DYN_BASE to 4MB - [arm64] move ELF_ET_DYN_BASE to 4GB / 4MB - [powerpc*] move ELF_ET_DYN_BASE to 4GB / 4MB - [s390x] reduce ELF_ET_DYN_BASE - exec: Limit arg stack to at most 75% of _STK_LIM - [arm64] dts: marvell: armada37xx: Fix timer interrupt specifiers - vt: fix unchecked __put_user() in tioclinux ioctls - rcu: Add memory barriers for NOCB leader wakeup - nvmem: core: fix leaks on registration errors - mnt: In umount propagation reparent in a separate pass - mnt: In propgate_umount handle visiting mounts in any order - mnt: Make propagate_umount less slow for overlapping mount propagation trees - selftests/capabilities: Fix the test_execve test - mm: fix overflow check in expand_upwards() - crypto: talitos - Extend max key length for SHA384/512-HMAC and AEAD - [x86] crypto: sha1-ssse3 - Disable avx2 - crypto: caam - properly set IV after {en,de}crypt - crypto: caam - fix signals handling - Revert "sched/core: Optimize SCHED_SMT" - sched/fair, cpumask: Export for_each_cpu_wrap() - sched/topology: Fix building of overlapping sched-groups - sched/topology: Optimize build_group_mask() - sched/topology: Fix overlapping sched_group_mask - PM / wakeirq: Convert to SRCU - PM / QoS: return -EINVAL for bogus strings - tracing: Use SOFTIRQ_OFFSET for softirq dectection for more accurate results - [x86] kvm: vmx: Do not disable intercepts for BNDCFGS - [x86] kvm: Guest BNDCFGS requires guest MPX support - [x86] kvm: vmx: Check value written to IA32_BNDCFGS - [x86] kvm: vmx: allow host to access guest MSR_IA32_BNDCFGS https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.40 - dm mpath: cleanup -Wbool-operation warning in choose_pgpath() - s5p-jpeg: don't return a random width/height - thermal: max77620: fix device-node reference imbalance - thermal: cpu_cooling: Avoid accessing potentially freed structures - ath9k: fix tx99 use after free - ath9k: fix tx99 bus error - ath9k: fix an invalid pointer dereference in ath9k_rng_stop() - NFC: fix broken device allocation - NFC: nfcmrvl_uart: add missing tty-device sanity check - NFC: nfcmrvl: do not use device-managed resources - NFC: nfcmrvl: use nfc-device for firmware download - NFC: nfcmrvl: fix firmware-management initialisation - nfc: Ensure presence of required attributes in the activate_target handler - nfc: Fix the sockaddr length sanitization in llcp_sock_connect - NFC: Add sockaddr length checks before accessing sa_family in bind handlers - [x86] perf intel-pt: Move decoder error setting into one condition - [x86] perf intel-pt: Improve sample timestamp - [x86] perf intel-pt: Fix missing stack clear - [x86] perf intel-pt: Ensure IP is zero when state is INTEL_PT_STATE_NO_IP - [x86] perf intel-pt: Fix last_ip usage - [x86] perf intel-pt: Ensure never to set 'last_ip' when packet 'count' is zero - [x86] perf intel-pt: Use FUP always when scanning for an IP - [x86] perf intel-pt: Clear FUP flag on error - Bluetooth: use constant time memory comparison for secret values - wlcore: fix 64K page support - btrfs: Don't clear SGID when inheriting ACLs - igb: Explicitly select page 0 at initialization - ASoC: compress: Derive substream from stream based on direction - PM / Domains: Fix unsafe iteration over modified list of device links - PM / Domains: Fix unsafe iteration over modified list of domain providers - PM / Domains: Fix unsafe iteration over modified list of domains - scsi: ses: do not add a device to an enclosure if enclosure_add_links() fails. - scsi: Add STARGET_CREATED_REMOVE state to scsi_target_state - iscsi-target: Add login_keys_workaround attribute for non RFC initiators - xen/scsiback: Fix a TMR related use-after-free - [powerpc*] pseries: Fix passing of pp0 in updatepp() and updateboltedpp() - [powerpc*/*64*] Fix atomic64_inc_not_zero() to return an int - [powerpc*] Fix emulation of mcrf in emulate_step() - [powerpc*] Fix emulation of mfocrf in emulate_step() - [powerpc*] asm: Mark cr0 as clobbered in mftb() - [powerpc*] mm/radix: Properly clear process table entry - af_key: Fix sadb_x_ipsecrequest parsing - PCI: Work around poweroff & suspend-to-RAM issue on Macbook Pro 11 - PCI: rockchip: Use normal register bank for config accessors - PCI/PM: Restore the status of PCI devices across hibernation - ipvs: SNAT packet replies only for NATed connections - xhci: fix 20000ms port resume timeout - xhci: Fix NULL pointer dereference when cleaning up streams for removed host - xhci: Bad Ethernet performance plugged in ASM1042A host - mxl111sf: Fix driver to use heap allocate buffers for USB messages - usb: storage: return on error to avoid a null pointer dereference - USB: cdc-acm: add device-id for quirky printer - usb: renesas_usbhs: fix usbhsc_resume() for !USBHSF_RUNTIME_PWCTRL - usb: renesas_usbhs: gadget: disable all eps when the driver stops - md: don't use flush_signals in userspace processes - [x86] xen: allow userspace access during hypercalls - cx88: Fix regression in initial video standard setting - libnvdimm, btt: fix btt_rw_page not returning errors - libnvdimm: fix badblock range handling of ARS range - Raid5 should update rdev->sectors after reshape - [s390x] syscalls: Fix out of bounds arguments access - drm/amd/amdgpu: Return error if initiating read out of range on vram - drm/radeon/ci: disable mclk switching for high refresh rates (v2) - drm/radeon: Fix eDP for single-display iMac10,1 (v2) - ipmi: use rcu lock around call to intf->handlers->sender() - ipmi:ssif: Add missing unlock in error branch - xfs: Don't clear SGID when inheriting ACLs - f2fs: sanity check size of nat and sit cache - f2fs: Don't clear SGID when inheriting ACLs - drm/ttm: Fix use-after-free in ttm_bo_clean_mm - ovl: drop CAP_SYS_RESOURCE from saved mounter's credentials - vfio: Fix group release deadlock - vfio: New external user group/file match - nvme-rdma: remove race conditions from IB signalling - ftrace: Fix uninitialized variable in match_records() - [mips*] Fix mips_atomic_set() retry condition - [mips*] Fix mips_atomic_set() with EVA - [mips*] Negate error syscall return in trace - ubifs: Don't leak kernel memory to the MTD - ACPI / EC: Drop EC noirq hooks to fix a regression - Revert "ACPI / EC: Enable event freeze mode..." to fix a regression - [x86] acpi: Prevent out of bound access caused by broken ACPI tables - [x86] ioapic: Pass the correct data to unmask_ioapic_irq() - [mips*] Fix MIPS I ISA /proc/cpuinfo reporting - [mips*] Save static registers before sysmips - [mips*] Actually decode JALX in `__compute_return_epc_for_insn' - [mips*] Fix unaligned PC interpretation in `compute_return_epc' - [mips*] math-emu: Prevent wrong ISA mode instruction emulation - [mips*] Send SIGILL for BPOSGE32 in `__compute_return_epc_for_insn' - [mips*] Send SIGILL for linked branches in `__compute_return_epc_for_insn' - [mips*] Send SIGILL for R6 branches in `__compute_return_epc_for_insn' - [mips*] Fix a typo: s/preset/present/ in r2-to-r6 emulation error message - Input: i8042 - fix crash at boot time - IB/iser: Fix connection teardown race condition - IB/core: Namespace is mandatory input for address resolution - sunrpc: use constant time memory comparison for mac - NFS: only invalidate dentrys that are clearly invalid. - udf: Fix deadlock between writeback and udf_setsize() - target: Fix COMPARE_AND_WRITE caw_sem leak during se_cmd quiesce - iser-target: Avoid isert_conn->cm_id dereference in isert_login_recv_done - perf annotate: Fix broken arrow at row 0 connecting jmp instruction to its target - staging: rtl8188eu: add TL-WN722N v2 support - staging: comedi: ni_mio_common: fix AO timer off-by-one regression - staging: sm750fb: avoid conflicting vesafb - staging: lustre: ko2iblnd: check copy_from_iter/copy_to_iter return code - ceph: fix race in concurrent readdir - RDMA/core: Initialize port_num in qp_attr - drm/mst: Fix error handling during MST sideband message reception - drm/mst: Avoid dereferencing a NULL mstb in drm_dp_mst_handle_up_req() - drm/mst: Avoid processing partially received up/down message transactions - mlx5: Avoid that mlx5_ib_sg_to_klms() overflows the klms[] array - hfsplus: Don't clear SGID when inheriting ACLs - ovl: fix random return value on mount - acpi/nfit: Fix memory corruption/Unregister mce decoder on failure - of: device: Export of_device_{get_modalias, uvent_modalias} to modules - spmi: Include OF based modalias in device uevent - reiserfs: Don't clear SGID when inheriting ACLs - PM / Domains: defer dev_pm_domain_set() until genpd->attach_dev succeeds if present - tracing: Fix kmemleak in instance_rmdir - alarmtimer: don't rate limit one-shot timers https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.41 - af_key: Add lock to key dump - pstore: Make spinlock per zone instead of global - net: reduce skb_warn_bad_offload() noise - jfs: Don't clear SGID when inheriting ACLs - ALSA: fm801: Initialize chip after IRQ handler is registered - ALSA: hda - Add missing NVIDIA GPU codec IDs to patch table - [powerpc*] pseries: Fix of_node_put() underflow during reconfig remove - NFS: invalidate file size when taking a lock. - NFSv4.1: Fix a race where CB_NOTIFY_LOCK fails to wake a waiter - crypto: authencesn - Fix digest_null crash - [powerpc*] KVM: Book3S HV: Enable TM before accessing TM registers - md/raid5: add thread_group worker async_tx_issue_pending_all - drm/nouveau/disp/nv50-: bump max chans to 21 - drm/nouveau/bar/gf100: fix access to upper half of BAR2 - [powerpc*] KVM: Book3S HV: Restore critical SPRs to host values on guest exit - [powerpc*] KVM: Book3S HV: Save/restore host values of debug registers - [powerpc*] Revert "powerpc/numa: Fix percpu allocations to be NUMA aware" - Staging: comedi: comedi_fops: Avoid orphaned proc entry - smp/hotplug: Move unparking of percpu threads to the control CPU - smp/hotplug: Replace BUG_ON and react useful - nfc: Fix hangup of RC-S380* in port100_send_ack() - nfc: fdp: fix NULL pointer dereference - net: phy: Do not perform software reset for Generic PHY - isdn: Fix a sleep-in-atomic bug - ath10k: fix null deref on wmi-tlv when trying spectral scan - wil6210: fix deadlock when using fw_no_recovery option - mailbox: always wait in mbox_send_message for blocking Tx mode - mailbox: skip complete wait event if timer expired - mailbox: handle empty message in tx_tick - sched/cgroup: Move sched_online_group() back into css_online() to fix crash - RDMA/uverbs: Fix the check for port number - ipmi/watchdog: fix watchdog timeout set on reboot - v4l: s5c73m3: fix negation operator - pstore: Allow prz to control need for locking - pstore: Correctly initialize spinlock and flags - pstore: Use dynamic spinlock initializer - net: skb_needs_check() accepts CHECKSUM_NONE for tx - device-dax: fix sysfs duplicate warnings - [x86] mce/AMD: Make the init code more robust - r8169: add support for RTL8168 series add-on card. - [armhf] omap2+: fixing wrong strcat for Non-NULL terminated string - dt-bindings: power/supply: Update TPS65217 properties - dt-bindings: input: Specify the interrupt number of TPS65217 power button - [armhf] dts: n900: Mark eMMC slot with no-sdio and no-sd flags - net/mlx5: Disable RoCE on the e-switch management port under switchdev mode - ipv6: Should use consistent conditional judgement for ip6 fragment between __ip6_append_data and ip6_finish_output - net/mlx4_core: Use-after-free causes a resource leak in flow-steering detach - net/mlx4: Remove BUG_ON from ICM allocation routine - net/mlx4_core: Fix raw qp flow steering rules under SRIOV - [arm64] drm/msm: Ensure that the hardware write pointer is valid - [arm64] drm/msm: Put back the vaddr in submit_reloc() - [arm64] drm/msm: Verify that MSM_SUBMIT_BO_FLAGS are set - irqchip/keystone: Fix "scheduling while atomic" on rt - ASoC: tlv320aic3x: Mark the RESET register as volatile - spi: dw: Make debugfs name unique between instances - ASoC: nau8825: fix invalid configuration in Pre-Scalar of FLL - irqchip/mxs: Enable SKIP_SET_WAKE and MASK_ON_SUSPEND - openrisc: Add _text symbol to fix ksym build error - dmaengine: ioatdma: Add Skylake PCI Dev ID - dmaengine: ioatdma: workaround SKX ioatdma version - l2tp: consider '::' as wildcard address in l2tp_ip6 socket lookup - dmaengine: ti-dma-crossbar: Add some 'of_node_put()' in error path. - usb: dwc3: omap: fix race of pm runtime with irq handler in probe - [arm64] zynqmp: Fix W=1 dtc 1.4 warnings - [arm64] zynqmp: Fix i2c node's compatible string - perf probe: Fix to get correct modname from elf header - ACPI / scan: Prefer devices without _HID/_CID for _ADR matching - usb: gadget: Fix copy/pasted error message - Btrfs: use down_read_nested to make lockdep silent - Btrfs: fix lockdep warning about log_mutex - benet: stricter vxlan offloading check in be_features_check - Btrfs: adjust outstanding_extents counter properly when dio write is split - [armhf] Xen: Zero reserved fields of xatp before making hypervisor call - tools lib traceevent: Fix prev/next_prio for deadline tasks - xfrm: Don't use sk_family for socket policy lookups - perf tools: Install tools/lib/traceevent plugins with install-bin - perf symbols: Robustify reading of build-id from sysfs - video: fbdev: cobalt_lcdfb: Handle return NULL error from devm_ioremap - vfio-pci: Handle error from pci_iomap - [arm64] mm: fix show_pte KERN_CONT fallout - nvmem: imx-ocotp: Fix wrong register size - net: usb: asix_devices: add .reset_resume for USB PM - ASoC: fsl_ssi: set fifo watermark to more reliable value - sh_eth: enable RX descriptor word 0 shift on SH7734 - ALSA: usb-audio: test EP_FLAG_RUNNING at urb completion - [x86] platform/intel-mid: Rename 'spidev' to 'mrfld_spidev' - [x86] perf: Set pmu->module in Intel PMU modules - [x86] ASoC: Intel: bytcr-rt5640: fix settings in internal clock mode - HID: ignore Petzl USB headlamp - scsi: fnic: Avoid sending reset to firmware when another reset is in progress - scsi: snic: Return error code on memory allocation failure - scsi: bfa: Increase requested firmware version to 3.2.5.1 - [x86] ASoC: Intel: Skylake: Release FW ctx in cleanup - ASoC: dpcm: Avoid putting stream state to STOP when FE stream is paused https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.42 - cgroup: create dfl_root files on subsys registration - cgroup: fix error return value from cgroup_subtree_control() - libata: array underflow in ata_find_dev() - workqueue: restore WQ_UNBOUND/max_active==1 to be ordered - iwlwifi: dvm: prevent an out of bounds access - brcmfmac: fix memleak due to calling brcmf_sdiod_sgtable_alloc() twice - NFSv4: Fix EXCHANGE_ID corrupt verifier issue - device property: Make dev_fwnode() public - mmc: core: Fix access to HS400-ES devices - mm, mprotect: flush TLB if potentially racing with a parallel reclaim leaving stale TLB entries - cpuset: fix a deadlock due to incomplete patching of cpusets_enabled() - ALSA: hda - Fix speaker output from VAIO VPCL14M1R - drm/amdgpu: Fix undue fallthroughs in golden registers initialization - ASoC: do not close shared backend dailink - KVM: async_pf: make rcu irq exit if not triggered from idle task - mm/page_alloc: Remove kernel address exposure in free_reserved_area() - timers: Fix overflow in get_next_timer_interrupt - [powerpc*] tm: Fix saving of TM SPRs in core dump - [powerpc*/*64*] Fix __check_irq_replay missing decrementer interrupt - iommu/amd: Enable ga_log_intr when enabling guest_mode - gpiolib: skip unwanted events, don't convert them to opposite edge - ext4: fix SEEK_HOLE/SEEK_DATA for blocksize < pagesize - ext4: fix overflow caused by missing cast in ext4_resize_fs() - [armhf] dts: armada-38x: Fix irq type for pca955 - media: platform: davinci: return -EINVAL for VPFE_CMD_S_CCDC_RAW_PARAMS ioctl - iscsi-target: Fix initial login PDU asynchronous socket close OOPs - mmc: dw_mmc: Use device_property_read instead of of_property_read - mmc: core: Use device_property_read instead of of_property_read - media: lirc: LIRC_GET_REC_RESOLUTION should return microseconds - f2fs: sanity check checkpoint segno and blkoff (CVE-2017-10663) - Btrfs: fix early ENOSPC due to delalloc - saa7164: fix double fetch PCIe access condition (CVE-2017-8831) - tcp_bbr: cut pacing rate only if filled pipe - tcp_bbr: introduce bbr_bw_to_pacing_rate() helper - tcp_bbr: introduce bbr_init_pacing_rate_from_rtt() helper - tcp_bbr: remove sk_pacing_rate=0 transient during init - tcp_bbr: init pacing rate on first RTT sample - ipv4: ipv6: initialize treq->txhash in cookie_v[46]_check() - net: Zero terminate ifr_name in dev_ifname(). - net: dsa: b53: Add missing ARL entries for BCM53125 - ipv4: initialize fib_trie prior to register_netdev_notifier call. - rtnetlink: allocate more memory for dev_set_mac_address() - mcs7780: Fix initialization when CONFIG_VMAP_STACK is enabled - openvswitch: fix potential out of bound access in parse_ct - packet: fix use-after-free in prb_retire_rx_blk_timer_expired() - ipv6: Don't increase IPSTATS_MIB_FRAGFAILS twice in ip6_fragment() - net: ethernet: nb8800: Handle all 4 RGMII modes identically - dccp: fix a memleak that dccp_ipv6 doesn't put reqsk properly - dccp: fix a memleak that dccp_ipv4 doesn't put reqsk properly - dccp: fix a memleak for dccp_feat_init err process - sctp: don't dereference ptr before leaving _sctp_walk_{params, errors}() - sctp: fix the check for _sctp_walk_params and _sctp_walk_errors - net/mlx5: Consider tx_enabled in all modes on remap - net/mlx5: Fix command bad flow on command entry allocation failure - net/mlx5e: Fix outer_header_zero() check size - net/mlx5e: Fix wrong delay calculation for overflow check scheduling - net/mlx5e: Schedule overflow check work to mlx5e workqueue - net: phy: Correctly process PHY_HALTED in phy_stop_machine() - xen-netback: correctly schedule rate-limited queues - wext: handle NULL extra data in iwe_stream_add_point better - sh_eth: fix EESIPR values for SH77{34|63} - sh_eth: R8A7740 supports packet shecksumming - net: phy: dp83867: fix irq generation - tg3: Fix race condition in tg3_get_stats64(). - [x86] boot: Add missing declaration of string functions - spi: spi-axi: Free resources on error path - ASoC: rt5645: set sel_i2s_pre_div1 to 2 - netfilter: use fwmark_reflect in nf_send_reset - phy state machine: failsafe leave invalid RUNNING state - ipv4: make tcp_notsent_lowat sysctl knob behave as true unsigned int - clk/samsung: exynos542x: mark some clocks as critical - scsi: qla2xxx: Get mutex lock before checking optrom_state - drm/virtio: fix framebuffer sparse warning - [armhf] dts: sunxi: Change node name for pwrseq pin on Olinuxino-lime2-emmc - iw_cxgb4: do not send RX_DATA_ACK CPLs after close/abort - nbd: blk_mq_init_queue returns an error code on failure, not NULL - virtio_blk: fix panic in initialization error path - [armel,armhf] 8632/1: ftrace: fix syscall name matching - mm, slab: make sure that KMALLOC_MAX_SIZE will fit into MAX_ORDER - lib/Kconfig.debug: fix frv build failure - signal: protect SIGNAL_UNKILLABLE from unintentional clearing. - mm: don't dereference struct page fields of invalid pages - net/mlx5: E-Switch, Re-enable RoCE on mode change only after FDB destroy - net: phy: Fix PHY unbind crash - workqueue: implicit ordered attribute should be overridable https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.43 - ppp: Fix false xmit recursion detect with two ppp devices - ppp: fix xmit recursion detection on ppp channels - tcp: avoid setting cwnd to invalid ssthresh after cwnd reduction states - net: fix keepalive code vs TCP_FASTOPEN_CONNECT - [s390x] bpf: fix jit branch offset related to ldimm64 - net/mlx4_en: don't set CHECKSUM_COMPLETE on SCTP packets - net: sched: set xt_tgchk_param par.nft_compat as 0 in ipt_init_target - tcp: fastopen: tcp_connect() must refresh the route - net: avoid skb_warn_bad_offload false positives on UFO - igmp: Fix regression caused by igmp sysctl namespace code. - packet: fix tp_reserve race in packet_set_ring (CVE-2017-1000111) - udp: consistently apply ufo or fragmentation (CVE-2017-1000112) - [armhf,arm64] KVM: Handle hva aging while destroying the vm https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.44 - mm: ratelimit PFNs busy info message - mm: fix list corruptions on shmem shrinklist - futex: Remove unnecessary warning from get_futex_key - mtd: nand: Fix timing setup for NANDs that do not support SET FEATURES - iscsi-target: fix memory leak in iscsit_setup_text_cmd() - iscsi-target: Fix iscsi_np reset hung task during parallel delete - target: Fix node_acl demo-mode + uncached dynamic shutdown regression - fuse: initialize the flock flag in fuse_file on allocation - nand: fix wrong default oob layout for small pages using soft ecc - mmc: mmc: correct the logic for setting HS400ES signal voltage - nfs/flexfiles: fix leak of nfs4_ff_ds_version arrays - drm/etnaviv: Fix off-by-one error in reloc checking - [x86] drm/i915: Fix out-of-bounds array access in bdw_load_gamma_lut - USB: serial: option: add D-Link DWM-222 device ID - USB: serial: cp210x: add support for Qivicon USB ZigBee dongle - USB: serial: pl2303: add new ATEN device id - usb: musb: fix tx fifo flush handling again - USB: hcd: Mark secondary HCD as dead if the primary one died - staging:iio:resolver:ad2s1210 fix negative IIO_ANGL_VEL read - iio: accel: bmc150: Always restore device to normal mode after suspend-resume - iio: light: tsl2563: use correct event code - staging: comedi: comedi_fops: do not call blocking ops when !TASK_RUNNING - uas: Add US_FL_IGNORE_RESIDUE for Initio Corporation INIC-3069 - usb: gadget: udc: renesas_usb3: Fix usb_gadget_giveback_request() calling - usb: renesas_usbhs: Fix UGCTRL2 value for R-Car Gen3 - USB: Check for dropped connection before switching to full speed - usb: core: unlink urbs from the tail of the endpoint's urb_list - usb: quirks: Add no-lpm quirk for Moshi USB to Ethernet Adapter - usb:xhci:Add quirk for Certain failing HP keyboard on reset after resume - iio: adc: vf610_adc: Fix VALT selection value for REFSEL bits - pnfs/blocklayout: require 64-bit sector_t - [armhf] pinctrl: sunxi: add a missing function of A10/A20 pinctrl driver - [x86] pinctrl: intel: merrifield: Correct UART pin lists - [armhf] pinctrl: samsung: Remove bogus irq_[un]mask from resource management - [arm64] pinctrl: meson-gxbb: Add missing GPIODV_18 pin entry https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.45 - netfilter: nf_ct_ext: fix possible panic after nf_ct_extend_unregister - audit: Fix use after free in audit_remove_watch_rule() - [x86] crypto: sha1 - Fix reads beyond the number of blocks passed - Input: elan_i2c - add ELAN0608 to the ACPI table - Input: elan_i2c - Add antoher Lenovo ACPI ID for upcoming Lenovo NB - ALSA: seq: 2nd attempt at fixing race creating a queue - ALSA: usb-audio: Apply sample rate quirk to Sennheiser headset - ALSA: usb-audio: Add mute TLV for playback volumes on C-Media devices - mm: discard memblock data later - mm: fix double mmap_sem unlock on MMF_UNSTABLE enforced SIGBUS - mm/mempolicy: fix use after free when calling get_mempolicy - [amd64,arm64] mm: revert x86_64 and arm64 ELF_ET_DYN_BASE base changes - xen: fix bio vec merging (CVE-2017-12134) (Closes: #866511) - blk-mq-pci: add a fallback when pci_irq_get_affinity returns NULL - [powerpc*] Fix VSX enabling/flushing to also test MSR_FP and MSR_VEC - xen-blkfront: use a right index when checking requests - [amd64] asm: Clear AC on NMI entries - genirq: Restore trigger settings in irq_modify_status() - genirq/ipi: Fixup checks against nr_cpu_ids - Sanitize 'move_pages()' permission checks - pids: make task_tgid_nr_ns() safe - usb: optimize acpi companion search for usb port devices - usb: qmi_wwan: add D-Link DWM-222 device ID https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.46 - af_key: do not use GFP_KERNEL in atomic contexts - dccp: purge write queue in dccp_destroy_sock() - dccp: defer ccid_hc_tx_delete() at dismantle time - ipv4: fix NULL dereference in free_fib_info_rcu() - net_sched/sfq: update hierarchical backlog when drop packet - net_sched: remove warning from qdisc_hash_add - bpf: fix bpf_trace_printk on 32 bit archs - openvswitch: fix skb_panic due to the incorrect actions attrlen - ptr_ring: use kmalloc_array() - ipv4: better IP_MAX_MTU enforcement - nfp: fix infinite loop on umapping cleanup - sctp: fully initialize the IPv6 address in sctp_v6_to_addr() - tipc: fix use-after-free - ipv6: reset fn->rr_ptr when replacing route - ipv6: repair fib6 tree in failure case - tcp: when rearming RTO, if RTO time is in past then fire RTO ASAP - net/mlx4_core: Enable 4K UAR if SRIOV module parameter is not enabled - irda: do not leak initialized list.dev to userspace - net: sched: fix NULL pointer dereference when action calls some targets - net_sched: fix order of queue length updates in qdisc_replace() - bpf, verifier: add additional patterns to evaluate_reg_imm_alu - bpf: adjust verifier heuristics - bpf, verifier: fix alu ops against map_value{, _adj} register types - bpf: fix mixed signed/unsigned derived min/max value bounds - bpf/verifier: fix min/max handling in BPF_SUB - Input: trackpoint - add new trackpoint firmware ID - Input: elan_i2c - add ELAN0602 ACPI ID to support Lenovo Yoga310 - Input: ALPS - fix two-finger scroll breakage in right side on ALPS touchpad - [s390x] KVM: sthyi: fix sthyi inline assembly - [s390x] KVM: sthyi: fix specification exception detection - [x86] KVM: block guest protection keys unless the host has them enabled - ALSA: usb-audio: Add delay quirk for H650e/Jabra 550a USB headsets - ALSA: core: Fix unexpected error at replacing user TLV - ALSA: hda - Add stereo mic quirk for Lenovo G50-70 (17aa:3978) - ALSA: firewire: fix NULL pointer dereference when releasing uninitialized data of iso-resource - mm, shmem: fix handling /sys/kernel/mm/transparent_hugepage/shmem_enabled - i2c: designware: Fix system suspend - mm/madvise.c: fix freeing of locked page with MADV_FREE - fork: fix incorrect fput of ->exe_file causing use-after-free - mm/memblock.c: reversed logic in memblock_discard() - drm: Release driver tracking before making the object available again - drm/atomic: If the atomic check fails, return its value first - tracing: Call clear_boot_tracer() at lateinit_sync - tracing: Fix kmemleak in tracing_map_array_free() - tracing: Fix freeing of filter in create_filter() when set_str is false - kbuild: linker script do not match C names unless LD_DEAD_CODE_DATA_ELIMINATION is configured - cifs: Fix df output for users with quota limits - cifs: return ENAMETOOLONG for overlong names in cifs_open()/cifs_lookup() - nfsd: Limit end of page list when decoding NFSv4 WRITE - ftrace: Check for null ret_stack on profile function graph entry function - perf/core: Fix group {cpu,task} validation - perf probe: Fix --funcs to show correct symbols for offline module - [x86] perf/intel/rapl: Make package handling more robust - timers: Fix excessive granularity of new timers after a nohz idle - [x86] mm: Fix use-after-free of ldt_struct - net: sunrpc: svcsock: fix NULL-pointer exception - Revert "leds: handle suspend/resume in heartbeat trigger" - netfilter: nat: fix src map lookup - Bluetooth: hidp: fix possible might sleep error in hidp_session_thread - Bluetooth: cmtp: fix possible might sleep error in cmtp_session - Bluetooth: bnep: fix possible might sleep error in bnep_session - iio: imu: adis16480: Fix acceleration scale factor for adis16480 - iio: hid-sensor-trigger: Fix the race with user space powering up sensors - staging: rtl8188eu: add RNX-N150NUB support - Clarify (and fix) MAX_LFS_FILESIZE macros - ntb_transport: fix qp count bug - ntb_transport: fix bug calculating num_qps_mw - NTB: ntb_test: fix bug printing ntb_perf results - ntb: no sleep in ntb_async_tx_submit - ntb: ntb_test: ensure the link is up before trying to configure the mws - ntb: transport shouldn't disable link due to bogus values in SPADs - ACPI: ioapic: Clear on-stack resource before using it - ACPI / APEI: Add missing synchronize_rcu() on NOTIFY_SCI removal - ACPI: EC: Fix regression related to wrong ECDT initialization order - [powerpc*] mm: Ensure cpumask update is ordered https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.47 - p54: memset(0) whole array - [armhf,arm64] kvm: Fix race in resetting stage2 PGD - [arm64] mm: abort uaccess retries upon fatal signal - [arm64] fpsimd: Prevent registers leaking across exec - scsi: sg: protect accesses to 'reserved' page array - scsi: sg: reset 'res_in_use' after unlinking reserved array [ Ben Hutchings ] * [x86] KVM: fix singlestepping over syscall (CVE-2017-7518) * xfrm: policy: check policy direction value (CVE-2017-11600) * [armhf] udeb: Add sunxi_wdt to kernel-image (Closes: #866130) * udeb: Add dm-raid to md-modules (Closes: #868251) * [arm64] sound: Enable SND_HDA_INTEL as module (Closes: #867611) * [x86] ideapad-laptop: Add various IdeaPad models to no_hw_rfkill list (Closes: #866706) * firmware: dmi: Add DMI_PRODUCT_FAMILY identification string * firmware: dmi: Avoid ABI break for DMI_PRODUCT_FAMILY * [x86] pinctrl: cherryview: Extend the Chromebook DMI quirk to Intel_Strago systems (Closes: #862723) * [armhf] Add ARM Mali Midgard device tree bindings and gpu node for rk3288 (thanks to Guillaume Tucker) (Closes: #865646) * workqueue: Fix flag collision * Bump ABI to 4 * [mips*el/loongson-3] Select MIPS_L1_CACHE_SHIFT_6 (deferred from 4.9.30) * [rt] Update to 4.9.47-rt37: - sched: Prevent task state corruption by spurious lock wakeup - sched: Remove TASK_ALL - kernel/locking: use an exclusive wait_q for sleepers - sched/migrate disable: handle updated task-mask mg-dis section [ Cyril Brulebois ] * [arm64,armhf] udeb: Ship usb3503 module in usb-modules, needed for e.g. Arndale development boards, thanks to Wei Liu (Closes: #865645). -- Ben Hutchings Sun, 10 Sep 2017 04:30:59 +0100 linux (4.9.30-2+deb9u5) stretch-security; urgency=medium * [amd64] mm: revert ELF_ET_DYN_BASE base changes (fixes regression of ASan) -- Ben Hutchings Tue, 19 Sep 2017 02:34:05 +0100 linux (4.9.30-2+deb9u4) stretch-security; urgency=high * [x86] KVM: fix singlestepping over syscall (CVE-2017-7518) * binfmt_elf: use ELF_ET_DYN_BASE only for PIE (CVE-2017-1000370, CVE-2017-1000371) * ALSA: timer: Fix race between read and ioctl (CVE-2017-1000380) * ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT (CVE-2017-1000380) * xfrm: policy: check policy direction value (CVE-2017-11600) * packet: fix tp_reserve race in packet_set_ring (CVE-2017-1000111) * ipv6: Should use consistent conditional judgement for ip6 fragment between __ip6_append_data and ip6_finish_output * udp: consistently apply ufo or fragmentation (CVE-2017-1000112) * sctp: Avoid out-of-bounds reads from address storage (CVE-2017-7558) * xen: fix bio vec merging (CVE-2017-12134) (Closes: #866511) * driver core: platform: fix race condition with driver_override (CVE-2017-12146) * nl80211: check for the required netlink attributes presence (CVE-2017-12153) * [x86] kvm: nVMX: Don't allow L2 to access the hardware CR8 (CVE-2017-12154) * scsi: qla2xxx: Fix an integer overflow in sysfs code (CVE-2017-14051) * tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0 (CVE-2017-14106) * Sanitize 'move_pages()' permission checks (CVE-2017-14140) * video: fbdev: aty: do not leak uninitialized padding in clk to userspace (CVE-2017-14156) * xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present (CVE-2017-14340) * scsi: fix the issue that iscsi_if_rx doesn't parse nlmsg properly (CVE-2017-14489) * packet: Don't write vnet header beyond end of buffer (CVE-2017-14497) * Bluetooth: Properly check L2CAP config option output buffer length (CVE-2017-1000251) (Closes: #875881) * [x86] KVM: VMX: Do not BUG() on out-of-bounds guest IRQ (CVE-2017-1000252) -- Ben Hutchings Mon, 18 Sep 2017 16:40:43 +0100 linux (4.9.30-2+deb9u3) stretch-security; urgency=high * [x86] drm/vmwgfx: limit the number of mip levels in vmw_gb_surface_define_ioctl() (CVE-2017-7346) * rxrpc: Fix several cases where a padded len isn't checked in ticket decode (CVE-2017-7482) * brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx() (CVE-2017-7541) * ipv6: avoid overflow of offset in ip6_find_1stfragopt (CVE-2017-7542) * [x86] drm/vmwgfx: Make sure backup_handle is always valid (CVE-2017-9605) * drm/virtio: don't leak bo on drm_gem_object_init failure (CVE-2017-10810) * xen-blkback: don't leak stack data via response ring (CVE-2017-10911) * mqueue: fix a use-after-free in sys_mq_notify() (CVE-2017-11176) * fs/exec.c: account for argv/envp pointers (CVE-2017-1000365) * dentry name snapshots (CVE-2017-7533) -- Salvatore Bonaccorso Sun, 06 Aug 2017 06:24:47 +0200 linux (4.9.30-2+deb9u2) stretch-security; urgency=high * Revert changes in version 4.9.30-2+deb9u1 (Closes: #865303) * mm: larger stack guard gap, between vmas (CVE-2017-1000364) * mm: fix new crash in unmapped_area_topdown() -- Ben Hutchings Mon, 26 Jun 2017 16:27:47 +0100 linux (4.9.30-2+deb9u1) stretch-security; urgency=high * mm: enlarge stack guard gap (CVE-2017-1000364) * mm: allow to configure stack gap size * mm, proc: cap the stack gap for unpopulated growing vmas * mm, proc: drop priv parameter from is_stack * mm: do not collapse stack gap into THP * fold me "mm: allow to configure stack gap size" -- Salvatore Bonaccorso Sun, 18 Jun 2017 10:14:32 +0200 linux (4.9.30-2) unstable; urgency=high * [x86] Enable SERIAL_8250_MID as built-in (Closes: #864368) * Fix bugs introduced by original fix for CVE-2017-9074: - ipv6: Check ip6_find_1stfragopt() return value properly. - ipv6: xfrm: Handle errors reported by xfrm6_find_1stfragopt() - ipv6: Fix leak in ipv6_gso_segment(). * Revert "uapi: fix linux/if.h userspace compilation errors" (see #864269) * [armhf] udeb: Add axp20x_usb_power to kernel-image; add i2c-modules package including i2c-mv64xxx and i2c-rk3x (thanks to Karsten Merker) (Closes: #856111) * NFSv4.x/callback: Create the callback service through svc_create_pooled (Closes: #862357) -- Ben Hutchings Mon, 12 Jun 2017 16:24:30 +0100 linux (4.9.30-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.26 - [arm64] Revert "mmc: sdhci-msm: Enable few quirks" - ping: implement proper locking - [sparc64] kern_addr_valid regression - [sparc64] Fix kernel panic due to erroneous #ifdef surrounding pmd_write() - net: neigh: guard against NULL solicit() method - net: phy: handle state correctly in phy_stop_machine - bpf: improve verifier packet range checks - net/mlx5: Avoid dereferencing uninitialized pointer - l2tp: hold tunnel socket when handling control frames in l2tp_ip and l2tp_ip6 - l2tp: purge socket queues in the .destruct() callback - net/packet: fix overflow in check for tp_frame_nr - net/packet: fix overflow in check for tp_reserve - l2tp: take reference on sessions being dumped - l2tp: fix PPP pseudo-wire auto-loading - net: ipv4: fix multipath RTM_GETROUTE behavior when iif is given - sctp: listen on the sock only when it's state is listening or closed - tcp: clear saved_syn in tcp_disconnect() - ipv6: Fix idev->addr_list corruption - net-timestamp: avoid use-after-free in ip_recv_error - net: vrf: Fix setting NLM_F_EXCL flag when adding l3mdev rule - dp83640: don't recieve time stamps twice - gso: Validate assumption of frag_list segementation - net: ipv6: RTF_PCPU should not be settable from userspace - netpoll: Check for skb->queue_mapping - ip6mr: fix notification device destruction - net/mlx5: Fix driver load bad flow when having fw initializing timeout - net/mlx5e: Fix small packet threshold - net/mlx5e: Fix ETHTOOL_GRXCLSRLALL handling - macvlan: Fix device ref leak when purging bc_queue - net: ipv6: regenerate host route if moved to gc list - net: phy: fix auto-negotiation stall due to unavailable interrupt - ipv6: check skb->protocol before lookup for nexthop - tcp: memset ca_priv data to 0 properly - ipv6: check raw payload size correctly in ioctl - ALSA: oxfw: fix regression to handle Stanton SCS.1m/1d - ALSA: firewire-lib: fix inappropriate assignment between signed/unsigned type - ALSA: seq: Don't break snd_use_lock_sync() loop by timeout - [mips*] KGDB: Use kernel context for sleeping threads - [mips*] Avoid BUG warning in arch_check_elf - p9_client_readdir() fix - [x86] ASoC: intel: Fix PM and non-atomic crash in bytcr drivers - Input: i8042 - add Clevo P650RS to the i8042 reset list - nfsd: check for oversized NFSv2/v3 arguments - nfsd4: minor NFSv2/v3 write decoding cleanup - nfsd: stricter decoding of write-like NFSv2/v3 ops - ceph: fix recursion between ceph_set_acl() and __ceph_setattr() - macsec: avoid heap overflow in skb_to_sgvec - net: can: usb: gs_usb: Fix buffer on stack - [x86] ftrace: Fix triple fault with graph tracing and suspend-to-ram https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.27 - timerfd: Protect the might cancel mechanism proper - Handle mismatched open calls - [x86] tpm_tis: use default timeout value if chip reports it as zero - scsi: storvsc: Workaround for virtual DVD SCSI version - [powerpc, x86] hwmon: (it87) Avoid registering the same chip on both SIO addresses - 8250_pci: Fix potential use-after-free in error path - ceph: try getting buffer capability for readahead/fadvise - cpu/hotplug: Serialize callback invocations proper - dm ioctl: prevent stack leak in dm ioctl call https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.28 - 9p: fix a potential acl leak - hwmon: (it87) Fix pwm4 detection for IT8620 and IT8628 - [x86] tpm: fix RC value check in tpm2_seal_trusted - [x86] tmp: use pdev for parent device in tpm_chip_alloc - cpupower: Fix turbo frequency reporting for pre-Sandy Bridge cores - [powerpc*] mm: Fixup wrong LPCR_VRMASD value - [powerpc*] powernv: Fix opal_exit tracepoint opcode - [powerpc*] Correctly disable latent entropy GCC plugin on prom_init.o - [x86] perf/x86/intel/pt: Add format strings for PTWRITE and power event tracing - [arm64] dts: r8a7795: Mark EthernetAVB device node disabled - [arm64] dts: qcom: Fix ipq board clock rates - [arm64] Improve detection of user/non-user mappings in set_pte(_at) - [armhf] OMAP5 / DRA7: Fix HYP mode boot for thumb2 build - [armhf] dts: sun7i: lamobo-r1: Fix CPU port RGMII settings - mwifiex: debugfs: Fix (sometimes) off-by-1 SSID print - mwifiex: remove redundant dma padding in AMSDU - mwifiex: Avoid skipping WEP key deletion for AP - iwlwifi: fix MODULE_FIRMWARE for 6030 - iwlwifi: mvm: don't restart HW if suspend fails with unified image - iwlwifi: mvm: overwrite skb info later - iwlwifi: pcie: don't increment / decrement a bool - iwlwifi: pcie: trans: Remove unused 'shift_param' - iwlwifi: pcie: fix the set of DMA memory mask - iwlwifi: mvm: fix reorder timer re-arming - iwlwifi: mvm: Use aux queue for offchannel frames in dqa - iwlwifi: mvm/pcie: adjust A-MSDU tx_cmd length in PCIe - iwlwifi: mvm: fix pending frame counter calculation - iwlwifi: mvm: fix references to first_agg_queue in DQA mode - iwlwifi: mvm: synchronize firmware DMA paging memory - iwlwifi: mvm: writing zero bytes to debugfs causes a crash - [x86] ioapic: Restore IO-APIC irq_chip retrigger callback - [amd64] x86/pci-calgary: Fix iommu_free() comparison of unsigned expression >= 0 - [x86] kprobes/x86: Fix kernel panic when certain exception- handling addresses are probed - [x86] platform/intel-mid: Correct MSI IRQ line for watchdog device - [x86] KVM: nVMX: initialize PML fields in vmcs02 - [x86] KVM: nVMX: do not leak PML full vmexit to L1 - [arm64, armhf] usb: dwc2: host: use msleep() for long delay - [armhf] usb: host: ehci-exynos: Decrese node refcount on exynos_ehci_get_phy() error paths - [armhf] usb: host: ohci-exynos: Decrese node refcount on exynos_ehci_get_phy() error paths - [arm64, armhf] usb: chipidea: Only read/write OTGSC from one place - [arm64, armhf] usb: chipidea: Handle extcon events properly - USB: serial: keyspan_pda: fix receive sanity checks - USB: serial: digi_acceleport: fix incomplete rx sanity check - USB: serial: ssu100: fix control-message error handling - USB: serial: io_edgeport: fix epic-descriptor handling - USB: serial: ti_usb_3410_5052: fix control-message error handling - USB: serial: ark3116: fix open error handling - USB: serial: ftdi_sio: fix latency-timer error handling - USB: serial: quatech2: fix control-message error handling - USB: serial: mct_u232: fix modem-status error handling - USB: serial: io_edgeport: fix descriptor error handling - [armhf] clk: rockchip: add "," to mux_pll_src_apll_dpll_gpll_usb480m_p on rk3036 - phy: qcom-usb-hs: Add depends on EXTCON - scsi: qla2xxx: Fix crash in qla2xxx_eh_abort on bad ptr - scsi: mac_scsi: Fix MAC_SCSI=m option when SCSI=m - scsi: smartpqi: fix time handling - [mips*] R2-on-R6 MULTU/MADDU/MSUBU emulation bugfix - brcmfmac: Ensure pointer correctly set if skb data location changes - brcmfmac: Make skb header writable before use - [x86] staging/lustre/llite: move root_squash from sysfs to debugfs - [x86] staging: wlan-ng: add missing byte order conversion - ALSA: hda - Fix deadlock of controller device lock at unbinding - [sparc64] fix fault handling in NGbzero.S and GENbzero.S - macsec: dynamically allocate space for sglist - tcp: do not underestimate skb->truesize in tcp_trim_head() - bpf: enhance verifier to understand stack pointer arithmetic - [arm64] bpf: fix jit branch offset related to ldimm64 - tcp: fix wraparound issue in tcp_lp - net: ipv6: Do not duplicate DAD on link up - net: usb: qmi_wwan: add Telit ME910 support - tcp: do not inherit fastopen_req from parent - ipv4, ipv6: ensure raw socket message is big enough to hold an IP header - rtnetlink: NUL-terminate IFLA_PHYS_PORT_NAME string - ipv6: initialize route null entry in addrconf_init() - ipv6: reorder ip6_route_dev_notifier after ipv6_dev_notf - bnxt_en: allocate enough space for ->ntp_fltr_bmap - bpf: don't let ldimm64 leak map addresses on unprivileged (CVE-2017-9150) - f2fs: sanity check segment count - xen: Revert commits da72ff5bfcb0 and 72a9b186292d - [arm64, armhf] wlcore: Pass win_size taken from ieee80211_sta to FW - [arm64, armhf] wlcore: Add RX_BA_WIN_SIZE_CHANGE_EVENT event - drm/ttm: fix use-after-free races in vm fault handling - block: get rid of blk_integrity_revalidate() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.29 - [x86] xen: adjust early dom0 p2m handling to xen hypervisor behavior - target: Fix compare_and_write_callback handling for non GOOD status - target/fileio: Fix zero-length READ and WRITE handling - iscsi-target: Set session_fall_back_to_erl0 when forcing reinstatement - usb: xhci: bInterval quirk for TI TUSB73x0 - usb: host: xhci: print correct command ring address - USB: Proper handling of Race Condition when two USB class drivers try to call init_usb_class simultaneously - USB: Revert "cdc-wdm: fix "out-of-sync" due to missing notifications" - [x86] staging: vt6656: use off stack for in buffer USB transfers. - [x86] staging: vt6656: use off stack for out buffer USB transfers. - [x86] staging: comedi: jr3_pci: fix possible null pointer dereference - [x86] staging: comedi: jr3_pci: cope with jiffies wraparound - usb: misc: add missing continue in switch - usb: gadget: legacy gadgets are optional - usb: Make sure usb/phy/of gets built-in - usb: hub: Fix error loop seen after hub communication errors - usb: hub: Do not attempt to autosuspend disconnected devices - [x86] boot: Fix BSS corruption/overwrite bug in early x86 kernel startup - [amd64] pmem: Fix cache flushing for iovec write < 8 bytes - [x86] perf: Fix Broadwell-EP DRAM RAPL events - [x86] KVM: fix user triggerable warning in kvm_apic_accept_events() - [armhf,arm64] KVM: fix races in kvm_psci_vcpu_on - [arm64] KVM: Fix decoding of Rt/Rt2 when trapping AArch32 CP accesses - block: fix blk_integrity_register to use template's interval_exp if not 0 - crypto: algif_aead - Require setkey before accept(2) - [x86] crypto: ccp - Use only the relevant interrupt bits - [x86] crypto: ccp - Disable interrupts early on unload - [x86] crypto: ccp - Change ISR handler method for a v3 CCP - [x86] crypto: ccp - Change ISR handler method for a v5 CCP - dm era: save spacemap metadata root after the pre-commit - dm rq: check blk_mq_register_dev() return value in dm_mq_init_request_queue() - dm thin: fix a memory leak when passing discard bio down - vfio/type1: Remove locked page accounting workqueue - iov_iter: don't revert iov buffer if csum error - IB/core: Fix sysfs registration error flow - IB/core: For multicast functions, verify that LIDs are multicast LIDs - IB/IPoIB: ibX: failed to create mcg debug file - IB/mlx4: Fix ib device initialization error flow - IB/mlx4: Reduce SRIOV multicast cleanup warning message to debug level - IB/hfi1: Prevent kernel QP post send hard lockups - perf auxtrace: Fix no_size logic in addr_filter__resolve_kernel_syms() - ext4: evict inline data when writing to memory map - fs/xattr.c: zero out memory copied to userspace in getxattr - ceph: fix memory leak in __ceph_setxattr() - fs/block_dev: always invalidate cleancache in invalidate_bdev() - mm: prevent potential recursive reclaim due to clearing PF_MEMALLOC - Fix match_prepath() - Set unicode flag on cifs echo request to avoid Mac error - SMB3: Work around mount failure when using SMB3 dialect to Macs - CIFS: fix mapping of SFM_SPACE and SFM_PERIOD - cifs: fix leak in FSCTL_ENUM_SNAPS response handling - cifs: fix CIFS_ENUMERATE_SNAPSHOTS oops - CIFS: fix oplock break deadlocks - cifs: fix CIFS_IOC_GET_MNT_INFO oops - CIFS: add misssing SFM mapping for doublequote - padata: free correct variable - device-dax: fix cdev leak - fscrypt: fix context consistency check when key(s) unavailable - [armhf] serial: samsung: Use right device for DMA-mapping calls - [armhf] serial: omap: fix runtime-pm handling on unbind - [armhf] serial: omap: suspend device on probe errors - tty: pty: Fix ldisc flush after userspace become aware of the data already - Bluetooth: Fix user channel for 32bit userspace on 64bit kernel - Bluetooth: hci_bcm: add missing tty-device sanity check - Bluetooth: hci_intel: add missing tty-device sanity check - ipmi: Fix kernel panic at ipmi_ssif_thread() - libnvdimm, region: fix flush hint detection crash - libnvdimm, pmem: fix a NULL pointer BUG in nd_pmem_notify - libnvdimm, pfn: fix 'npfns' vs section alignment - [powerpc*/*64*] pstore: Fix flags to enable dumps on powerpc - pstore: Shut down worker when unregistering https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.30 - usb: misc: legousbtower: Fix buffers on stack - usb: misc: legousbtower: Fix memory leak - USB: ene_usb6250: fix DMA to the stack - watchdog: pcwd_usb: fix NULL-deref at probe - char: lp: fix possible integer overflow in lp_setup() (CVE-2017-1000363) - USB: core: replace %p with %pK - tpm_tis_core: Choose appropriate timeout for reading burstcount - ALSA: hda: Fix cpu lockup when stopping the cmd dmas - [armhf] tegra: paz00: Mark panel regulator as enabled on boot - fanotify: don't expose EOPENSTALE to userspace - tpm_tis_spi: Use single function to transfer data - tpm_tis_spi: Abort transfer when too many wait states are signaled - tpm_tis_spi: Check correct byte for wait state indicator - tpm_tis_spi: Remove limitation of transfers to MAX_SPI_FRAMESIZE bytes - tpm_tis_spi: Add small delay after last transfer - tpm: msleep() delays - replace with usleep_range() in i2c nuvoton driver - tpm: add sleep only for retry in i2c_nuvoton_write_status() - tpm_crb: check for bad response size - mlx5: Fix mlx5_ib_map_mr_sg mr length - infiniband: call ipv6 route lookup via the stub interface - dm btree: fix for dm_btree_find_lowest_key() - dm raid: select the Kconfig option CONFIG_MD_RAID0 - dm bufio: avoid a possible ABBA deadlock - dm bufio: check new buffer allocation watermark every 30 seconds - dm mpath: split and rename activate_path() to prepare for its expanded use - dm cache metadata: fail operations if fail_io mode has been established - dm bufio: make the parameter "retain_bytes" unsigned long - dm thin metadata: call precommit before saving the roots - dm space map disk: fix some book keeping in the disk space map - md: update slab_cache before releasing new stripes when stripes resizing - md: MD_CLOSING needs to be cleared after called md_set_readonly or do_md_stop - rtlwifi: rtl8821ae: setup 8812ae RFE according to device type - mwifiex: MAC randomization should not be persistent - mwifiex: pcie: fix cmd_buf use-after-free in remove/reset - ima: accept previously set IMA_NEW_FILE - [x86] KVM: Fix load damaged SSEx MXCSR register - [x86] KVM: Fix potential preemption when get the current kvmclock timestamp - [x86] KVM: Fix read out-of-bounds vulnerability in kvm pio emulation - [i386] fix 32-bit case of __get_user_asm_u64() - [armhf] regulator: rk808: Fix RK818 LDO2 - [s390x] kdump: Add final note - [s390x] cputime: fix incorrect system time - ath9k_htc: Add support of AirTies 1eda:2315 AR9271 device - ath9k_htc: fix NULL-deref at probe - [x86] drm/amdgpu: Make display watermark calculations more accurate - [x86] drm/amdgpu: Avoid overflows/divide-by-zero in latency_watermark calculations. - [x86] drm/amdgpu: Add missing lb_vblank_lead_lines setup to DCE-6 path. - drm/nouveau/therm: remove ineffective workarounds for alarm bugs - drm/nouveau/tmr: ack interrupt before processing alarms - drm/nouveau/tmr: fix corruption of the pending list when rescheduling an alarm - drm/nouveau/tmr: avoid processing completed alarms when adding a new one - drm/nouveau/tmr: handle races with hw when updating the next alarm time - [armhf] gpio: omap: return error if requested debounce time is not possible - cdc-acm: fix possible invalid access when processing notification - ohci-pci: add qemu quirk - [powerpc*] cxl: Force context lock during EEH flow - [powerpc*] cxl: Route eeh events to all drivers in cxl_pci_error_detected() - proc: Fix unbalanced hard link numbers - of: fix sparse warning in of_pci_range_parser_one - of: fix "/cpus" reference leak in of_numa_parse_cpu_nodes() - of: fdt: add missing allocation-failure check - [powerpc*/*64*] ibmvscsis: Do not send aborted task response - [x86] IIO: bmp280-core.c: fix error in humidity calculation - IB/hfi1: Return an error on memory allocation failure - IB/hfi1: Fix a subcontext memory leak - pid_ns: Sleep in TASK_INTERRUPTIBLE in zap_pid_ns_processes - pid_ns: Fix race between setns'ed fork() and zap_pid_ns_processes() - USB: serial: ftdi_sio: fix setting latency for unprivileged users - USB: serial: ftdi_sio: add Olimex ARM-USB-TINY(H) PIDs - USB: chaoskey: fix Alea quirk on big-endian hosts - f2fs: check entire encrypted bigname when finding a dentry - fscrypt: avoid collisions when presenting long encrypted filenames - libnvdimm: fix clear length of nvdimm_forget_poison() - xhci: remove GFP_DMA flag from allocation - usb: host: xhci-plat: propagate return value of platform_get_irq() - xhci: apply PME_STUCK_QUIRK and MISSING_CAS quirk for Denverton - usb: host: xhci-mem: allocate zeroed Scratchpad Buffer - net: irda: irda-usb: fix firmware name on big-endian hosts - usbvision: fix NULL-deref at probe - mceusb: fix NULL-deref at probe - ttusb2: limit messages to buffer size - [armhf,arm64] usb: dwc3: gadget: Prevent losing events in event cache - [armhf] usb: musb: tusb6010_omap: Do not reset the other direction's packet size - [armhf] usb: musb: Fix trying to suspend while active for OTG configurations - USB: iowarrior: fix info ioctl on big-endian hosts - usb: serial: option: add Telit ME910 support - USB: serial: qcserial: add more Lenovo EM74xx device IDs - USB: serial: mct_u232: fix big-endian baud-rate handling - USB: serial: io_ti: fix div-by-zero in set_termios - USB: hub: fix SS hub-descriptor handling - USB: hub: fix non-SS hub-descriptor handling - ipx: call ipxitf_put() in ioctl error path (CVE-2017-7487) - iio: hid-sensor: Store restore poll and hysteresis on S3 - gspca: konica: add missing endpoint sanity check - dib0700: fix NULL-deref at probe - zr364xx: enforce minimum size when reading header - dvb-frontends/cxd2841er: define symbol_rate_min/max in T/C fe-ops - digitv: limit messages to buffer size - dw2102: limit messages to buffer size - cx231xx-audio: fix init error path - cx231xx-audio: fix NULL-deref at probe - cx231xx-cards: fix NULL-deref at probe - [powerpc*] mm: Ensure IRQs are off in switch_mm() - [powerpc*] eeh: Avoid use after free in eeh_handle_special_event() - [powerpc*] book3s/mce: Move add_taint() later in virtual mode - [powerpc*] pseries: Fix of_node_put() underflow during DLPAR remove - [powerpc*] iommu: Do not call PageTransHuge() on tail pages - [powerpc*] tm: Fix FP and VMX register corruption - [arm64] KVM: Do not use stack-protector to compile EL2 code - [armhf] KVM: Do not use stack-protector to compile HYP code - [armhf] KVM: plug potential guest hardware debug leakage - [armel,armhf] 8662/1: module: split core and init PLT sections - [armhf] dts: imx6sx-sdb: Remove OPP override - [arm64] dts: hi6220: Reset the mmc hosts - [arm64] xchg: hazard against entire exchange variable - [arm64] ensure extension of smp_store_release value - [arm64] armv8_deprecated: ensure extension of addr - [arm64] uaccess: ensure extension of access_ok() addr - [arm64] documentation: document tagged pointer stack constraints - [x86] staging: rtl8192e: rtl92e_fill_tx_desc fix write to mapped out memory. - [x86] staging: rtl8192e: fix 2 byte alignment of register BSSIDR. - [x86] staging: rtl8192e: rtl92e_get_eeprom_size Fix read size of EPROM_CMD. - [x86] staging: rtl8192e: GetTs Fix invalid TID 7 warning. - [x86] iommu/vt-d: Flush the IOTLB to get rid of the initial kdump mappings - stackprotector: Increase the per-task stack canary's random range from 32 bits to 64 bits on 64-bit platforms - uwb: fix device quirk on big-endian hosts - genirq: Fix chained interrupt data ordering - nvme: unmap CMB and remove sysfs file in reset path - [alpha] osf_wait4(): fix infoleak - tracing/kprobes: Enforce kprobes teardown after testing - [x86] PCI: hv: Allocate interrupt descriptors with GFP_ATOMIC - [x86] PCI: hv: Specify CPU_AFFINITY_ALL for MSI affinity when >= 32 CPUs - PCI: Fix pci_mmap_fits() for HAVE_PCI_RESOURCE_TO_USER platforms - PCI: Fix another sanity check bug in /proc/pci mmap - PCI: Only allow WC mmap on prefetchable resources - PCI: Freeze PME scan before suspending devices - [armel,armhf] mtd: nand: orion: fix clk handling - [armhf] mtd: nand: omap2: Fix partition creation via cmdline mtdparts - mtd: nand: add ooblayout for old hamming layout - [x86] drm/edid: Add 10 bpc quirk for LGD 764 panel in HP zBook 17 G2 - NFSv4: Fix a hang in OPEN related to server reboot - NFS: Fix use after free in write error path - NFS: Use GFP_NOIO for two allocations in writeback - nfsd: fix undefined behavior in nfsd4_layout_verify - nfsd: encoders mustn't use unitialized values in error cases - drivers: char: mem: Check for address space wraparound with mmap() - [x86] drm/i915/gvt: Disable access to stolen memory as a guest [ Aurelien Jarno ] * [mips*/*-malta] Enable POWER_RESET and POWER_RESET_SYSCON. [ Uwe Kleine-König ] * [arm64] Enable DRM modules (Closes: #863344) * Ignore ABI changes in chipidea driver [ Ben Hutchings ] * Ignore ABI changes in ccp and hid-sensors * [mips*el/loongson-3] Revert "MIPS: Loongson-3: Select MIPS_L1_CACHE_SHIFT_6" to avoid ABI change * SUNRPC: Refactor svc_set_num_threads() * NFSv4: Fix callback server shutdown (CVE-2017-9059) (Closes: #862357) * uapi: fix linux/if.h userspace compilation errors (see #822393, #824442) * debian/control: Fix compiler build-dependencies for cross-building (Closes: #863907) * Add Debian package version to "hung task" log messages * btrfs: warn about RAID5/6 being experimental at mount time (Closes: #863290) * [x86] pinctrl: cherryview: Add a quirk to make Acer Chromebook keyboard work again (Closes: #862723) * [arm64] serial: pl011: add console matching function (Closes: #861898) * [rt] Add new GPG subkeys for Sebastian Andrzej Siewior * [rt] Update to 4.9.30-rt20: - rtmutex: Deboost before waking up the top waiter - sched/rtmutex/deadline: Fix a PI crash for deadline tasks - sched/deadline/rtmutex: Dont miss the dl_runtime/dl_period update - rtmutex: Clean up - sched/rtmutex: Refactor rt_mutex_setprio() - sched,tracing: Update trace_sched_pi_setprio() - rtmutex: Fix PI chain order integrity - rtmutex: Fix more prio comparisons - rtmutex: Plug preempt count leak in rt_mutex_futex_unlock() - futex: Avoid freeing an active timer - futex: Fix small (and harmless looking) inconsistencies - futex,rt_mutex: Fix rt_mutex_cleanup_proxy_lock() - Revert "timers: Don't wake ktimersoftd on every tick" - futex/rtmutex: Cure RT double blocking issue - random: avoid preempt_disable()ed section [ Salvatore Bonaccorso ] * tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline() (CVE-2017-0605) * dccp/tcp: do not inherit mc_list from parent (CVE-2017-8890) * ipv6: Prevent overrun when parsing v6 header options (CVE-2017-9074) * sctp: do not inherit ipv6_{mc|ac|fl}_list from parent (CVE-2017-9075) * ipv6/dccp: do not inherit ipv6_mc_list from parent (CVE-2017-9076, CVE-2017-9077) * crypto: skcipher - Add missing API setkey checks (CVE-2017-9211) * ipv6: fix out of bound writes in __ip6_append_data() (CVE-2017-9242) [ Cyril Brulebois ] * udeb: Add efivarfs to efi-modules, which can be needed to retrieve firmware or configuration bits from d-i. (Closes: #862555) [ John Paul Adrian Glaubitz ] * [m68k] udeb: Build loop-modules package (Closes: #862813) -- Ben Hutchings Sun, 04 Jun 2017 03:03:01 +0100 linux (4.9.25-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.19 - net/openvswitch: Set the ipv6 source tunnel key address attribute correctly - net: properly release sk_frag.page - [arm64] amd-xgbe: Fix jumbo MTU processing on newer hardware - openvswitch: Add missing case OVS_TUNNEL_KEY_ATTR_PAD - net: unix: properly re-increment inflight counter of GC discarded candidates - net: vrf: Reset rt6i_idev in local dst after put - net/mlx5: Add missing entries for set/query rate limit commands - net/mlx5e: Use the proper UAPI values when offloading TC vlan actions - net/mlx5: Increase number of max QPs in default profile - net/mlx5e: Count GSO/LRO packets correctly - ipv6: make sure to initialize sockc.tsflags before first use - ipv4: provide stronger user input validation in nl_fib_input() - socket, bpf: fix sk_filter use after free in sk_clone_lock - tcp: initialize icsk_ack.lrcvtime at session start time - Input: iforce,ims-pcu,hanwang,yealink,cm109,kbtab,sur40 - validate number of endpoints before using them - ALSA: seq: Fix racy cell insertions during snd_seq_pool_done() - ALSA: ctxfi: Fix the incorrect check of dma_set_mask() call - ALSA: hda - Adding a group of pin definition to fix headset problem - ACM gadget: fix endianness in notifications - usb: gadget: f_uvc: Fix SuperSpeed companion descriptor's wBytesPerInterval - USB: uss720,idmouse,wusbcore: fix NULL-deref at probe - usb: musb: cppi41: don't check early-TX-interrupt for Isoch transfer - usb: hub: Fix crash after failure to read BOS descriptor - USB: usbtmc: add missing endpoint sanity check - USB: usbtmc: fix probe error path - uwb: i1480-dfu: fix NULL-deref at probe - mmc: ushc: fix NULL-deref at probe - [armhf[ iio: adc: ti_am335x_adc: fix fifo overrun recovery - iio: sw-device: Fix config group initialization - iio: hid-sensor-trigger: Change get poll value function order to avoid sensor properties losing after resume from S3 - parport: fix attempt to write duplicate procfiles - ext4: mark inode dirty after converting inline directory - ext4: lock the xattr block before checksuming it - [powerpc*/*64*] Fix idle wakeup potential to clobber registers - mmc: sdhci: Do not disable interrupts while waiting for clock - mmc: sdhci-pci: Do not disable interrupts in sdhci_intel_set_power - [x86] hwrng: amd - Revert managed API changes - [x86] hwrng: geode - Revert managed API changes - [armhf] clk: sunxi-ng: sun6i: Fix enable bit offset for hdmi-ddc module clock - [armhf] clk: sunxi-ng: mp: Adjust parent rate for pre-dividers - mwifiex: pcie: don't leak DMA buffers when removing - [x86] crypto: ccp - Assign DMA commands to the channel's CCP - xen/acpi: upload PM state from init-domain to Xen - [x86] iommu/vt-d: Fix NULL pointer dereference in device_to_iommu - [arm64] kaslr: Fix up the kernel image alignment - cpufreq: Restore policy min/max limits on CPU online - cgroup, net_cls: iterate the fds of only the tasks which are being migrated - blk-mq: don't complete un-started request in timeout handler - [x86] drm/amdgpu: reinstate oland workaround for sclk - jbd2: don't leak memory if setting up journal fails - [x86] intel_th: Don't leak module refcount on failure to activate - [x86] Drivers: hv: vmbus: Don't leak channel ids - [x86] Drivers: hv: vmbus: Don't leak memory when a channel is rescinded - libceph: don't set weight to IN when OSD is destroyed - [x86] device-dax: fix pmd/pte fault fallback handling - [armhf] drm/bridge: analogix dp: Fix runtime PM state on driver bind - nl80211: fix dumpit error path RTNL deadlocks - drm: reference count event->completion - fbcon: Fix vc attr at deinit https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.20 - xfrm: policy: init locks early - [x86] KVM: cleanup the page tracking SRCU instance - virtio_balloon: init 1st buffer in stats vq - [mips*] ptrace: Preserve previous registers for short regset write - [sparc64] ptrace: Preserve previous registers for short regset write - fscrypt: remove broken support for detecting keyring key revocation (CVE-2017-7374) - sched/rt: Add a missing rescheduling point - [armhf] usb: musb: fix possible spinlock deadlock https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.21 - libceph: force GFP_NOIO for socket allocations - xen/setup: Don't relocate p2m over existing one - xfs: only update mount/resv fields on success in __xfs_ag_resv_init - xfs: use per-AG reservations for the finobt - xfs: pull up iolock from xfs_free_eofblocks() - xfs: sync eofblocks scans under iolock are livelock prone - xfs: fix eofblocks race with file extending async dio writes - xfs: fix toctou race when locking an inode to access the data map - xfs: fail _dir_open when readahead fails - xfs: filter out obviously bad btree pointers - xfs: check for obviously bad level values in the bmbt root - xfs: verify free block header fields - xfs: allow unwritten extents in the CoW fork - xfs: mark speculative prealloc CoW fork extents unwritten - xfs: reset b_first_retry_time when clear the retry status of xfs_buf_t - xfs: update ctime and mtime on clone destinatation inodes - xfs: reject all unaligned direct writes to reflinked files - xfs: don't fail xfs_extent_busy allocation - xfs: handle indlen shortage on delalloc extent merge - xfs: split indlen reservations fairly when under reserved - xfs: fix uninitialized variable in _reflink_convert_cow - xfs: don't reserve blocks for right shift transactions - xfs: Use xfs_icluster_size_fsb() to calculate inode chunk alignment - xfs: tune down agno asserts in the bmap code - xfs: only reclaim unwritten COW extents periodically - xfs: fix and streamline error handling in xfs_end_io - xfs: Use xfs_icluster_size_fsb() to calculate inode alignment mask - xfs: use iomap new flag for newly allocated delalloc blocks - xfs: try any AG when allocating the first btree block when reflinking - scsi: libsas: fix ata xfer length - scsi: scsi_dh_alua: Check scsi_device_get() return value - scsi: scsi_dh_alua: Ensure that alua_activate() calls the completion function - ALSA: seq: Fix race during FIFO resize - ALSA: hda - fix a problem for lineout on a Dell AIO machine - [x86] ASoC: Intel: Skylake: fix invalid memory access due to wrong reference of pointer - HID: wacom: Don't add ghost interface as shared data - mmc: sdhci: Disable runtime pm when the sdio_irq is enabled - NFSv4.1 fix infinite loop on IO BAD_STATEID error - nfsd: map the ENOKEY to nfserr_perm for avoiding warning - [hppa] Clean up fixup routines for get_user()/put_user() - [hppa] Avoid stalled CPU warnings after system shutdown - [hppa] Fix access fault handling in pa_memcpy() - ACPI: Fix incompatibility with mcount-based function graph tracing - ACPI: Do not create a platform_device for IOAPIC/IOxAPIC - USB: fix linked-list corruption in rh_call_control() - [x86] KVM: clear bus pointer when destroyed - KVM: kvm_io_bus_unregister_dev() should never fail - drm/radeon: Override fpfn for all VRAM placements in radeon_evict_flags - [armhf,arm64] drm/vc4: Allocate the right amount of space for boot-time CRTC state. - [armhf] drm/etnaviv: (re-)protect fence allocation with GPU mutex - [x86] mm/KASLR: Exclude EFI region from KASLR VA space randomization - [x86] mce: Fix copy/paste error in exception table entries - lib/syscall: Clear return values when no stack - mm: rmap: fix huge file mmap accounting in the memcg stats - mm, hugetlb: use pte_present() instead of pmd_present() in follow_huge_pmd() - qla2xxx: Allow vref count to timeout on vport delete. - mm: workingset: fix premature shadow node shrinking with cgroups - blk: improve order of bio handling in generic_make_request() - blk: Ensure users for current->bio_list can see the full list. - padata: avoid race in reordering - nvme/core: Fix race kicking freed request_queue - nvme/pci: Disable on removal when disconnected https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.22 - ppdev: check before attaching port - ppdev: fix registering same device name - [x86] drm/vmwgfx: Type-check lookups of fence objects - [x86] drm/vmwgfx: avoid calling vzalloc with a 0 size in vmw_get_cap_3d_ioctl() - drm/ttm, drm/vmwgfx: Relax permission checking when opening surfaces - [x86] drm/vmwgfx: Remove getparam error message - sysfs: be careful of error returns from ops->show() - [armhf,arm64] KVM: Take mmap_sem in stage2_unmap_vm - [armhf,arm64] KVM: Take mmap_sem in kvm_arch_prepare_memory_region - [armhf,arm64] kvm: Fix locking for kvm_free_stage2_pgd - [x86] iio: bmg160: reset chip when probing - [arm64] mm: unaligned access by user-land should be received as SIGBUS - cfg80211: check rdev resume callback only for registered wiphy - CIFS: Reset TreeId to zero on SMB2 TREE_CONNECT - mm/page_alloc.c: fix print order in show_free_areas() - ptrace: fix PTRACE_LISTEN race corrupting task->state - dm verity fec: limit error correction recursion - dm verity fec: fix bufio leaks - ACPI / gpio: do not fall back to parsing _CRS when we get a deferral - xfs: Honor FALLOC_FL_KEEP_SIZE when punching ends of files - ring-buffer: Fix return value check in test_ringbuffer() - mac80211: unconditionally start new netdev queues with iTXQ support - brcmfmac: use local iftype avoiding use-after-free of virtual interface - [powerpc*] Disable HFSCR[TM] if TM is not supported - [powerpc*] mm: Add missing global TLB invalidate if cxl is active - [powerpc*/*64*]: Fix flush_(d|i)cache_range() called from modules - [powerpc*] Don't try to fix up misaligned load-with-reservation instructions - [powerpc*] crypto/crc32c-vpmsum: Fix missing preempt_disable() - dm raid: fix NULL pointer dereference for raid1 without bitmap - [s390x] decompressor: fix initrd corruption caused by bss clear - [s390x] uaccess: get_user() should zero on failure (again) - [mips*el/loongson-3] Check TLB before handle_ri_rdhwr() for Loongson-3 - [mips*el/loongson-3] Add MIPS_CPU_FTLB for Loongson-3A R2 - [mips*el/loongson-3] Flush wrong invalid FTLB entry for huge page - [mips*el/loongson-3] c-r4k: Fix Loongson-3's vcache/scache waysize calculation - mm/mempolicy.c: fix error handling in set_mempolicy and mbind (CVE-2017-7616) - random: use chacha20 for get_random_int/long - [armhf] drm/sun4i: tcon: Move SoC specific quirks to a DT matched data structure - [armhf] drm/sun4i: Add compatible strings for A31/A31s display pipelines - [armhf] drm/sun4i: Add compatible string for A31/A31s TCON (timing controller) - HID: i2c-hid: add a simple quirk to fix device defects - usb: dwc3: gadget: delay unmap of bounced requests - [x86] ASoC: Intel: bytct_rt5640: change default capture settings - [armhf,arm64] clocksource/drivers/arm_arch_timer: Don't assume clock runs in suspend - scsi: ufs: introduce UFSHCD_QUIRK_PRDT_BYTE_GRAN quirk - HID: multitouch: do not retrieve all reports for all devices - [arm64] mmc: sdhci-msm: Enable few quirks - scsi: ufs: ensure that host pa_tactivate is higher than device - svcauth_gss: Close connection when dropping an incoming message - scsi: ufs: add quirk to increase host PA_SaveConfigTime - [x86] platform: acer-wmi: Only supports AMW0_GUID1 on acer family - nvme: simplify stripe quirk - ACPI / sysfs: Provide quirk mechanism to prevent GPE flooding - HID: usbhid: Add quirk for the Futaba TOSD-5711BB VFD - [x86] drm/i915: actually drive the BDW reserved IDs - scsi: ufs: issue link starup 2 times if device isn't active - [armhf] serial: 8250_omap: Add OMAP_DMA_TX_KICK quirk for AM437x - ACPI / button: Change default behavior to lid_init_state=open - [x86] ACPI: save NVS memory for Lenovo G50-45 - HID: wacom: don't apply generic settings to old devices - [arm64] firmware: qcom: scm: Fix interrupted SCM calls - [armhf] watchdog: s3c2410: Fix infinite interrupt in soft mode - [x86] platform: asus-wmi: Set specified XUSB2PR value for X550LB - [x86] platform: asus-wmi: Detect quirk_no_rfkill from the DSDT - [x86] reboot/quirks: Add ASUS EeeBook X205TA reboot quirk - [x86] reboot/quirks: Add ASUS EeeBook X205TA/W reboot quirk - usb-storage: Add ignore-residue quirk for Initio INIC-3619 - [x86] reboot/quirks: Fix typo in ASUS EeeBook X205TA reboot quirk https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.23 - [x86] drm/i915/gen9: Increase PCODE request timeout to 50ms - [x86] drm/i915: Nuke debug messages from the pipe update critical section - [x86] drm/i915: Avoid tweaking evaluation thresholds on Baytrail v3 - [x86] drm/i915: Only enable hotplug interrupts if the display interrupts are enabled - [x86] drm/i915: Drop support for I915_EXEC_CONSTANTS_* execbuf parameters. - [x86] drm/i915: Stop using RP_DOWN_EI on Baytrail - [x86] drm/i915: Avoid rcu_barrier() from reclaim paths (shrinker) - [armhf,arm64] i2c: bcm2835: Fix hang for writing messages larger than 16 bytes - rt2x00usb: fix anchor initialization - rt2x00usb: do not anchor rx and tx urb's - [mips*] Introduce irq_stack - [mips*] Stack unwinding while on IRQ stack - [mips*] Only change $28 to thread_info if coming from user mode - [mips*] Switch to the irq_stack in interrupts - [mips*] Select HAVE_IRQ_EXIT_ON_IRQ_STACK - [mips*] IRQ Stack: Fix erroneous jal to plat_irq_dispatch - [x86] Revert "drm/i915/execlists: Reset RING registers upon resume" - blk-mq: Avoid memory reclaim when remapping queues - usb: hub: Wait for connection to be reestablished after port reset - net/mlx4_en: Fix bad WQE issue - net/mlx4_core: Fix racy CQ (Completion Queue) free - net/mlx4_core: Fix when to save some qp context flags for dynamic VST to VGT transitions - dma-buf: add support for compat ioctl https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.24 - cgroup, kthread: close race window where new kthreads can be migrated to non-root cgroups - thp: fix MADV_DONTNEED vs. MADV_FREE race - thp: fix MADV_DONTNEED vs clear soft dirty race - zsmalloc: expand class bit - drm/nouveau/mpeg: mthd returns true on success now - drm/nouveau/mmu/nv4a: use nv04 mmu rather than the nv44 one - [armhf] drm/etnaviv: fix missing unlock on error in etnaviv_gpu_submit() - CIFS: reconnect thread reschedule itself - CIFS: store results of cifs_reopen_file to avoid infinite wait - Input: xpad - add support for Razer Wildcat gamepad - [x86] perf: Avoid exposing wrong/stale data in intel_pmu_lbr_read_32() - [x86] efi: Don't try to reserve runtime regions - [x86] signals: Fix lower/upper bound reporting in compat siginfo - [x86] pmem: fix broken __copy_user_nocache cache-bypass assumptions - [x86] vdso: Ensure vdso32_enabled gets set to valid values only - [x86] vdso: Plug race between mapping and ELF header setup - [x86] acpi, nfit, libnvdimm: fix interleave set cookie calculation (64-bit comparison) - ACPI / scan: Set the visited flag for all enumerated devices - [hppa] fix bugs in pa_memcpy - efi/libstub: Skip GOP with PIXEL_BLT_ONLY format - efi/fb: Avoid reconfiguration of BAR that covers the framebuffer - iscsi-target: Fix TMR reference leak during session shutdown - iscsi-target: Drop work-around for legacy GlobalSAN initiator - scsi: sr: Sanity check returned mode data - scsi: sd: Consider max_xfer_blocks if opt_xfer_blocks is unusable - scsi: qla2xxx: Add fix to read correct register value for ISP82xx. - scsi: sd: Fix capacity calculation with 32-bit sector_t - target: Avoid mappedlun symlink creation during lun shutdown - xen, fbfront: fix connecting to backend - new privimitive: iov_iter_revert() - make skb_copy_datagram_msg() et.al. preserve ->msg_iter on error - [x86] libnvdimm: fix blk free space accounting - [x86] libnvdimm: fix reconfig_mutex, mmap_sem, and jbd2_handle lockdep splat - [armhf] pwm: rockchip: State of PWM clock should synchronize with PWM enabled state - cpufreq: Bring CPUs up even if cpufreq_online() failed - [armhf] irqchip/irq-imx-gpcv2: Fix spinlock initialization - ftrace: Fix removing of second function probe - zram: do not use copy_page with non-page aligned address - ftrace: Fix function pid filter on instances - crypto: algif_aead - Fix bogus request dereference in completion function - crypto: ahash - Fix EINPROGRESS notification callback (CVE-2017-7618) - [hppa] Fix get_user() for 64-bit value on 32-bit kernel - dvb-usb-v2: avoid use-after-free (CVE-2017-8064) - drm/nouveau/disp/mcp7x: disable dptmds workaround (Closes: #850219) - [x86] mm: Tighten x86 /dev/mem with zeroing reads (CVE-2017-7889) - dvb-usb-firmware: don't do DMA on stack (CVE-2017-8061) - cxusb: Use a dma capable buffer also for reading (CVE-2017-8063) - virtio-console: avoid DMA from stack (CVE-2017-8067) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.25 - KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings (CVE-2016-9604) - KEYS: Change the name of the dead type to ".dead" to prevent user access (CVE-2017-6951) - KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings (CVE-2017-7472) - tracing: Allocate the snapshot buffer before enabling probe - ring-buffer: Have ring_buffer_iter_empty() return true when empty - mm: prevent NR_ISOLATE_* stats from going negative - cifs: Do not send echoes before Negotiate is complete (Closes: #856843) - CIFS: remove bad_network_name flag - [s390x] mm: fix CMMA vs KSM vs others - Input: elantech - add Fujitsu Lifebook E547 to force crc_enabled - ACPI / power: Avoid maybe-uninitialized warning - [armhf] mmc: sdhci-esdhc-imx: increase the pad I/O drive strength for DDR50 card - ubifs: Fix RENAME_WHITEOUT support - ubifs: Fix O_TMPFILE corner case in ubifs_link() - mac80211: reject ToDS broadcast data frames - mac80211: fix MU-MIMO follow-MAC mode - ubi/upd: Always flush after prepared for an update - [powerpc*] kprobe: Fix oops when kprobed on 'stdu' instruction - [x86] mce/AMD: Give a name to MCA bank 3 when accessed with legacy MSRs - [x86] mce: Make the MCE notifier a blocking one - device-dax: switch to srcu, fix rcu_read_lock() vs pte allocation [ Ben Hutchings ] * w1: Really enable W1_MASTER_GPIO as module (Closes: #858975) * debian/rules.real: Undefine $LANGUAGE, which can break debug symbols for vDSOs (Closes: #859807) * Bump ABI to 3 * [s390x] Set NR_CPUS=256 (Closes: #858731) * [x86] usbip: Increase USBIP_VHCI_NR_HCS to 8 and USBIP_VHCI_HC_PORTS to 31 (Closes: #859641) * [powerpc/powerpc64,ppc64*] target: Enable SCSI_IBMVSCSIS as module * cpupower: Fix turbo frequency reporting for pre-Sandy Bridge cores (Closes: #859978) * udeb: Include all AHCI drivers in sata-modules (Closes: #860335) * [powerpc/powerpc64,ppc64] Set NR_CPUS=2048, matching ppc64el * [powerpc*/*64*] Enable CPUMASK_OFFSTACK to reduce stack usage * [mips*el/loongson-3] Set NR_CPUS=16 to allow for Loongson 3B2000 * [mips*/octeon] Set NR_CPUS=64 to allow for Cavium CN7890 * [arm64] Set NR_CPUS=256 to allow for multi-SoC systems (Closes: #861209) * [powerpc/powerpc-smp,powerpcspe] Explicitly set NR_CPUS=4 * Move debug symbols back to the main archive, to avoid problems with the current handling in dak * linux-image: Disable signing until it's supported in dak * [rt] Update to 4.9.20-rt16: - rtmutex: Make lock_killable work - rtmutex: Provide rt_mutex_lock_state() - rtmutex: Provide locked slowpath - rwsem/rt: Lift single reader restriction * PCI: Enable PCIE_PTM (except on armel/marvell) * 6lowpan: Enable Generic Header Compression modules * net/sched: Enable NET_ACT_SKBMOD as module * ethernet: Enable NFP_NETVF as module * net/phy: Enable MICROSEMI_PHY as module * input/tablet: Enable TABLET_USB_PEGASUS as module * [x86] input/touchscreen: Enable TOUCHSCREEN_SURFACE3_SPI as module * serial/8250: Enable SERIAL_8250_MOXA as module * [x86] gpio: Enable GPIO_AMDPT as module * [x86] thermal: Enable INT3406_THERMAL as module * watchdog: Enable WATCHDOG_SYSFS * integrity: Enable IMA, IMA_DEFAULT_HASH_SHA256, IMA_APPRAISE, IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY, IMA_BLACKLIST_KEYRING (except on armel/marvell) (Closes: #788290) * media: Enable VIDEO_TW5864, VIDEO_TW686X as modules * [x86] amdgpu,sound/soc: Enable DRM_AMD_ACP; enable SND_SOC_AMD_ACP as module * hda: Set SND_HDA_PREALLOC_SIZE=2048 as recommended for PulseAudio * HID: Enable HID_SENSOR_CUSTOM_SENSOR as module * leds,USB: Enable USB_LEDS_TRIGGER_USBPORT as module * usbip: Enable USBIP_VUDC as module * USB/misc: Enable UCSI as module * leds: Enable LEDS_TRIGGER_DISK, LEDS_TRIGGER_MTD, LEDS_TRIGGER_PANIC * IB: Enable INFINIBAND_HFI1, INFINIBAND_I40IW, INFINIBAND_QEDR, RDMA_RXE as modules * [amd64] EDAC: Enable EDAC_SKX as module * [x86] comedi: Enable COMEDI_ADV_PCI1720, COMEDI_ADV_PCI1760 as modules * [x86] platform: Enable INTEL_HID_EVENT as module * [x86] hwtracing: Enable INTEL_TH, INTEL_TH_PCI, INTEL_TH_GTH, INTEL_TH_MSU, INTEL_TH_PTI as modules * [rt] tracing: Enable HWLAT_TRACER * [x86] crypto: Enable CRYPTO_DEV_QAT_C3XXX, CRYPTO_DEV_QAT_C62X, CRYPTO_DEV_QAT_C3XXXVF, CRYPTO_DEV_QAT_C62XVF as modules * crypto: Enable CRYPTO_DEV_CHELSIO as module * [arm64] Enable ARMV8_DEPRECATED, SWP_EMULATION, CP15_BARRIER_EMULATION, SETEND_EMULATION (Closes: #861384) * udeb: Add tifm_7xx1 to mmc-modules (Closes: #861195) * leds: Enable LEDS_GPIO as module for all configurations with GPIOs (Closes: #860569) * selinux: Set SECURITY_SELINUX_CHECKREQPROT_VALUE=0, per default. This may break some old applications if SELinux is enabled, and can be reverted using the kernel parameter: checkreqprot=1 * udeb: Move mfd-core to kernel-image, as both input-modules and mmc-modules need it * crypto: Change CRYPTO_SHA256 from module to built-in, as required by IMA [ Salvatore Bonaccorso ] * ping: implement proper locking (CVE-2017-2671) * macsec: avoid heap overflow in skb_to_sgvec (CVE-2017-7477) * macsec: dynamically allocate space for sglist * nfsd: check for oversized NFSv2/v3 arguments (CVE-2017-7645) * nfsd4: minor NFSv2/v3 write decoding cleanup * nfsd: stricter decoding of write-like NFSv2/v3 ops (CVE-2017-7895) [ Aurelien Jarno ] * [mips*/octeon] Drop obsolete patch adding support for the UBNT E200 board. * [mips*el/loongson-3] Disable PAGE_EXTENSION and PAGE_POISONING. [ John Paul Adrian Glaubitz ] * [m68k] udeb: Enable suffix for kernel-image (Closes: #859366) -- Ben Hutchings Tue, 02 May 2017 16:21:44 +0100 linux (4.9.18-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.17 - net/mlx5e: Register/unregister vport representors on interface attach/detach - net/mlx5e: Do not reduce LRO WQE size when not using build_skb - net/mlx5e: Fix wrong CQE decompression - vxlan: correctly validate VXLAN ID against VXLAN_N_VID - vti6: return GRE_KEY for vti6 - vxlan: don't allow overwrite of config src addr - ipv4: mask tos for input route - net sched actions: decrement module reference count after table flush. - l2tp: avoid use-after-free caused by l2tp_ip_backlog_recv - net: phy: Avoid deadlock during phy_error() - vxlan: lock RCU on TX path - geneve: lock RCU on TX path - tcp/dccp: block BH for SYN processing - net: bridge: allow IPv6 when multicast flood is disabled - net: don't call strlen() on the user buffer in packet_bind_spkt() - net: net_enable_timestamp() can be called from irq contexts - ipv6: orphan skbs in reassembly unit - dccp: Unlock sock before calling sk_free() - strparser: destroy workqueue on module exit - tcp: fix various issues for sockets morphing to listen state - net: fix socket refcounting in skb_complete_wifi_ack() - net: fix socket refcounting in skb_complete_tx_timestamp() - net/sched: act_skbmod: remove unneeded rcu_read_unlock in tcf_skbmod_dump - dccp: fix use-after-free in dccp_feat_activate_values - vrf: Fix use-after-free in vrf_xmit - net/tunnel: set inner protocol in network gro hooks - act_connmark: avoid crashing on malformed nlattrs with null parms - mpls: Send route delete notifications when router module is unloaded - mpls: Do not decrement alive counter for unregister events - ipv6: make ECMP route replacement less greedy - ipv6: avoid write to a possibly cloned skb - bridge: drop netfilter fake rtable unconditionally - dccp/tcp: fix routing redirect race - tun: fix premature POLLOUT notification on tun devices - dccp: fix memory leak during tear-down of unsuccessful connection request - bpf: Detect identical PTR_TO_MAP_VALUE_OR_NULL registers - bpf: fix state equivalence - bpf: fix regression on verifier pruning wrt map lookups - bpf: fix mark_reg_unknown_value for spilled regs on map value marking - dmaengine: iota: ioat_alloc_chan_resources should not perform sleeping allocations. - xen: do not re-use pirq number cached in pci device msi msg data - igb: Workaround for igb i210 firmware issue - igb: add i211 to i210 PHY workaround - [x86] hyperv: Handle unknown NMIs on one CPU when unknown_nmi_panic - PCI: Separate VF BAR updates from standard BAR updates - PCI: Remove pci_resource_bar() and pci_iov_resource_bar() - PCI: Decouple IORESOURCE_ROM_ENABLE and PCI_ROM_ADDRESS_ENABLE - PCI: Don't update VF BARs while VF memory space is enabled - PCI: Update BARs using property bits appropriate for type - PCI: Ignore BAR updates on virtual functions - PCI: Do any VF BAR updates before enabling the BARs - [powerpc*] ibmveth: calculate gso_segs for large packets - [x86] Drivers: hv: ring_buffer: count on wrap around mappings in get_next_pkt_raw() (v2) - vfio/spapr: Postpone allocation of userspace version of TCE table - [powerpc*] iommu: Stop using @current in mm_iommu_xxx - [powerpc*] vfio/spapr: Reference mm in tce_container - [powerpc*] mm/iommu, vfio/spapr: Put pages on VFIO container shutdown - [powerpc*] vfio/spapr: Add a helper to create default DMA window - [powerpc*] vfio/spapr: Postpone default window creation - drm/nouveau/disp/gp102: fix cursor/overlay immediate channel indices - drm/nouveau/disp/nv50-: split chid into chid.ctrl and chid.user - drm/nouveau/disp/nv50-: specify ctrl/user separately when constructing classes - block: allow WRITE_SAME commands with the SG_IO ioctl - [s390x] zcrypt: Introduce CEX6 toleration - uvcvideo: uvc_scan_fallback() for webcams with broken chain - [x86] ACPI / blacklist: add _REV quirks for Dell Precision 5520 and 3520 - [x86] ACPI / blacklist: Make Dell Latitude 3350 ethernet work - serial: 8250_pci: Detach low-level driver during PCI error recovery - [armhf] clk: bcm2835: Fix ->fixed_divider of pllh_aux - [armhf] drm/vc4: Fix race between page flip completion event and clean-up - [armhf] drm/vc4: Fix ->clock_select setting for the VEC encoder - [arm64] KVM: VHE: Clear HCR_TGE when invalidating guest TLBs - [armhf,arm64] irqchip/gicv3-its: Add workaround for QDF2400 ITS erratum 0065 - [x86] tsc: Fix ART for TSC_KNOWN_FREQ - [x86] perf: Fix CR4.PCE propagation to use active_mm instead of mm - futex: Fix potential use-after-free in FUTEX_REQUEUE_PI - futex: Add missing error handling to FUTEX_REQUEUE_PI - locking/rwsem: Fix down_write_killable() for CONFIG_RWSEM_GENERIC_SPINLOCK=y - [powerpc*] crypto: Fix initialisation of crc32c context https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.18 - [armhf] drm/vc4: Fix termination of the initial scan for branch targets. - [armhf] drm/vc4: Use runtime autosuspend to avoid thrashing V3D power state. - qla2xxx: Fix memory leak for abts processing - qla2xxx: Fix request queue corruption. - [hppa] Optimize flush_kernel_vmap_range and invalidate_kernel_vmap_range - [hppa] Fix system shutdown halt - perf/core: Fix use-after-free in perf_release() - perf/core: Fix event inheritance on fork() - NFS prevent double free in async nfs4_exchange_id - cpufreq: Fix and clean up show_cpuinfo_cur_freq() - [powerpc*] boot: Fix zImage TOC alignment - md/raid1/10: fix potential deadlock - target/pscsi: Fix TYPE_TAPE + TYPE_MEDIMUM_CHANGER export - scsi: lpfc: Add shutdown method for kexec - scsi: libiscsi: add lock around task lists to fix list corruption regression - target: Fix VERIFY_16 handling in sbc_parse_cdb - isdn/gigaset: fix NULL-deref at probe - gfs2: Avoid alignment hole in struct lm_lockname - percpu: acquire pcpu_lock when updating pcpu_nr_empty_pop_pages - cgroup/pids: remove spurious suspicious RCU usage warning - [x86] drm/amdgpu/si: add dpm quirk for Oland - ext4: fix fencepost in s_first_meta_bg validation (Closes: #856808) [ Ben Hutchings ] * [powerpc*] Ignore ABI changes in cxl (fixes FTBFS) (Closes: #858530) and IOMMU setup * Ignore ABI changes in bpf, dccp, libiscsi * [x86] Ignore ABI changes in kvm * [rt] Update to 4.9.18-rt14: - lockdep: Fix per-cpu static objects - futex: Cleanup variable names for futex_top_waiter() - futex: Use smp_store_release() in mark_wake_futex() - futex: Remove rt_mutex_deadlock_account_*() - futex,rt_mutex: Provide futex specific rt_mutex API - futex: Change locking rules - futex: Cleanup refcounting - futex: Rework inconsistent rt_mutex/futex_q state - futex: Pull rt_mutex_futex_unlock() out from under hb->lock - futex,rt_mutex: Introduce rt_mutex_init_waiter() - futex,rt_mutex: Restructure rt_mutex_finish_proxy_lock() - futex: Rework futex_lock_pi() to use rt_mutex_*_proxy_lock() - futex: Futex_unlock_pi() determinism - futex: Drop hb->lock before enqueueing on the rtmutex - futex: workaround migrate_disable/enable in different context - Revert "kernel/futex: don't deboost too early" * xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window (CVE-2017-7184) * xfrm_user: validate XFRM_MSG_NEWAE incoming ESN size harder (CVE-2017-7184) * scsi: sg: check length passed to SG_NEXT_CMD_LEN (CVE-2017-7187) * [x86] vmwgfx: NULL pointer dereference in vmw_surface_define_ioctl() (CVE-2017-7261) * [x86] drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl() (CVE-2017-7294) * net/packet: Fix integer overflow in various range checks (CVE-2017-7308) * [arm64] rtc: tegra: Implement clock handling (Closes: #858514) * [armhf] sound/soc: Enable SND_SUN4I_SPDIF as module (Closes: #857410) * [arm64,x86] Enable CROS_KBD_LED_BACKLIGHT as module (Closes: #856906) * netfilter: nft_ct: add notrack support (Closes: #845500) * w1: Enable W1_MASTER_GPIO as module (Closes: #858975) [ James Clarke ] * [sparc64] udeb: Re-add ufs-modules (Closes: #858049) -- Ben Hutchings Thu, 30 Mar 2017 02:16:33 +0100 linux (4.9.16-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.14 - [mips*] Fix special case in 64 bit IP checksumming. - [mips*/octeon] Fix copy_from_user fault handling for large buffers - mmc: sdhci-acpi: support deferred probe - uvcvideo: Fix a wrong macro - media: fix dm1105.c build error - lirc_dev: LIRC_{G,S}ET_REC_MODE do not work - media: Properly pass through media entity types in entity enumeration - ext4: fix deadlock between inline_data and ext4_expand_extra_isize_ea() - [x86] ALSA: hda/realtek - Cannot adjust speaker's volume on a Dell AIO - [x86] ALSA: hda - fix Lewisburg audio issue - ALSA: timer: Reject user params with too small ticks - ALSA: ctxfi: Fallback DMA mask to 32bit - ALSA: seq: Fix link corruption by event error handling - [x86] ALSA: hda - Add subwoofer support for Dell Inspiron 17 7000 Gaming - [x86] ALSA: hda - Fix micmute hotkey problem for a lenovo AIO machine - hwmon: (it87) Do not overwrite bit 2..6 of pwm control registers - hwmon: (it87) Ensure that pwm control cache is current before updating values - [x86] staging/lustre/lnet: Fix allocation size for sv_cpt_data - staging: rtl: fix possible NULL pointer dereference - regulator: Fix regulator_summary for deviceless consumers - tpm_tis: fix the error handling of init_tis() - [x86] iommu/vt-d: Fix some macros that are incorrectly specified in intel-iommu - [x86] iommu/vt-d: Tylersburg isoch identity map check is done too late. - CIFS: Fix splice read for non-cached files - [x86] mm, devm_memremap_pages: hold device_hotplug lock over mem_hotplug_{begin, done} - mm/page_alloc: fix nodes for reclaim in fast path - mm: vmpressure: fix sending wrong events on underflow - mm: do not access page->mapping directly on page_endio - mm balloon: umount balloon_mnt when removing vb device - mm, vmscan: cleanup lru size claculations - mm, vmscan: consider eligible zones in get_scan_count - sigaltstack: support SS_AUTODISARM for CONFIG_COMPAT - PM / devfreq: Fix available_governor sysfs - PM / devfreq: Fix wrong trans_stat of passive devfreq device - dm cache: fix corruption seen when using cache > 2TB - dm stats: fix a leaked s->histogram_boundaries array - dm round robin: revert "use percpu 'repeat_count' and 'current_path'" - dm raid: fix data corruption on reshape request - [x86] scsi: storvsc: use tagged SRB requests if supported by the device - [x86] scsi: storvsc: properly handle SRB_ERROR when sense message is present - [x86] scsi: storvsc: properly set residual data length on errors - scsi: aacraid: Reorder Adapter status check - scsi: use 'scsi_device_from_queue()' for scsi_dh - Fix: Disable sys_membarrier when nohz_full is enabled - jbd2: don't leak modified metadata buffers on an aborted journal - block/loop: fix race between I/O and set_status - loop: fix LO_FLAGS_PARTSCAN hang - ext4: Include forgotten start block on fallocate insert range - ext4: do not polute the extents cache while shifting extents - ext4: trim allocation requests to group size - ext4: fix data corruption in data=journal mode - ext4: fix use-after-iput when fscrypt contexts are inconsistent - ext4: fix inline data error paths - ext4: preserve the needs_recovery flag when the journal is aborted - ext4: return EROFS if device is r/o and journal replay is needed - mei: remove support for broken parallel read - ath10k: fix boot failure in UTF mode/testmode - ath5k: drop bogus warning on drv_set_key with unsupported cipher - ath9k: fix race condition in enabling/disabling IRQs - ath9k: use correct OTP register offsets for the AR9340 and AR9550 - [x86] PCI: hv: Fix wslot_to_devfn() to fix warnings on device removal - [x86] Drivers: hv: vmbus: Raise retry/wait limits in vmbus_post_msg() - perf callchain: Reference count maps - crypto: testmgr - Pad aes_ccm_enc_tv_template vector - fuse: add missing FR_FORCE - [x86] pkeys: Check against max pkey to avoid overflows - [armhf,arm64] KVM: Enforce unconditional flush to PoC when mapping to stage-2 - [arm64] dma-mapping: Fix dma_mapping_error() when bypassing SWIOTLB - [arm64] fix erroneous __raw_read_system_reg() cases - [armhf,arm64] KVM: vgic: Stop injecting the MSI occurrence twice - can: gs_usb: Don't use stack memory for USB transfers - can: usb_8dev: Fix memory leak of priv->cmd_msg_buffer - w1: don't leak refcount on slave attach failure in w1_attach_slave_device() - w1: ds2490: USB transfer buffers need to be DMAable - usb: dwc3: gadget: skip Set/Clear Halt when invalid - usb: host: xhci: plat: check hcc_params after add hcd - usb: gadget: udc-core: Rescan pending list on driver unbind - usb: gadget: f_hid: fix: Free out requests - usb: gadget: f_hid: fix: Prevent accessing released memory - usb: gadget: f_hid: Use spinlock instead of mutex - [x86] hv: allocate synic pages for all present CPUs - [x86] hv: init percpu_list in hv_synic_alloc() - [x86] hv: don't reset hv_context.tsc_page on crash - [x86] Drivers: hv: vmbus: Prevent sending data on a rescinded channel - [x86] Drivers: hv: vmbus: Fix a rescind handling bug - [x86] Drivers: hv: util: kvp: Fix a rescind processing issue - [x86] Drivers: hv: util: Fcopy: Fix a rescind processing issue - [x86] Drivers: hv: util: Backup: Fix a rescind processing issue - RDMA/core: Fix incorrect structure packing for booleans - rdma_cm: fail iwarp accepts w/o connection params - gfs2: Add missing rcu locking for glock lookup - [arm64] remoteproc: qcom: mdt_loader: Don't overwrite firmware object - rtlwifi: Fix alignment issues - rtlwifi: rtl8192c-common: Fix "BUG: KASAN: - [m68k] VME: restore bus_remove function causing incomplete module unload - nfsd: minor nfsd_setattr cleanup - nfsd: special case truncates some more - NFSv4: Fix memory and state leak in _nfs4_open_and_get_state - NFSv4: Fix reboot recovery in copy offload - pNFS/flexfiles: If the layout is invalid, it must be updated before retrying - NFSv4: fix getacl head length estimation - NFSv4: fix getacl ERANGE for some ACL buffer sizes - f2fs: fix a problem of using memory after free - f2fs: fix multiple f2fs_add_link() calls having same name - f2fs: add ovp valid_blocks check for bg gc victim to fg_gc - f2fs: avoid to issue redundant discard commands - [armhf] rtc: sun6i: Disable the build as a module - [armhf] rtc: sun6i: Add some locking - [armhf] rtc: sun6i: Switch to the external oscillator - md linear: fix a race between linear_add() and linear_congested() - bcma: use (get|put)_device when probing/removing device driver - [armhf] dmaengine: ipu: Make sure the interrupt routine checks all interrupts. - xprtrdma: Fix Read chunk padding - xprtrdma: Per-connection pad optimization - xprtrdma: Disable pad optimization by default - xprtrdma: Reduce required number of send SGEs - [powerpc*] xmon: Fix data-breakpoint - [powerpc*] mm: Add MMU_FTR_KERNEL_RO to possible feature mask - [powerpc*] mm/hash: Always clear UPRT and Host Radix bits when setting up CPU - scsi: lpfc: Correct WQ creation for pagesize - ceph: update readpages osd request according to size of pages - netfilter: conntrack: remove GC_MAX_EVICTS break - netfilter: conntrack: refine gc worker heuristics, redux https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.15 - tty: n_hdlc: get rid of racy n_hdlc.tbuf (CVE-2017-2636) (Closes: #858122) - serial: 8250_pci: Add MKS Tenta SCOM-0800 and SCOM-0801 cards - [s390x] KVM: Disable dirty log retrieval for UCONTROL guests - [x86] KVM: VMX: use correct vmcs_read/write for guest segment selector/base - Bluetooth: Add another AR3012 04ca:3018 device - [s390x] qdio: clear DSCI prior to scanning multiple input queues - [s390x] dcssblk: fix device size calculation in dcssblk_direct_access() - [s390x] kdump: Use "LINUX" ELF note name instead of "CORE" - [s390x] chsc: Add exception handler for CHSC instruction - [s390x] TASK_SIZE for kernel threads - [s390x] make setup_randomness work - [s390x] use correct input data address for setup_randomness - [armhf] net: mvpp2: fix DMA address calculation in mvpp2_txq_inc_put() - [powerpc*] cxl: Prevent read/write to AFU config space while AFU not configured - [powerpc*] cxl: fix nested locking hang during EEH hotplug - brcmfmac: fix incorrect event channel deduction - mnt: Tuck mounts under others instead of creating shadow/side mounts. - IB/ipoib: Fix deadlock between rmmod and set_mode - IB/IPoIB: Add destination address when re-queue packet - IB/mlx5: Fix out-of-bound access - IB/SRP: Avoid using IB_MR_TYPE_SG_GAPS - IB/srp: Avoid that duplicate responses trigger a kernel bug - IB/srp: Fix race conditions related to task management - fs: Better permission checking for submounts - ceph: remove req from unsafe list when unregistering it - [powerpc*] pci/hotplug/pnv-php: Remove WARN_ON() in pnv_php_put_slot() - [powerpc*] pci/hotplug/pnv-php: Disable surprise hotplug capability on conflicts - target: Fix NULL dereference during LUN lookup + active I/O shutdown - [powerpc*] drivers/pci/hotplug: Handle presence detection change properly - [powerpc*] drivers/pci/hotplug: Fix initial state for empty slot - nlm: Ensure callback code also checks that the files match - nfit, libnvdimm: fix interleave set cookie calculation - mac80211: flush delayed work when entering suspend - mac80211: don't reorder frames with SN smaller than SSN - mac80211: don't handle filtered frames within a BA session - mac80211: use driver-indicated transmitter STA only for data frames - [x86] drm/amdgpu: add more cases to DCE11 possible crtc mask setup - [arm64,powerpc*,x86] drm/ast: Fix test for VGA enabled - [arm64,powerpc*,x86] drm/ast: Call open_key before enable_mmio in POST code - [arm64,powerpc*,x86] drm/ast: Fix AST2400 POST failure without BMC FW or VBIOS - drm/edid: Add EDID_QUIRK_FORCE_8BPC quirk for Rotel RSX-1058 - [x86] drm/vmwgfx: Work around drm removal of control nodes - [armhf] dmaengine: imx-sdma - correct the dma transfer residue calculation - drm/atomic: fix an error code in mode_fixup() - [x86] drm/i915/gvt: Disable access to stolen memory as a guest - drm: Cancel drm_fb_helper_dirty_work on unload - drm: Cancel drm_fb_helper_resume_work on unload - [x86] drm/i915: Avoid spurious WARNs about the wrong pipe in the PPS code - [x86] drm/i915: Fix not finding the VBT when it overlaps with OPREGION_ASLE_EXT - libceph: use BUG() instead of BUG_ON(1) - [x86] mm: fix gup_pte_range() vs DAX mappings - [x86] tlb: Fix tlb flushing when lguest clears PGE - thp: fix another corner case of munlock() vs. THPs - mm: do not call mem_cgroup_free() from within mem_cgroup_alloc() - fat: fix using uninitialized fields of fat_inode/fsinfo_inode - [x86] drivers: hv: Turn off write permission on the hypercall page https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.16 - USB: serial: digi_acceleport: fix OOB data sanity check - USB: serial: digi_acceleport: fix OOB-event processing - crypto: improve gcc optimization flags for serpent and wp512 - ucount: Remove the atomicity from ucount->count (CVE-2017-6874) - dw2102: don't do DMA on stack - i2c: add missing of_node_put in i2c_mux_del_adapters - [ppc64el] Emulation support for load/store instructions on LE - [powerpc*] xics: Work around limitations of OPAL XICS priority handling - PCI: Prevent VPD access for QLogic ISP2722 - usb: gadget: dummy_hcd: clear usb_gadget region before registration - usb: dwc3: gadget: make Set Endpoint Configuration macros safe - [armhf] usb: dwc3-omap: Fix missing break in dwc3_omap_set_mailbox() - usb: gadget: function: f_fs: pass companion descriptor along - Revert "usb: gadget: uvc: Add missing call for additional setup data" - usb: host: xhci-plat: Fix timeout on removal of hot pluggable xhci controllers - USB: serial: safe_serial: fix information leak in completion handler - USB: serial: omninet: fix reference leaks at open - USB: iowarrior: fix NULL-deref at probe (CVE-2016-2188) - USB: iowarrior: fix NULL-deref in write - USB: serial: io_ti: fix NULL-deref in interrupt callback - USB: serial: io_ti: fix information leak in completion handler - [armhf] serial: samsung: Continue to work if DMA request fails - [s390x] KVM: Fix guest migration for huge guests resulting in panic - [armhf.arm64] KVM: Let vcpu thread modify its own active state - dm: flush queued bios when process blocks to avoid deadlock - rc: raw decoder for keymap protocol is not loaded on register - ext4: don't BUG when truncating encrypted inodes on the orphan list - IB/mlx5: Verify that Q counters are supported [ Ben Hutchings ] * [media] dvb-usb: don't use stack for firmware load or reset (Closes: #853894) * Kbuild.include: addtree: Remove quotes before matching path (regression in 4.8) (Closes: #856474) * [rt] Update to 4.9.13-rt12: - timer/hrtimer: check properly for a running timer * [rt] Refresh one patch that had a textual conflict with 4.9.14 * Ignore various ABI changes that shouldn't affect OOT modules * userns: Avoid ABI change for CVE-2017-6874 fix * [amd64] Don't WARN about expected W+X pages on Xen (see #852324) * fjes: Disable auto-loading, as this driver matches a very common ACPI ID (Closes: #853976) [ Salvatore Bonaccorso ] * ACPI / EC: Use busy polling mode when GPE is not enabled. Thanks to Jakobus Schurz (Closes: #846792) * Ignore ABI changes for acpi_ec_{add,remove}_query_handler * Ignore ABI change for first_ec (not declared in public header) [ Helge Deller ] * [hppa] Switch to debian default config option for bonding, irda and atalk -- Salvatore Bonaccorso Wed, 22 Mar 2017 17:01:40 +0100 linux (4.9.13-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11 - can: Fix kernel panic at security_sock_rcv_skb - net/mlx5e: Fix update of hash function/key via ethtool - net/sched: matchall: Fix configuration race - ipv6: fix ip6_tnl_parse_tlv_enc_lim() - ipv6: pointer math error in ip6_tnl_parse_tlv_enc_lim() - tcp: fix 0 divide in __tcp_select_window() - stmmac: Discard masked flags in interrupt status register - net: use a work queue to defer net_disable_timestamp() work - netlabel: out of bound access in cipso_v4_validate() - ip6_gre: fix ip6gre_err() invalid reads (CVE-2017-5897) - ipv6: tcp: add a missing tcp_v6_restore_cb() - tcp: avoid infinite loop in tcp_splice_read() (CVE-2017-6214) - tun: read vnet_hdr_sz once - macvtap: read vnet_hdr_size once - rtl8150: Use heap buffers for all register access - catc: Combine failure cleanup code in catc_probe() - catc: Use heap buffer for memory size test - mlx4: Invoke softirqs after napi_reschedule - lwtunnel: valid encap attr check should return 0 when lwtunnel is disabled - sit: fix a double free on error path - net: introduce device min_header_len - packet: round up linear to header len - ping: fix a null pointer dereference - net: dsa: Do not destroy invalid network devices - l2tp: do not use udp_ioctl() - mld: do not remove mld souce list info when set link down - igmp, mld: Fix memory leak in igmpv3/mld_del_delrec() - tcp: fix mark propagation with fwmark_reflect enabled - net/mlx5: Don't unlock fte while still using it - tcp: don't annotate mark on control socket from tcp_v6_send_response() - [x86] fpu/xstate: Fix xcomp_bv in XSAVES header https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.12 - vfs: fix uninitialized flags in splice_to_pipe() - siano: make it work again with CONFIG_VMAP_STACK - fuse: fix use after free issue in fuse_dev_do_read() - fuse: fix uninitialized flags in pipe_buffer - mmc: core: fix multi-bit bus width without high-speed mode - [powerpc*/*64*] Disable use of radix under a hypervisor - scsi: don't BUG_ON() empty DMA transfers - Fix missing sanity check in /dev/sg - [x86] Input: elan_i2c - add ELAN0605 to the ACPI table - drm/radeon: Use mode h/vdisplay fields to hide out of bounds HW cursor - drm/dp/mst: fix kernel oops when turning off secondary monitor - futex: Move futex_init() to core_initcall - [armel,armhf] 8658/1: uaccess: fix zeroing of 64-bit get_user() - Revert "i2c: designware: detect when dynamic tar update is possible" - PCI/PME: Restore pcie_pme_driver.remove - printk: use rcuidle console tracepoint - timekeeping: Use deferred printk() in debug code - bcache: Make gc wakeup sane, remove set_task_state() - videodev2.h: go back to limited range Y'CbCr for SRGB and, ADOBERGB https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.13 - net/mlx5e: Disable preemption when doing TC statistics upcall - net/llc: avoid BUG_ON() in skb_orphan() (CVE-2017-6345) - net: ethernet: ti: cpsw: fix cpsw assignment in resume (regression in 4.9) - packet: fix races in fanout_add() (CVE-2017-6346) - packet: Do not call fanout_release from atomic contexts (regression in 4.9) - net: neigh: Fix netevent NETEVENT_DELAY_PROBE_TIME_UPDATE notification - dccp: fix freeing skb too early for IPV6_RECVPKTINFO (CVE-2017-6074) - vxlan: fix oops in dev_fill_metadata_dst (regression in 4.6) - irda: Fix lockdep annotations in hashbin_delete(). (CVE-2017-6348) - ptr_ring: fix race conditions when resizing - ip: fix IP_CHECKSUM handling (regression in 4.0) (CVE-2017-6347) - net: socket: fix recvmmsg not returning error from sock_error (regression in 4.6) - USB: serial: mos7840: fix another NULL-deref at open - USB: serial: ftdi_sio: fix modem-status error handling - USB: serial: ftdi_sio: fix extreme low-latency setting - USB: serial: ftdi_sio: fix line-status over-reporting - USB: serial: spcp8x5: fix modem-status handling - USB: serial: opticon: fix CTS retrieval at open - USB: serial: ark3116: fix register-accessor error handling - netfilter: nf_ct_helper: warn when not applying default helper assignment - block: fix double-free in the failure path of cgwb_bdi_init() - rtlwifi: rtl_usb: Fix for URB leaking when doing ifconfig up/down - xfs: clear delalloc and cache on buffered write failure [ Ben Hutchings ] * [armel] dts: kirkwood: Fix SATA pinmux-ing for TS419 (Closes: #855017) * [armhf] Enable DRM_OMAP_PANEL_TPO_TD028TTEC1, PWM_OMAP_DMTIMER as modules (Closes: #855472) * net: Ignore ABI changes to can_rx_register(), ip6_xmit() * net: Avoid ABI change for min_header_len * udeb: Add more USB host and dual-role drivers to usb-modules (Closes: #856111) * [x86] kvm: fix page struct leak in handle_vmon (CVE-2017-2596) * ipc/shm: Fix shmat mmap nil-page protection (CVE-2017-5669) * time: Disable TIMER_STATS (CVE-2017-5967) * sctp: deny peeloff operation on asocs with threads sleeping on it (CVE-2017-6353) * [rt] Update to 4.9.13-rt10: - sched/rt: Add a missing rescheduling point - lockdep: Handle statically initialized PER_CPU locks proper - Change export of rt_mutex_destroy() back to GPL-only -- Ben Hutchings Mon, 27 Feb 2017 15:58:07 +0000 linux (4.9.10-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.7 - drm: Schedule the output_poll_work with 1s delay if we have delayed event - drm: Fix broken VT switch with video=1366x768 option - [x86] drm/i915: Ignore bogus plane coordinates on SKL when the plane is not visible - [armhf,arm64] drm/vc4: Fix memory leak of the CRTC state. - [armhf,arm64] drm/vc4: fix a bounds check - Revert "drm/radeon: always apply pci shutdown callbacks" - drm/atomic: clear out fence when duplicating state - mm/huge_memory.c: respect FOLL_FORCE/FOLL_COW for thp - mm/mempolicy.c: do not put mempolicy before using its nodemask - mm, page_alloc: fix check for NULL preferred_zone - mm, page_alloc: fix fast-path race with cpuset update or removal - mm, page_alloc: move cpuset seqcount checking to slowpath - mm, page_alloc: fix premature OOM when racing with cpuset mems update - userns: Make ucounts lock irq-safe - sysctl: fix proc_doulongvec_ms_jiffies_minmax() - xfs: prevent quotacheck from overloading inode lru - ISDN: eicon: silence misleading array-bounds warning - Btrfs: remove old tree_root case in btrfs_read_locked_inode() - Btrfs: disable xattr operations on subvolume directories - Btrfs: remove ->{get, set}_acl() from btrfs_dir_ro_inode_operations - RDMA/cma: Fix unknown symbol when CONFIG_IPV6 is not enabled - [s390x] mm: Fix cmma unused transfer from pgste into pte - [s390x] ptrace: Preserve previous registers for short regset write - IB/cxgb3: fix misspelling in header guard - IB/iser: Fix sg_tablesize calculation - IB/srp: fix mr allocation when the device supports sg gaps - IB/srp: fix invalid indirect_sg_entries parameter value - can: c_can_pci: fix null-pointer-deref in c_can_start() - set device pointer - can: ti_hecc: add missing prepare and unprepare of the clock - [hppa] Don't use BITS_PER_LONG in userspace-exported swab.h header - nfs: Don't increment lock sequence ID after NFS4ERR_MOVED - NFSv4.1: Fix a deadlock in layoutget - NFSv4.0: always send mode in SETATTR after EXCLUSIVE4 - SUNRPC: cleanup ida information when removing sunrpc module - iw_cxgb4: free EQ queue memory on last deref - pctv452e: move buffer to heap, no mutex - v4l: tvp5150: Reset device at probe time, not in get/set format handlers - v4l: tvp5150: Fix comment regarding output pin muxing - v4l: tvp5150: Don't override output pinmuxing at stream on/off time - [x86] drm/i915: Clear ret before unbinding in i915_gem_evict_something() - [x86] drm/i915: prevent crash with .disable_display parameter - [x86] drm/i915: Don't leak edid in intel_crt_detect_ddc() - [x86] drm/i915: Don't init hpd polling for vlv and chv from runtime_suspend() - [x86] drm/i915: Fix calculation of rotated x and y offsets for planar formats - [x86] drm/i915: Check for NULL atomic state in intel_crtc_disable_noatomic() - IB/umem: Release pid in error and ODP flow - [x86] pinctrl: baytrail: Rectify debounce support - memory_hotplug: make zone_can_shift() return a boolean value - virtio_mmio: Set DMA masks appropriately - mm, memcg: do not retry precharge charges - perf/core: Fix concurrent sys_perf_event_open() vs. 'move_group' race (CVE-2017-6001) - [x86] drm/i915: Remove WaDisableLSQCROPERFforOCL KBL workaround. https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.8 - r8152: fix the sw rx checksum is unavailable - [x86] netvsc: add rcu_read locking to netvsc callback - net: lwtunnel: Handle lwtunnel_fill_encap failure - net: ipv4: fix table id in getroute response - tcp: fix tcp_fastopen unaligned access complaints on sparc - openvswitch: maintain correct checksum state in conntrack actions - mlx4: do not call napi_schedule() without care - ip6_tunnel: Account for tunnel header in tunnel MTU - ax25: Fix segfault after sock connection timeout - net sched actions: fix refcnt when GETing of action after bind - virtio: don't set VIRTIO_NET_HDR_F_DATA_VALID on xmit - virtio-net: restore VIRTIO_HDR_F_DATA_VALID on receiving - vxlan: fix byte order of vxlan-gpe port number - net: fix harmonize_features() vs NETIF_F_HIGHDMA - lwtunnel: fix autoload of lwt modules - ipv6: addrconf: Avoid addrconf_disable_change() using RCU read-side lock - tcp: initialize max window for a new fastopen socket - net/mlx5e: Do not recycle pages from emergency reserve - bridge: netlink: call br_changelink() during br_dev_newlink() - net: mpls: Fix multipath selection for LSR use case - r8152: don't execute runtime suspend if the tx is not empty - af_unix: move unix_mknod() out of bindlock - net: Specify the owning module for lwtunnel ops - lwtunnel: Fix oops on state free after encap module unload - [armhf] net: dsa: Bring back device detaching in dsa_slave_suspend() - xfs: bump up reserved blocks in xfs_alloc_set_aside - xfs: fix bogus minleft manipulations - xfs: adjust allocation length in xfs_alloc_space_available - xfs: don't rely on ->total in xfs_alloc_space_available - xfs: don't print warnings when xfs_log_force fails - xfs: make the ASSERT() condition likely - xfs: sanity check directory inode di_size - xfs: add missing include dependencies to xfs_dir2.h - xfs: replace xfs_mode_to_ftype table with switch statement - xfs: sanity check inode mode when creating new dentry - xfs: sanity check inode di_mode - xfs: don't wrap ID in xfs_dq_get_next_id - xfs: fix xfs_mode_to_ftype() prototype - xfs: fix COW writeback race - xfs: verify dirblocklog correctly - xfs: remove racy hasattr check from attr ops - xfs: extsize hints are not unlikely in xfs_bmap_btalloc - xfs: clear _XBF_PAGES from buffers when readahead page - xfs: fix bmv_count confusion w/ shared extents https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.9 - PCI/ASPM: Handle PCI-to-PCIe bridges as roots of PCIe hierarchies - ext4: validate s_first_meta_bg at mount time (CVE-2016-10208) - [x86] efi: Always map the first physical page into the EFI pagetables - [arm64] efi/fdt: Avoid FDT manipulation after ExitBootServices() (Closes: #853170) - HID: cp2112: fix sleep-while-atomic - HID: cp2112: fix gpio-callback error handling - [x86] pinctrl: baytrail: Add missing spinlock usage in byt_gpio_irq_handler - [x86] drm/amdgpu/si: fix crash on headless asics - drm/nouveau/disp/gt215: Fix HDA ELD handling (thus, HDMI audio) on gt215 - drm/nouveau/nv1a,nv1f/disp: fix memory clock rate retrieval - crypto: api - Clear CRYPTO_ALG_DEAD bit before registering an alg - crypto: arm64/aes-blk - honour iv_out requirement in CBC and CTR modes - perf/core: Fix use-after-free bug - perf/core: Fix PERF_RECORD_MMAP2 prot/flags for anonymous memory - ata: sata_mv:- Handle return value of devm_ioremap. - libata: apply MAX_SEC_1024 to all CX1-JB*-HP devices - libata: Fix ATA request sense - [powerpc*] eeh: Fix wrong flag passed to eeh_unfreeze_pe() - [powerpc*] Add missing error check to prom_find_boot_cpu() - [powerpc*] mm: Use the correct pointer when setting a 2MB pte - NFSD: Fix a null reference case in find_or_create_lock_stateid() - svcrpc: fix oops in absence of krb5 module - zswap: disable changing params if init fails - cifs: initialize file_info_lock - mm/memory_hotplug.c: check start_pfn in test_pages_in_a_zone() - base/memory, hotplug: fix a kernel oops in show_valid_zones() - mm, fs: check for fatal signals in do_generic_file_read() - tracing: Fix hwlat kthread migration - can: bcm: fix hrtimer/tasklet termination in bcm op removal - cgroup: don't online subsystems before cgroup_name/path() are operational - mmc: sdhci: Ignore unexpected CARD_INT interrupts - vhost: fix initialization for vq->is_le - [armhf] regulator: axp20x: AXP806: Fix dcdcb being set instead of dcdce - percpu-refcount: fix reference leak during percpu-atomic transition - [x86] pinctrl: baytrail: Debounce register is one per community - [x86] pinctrl: intel: merrifield: Add missed check in mrfld_config_set() - iwlwifi: fix double hyphen in MODULE_FIRMWARE for 8000 - iwlwifi: mvm: avoid crash on restart w/o reserved queues - HID: usbhid: Quirk a AMI virtual mouse and keyboard with ALWAYS_POLL - HID: hid-lg: Fix immediate disconnection of Logitech Rumblepad 2 - HID: wacom: Fix poor prox handling in 'wacom_pl_irq' - [x86] perf/intel/uncore: Clean up hotplug conversion fallout - [armhf] dmaengine: cppi41: Fix runtime PM timeouts with USB mass storage - [armhf] dmaengine: cppi41: Fix oops in cppi41_runtime_resume - [x86] KVM: do not save guest-unsupported XSAVE state - USB: Add quirk for WORLDE easykey.25 MIDI keyboard - usb: musb: Fix host mode error -71 regression - usb: gadget: f_fs: Assorted buffer overflow checks. - irqdomain: Avoid activating interrupts more than once - [x86] irq: Make irq activate operations symmetric - iw_cxgb4: set correct FetchBurstMax for QPs - fs: break out of iomap_file_buffered_write on fatal signals - [x86] drm/i915/execlists: Reset RING registers upon resume (Closes: #855055) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.10 - [x86] cpufreq: intel_pstate: Disable energy efficiency optimization - acpi, nfit: fix acpi_nfit_flush_probe() crash - [x86] libnvdimm, namespace: do not delete namespace-id 0 - [x86] libnvdimm, pfn: fix memmap reservation size versus 4K alignment - dm rq: cope with DM device destruction while in dm_old_request_fn() - crypto: algif_aead - Fix kernel panic on list_del - [x86] crypto: qat - fix bar discovery for c62x - [x86] crypto: qat - zero esram only for DH85x devices - [x86] crypto: ccp - Fix DMA operations when IOMMU is enabled - [x86] crypto: ccp - Fix double add when creating new DMA command - Input: uinput - fix crash when mixing old and new init style - selinux: fix off-by-one in setprocattr (CVE-2017-2618) - [x86] Revert "x86/ioapic: Restore IO-APIC irq_chip retrigger callback" - rtlwifi: rtl8192ce: Fix loading of incorrect firmware (Closes: #853073) - cpumask: use nr_cpumask_bits for parsing functions (Closes: #848682) - [armel,armhf] 8643/3: arm/ptrace: Preserve previous registers for short regset write - [x86] drm/i915: fix use-after-free in page_flip_completed() - [x86] drm/i915/bxt: Add MST support when do DPLL calculation - drm/atomic: Fix double free in drm_atomic_state_default_clear - target: Don't BUG_ON during NodeACL dynamic -> explicit conversion - target: Use correct SCSI status during EXTENDED_COPY exception - target: Fix early transport_generic_handle_tmr abort scenario - target: Fix multi-session dynamic se_node_acl double free OOPs - target: Fix COMPARE_AND_WRITE ref leak for non GOOD status - [armhf] dts: imx6dl: fix GPIO4 range - [armhf] 8642/1: LPAE: catch pending imprecise abort on unmask - [x86] drm/i915: Always convert incoming exec offsets to non-canonical - nl80211: Fix mesh HT operation check - mac80211: Fix adding of mesh vendor IEs - net/mlx5e: Modify TIRs hash only when it's needed - [x86] Drivers: hv: vmbus: Base host signaling strictly on the ring state - [x86] Drivers: hv: vmbus: On write cleanup the logic to interrupt the host - [x86] Drivers: hv: vmbus: On the read path cleanup the logic to interrupt the host - [x86] Drivers: hv: vmbus: finally fix hv_need_to_signal_on_read() - [s390x] scsi: zfcp: fix use-after-free by not tracing WKA port open/close on failed send - scsi: aacraid: Fix INTx/MSI-x issue with older controllers - scsi: mpt3sas: disable ASPM for MPI2 controllers - scsi: qla2xxx: Avoid that issuing a LIP triggers a kernel crash - btrfs: fix btrfs_compat_ioctl failures on non-compat ioctls - [powerpc*] mm/radix: Update ERAT flushes when invalidating TLB - [powerpc*] powernv: Fix CPU hotplug to handle waking on HVI - xen-netfront: Delete rx_refill_timer in xennet_disconnect_backend() - ALSA: hda - adding a new NV HDMI/DP codec ID in the driver - ALSA: seq: Fix race at creating a queue - ALSA: seq: Don't handle loop timeout at snd_seq_pool_done() - Revert "ALSA: line6: Only determine control port properties if needed" - [x86] mm/ptdump: Fix soft lockup in page table walker - [x86] CPU/AMD: Bring back Compute Unit ID - [x86] CPU/AMD: Fix Zen SMT topology - IB/rxe: Fix resid update - IB/rxe: Fix mem_check_range integer overflow (CVE-2016-8636) - stacktrace, lockdep: Fix address, newline ugliness - perf diff: Fix -o/--order option behavior (again) - perf diff: Fix segfault on 'perf diff -o N' option - perf/core: Fix crash in perf_event_read() [ Ben Hutchings ] * Bump ABI to 2 * [or1k] Remove configuration, as the port has been abandoned * [arm64] Enable KEXEC (Closes: #852747) * [arm64,armhf,x86] usb: gadget: Enable USB_CONFIGFS, USB_ETH, USB_GADGETFS, USB_FUNCTIONFS, USB_G_SERIAL as modules; USB_CONFIGFS_{SERIAL,ACM,OBEX,NCM,ECM,ECM_SUBSET,RNDIS,EEM,PHONET,MASS_STORAGE}, USB_CONFIGFS_F_{LB_SS,LS,UAC1,UAC2,MIDI,HID,UVC,PRINTER}, USB_ETH_RNDIS, USB_FUNCTIONFS_{ETH,RNDIS,GENERIC} (thanks to Riku Voipio) * [ppc64el] Disable IBMEBUS; this bus does not exist on POWER8 systems * aufs: Update support patchset to aufs4.9-20170206 * [rt] Update to 4.9.9-rt6: - Revert "btrfs: swap free() and trace point in run_ordered_work()" - pinctrl: qcom: Use raw spinlock variants - x86/mm/cpa: avoid wbinvd() for PREEMPT - Revert "radix-tree: Make RT aware" - radix-tree: use local locks - softirq: wake the timer softirq if needed - timers: Don't wake ktimersoftd on every tick - rt: Drop mutex_disable() on !DEBUG configs and the GPL suffix from export symbol - cpuset: Convert callback_lock to raw_spinlock_t * pegasus: Use heap buffers for all register access (Closes: #852556) * test-patches: Use the pkg.linux.notools build profile * test-patches: Set default number of jobs to number of available processors * dccp: Disable auto-loading as mitigation against local exploits * net: ipv6: check route protocol when deleting routes (Closes: #855153) * [arm64] drm: Enable DRM_AST as module (Closes: #820168) - udeb: Add ast to fb-modules * [armel/marvell] hwmon: Enable SENSORS_G762 as module (Closes: #854662) * [m68k] Change MAC8390, MAC_SCSI from built-in to modules (Closes: #826614) - udeb: Add mac8390 to nic-shared-modules * udeb: Add bcache to md-modules (Closes: #718548) * [x86] platform: acer-wmi: setup accelerometer when machine has appropriate notify event (Closes: #853067) * [x86] xen: Fix APIC id mismatch warning on Intel (Closes: #853193) * media: dvb-usb-dibusb-mc-common: Add MODULE_LICENSE (Closes: #853110) [ Roger Shimizu ] * [armel] ARM: dts: orion5x-lschl: Fix model name * [armel] ARM: dts: orion5x-lschl: More consistent naming on linkstation series * [armel] ARM: orion5x: fix Makefile for linkstation-lschl.dtb [ Salvatore Bonaccorso ] * ipv4: keep skb->dst around in presence of IP options (CVE-2017-5970) * sctp: avoid BUG_ON on sctp_wait_for_sndbuf (CVE-2017-5986) -- Ben Hutchings Fri, 17 Feb 2017 13:18:17 +0000 linux (4.9.6-3) unstable; urgency=medium * btree,musb,st_sensors: Ignore ABI changes (fixes FTBFS on armel,armhf) -- Ben Hutchings Sat, 28 Jan 2017 16:11:16 +0000 linux (4.9.6-2) unstable; urgency=medium * linux-cpupower: Use dh-exec architecture filtering for x86-specific files (fixes FTBFS on !x86) -- Ben Hutchings Fri, 27 Jan 2017 22:09:50 +0000 linux (4.9.6-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.3 - iio: common: st_sensors: fix channel data parsing - [mips] staging: octeon: Call SET_NETDEV_DEV() - ALSA: hda - Fix up GPIO for ASUS ROG Ranger - ALSA: hda - Apply asus-mode8 fixup to ASUS X71SL - ALSA: usb-audio: Fix irq/process data synchronization - fscrypt: fix renaming and linking special files - [hppa/parisc] Add line-break when printing segfault info - [hppa/parisc] Mark cr16 clocksource unstable on SMP systems - HID: sensor-hub: Move the memset to sensor_hub_get_feature() - mac80211: initialize fast-xmit 'info' later - asm-prototypes: Clear any CPP defines before declaring the functions - [x86] drm/i915: Fix oopses in the overlay code due to i915_gem_active stuff - [x86] drm/i915: Fix oops in overlay due to frontbuffer tracking - [x86] drm/i915: Force VDD off on the new power seqeuencer before starting to use it - [x86] drm/i915: Initialize overlay->last_flip properly - [x86] KVM: reset MMU on KVM_SET_VCPU_EVENTS - [armhf] usb: musb: core: add clear_ep_rxintr() to musb_platform_ops - [armhf] usb: musb: dsps: implement clear_ep_rxintr() callback - usb: storage: unusual_uas: Add JMicron JMS56x to unusual device - usb: gadgetfs: restrict upper bound on device configuration size - USB: gadgetfs: fix unbounded memory allocation bug - USB: gadgetfs: fix use-after-free bug - USB: gadgetfs: fix checks of wTotalLength in config descriptors - USB: fix problems with duplicate endpoint addresses - usb: gadget: composite: Test get_alt() presence instead of set_alt() - [arm64, armhf] usb: dwc3: core: avoid Overflow events - usb: xhci: fix possible wild pointer - [x86] usb: xhci: apply XHCI_PME_STUCK_QUIRK to Intel Apollo Lake - xhci: free xhci virtual devices with leaf nodes first - usb: xhci: fix return value of xhci_setup_device() - usb: host: xhci: Fix possible wild pointer when handling abort command - xhci: Handle command completion and timeout race - usb: xhci: hold lock over xhci_abort_cmd_ring() - USB: serial: omninet: fix NULL-derefs at open and disconnect - USB: serial: quatech2: fix sleep-while-atomic in close - USB: serial: pl2303: fix NULL-deref at open - USB: serial: keyspan_pda: verify endpoints at probe - USB: serial: spcp8x5: fix NULL-deref at open - USB: serial: io_ti: fix NULL-deref at open - USB: serial: io_ti: fix another NULL-deref at open - USB: serial: io_ti: fix I/O after disconnect - USB: serial: iuu_phoenix: fix NULL-deref at open - USB: serial: garmin_gps: fix memory leak on failed URB submit - USB: serial: ti_usb_3410_5052: fix NULL-deref at open - USB: serial: io_edgeport: fix NULL-deref at open - USB: serial: oti6858: fix NULL-deref at open - USB: serial: cyberjack: fix NULL-deref at open - USB: serial: kobil_sct: fix NULL-deref in write - USB: serial: mos7840: fix NULL-deref at open - USB: serial: mos7720: fix NULL-deref at open - USB: serial: mos7720: fix use-after-free on probe errors - USB: serial: mos7720: fix parport use-after-free on probe errors - USB: serial: mos7720: fix parallel probe - usb: xhci-mem: use passed in GFP flags instead of GFP_KERNEL - xhci: Use delayed_work instead of timer for command timeout - xhci: Fix race related to abort operation - [armhf] usb: musb: Fix trying to free already-free IRQ 4 - usb: hub: Move hub_port_disable() to fix warning if PM is disabled - usb: gadget: udc: core: fix return code of usb_gadget_probe_driver() - ALSA: usb-audio: Fix bogus error return in snd_usb_create_stream() - USB: serial: kl5kusb105: abort on open exception path - usb: gadget: Fix second argument of percpu_ida_alloc() - usb: gadget: fix request length error for isoc transfer - [armhf] dts: sun7i: bananapi-m1-plus: Enable USB PHY for USB host support - dibusb: fix possible memory leak in dibusb_rc_query() - USB: serial: io_ti: bind to interface after fw download - [x86] mei: move write cb to completion on credentials failures - iio: accel: st_accel: fix LIS3LV02 reading and scaling - [arm64, armhf] usb: dwc3: ep0: add dwc3_ep0_prepare_one_trb() - [arm64, armhf] usb: dwc3: ep0: explicitly call dwc3_ep0_prepare_one_trb() - [arm64, armhf] usb: dwc3: gadget: always unmap EP0 requests - [x86] drm/i915/dp: add lane_count check in intel_dp_check_link_status - [x86] drm/i915: tune down the fast link training vs boot fail - mac80211: fix tid_agg_rx NULL dereference - nl80211: Use different attrs for BSSID and random MAC addr in scan req - ath10k: fix failure to send NULL func frame for 10.4 - ath10k: use the right length of "background" - efi/efivar_ssdt_load: Don't return success on allocation failure - debugfs: improve DEFINE_DEBUGFS_ATTRIBUTE for !CONFIG_DEBUG_FS - [x86] prctl/uapi: Remove #ifdef for CHECKPOINT_RESTORE - [x86] cpu: Probe CPUID leaf 6 even when cpuid_level == 6 - [x86] platform/x86: fujitsu-laptop: use brightness_set_blocking for LED-setting callbacks - hwmon: (amc6821) sign extension temperature - hwmon: (ds620) Fix overflows seen when writing temperature limits - [armhf] hwmon: (g762) Fix overflows and crash seen when writing limit attributes - hwmon: (lm90) fix temp1_max_alarm attribute - Input: synaptics-rmi4 - unlock on error - [armhf] clk: ti: dra7: fix "failed to lookup clock node gmac_gmii_ref_clk_div" boot message - [amd64] iommu/amd: Missing error code in amd_iommu_init_device() - [amd64] iommu/amd: Fix the left value check of cmd buffer - [x86] iommu/vt-d: Fix pasid table size encoding - [x86] iommu/vt-d: Flush old iommu caches for kdump when the device gets context mapped - [x86] ASoC: cht_bsw_rt5645: Fix leftover kmalloc - [x86] ASoC: Intel: Skylake: Fix a shift wrapping bug - scsi: mvsas: fix command_active typo - target/iscsi: Fix double free in lio_target_tiqn_addtpg() - sbp-target: Fix second argument of percpu_ida_alloc() - relay: check array offset before using it - PCI/MSI: Check for NULL affinity mask in pci_irq_get_affinity() - PM / wakeirq: Fix dedicated wakeirq for drivers not using autosuspend - genirq/affinity: Fix node generation from cpumask - mm/hugetlb.c: use the right pte val for compare in hugetlb_cow - docs-rst: fix LaTeX \DURole renewcommand with Sphinx 1.3+ - mm: khugepaged: close use-after-free race during shmem collapsing - mm: khugepaged: fix radix tree node leak in shmem collapse error path - mm, compaction: fix NR_ISOLATED_* stats for pfn based migration - [s390x] crypto: unlock on error in prng_tdes_read() - [arm64] crypto: sha2-ce - fix for big endian - [arm64] crypto: ghash-ce - fix for big endian - [arm64] crypto: aes-ccm-ce: fix for big endian - [arm64] crypto: sha1-ce - fix for big endian - [arm64] crypto: aes-xts-ce: fix for big endian - [arm64] crypto: aes-ce - fix for big endian - md: MD_RECOVERY_NEEDED is set for mddev->recovery - md: fix refcount problem on mddev when stopping array. - f2fs: remove percpu_count due to performance regression - f2fs: hide a maybe-uninitialized warning - PCI: Add Mellanox device IDs - PCI: Convert broken INTx masking quirks from HEADER to FINAL - PCI: Convert Mellanox broken INTx quirks to be for listed devices only - PCI: Support INTx masking on ConnectX-4 with firmware x.14.1100+ - PCI: Enable access to non-standard VPD for Chelsio devices (cxgb3) - [powerpc/powerpc64,ppc64*] pci/rpadlpar: Fix device reference leaks - [s390x] topology: always use s390 specific sched_domain_topology_level - [s390x] pci: fix dma address calculation in map_sg - drm/radeon: Always store CRTC relative radeon_crtc->cursor_x/y values - [x86] drm/i915: disable PSR by default on HSW/BDW - [x86] drm/i915/gen9: unconditionally apply the memory bandwidth WA - [x86] drm/i915/gen9: fix the WM memory bandwidth WA for Y tiling cases - xfs: don't call xfs_sb_quota_from_disk twice - xfs: check return value of _trans_reserve_quota_nblks - xfs: don't skip cow forks w/ delalloc blocks in cowblocks scan - xfs: don't BUG() on mixed direct and mapped I/O - xfs: provide helper for counting extents from if_bytes - xfs: check minimum block size for CRC filesystems - xfs: fix unbalanced inode reclaim flush locking - xfs: new inode extent list lookup helpers - xfs: factor rmap btree size into the indlen calculations - xfs: always succeed when deduping zero bytes - xfs: remove prev argument to xfs_bmapi_reserve_delalloc - xfs: track preallocation separately in xfs_bmapi_reserve_delalloc() - xfs: use new extent lookup helpers in __xfs_reflink_reserve_cow - xfs: clean up cow fork reservation and tag inodes correctly - xfs: use new extent lookup helpers xfs_file_iomap_begin_delay - xfs: pass post-eof speculative prealloc blocks to bmapi - xfs: Move AGI buffer type setting to xfs_read_agi - xfs: pass state not whichfork to trace_xfs_extlist - xfs: handle cow fork in xfs_bmap_trace_exlist - xfs: forbid AG btrees with level == 0 - xfs: check for bogus values in btree block headers - xfs: complain if we don't get nextents bmap records - xfs: don't crash if reading a directory results in an unexpected hole - xfs: error out if trying to add attrs and anextents > 0 - xfs: don't allow di_size with high bit set - xfs: don't cap maximum dedupe request length - xfs: ignore leaf attr ichdr.count in verifier during log replay - xfs: use GPF_NOFS when allocating btree cursors - xfs: fix double-cleanup when CUI recovery fails - xfs: use the actual AG length when reserving blocks - xfs: fix crash and data corruption due to removal of busy COW extents - xfs: fix max_retries _show and _store functions - clocksource/dummy_timer: Move hotplug callback after the real timers - tick/broadcast: Prevent NULL pointer dereference - Revert "rtlwifi: Fix enter/exit power_save" - Revert "usb: gadget: composite: always set ep->mult to a sensible value" - usb: gadget: composite: always set ep->mult to a sensible value https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.4 - net: vrf: Fix NAT within a VRF - net: vrf: Drop conntrack data after pass through VRF device on Tx - sctp: sctp_transport_lookup_process should rcu_read_unlock when transport is null - inet: fix IP(V6)_RECVORIGDSTADDR for udp sockets - ipv6: handle -EFAULT from skb_copy_bits - net, sched: fix soft lockup in tc_classify - [arm64, armhf] net: stmmac: Fix race between stmmac_drv_probe and stmmac_open - net/sched: cls_flower: Fix missing addr_type in classify - net/mlx5: Check FW limitations on log_max_qp before setting it - net/mlx5: Cancel recovery work in remove flow - net/mlx5: Avoid shadowing numa_node - net/mlx5: Mask destination mac value in ethtool steering rules - net/mlx5: Prevent setting multicast macs for VFs - net/mlx5e: Don't sync netdev state when not registered - net/mlx5e: Disable netdev after close - rtnl: stats - add missing netlink message size checks - net: fix incorrect original ingress device index in PKTINFO - net: ipv4: dst for local input routes should use l3mdev if relevant - drop_monitor: add missing call to genlmsg_end - drop_monitor: consider inserted data in genlmsg_end - flow_dissector: Update pptp handling to avoid null pointer deref. - igmp: Make igmp group member RFC 3376 compliant - ipv4: Do not allow MAIN to be alias for new LOCAL w/ custom rules - net: vrf: Add missing Rx counters - [x86] bpf: change back to orig prog on too many passes - [armhf] net: dsa: bcm_sf2: Do not clobber b53_switch_ops - [armhf] net: dsa: bcm_sf2: Utilize nested MDIO read/write - r8152: split rtl8152_suspend function - r8152: fix rx issue for runtime suspend - [armhf] net: dsa: Ensure validity of dst->ds[0] - net: add the AF_QIPCRTR entries to family name tables - gro: Enter slow-path if there is no tailroom - gro: use min_t() in skb_gro_reset_offset() - gro: Disable frag0 optimization on IPv6 ext headers - net/mlx5e: Remove WARN_ONCE from adaptive moderation code - net: ipv4: Fix multipath selection with vrf - net: vrf: do not allow table id 0 - HID: hid-cypress: validate length of report - ALSA: firewire-tascam: Fix to handle error from initialization of stream data - [powerpc] Fix build warning on 32-bit PPC - [arm64] dts: mt8173: Fix auxadc node - [arm64] dts: bcm2837-rpi-3-b: remove incorrect pwr LED - [arm64] dts: bcm2835: Fix bcm2837 compatible string - svcrdma: Clear xpt_bc_xps in xprt_setup_rdma_bc() error exit arm - [armhf] OMAP5: Fix mpuss_early_init - [armhf] OMAP5: Fix build for PM code - [armhf] OMAP4+: Fix bad fallthrough for cpuidle - [armhf] omap2+: am437x: rollback to use omap3_gptimer_timer_init() - [armel/marvell, armhf] spi: mvebu: fix baudrate calculation for armada variant - ALSA: usb-audio: Add a quirk for Plantronics BT600 - [x86] drm/i915/gen9: Fix PCODE polling during CDCLK change notification - rtlwifi: Fix enter/exit power_save - rtlwifi: rtl_usb: Fix missing entry in USB driver's private data https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.5 - Input: xpad - use correct product id for x360w controllers - Input: i8042 - add Pegatron touchpad to noloop table - [armhf] regulator: axp20x: Fix axp809 ldo_io registration error on cold boot - [arm64, armhf] drm/tegra: dpaux: Fix error handling - [arm64, armhf] drm/vc4: Fix a couple error codes in vc4_cl_lookup_bos() - drm/savage: dereferencing an error pointer - zram: revalidate disk under init_lock - zram: support BDI_CAP_STABLE_WRITES - dax: fix deadlock with DAX 4k holes - mm: pmd dirty emulation in page fault handler - mm: fix devm_memremap_pages crash, use mem_hotplug_{begin, done} - ocfs2: fix crash caused by stale lvb with fsdlm plugin - mm, memcg: fix the active list aging for lowmem requests when memcg is enabled - mm: support anonymous stable page - mm/slab.c: fix SLAB freelist randomization duplicate entries (CVE-2017-5546) - mm/hugetlb.c: fix reservation race when freeing surplus pages - [x86] KVM: fix emulation of "MOV SS, null selector" (CVE-2017-2583) - KVM: eventfd: fix NULL deref irqbypass consumer - jump_labels: API for flushing deferred jump label updates - [x86] KVM: flush pending lapic jump label updates on module unload - [x86] KVM: fix NULL deref in vcpu_scan_ioapic - [x86] KVM: add Align16 instruction flag - [x86] KVM: add asm_safe wrapper - [x86] KVM: emulate FXSAVE and FXRSTOR - [x86] KVM: Introduce segmented_write_std (CVE-2017-2584) - efi/libstub/arm*: Pass latest memory map to the kernel - [x86] efi: Prune invalid memory map entries and fix boot regression - [x86] efi: Don't allocate memmap through memblock after mm_init() (Closes: #851928) - nl80211: fix sched scan netlink socket owner destruction - gpio: Move freeing of GPIO hogs before numbing of the device - xfs: Timely free truncated dirty pages - bridge: netfilter: Fix dropping packets that moving through bridge interface - [x86] cpu/AMD: Clean up cpu_llc_id assignment per topology feature - [x86] bugs: Separate AMD E400 erratum and C1E bug - [x86] CPU/AMD: Fix Bulldozer topology - wusbcore: Fix one more crypto-on-the-stack bug - [armhf] usb: musb: fix runtime PM in debugfs - USB: serial: kl5kusb105: fix line-state error handling (CVE-2017-5549) - USB: serial: ch341: fix initial modem-control state - USB: serial: ch341: fix resume after reset - USB: serial: ch341: fix open error handling - USB: serial: ch341: fix control-message error handling - USB: serial: ch341: fix open and resume after B0 - i2c: print correct device invalid address - i2c: fix kernel memory disclosure in dev interface - fix a fencepost error in pipe_advance() (CVE-2017-5550) - xhci: fix deadlock at host remove by running watchdog correctly - btrfs: fix crash when tracepoint arguments are freed by wq callbacks - ASoC: hdmi-codec: use unsigned type to structure members with bit-field - Revert "tty: serial: 8250: add CON_CONSDEV to flags" - pid: fix lockdep deadlock warning due to ucount_lock - mnt: Protect the mountpoint hashtable with mount_lock - drivers: char: mem: Fix thinkos in kmem address checks - [armhf] dmaengine: omap-dma: Fix dynamic lch_map allocation - virtio_blk: avoid DMA to stack for the sense buffer - orinoco: Use shash instead of ahash for MIC calculations - sysrq: attach sysrq handler correctly for 32-bit kernel - [arm64, armhf] extcon: return error code on failure - Clearing FIFOs in RS485 emulation mode causes subsequent transmits to break - sysctl: Drop reference added by grab_header in proc_sys_readdir (CVE-2016-9191) - [s390x] net/af_iucv: don't use paged skbs for TX on HiperSockets - [x86] drm/i915/gen9: Fix PCODE polling timeout in stable backport - drm: Clean up planes in atomic commit helper failure path - drm/radeon: update smc firmware selection for SI - drm/radeon: drop verde dpm quirks - [x86] drm/amdgpu: update si kicker smc firmware - [x86] drm/amdgpu: drop verde dpm quirks - USB: serial: ch341: fix modem-control and B0 handling - net/mlx5: Only cancel recovery work when cleaning up device - i2c: piix4: Avoid race conditions with IMC - [x86] cpu: Fix bootup crashes by sanitizing the argument of the 'clearcpuid=' command-line option - nvme: apply DELAY_BEFORE_CHK_RDY quirk at probe time too - btrfs: fix locking when we put back a delayed ref that's too new - btrfs: fix error handling when run_delayed_extent_op fails - NFS: fix typo in parameter description - pNFS: Fix race in pnfs_wait_on_layoutreturn - NFS: Fix a performance regression in readdir - NFSv4.1: nfs4_fl_prepare_ds must be careful about reporting success. - [armhf] i2c: mux: pca954x: fix i2c mux selection caching - [x86] drm/i915/gen9: Fix PCODE polling during SAGV disabling - drm: avoid uninitialized timestamp use in wait_vblank - [arm64, armhf] drm/panel: simple: Check against num_timings when setting preferred for timing - [x86] drm/i915: Move the min_pixclk[] handling to the end of readout - drm: Initialise drm_mm.head_node.allocated - block: Change extern inline to static inline - block: cfq_cpd_alloc() should use @gfp - [x86] ACPI / APEI: Fix NMI notification handling - [x86] powercap/intel_rapl: fix and tidy up error handling - iw_cxgb4: Fix error return code in c4iw_rdev_open() - [arm64, armhf] power: supply: bq27xxx_battery: Fix register map for BQ27510 and BQ27520 - blk-mq: Always schedule hctx->next_cpu - [powerpc] mm: Correct process and partition table max size - [powerpc*] ibmebus: Fix further device reference leaks - [powerpc*] ibmebus: Fix device reference leaks in sysfs interface - [powerpc*] powernv: Don't warn on PE init if unfreeze is unsupported - [arm64] hugetlb: fix the wrong address for several functions - [arm64] hugetlb: remove the wrong pmd check in find_num_contig() - [arm64] hugetlb: fix the wrong return value for huge_ptep_set_access_flags https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.6 - IB/core: Release allocated memory in cache setup failure - IB/rxe: Increase max number of completions to 32k - IB/rxe: avoid putting a large struct rxe_qp on stack - IB/mlx5: Avoid system crash when enabling many VFs - IB/mlx5: Fix reported max SGE calculation - IB/mlx5: Assign SRQ type earlier - IB/mlx5: Wait for all async command completions to complete - IB/mlx4: Set traffic class in AH - IB/mlx4: Fix out-of-range array index in destroy qp flow - IB/mlx4: Handle well-known-gid in mad_demux processing - IB/mlx4: Fix port query for 56Gb Ethernet links - IB/mlx4: When no DMFS for IPoIB, don't allow NET_IF QPs - IB/mlx4: Check if GRH is available before using it - IB/IPoIB: Remove can't use GFP_NOIO warning - perf trace: Use the syscall raw_syscalls:sys_enter timestamp - perf mem: Fix --all-user/--all-kernel options - perf trace: Check if MAP_32BIT is defined (again) - perf diff: Do not overwrite valid build id - perf callchain: Fixup help/config for no-unwinding - perf scripting: Avoid leaking the scripting_context variable - perf jit: Enable jitdump support without dwarf - [armhf] dts: bcm283x: fix typo in mailbox address - [armhf] dts: imx6q-cm-fx6: fix fec pinctrl - [armhf] dts: omap3: Add DTS for Logic PD SOM-LV 37xx Dev Kit - tmpfs: clear S_ISGID when setting posix ACLs (CVE-2017-5551) - [x86] PCI: Ignore _CRS on Supermicro X8DTH-i/6/iF/6F - rcu: Narrow early boot window of illegal synchronous grace periods - sunrpc: don't call sleeping functions from the notifier block callbacks - svcrpc: don't leak contexts on PROC_DESTROY - libnvdimm, namespace: fix pmem namespace leak, delete when size set to zero - fuse: clear FR_PENDING flag when moving requests out of pending queue - fuse: fix time_to_jiffies nsec sanity check - PCI: Enumerate switches below PCI-to-PCIe bridges - HID: corsair: fix DMA buffers on stack (CVE-2017-5547) - HID: corsair: fix control-transfer error handling - mmc: sdhci-acpi: Only powered up enabled acpi child devices - ieee802154: atusb: do not use the stack for buffers to make them DMA able (CVE-2017-5548) - [s390x] KVM: do not expose random data via facility bitmap - [armhf,arm64] KVM: vgic: Fix deadlock on error handling - [powerpc*] icp-opal: Fix missing KVM case and harden replay - [powerpc*] perf: Fix PM_BRU_CMPL event code for power9 - [powerpc*] ptrace: Preserve previous fprs/vsrs on short regset write - [powerpc*] ptrace: Preserve previous TM fprs/vsrs on short regset write - [powerpc*] Ignore reserved field in DCSR and PVR reads and writes - [x86] ioapic: Restore IO-APIC irq_chip retrigger callback - qla2xxx: Fix crash due to null pointer access - mac80211: implement multicast forwarding on fast-RX path - ubifs: Fix journal replay wrt. xattr nodes - [armhf] clocksource/exynos_mct: Clear interrupt when cpu is shut down - svcrdma: avoid duplicate dma unmapping during error recovery - ceph: fix bad endianness handling in parse_reply_info_extra - [armhf] dts: OMAP5 / DRA7: indicate that SATA port 0 is available. - [arm64] avoid returning from bad_mode - [arm64] ptrace: Preserve previous registers for short regset write - [arm64] ptrace: Avoid uninitialised struct padding in fpr_set() - [arm64] ptrace: Reject attempts to set incomplete hardware breakpoint fields - Input: ALPS - fix TrackStick support for SS5 hardware - libceph: ceph_x_encrypt_buflen() takes in_len - libceph: old_key in process_one_ticket() is redundant - libceph: introduce ceph_x_encrypt_offset() - libceph: introduce ceph_crypt() for in-place en/decryption (CVE-2016-10153) - libceph: rename and align ceph_x_authorizer::reply_buf - libceph: tweak calcu_signature() a little - libceph: switch ceph_x_encrypt() to ceph_crypt() - libceph: switch ceph_x_decrypt() to ceph_crypt() - libceph: remove now unused ceph_*{en,de}crypt*() functions - [armhf] dts: Add an empty chosen node to top level DTSI - [armel,armhf] 8613/1: Fix the uaccess crash on PB11MPCore - ceph: fix scheduler warning due to nested blocking - ceph: fix ceph_get_caps() interruption - ceph: fix endianness of getattr mask in ceph_d_revalidate - ceph: fix endianness bug in frag_tree_split_cmp - libceph: make sure ceph_aes_crypt() IV is aligned - xprtrdma: Make FRWR send queue entry accounting more accurate - xprtrdma: Squelch "max send, max recv" messages at connect time - [arm64] mm: avoid name clash in __page_to_voff() - [arm64] Fix swiotlb fallback allocation - swiotlb: Convert swiotlb_force from int to enum - swiotlb: Add swiotlb=noforce debug option - scsi: ses: Fix SAS device detection in enclosure - scsi: mpt3sas: fix hang on ata passthrough commands - [armhf] PM / devfreq: exynos-bus: Fix the wrong return value - PM / devfreq: Fix the bug of devfreq_add_device when governor is NULL - mtd: spi-nor: Off by one in cqspi_setup_flash() - mtd: spi-nor: Fix some error codes in cqspi_setup_flash() - [x86] ite-cir: initialize use_demodulator before using it - [armhf] dmaengine: pl330: Fix runtime PM support for terminated transfers - [armhf] soc: ti: wkup_m3_ipc: Fix error return code in wkup_m3_ipc_probe() - libceph: uninline ceph_crypto_key_destroy() - libceph: stop allocating a new cipher on every crypto request [ Ben Hutchings ] * [armel,armhf,s390x,x86] linux-headers: Fix regression of multilib compiler support (Closes: #851481) * nbd: use loff_t for blocksize and nbd_set_size args (Closes: #851533) * ath9k: fix NULL pointer dereference (Closes: #851621) * cfg80211,memcg,power: Avoid ABI changes * bq27xxx_battery,cpuhp,libceph,orinoco,xhci: Ignore ABI changes * linux-image: Increase minimum version of initramfs-tools (Closes: #808038) * [x86] linux-cpupower: Add turbostat and x86_energy_perf_policy commands (Closes: #778249) * [arm64] Enable ARCH_MESON and related drivers (Closes: #852132) * [arm64] dts: meson-gx: Add firmware reserved memory zones * [x86] ASoC: Intel: select DW_DMAC_CORE since it's mandatory * [x86] sound/soc/intel: Enable SND_SOC_INTEL_BDW_RT5677_MACH as module (Closes: #851916) * [arm64] video/fbdev: Change FB from module to built-in * [arm64,armhf] video/fbdev: Enable FB_EFI (Closes: #851778) * fs: Disable LOGFS, as it is unmaintained and will be removed in 4.10 * [rt] genpatch.py: Verify tag and tarball signatures * fbdev: color map copying bounds checking (CVE-2016-8405) * [armhf,arm64] drm/vc4: Fix an integer overflow in temporary allocation layout. (CVE-2017-5576) * [armhf,arm64] drm/vc4: Return -EINVAL on the overflow checks failing. (CVE-2017-5577) * [arm64] ptrace: Avoid ABI change in 4.9.6 * [arm64] Enable ARM64_ACPI_PARKING_PROTOCOL, ARCH_THUNDER, GPIO_PL061, GPIO_XGENE, ARM_SMMU, ARM_SMMU_V3, PCI_HOST_THUNDER_PEM, and PCI_HOST_THUNDER_ECAM; PINCTRL_AMD as built-in; SATA_AHCI_SEATTLE, HW_RANDOM_XGENE, HW_RANDOM_CAVIUM, CPUFREQ_DT, K3_DMA, GPIO_XGENE_SB, SENSORS_XGENE, I2C_THUNDERX, KEYBOARD_GPIO, TI_ST, THUNDER_NIC_PF, THUNDER_NIC_VF (Closes: #852493), THUNDER_NIC_BGX, THUNDER_NIC_RGX, MDIO_THUNDER, MDIO_XGENE, SPI_THUNDERX, and SND_SOC_APQ8016_SBC as modules (thanks to Riku Voipio) [ Roger Shimizu ] * [armel] Add DT support of Buffalo Linkstation Live v3 (LS-CHL) * drivers/input: Enable TOUCHSCREEN_GOODIX as module (Closes: #851821). * [mips/octeon] hwmon: Enable SENSORS_ADM1031 as module (Closes: #851963). Thanks to James Cowgill. * nbd: fix 64-bit division. -- Ben Hutchings Fri, 27 Jan 2017 07:44:54 +0000 linux (4.9.2-2) unstable; urgency=medium * [sparc64] Export memcpy and memset to modules again (fixes FTBFS) * Revert "Remove debug symbol packages from debian/control to work around dak bug", which caused most binary uploads to be rejected -- Ben Hutchings Thu, 12 Jan 2017 15:52:37 +0000 linux (4.9.2-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.2 [ Ben Hutchings ] * abiupdate.py: Use current config instead of downloading previous config * abiupdate.py: Update base URLs * abiupdate.py: Add support for incoming.ports.debian.org * Make the pickled config (config.defines.dump) reproducible * Remove debug symbol packages from debian/control to work around dak bug * udeb: Add switch (DSA) drivers to nic-modules (Closes: #845075) * netfilter: Enable NFT_NUMGEN, NFT_QUOTA as modules * net/sched: Enable NET_ACT_TUNNEL_KEY, NET_IFE_SKBTCINDEX as modules * vsock: Enable VSOCKETS, VHOST_VSOCK, VIRTIO_VSOCKETS as modules * hci_uart: Enable BT_HCIUART_MRVL * rxrpc: Enable AF_RXRPC_IPV6 * net: Enable NET_DEVLINK, MACSEC as modules * SCSI: Enable SCSI_SMARTPQI as module * target: Enable ISCSI_TARGET_CXGB4 as module * cxgb4: Enable CHELSIO_T4_FCOE * drm: Enable DRM_LEGACY; re-enable DRM_TDFX, DRM_R128, DRM_MGA, DRM_SIS, DRM_VIA, DRM_SAVAGE as modules for some architectures * 8250: Disable SERIAL_8250_LPSS, since it causes DW_DMAC_CORE to be built-in * Partially revert "usb: Kconfig: using select for USB_COMMON dependency", since it causes USB_COMMON to be built-in * Set ABI to 1 [ John Paul Adrian Glaubitz ] * [sh3] Build a linux-libc-dev package (Closes: #850732) [ Martin Michlmayr ] * [arm64] Enable MV_XOR and MV_XOR_V2. -- Ben Hutchings Wed, 11 Jan 2017 04:41:33 +0000 linux (4.9.1-1~exp1) experimental; urgency=medium * New upstream release: https://kernelnewbies.org/Linux_4.9 - Revert "default exported asm symbols to zero" * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.1 [ Ben Hutchings ] * Set ABI to trunk * Enable USERFAULTFD (except on armel/marvell) * [x86] PCI: Enable VMD as module * mm: Enable PAGE_POISONING (Closes: #849450), PAGE_POISONING_NO_SANITY (except on armel/marvell) * ieee802154: Enable IEEE802154_FAKELB as module * [armhf] leds,gpio: Enable LEDS_TCA6507 as module (Closes: #847770) * [x86] iio,HID: Enable INTEL_ISH_HID as module * hwmon,watchdog: Enable SENSORS_FTSTEUTATES as module (together with the previous, Closes: #847017) * net: Enable GTP as module (Closes: #846913) * [armhf] gpio: Enable GPIO_MCP23S08 as module (Closes: #845064) * aufs: Update support patchset to aufs4.9-20161219 * Use debhelper compatibility level 9 * [arm64] Revert "arm64/mm: Limit TASK_SIZE_64 ..." and add breaks on incompatible mozjs * genorig.py: Verify tag signatures (based on work by Yves-Alexis Perez) [ Uwe Kleine-König ] * enable `perf data' support; patch by Sebastian Andrzej Siewior (Closes: #846597) * [rt] Update to 4.9-rt1 and reenable * [armhf] Add support for switch hardware on Turris Omnia [ Aurelien Jarno ] * [arm64] Enable RTC_DRV_DS1307. -- Ben Hutchings Sat, 07 Jan 2017 03:44:26 +0000 linux (4.9~rc8-1~exp1) experimental; urgency=medium * New upstream release candidate [ Ben Hutchings ] * radeon: Update package name in error message for missing firmware * [amd64] Remove xen-linux-system- package * debian/control: Fix build-dependency on flex to work with new versions that have M-A: allowed * Revert "default exported asm symbols to zero" * [arm64] remoteproc: Disable QCOM_WCNSS_PIL (fixes FTBFS) * [sparc64] Don't re-add exports of string functions that are now only defined as macros (fixes FTBFS, after other fixes) -- Ben Hutchings Mon, 05 Dec 2016 05:02:30 +0000 linux (4.9~rc7-1~exp1) experimental; urgency=medium * New upstream release candidate: - [armhf,armel] Revert "arm: move exports to definitions" (Closes: #844530) [ Martin Michlmayr ] * [arm64] Enable more QCOM options: BT_QCOMSMD, QCOM_EBI2, QCOM_TSENS, QCOM_WCNSS_PIL and EXTCON_QCOM_SPMI_MISC. * [arm64] Enable ARCH_MVEBU and related options. [ Ben Hutchings ] * linux-headers-common: Make these packages architecture-independent by including headers for all architectures that we build a kernel for * Fix exported symbol versions: - Revert upstream changes moving exports to assembly sources - [x86] kbuild: enable modversions for symbols exported from assembly - [powerpc] Remove Mac-on-Linux hooks - [powerpc*] Fix missing CRCs, add yet more asm-prototypes.h declarations - Re-enable CONFIG_MODVERSIONS in a slightly weaker form - module: Disable matching missing version CRC * debian/bin/buildcheck.py: Add check for symbols with version CRC of 0 -- Ben Hutchings Sat, 03 Dec 2016 01:46:12 +0000 linux (4.9~rc5-1~exp1) experimental; urgency=medium * New upstream release candidate [ Aurelien Jarno ] * Enable MAC802154, IEEE802154_ADF7242, IEEE802154_AT86RF230, IEEE802154_ATUSB, IEEE802154_CC2520 and IEEE802154_MRF24J40. * [arm64] Enable VIRTUALIZATION and KVM. [ Ben Hutchings ] * [hppa] Update build-dependencies for 64-bit kernel (fixes FTBFS) * linux-perf: Exclude perf-read-vdso* from shared library dependency check (fixes FTBFS on sparc64) * [x86] kexec: add -fno-PIE * wireless: Enable RTL8XXXU as module, replacement for R8723AU * netfilter: Enable NFT_SET_RBTREE and NFT_SET_HASH as modules, renamed from NFT_RBTREE and NFT_HASH * tcp: Enable TCP_CONG_BBR as module * [armel] Drop versatile flavour, which has been broken since version 4.5~rc4-1~exp1 * [x86] ethernet: Enable ENA_ETHERNET as module * [x86] efi: Prevent mixed mode boot corruption with CONFIG_VMAP_STACK=y * w1: Disable W1_MASTER_MATROX -- Ben Hutchings Mon, 14 Nov 2016 05:19:31 +0000 linux (4.9~rc3-1~exp1) experimental; urgency=medium * New upstream release candidate [ Ben Hutchings ] * [rt] Disable until it is updated for 4.9 or later * kbuild: add -fno-PIE (Closes: #841368) * Compile with gcc-6 on all architectures * debian/control: Fix build-dependency on openssl to work with new versions that have M-A: allowed (Closes: #839145) -- Ben Hutchings Thu, 03 Nov 2016 16:51:55 -0600 linux (4.8.15-2) unstable; urgency=medium [ Ben Hutchings ] * [x86] Enable INTEL_VBTN as module (Closes: #848967) * debian/control: Change build-dependency on asciidoc to prefer the new asciidoc-base, so we don't pull in LaTeX unnecessarily * [x86] Enable LEDS_DELL_NETBOOKS and DELL_SMBIOS as modules; re-enable DELL_LAPTOP and DELL_WMI as modules (Closes: #849674) * [powerpc*] boot: Request no dynamic linker for boot wrapper (Closes: #848851, FTBFS on ppc6el) * cpufreq: Enable CPU_FREQ_GOV_SCHEDUTIL as module * [x86] ACPI: Enable DPTF_POWER as module * [x86] perf: Enable PERF_EVENTS_AMD_POWER as module * [x86] perf: Change PERF_EVENTS_INTEL_{CSTATE,RAPL,UNCORE} from built-in to modules * PCI: Enable PCIE_DPC (except for armel/versatile) * [amd64] PCI: Enable PCI_HYPERV as module * inet: Enable INET_DIAG_DESTROY * tcp: Enable TCP_CONG_NV as module * ipv6: Enable IPV6_ILA as module * net/sched: Enable NET_CLS_MATCHALL, NET_ACT_IFE, NET_IFE_SKBMARK, NET_IFE_SKBPRIO as modules * hci_uart: Enable BT_HCIUART_AG6XX * nvme: Enable NVME_RDMA, NVME_TARGET, NVME_TARGET_RDMA as modules * [amd64] mic: Enable VOP_BUS and VOP as modules; re-enable INTEL_MIC_HOST as module * debian/control: Add Salvatore Bonaccorso to Uploaders * [rt] Update to 4.8.15-rt10 (no functional change) [ Salvatore Bonaccorso ] * sg_write()/bsg_write() is not fit to be called under KERNEL_DS (CVE-2016-10088) * kvm: nVMX: Allow L1 to intercept software exceptions (#BP and #OF) (CVE-2016-9588) -- Ben Hutchings Wed, 04 Jan 2017 19:39:36 +0000 linux (4.8.15-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.12 - [x86] iommu/vt-d: Fix PASID table allocation - [x86] iommu/vt-d: Fix IOMMU lookup for SR-IOV Virtual Functions - [x86] KVM: fix out-of-bounds access in lapic - [x86] KVM: x86: drop error recovery in em_jmp_far and em_ret_far (CVE-2016-9756) - [x86] KVM: fix out-of-bounds accesses of rtc_eoi map (CVE-2016-9777) - [x86] KVM: check for pic and ioapic presence before use - [arm64, armhf] usb: chipidea: move the lock initialization to core file - USB: serial: cp210x: add ID for the Zone DPMX - USB: serial: ftdi_sio: add support for TI CC3200 LaunchPad - scsi: mpt3sas: Fix secure erase premature termination - cfg80211: limit scan results cache size - apparmor: fix change_hat not finding hat after policy replacement - NFSv4.x: hide array-bounds warning - [x86] fpu: Fix invalid FPU ptrace state after execve() - [x86] traps: Ignore high word of regs->cs in early_fixup_exception() - perf/core: Fix address filter parser - perf/x86/intel: Cure bogus unwind from PEBS entries - [x86] thermal/powerclamp: add back module device table - [hppa/parisc] Fix races in parisc_setup_cache_timing() - [hppa/parisc] Switch to generic sched_clock implementation - [hppa/parisc] Fix race in pci-dma.c - [hppa/parisc] Also flush data TLB in flush_icache_page_asm - mpi: Fix NULL ptr dereference in mpi_powm() - X.509: Fix double free in x509_cert_parse() - xc2028: Fix use-after-free bug properly - [powerpc] Set missing wakeup bit in LPCR on POWER9 - [powerpc] mm: Fixup kernel read only mapping - [powerpc] boot: Fix the early OPAL console wrappers - can: bcm: fix support for CAN FD frames - mm, oom: stop pre-mature high-order OOM killer invocations - flow_dissect: call init_default_flow_dissectors() earlier - scsi: mpt3sas: Unblock device after controller reset https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.13 - libata-scsi: Fixup ata_gen_passthru_sense() - scsi: hpsa: use bus '3' for legacy HBA devices - scsi: libfc: fix seconds_since_last_reset miscalculation - mm, thp: propagation of conditional compilation in khugepaged.c - thp: fix corner case of munlock() of PTE-mapped THPs - zram: fix unbalanced idr management at hot removal - mm: fix false-positive WARN_ON() in truncate/invalidate for hugetlb - ovl: fix d_real() for stacked fs - Input: change KEY_DATA from 0x275 to 0x277 - Input: psmouse - disable automatic probing of BYD touchpads - rcu: Fix soft lockup for rcu_nocb_kthread - mm: workingset: fix NULL ptr in count_shadow_nodes - PCI: Export pcie_find_root_port - PCI: Set Read Completion Boundary to 128 iff Root Port supports it (_HPX) - mwifiex: printk() overflow with 32-byte SSIDs - [arm64] KVM: vgic: Don't notify EOI for non-SPIs - [x86] drm/i915: Don't touch NULL sg on i915_gem_object_get_pages_gtt() error - [x86] drm/i915: drop the struct_mutex when wedged or trying to reset - [x86] drm/amdgpu: fix power state when port pm is unavailable - drm/radeon: fix power state when port pm is unavailable - [x86] drm/amdgpu: fix check for port PM availability - drm/radeon: fix check for port PM availability - [arm64] dts: juno: fix cluster sleep state entry latency on all SoC versions - KVM: use after free in kvm_ioctl_create_device() - pwm: Fix device reference leak - [x86] perf: Restore TASK_SIZE check on frame pointer - [armhf] clk: sunxi: Fix M factor computation for APB1 - batman-adv: Detect missing primaryif during tp_send as error - [arm64] cpufeature: Schedule enable() calls instead of calling them via IPI - [arm64] mm: Set PSTATE.PAN from the cpu_enable_pan() call - [arm64] suspend: Reconfigure PSTATE after resume from idle https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14 - gro_cells: mark napi struct as not busy poll candidates - virtio-net: add a missing synchronize_net() - [armhf] net: dsa: b53: Fix VLAN usage and how we treat CPU port - net: check dead netns for peernet2id_alloc() - ip6_tunnel: disable caching when the traffic class is inherited - net: sky2: Fix shutdown crash - af_unix: conditionally use freezable blocking calls in read - rtnetlink: fix FDB size computation - l2tp: fix racy SOCK_ZAPPED flag check in l2tp_ip{,6}_bind() - rtnl: fix the loop index update error in rtnl_dump_ifinfo() - ipv6: bump genid when the IFA_F_TENTATIVE flag is clear - udplite: call proper backlog handlers - [armhf] net: dsa: bcm_sf2: Ensure we re-negotiate EEE during after link change - net, sched: respect rcu grace period on cls destruction - [armhf] net: dsa: fix unbalanced dsa_switch_tree reference counting - net/sched: pedit: make sure that offset is valid - netlink: Call cb->done from a worker thread - netlink: Do not schedule work from sk_destruct - net/dccp: fix use-after-free in dccp_invalid_packet - GSO: Reload iph after pskb_may_pull - packet: fix race condition in packet_set_ring (CVE-2016-8655) - ip6_offload: check segs for NULL in ipv6_gso_segment. - cdc_ether: Fix handling connection notification - tipc: check minimum bearer MTU (CVE-2016-8632) - geneve: avoid use-after-free of skb->data - net: avoid signed overflows for SO_{SND|RCV}BUFFORCE (CVE-2016-9793) - net: ping: check minimum size on ICMP header length (CVE-2016-8399) - ipv4: Restore fib_trie_flush_external function and fix call ordering - ipv4: Fix memory leak in exception case for splitting tries - ipv4: Drop leaf from suffix pull/push functions - ipv4: Drop suffix update from resize code - [sparc64] Fix find_node warning if numa node cannot be found - [sparc64] fix compile warning section mismatch in find_node() - [sparc] Fix inverted invalid_frame_pointer checks on sigreturns - constify iov_iter_count() and iter_is_iovec() - Don't feed anything but regular iovec's to blk_rq_map_user_iov (CVE-2016-9576) - ipv6: Set skb->protocol properly for local output - ipv4: Set skb->protocol properly for local output - Revert: "ip6_tunnel: Update skb->protocol to ETH_P_IPV6 in ip6_tnl_xmit()" - flowcache: Increase threshold for refusing new allocations - esp4: Fix integrity verification when ESN are used - esp6: Fix integrity verification when ESN are used https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.15 - [powerpc] eeh: Fix deadlock when PE frozen state can't be cleared - [powerpc] mm: Fix lazy icache flush on pre-POWER5 - [powerpc] boot: Fix build failure in 32-bit boot wrapper - fuse: fix clearing suid, sgid for chown() - [hppa/parisc] Purge TLB before setting PTE - [hppa/parisc] Remove unnecessary TLB purges from flush_dcache_page_asm and flush_icache_page_asm - [hppa/parisc] Fix TLB related boot crash on SMP machines - zram: restrict add/remove attributes to root only - locking/rtmutex: Prevent dequeue vs. unlock race - locking/rtmutex: Use READ_ONCE() in rt_mutex_owner() - device-dax: fix private mapping restriction, permit read-only - scsi: lpfc: fix oops/BUG in lpfc_sli_ringtxcmpl_put() - sched/autogroup: Fix 64-bit kernel nice level adjustment - [x86] perf: Fix full width counter, counter overflow - acpi, nfit: fix extended status translations for ACPI DSMs - acpi, nfit, libnvdimm: fix / harden ars_status output length handling - acpi, nfit: validate ars_status output buffer size - acpi, nfit: fix bus vs dimm confusion in xlat_status - [armel, armhf] crypto: marvell - Don't copy hash operation twice into the SRAM - crypto: caam - fix pointer size for AArch64 boot loader, AArch32 kernel - [armel, armhf] crypto: marvell - Don't corrupt state of an STD req for re-stepped ahash - can: raw: raw_setsockopt: limit number of can_filter that can be set - can: peak: fix bad memory access and free sequence - [armel] dts: orion5x: fix number of sata port for linkstation ls-gl (Closes: #845611) - ceph: don't set req->r_locked_dir in ceph_d_revalidate - [m68k] Fix ndelay() macro - batman-adv: Check for alloc errors when preparing TT local data - hotplug: Make register and unregister notifier API symmetric [ Uwe Kleine-König ] * [armhf] dts: armada-385: add support for Turris Omnia [ Salvatore Bonaccorso ] * Add ABI reference for 4.8.0-2 * Ignore ABI changes in KVM * net: handle no dst on skb in icmp6_send (CVE-2016-9919) * [rt] Update to 4.8.11-rt7 * [rt] Update to 4.8.14-rt9 * netfilter: ipv6: nf_defrag: drop mangled skb on ream error (CVE-2016-9755) * Ignore ABI changes in libnvdimm * docs: sphinx-extensions: make rstFlatTable work with docutils 0.13. Thanks to Dmitry Shachnev (Closes: #848349) [ Ben Hutchings ] * [amd64] Re-enable LEGACY_VSYSCALL_EMULATE instead of LEGACY_VSYSCALL_NONE. There are still binaries in stable that use vsyscall (via dietlibc). (Closes: #847154) * debian/rules.real: Exclude *.pyc from featureset diffs * debian/control: Fix build-dependency on flex to work with new versions that have M-A: foreign * debian/rules: Use dpkg-parsechangelog -S option to select fields * debian/rules: Tighten binNMU version matching, consistent with linux-latest -- Salvatore Bonaccorso Mon, 19 Dec 2016 12:35:29 +0100 linux (4.8.11-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.8 - net: fec: set mac address unconditionally - net: pktgen: fix pkt_size - net/sched: act_vlan: Push skb->data to mac_header prior calling skb_vlan_*() functions - net: Add netdev all_adj_list refcnt propagation to fix panic - packet: call fanout_release, while UNREGISTERING a netdev - netlink: do not enter direct reclaim from netlink_dump() - drivers/ptp: Fix kernel memory disclosure - net_sched: reorder pernet ops and act ops registrations - ipv6: tcp: restore IP6CB for pktoptions skbs - net: phy: Trigger state machine on state change and not polling. - ip6_tunnel: fix ip6_tnl_lookup - ipv6: correctly add local routes when lo goes up - IB/ipoib: move back IB LL address into the hard header - net/mlx4_en: fixup xdp tx irq to match rx - net: pktgen: remove rcu locking in pktgen_change_name() - bridge: multicast: restore perm router ports on multicast enable - switchdev: Execute bridge ndos only for bridge ports - rtnetlink: Add rtnexthop offload flag to compare mask - net: core: Correctly iterate over lower adjacency list - net: add recursion limit to GRO - ipv4: disable BH in set_ping_group_range() - ipv4: use the right lock for ping_group_range - net: fec: Call swap_buffer() prior to IP header alignment - net: sctp, forbid negative length - sctp: fix the panic caused by route update - udp: fix IP_CHECKSUM handling - [x86] netvsc: fix incorrect receive checksum offloading - net: ipv6: Do not consider link state for nexthop validation - net sched filters: fix notification of filter delete with proper handle - sctp: validate chunk len before actually using it (CVE-2016-9555) - ip6_tunnel: Update skb->protocol to ETH_P_IPV6 in ip6_tnl_xmit() - packet: on direct_xmit, limit tso and csum to supported devices - [powerpc] Update parameters for csum_tcpudp_magic & csum_tcpudp_nofold - [arm64, armhf] usb: dwc3: gadget: properly account queued requests - scsi: megaraid_sas: Fix data integrity failure for JBOD (passthrough) devices - scsi: megaraid_sas: fix macro MEGASAS_IS_LOGICAL to avoid regression https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.9 - ALSA: info: Return error for invalid read/write - ALSA: info: Limit the proc text input size - dib0700: fix nec repeat handling - mm, frontswap: make sure allocated frontswap map is assigned - shmem: fix pageflags after swapping DMA32 object - swapfile: fix memory corruption via malformed swapfile - mm: hwpoison: fix thp split handling in memory_failure() - mm/hugetlb: fix huge page reservation leak in private mapping error paths - coredump: fix unfreezable coredumping task - [s390x] hypfs: Use get_free_page() instead of kmalloc to ensure page alignment - PCI: Don't attempt to claim shadow copies of ROM - [x86] pinctrl: cherryview: Serialize register access in suspend/resume - [x86] pinctrl: cherryview: Prevent possible interrupt storm on resume - cpupower: Correct return type of cpu_power_is_cpu_online() in cpufreq-set - mmc: sdhci: Fix CMD line reset interfering with ongoing data transfer - mmc: sdhci: Fix unexpected data interrupt handling - mmc: mmc: Use 500ms as the default generic CMD6 timeout - [arm64, armhf] usb: dwc3: Fix error handling for core init - USB: cdc-acm: fix TIOCMIWAIT - usb: gadget: u_ether: remove interrupt throttling - drbd: Fix kernel_sendmsg() usage - potential NULL deref - cdc-acm: fix uninitialized variable - scsi: qla2xxx: Fix scsi scan hang triggered if adapter fails during init - scsi: mpt3sas: Fix for block device of raid exists even after deleting raid disk - scsi: scsi_dh_alua: fix missing kref_put() in alua_rtpg_work() - scsi: scsi_dh_alua: Fix a reference counting bug - [arm64] KVM: vgic: Prevent access to invalid SPIs - drm/radeon: disable runtime pm in certain cases - [x86] drm/i915: Respect alternate_ddc_pin for all DDI ports - [x86] drm/i915/dp: BDW cdclk fix for DP audio - [x86] drm/i915/dp: Extend BDW DP audio workaround to GEN9 platforms - [x86] drm/amdgpu: disable runtime pm in certain cases - xprtrdma: use complete() instead complete_all() - xprtrdma: Fix DMAR failure in frwr_op_map() after reconnect - [amd64] iommu/amd: Free domain id when free a domain of struct dma_ops_domain - [x86] iommu/vt-d: Fix dead-locks in disable_dmar_iommu() path - [x86] agp/intel: Flush chipset writes after updating a single PTE - watchdog: core: Fix devres_alloc() allocation size - perf top: Fix refreshing hierarchy entries on TUI - [x86] mei: bus: fix received data size check in NFC fixup - svcrdma: Skip put_page() when send_reply() fails - svcrdma: Tail iovec leaves an orphaned DMA mapping - nvme: Delete created IO queues on reset - [s390x] dumpstack: restore reliable indicator for call traces - hwrng: core - Don't use a stack buffer in add_early_randomness() - i40e: fix call of ndo_dflt_bridge_getlink() - [arm64] mmc: sdhci-msm: Fix error return code in sdhci_msm_probe() - [x86] ACPI / APEI: Fix incorrect return value of ghes_proc() - ACPI/PCI/IRQ: assign ISA IRQ directly during early boot stages - ACPI/PCI: pci_link: penalize SCI correctly - ACPI/PCI: pci_link: Include PIRQ_PENALTY_PCI_USING for ISA IRQs - batman-adv: Modify neigh_list only with rcu-list functions - [armel, armhf] gpio/mvebu: Use irq_domain_add_linear - ASoC: Intel: Skylake: Always acquire runtime pm ref on unload - [armhf] ASoC: sun4i-codec: return error code instead of NULL when create_card fails - memcg: prevent memcg caches to be both OFF_SLAB & OBJFREELIST_SLAB - libceph: fix legacy layout decode with pool 0 - [x86] drm/amdgpu: fix fence slab teardown - [x86] drm/amdgpu: fix a vm_flush fence leak - [x86] drm/i915: Fix mismatched INIT power domain disabling during suspend - netfilter: fix namespace handling in nf_log_proc_dostring https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.10 - dctcp: avoid bogus doubling of cwnd after loss - net: clear sk_err_soft in sk_clone_lock() - net: mangle zero checksum in skb_checksum_help() - ip6_tunnel: Clear IP6CB in ip6tunnel_xmit() - tcp: fix potential memory corruption - ipv4: allow local fragmentation in ip_finish_output_gso() - tcp: fix return value for partial writes - dccp: do not release listeners too soon - dccp: do not send reset to already closed sockets - dccp: fix out of bound access in dccp_v4_err() - ipv6: dccp: fix out of bound access in dccp_v6_err() - ipv6: dccp: add missing bind_conflict to dccp_ipv6_mapped - sctp: assign assoc_id earlier in __sctp_connect - bpf: fix htab map destruction when extra reserve is in use - net: icmp6_send should use dst dev to determine L3 domain - fib_trie: Correct /proc/net/route off by one error - sock: fix sendmmsg for partial sendmsg - net: icmp_route_lookup should use rt dev to determine L3 domain - net: __skb_flow_dissect() must cap its return value - ipv4: use new_gw for redirect neigh lookup - tcp: take care of truncations done by sk_filter() (CVE-2016-8645) - Revert "include/uapi/linux/atm_zatm.h: include linux/time.h" (Closes: #844491) - Revert "bnx2: Reset device during driver initialization" - bnx2: Wait for in-flight DMA to complete at probe stage - sctp: change sk state only when it has assocs in sctp_shutdown - [arm64, armhf] net: stmmac: Fix lack of link transition for fixed PHYs - [sparc] Handle negative offsets in arch_jump_label_transform - [sparc64] Handle extremely large kernel TSB range flushes sanely. - [sparc64] Fix illegal relative branches in hypervisor patched TLB code. - [sparc64] Fix instruction count in comment for __hypervisor_flush_tlb_pending. - [sparc64] Fix illegal relative branches in hypervisor patched TLB cross-call code. - [sparc64] Handle extremely large kernel TLB range flushes more gracefully. - [sparc64] Delete __ret_efault. - [sparc64] Prepare to move to more saner user copy exception handling. - [sparc64] Convert copy_in_user to accurate exception reporting. - [sparc64] Convert GENcopy_{from,to}_user to accurate exception reporting. - [sparc64] Convert U1copy_{from,to}_user to accurate exception reporting. - [sparc64] Convert NG4copy_{from,to}_user to accurate exception reporting. - [sparc64] Convert NGcopy_{from,to}_user to accurate exception reporting. - [sparc64] Convert NG2copy_{from,to}_user to accurate exception reporting. - [sparc64] Convert U3copy_{from,to}_user to accurate exception reporting. - [sparc64] Delete now unused user copy assembler helpers. - [sparc64] Delete now unused user copy fixup functions. - usb: gadget: f_fs: edit epfile->ep under lock - usb: gadget: f_fs: stop sleeping in ffs_func_eps_disable https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.11 - [x86] cpu/AMD: Fix cpu_llc_id for AMD Fam17h systems - [x86] KVM: fix missed SRCU usage in kvm_lapic_set_vapic_addr - [x86] KVM: Disable irq while unregistering user notifier - ftrace: Ignore FTRACE_FL_DISABLED while walking dyn_ftrace records - ftrace: Add more checks for FTRACE_FL_DISABLED in processing ip records - genirq: Use irq type from irqdata instead of irqdesc - fuse: fix fuse_write_end() if zero bytes were copied - IB/rdmavt: rdmavt can handle non aligned page maps - IB/hfi1: Fix rnr_timer addition - [x86] mfd: intel-lpss: Do not put device in reset state on suspend - [armhf] mfd: stmpe: Fix RESET regression on STMPE2401 - can: bcm: fix warning in bcm_connect/proc_register - gpio: do not double-check direction on sleeping chips - [x86] ALSA: usb-audio: Fix use-after-free of usb_device at disconnect - [x86] ALSA: hda - add a new condition to check if it is thinkpad - ALSA: hda - Fix mic regression by ASRock mobo fixup - [armhf] i2c: mux: fix up dependencies - [armhf] i2c: i2c-mux-pca954x: fix deselect enabling for device-tree - kbuild: add -fno-PIE - scripts/has-stack-protector: add -fno-PIE - x86/kexec: add -fno-PIE - kbuild: Steal gcc's pie from the very beginning - ext4: sanity check the block and cluster size at mount time - [armhf] dts: imx53-qsb: Fix regulator constraints - crypto: caam - do not register AES-XTS mode on LP units - [powerpc*] Fix setting of AIL in hypervisor mode - [x86] drm/amdgpu: Attach exclusive fence to prime exported bo's. - [x86] drm/i915: Refresh that status of MST capable connectors in ->detect() - [x86] drm/i915: Assume non-DP++ port if dvo_port is HDMI and there's no AUX ch specified in the VBT - virtio-net: drop legacy features in virtio 1 mode - [armhf] clk: imx: fix integer overflow in AV PLL round rate - [armhf] rtc: omap: Fix selecting external osc - iwlwifi: pcie: fix SPLC structure parsing - iwlwifi: pcie: mark command queue lock with separate lockdep class - iwlwifi: mvm: fix netdetect starting/stopping for unified images - iwlwifi: mvm: fix d3_test with unified D0/D3 images - iwlwifi: mvm: wake the wait queue when the RX sync counter is zero - mfd: core: Fix device reference leak in mfd_clone_cell - sunrpc: svc_age_temp_xprts_now should not call setsockopt non-tcp transports - uwb: fix device reference leaks - PM / sleep: fix device reference leak in test_suspend - PM / sleep: don't suspend parent when async child suspend_{noirq, late} fails - perf hists: Fix column length on --hierarchy - IB/mlx4: Check gid_index return value - IB/mlx4: Fix create CQ error flow - IB/mlx5: Validate requested RQT size - IB/mlx5: Use cache line size to select CQE stride - IB/mlx5: Fix memory leak in query device - IB/mlx5: Fix fatal error dispatching - IB/mlx5: Fix NULL pointer dereference on debug print - IB/core: Avoid unsigned int overflow in sg_alloc_table - IB/hfi1: Remove incorrect IS_ERR check - IB/uverbs: Fix leak of XRC target QPs - IB/cm: Mark stale CM id's whenever the mad agent was unregistered - netfilter: nft_dynset: fix element timeout for HZ != 1000 - [arm64, armhf] gpio: pca953x: Move memcpy into mutex lock for set multiple - [arm64, armhf] gpio: pca953x: Fix corruption of other gpios in set_multiple. [ Salvatore Bonaccorso ] * Bump ABI to 2 and remove ABI reference for 4.8.0-1 * xfs: Propagate dentry down to inode_change_ok() * ceph: Propagate dentry down to inode_change_ok() * fuse: Propagate dentry down to inode_change_ok() * fs: Give dentry to inode_change_ok() instead of inode * fs: Avoid premature clearing of capabilities (CVE-2015-1350) (Closes: #770492) * mpi: Fix NULL ptr dereference in mpi_powm() (CVE-2016-8650) * vfio/pci: Fix integer overflows, bitmask check (CVE-2016-9083 CVE-2016-9084) * mnt: Add a per mount namespace limit on the number of mounts (CVE-2016-6213) [ Ben Hutchings ] * [arm64] Enable more drivers for X-Gene (Really closes: #840061): - DMA: Enable XGENE_DMA as module - EDAC: Enable EDAC and EDAC_MM_EDAC, EDAC_XGENE as modules * [x86] video: Disable X86_SYSFB, FB_SIMPLE (Closes: #822575) -- Salvatore Bonaccorso Fri, 02 Dec 2016 06:35:22 +0100 linux (4.8.7-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.6 - [armhf,arm64] drm/vc4: Fix races when the CS reads from render targets. - [x86] drm/i915/backlight: setup and cache pwm alternate increment value - [x86] drm/i915/backlight: setup backlight pwm alternate increment on backlight enable - [x86] drm/amdgpu: fix IB alignment for UVD - [x86] drm/amdgpu/dce10: disable hpd on local panels - [x86] drm/amdgpu/dce8: disable hpd on local panels - [x86] drm/amdgpu/dce11: disable hpd on local panels - [x86] drm/amdgpu/dce11: add missing drm_mode_config_cleanup call - [x86] drm/amdgpu: initialize the context reset_counter in amdgpu_ctx_init - [x86] drm/amdgpu: change vblank_time's calculation method to reduce computational error. - drm/radeon: narrow asic_init for virtualization - drm/radeon/si/dpm: fix phase shedding setup - drm/radeon: change vblank_time's calculation method to reduce computational error. - [x86] drm/vmwgfx: Limit the user-space command buffer size - [x86] drm/amd/powerplay: fix mclk not switching back after multi-head was disabled - [x86] drm/i915/skl: Fix FIFO underrun (Closes: #844113) + Update plane watermarks atomically during plane updates + Move CRTC updating in atomic_commit into it's own hook + Update DDB values atomically with wms/plane attrs + Don't try to update plane watermarks if they haven't changed - [x86] drm/i915/gen9: only add the planes actually affected by ddb changes - [x86] drm/i915/gen9: fix the WaWmMemoryReadLatency implementation - [x86] drm/i915/gen9: minimum scanlines for Y tile is not always 4 - [x86] drm/i915/gen9: fix plane_blocks_per_line on watermarks calculations - [x86] drm/i915/gen9: fix the watermark res_blocks value - [x86] drm/i915: SAGV is not SKL-only, so rename a few things - [x86] drm/i915: introduce intel_has_sagv() - [x86] drm/i915/kbl: KBL also needs to run the SAGV code - [x86] Revert "drm/i915: Check live status before reading edid" - [x86] drm/i915: Account for TSEG size when determining 865G stolen base - [x86] drm/i915/skl: Ensure pipes with changed wms get added to the state - [x86] drm/i915: Allow PCH DPLL sharing regardless of DPLL_SDVO_HIGH_SPEED - [x86] drm/i915: Move long hpd handling into the hotplug work - [x86] drm/i915: Allow DP to work w/o EDID - [x86] drm/i915: Just clear the mmiodebug before a register access - [x86] drm/i915: Unalias obj->phys_handle and obj->userptr - rt2x00usb: Fix error return code - uio: fix dmem_region_start computation - i40e: remove a stray unlock - i40e: fix broken i40e_config_rss_aq function - mwifiex: correct aid value during tdls setup - mwifiex: fix failed to reconnect after interface disabled/enabled - ath10k: Add WMI_SERVICE_PERIODIC_CHAN_STAT_SUPPORT wmi service - ath10k: fix sending frame in management path in push txq logic - ath10k: fix reporting channel survey data - ath10k: fix throughput regression in multi client mode - [armel/marvell,armhf] crypto: marvell - Don't overwrite default creq->state during initialization - crypto: gcm - Fix IV buffer size in crypto_gcm_setkey - [armel/marvell,armhf] crypto: marvell - Update transformation context for each dequeued req - [x86] crypto: ccp - Fix return value check in ccp_dmaengine_register() - [armhf] hwrng: omap - Only fail if pm_runtime_get_sync returns < 0 - ASoC: topology: Fix error return code in soc_tplg_dapm_widget_create() - ASoC: dapm: Fix possible uninitialized variable in snd_soc_dapm_get_volsw() - ASoC: dapm: Fix value setting for _ENUM_DOUBLE MUX's second channel - ASoC: dapm: Fix kcontrol creation for output driver widget - staging: r8188eu: Fix scheduling while atomic splat - IB/qib: Remove qpt_mask global - IB/mlx5: Fix steering resource leak - mm/hugetlb: check for reserved hugepages during memory offline - mm/hugetlb: improve locking in dissolve_free_huge_pages() - [x86] drm/vmwgfx: Avoid validating views on view destruction - [s390x] cio: fix accidental interrupt enabling during resume - [s390x] con3270: fix use of uninitialised data - [s390x] con3270: fix insufficient space padding - [armhf,arm64] clk: bcm2835: Skip PLLC clocks when deciding on a new clock parent - [arm64] clk: gcc-msm8996: Fix pcie 2 pipe register offset - [arm64] clk: qcom: select GDSC for msm8996 gcc and mmcc - clk: Return errors from clk providers in __of_clk_get_from_provider() - clk: core: Force setting the phase delay when no change - clk: divider: Fix clk_divider_round_rate() to use clk_readl() - perf hists browser: Fix event group display - perf ui/tui: Reset output width for hierarchy - perf ui/stdio: Always reset output width for hierarchy - perf symbols: Check symbol_conf.allow_aliases for kallsyms loading too - perf symbols: Fixup symbol sizes before picking best ones - iwlwifi: check for valid ethernet address provided by OEM - iwlwifi: mvm: fix pending frames tracking on tx resp - iwlwifi: mvm: call a different txq_enable function - iwlwifi: mvm: free reserved queue on STA removal - iwlwifi: mvm: support BAR in reorder buffer - iwlwifi: mvm: disable P2P queue on mac context release - iwlwifi: mvm: bail out if CTDP start operation fails - [armhf,arm64] pinctrl: qcom: fix masking of pinmux functions - mpt3sas: Don't spam logs if logging level is 0 - [powerpc*] Always restore FPU/VEC/VSX if hardware transactional memory in use - [powerpc*] Add check_if_tm_restore_required() to giveup_all() - [powerpc*] nvram: Fix an incorrect partition merge - [powerpc*] Fix usage of _PAGE_RO in hugepage - [armhf] dts: omap3: overo: add missing unit name for lcd35 display - PCI: generic: Fix pci_remap_iospace() failure path - [armhf] PCI: tegra: Fix pci_remap_iospace() failure path - libnvdimm: clear the internal poison_list when clearing badblocks https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.7 - [armhf] i2c: rk3x: Give the tuning value 0 during rk3x_i2c_v0_calc_timings - i2c: core: fix NULL pointer dereference under race condition - drm/dp/mst: Clear port->pdt when tearing down the i2c adapter - gpio / ACPI: fix returned error from acpi_dev_gpio_irq_get() - gpio: GPIO_GET_CHIPINFO_IOCTL: Fix line offset validation - gpio: GPIO_GET_CHIPINFO_IOCTL: Fix information leak - gpio: GPIO_GET_LINEHANDLE_IOCTL: Validate line offset - gpio: GPIOHANDLE_GET_LINE_VALUES_IOCTL: Fix information leak - gpio: GPIO_GET_LINEEVENT_IOCTL: Validate line offset - gpio: GPIO_GET_LINEHANDLE_IOCTL: Reject invalid line flags - gpio: GPIO_GET_LINEEVENT_IOCTL: Reject invalid line and event flags - gpio: GPIOHANDLE_GET_LINE_VALUES_IOCTL: Fix another information leak - gpio: GPIO_GET_LINE{HANDLE,EVENT}_IOCTL: Fix file descriptor leak - libxfs: clean up _calc_dquots_per_chunk - mm/list_lru.c: avoid error-path NULL pointer deref - mm/slab: fix kmemcg cache creation delayed issue - mm: memcontrol: do not recurse in direct reclaim - [x86] thermal/powerclamp: correct cpu support check - KEYS: Fix short sprintf buffer in /proc/keys show function - ALSA: usb-audio: Add quirk for Syntek STK1160 - ALSA: seq: Fix time account regression - ALSA: hda - allow 40 bit DMA mask for NVidia devices - ALSA: hda - Adding a new group of pin cfg into ALC295 pin quirk table - ALSA: hda - Fix surround output pins for ASRock B150M mobo - ALSA: hda - Fix headset mic detection problem for two Dell laptops - [powerpc*] cxl: Fix leaking pid refs in some error paths - btrfs: fix races on root_log_ctx lists - [powerpc] Convert cmp to cmpd in idle enter sequence - [powerpc] mm/radix: Use tlbiel only if we ever ran on the current cpu - [powerpc] Re-fix race condition between going idle and entering guest - [powerpc] Fix race condition in setting lock bit in idle/wakeup code - [amd64] x86/microcode/AMD: Fix more fallout from CONFIG_RANDOMIZE_MEMORY=y - timers: Prevent base clock rewind when forwarding clock - timers: Prevent base clock corruption when forwarding - timers: Plug locking race vs. timer migration - timers: Lock base for same bucket optimization - mei: txe: don't clean an unprocessed interrupt cause. - USB: serial: fix potential NULL-dereference at probe - USB: serial: cp210x: fix tiocmget error handling - USB: serial: ftdi_sio: add support for Infineon TriBoard TC2X7 - xhci: use default USB_RESUME_TIMEOUT when resuming ports. - usb: increase ohci watchdog delay to 275 msec (Closes: #842863) - [powerpc] GenWQE: Fix bad page access during abort of resource allocation - [x86] smpboot: Init apic mapping before usage - vt: clear selection before resizing - [x86] hv: do not lose pending heartbeat vmbus packets - xhci: add restart quirk for Intel Wildcatpoint PCH - xhci: workaround for hosts missing CAS bit - tty: limit terminal size to 4M chars - [arm64] dts: marvell: fix clocksource for CP110 master SPI0 - dm: free io_barrier after blk_cleanup_queue call - [x86] KVM: fix wbinvd_dirty_mask use-after-free - [s390] KVM: Fix STHYI buffer alignment for diag224 - [armhf] mvebu: Select corediv clk for all mvebu v7 SoC - nfsd: Fix general protection fault in release_lock_stateid() - [mips*] KASLR: Fix handling of NULL FDT - ovl: fix get_acl() on tmpfs - ovl: update S_ISGID when setting posix ACLs - ovl: fsync after copy-up - virtio_ring: Make interrupt suppression spec compliant - virtio_pci: Limit DMA mask to 44 bits for legacy virtio devices - virtio: console: Unlock vqs while freeing buffers - dm mirror: fix read error on recovery after default leg failure - dm table: fix missing dm_put_target_type() in dm_table_add_target() - dm rq: clear kworker_task if kthread_run() returned an error - dm raid: fix compat_features validation (Closes: #843572) - dm raid: fix activation of existing raid4/10 devices - firewire: net: guard against rx buffer overflows (CVE-2016-8633) - firewire: net: fix fragmented datagram_size off-by-one - mac80211: discard multicast and 4-addr A-MSDUs - ath10k: cache calibration data when the core is stopped - scsi: scsi_debug: Fix memory leak if LBP enabled and module is unloaded - scsi: arcmsr: Send SYNCHRONIZE_CACHE command to firmware - [arm64, armhf] mmc: dw_mmc-pltfm: fix the potential NULL pointer dereference - RAID1: ignore discard error - RAID10: ignore discard error - md: be careful not lot leak internal curr_resync value into metadata. - Revert "drm/radeon: fix DP link training issue with second 4K monitor" - [armhf] drm/imx: ipuv3-plane: Switch EBA buffer only when we don't need modeset - [armhf] drm/imx: ipuv3-plane: Access old u/vbo properly in ->atomic_check for YU12/YV12 - drm/radeon/si_dpm: Limit clocks on HD86xx part - drm/radeon/si_dpm: workaround for SI kickers - drm/radeon: drop register readback in cayman_cp_int_cntl_setup - drm/nouveau/acpi: fix check for power resources support - drm/fb-helper: Don't call dirty callback for untouched clips - drm/fb-helper: Fix connector ref leak on error - drm/fb-helper: Keep references for the current set of used connectors - drm/i915/gen9: fix DDB partitioning for multi-screen cases - drm/i915/gen9: fix watermarks when using the pipe scaler - drm/dp/mst: Check peer device type before attempting EDID read - drm: Release reference from blob lookup after replacing property - drm/i915: Respect alternate_aux_channel for all DDI ports - drm/i915: Clean up DDI DDC/AUX CH sanitation - drm/i915/fbc: fix CFB size calculation for gen8+ - drm: i915: Wait for fences on new fb, not old - i2c: mark device nodes only in case of successful instantiation - netfilter: xt_NFLOG: fix unexpected truncated packet - [arm64, armhf] pwm: Unexport children before chip removal - [arm64, armhf] usb: dwc3: Fix size used in dma_free_coherent() - [arm64, armhf] usb: chipidea: host: fix NULL ptr dereference during shutdown - [armhf] usb: musb: Fix hardirq-safe hardirq-unsafe lock order error - tty: vt, fix bogus division in csi_J - [x86] kvm: Check memopp before dereference (CVE-2016-8630) - btrfs: qgroup: Prevent qgroup->reserved from going subzero - [x86] cpufreq: intel_pstate: Set P-state upfront in performance mode - HID: usbhid: add ATEN CS962 to list of quirky devices [ Ben Hutchings ] * debian/control: Fix build-dependency on openssl to work with new versions that have M-A: allowed (Closes: #839145) * [rt] Update to 4.8.6-rt5: - [i386] entry: Fix preempt_lazy_count check in resume_kernel() - sched: Use mmdrop_delayed() in sched_cpu_dying() - Revert "mm/zsmalloc: Use get/put_cpu_light in zs_map_object()/zs_unmap_object()" - mm/zsmalloc: copy with get_cpu_var() and locking - NFSv4: replace seqcount_t with a seqlock_t - ftrace: Fix trace header alignment - connector/cn_proc: Protect send_msg() with a local lock on RT - drivers/zram: Don't disable preemption in zcomp_stream_get/put() * HID: Enable HID_ALPS, HID_ASUS (Closes: #843085), HID_CMEDIA as modules * cpupower: Fix checks for CPU existence (Closes: #843071) * perf: Disable use of libcrypto (Closes: #843199) * IB: Enable INFINIBAND_RDMAVT as module, re-enabling INFINIBAND_HFI1 and INFINIBAND_QIB (Closes: #843792) * libcpupower-dev: Depend on libcpupower1 (Closes: #840852) * [arm64] Enable more drivers for X-Gene (Closes: #840061): - ipmi: Enable IPMI_HANDLER, IPMI_DEVICE_INTERFACE, IPMI_SSIF as modules - i2c: Enable I2C_XGENE_SLIMPRO as module - mailbox: Enable XGENE_SLIMPRO_MBOX as module * debian/control: Build-Depend on a recent debhelper instead of dh-systemd -- Ben Hutchings Sun, 13 Nov 2016 04:38:09 +0000 linux (4.8.5-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.5 - [x86] boot/smp: Don't try to poke disabled/non-existent APIC (Closes: #841850) - [x86] Input: i8042 - skip selftest on ASUS laptops - [x86] Input: elantech - add Fujitsu Lifebook E556 to force crc_enabled (Closes: #835160) [ Ben Hutchings ] * cpufreq: Re-enable CPU_FREQ_STAT, which can no longer be modular * [armhf] dts: imx53: add support for USB armory board (Closes: #840137) * kconfig: Renumber SYMBOL_NEW, fixing regression of allnoconfig (Closes: #841357) * netfilter: xt_NFLOG: fix unexpected truncated packet (Closes: #841261) * Set ABI to 1 -- Ben Hutchings Fri, 28 Oct 2016 20:34:09 +0100 linux (4.8.4-1~exp1) experimental; urgency=medium * New upstream release: https://kernelnewbies.org/Linux_4.8 * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.1 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.2 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.4 [ Ben Hutchings ] * [amd64] Enable LEGACY_VSYSCALL_NONE instead of LEGACY_VSYSCALL_EMULATE. This breaks (e)glibc 2.13 and earlier, and can be reverted using the kernel parameter: vsyscall=emulate * [arm*] Enable STRICT_DEVMEM * [arm*,powerpc*,s390x,x86] Enable IO_STRICT_DEVMEM. This breaks dosemu and some old graphics drivers, and can be reverted using the kernel parameter: iomem=relaxed * [mips*] Enable RANDOMIZE_BASE and RELOCATABLE. * Enable SLAB_FREELIST_RANDOM * [arm*,powerpc*,s390x,sparc64,x86] Enable HARDENED_USERCOPY * security,perf: Replace GRKERNSEC_PERF_HARDEN patch with the version submitted upstream * [amd64] Enable RANDOMIZE_MEMORY * [powerpc*/*64*] Enable OPAL_PRD, MTD, MTD_POWERNV_FLASH as modules (Closes: #838604, #838605) * security,printk: Enable SECURITY_DMESG_RESTRICT, preventing non-root users reading the kernel log by default (sysctl: kernel.dmesg_restrict) * bug script: Optionally use sudo to read a restricted kernel log, and fall back to writing a placeholder * [rt] Update to 4.8.2-rt2 and re-enable * aufs: Update support patchest to aufs4.8-20161010 (no functional change) [ Aurelien Jarno ] * [arm64] Enable SERIAL_8250_EXTENDED, SERIAL_8250_SHARE_IRQ and SERIAL_8250_BCM2835AUX, needed for Raspberry Pi 3. -- Ben Hutchings Sun, 23 Oct 2016 17:21:13 +0100 linux (4.8~rc8-1~exp1) experimental; urgency=medium * New upstream release candidate [ Héctor Orón ] * [arm64] Enable ACPI, ARM64_VA_BITS_48 (Closes: #834505) [ Ben Hutchings ] * Fix some new reproducibility issues: - linux-source: Exclude Python bytecode generated when running Sphinx - Set -fdebug-prefix-map=... in compiler options for kernel and userland - linux-headers: Stop including unused arch/*/kernel/asm-offsets.s files * linux-doc: Exclude Sphinx support code and Makefiles * [arm64] mm: Limit TASK_SIZE_64 for compatibility * [armhf] udeb: Replace dwmac-socfpga with dwmac-altr-socfpga in nic-modules (Closes: #837110, thanks to Vagrant Cascadian) * [armhf] Enable drivers for ASUS Chromebook C201 (veyron-speedy): MFD_RK808, POWER_AVS, POWER_RESET_GPIO_RESTART, RTC_DRV_RK808, ROCKCHIP_PM_DOMAINS as built-in; DRM_PANEL_SIMPLE, ROCKCHIP_ANALOGIX_DP, ROCKCHIP_DW_MIPI_DSI, I2C_CROS_EC_TUNNEL, KEYBOARD_CROS_EC, OUSE_ELAN_I2C, MFD_CROS_EC, MFD_CROS_EC_SPI, MFD_RK808, PHY_ROCKCHIP_EMMC, PHY_ROCKCHIP_DP, BATTERY_SBS, CHARGER_GPIO, REGULATOR_RK808, BACKLIGHT_PWM as modules (Closes: #836251, thanks to Vagrant Cascadian) * [armhf] dsa: Enable drivers for Lamobo R1 (aka BPi-R1): B53, B53_MDIO_DRIVER as modules (Closes: #836231, thanks to Vagrant Cascadian) * [armhf] media: Enable VIDEO_V4L2_SUBDEV_API and VIDEO_OMAP3 as module -- Ben Hutchings Mon, 26 Sep 2016 04:27:06 +0100 linux (4.8~rc5-1~exp1) experimental; urgency=medium * New upstream release candidate [ Martin Michlmayr ] * [arm64] Enable more Tegra options: TEGRA_ACONNECT. * [arm64] Enable more QCOM options: MSM_GCC_8996, MSM_MMCC_8996, QCOM_HIDMA, QCOM_HIDMA_MGMT, PCIE_QCOM, PINCTRL_MSM8996, QCOM_Q6V5_PIL. * [arm64] Enable support for BCM2837 (Raspberry Pi 3): - Enable ARCH_BCM2835, DMA_BCM2835, BCM2835_MBOX, RASPBERRYPI_FIRMWARE, RASPBERRYPI_POWER - Enable DRM_VC4, I2C_BCM2835, PWM_BCM2835, SPI_BCM2835, SPI_BCM2835AUX, BCM2835_WDT, SND_BCM2835_SOC_I2S, MMC_SDHCI_IPROC, HW_RANDOM_BCM2835 as modules * [arm64] Enable USB_DWC2 and USB_DWC3. * [arm64] Enable more HISI options: MFD_HI655X_PMIC, REGULATOR_HI655X, STUB_CLK_HI6220, HI6220_MBOX, COMMON_RESET_HI6220, PHY_HI6220_USB, HW_RANDOM_HISI, DRM_HISI_KIRIN, INPUT_HISI_POWERKEY, PCI_HISI, SPI_HISI_SFC, SCSI_HISI_SAS (Closes: #821027). * [arm64] Enable TI WLAN (WLAN_VENDOR_TI): WL1251, WL12XX, WL18XX * [arm64] Enable Hisilicon Ethernet devices: HIX5HD2_GMAC, HISI_FEMAC, HIP04_ETH, HNS_MDIO, HNS, HNS_DSAF, HNS_ENET, MDIO_HISI_FEMAC [ Ben Hutchings ] * Update config for 4.8: - Enable HID_LED as module instead of USB_LED - Enable BH1780 as module instead of SENSORS_BH1780 - [alpha] Enable RTC_CLASS and RTC_DRV_ALPHA instead of GEN_RTC - [armhf] Rename omapdrm display config symbols - [armhf] Enable IIO_ST_ACCEL_3AXIS as module instead of LIS3L02DQ - [hppa] Enable RTC_CLASS and RTC_DRV_GENERIC instead of GEN_RTC * liblockdep: Stop trying to build packages, as it failed to build again * linux-doc: Build and install HTML pages from reStructuredText sources - Add python-sphinx and python-sphinx-rtd-theme to Build-Depends-Indep - Install files from both HTML output directories into the package - Exclude RST sources from the package -- Ben Hutchings Wed, 07 Sep 2016 21:52:47 +0100 linux (4.7.8-1) unstable; urgency=high * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.7 - cpuset: handle race between CPU hotplug and cpuset_hotplug_work - cgroup: fix invalid controller enable rejections with cgroup namespace - scripts/recordmcount.c: account for .softirqentry.text - mm,ksm: fix endless looping in allocating memory when ksm enable - can: dev: fix deadlock reported after bus-off - [x86] init: Fix cr4_init_shadow() on CR4-less machines - drm/udl: fix line iterator in damage handling - drm/nouveau/fifo/nv04: avoid ramht race against cookie insertion - drm/radeon/si/dpm: add workaround for for Jet parts - [armel,armhf] 8616/1: dt: Respect property size when parsing CPUs - [armel,armhf] 8617/1: dma: fix dma_max_pfn() - mwifiex: illegal assignment - i40e: avoid null pointer dereference - pinctrl: Flag strict is a field in struct pinmux_ops - i2c: mux: demux-pinctrl: run properly with multiple instances - rcuperf: Don't treat gp_exp mis-setting as a WARN - [armhf,arm64] drivers/perf: arm_pmu: Fix leak in error path - perf/core: Use this_cpu_ptr() when stopping AUX events - [armhf,arm64] mmc: tegra: Only advertise UHS modes if IO regulator is present - nvmem: Declare nvmem_cell_read() consistently - hwmon: (adt7411) set bit 3 in CFG1 register - sched/cputime: Fix prev steal time accouting during CPU hotplug - iwlwifi: mvm: checksum IPv6 fragmented packet - iwlwifi: mvm: fix txq aggregation bug - iwlwifi: mvm: write the correct internal TXF index - iwlwifi: mvm: unmap the paging memory before freeing it - iwlwifi: pcie: fix access to scratch buffer - iwlwifi: mvm: free RX reorder buffer on restart - iwlwifi: mvm: avoid harmless -Wmaybe-uninialized warning - iwlwifi: mvm: don't use ret when not initialised - [armhf] usb: gadget: fsl_qe_udc: signedness bug in qe_get_frame() - mac80211: check skb_linearize() return value - i40iw: Protect req_resource_num update - i40iw: Add missing check for interface already open - i40iw: Change mem_resources pointer to a u8 - i40iw: Fix double free of allocated_buffer - i40iw: Do not set self-referencing pointer to NULL after kfree - i40iw: Avoid writing to freed memory - i40iw: Add missing NULL check for MPA private data - i40iw: Send last streaming mode message for loopback connections - i40iw: Update hw_iwarp_state - i40iw: Receive notification events correctly - batman-adv: Add missing refcnt for last_candidate - batman-adv: fix elp packet data reservation - [armhf,arm64] irqchip/gicv3: Silence noisy DEBUG_PER_CPU_MAPS warning - [armhf] 8618/1: decompressor: reset ttbcr fields to use TTBR0 on ARMv7 - [arm64] debug: avoid resetting stepping state machine when TIF_SINGLESTEP - [mips*] uprobes: remove incorrect set_orig_insn - [mips*] fix uretprobe implementation - [mips*/*-malta] Fix IOCU disable switch read for MIPS64 - [mips*] uprobes: fix use of uninitialised variable - printk: fix parsing of "brl=" option - Bluetooth: split sk_filter in l2cap_sock_recv_cb - tpm: fix byte-order for the value read by tpm2_get_tpm_pt - regulator: pwm: Fix regulator ramp delay for continuous mode - [arm64] regulator: qcom_spmi: Add support for S4 supply on pm8941 - [arm64] regulator: qcom_spmi: Add support for get_mode/set_mode on switches - [arm64] regulator: qcom_spmi: Update mvs1/mvs2 switches on pm8941 - [arm64] regulator: qcom_smd: Fix voltage ranges for pm8x41 - [arm64] regulator: qcom_smd: Fix voltage ranges for pma8084 ftsmps and pldo - [armhf] dts: imx6sx-sabreauto: Fix misspelled property - [armhf] sun5i: Fix typo in trip point temperature - pcmcia: ds: fix suspend/resume - [armhf] hwrng: omap - Fix assumption that runtime_get_sync will always succeed - blk-mq: actually hook up defer list when running requests - pstore: drop file opened reference count - fm10k: fix incorrect index calculation in fm10k_write_reta - iwlmvm: mvm: set correct state in smart-fifo configuration - [armhf,arm64] em28xx-i2c: rt_mutex_trylock() returns zero on failure - gspca: avoid unused variable warnings - ath9k: Fix programming of minCCA power threshold - qla2xxx: Fix BBCR offset - fnic: pci_dma_mapping_error() doesn't return an error code - tracing: Have HIST_TRIGGERS select TRACING - NFS/pnfs: Do not clobber existing pgio_done_cb in nfs4_proc_read_setup - svc: Avoid garbage replies when pc_func() returns rpc_drop_reply - NFS: Don't drop CB requests with invalid principals - pNFS/files: Fix layoutcommit after a commit to DS - pNFS/flexfiles: Fix layoutcommit after a commit to DS - watchdog: core: Clear WDOG_HW_RUNNING before calling the stop function - xprtrdma: Remove FMRs from the unmap list after unmapping - [x86] ASoC: Intel: Skylake: Fix error return code in skl_probe() - brcmfmac: Fix glob_skb leak in brcmf_sdiod_recv_chain - brcmsmac: Free packet if dma_mapping_error() fails in dma_rxfill - brcmsmac: Initialize power in brcms_c_stf_ss_algo_channel_get() - [powerpc*] prom: Fix sub-processor option passed to ibm, client-architecture-support - sysctl: handle error writing UINT_MAX to u32 fields - IB/core: Fix possible memory leak in cma_resolve_iboe_route() - kernel/fork: fix CLONE_CHILD_CLEARTID regression in nscd - SUNRPC: Silence WARN_ON when NFSv4.1 over RDMA is in use - pNFS/flexfiles: Fix layoutstat periodic reporting - lib/test_hash.c: fix warning in preprocessor symbol evaluation - [x86] KVM: nVMX: postpone VMCS changes on MSR_IA32_APICBASE write - ceph: do not modify fi->frag in need_reset_readdir() - IB/ipoib: Fix memory corruption in ipoib cm mode connect flow - ath10k: fix get rx_status from htt context - IB/core: Fix use after free in send_leave function - regmap: rbtree: Avoid overlapping nodes - scsi: ses: use scsi_is_sas_rphy instead of is_sas_attached - IB/ipoib: Don't allow MC joins during light MC flush - IB/mlx4: Fix incorrect MC join state bit-masking on SR-IOV - IB/mlx4: Fix code indentation in QP1 MAD flow - IB/mlx4: Use correct subnet-prefix in QP1 mads under SR-IOV - IB/mlx5: Enable MAD_IFC commands for IB ports only - IB/mlx5: Set source mac address in FTE - batman-adv: remove unused callback from batadv_algo_ops struct - aio: mark AIO pseudo-fs noexec - dm log writes: fix bug with too large bios - usb: misc: legousbtower: Fix NULL pointer deference - [x86] usb: usbip: vudc: fix left shift overflow - Revert "usbtmc: convert to devm_kzalloc" - [x86] ALSA: hda - Adding one more ALC255 pin definition for headset problem - [x86] ALSA: hda - Fix headset mic detection problem for several Dell laptops - [x86] ALSA: hda - Add the top speaker pin config for HP Spectre x360 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.8 - [powerpc*] pseries: use pci_host_bridge.release_fn() to kfree(phb) - [powerpc*] cxl: use pcibios_free_controller_deferred() when removing vPHBs - timekeeping: Fix __ktime_get_fast_ns() regression - ALSA: ali5451: Fix out-of-bound position reporting - ALSA: usb-audio: Extend DragonFly dB scale quirk to cover other variants - mfd: rtsx_usb: Avoid setting ucr->current_sg.status - [x86] xen: Update topology map for PV VCPUs - [powerpc*] KVM: PPC: Book3s PR: Allow access to unprivileged MMCR2 register - [arm64] KVM: arm64: Require in-kernel irqchip for PMU support - [arm64] KVM: arm/arm64: vgic: Don't flush/sync without a working vgic - [powerpc*] KVM: PPC: BookE: Fix a sanity check - [arm64] fix dump_backtrace/unwind_frame with NULL tsk - [x86] boot: Fix kdump, cleanup aborted E820_PRAM max_pfn manipulation - [x86] irq: Prevent force migration of irqs which are not in the vector domain - [x86] apic: Get rid of apic_version[] array - [x86] arch/x86: Handle non enumerated CPU after physical hotplug - [x86] dumpstack: Fix x86_32 kernel_stack_pointer() previous stack access - [armhf] dts: mvebu: armada-390: add missing compatibility string and bracket - [arm64] dts: MSM8064 remove flags from SPMI/MPP IRQs - [arm64] cpuidle: Fix error return code - [x86] tpm: fix a race condition in tpm2_unseal_trusted() - [x86] tpm_crb: fix crb_req_canceled behavior [ Ben Hutchings ] * net: add recursion limit to GRO (CVE-2016-7039) * posix_acl: Clear SGID bit when setting file permissions (CVE-2016-7097) * scsi: arcmsr: Buffer overflow in arcmsr_iop_message_xfer() (CVE-2016-7425) [ Salvatore Bonaccorso ] * KEYS: Fix short sprintf buffer in /proc/keys show function (CVE-2016-7042) * mm: remove gup_flags FOLL_WRITE games from __get_user_pages() (CVE-2016-5195) -- Salvatore Bonaccorso Wed, 19 Oct 2016 17:56:57 +0200 linux (4.7.6-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.6 - [arm64] crypto: arm64/aes-ctr - fix NULL dereference in tail processing - [armhf] crypto: arm/aes-ctr - fix NULL dereference in tail processing - crypto: skcipher - Fix blkcipher walk OOM crash - crypto: echainiv - Replace chaining with multiplication - ocfs2/dlm: fix race between convert and migration - ocfs2: fix start offset to ocfs2_zero_range_for_truncate() - Revert "ocfs2: bump up o2cb network protocol version" - autofs: use dentry flags to block walks during expire - xfs: prevent dropping ioend completions during buftarg wait - mm: fix the page_swap_info() BUG_ON check - fsnotify: add a way to stop queueing events on group shutdown - fanotify: fix list corruption in fanotify_get_response() - mm: memcontrol: make per-cpu charge cache IRQ-safe for socket accounting - cgroup: duplicate cgroup reference when cloning sockets - fix fault_in_multipages_...() on architectures with no-op access_ok() - KEYS: Fix skcipher IV clobbering - [arm64] Call numa_store_cpu_info() earlier. - configfs: Return -EFBIG from configfs_write_bin_file. - [armhf] mtd: nand: mxc: fix obiwan error in mxc_nand_v[12]_ooblayout_free() functions - mtd: spi-nor: fix wrong "fully unlocked" test - reset: Return -ENOTSUPP when not configured - rtc: ds1307: Fix relying on reset value for weekday - [arm64] power: reset: hisi-reboot: Unmap region obtained by of_iomap - mac80211: reject TSPEC TIDs (TSIDs) for aggregation - fix memory leaks in tracing_buffers_splice_read() - tracing: Move mutex to protect against resetting of seq data - mm: delete unnecessary and unsafe init_tlb_ubc() - iwlwifi: mvm: update TX queue before making a copy of the skb - nl80211: validate number of probe response CSA counters - btrfs: ensure that file descriptor used with subvol ioctls is a dir - [x86] efi: Only map RAM into EFI page tables if in mixed-mode - [x86] i2c-eg20t: fix race between i2c init and interrupt enable - [armhf] i2c: mux: pca954x: retry updating the mux selection on failure - [arm64] i2c: qup: skip qup_i2c_suspend if the device is already runtime suspended - [mips*] SMP: Fix possibility of deadlock when bringing CPUs online - [mips*] Avoid a BUG warning during prctl(PR_SET_FP_MODE, ...) - [mips*] Add a missing ".set pop" in an early commit - [x86] mm/pat: Prevent hang during boot when mapping pages - libceph: add an ONSTACK initializer for oids - ceph: fix symbol versioning for ceph_monc_do_statfs - ceph: Correctly return NXIO errors from ceph_llseek - libceph: fix return value check in alloc_msg_with_page_vector() - PM / hibernate: Restore processor state before using per-CPU variables - PM / hibernate: Fix rtree_next_node() to avoid walking off list ends - ixgbe: Force VLNCTRL.VFE to be set in all VMDq paths - ixgbe: Re-enable ability to toggle VLAN filtering - igb: fix adjusting PTP timestamps for Tx/Rx latency - [armhf,arm64] soc/tegra: pmc: Don't probe PMC if early initialisation fails - qxl: check for kmap failures - hostfs: Freeing an ERR_PTR in hostfs_fill_sb_common() - iw_cxgb4: stop MPA_REPLY timer when disconnecting [ Ben Hutchings ] * debian/bin/gencontrol.py: Fix cross-build-dependencies if invoked under dpkg-buildpackage * linux-image: Exclude vmlinux from stripping by dh_strip (fixes FTBFS on hppa) * udeb: Fold core-modules into kernel-image * udeb: Move nls_utf8 from fat-modules to kernel-image, as many other filesystems need it but vfat no longer does * of_mdio: Enable fixed PHY support if driver is a module * of_mdio: select fixed phy support unconditionally * [armhf] Enable driver for SolidRun ClearFog: USB_XHCI_MVEBU as module * mm: memcontrol: use special workqueue for creating per-memcg caches [ Cyril Brulebois ] * Add nls_ascii to the fat-modules udeb, following the change of iocharset default in 4.7.2-1. This fixes a regression with EFI-related mounts within the Debian Installer. (Closes: #839552) -- Ben Hutchings Fri, 07 Oct 2016 02:11:50 +0100 linux (4.7.5-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.5 - [armhf] clocksource/drivers/sun4i: Clear interrupts after stopping timer in probe function - fscrypto: require write access to mount to set encryption policy - [arm64] drm/msm: protect against faults from copy_from_user() in submit ioctl - bpf: fix method of PTR_TO_PACKET reg id generation - ipv4: panic in leaf_walk_rcu due to stale node pointer - vti: flush x-netns xfrm cache when vti interface is removed - bpf: fix write helpers with regards to non-linear parts - net/irda: handle iriap_register_lsap() allocation failure - net/sctp: always initialise sctp_ht_iter::start_fail - net: ipv6: Do not keep IPv6 addresses when IPv6 is disabled - tipc: fix NULL pointer dereference in shutdown() - net/mlx5: Fix pci error recovery flow - net/mlx5: Added missing check of msg length in verifying its signature - net/mlx5e: Use correct flow dissector key on flower offloading - net sched: fix encoding to use real length - udp: fix poll() issue with zero sized packets - tcp: properly scale window in tcp_v[46]_reqsk_send_ack() - sctp: fix overrun in sctp_diag_dump_one() - tun: fix transmit timestamp support - [armhf] net: dsa: bcm_sf2: Fix race condition while unmasking interrupts - Revert "phy: IRQ cannot be shared" - net: smc91x: fix SMC accesses - bridge: re-introduce 'fix parsing of MLDv2 reports' - bonding: Fix bonding crash - Revert "af_unix: Fix splice-bind deadlock" - af_unix: split 'u->readlock' into two: 'iolock' and 'bindlock' - ipv6: release dst in ping_v6_sendmsg - [arm64] bnxt_en: Fix TX push operation on ARM64. - ipv6: addrconf: fix dev refcont leak when DAD failed - tcp: fastopen: avoid negative sk_forward_alloc - net/mlx5e: Fix parsing of vlan packets when updating lro header - tcp: cwnd does not increase in TCP YeAH - [powerpc*] tm: do not use r13 for tabort_syscall - [powerpc*] powernv : Drop reference added by kset_find_obj() - [powerpc*] sysdev: cpm: fix gpio save_regs functions - [powerpc*] mm: Don't alias user region to other regions below PAGE_OFFSET - [powerpc*] powernv: Fix corrupted PE allocation bitmap on releasing PE - kernfs: don't depend on d_find_any_alias() when generating notifications - pNFS/flexfiles: Fix an Oopsable condition when connection to the DS fails - pNFS: The client must not do I/O to the DS if it's lease has expired - NFSv4.1: Fix Oopsable condition in server callback races - NFSv4.x: Fix a refcount leak in nfs_callback_up_net - nfsd: Close race between nfsd4_release_lockowner and nfsd4_lock - pNFS: Ensure LAYOUTGET and LAYOUTRETURN are properly serialised - NFSv4.1: Fix the CREATE_SESSION slot number accounting - kexec: fix double-free when failing to relocate the purgatory - mm, mempolicy: task->mempolicy must be NULL before dropping final reference - ahci: disable correct irq for dummy ports - audit: fix exe_file access in audit_exe_compare - dm flakey: fix reads to be issued if drop_writes configured - IB/hfi1,IB/qib: Fix qp_stats sleep with rcu read lock held - IB/uverbs: Fix race between uverbs_close and remove_one - IB/hfi1: Reset QSFP on every run through channel tuning - [amd64] mm: fix cache mode of dax pmd mappings - [x86] paravirt: Do not trace _paravirt_ident_*() functions - [x86] AMD: Apply erratum 665 on machines without a BIOS fix - [s390x] KVM: don't use current->thread.fpu.* when accessing registers - [armhf,arm64] kvm-arm: Unmap shadow pagetables properly - [x86] kvm: correctly reset dest_map->vector when restoring LAPIC state - iio: sw-trigger: Fix config group initialization - [armhf] iio: adc: rockchip_saradc: reset saradc controller before programming it - [armhf] iio: adc: ti_am335x_adc: Protect FIFO1 from concurrent access - [armhf] iio: adc: ti_am335x_adc: Increase timeout value waiting for ADC sample - iio:ti-ads1015: fix a wrong pointer definition. - [x86] iio: accel: bmc150: reset chip at init time - iio: fix pressure data output unit in hid-sensor-attributes - iio:core: fix IIO_VAL_FRACTIONAL sign handling - iio: ensure ret is initialized to zero before entering do loop - serial: 8250_mid: fix divide error bug if baud rate is 0 - serial: 8250: added acces i/o products quad and octal serial cards - [armhf,arm64] usb: chipidea: udc: fix NULL ptr dereference in isr_setup_status_phase - USB: change bInterval default to 10 ms - devpts: return NULL pts 'priv' entry for non-devpts nodes - cpuset: make sure new tasks conform to the current config of the cpuset - [armhf] dts: rockchip: add reset node for the exist saradc SoCs - [armhf] imx6: add missing BM_CLPCR_BYP_MMDC_CH0_LPM_HS setting for imx6ul - [armhf] imx6: add missing BM_CLPCR_BYPASS_PMIC_READY setting for imx6sx - [armel] kirkwood: ib62x0: fix size of u-boot environment partition - [armhf] OMAP3: hwmod data: Add sysc information for DSI - [armel] dts: kirkwood: Fix PCIe label on OpenRD - [armhf] dts: imx6qdl: Fix SPDIF regression - [armhf] dts: armada-388-clearfog: number LAN ports properly - dm log writes: fix check of kthread_run() return value - dm crypt: fix free of bad values after tfm allocation failure - dm log writes: move IO accounting earlier to fix error path - dm crypt: fix error with too large bios - [armhf] pinctrl: sunxi: fix uart1 CTS/RTS pins at PG on A23/A33 - [armhf] memory: omap-gpmc: allow probe of child nodes to fail - [arm64] spinlocks: implement smp_mb__before_spinlock() as smp_mb() - crypto: cryptd - initialize child shash_desc on import - Btrfs: remove root_log_ctx from ctx list before btrfs_sync_log returns - fuse: direct-io: don't dirty ITER_BVEC pages - xhci: fix null pointer dereference in stop command timeout function - brcmfmac: avoid potential stack overflow in brcmf_cfg80211_start_ap() - md-cluster: make md-cluster also can work when compiled into kernel - ath9k: fix using sta->drv_priv before initializing it - ath9k: bring back direction setting in ath9k_{start_stop} - [x86] perf/intel: Fix PEBSv3 record drain - [x86] perf/intel/cqm: Check cqm/mbm enabled state in event init - [x86] perf/amd: Make HW_CACHE_REFERENCES and HW_CACHE_MISSES measure L2 - [x86] perf/intel/pt: Fix an off-by-one in address filter configuration - [x86] perf/intel/pt: Fix kernel address filter's offset validation - [x86] perf/intel/pt: Do validate the size of a kernel address filter - Revert "wext: Fix 32 bit iwpriv compatibility issue with 64 bit Kernel" - sched/core: Fix a race between try_to_wake_up() and a woken up task - ipv6: Don't unset flowi6_proto in ipxip6_tnl_xmit() - efi: Make for_each_efi_memory_desc_in_map() cope with running on Xen - efi/libstub: Allocate headspace in efi_get_memory_map() - efi/libstub: Introduce ExitBootServices helper - efi/libstub: Use efi_exit_boot_services() in FDT - [x86] efi: Use efi_exit_boot_services() - [powerpc,powerpcspe] Fix csum_partial_copy_generic() - [powerpc,powerpcspe] Fix again csum_partial_copy_generic() - [x86] drm/i915: Ignore OpRegion panel type except on select machines - [x86] drm: Only use compat ioctl for addfb2 on X86/IA64 - svcauth_gss: Revert 64c59a3726f2 ("Remove unnecessary allocation") - genirq: Provide irq_gc_{lock_irqsave,unlock_irqrestore}() helpers - fix iov_iter_fault_in_readable() - [x86] fix minor infoleak in get_user_ex() - [s390x] get_user() should zero on failure - asm-generic: make get_user() clear the destination on errors - asm-generic: make copy_from_user() zero the destination properly - [alpha,hppa,mips*,powerpc,powerpcspe,sh4] make copy_from_user() zero the destination properly [ Ben Hutchings ] * [hppa,mips*,powerpc*] linux-image: Strip debug symbols from vmlinux (really closes: #837588) * [hppa] tracing: Re-enable FTRACE * [powerpc,powerpcspe,ppc64] linux-image: Suppress automatic dbgsym packages * uaccess,uio: Fix ABI changes in 4.7.5 * ext4: Fix checksum validation for inodes with small i_extra_isize (Closes: #838544, regression in 4.7.4) -- Ben Hutchings Mon, 26 Sep 2016 01:48:21 +0100 linux (4.7.4-2) unstable; urgency=medium * [arm64] Revert "arm64: Define AT_VECTOR_SIZE_ARCH for ARCH_DLINFO" (fixes FTBFS) * [armhf] media: Disable VIDEO_V4L2_SUBDEV_API and VIDEO_OMAP3 to avoid ABI change (fixes FTBFS) * [hppa] Ignore ABI changes caused by disabling CONFIG_FTRACE (fixes FTBFS) -- Ben Hutchings Mon, 19 Sep 2016 22:09:42 +0100 linux (4.7.4-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.3 - [x86] mm: Disable preemption during CR3 read+write - [x86] uprobes: Fix RIP-relative handling of EVEX-encoded instructions - [x86] platform/uv: Skip UV runtime services mapping in the efi_runtime_disabled case - SUNRPC: Handle EADDRNOTAVAIL on connection failures - SUNRPC: allow for upcalls for same uid but different gss service - [x86] ALSA: hda - Manage power well properly for resume - efi/capsule: Allocate whole capsule into virtual memory - virtio: fix memory leak in virtqueue_add() - vfio/pci: Fix NULL pointer oops in error interrupt setup handling - tracing: Fix tick_stop tracepoint symbols for user export - [x86] perf intel-pt: Fix occasional decoding errors when tracing system-wide - [amd64] libnvdimm, nd_blk: mask off reserved status bits - ACPI: CPPC: Return error if _CPC is invalid on a CPU - ACPI / CPPC: Prevent cpc_desc_ptr points to the invalid data - genirq/msi: Remove unused MSI_FLAG_IDENTITY_MAP - genirq/msi: Make sure PCI MSIs are activated early - usb: ehci: change order of register cleanup during shutdown - usb: devio, do not warn when allocation fails - usb: misc: usbtest: add fix for driver hang - usb: misc: usbtest: usbtest_do_ioctl may return positive integer - usb: dwc3: gadget: increment request->actual once - usb: dwc3: gadget: fix for short pkts during chained xfers - usb: dwc3: gadget: always cleanup all TRBs - usb: hub: Fix unbalanced reference count/memory leak/deadlocks - USB: hub: fix up early-exit pathway in hub_activate - USB: hub: change the locking in hub_activate - USB: validate wMaxPacketValue entries in endpoint descriptors - usb/gadget: fix gadgetfs aio support. - xhci: always handle "Command Ring Stopped" events - usb: xhci: Fix panic if disconnect - xhci: don't dereference a xhci member after removing xhci - USB: serial: fix memleak in driver-registration error path - uprobes: Fix the memcg accounting - perf symbols: Fix annotation of objects with debuginfo files - perf/core: Fix event_function_local() - perf tools mem: Fix -t store option for record command - iommu/dma: Don't put uninitialised IOVA domains - [armhf] iommu/io-pgtable-arm-v7s: Fix attributes when splitting blocks - [armhf,arm64] iommu/arm-smmu: Fix CMDQ error handling - [armhf,arm64] iommu/arm-smmu: Disable stalling faults for all endpoints - [armhf,arm64] iommu/arm-smmu: Don't BUG() if we find aborting STEs with disable_bypass - [x86] pinctrl/amd: Remove the default de-bounce time - i2c: mux: demux-pinctrl: properly roll back when adding adapter fails - [s390x] dasd: fix hanging device after clear subchannel - mac80211: fix purging multicast PS buffer queue - [arm64] kernel: avoid literal load of virtual address with MMU off - [arm64] avoid TLB conflict with CONFIG_RANDOMIZE_BASE - [arm64] dts: rockchip: add reset saradc node for rk3368 SoCs - [arm64] kernel: Fix unmasked debug exceptions when restoring mdscr_el1 - of: fix reference counting in of_graph_get_endpoint_by_regs - iio: fix sched WARNING "do not call blocking ops when !TASK_RUNNING" - [x86] drm/amdgpu: Change GART offset to 64-bit - [x86] drm/amdgpu: fix amdgpu_move_blit on 32bit systems - [x86] drm/amdgpu: fix lru size grouping v2 - [x86] drm/amdgpu: avoid a possible array overflow - [x86] drm/amdgpu: skip TV/CV in display parsing - [x86] drm/amd/amdgpu: sdma resume fail during S4 on CI - [x86] drm/amd/amdgpu: compute ring test fail during S4 on CI - [x86] drm/amdgpu: record error code when ring test failed - [x86] drm/i915: Fix iboost setting for DDI with 4 lanes on SKL - [x86] drm/i915: Program iboost settings for HDMI/DVI on SKL - [x86] drm/i915: Fix iboost setting for SKL Y/U DP DDI buffer translation entry 2 - [x86] drm/i915: Acquire audio powerwell for HD-Audio registers - [x86] drm/i915: fix aliasing_ppgtt leak - [x86] drm/i915/vlv: Make intel_crt_reset() per-encoder - [x86] drm/i915/vlv: Reset the ADPA in vlv_display_power_well_init() - [x86] drm/i915/vlv: Disable HPD in valleyview_crt_detect_hotplug() - [x86] drm/i915: Enable polling when we don't have hpd - [arm64] mfd: cros_ec: Add cros_ec_cmd_xfer_status() helper - [arm64] i2c: cros-ec-tunnel: Fix usage of cros_ec_cmd_xfer() - cdc-acm: fix wrong pipe type on rx interrupt xfers - mpt3sas: Fix resume on WarpDrive flash cards - megaraid_sas: Fix probing cards without io port - dm round robin: do not use this_cpu_ptr() without having preemption disabled - gpio: Fix OF build problem on UM - fs/seq_file: fix out-of-bounds read - soft_dirty: fix soft_dirty during THP split - [amd64] dax: fix device-dax region base - [amd64] mm: silently skip readahead for DAX inodes - btrfs: waiting on qgroup rescan should not always be interruptible - btrfs: properly track when rescan worker is running - btrfs: don't create or leak aliased root while cleaning up orphans - Revert "floppy: fix open(O_ACCMODE) for ioctl-only open" - Input: synaptics-rmi4 - fix register descriptor subpacket map construction - [x86] crypto: qat - fix aes-xts key sizes - USB: avoid left shift by -1 - usb: chipidea: udc: don't touch DP when controller is in host mode - USB: fix typo in wMaxPacketSize validation - usb: gadget: udc: core: don't starve DMA resources - USB: serial: mos7720: fix non-atomic allocation in write path - USB: serial: mos7840: fix non-atomic allocation in write path - [x86] staging/lustre/llite: Close atomic_open race with several openers - [x86] staging: comedi: daqboard2000: bug fix board type matching code - [x86] staging: comedi: comedi_test: fix timer race conditions - [x86] staging: comedi: ni_mio_common: fix AO inttrig backwards compatibility - [x86] staging: comedi: ni_mio_common: fix wrong insn_write handler - ACPI / drivers: fix typo in ACPI_DECLARE_PROBE_ENTRY macro - ACPI / drivers: replace acpi_probe_lock spinlock with mutex - ALSA: line6: Remove double line6_pcm_release() after failed acquire. - ALSA: line6: Give up on the lock while URBs are released. - ALSA: line6: Fix POD sysfs attributes segfault - hwmon: (it87) Add missing sysfs attribute group terminator - hwmon: (iio_hwmon) fix memory leak in name attribute - sysfs: correctly handle read offset on PREALLOC attrs - SUNRPC: Fix infinite looping in rpc_clnt_iterate_for_each_xprt https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.4 - Revert "floppy: refactor open() flags handling" - apparmor: fix refcount race when finding a child profile - fs: Check for invalid i_uid in may_follow_link() - cred: Reject inodes with invalid ids in set_create_file_as() - ext4: validate that metadata blocks do not overlap superblock - ext4: fix xattr shifting when expanding inodes - ext4: fix xattr shifting when expanding inodes part 2 - ext4: properly align shifted xattrs when expanding inodes - ext4: avoid deadlock when expanding inode size - ext4: avoid modifying checksum fields directly during checksum verification - block: Fix race triggered by blk_set_queue_dying() - block: make sure a big bio is split into at most 256 bvecs - cgroup: reduce read locked section of cgroup_threadgroup_rwsem during fork - cdc-acm: added sanity checking for probe() - drm/radeon: fix radeon_move_blit on 32bit systems - drm/radeon: only apply the SS fractional workaround to RS[78]80 - drm/atomic: Don't potentially reset color_mgmt_changed on successive property updates. - drm: Reject page_flip for !DRIVER_MODESET - [arm64] drm/msm: fix use of copy_from_user() while holding spinlock - [armhf] drm/vc4: Use drm_free_large() on handles to match its allocation. - [armhf] drm/vc4: Fix overflow mem unreferencing when the binner runs dry. - [armhf] drm/vc4: Fix oops when userspace hands in a bad BO. - xfs: fix superblock inprogress check - timekeeping: Cap array access in timekeeping_debug - xenbus: don't look up transaction IDs for ordinary writes - ovl: proper cleanup of workdir - ovl: don't copy up opaqueness - ovl: remove posix_acl_default from workdir - ovl: listxattr: use strnlen() - ovl: fix workdir creation - mei: me: disable driver on SPT SPS firmware - ubifs: Fix xattr generic handler usage - ubifs: Fix assertion in layout_in_gaps() - bdev: fix NULL pointer dereference - bcache: RESERVE_PRIO is too small by one when prio_buckets() is a power of two. - [mips*/*-malta] irqchip/mips-gic: Implement activate op for device domain - vhost/scsi: fix reuse of &vq->iov[out] in response - [x86] apic: Do not init irq remapping if ioapic is disabled - xprtrdma: Create common scatterlist fields in rpcrdma_mw - crypto: caam - fix IV loading for authenc (giv)decryption - fscrypto: add authorization check for setting encryption policy - fscrypto: only allow setting encryption policy on directories - ALSA: firewire-tascam: accessing to user space outside spinlock - ALSA: fireworks: accessing to user space outside spinlock - ALSA: rawmidi: Fix possible deadlock with virmidi registration - ALSA: timer: fix NULL pointer dereference in read()/ioctl() race - ALSA: timer: fix division by zero after SNDRV_TIMER_IOCTL_CONTINUE - ALSA: timer: fix NULL pointer dereference on memory allocation failure - ALSA: timer: Fix zero-division by continue of uninitialized instance - scsi: fix upper bounds check of sense key in scsi_sense_key_string() - cpufreq: dt: Add terminate entry for of_device_id tables [ Ben Hutchings ] * [arm64] Add cpu_to_fdt32() when setting Secure Boot flag in FDT * [amd64] Enable SIGNED_PE_FILE_VERIFICATION, KEXEC_FILE, KEXEC_VERIFY_SIG, KEXEC_BZIMAGE_VERIFY_SIG * i8042: Revert ABI break in 4.7.3 * mm, oom: prevent premature OOM killer invocation for high order request (regression in 4.7) * [arm64] pinctrl: Enable PINCTRL_SINGLE as built-in, needed for HiKey SoCs * [hppa] Disable FTRACE due to huge size cost (Closes: #837588) * [powerpcspe] xmon: Don't use ld on 32-bit (Closes: #836741) * liblockdep-dev: Add dependency on liblockdep (Closes: #837710) * xen-linux-system: Relax dependency on linux-image to allow for version suffix added by linux-signed * [armhf] Enable drivers for Novena: MFD_STMPE as built-in; DRM_PANEL_SIMPLE, MMA8452, TOUCHSCREEN_STMPE, BATTERY_SBS, BACKLIGHT_PWM, SND_SOC_IMX_ES8328 as modules (Closes: #837627, thanks to Vagrant Cascadian) * linux-image: postrm: Make failure of rmdir on purge non-fatal (Closes: #836282) * [armhf] Enable drivers and options for OpenPandora console: POWER_AVS_OMAP as built-in; DISPLAY_CONNECTOR_ANALOG_TV, DISPLAY_PANEL_TPO_TD043MTEA1, SENSORS_TWL4030_MADC, VIDEO_OMAP3, BATTERY_TWL4030_MADC, BACKLIGHT_PANDORA, HDQ_MASTER_OMAP as modules; OMAP2_DSS_DSI (Closes: #835893, thanks to Vagrant Cascadian) * bug script: Stop describing TAINT_UNSIGNED_MODULE as expected -- Ben Hutchings Sun, 18 Sep 2016 14:56:01 +0100 linux (4.7.2-1) unstable; urgency=medium * New upstream release: https://kernelnewbies.org/Linux_4.7 - media: fix airspy usb probe error path (CVE-2016-5400) - libata: LITE-ON CX1-JB256-HP needs lower max_sectors (Closes: #830971) - tcp: make challenge acks less predictable (CVE-2016-5696) * New stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.1 - vfs: ioctl: prevent double-fetch in dedupe ioctl (CVE-2016-6516) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.2 - [powerpc*] KVM: Book3S HV: Save/restore TM state in H_CEDE (CVE-2016-5412) - audit: fix a double fetch in audit_log_single_execve_arg() (CVE-2016-6136) [ Ben Hutchings ] * sched: Enable SCHEDSTATS (Closes: #796674) * Re-enable various config options disabled by name and type changes in 4.7: - nfc: NFC_PN533_USB replaced NFC_PN533 - [armhf] dsa: NET_DSA_MV88E6XXX replaced NET_DSA_MV88E6{123,131,171} - [x86] ACPI: ACPI_TABLE_UPGRADE replaced ACPI_INITRD_TABLE_OVERRIDE - rxrpc: Enable RXKAD as part of af_rxrpc module - [x86] 8250: Enable SERIAL_8250_FINTEK as built-in * cgroups: Enable memory controller by default * [armfh] udeb: Add efi-modules * linux-kbuild: Include headers_install.sh and unifdef (Closes: #832359) * udeb: Include cdc_ncm in nic-usb-modules (Closes: #833918) * usbip: Use the locally-installed * Exclude redundant and unreproducible files from binary packages (Closes: #830268) - usbip: Put all autotools-generated files in the build directory - linux-headers: Exclude all .cmd files * [arm*] Enable SECCOMP (Closes: #833183) * [hppa] Fix automatic selection of cr16 clocksource * [hppa] Fix order of EREFUSED define in errno.h * aufs: Update support patches to aufs4.7-20160822 (Closes: #834764) * [powerpc*] ipmi: Enable IPMI_POWERNV as module (Closes: #833861) * kbuild: Do not use hyphen in exported variable name (Closes: #833561) * fat: Mitigate the lack of UTF-8 case folding by enabling FAT_DEFAULT_UTF8 and setting FAT_DEFAULT_IOCHARSET to "ascii" (Closes: #833238) * [arm64] Add support for securelevel and Secure Boot (Closes: #831827, thanks to Linn Crosetto): - efi: Disable secure boot if shim is in insecure mode - Add kernel config option to set securelevel when in Secure Boot mode - Enable EFI_SECURE_BOOT_SECURELEVEL * tcp: fix use after free in tcp_xmit_retransmit_queue() (CVE-2016-6828) * aacraid: Check size values after double-fetch from user (CVE-2016-6480) * liblockdep: Move dummy definition of prandom_u32() to fix missing declaration * debian/rules.real: Avoid error message when usbip's config.h doesn't exist [ Martin Michlmayr ] * [armhf] Enable MMC_SDHCI_IPROC and HW_RANDOM_BCM2835 for BCM2835. * [arm64] Add USB support for NVIDIA Jetson TX1 Developer Kit: - pinctrl: max77620: add pincontrol driver for MAX77620/MAX20024 - gpio: max77620: add gpio driver for MAX77620/MAX20024 - gpio: max77620: Configure interrupt trigger level - gpio: max77620: use the new open drain callback - gpio: max77620: get gpio value based on direction - arm64: tegra: Add PMIC support on Jetson TX1 - arm64: tegra: p2597: Add SDMMC power supplies - arm64: tegra: Add DSI panel on Jetson TX1 - arm64: tegra: Add Tegra210 XUSB pad controller - arm64: tegra: Add Tegra210 XUSB controller - arm64: tegra: Enable debug serial on Jetson TX1 - arm64: tegra: Enable XUSB controller on Jetson TX1 - arm64: tegra: Correct Tegra210 XUSB mailbox interrupt * [arm64] Enable REGULATOR_FIXED_VOLTAGE. * [arm64] Enable ARM64_ERRATUM_834220. * [arm64] Build in SERIAL_TEGRA. * [arm64] Enable REGULATOR_PWM, DRM_PANEL_SIMPLE, BACKLIGHT_GENERIC and BACKLIGHT_LP855X for Jetson TX1. * [arm64] Enable BATTERY_BQ27XXX, MFD_CROS_EC_I2C, I2C_CROS_EC_TUNNEL for Google Pixel C. * [arm64] Enable more Qualcomm options: PINCTRL_QCOM_SPMI_PMIC, SPMI_MSM_PMIC_ARB, QCOM_SPMI_IADC, QCOM_SPMI_VADC, MFD_SPMI_PMIC, REGULATOR_QCOM_SPMI, QCOM_SPMI_TEMP_ALARM, CHARGER_QCOM_SMBB, USB_CHIPIDEA, USB_HSIC_USB3503, RTC_DRV_PM8XXX, EXTCON_USB_GPIO, QCOM_COINCELL, and INPUT_PM8941_PWRKEY. [ Uwe Kleine-König ] * Fix perf to be able to find debug info based on build-id. (Closes: #833096) [ Nicolas LE CAM ] * [amd64] Suggest grub-efi-amd64 instead of grub-efi dummy transitionnal package (Closes: #835459) -- Ben Hutchings Sun, 28 Aug 2016 15:56:10 +0100 linux (4.7~rc7-1~exp1) experimental; urgency=medium * New upstream release candidate [ Aurelien Jarno ] * [mipsel] Remove loongson-2e and loongson-2f flavours (Closes: #827790). * [mipsel/4kc-malta, mipsel/5kc-malta] Build for R2 ISA. [ Martin Michlmayr ] * [armhf, arm64] Enable DRM_TEGRA_STAGING. [ Ben Hutchings ] * [x86] KASLR, power: Remove x86 hibernation restrictions * fanotify: Enable FANOTIFY_ACCESS_PERMISSIONS (Closes: #690737) - Warn and taint kernel if this feature is actually used * Define Auto-Built-Package field when running dpkg-gencontrol, as dpkg-source doesn't like to see it in debian/control * debian/lib/python/debian_linux/debian.py: Handle packages with only short descriptions * Change names and descriptions of linux-image debug symbol packages to match debhelper [ Bastian Blank ] * Mark debug symbols packages to move them into the debug archive. * Build debug symbols for all images. -- Ben Hutchings Thu, 14 Jul 2016 13:35:22 +0100 linux (4.7~rc4-1~exp1) experimental; urgency=medium * New upstream release candidate [ Ben Hutchings ] * [armel] Disable module signing for all flavours (fixes FTBFS) -- Ben Hutchings Tue, 21 Jun 2016 00:41:23 +0100 linux (4.7~rc3-1~exp1) experimental; urgency=medium * New upstream release candidate [ Ben Hutchings ] * bug script: Put binary package name and version in the info file so linux-signed can easily replace them * Move merge_packages function from debian/bin/gencontrol.py to gencontrol module * udeb: Drop packages for modules that will later be signed * linux-image: Add '-unsigned' suffix to packages with modules that will later be signed - Add Conflicts and Replaces relations to signed packages (Closes: #827618) * [rt] Disable until it is updated for 4.7 or later * cpupower: Bump soname version and rename library package accordingly * debian/rules.d/Makefile: Override architecture detection when building userland headers * linux-cpupower: Define PACKAGE_BUGREPORT to refer to reportbug, not upstream * debian/README.source: Document the supported build profiles * debian/control: Fix build-dependencies for cross-building - Add workaround for libdpkg-perl bugs #827628, #827633 * Add support for the nopython build profile, disabling the linux-perf package * Fix build rules for userland tools to support cross-building [ Martin Michlmayr ] * [armhf, arm64] Enable PHY_TEGRA_XUSB and USB_XHCI_TEGRA. * [arm64] Enable MAX77620 and PCA9539 which are required by Jetson TX1. * [arm64] Enable TEGRA210_ADMA. * [arm64] Enable THERMAL. * [armhf] Enable TEGRA_SOCTHERM. * [armhf] Enable SPI_TEGRA114. * [arm64] Enable more QCOM options (QCOM_SMP2P, QCOM_SMSM, QCOM_WCNSS_CTRL, PHY_QCOM_UFS, QCOM_QFPROM). [ Aurelien Jarno ] * [ppc64*] Enable SPAPR_TCE_IOMMU, VFIO and VFIO_PCI (Closes: #826367). -- Ben Hutchings Sat, 18 Jun 2016 23:50:39 +0100 linux (4.6.4-1) unstable; urgency=medium * Team upload. * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.4 - net_sched: fix pfifo_head_drop behavior vs backlog - act_ipt: fix a bind refcnt leak - net: Don't forget pr_fmt on net_dbg_ratelimited for CONFIG_DYNAMIC_DEBUG - sit: correct IP protocol used in ipip6_err - esp: Fix ESN generation under UDP encapsulation - netem: fix a use after free - ipmr/ip6mr: Initialize the last assert time of mfc entries. - Bridge: Fix ipv6 mc snooping if bridge has no ipv6 address - sock_diag: do not broadcast raw socket destruction - bpf, perf: delay release of BPF prog after grace period - neigh: Explicitly declare RCU-bh read side critical section in neigh_xmit() - AX.25: Close socket connection on session completion - [powerpc] crypto: vmx - Increase priority of aes-cbc cipher - crypto: user - re-add size check for CRYPTO_MSG_GETALG - USB: uas: Fix slave queue_depth not being set - usb: quirks: Fix sorting - usb: quirks: Add no-lpm quirk for Acer C120 LED Projector - [armhf] usb: musb: only restore devctl when session was set in backup - [armhf] usb: musb: Stop bulk endpoint while queue is rotated - [armhf] usb: musb: Ensure rx reinit occurs for shared_fifo endpoints - [armhf] usb: musb: host: correct cppi dma channel for isoch transfer - xhci: Cleanup only when releasing primary hcd - usb: xhci-plat: properly handle probe deferral for devm_clk_get() - USB: xhci: Add broken streams quirk for Frescologic device id 1009 - xhci: Fix handling timeouted commands on hosts in weird states. - USB: mos7720: delete parport - usb: gadget: fix spinlock dead lock in gadgetfs - [arm64, armhf] usb: host: ehci-tegra: Grab the correct UTMI pads reset - usb: dwc3: exynos: Fix deferred probing storm. [ Uwe Kleine-König ] * Cherry pick patches for rtc-s35390a from next. (Closes: #794266) [ Salvatore Bonaccorso ] * apparmor: fix oops, validate buffer size in apparmor_setprocattr() (CVE-2016-6187) [ Ben Hutchings ] * bridge: Fix ABI change in 4.6.4 * [rt] Update to 4.6.4-rt6 (no functional change) -- Salvatore Bonaccorso Mon, 18 Jul 2016 21:57:31 +0200 linux (4.6.3-1) unstable; urgency=medium [ Ben Hutchings ] * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.3 - scsi_lib: correctly retry failed zero length REQ_TYPE_FS commands - scsi: Add QEMU CD-ROM to VPD Inquiry Blacklist - netlink: Fix dump skb leak/double free - tipc: fix nametable publication field in nl compat - switchdev: pass pointer to fib_info instead of copy - tuntap: correctly wake up process during uninit - bpf: Use mount_nodev not mount_ns to mount the bpf filesystem - udp: prevent skbs lingering in tunnel socket queues - uapi glibc compat: fix compilation when !__USE_MISC in glibc - bpf, inode: disallow userns mounts - [armhf] net: mvneta: Fix lacking spinlock initialization - net: hwbm: Fix unbalanced spinlock in error case - sfc: on MC reset, clear PIO buffer linkage in TXQs - team: don't call netdev_change_features under team->lock - net: alx: use custom skb allocator - net: stmmac: Fix incorrect memcpy source memory - vxlan: Accept user specified MTU value when create new vxlan link - net: nps_enet: Disable interrupts before napi reschedule - bpf, trace: use READ_ONCE for retrieving file ptr - tcp: record TLP and ER timer stats in v6 stats - bridge: Don't insert unnecessary local fdb entry on changing mac address - l2tp: fix configuration passed to setup_udp_tunnel_sock() - ipv6: Skip XFRM lookup if dst_entry in socket cache is valid - [armhf,arm64] KVM: vgic-v2: Clear all dirty LRs - [armhf,arm64] KVM: vgic-v3: Clear all dirty LRs - [x86] KVM: fix OOPS after invalid KVM_SET_DEBUGREGS - KVM: irqfd: fix NULL pointer dereference in kvm_irq_map_gsi - [arm*] drivers/perf: arm_pmu: Defer the setting of __oprofile_cpu_pmu - [x86] ALSA: hda - Add PCI ID for Kabylake - [x86] ALSA: hda - Fix headset mic detection problem for Dell machine - ALSA: hda/realtek - ALC256 speaker noise issue - ALSA: hda/realtek - Add support for new codecs ALC700/ALC701/ALC703 - [x86] ALSA: hda/realtek: Add T560 docking unit fixup - [armhf] fix PTRACE_SETVFPREGS on SMP systems - gpio: bail out silently on NULL descriptors - gpiolib: Fix NULL pointer deference - gpiolib: Fix unaligned used of reference counters - [s390x] bpf: fix recache skb->data/hlen for skb_vlan_push/pop - [s390x] bpf: reduce maximum program size to 64 KB - [armhf,arm64] irqchip/gic-v3: Fix ICC_SGI1R_EL1.INTID decoding mask - [x86] crypto: ccp - Fix AES XTS error for request sizes above 4096 - [arm64] Provide "model name" in /proc/cpuinfo for PER_LINUX32 tasks - [arm64] mm: always take dirty state from new pte in ptep_set_access_flags - [powerpc*] pseries/eeh: Handle RTAS delay requests in configure_bridge - [powerpc*] Fix definition of SIAR and SDAR registers - [powerpc*] Use privileged SPR number for MMCR2 - [powerpc*] pseries: Add POWER8NVL support to ibm,client-architecture-support call - [powerpc*] mm/hash: Fix the reference bit update when handling hash fault - [hppa] Fix pagefault crash in unaligned __get_user() call - memcg: add RCU locking around css_for_each_descendant_pre() in memcg_offline_kmem() - wext: Fix 32 bit iwpriv compatibility issue with 64 bit Kernel - mm: thp: broken page count after commit aa88b68c3b1d - [x86] entry/traps: Don't force in_interrupt() to return true in IST handlers - fix d_walk()/non-delayed __d_free() race - [sparc64] Reduce TLB flushes during hugepte changes - [sparc64] Take ctx_alloc_lock properly in hugetlb_setup(). - [sparc64] Harden signal return frame checks. - [sparc64] Fix return from trap window fill crashes. - drm/core: Do not preserve framebuffer on rmfb, v4. - [x86] Revert "drm/i915: Exit cherryview_irq_handler() after one pass" - gpio: make sure gpiod_to_irq() returns negative on NULL desc * [powerpc*] tm: Always reclaim in start_thread() for exec() class syscalls (CVE-2016-5828) [ Salvatore Bonaccorso ] * HID: hiddev: validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands (CVE-2016-5829) -- Ben Hutchings Mon, 04 Jul 2016 20:10:24 +0200 linux (4.6.2-2) unstable; urgency=medium * [mips*] Fix ABI changes in 4.6.2 * [rt] Update to 4.6.2-rt5: - mm/memcontrol: mem_cgroup_migrate() - replace another local_irq_disable() w. local_lock_irq() * KEYS: potential uninitialized variable (CVE-2016-4470) * percpu: fix synchronization between chunk->map_extend_work and chunk destruction (CVE-2016-4794) * percpu: fix synchronization between synchronous map extension and chunk destruction (CVE-2016-4794) * netfilter: x_tables: Fix parsing of IPT_SO_SET_REPLACE blobs (CVE-2016-4997, CVE-2016-4998) - don't move to non-existent next rule - validate targets of jumps - add and use xt_check_entry_offsets - kill check_entry helper - assert minimum target size - add compat version of xt_check_entry_offsets - check standard target size too - check for bogus target offset - validate all offsets and sizes in a rule - don't reject valid target size on some - arp_tables: simplify translate_compat_table args - ip_tables: simplify translate_compat_table args - ip6_tables: simplify translate_compat_table args - xt_compat_match_from_user doesn't need a retval - do compat validation via translate_table - introduce and use xt_copy_counters_from_user * Ignore ABI change in x_tables * nfsd: check permissions when setting ACLs (CVE-2016-1237) -- Ben Hutchings Sat, 25 Jun 2016 11:22:27 +0200 linux (4.6.2-1) unstable; urgency=medium * Team upload. * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.2 - f2fs: fix deadlock when flush inline data - [mips*] math-emu: Fix jalr emulation when rd == $0 - [mips*] Avoid using unwind_stack() with usermode - [mips*] Fix siginfo.h to use strict posix types - [mips*] Fix uapi include in exported asm/siginfo.h - [mips*] Fix watchpoint restoration - [mips*] Flush highmem pages in __flush_dcache_page - [mips*] Handle highmem pages in __update_cache - [mips*] Sync icache & dcache in set_pte_at - [mips*] Reserve nosave data for hibernation - [mips*el/loongson-3] Reserve 32MB for RS780E integrated GPU - [mips*] Use copy_s.fmt rather than copy_u.fmt - [mips*] Prevent "restoration" of MSA context in non-MSA kernels - [mips*] ptrace: Fix FP context restoration FCSR regression - [mips*] ptrace: Prevent writes to read-only FCSR bits - [mips*] lib: Mark intrinsics notrace - [mips*] VDSO: Build with `-fno-strict-aliasing' - affs: fix remount failure when there are no options changed - ASoC: ak4642: Enable cache usage to fix crashes on resume - Input: uinput - handle compat ioctl for UI_SET_PHYS - Input: xpad - move pending clear to the correct location - Input: xpad - prevent spurious input from wired Xbox 360 controllers - [armhf] sun4i: dt: Enable dram gate 5 (tve0 clock) for simplefb TV output - [armhf] sun7i: dt: Enable dram gate 5 (tve0 clock) for simplefb TV output - [armhf] mvebu: fix GPIO config on the Linksys boards - [armhf] dts: exynos: Add interrupt line to MAX8997 PMIC on exynos4210-trats - ath9k: Fix LED polarity for some Mini PCI AR9220 MB92 cards. - ath10k: fix firmware assert in monitor mode - ath10k: fix rx_channel during hw reconfigure - ath10k: fix kernel panic, move arvifs list head init before htt init - ath5k: Change led pin configuration for compaq c700 laptop - [armhf] hwrng: exynos - Fix unbalanced PM runtime put on timeout error path - rtlwifi: Fix logic error in enter/exit power-save mode - rtlwifi: pci: use dev_kfree_skb_irq instead of kfree_skb in rtl_pci_reset_trx_ring - Revert "lpfc: Delete unnecessary checks before the function call mempool_destroy" - aacraid: Start adapter after updating number of MSIX vectors - aacraid: Relinquish CPU during timeout wait - aacraid: Fix for aac_command_thread hang - aacraid: Fix for KDUMP driver hang - regulator: Try to resolve regulators supplies on registration - hwmon: (ads7828) Enable internal reference - [x86] mfd: intel_quark_i2c_gpio: Remove clock tree on error path - [x86] mfd: intel-lpss: Save register context on suspend - [x86] mfd: intel_soc_pmic_core: Terminate panel control GPIO lookup table correctly - PM / Runtime: Fix error path in pm_runtime_force_resume() - cpuidle: Indicate when a device has been unregistered - cpuidle: Fix cpuidle_state_is_coupled() argument in cpuidle_enter() - [armhf] clk: bcm2835: Fix PLL poweron - [armhf] clk: bcm2835: pll_off should only update CM_PLL_ANARST - [armhf] clk: bcm2835: divider value has to be 1 or more - [armhf] clk: bcm2835: correctly enable fractional clock support - [armhf] pinctrl: exynos5440: Use off-stack memory for pinctrl_gpio_range - PCI: Disable all BAR sizing for devices with non-compliant BARs - media: v4l2-compat-ioctl32: fix missing reserved field copy in put_v4l2_create32 - PKCS#7: fix missing break on OID_sha224 case - mm: use phys_addr_t for reserve_bootmem_region() arguments - mm/compaction.c: fix zoneindex in kcompactd() - wait/ptrace: assume __WALL if the child is traced - batman-adv: Fix double neigh_node_put in batadv_v_ogm_route_update - [powerpc*] book3s64: Fix branching to OOL handlers in relocatable kernel - [powerpc*] eeh: Don't report error in eeh_pe_reset_and_recover() - [powerpc*] Revert "powerpc/eeh: Fix crash in eeh_add_device_early() on Cell" - [powerpc*] eeh: Restore initial state in eeh_pe_reset_and_recover() - xen/events: Don't move disabled irqs - xen: use same main loop for counting and remapping pages - sunrpc: fix stripping of padded MIC tokens - [x86] drm/gma500: Fix possible out of bounds read - [x86] drm/vmwgfx: Kill some lockdep warnings - [x86] drm/amdgpu: use drm_mode_vrefresh() rather than mode->vrefresh - [x86] drm/amdgpu: Fix hdmi deep color support. - [x86] drm/i915/fbdev: Fix num_connector references in intel_fb_initial_config() - drm/fb_helper: Fix references to dev->mode_config.num_connector - [x86] drm/i915: Discard previous atomic state on resume if connectors change - drm/atomic: Verify connector->funcs != NULL when clearing states - Bluetooth: 6lowpan: Fix memory corruption of ipv6 destination address - [x86] drm/i915/psr: Try to program link training times correctly - [x86] drm/i915: Respect DP++ adaptor TMDS clock limit - [x86] drm/i915: Enable/disable TMDS output buffers in DP++ adaptor as needed - [x86] drm/i915: Don't leave old junk in ilk active watermarks on readout - [x86] drm/i915: Fix watermarks for VLV/CHV - [armhf] drm/imx: Match imx-ipuv3-crtc components using device node in platform data - [x86] drm/i915: Pass the correct crtc state to .update_plane() - ext4: fix data exposure after a crash - ext4: fix hang when processing corrupted orphaned inode list - ext4: clean up error handling when orphan list is corrupted - ext4: fix check of dqget() return value in ext4_ioctl_setproject() - ext4: fix oops on corrupted filesystem - ext4: address UBSAN warning in mb_find_order_for_block() - nfs: avoid race that crashes nfs_init_commit - PM / sleep: Handle failures in device_suspend_late() consistently - mm: thp: avoid false positive VM_BUG_ON_PAGE in page_move_anon_rmap() - xfs: disallow rw remount on fs with unknown ro-compat features - xfs: Don't wrap growfs AGFL indexes - xfs: remove xfs_fs_evict_inode() - xfs: xfs_iflush_cluster fails to abort on error - xfs: fix inode validity check in xfs_iflush_cluster - xfs: skip stale inodes in xfs_iflush_cluster - [armhf] drm: msm: remove unused variable - IB/hfi1: Fix hard lockup due to not using save/restore spin lock - regulator: Fix deadlock during regulator registration [ Ben Hutchings ] * [armel,armhf,sh4] linux-image: Do not suggest fdutils * liblockdep: Reduce MAX_LOCK_DEPTH to avoid overflowing lock_chain::depth * liblockdep: Fix 'unused value' warnings * liblockdep: Fix 'set but not used' warnings * liblockdep: Fix 'defined but not used' warning for init_utsname() [ Salvatore Bonaccorso ] * Stack overflow via ecryptfs and /proc/$pid/environ (CVE-2016-1583) - proc: prevent stacking filesystems on top - ecryptfs: forbid opening files without mmap handler - sched: panic on corrupted stack end * tipc: fix an infoleak in tipc_nl_compat_link_dump (CVE-2016-5243) * rds: fix an infoleak in rds_inc_info_copy (CVE-2016-5244) -- Salvatore Bonaccorso Wed, 15 Jun 2016 21:32:54 +0200 linux (4.6.1-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.1 [ Ben Hutchings ] * [mips*r6*] Disable these architectures until dak recognises them as valid in the control file * linux-image: Rewrite maintainer scripts in shell, using the new linux-update-symlinks and linux-check-removal commands (Closes: #692333, #815850). Drop support for minimal_swap, no_symlinks, use_hard_links and *_hook parameters in /etc/kernel-img.conf (Closes: #730073). Remove now-redundant debconf templates. * linux-image: postrm: Update default symlinks before running hook scripts * linux-image: Make a newly installed kernel the default if the package was previously removed * mtd: Disable slram and phram when securelevel is enabled * debian/patches/features/all/rt/genpatch.py: Use Python 3 * debian/patches/features/all/rt/genpatch.py: Fix mapping of -rt version to upstream version * debian/patches/features/all/rt/genpatch.py: Use upstream tarball directly * debian/patches/features/all/rt/genpatch.py: Use stable URLs in patch Origin headers * [rt] Update to 4.6.1-rt3: - trace: correct off by one while recording the trace-event - sched,preempt: Fix preempt_count manipulations - kernel/rtmutex: only warn once on a try lock from bad - locallock: add local_lock_on() - kernel/printk: Don't try to print from IRQ/NMI region - mm: perform lru_add_drain_all() remotely * debian/control: Drop obsolete versioned Depends and Breaks * linux-libc-dev: Drop obsolete Replaces/Conflicts with linux-kernel-headers * debian/control: Update policy version to 3.9.8; no changes required * Disable MODULE_SIG for architectures not supported by linux-signed * Set ABI to 1 -- Ben Hutchings Mon, 06 Jun 2016 18:13:57 +0100 linux (4.6-1~exp2) experimental; urgency=medium [ Ben Hutchings ] * [tilegx] Build a linux-libc-dev package (Closes: #824524; thanks to Helmut Grohne) * [tilegx] linux-libc-dev: Install headers in arch-specific directory (Closes: #823632; thanks to Helmut Grohne) * [rt] Update to 4.6-rc7-rt1 and re-enable - Override SYSTEM_TRUSTED_KEYS to work from the source_rt directory * Fold debian/config/README into debian/README.source * debian/README.source: Rewrite and expand explanation of kernel config file construction * aufs: Update support patches to aufs4.6-20160523 - mmap: Fix use-after-free in remap_file_pages(2) * [mips*] Change NFS and various storage and network drivers from built-in to modules * 8139too: Use same configuration on all architectures: enable 8139TOO_TUNE_TWISTER, 8139TOO_8129 and disable 8139TOO_PIO * [mipsn32{,r6}{,el}] Build linux-libc-dev and tools packages * [mips{,64}r6{,el}] Add kernel flavours for the Malta platform; build linux-libc-dev and tools packages (Closes: #825024; thanks to YunQiang Su) * [mips*/*-malta] udeb: Add ata-modules package * linux-image: Stop setting $STEM in environment for maintainer script hooks * linux-image: Add workaround for bug #817083 in debconf * linux-image: prerm: Allow removal of running kernel if we can't ask debconf questions (Closes: #825423) * linux-image: prerm: Ignore version of running kernel inside a container or chroot * [s390] udeb: Drop all packages, since s390 no longer has its own kernel * udeb: Drop packages for modules that will later be signed; these packages will be taken over by src:linux-signed [ Aurelien Jarno ] * [mips64{,el}] Set CPU to MIPS64 R2. * [mips] Set CPU to MIPS32/64 R2. [ Martin Michlmayr ] * [armhf] Enable more NVIDIA Tegra options (TEGRA_IOMMU_SMMU, ARM_TEGRA_DEVFREQ, SND_SOC_TEGRA_*). -- Ben Hutchings Mon, 30 May 2016 04:44:45 +0100 linux (4.6-1~exp1) experimental; urgency=medium * New upstream release: http://kernelnewbies.org/Linux_4.6 [ Ben Hutchings ] * Re-apply "[media] videobuf2-v4l2: Verify planes array in buffer dequeueing", reverted upstream in 4.6 * [arm64] Enable RANDOMIZE_BASE (kASLR) * [armhf] dsa: Enable NET_DSA_MV88E6123 as module, replacing NET_DSA_MV88E6123_61_65 -- Ben Hutchings Tue, 17 May 2016 02:39:47 +0100 linux (4.6~rc7-1~exp1) experimental; urgency=medium * New upstream release candidate [ Ben Hutchings ] * [hppa] Enable MLONGCALLS (fixes FTBFS) * [alpha] fs: Disable BINFMT_EM86 (obsoleted by binfmt_misc; fixes FTBFS) [ Aurelien Jarno ] * [mips*/octeon] Enable EDAC, EDAC_MM_EDAC, EDAC_OCTEON_L2C, EDAC_OCTEON_LMC, EDAC_OCTEON_PC, EDAC_OCTEON_PCI. -- Ben Hutchings Mon, 09 May 2016 03:39:32 +0100 linux (4.6~rc5-1~exp1) experimental; urgency=medium * New upstream release candidate [ Ben Hutchings ] * [armhf] Enable EFI, RTC_DRV_EFI * Update config for renaming/removal/replacement/merging/splitting of various symbols * *lockdep*,linux-perf: Remove '-rcN' from installation paths [ Martin Michlmayr ] * [armel, armhf] Use new Marvell CESA driver. * [arm64] Enable support for NVIDIA Tegra. * [arm64] udeb: Create fb-modules. -- Ben Hutchings Fri, 29 Apr 2016 10:40:36 +0200 linux (4.6~rc3-1~exp1) experimental; urgency=medium * New upstream release candidate [ Ben Hutchings ] * aufs: Update support patches to aufs4.x-rcN-20160328 -- Ben Hutchings Thu, 14 Apr 2016 23:55:15 +0100 linux (4.5.5-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5 - decnet: Do not build routes to devices without decnet private data. - route: do not cache fib route info on local routes with oif - packet: fix heap info leak in PACKET_DIAG_MCLIST sock_diag interface - net: sched: do not requeue a NULL skb - bpf/verifier: reject invalid LD_ABS | BPF_DW instruction - cdc_mbim: apply "NDP to end" quirk to all Huawei devices - soreuseport: fix ordering for mixed v4/v6 sockets - net: use skb_postpush_rcsum instead of own implementations - vlan: pull on __vlan_insert_tag error path and fix csum correction - openvswitch: Orphan skbs before IPv6 defrag - openvswitch: use flow protocol when recalculating ipv6 checksums - net/mlx5_core: Fix soft lockup in steering error flow - net/mlx5e: Device's mtu field is u16 and not int - net/mlx5e: Fix minimum MTU - net/mlx5e: Use vport MTU rather than physical port MTU - ipv4/fib: don't warn when primary address is missing if in_dev is dead - net/mlx4_en: fix spurious timestamping callbacks - net: Implement net_dbg_ratelimited() for CONFIG_DYNAMIC_DEBUG case - gre: do not pull header in ICMP error processing - net_sched: introduce qdisc_replace() helper - net_sched: update hierarchical backlog too - sch_htb: update backlog as well - sch_dsmark: update backlog as well - netem: Segment GSO packets on enqueue - ipv6/ila: fix nlsize calculation for lwtunnel - net/mlx4_en: Fix endianness bug in IPV6 csum calculation - [x86] VSOCK: do not disconnect socket when peer has shutdown SEND only - net: bridge: fix old ioctl unlocked net device walk - bridge: fix igmp / mld query parsing - net: fix a kernel infoleak in x25 module (CVE-2016-4580) - net: thunderx: avoid exposing kernel stack - tcp: refresh skb timestamp at retransmit time - net/route: enforce hoplimit max value - ocfs2: revert using ocfs2_acl_chmod to avoid inode cluster lock hang - ocfs2: fix posix_acl_create deadlock - zsmalloc: fix zs_can_compact() integer overflow - mm: thp: calculate the mapcount correctly for THP pages during WP faults - [x86] crypto: qat - fix invalid pf2vf_resp_wq logic - crypto: testmgr - Use kmalloc memory for RSA input - ALSA: usb-audio: Quirk for yet another Phoenix Audio devices (v2) - ALSA: usb-audio: Yet another Phoneix Audio device quirk - ALSA: hda - Fix subwoofer pin on ASUS N751 and N551 - ALSA: hda - Fix white noise on Asus UX501VW headset - ALSA: hda - Fix broken reconfig - [armhf] spi: spi-ti-qspi: Fix FLEN and WLEN settings if bits_per_word is overridden - [armhf] spi: spi-ti-qspi: Handle truncated frames properly - perf diff: Fix duplicated output column - perf/core: Disable the event on a truncated AUX record - vfs: rename: check backing inode being equal - workqueue: fix rebind bound workers warning - [armhf] regulator: s2mps11: Fix invalid selector mask and voltages for buck9 - [armhf] regulator: axp20x: Fix axp22x ldo_io voltage ranges - atomic_open(): fix the handling of create_error - qla1280: Don't allocate 512kb of host tags - tools lib traceevent: Do not reassign parg after collapse_tree() - [x86] drm/i915: Update CDCLK_FREQ register on BDW after changing cdclk frequency - drm/radeon: fix PLL sharing on DCE6.1 (v2) - [x86] drm/i915: Bail out of pipe config compute loop on LPT - [x86] Revert "drm/i915: start adding dp mst audio" - [x86] drm/i915/bdw: Add missing delay during L3 SQC credit programming - drm/radeon: fix DP link training issue with second 4K monitor - drm/radeon: fix DP mode validation - [x86] drm/amdgpu: fix DP mode validation - btrfs: reada: Fix in-segment calculation for reada - Btrfs: fix truncate_space_check - btrfs: remove error message from search ioctl for nonexistent tree - btrfs: change max_inline default to 2048 - Btrfs: fix unreplayable log after snapshot delete + parent dir fsync - Btrfs: fix file loss on log replay after renaming a file and fsync - Btrfs: fix extent_same allowing destination offset beyond i_size - Btrfs: fix deadlock between direct IO reads and buffered writes - Btrfs: fix race when checking if we can skip fsync'ing an inode - Btrfs: do not collect ordered extents when logging that inode exists - btrfs: csum_tree_block: return proper errno value - btrfs: do not write corrupted metadata blocks to disk - Btrfs: fix invalid reference in replace_path - btrfs: handle non-fatal errors in btrfs_qgroup_inherit() - btrfs: fallback to vmalloc in btrfs_compare_tree - Btrfs: don't use src fd for printk - btrfs: Reset IO error counters before start of device replacing [ Salvatore Bonaccorso ] * tipc: check nl sock before parsing nested attributes (CVE-2016-4951) [ Ben Hutchings ] * aufs: Update support patches to aufs4.5-20160523 - mmap: Fix use-after-free in remap_file_pages(2) * Revert "stmmac: Fix 'eth0: No PHY found' regression" (Closes: #823493) * [x86] kvm:vmx: more complete state update on APICv on/off (CVE-2016-4440) * USB: usbfs: fix potential infoleak in devio (CVE-2016-4482) * ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS (CVE-2016-4569) * ALSA: timer: Fix leak in events via snd_timer_user_ccallback or snd_timer_user_tinterrupt (CVE-2016-4578) * dwc3-exynos: Fix deferred probing storm (Closes: #823552; thanks to Steinar H. Gunderson) * Re-apply "[media] videobuf2-v4l2: Verify planes array in buffer dequeueing", reverted upstream in 4.5.5 [ Roger Shimizu ] * [armhf] Enable SENSORS_PWM_FAN / PWM_SAMSUNG as module, as recommended by Steinar H. Gunderson. (Closes: #824941) * [armhf] For Odroid-U3 (Exynos4) support, enable ARCH_EXYNOS4 / MFD_MAX77686 / RTC_DRV_MAX77686 as built-in, and COMMON_CLK_MAX77686 / REGULATOR_MAX77686 / MMC_SDHCI_S3C as module. Thanks to Vagrant Cascadian. (Closes: #825139) -- Ben Hutchings Sun, 29 May 2016 22:21:11 +0100 linux (4.5.4-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.4 - RDMA/iw_cxgb4: Fix bar2 virt addr calculation for T4 chips - net/mlx5_core: Fix caching ATOMIC endian mode capability - ipvs: handle ip_vs_fill_iph_skb_off failure - ipvs: correct initial offset of Call-ID header search in SIP persistence engine - ipvs: drop first packet to redirect conntrack - rtlwifi: Fix size of wireless mode variable - [x86] mfd: intel-lpss: Remove clock tree on error path - nbd: ratelimit error msgs after socket close - null_blk: add lightnvm null_blk device to the nullb_list - [arm64] ata: ahci_xgene: dereferencing uninitialized pointer in probe - [armhf] wlcore: fix error handling in wlcore_event_fw_logger - ath10k: fix pktlog in QCA99X0 - mwifiex: fix corner case association failure - clk-divider: make sure read-only dividers do not write to their register - [armhf] clk: rockchip: fix wrong mmc phase shift for rk3228 - [armhf] clk: rockchip: free memory in error cases when registering clock branches - [armel/versatile] clk: versatile: sp810: support reentrance - [armhf] clk: sunxi: Fix sun8i-a23-apb0-clk divider flags - [arm64] clk: xgene: Add missing parenthesis when clearing divider value - [armhf] clk: bcm2835: fix check of error code returned by devm_ioremap_resource() - [armhf] pwm: omap-dmtimer: Fix inaccurate period and duty cycle calculations - [armhf] pwm: omap-dmtimer: Add sanity checking for load and match values - [armhf] pwm: omap-dmtimer: Round load and match values rather than truncate - lpfc: fix misleading indentation - gpiolib-acpi: Duplicate con_id string when adding it to the crs lookup list - ath9k: ar5008_hw_cmn_spur_mitigate: add missing mask_m & mask_p initialisation - mac80211: fix statistics leak if dev_alloc_name() fails - tracing: Don't display trigger file for events that can't be enabled - MD: make bio mergeable - Minimal fix-up of bad hashing behavior of hash_64() - mm: memcontrol: let v2 cgroups follow changes in system swappiness - [armhf] mm, cma: prevent nr_isolated_* counters from going negative - mm/zswap: provide unique zpool name - propogate_mnt: Handle the first propogated copy being a slave (CVE-2016-4581) - modpost: fix module autoloading for OF devices with generic compatible property - [armhf] EXYNOS: Properly skip unitialized parent clock in power domain on - [armhf] SoCFPGA: Fix secondary CPU startup in thumb2 kernel - xen: Fix page <-> pfn conversion on 32 bit systems - xen/balloon: Fix crash when ballooning on x86 32 bit PAE - xen/evtchn: fix ring resize when binding new events - HID: wacom: Add support for DTK-1651 - proc: prevent accessing /proc//environ until it's ready - mm: update min_free_kbytes from khugepaged after core initialization - batman-adv: fix DAT candidate selection (must use vid) - batman-adv: Check skb size before using encapsulated ETH+VLAN header - batman-adv: Fix broadcast/ogm queue limit on a removed interface - batman-adv: Reduce refcnt of removed router when updating route - [x86] libnvdimm, pfn: fix memmap reservation sizing - writeback: Fix performance regression in wb_over_bg_thresh() - [x86] tsc: Read all ratio bits from MSR_PLATFORM_INFO - [arm64] cpuidle: Pass on arm_cpuidle_suspend()'s return value - [x86] sysfb_efi: Fix valid BAR address range check - [arm64] dts: apq8064: add ahci ports-implemented mask - ACPICA: Dispatcher: Update thread ID for recursive method calls - [powerpc*] Fix bad inline asm constraint in create_zero_mask() - libahci: save port map for forced port map - ata: ahci-platform: Add ports-implemented DT bindings. - USB: serial: cp210x: add ID for Link ECU - USB: serial: cp210x: add Straizona Focusers device ids - Revert "USB / PM: Allow USB devices to remain runtime-suspended when sleeping" - nvmem: mxs-ocotp: fix buffer overflow in read - [x86] Drivers: hv: vmbus: Fix signaling logic in hv_need_to_signal_on_read() - [armhf] gpu: ipu-v3: Fix imx-ipuv3-crtc module autoloading - [x86] drm/amdgpu: make sure vertical front porch is at least 1 - [x86] drm/amdgpu: set metadata pointer to NULL after freeing. - [x86] iio: ak8975: Fix NULL pointer exception on early interrupt - [x86] iio: ak8975: fix maybe-uninitialized warning - drm/radeon: make sure vertical front porch is at least 1 - [x86] drm/i915: Avoid stalling on pending flips for legacy cursor updates - [x86] drm/i915/ddi: Fix eDP VDD handling during booting and suspend/resume - [x86] drm/i915: Fix system resume if PCI device remained enabled - [x86] drm/i915: Fix eDP low vswing for Broadwell - [x86] drm/i915: Make RPS EI/thresholds multiple of 25 on SNB-BDW - [x86] drm/i915: Fake HDMI live status - [x86] ACPI / processor: Request native thermal interrupt handling via _OSC [ Aurelien Jarno ] * [mips*] Fix PR_SET_FPMODE issues with multi-threaded programs. * [i386] Stop recommending libc6-i686. * [arm,x86] Fix memory corruption in KVM with THP enabled. (Closes: #821225) * [mips*/octeon] Add support for byte swapped initramfs to handle u-boot and kernel running with a different endianness. * [mipsel/octeon] Activate flavour on mipsel. [ Roger Shimizu ] * netfilter: Enable NF_DUP_NETDEV / NFT_DUP_NETDEV / NFT_FWD_NETDEV as module, as recommended by Arturo Borrero Gonzalez. (Closes: #824162) [ Salvatore Bonaccorso ] * KEYS: Fix ASN.1 indefinite length object parsing (CVE-2016-0758) * net: fix infoleak in llc (CVE-2016-4485) * KVM: MTRR: remove MSR 0x2f8 (CVE-2016-3713) [ Ben Hutchings ] * gencontrol.py: Fix implementation of [packages]tools config option, thanks to Yves-Alexis Perez * debian/control: Exclude tools from 'stage1' build profile * debian/control,debian/rules: Support a 'pkg.linux.notools' build profile which does not build tools packages * debian/control,debian/rules,debian/rules.d: Support the 'nodoc' build profile * debian/control: Remove alternate build-dependency on binutils-dev that was used for backports to wheezy * net: fix infoleak in rtnetlink (CVE-2016-4486) * nf_conntrack: avoid kernel pointer value leak in slab name * vfs: do_splice_to(): cap the size before passing to ->splice_read() * crypto: hash - Fix page length clamping in hash walk * isofs: get_rock_ridge_filename(): handle malformed NM entries * uapi glibc compat: fix compile errors when glibc net/if.h included before linux/if.h (Closes: #822393) * videobuf2-core: Fix crash after fixing CVE-2016-4568 * [armhf] Enable more Exynos drivers (Closes: #824435): - drm: Enable DRM_EXYNOS as module, DRM_EXYNOS_MIXER, DRM_EXYNOS_FIMD, DRM_EXYNOS_DSI, DRM_EXYNOS_DP, DRM_EXYNOS_HDMI - phy: Enable PHY_EXYNOS_MIPI_VIDEO, PHY_EXYNOS_DP_VIDEO as modules - cpuidle: Enable ARM_EXYNOS_CPUIDLE - iio: Enable EXYNOS_ADC as module -- Ben Hutchings Mon, 16 May 2016 19:17:22 +0100 linux (4.5.3-2) unstable; urgency=medium * [s390x] PCI: Ignore zpci ABI changes; these functions are not used by modules * [powerpc*] Fix sstep compile on powerpcspe (Closes: #823526; thanks to Lennart Sorensen) -- Ben Hutchings Sun, 08 May 2016 15:03:45 +0100 linux (4.5.3-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.3 - mmc: block: Use the mmc host device index as the mmcblk device index - block: partition: initialize percpuref before sending out KOBJ_ADD - block: loop: fix filesystem corruption in case of aio/dio - [arm64] efi: Don't apply MEMBLOCK_NOMAP to UEFI memory map mapping - [x86] mce: Avoid using object after free in genpool - [x86] kvm: do not leak guest xcr0 into host interrupt handlers - [arm*] KVM: Handle forward time correction gracefully - [armhf] mvebu: Correct unit address for linksys - [armhf] OMAP2: Fix up interconnect barrier initialization for DRA7 - [armhf] OMAP2+: hwmod: Fix updating of sysconfig register - assoc_array: don't call compare_object() on a node - [x86] usb: xhci: applying XHCI_PME_STUCK_QUIRK to Intel BXT B0 host - xhci: resume USB 3 roothub first - usb: host: xhci: add a new quirk XHCI_NO_64BIT_SUPPORT - usb: xhci: fix wild pointers in xhci_mem_cleanup - xhci: fix 10 second timeout on removal of PCI hotpluggable xhci controllers - usb: host: xhci-plat: Make enum xhci_plat_type start at a non zero value - usb: hcd: out of bounds access in for_each_companion - usb: gadget: f_fs: Fix use-after-free - dm cache metadata: fix READ_LOCK macros and cleanup WRITE_LOCK macros - dm cache metadata: fix cmd_read_lock() acquiring write lock - lib: lz4: fixed zram with lz4 on big endian machines - debugfs: Make automount point inodes permanently empty - dmaengine: dw: fix master selection - [armhf] dmaengine: omap-dma: Fix polled channel completion detection and handling - dmaengine: edma: Remove dynamic TPTC power management feature - mtd: nand: pxa3xx_nand: fix dmaengine initialization - sched/cgroup: Fix/cleanup cgroup teardown/init - [x86] EDAC, sb_edac.c: Repair damage introduced when "fixing" channel address - [x86] EDAC, sb_edac.c: Take account of channel hashing when needed - ALSA: hda - Don't trust the reported actual power state - [x86] ALSA: hda/realtek - Add ALC3234 headset mode for Optiplex 9020m - ALSA: hda - Keep powering up ADCs on Cirrus codecs - [x86] ALSA: hda - add PCI ID for Intel Broxton-T - ALSA: pcxhr: Fix missing mutex unlock - [x86] ALSA: hda - Add dock support for ThinkPad X260 - [x86] ALSA: hda - Update BCLK also at hotplug for i915 HSW/BDW - asm-generic/futex: Re-enable preemption in futex_atomic_cmpxchg_inatomic() - futex: Handle unlock_pi race gracefully - futex: Acknowledge a new waiter in counter before plist - drm/nouveau/core: use vzalloc for allocating ramht - drm/qxl: fix cursor position with non-zero hotspot - [x86] drm/i915: Fix race condition in intel_dp_destroy_mst_connector() - Revert "drm/radeon: disable runtime pm on PX laptops without dGPU power control" - [armhf] Revert "PCI: imx6: Add support for active-low reset GPIO" - usbvision: revert commit 588afcc1 - [x86] Revert "drm/amdgpu: disable runtime pm on PX laptops without dGPU power control" - cpufreq: intel_pstate: Fix processing for turbo activation ratio - [s390x] pci: add extra padding to function measurement block - iwlwifi: pcie: lower the debug level for RSA semaphore access - iwlwifi: mvm: fix memory leak in paging - crypto: rsa-pkcs1pad - fix dst len - [x86] crypto: ccp - Prevent information leakage on export - crypto: sha1-mb - use corrcet pointer while completing jobs - [powerpc*] scan_features() updates incorrect bits for REAL_LE - [powerpc*] Update cpu_user_features2 in scan_features() - [powerpc*] Update TM user feature bits in scan_features() - nl80211: check netlink protocol in socket release notification - netlink: don't send NETLINK_URELEASE for unbound sockets - pinctrl: single: Fix pcs_parse_bits_in_pinctrl_entry to use __ffs than ffs - [x86] iommu/amd: Fix checking of pci dma aliases - iommu/dma: Restore scatterlist offsets correctly - [x86] drm/amdgpu: when suspending, if uvd/vce was running. need to cancel delay work. - [x86] drm/amdgpu: use defines for CRTCs and AMFT blocks - [x86] drm/amdgpu: bump the afmt limit for CZ, ST, Polaris - [x86] amdgpu/uvd: add uvd fw version for amdgpu - [x86] drm/amdgpu: fix regression on CIK (v2) - drm/radeon: add a quirk for a XFX R9 270X - drm/radeon: fix initial connector audio value - drm/radeon: forbid mapping of userptr bo through radeon device file - drm/radeon: fix vertical bars appear on monitor (v2) - [mips*el/loongson-3] drm: Loongson-3 doesn't fully support wc memory - drm/nouveau/gr/gf100: select a stream master to fixup tfb offset queries - drm/dp/mst: Validate port in drm_dp_payload_send_msg() - drm/dp/mst: Restore primary hub guid on resume - drm/dp/mst: Get validated port ref in drm_dp_update_payload_part1() - [x86] drm/i915: Pass the correct encoder to intel_ddi_clk_select() with MST - [x86] drm/i915: Cleanup phys status page too - [x86] drm/i915: Use the active wm config for merging on ILK-BDW - [x86] drm/i915: Start WM computation from scratch on ILK-BDW - [x86] drm/i915: skl_update_scaler() wants a rotation bitmask instead of bit number - [x86] drm/amdkfd: uninitialized variable in dbgdev_wave_control_set_registers() - [x86] drm/i915/skl: Fix DMC load on Skylake J0 and K0 - [x86] drm/i915/skl: Fix spurious gpu hang with gt3/gt4 revs - [x86] drm/i915: Fixup the free space logic in ring_prepare - [x86] drm/i915: Force ringbuffers to not be at offset 0 - [x86] drm/i915: Use fw_domains_put_with_fifo() on HSW - drm/ttm: fix kref count mess in ttm_bo_move_to_lru_tail - [x86] perf intel-pt: Fix segfault tracing transactions - [armhf] i2c: exynos5: Fix possible ABBA deadlock by keeping I2C clock prepared - ACPICA / Interpreter: Fix a regression triggered because of wrong Linux ECDT support - [x86] mmc: sdhci-acpi: Reduce Baytrail eMMC/SD/SDIO hangs - [x86] toshiba_acpi: Fix regression caused by hotkey enabling value - [x86] EDAC: i7core, sb_edac: Don't return NOTIFY_BAD from mce_decoder callback - [x86] ASoC: ssm4567: Reset device before regcache_sync() - [x86] ASoC: rt5640: Correct the digital interface data select - vb2-memops: Fix over allocation of frame vectors - media: vb2: Fix regression on poll() for RW mode - videobuf2-core: Check user space planes array in dqbuf - videobuf2-v4l2: Verify planes array in buffer dequeueing (CVE-2016-4568) - v4l2-dv-timings.h: fix polarity for 4k formats - IB/core: Fix oops in ib_cache_gid_set_default_gid - mwifiex: fix IBSS data path issue. - IB/mlx5: Expose correct max_sge_rd limit - IB/security: Restrict use of the write() interface (CVE-2016-4565) - efi: Fix out-of-bounds read in variable_matches() - efi: Expose non-blocking set_variable() wrapper to efivars - [x86] apic: Handle zero vector gracefully in clear_vector_irq() - workqueue: fix ghost PENDING flag while doing MQ IO - slub: clean up code for kmem cgroup support to kmem_cache_free_bulk - cgroup, cpuset: replace cpuset_post_attach_flush() with cgroup_subsys->post_attach callback - memcg: relocate charge moving from ->attach to ->post_attach - mm: exclude HugeTLB pages from THP page_mapped() logic - mm/huge_memory: replace VM_NO_THP VM_BUG_ON with actual VMA check - numa: fix /proc//numa_maps for THP - mm: vmscan: reclaim highmem zone if buffer_heads is over limit - mm/hwpoison: fix wrong num_poisoned_pages accounting - locking/mcs: Fix mcs_spin_lock() ordering - [armhf] spi/rockchip: Make sure spi clk is on in rockchip_spi_set_cs - [armhf] irqchip/sunxi-nmi: Fix error check of of_io_request_and_map() - [armhf] regulator: s5m8767: fix get_register() error handling - scsi_dh: force modular build if SCSI is a module - lib/mpi: Endianness fix - [x86] misc: mic/scif: fix wrap around tests - PM / OPP: Initialize u_volt_min/max to a valid value - PM / Domains: Fix removal of a subdomain - drivers/misc/ad525x_dpot: AD5274 fix RDAC read back errors - perf evlist: Reference count the cpu and thread maps at set_maps() - perf tools: Fix perf script python database export crash - [x86] mm/kmmio: Fix mmiotrace for hugepages - ext4: fix NULL pointer dereference in ext4_mark_inode_dirty() - f2fs crypto: fix corrupted symlink in encrypted case - f2fs: slightly reorganize read_raw_super_block - f2fs: cover large section in sanity check of super - ext4/fscrypto: avoid RCU lookup in d_revalidate - f2fs: do f2fs_balance_fs when block is allocated - f2fs: don't need to call set_page_dirty for io error - f2fs crypto: handle unexpected lack of encryption keys - f2fs crypto: make sure the encryption info is initialized on opendir(2) - bus: uniphier-system-bus: fix condition of overlap check - mtd: spi-nor: remove micron_quad_enable() - mtd: brcmnand: Fix v7.1 register offsets - mtd: nand: Drop mtd.owner requirement in nand_scan - perf hists browser: Only offer symbol scripting when a symbol is under the cursor - perf hists browser: Fix dump to show correct callchain style - perf tools: handle spaces in file names obtained from /proc/pid/maps - NTB: Remove _addr functions from ntb_hw_amd - perf/core: Don't leak event in the syscall error path - perf/core: Fix time tracking bug with multiplexing - perf hists: Fix determination of a callchain node's childlessness - [armhf] OMAP3: Add cpuidle parameters table for omap3430 - [armhf] dts: armada-375: use armada-370-sata for SATA - [armhf] dts: am33xx: Fix GPMC dma properties - btrfs: fix memory leak of fs_info in block group cache - btrfs: cleaner_kthread() doesn't need explicit freeze - [armhf] thermal: rockchip: fix a impossible condition caused by the warning - sunrpc/cache: drop reference when sunrpc_cache_pipe_upcall() detects a race - megaraid_sas: add missing curly braces in ioctl handler - tpm: fix checks for policy digest existence in tpm2_seal_trusted() - tpm: fix: set continueSession attribute for the unseal operation [ Uwe Kleine-König ] * [armhf] enable I2C_MUX_PCA954x, MMC_SDHCI_PXAV3, AHCI_MVEBU [ Ben Hutchings ] * bug control: Update list of related firmware packages * Revert "sp5100_tco: fix the device check for SB800 and later chipsets" (Closes: #823146; probably fixes #822651) * bpf: fix double-fdput in replace_map_fd_with_map_ptr() (CVE-2016-4557) (Closes: #823603) * bpf: fix refcnt overflow (CVE-2016-4558) * bpf: fix check_map_func_compatibility logic * stable-update: Rewrite stable-update.sh in Python -- Ben Hutchings Sat, 07 May 2016 21:59:15 +0100 linux (4.5.2-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.2 - hwmon: (max1111) Return -ENODEV from max1111_read_channel if not instantiated - PKCS#7: pkcs7_validate_trust(): initialize the _trusted output argument - [hppa] Fix SIGSYS signals in compat case - [hppa] Fix and enable seccomp filter support - [hppa] Avoid function pointers for kernel exception routines - [hppa] Fix kernel crash with reversed copy_from_user() - [hppa] Unbreak handling exceptions from kernel modules - ALSA: timer: Use mod_timer() for rearming the system timer - mm: fix invalid node in alloc_migrate_target() - [powerpc*] mm: Fixup preempt underflow with huge pages - [s390x] /mm: handle PTE-mapped tail pages in fast gup - [x86] libnvdimm: fix smart data retrieval - [x86] libnvdimm, pfn: fix uuid validation - [powerpc*] process: Fix altivec SPR not being saved - compiler-gcc: disable -ftracer for __noclone functions - drm/dp: move hw_mutex up the call stack - drm/udl: Use unlocked gem unreferencing - [x86] drm/amd/powerplay: fix segment fault issue in multi-display case. - [x86] drm/amdgpu/gmc: move vram type fetching into sw_init - [x86] drm/amdgpu/gmc: use proper register for vram type on Fiji - xen/events: Mask a moving irq - net: validate variable length ll headers - ax25: add link layer header validation function - packet: validate variable length ll headers - bpf: avoid copying junk bytes in bpf_get_current_comm() - qlcnic: Remove unnecessary usage of atomic_t - qlcnic: Fix mailbox completion handling during spurious interrupt - macvtap: always pass ethernet header in linear - bridge: allow zero ageing time - ipv4: Don't do expensive useless work during inetdev destroy. - net: Fix use after free in the recvmmsg exit path - mlx4: add missing braces in verify_qp_parameters - farsync: fix off-by-one bug in fst_add_one - ath9k: fix buffer overrun for ar9287 - [armhf] net: mvneta: Fix spinlock usage - ppp: ensure file->private_data can't be overridden - tcp/dccp: remove obsolete WARN_ON() in icmp handlers - qlge: Fix receive packets drop. - bonding: fix bond_get_stats() - ipv4: fix broadcast packets reception - ipv4: initialize flowi4_flags before calling fib_lookup() - ppp: take reference on channels netns - xfrm: Fix crash observed during device unregistration and decryption - ipv6: udp: fix UDP_MIB_IGNOREDMULTI updates - bridge: Allow set bridge ageing time when switchdev disabled - rtnl: fix msg size calculation in if_nlmsg_size() - tun, bpf: fix suspicious RCU usage in tun_{attach, detach}_filter - tuntap: restore default qdisc - ipv4: l2tp: fix a potential issue in l2tp_ip_recv - ipv6: l2tp: fix a potential issue in l2tp_ip6_recv - ip6_tunnel: set rtnl_link_ops before calling register_netdevice - ipv6: Count in extension headers in skb->network_header - mpls: find_outdev: check for err ptr in addition to NULL check - USB: uas: Limit qdepth at the scsi-host level - USB: uas: Add a new NO_REPORT_LUNS quirk - [x86] KVM: Inject pending interrupt even if pending nmi exist - [x86] KVM: reduce default value of halt_poll_ns parameter - pinctrl: pistachio: fix mfio84-89 function description and pinmux. - pinctrl: sunxi: Fix A33 external interrupts not working - pinctrl: freescale: imx: fix bogus check of of_iomap() return value - au0828: fix au0828_v4l2_close() dev_state race condition - au0828: Fix dev_state handling - coda: fix error path in case of missing pdata on non-DT platform - v4l: vsp1: Set the SRU CTRL0 register when starting the stream - pcmcia: db1xxx_ss: fix last irq_to_gpio user - rbd: use GFP_NOIO consistently for request allocations - mac80211: properly deal with station hashtable insert errors - mac80211: avoid excessive stack usage in sta_info - mac80211: fix ibss scan parameters - mac80211: fix unnecessary frame drops in mesh fwding - mac80211: fix txq queue related crashes - [armhf] gpio: pca953x: Use correct u16 value for register word write - scsi: Do not attach VPD to devices that don't support it - [armel,armhf]: 8550/1: protect idiv patching against undefined gcc behavior - iio: fix config watermark initial value - iio: st_magn: always define ST_MAGN_TRIGGER_SET_STATE - iio: accel: bmc150: fix endianness when reading axes - iio: gyro: bmg160: fix buffer read values - iio: gyro: bmg160: fix endianness when reading axes - sd: Fix excessive capacity printing on devices with blocks bigger than 512 bytes - fs: add file_dentry() (Closes: #821442) + nfs: use file_dentry() + ext4 crypto: use dget_parent() in ext4_d_revalidate() + ext4: use dget_parent() in ext4_file_open() + ext4: use file_dentry() - btrfs: fix crash/invalid memory access on fsync when using overlayfs - ext4: ignore quota mount options if the quota feature is enabled - iommu: Don't overwrite domain pointer when there is no default_domain - Btrfs: fix file/data loss caused by fsync after rename and new inode - [arm64] replace read_lock to rcu lock in call_step_hook - mmc: sdhci: Fix regression setting power on Trats2 board - ALSA: hda - Fix regression of monitor_present flag in eld proc file - [x86] ALSA: usb-audio: Skip volume controls triggers hangup on Dell USB Dock - HID: wacom: fix Bamboo ONE oops - HID: usbhid: fix inconsistent reset/resume/reset-resume behavior [ Salvatore Bonaccorso ] * [x86] xen: suppress hugetlbfs in PV guests (CVE-2016-3961) * [x86] USB: usbip: fix potential out-of-bounds write (CVE-2016-3955) [ Ben Hutchings ] * fs: Consolidate softdep declarations in each module * Bump ABI to 2 * [armel/marvell] dts: kirkwood: fix SD slot default configuration for OpenRD (Closes: #811351) * atl2: Disable unimplemented scatter/gather feature (CVE-2016-2117) * [x86] sound/soc/intel: Enable SND_SOC_INTEL_BYTCR_RT5640_MACH (replacing SND_SOC_INTEL_BYT_RT5640_MACH; closes: #822267), SND_SOC_INTEL_BYTCR_RT5651_MACH, SND_SOC_INTEL_CHT_BSW_RT5672_MACH, SND_SOC_INTEL_CHT_BSW_RT5645_MACH, SND_SOC_INTEL_CHT_BSW_MAX98090_TI_MACH, SND_SOC_INTEL_SKL_RT286_MACH, SND_SOC_INTEL_SKL_NAU88L25_SSM4567_MACH, SND_SOC_INTEL_SKL_NAU88L25_MAX98357A_MACH as modules * module: Invalidate signatures on force-loaded modules * linux-source: Fix up module signing configuration in included kernel config files * README.Debian: Change more URLs to use https: scheme * [sparc] Implement and wire up hotplug and modalias_show for vio, thanks to Adrian Glaubitz (Closes: #815977) * linux-headers: Avoid mixed implicit and normal rules in Makefile, thanks to Thierry Herbelot (Closes: #822666) * memcg: remove lru_add_drain_all() invocation from mem_cgroup_move_charge() (Closes: #822084) * linux-perf: Add build-time check for unversioned files that are likely to result in file conflicts * linux-perf: Move tips.txt to /usr/share/doc/linux-perf- (Closes: #821741) * tools/build: Fix bpf(2) feature test (fixes FTBFS on alpha, sh4; closes: #822364) * [armhf] Disable FB_OMAP2; it is redundant and conflicting with DRM_OMAP * [armhf] mm: Enable CMA, DMA_CMA * Input: gtco - fix crash on detecting device without endpoints (CVE-2016-2187) [ Aurelien Jarno ] * [mips*] Emulate unaligned LDXC1 and SDXC1 instructions. [ Uwe Kleine-König ] * [armhf] enable NET_DSA and available switch drivers as modules. -- Ben Hutchings Thu, 28 Apr 2016 18:03:18 +0200 linux (4.5.1-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1 - [x86] entry/compat: Keep TS_COMPAT set during signal delivery - [x86] perf/intel: Add definition for PT PMI bit - [x86] KVM: fix missed hardware breakpoints - [x86] KVM: i8254: change PIT discard tick policy - [x86] KVM: fix spin_lock_init order on x86 - [x86] KVM: VMX: avoid guest hang on invalid invept instruction - [x86] KVM: VMX: avoid guest hang on invalid invvpid instruction - [x86] KVM: VMX: fix nested vpid for old KVM guests - perf/core: Fix perf_sched_count derailment - perf tools: Fix checking asprintf return value - Thermal: Ignore invalid trip points - sched/cputime: Fix steal_account_process_tick() to always return jiffies - sched/fair: Avoid using decay_load_missed() with a negative value - [x86] EDAC/sb_edac: Fix computation of channel address - [x86] EDAC, amd64_edac: Shift wrapping issue in f1x_get_norm_dct_addr() - [s390x] fix floating pointer register corruption (again) - [s390x] cpumf: add missing lpp magic initialization - [s390x] pci: enforce fmb page boundary rule - [armhf] pinctrl-bcm2835: Fix cut-and-paste error in "pull" parsing - [x86] irq: Cure live lock in fixup_irqs() (Closes: #817816) - [x86] apic: Fix suspicious RCU usage in smp_trace_call_function_interrupt() - [amd64] iopl: Properly context-switch IOPL on Xen PV (CVE-2016-3157) - [x86] mm: TLB_REMOTE_SEND_IPI should count pages - sg: fix dxferp in from_to case - aacraid: Fix RRQ overload - aacraid: Fix memory leak in aac_fib_map_free - aacraid: Set correct msix count for EEH recovery - sd: Fix discard granularity when LBPRZ=1 - ncr5380: Correctly clear command pointers and lists after bus reset - ncr5380: Dont release lock for PIO transfer - ncr5380: Dont re-enter NCR5380_select() - ncr5380: Forget aborted commands - ncr5380: Fix NCR5380_select() EH checks and result handling - ncr5380: Call scsi_eh_prep_cmnd() and scsi_eh_restore_cmnd() as and when appropriate - scsi: storvsc: fix SRB_STATUS_ABORTED handling - be2iscsi: set the boot_kset pointer to NULL in case of failure - aic7xxx: Fix queue depth handling - libnvdimm: Fix security issue with DSM IOCTL. - libnvdimm, pmem: fix kmap_atomic() leak in error path - dm snapshot: disallow the COW and origin devices from being identical - dm: fix excessive dm-mq context switching - dm thin metadata: don't issue prefetches if a transaction abort has failed - dm cache: make sure every metadata function checks fail_io - dm: fix rq_end_stats() NULL pointer in dm_requeue_original_request() - usb: retry reset if a device times out - usb: hub: fix a typo in hub_port_init() leading to wrong logic - USB: cdc-acm: more sanity checking (CVE-2016-3138) - USB: iowarrior: fix oops with malicious USB descriptors (incomplete fix for CVE-2016-2188) - USB: usb_driver_claim_interface: add sanity checking - USB: mct_u232: add sanity checking in probe (CVE-2016-3136) - USB: digi_acceleport: do sanity checking for the number of ports (CVE-2016-3140) - USB: cypress_m8: add endpoint sanity check (CVE-2016-3137) - Input: powermate - fix oops with malicious USB descriptors (CVE-2016-2186) - ALSA: usb-audio: Fix NULL dereference in create_fixed_stream_quirk() (CVE-2016-2184) - ALSA: usb-audio: Add sanity checks for endpoint accesses (CVE-2016-2184) - ALSA: usb-audio: Minor code cleanup in create_fixed_stream_quirk() - ALSA: usb-audio: Fix double-free in error paths after snd_usb_add_audio_stream() call - crypto: ccp - Add hash state import and export support - crypto: ccp - Limit the amount of information exported - crypto: ccp - Don't assume export/import areas are aligned - crypto: ccp - memset request context to zero during import - crypto: keywrap - memzero the correct memory - [armel/marvell,armhf] crypto: marvell/cesa - forward devm_ioremap_resource() error code - [x86] mei: bus: check if the device is enabled before data transfer - tpm: fix the rollback in tpm_chip_register() - tpm_crb: tpm2_shutdown() must be called before tpm_chip_unregister() - tpm_eventlog.c: fix binary_bios_measurements - tpm: fix the cleanup of struct tpm_chip - HID: logitech: fix Dual Action gamepad support - HID: i2c-hid: fix OOB write in i2c_hid_set_or_send_report() - HID: multitouch: force retrieving of Win8 signature blob - HID: fix hid_ignore_special_drivers module parameter - staging: comedi: ni_tiocmd: change mistaken use of start_src for start_arg - staging: comedi: ni_mio_common: fix the ni_write[blw]() functions - tty: Fix GPF in flush_to_ldisc(), part 2 - net: irda: Fix use-after-free in irtty_open() - 8250: use callbacks to access UART_DLL/UART_DLM - saa7134: Fix bytesperline not being set correctly for planar formats - adv7511: TX_EDID_PRESENT is still 1 after a disconnect - bttv: Width must be a multiple of 16 when capturing planar formats - coda: fix first encoded frame payload - media: v4l2-compat-ioctl32: fix missing length copy in put_v4l2_buffer32 - mtip32xx: Avoid issuing standby immediate cmd during FTL rebuild - mtip32xx: Fix broken service thread handling - mtip32xx: Remove unwanted code from taskfile error handler - mtip32xx: Fix for rmmod crash when drive is in FTL rebuild - mtip32xx: Handle safe removal during IO - mtip32xx: Handle FTL rebuild failure state during device initialization - mtip32xx: Implement timeout handler - mtip32xx: Cleanup queued requests after surprise removal - ALSA: hda - Fix unexpected resume through regmap code path - ALSA: hda - Apply reboot D3 fix for CX20724 codec, too - [x86] ALSA: intel8x0: Add clock quirk entry for AD1981B on IBM ThinkPad X41. - ALSA: hda - Don't handle ELD notify from invalid port - [x86] ALSA: hda - fix the mic mute button and led problem for a Lenovo AIO - ALSA: hda - Fix unconditional GPIO toggle via automute - [x86] ALSA: hda - Limit i915 HDMI binding only for HSW and later - [x86] ALSA: hda - Fix spurious kernel WARNING on Baytrail HDMI - [x86] ALSA: hda - Really restrict i915 notifier to HSW+ - ALSA: hda - Fix forgotten HDMI monitor_present update - [x86] ALSA: hda - Workaround for unbalanced i915 power refcount by concurrent probe - ALSA: hda - Fix missing ELD update at unplugging - jbd2: fix FS corruption possibility in jbd2_journal_destroy() on umount path - [arm64] Update PTE_RDONLY in set_pte_at() for PROT_NONE permission - brd: Fix discard request processing - IB/srpt: Simplify srpt_handle_tsk_mgmt() - bcache: cleaned up error handling around register_cache() - bcache: fix race of writeback thread starting before complete initialization - bcache: fix cache_set_flush() NULL pointer dereference on OOM - mm: memcontrol: reclaim when shrinking memory.high below usage - mm: memcontrol: reclaim and OOM kill when shrinking memory.max below usage - watchdog: don't run proc_watchdog_update if new value is same as old - Bluetooth: Fix potential buffer overflow with Add Advertising - cgroup: ignore css_sets associated with dead cgroups during migration - [amrhf] net: mvneta: enable change MAC address when interface is up - brcmfmac: Increase nr of supported flowrings. - of: alloc anywhere from memblock if range not specified - vfs: show_vfsstat: do not ignore errors from show_devname method - splice: handle zero nr_pages in splice_to_pipe() - quota: Fix possible GPF due to uninitialised pointers - xfs: fix two memory leaks in xfs_attr_list.c error paths - raid1: include bio_end_io_list in nr_queued to prevent freeze_array hang - md/raid5: Compare apples to apples (or sectors to sectors) - RAID5: check_reshape() shouldn't call mddev_suspend - RAID5: revert e9e4c377e2f563 to fix a livelock - raid10: include bio_end_io_list in nr_queued to prevent freeze_array hang - md/raid5: preserve STRIPE_PREREAD_ACTIVE in break_stripe_batch_list - md: multipath: don't hardcopy bio in .make_request path - fuse: do not use iocb after it may have been freed - fuse: Add reference counting for fuse_io_priv - fs/coredump: prevent fsuid=0 dumps into user-controlled directories - [armhf] drm/vc4: Return -EFAULT on copy_from_user() failure - [x86] drm/radeon: disable runtime pm on PX laptops without dGPU power control - drm/radeon: Don't drop DP 2.7 Ghz link setup on some cards. - drm/radeon: rework fbdev handling on chips with no connectors - drm/radeon/mst: fix regression in lane/link handling. - [x86] drm/amdgpu: disable runtime pm on PX laptops without dGPU power control - drm/amdgpu: include the right version of gmc header files for iceland - drm/amd/powerplay: add uvd/vce dpm enabling flag to fix the performance issue for CZ - tracing: Have preempt(irqs)off trace preempt disabled functions - tracing: Fix crash from reading trace_pipe with sendfile - tracing: Fix trace_printk() to print when not using bprintk() - bitops: Do not default to __clear_bit() for __clear_bit_unlock() - [x86] ideapad-laptop: Add ideapad Y700 (15) to the no_hw_rfkill DMI list - mmc: block: fix ABI regression of mmc_blk_ioctl - mmc: mmc_spi: Add Card Detect comments and fix CD GPIO case - mmc: sdhci: move initialisation of command error member - mmc: sdhci: clean up command error handling - mmc: sdhci: fix command response CRC error handling - mmc: sdhci: further fix for DMA unmapping in sdhci_post_req() - mmc: sdhci: avoid unnecessary mapping/unmapping of align buffer - mmc: sdhci: plug DMA mapping leak on error - mmc: sdhci: fix data timeout - [armhf] mmc: tegra: Disable UHS-I modes for tegra114 - [armhf] mmc: tegra: properly disable card clock - mmc: sdhci: Fix override of timeout clk wrt max_busy_timeout - [armhf] clk: rockchip: rk3368: fix cpuclk mux bit of big cpu-cluster - [armhf] clk: rockchip: rk3368: fix cpuclk core dividers - [armhf] clk: rockchip: rk3368: fix parents of video encoder/decoder - [armhf] clk: rockchip: rk3368: fix hdmi_cec gate-register - [armhf] clk: rockchip: add hclk_cpubus to the list of rk3188 critical clocks - [armhf] clk: bcm2835: Fix setting of PLL divider clock rates - target: Fix target_release_cmd_kref shutdown comp leak - iser-target: Fix identification of login rx descriptor type - iser-target: Separate flows for np listeners and connections cma events - iser-target: Rework connection termination - nfsd4: fix bad bounds checking - nfsd: fix deadlock secinfo+readdir compound - ACPI / PM: Runtime resume devices when waking from hibernate - writeback, cgroup: fix premature wb_put() in locked_inode_to_wb_and_lock_list() - writeback, cgroup: fix use of the wrong bdi_writeback which mismatches the inode - Input: synaptics - handle spurious release of trackstick buttons, again - Input: ati_remote2 - fix crashes on detecting device with invalid descriptor (CVE-2016-2185) - ocfs2: o2hb: fix double free bug - ocfs2/dlm: fix race between convert and recovery - ocfs2/dlm: fix BUG in dlm_move_lockres_to_recovery_list - mm/page_alloc: prevent merging between isolated and other pageblocks - mtd: onenand: fix deadlock in onenand_block_markbad - [x86] intel_idle: prevent SKL-H boot failure when C8+C9+C10 enabled - PM / sleep: Clear pm_suspend_global_flags upon hibernate - scsi_common: do not clobber fixed sense information - sched/cputime: Fix steal time accounting vs. CPU hotplug - [x86] perf/pebs: Add workaround for broken OVFL status on HSW+ - [x86] perf/intel/uncore: Remove SBOX support for BDX-DE - [x86] perf/intel: Fix PEBS warning by only restoring active PMU in pmi - [x86] perf/intel: Use PAGE_SIZE for PEBS buffer size on Core2 - [x86] perf/intel: Fix PEBS data source interpretation on Nehalem/Westmere [ Ben Hutchings ] * mm: exclude ZONE_DEVICE from GFP_ZONE_TABLE * mm: ZONE_DEVICE depends on SPARSEMEM_VMEMMAP * [amd64] Re-enable ZONE_DMA and sound drivers that depend on it (Closes: #814855, #819385, #820890) * ntfs: Disable NTFS_RW (Closes: #566356); ntfs-3g has much more complete write support * Merge linux-tools source package into linux (Closes: #550379, #573483, #816500) * Add support for securelevel and prepare for Secure Boot (Closes: #820008): - Add Matthew Garrett's securelevel patchset (see Documentation/security/securelevel.txt) - modules: Enable MODULE_SIG and MODULE_SIG_SHA256, but not MODULE_SIG_ALL as signatures will be packaged separately - debian/control: Add build-dependencies on libssl-dev, openssl - debian/copyright: Note that extract-cert and sign-file are under LGPL 2.1 - linux-kbuild: Add extract-cert and sign-file programs - scripts: Fix X.509 PEM support in sign-file - certs: Set SYSTEM_TRUSTED_KEYS to my own personal certificate to support initial testing of signed modules * Disable UNUSED_SYMBOLS; it is now itself unused * linux-support: Include udeb configuration from debian/installer for use by the linux-signed package * Set ABI to 1 * netfilter: x_tables: Fix parsing of IPT_SO_SET_REPLACE blobs (CVE-2016-3134) - validate e->target_offset early - make sure e->next_offset covers remaining blob size * ipv4: Don't do expensive useless work during inetdev destroy (CVE-2016-3156) * [x86] mm/32: Enable full randomization on i386 and X86_32 (CVE-2016-3672) * fs: Add MODULE_SOFTDEP declarations for hard-coded crypto drivers (Closes: #819725) * aufs: Update support patches to aufs4.5-20160328 (Closes: #819748) * [x86] ACPI / processor: Request native thermal interrupt handling via _OSC (Closes: #817016, #819336) * [armhf] Add support for octa-core big.LITTLE systems including Exynos (Closes: #819379) * [armhf] watchdog: Enable S3C2410_WATCHDOG as module (Closes: #819377) * nbd: Create size change events for userspace (Closes: #812487) * [armhf] usb-modules: Add modules required for BeagleBoard-X15, thanks to Vagrant Cascadian (Closes: #815848) [ Aurelien Jarno ] * [mipsel/mips/config.loongson-2f] Disable VIDEO_CX23885, VIDEO_IVTV, VIDEO_CX231XX, VIDEO_PVRUSB2 (fixes FTBFS). * [mips*/octeon] Backport OCTEON SATA controller support from 4.6-rc1. Enable AHCI_OCTEON and SATA_AHCI_PLATFORM. * [mips*/octeon] Backport Octeon III CN7xxx interface detection from 4.7 queue. * [mips*/octeon] Enable SPI_OCTEON. * [mips*/octeon] udeb: Add ahci_octeon and ahci_platform modules to sata-modules. * [mips*/octeon] Bump CONFIG_NR_CPUS to 32 to accomodate recent Octeon III SoCs. * [mips*/octeon] Enable CRYPTO_MD5_OCTEON, CRYPTO_SHA1_OCTEON, CRYPTO_SHA256 and CRYPTO_SHA512_OCTEON. [ Roger Shimizu ] * [armel/marvell] Change MTD_CFI_AMDSTD from module to built-in because orion5x-based Buffalo Linkstation devices still need it (Closes: #818598) * [armel/marvell] Add DT support for "Synology DS112" and "Zyxel NSA320". Thanks to Heinrich Schuchardt. (Closes: #819393) * [armel/marvell] Add DT support for "Buffalo/Revogear Kurobox Pro" * [armhf/armmp] Enable DW_WATCHDOG as module, used on Firefly-RK3288. Patch by Vagrant Cascadian. (Closes: #820834) -- Ben Hutchings Thu, 14 Apr 2016 09:49:24 +0100 linux-tools (4.5-1~exp1) experimental; urgency=medium * New upstream release [ Ben Hutchings ] * linux-perf: Fix use of uninitialized variables -- Ben Hutchings Sun, 20 Mar 2016 21:20:22 +0000 linux (4.5-1~exp1) experimental; urgency=medium * New upstream release: http://kernelnewbies.org/Linux_4.5 [ Martin Michlmayr ] * [arm64] Enable LEDS_GPIO. * [arm64] Enable more QCOM options. (Closes: #815627) * [arm64] udeb: Add leds-modules package containing leds-gpio driver. * [arm64] udeb: Add regulators and SoC modules to core-modules. [ Uwe Kleine-König ] * [armhf] Enable DRM_ETNAVIV. [ Ben Hutchings ] * [armel/versatile] Enable GPIOLIB, new dependency of SMC91X (fixes FTBFS) * [x86] input: Enable ASUS_WIRELESS as module (Closes: #818487) * [x86] amdgpu: Enable DRM_AMD_POWERPLAY (Closes: #818174) * [x86] Enable RANDOMIZE_BASE (kASLR). This is incompatible with hibernation, so you must use the kernel parameter "kaslr" to enable kASLR and disable hibernation at boot time. (Closes: #816067) * [x86] vmxnet3: fix lock imbalance in vmxnet3_tq_xmit() (regression in 4.5) -- Ben Hutchings Sun, 20 Mar 2016 12:06:57 +0000 linux (4.5~rc7-1~exp1) experimental; urgency=medium * New upstream release candidate -- Ben Hutchings Mon, 07 Mar 2016 22:20:48 +0000 linux-tools (4.5~rc7-1~exp1) experimental; urgency=medium * New upstream release candidate [ Ben Hutchings ] * Makefile.inc: Add support for wildcards in $(SCRIPTS) and $(DATA) * linux-kbuild: Include scripts/Makefile.* (Closes: #815593) * Makefile.inc, rules.real: Fix conflation of $(DESTDIR) and $(prefix) * hyperv-daemons: Fix rule redefinition that 'make' warns about * debian/control: Build-Depend on dh-python, as dh_python2 warns we should * lockdep: Add '+' prefix to make invocation, so it can be parallelised * tools/build: Fix 'unused variable' warning in the bpf() feature check * lockdep: Add more missing macros -- Ben Hutchings Mon, 07 Mar 2016 03:07:00 +0000 linux-tools (4.5~rc5-1~exp3) experimental; urgency=medium * Adjust build fix from unstable -- Ben Hutchings Sun, 21 Feb 2016 23:45:04 +0000 linux-tools (4.5~rc5-1~exp2) experimental; urgency=medium * Merge build fix from unstable -- Ben Hutchings Sun, 21 Feb 2016 17:40:52 +0000 linux-tools (4.5~rc5-1~exp1) experimental; urgency=medium * New upstream release candidate [ Ben Hutchings ] * lockdep: Add missing macros * Adjust VPATH to work for check-hyperv (and simplify the modpost wrapper) * tools/build: Remove bpf() run-time check at build time -- Ben Hutchings Sun, 21 Feb 2016 16:45:52 +0000 linux (4.5~rc5-1~exp1) experimental; urgency=medium * New upstream release candidate [ Ben Hutchings ] * [armel/versatile] Enable GPIOLIB, needed to build smc91x driver with OF enabled (fixes FTBFS) * [powerpc] mm: Fix HAVE_ARCH_SOFT_DIRTY dependencies (fixes FTBFS) -- Ben Hutchings Sun, 21 Feb 2016 13:17:27 +0000 linux (4.5~rc4-1~exp1) experimental; urgency=medium * New upstream release candidate [ Roger Shimizu ] * Enable TTY_PRINTK as module (Closes: #814540). [ Ben Hutchings ] * [rt] Disable until it is updated for 4.5 or later * aufs: Update support patches to aufs4.x-rcN-20160215 * Compile with gcc-5 on all architectures * [hppa] Update build-dependencies for renaming of binutils-hppa64 * [x86] udeb: Move scsi_transport_fc to scsi-core-modules, since hv_storvsc now depends on it -- Ben Hutchings Thu, 18 Feb 2016 01:57:20 +0000 linux-tools (4.4.6-1) unstable; urgency=medium * New upstream stable update: - tools lib traceevent: Fix output of %llu for 64 bit values read on 32 bit machines - perf tools: tracepoint_error() can receive e=NULL, robustify it - perf kvm record/report: 'unprocessable sample' error while recording/reporting guest data - tools: hv: vss: fix the write()'s argument: error -> vss_msg - uapi: update install list after nvme.h rename - perf stat: Do not clean event's private stats [ Mattia Dongili ] * Build linux-cpupower. [ Ben Hutchings ] * debian/control: Update policy version to 3.9.7; no changes required * linux-perf: Override lintian errors for perf-read-vdso{,x}32 in 64-bit packages * debian/copyright: Move GPL-2 boilerplate to its own paragraph -- Ben Hutchings Sun, 20 Mar 2016 16:23:48 +0000 linux (4.4.6-1) unstable; urgency=medium [ Salvatore Bonaccorso ] * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.5 - Btrfs: fix deadlock running delayed iputs at transaction commit time (regression in 4.1) - btrfs: Fix no_space in write and rm loop (regression in 4.4) - btrfs: async-thread: Fix a use-after-free error for trace - [x86] drm/amdgpu: mask out WC from BO on unsupported arches - block: Initialize max_dev_sectors to 0 - [hppa] Fix ptrace syscall number and return value modification - [x86] kvm: Update tsc multiplier on change. (regression in 4.4) - fbcon: set a default value to blink interval - cifs: fix out-of-bounds access in lease parsing - CIFS: Fix SMB2+ interim response processing for read requests - [x86] vfio: fix ioctl error handling - [x86] KVM: fix root cause for missed hardware breakpoints - [arm*] KVM: Fix ioctl error handling - [amd64] iommu: Apply workaround for ATS write permission check - [amd64] iommu: Fix boot warning when device 00:00.0 is not iommu covered - [x86] iommu/vt-d: Use BUS_NOTIFY_REMOVED_DEVICE in hotplug path - target: Fix WRITE_SAME/DISCARD conversion to linux 512b sectors - [x86,powerpc*] drm/ast: Fix incorrect register check for DRAM width - drm/radeon/pm: update current crtc info after setting the powerstate - [x86] drm/amdgpu/pm: update current crtc info after setting the powerstate - [x86] drm/amdgpu: apply gfx_v8 fixes to gfx_v7 as well - [x86] drm/amdgpu/gfx8: specify which engine to wait before vm flush - [x86] drm/amdgpu: return from atombios_dp_get_dpcd only when error - libata: fix HDIO_GET_32BIT ioctl - writeback: flush inode cgroup wb switches instead of pinning super_block - Adding Intel Lewisburg device IDs for SATA - [arm64] vmemmap: use virtual projection of linear region (regression in 4.1) - ata: ahci: don't mark HotPlugCapable Ports as external/removable - tracing: Do not have 'comm' filter override event 'comm' field (regression in 4.3) - Btrfs: fix loading of orphan roots leading to BUG_ON - Revert "jffs2: Fix lock acquisition order bug in jffs2_write_begin" - jffs2: Fix page lock / f->sem deadlock - jffs2: Fix directory hardlinks from deleted directories - ALSA: usb-audio: Add a quirk for Plantronics DA45 - [amd64] ALSA: ctl: Fix ioctls for X32 ABI - [x86] ALSA: hda - Fix mic issues on Acer Aspire E1-472 - [amd64] ALSA: rawmidi: Fix ioctls X32 ABI - [amd64] ALSA: timer: Fix ioctls for X32 ABI - [amd64] ALSA: pcm: Fix ioctls for X32 ABI - ALSA: seq: oss: Don't drain at closing a client - ALSA: hdspm: Fix wrong boolean ctl value accesses - ALSA: hdsp: Fix wrong boolean ctl value accesses - ALSA: hdspm: Fix zero-division - ALSA: timer: Fix broken compat timer user status ioctl - [armhf] usb: chipidea: otg: change workqueue ci_otg as freezable - USB: cp210x: Add ID for Parrot NMEA GPS Flight Recorder - USB: qcserial: add Dell Wireless 5809e Gobi 4G HSPA+ (rev3) - USB: qcserial: add Sierra Wireless EM74xx device ID - USB: serial: option: add support for Telit LE922 PID 0x1045 - USB: serial: option: add support for Quectel UC20 - [mips*] scache: Fix scache init with invalid line size. - [mips*] traps: Fix SIGFPE information leak from `do_ov' and `do_trap_or_bp' - ubi: Fix out of bounds write in volume update code - thermal: cpu_cooling: fix out of bounds access in time_in_idle - [x86] drm/amdgpu: Use drm_calloc_large for VM page_tables array - block: check virt boundary in bio_will_gap() - [x86] drm/i915: more virtual south bridge detection - [x86] drm/i915: refine qemu south bridge detection - modules: fix longstanding /proc/kallsyms vs module insertion race. - [x86] drm/amdgpu: fix topaz/tonga gmc assignment in 4.4 stable [ Ben Hutchings ] * [x86] drm/i915: Fix oops caused by fbdev initialization failure * module: Fix ABI change in 4.4.5 * Revert "libata: Align ata_device's id on a cacheline" to avoid ABI change * [amd64] Fix more regressions due to "efi: Build our own page table structure": - efi: Fix boot crash by always mapping boot service regions into new EFI page tables (Closes: #815125) - mm/pat: Fix boot crash when 1GB pages are not supported by cpu * [armhf] gpio: Enable GPIO_PCF857X as module, needed by TI DRA7xx EVMs (Closes: #818386) * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.6 - [arm64] account for sparsemem section alignment when choosing vmemmap offset - [armel,armhf] mvebu: fix overlap of Crypto SRAM with PCIe memory window - [armhf] dts: dra7: do not gate cpsw clock due to errata i877 - [armhf] OMAP2+: hwmod: Introduce ti,no-idle dt property - PCI: Allow a NULL "parent" pointer in pci_bus_assign_domain_nr() - kvm: cap halt polling at exactly halt_poll_ns - [x86] KVM: VMX: disable PEBS before a guest entry - [s390x] KVM: correct fprs on SIGP (STOP AND) STORE STATUS - [powerpc*] KVM: Book3S HV: Sanitize special-purpose register values on guest exit - [x86] KVM: MMU: fix ept=0/pte.u=1/pte.w=0/CR0.WP=0/CR4.SMEP=1/EFER.NX=0 combo - [x86] KVM: MMU: fix reserved bit check for ept=0/CR0.WP=0/CR4.SMEP=1/EFER.NX=0 - [s390x] mm: four page table levels vs. fork (CVE-2016-2143) - [s390x] dasd: fix diag 0x250 inline assembly - tracing: Fix check for cpu online when event is disabled - jffs2: reduce the breakage on recovery from halfway failed rename() - ncpfs: fix a braino in OOM handling in ncp_fill_cache() - ASoC: dapm: Fix ctl value accesses in a wrong type - ovl: ignore lower entries when checking purity of non-directory entries - ovl: fix working on distributed fs as lower layer - wext: fix message delay/ordering - cfg80211/wext: fix message ordering - can: gs_usb: fixed disconnect bug by removing erroneous use of kfree() - iwlwifi: mvm: inc pending frames counter also when txing non-sta - mac80211: minstrel: Change expected throughput unit back to Kbps - mac80211: fix use of uninitialised values in RX aggregation - mac80211: minstrel_ht: set default tx aggregation timeout to 0 - mac80211: minstrel_ht: fix a logic error in RTS/CTS handling - mac80211: check PN correctly for GCMP-encrypted fragmented MPDUs - mac80211: Fix Public Action frame RX in AP mode - [armhf] gpu: ipu-v3: Do not bail out on missing optional port nodes - [i386/686-pae] mm: Fix slow_virt_to_phys() for X86_PAE again - Revert "drm/radeon: call hpd_irq_event on resume" - [x86] drm/amdgpu: Fix error handling in amdgpu_flip_work_func. - drm/radeon: Fix error handling in radeon_flip_work_func. - Revert "drm/radeon/pm: adjust display configuration after powerstate" - [powerpc*] powernv: Add a kmsg_dumper that flushes console output on panic - [powerpc*] powernv: Fix OPAL_CONSOLE_FLUSH prototype and usages - userfaultfd: don't block on the last VM updates at exit time - ovl: copy new uid/gid into overlayfs runtime inode - ovl: fix getcwd() failure after unsuccessful rmdir - [mips*] smp.c: Fix uninitialised temp_foreign_map - block: don't optimize for non-cloned bio in bio_get_last_bvec() - target: Drop incorrect ABORT_TASK put for completed commands * netfilter: x_tables: check for size overflow (CVE-2016-3135) [ Ian Campbell ] * [arm64] Enable ARCH_HISI (Hisilicon) and the set of currently available drivers (Power, Thermal, MMC) (Closes: #812540) -- Ben Hutchings Thu, 17 Mar 2016 01:25:23 +0000 linux (4.4.4-2) unstable; urgency=medium * Ignore ABI changes in sdhci* modules (fixes FTBFS on armhf) * udeb: Add dependency from mmc-modules to crc-modules (fixes FTBFS on arm64) * [hppa] Ignore ABI changes in built-in drm_kms_helper code (fixes FTBFS) * [powerpc*] Revert "powerpc: Simplify module TOC handling"; it is not needed to fix #808043 and causes a regression on ppc64el -- Ben Hutchings Wed, 09 Mar 2016 02:15:48 +0000 linux (4.4.4-1) unstable; urgency=medium [ Salvatore Bonaccorso ] * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.3 - [x86] mm: Fix types used in pgprot cacheability flags translations - [x86] mm/pat: Avoid truncation when converting cpa->numpages to address - [x86] uaccess/64: Make the __copy_user_nocache() assembly code more readable - [x86] uaccess/64: Handle the caching of 4-byte nocache copies properly in __copy_user_nocache() - [x86] mm: Fix vmalloc_fault() to handle large pages properly - ALSA: hda - Cancel probe work instead of flush at remove - ALSA: pcm: Fix rwsem deadlock for non-atomic PCM stream - ALSA: seq: Fix leak of pool buffer at concurrent writes - ALSA: seq: Fix double port list deletion - [armhf] phy: twl4030-usb: Relase usb phy on unload - [armhf] phy: twl4030-usb: Fix unbalanced pm_runtime_enable on module reload - staging/speakup: Use tty_ldisc_ref() for paste kworker - pty: fix possible use after free of tty->driver_data - pty: make sure super_block is still valid in final /dev/tty close - tty: Add support for PCIe WCH382 2S multi-IO card - [x86] serial: 8250_pci: Add Intel Broadwell ports - [armhf] serial: omap: Prevent DoS using unprivileged ioctl(TIOCSRS485) - ext4: fix scheduling in atomic on group checksum failure - ext4: fix potential integer overflow - ext4: don't read blocks from disk after extents being swapped - btrfs: handle invalid num_stripes in sys_array - Btrfs: fix fitrim discarding device area reserved for boot loader's use - Revert "btrfs: clear PF_NOFREEZE in cleaner_kthread()" - btrfs: properly set the termination value of ctx->pos in readdir - Btrfs: fix invalid page accesses in extent_same (dedup) ioctl - Btrfs: fix page reading in extent_same ioctl leading to csum errors - Btrfs: fix hang on extent buffer lock caused by the inode_paths ioctl - Btrfs: fix direct IO requests not reporting IO error to user space - ptrace: use fsuid, fsgid, effective creds for fs access checks - tracing: Fix freak link error caused by branch tracer - tracepoints: Do not trace when cpu is offline - klist: fix starting point removed bug in klist iterators - scsi: add Synology to 1024 sector blacklist - iscsi-target: Fix potential dead-lock during node acl delete - SCSI: fix crashes in sd and sr runtime PM - drivers/scsi/sg.c: mark VMA as VM_IO to prevent migration - scsi_dh_rdac: always retry MODE SELECT on command lock violation - SCSI: Add Marvell Console to VPD blacklist - scsi: fix soft lockup in scsi_remove_target() on module removal - iio: adis_buffer: Fix out-of-bounds memory access - iio:adc:ti_am335x_adc Fix buffered mode by identifying as software buffer. - iio-light: Use a signed return type for ltr501_match_samp_freq() - iio: add HAS_IOMEM dependency to VF610_ADC - iio: add IIO_TRIGGER dependency to STK8BA50 - iio: dac: mcp4725: set iio name property in sysfs - iio: light: acpi-als: Report data as processed - iio: pressure: mpl115: fix temperature offset sign - iio: inkern: fix a NULL dereference on error - cifs: Ratelimit kernel log messages - cifs: fix race between call_async() and reconnect() - cifs_dbg() outputs an uninitialized buffer in cifs_readdir() - cifs: fix erroneous return value - NFS: Fix attribute cache revalidation - pNFS/flexfiles: Fix an Oopsable typo in ff_mirror_match_fh() - nfs: Fix race in __update_open_stateid() - pNFS/flexfiles: Fix an XDR encoding bug in layoutreturn - udf: limit the maximum number of indirect extents in a row - udf: Prevent buffer overrun with multi-byte characters - udf: Check output buffer length when converting name to CS0 - SUNRPC: Fixup socket wait for memory - [powerpc] eeh: Fix PE location code - [powerpc] eeh: Fix stale cached primary bus - [powerpc] powernv: Fix stale PE primary bus - [powerpc] ioda: Set "read" permission when "write" is set - [armhf] mvebu: remove duplicated regulator definition in Armada 388 GP - [arm64] mm: avoid calling apply_to_page_range on empty range - [armel,armhf] 8519/1: ICST: try other dividends than 1 - [armel,armhf] 8517/1: ICST: avoid arithmetic overflow in icst_hz() - [armhf] dts: Fix wl12xx missing clocks that cause hangs - [armhf] dts: Fix omap5 PMIC control lines for RTC writes - [armhf] dts: omap5-board-common: enable rtc and charging of backup battery - [armhf] OMAP2+: Fix wait_dll_lock_timed for rodata - [armhf] OMAP2+: Fix l2_inv_api_params for rodata - [armhf] OMAP2+: Fix l2dis_3630 for rodata - [armhf] OMAP2+: Fix save_secure_ram_context for rodata - [armhf] OMAP2+: Fix ppa_zero_params and ppa_por_params for rodata - [arm64] dma-mapping: fix handling of devices registered before arch_initcall - [arm,arm64] KVM: Fix reference to uninitialised VGIC - [powerpc*] KVM: PPC: Fix emulation of H_SET_DABR/X on POWER8 - [powerpc*] KVM: PPC: Fix ONE_REG AltiVec support - mm: soft-offline: check return value in second __get_any_page() call - libnvdimm: fix namespace object confusion in is_uuid_busy() - mm: fix mlock accouting - mm: replace vma_lock_anon_vma with anon_vma_lock_read/write - mm: fix regression in remap_file_pages() emulation - Input: elantech - mark protocols v2 and v3 as semi-mt - [x86] Input: i8042 - add Fujitsu Lifebook U745 to the nomux list - string_helpers: fix precision loss for some inputs - Input: vmmouse - fix absolute device registration - [x86] iommu/vt-d: Don't skip PCI devices when disabling IOTLB - [x86] iommu/amd: Correct the wrong setting of alias DTE in do_attach - [x86] iommu/vt-d: Fix mm refcounting to hold mm_count not mm_users - [x86] iommu/vt-d: Fix 64-bit accesses to 32-bit DMAR_GSTS_REG - [x86] iommu/vt-d: Clear PPR bit to ensure we get more page request interrupts - Revert "xhci: don't finish a TD if we get a short-transfer event mid TD" - xhci: Fix list corruption in urb dequeue at host removal - fs/hugetlbfs/inode.c: fix bugs in hugetlb_vmtruncate_list() - [s390x] numa: fix /proc//numa_maps for hugetlbfs on s390 - memcg: only free spare array when readers are done - radix-tree: fix race in gang lookup - drivers/hwspinlock: fix race between radix tree insertion and lookup - radix-tree: fix oops after radix_tree_iter_retry - dump_stack: avoid potential deadlocks - mm,thp: khugepaged: call pte flush at the time of collapse - [x86] intel_scu_ipcutil: underflow in scu_reg_access() - ipc/shm: handle removed segments gracefully in shm_mmap() - devm_memremap_release(): fix memremap'd addr handling - futex: Drop refcount if requeue_pi() acquired the rtmutex - ovl: allow zero size xattr - ovl: use a minimal buffer in ovl_copy_xattr - ovl: check dentry positiveness in ovl_cleanup_whiteouts() - ovl: root: copy attr - ovl: setattr: check permissions before copy-up - libxfs: pack the agfl header structure so XFS_AGFL_SIZE is correct - xfs: inode recovery readahead can race with inode buffer creation - Revert "xfs: clear PF_NOFREEZE for xfsaild kthread" - xfs: log mount failures don't wait for buffers to be released - prctl: take mmap sem for writing to protect against others - timerfd: Handle relative timers with CONFIG_TIME_LOW_RES proper - posix-timers: Handle relative timers with CONFIG_TIME_LOW_RES proper - itimers: Handle relative timers with CONFIG_TIME_LOW_RES proper - modules: fix modparam async_probe request https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.4 - af_iucv: Validate socket address length in iucv_sock_bind() - gro: Make GRO aware of lightweight tunnels. - tunnels: Allow IPv6 UDP checksums to be correctly controlled. - lwt: fix rx checksum setting for lwt devices tunneling over ipv6 - tcp: fix NULL deref in tcp_v4_send_ack() - af_unix: fix struct pid memory leak - pptp: fix illegal memory access caused by multiple bind()s - sctp: allow setting SCTP_SACK_IMMEDIATELY by the application - tipc: fix connection abort during subscription cancel - inet: frag: Always orphan skbs inside ip_defrag() - tcp: beware of alignments in tcp_get_info() - ipv6: enforce flowi6_oif usage in ip6_dst_lookup_tail() - ipv6/udp: use sticky pktinfo egress ifindex on connect() - ipv6: addrconf: Fix recursive spin lock call - ipv6: fix a lockdep splat - unix: correctly track in-flight fds in sending process user_struct (regression in 4.3.3-6; CVE-2016-2550) - tcp: do not drop syn_recv on all icmp reports - net:Add sysctl_max_skb_frags - tg3: Fix for tg3 transmit queue 0 timed out when too many gso_segs - enic: increment devcmd2 result ring in case of timeout - sctp: translate network order to host order when users get a hmacid - net: Copy inner L3 and L4 headers as unaligned on GRE TEB - flow_dissector: Fix unaligned access in __skb_flow_dissector when used by eth_get_headlen - bpf: fix branch offset adjustment on backjumps after patching ctx expansion - bonding: Fix ARP monitor validation - ipv4: fix memory leaks in ip_cmsg_send() callers - af_unix: Don't set err in unix_stream_read_generic unless there was an error - af_unix: Guard against other == sk in unix_dgram_sendmsg - tipc: fix premature addition of node to lookup table - tcp: md5: release request socket instead of listener - qmi_wwan: add "4G LTE usb-modem U901" - net/mlx4_en: Count HW buffer overrun only once - net/mlx4_en: Choose time-stamping shift value according to HW frequency - net/mlx4_en: Avoid changing dev->features directly in run-time - l2tp: Fix error creating L2TP tunnels - pppoe: fix reference counting in PPPoE proxy - net_sched fix: reclassification needs to consider ether protocol changes - route: check and remove route cache when we get route - tcp/dccp: fix another race at listener dismantle - IFF_NO_QUEUE: Fix for drivers not calling ether_setup() - rtnl: RTM_GETNETCONF: fix wrong return value - tipc: unlock in error path - unix_diag: fix incorrect sign extension in unix_lookup_by_ino - sctp: Fix port hash table size computation - ext4: fix bh->b_state corruption - [s390x] KVM: fix guest fprs memory leak - devm_memremap: Fix error value when memremap failed - efi: Make efivarfs entries immutable by default - efi: Add pstore variables to the deletion whitelist - bcache: fix a livelock when we cause a huge number of cache misses - bcache: Add a cond_resched() call to gc - bcache: clear BCACHE_DEV_UNLINK_DONE flag when attaching a backing device - bcache: fix a leak in bch_cached_dev_run() - bcache: unregister reboot notifier if bcache fails to unregister device - bcache: allows use of register in udev to avoid "device_busy" error. - bcache: prevent crash on changing writeback_running - bcache: Change refill_dirty() to always scan entire disk if necessary - dm thin: fix race condition when destroying thin pool workqueue - can: ems_usb: Fix possible tx overflow - usb: dwc3: Fix assignment of EP transfer resources - USB: cp210x: add IDs for GE B650V3 and B850V3 boards - USB: option: add support for SIM7100E - USB: option: add "4G LTE usb-modem U901" - [armhf] spi: omap2-mcspi: Prevent duplicate gpio_request - iw_cxgb3: Fix incorrectly returning error on success - [x86] drm/i915: shut up gen8+ SDE irq dmesg noise - ocfs2: unlock inode if deleting inode from orphan fails - mm: thp: fix SMP race condition between THP page fault and MADV_DONTNEED - mm: numa: quickly fail allocations for NUMA balancing on full nodes - genirq: Validate action before dereferencing it in handle_irq_event_percpu() - [s390x] KVM: fix memory overwrites when vx is disabled - Btrfs: add missing brelse when superblock checksum fails - Btrfs: igrab inode in writepage - btrfs: statfs: report zero available if metadata are exhausted - Btrfs: send, don't BUG_ON() when an empty symlink is found - Btrfs: fix number of transaction units required to create symlink - Btrfs: fix transaction handle leak on failure to create hard link - Btrfs: Initialize btrfs_root->highest_objectid when loading tree root and subvolume roots - btrfs: initialize the seq counter in struct btrfs_device - [s390x] fix normalization bug in exception table sorting - [s390x] dasd: prevent incorrect length error under z/VM after PAV changes - [s390x] dasd: fix refcount for PAV reassignment - [s390x] dasd: fix performance drop - [s390x] compat: correct restore of high gprs on signal return - [s390x] fpu: signals vs. floating point control register - locks: fix unlock when fcntl_setlk races with a close - rtlwifi: rtl8192cu: Add missing parameter setup - rtlwifi: rtl8192ce: Fix handling of module parameters - rtlwifi: rtl8192de: Fix incorrect module parameter descriptions - rtlwifi: rtl8723ae: Fix initialization of module parameters - rtlwifi: rtl8192se: Fix module parameter initialization - rtlwifi: rtl8188ee: Fix module parameter initialization - rtlwifi: rtl8723be: Fix module parameter initialization - [x86] mei: fix fasync return value on error - [x86] mei: validate request value in client notify request ioctl - namei: ->d_inode of a pinned dentry is stable only for positives - [armhf] rc: sunxi-cir: Initialize the spinlock properly - gspca: ov534/topro: prevent a division by 0 - vb2: fix a regression in poll() behavior for output,streams - tda1004x: only update the frontend properties if locked - dm snapshot: fix hung bios when copy error occurs - dm: fix dm_rq_target_io leak on faults with .request_fn DM w/ blk-mq paths - posix-clock: Fix return code on the poll method's error path - mmc: sdhci-pci: Do not default to 33 Ohm driver strength for Intel SPT - mmc: sdhci: Fix DMA descriptor with zero data length - mmc: sdio: Fix invalid vdd in voltage switch power cycle - mmc: mmc: Fix incorrect use of driver strength switching HS200 and HS400 - mmc: sdhci: Fix sdhci_runtime_pm_bus_on/off() - mmc: core: Enable tuning according to the actual timing - [armhf, arm64] mmc: mmci: fix an ages old detection error - [x86] mmc: sdhci-acpi: Fix card detect race for Intel BXT/APL - [x86] mmc: sdhci-pci: Fix card detect race for Intel BXT/APL - mmc: sdhci: Allow override of mmc host operations - mmc: sdhci: Allow override of get_cd() called from sdhci_request() - [x86] Drivers: hv: vmbus: Fix a Host signaling bug - Bluetooth: Use continuous scanning when creating LE connections - Bluetooth: Add support of Toshiba Broadcom based devices - Bluetooth: Fix incorrect removing of IRKs - Bluetooth: 6lowpan: Fix kernel NULL pointer dereferences - Bluetooth: 6lowpan: Fix handling of uncompressed IPv6 packets - time: Avoid signed overflow in timekeeping_get_ns() - cputime: Prevent 32bit overflow in time[val|spec]_to_cputime() - [mips*] Revert "MIPS: Fix PAGE_MASK definition" - [mips*el/loongson-3] Loongson-3: Fix SMP_ASK_C0COUNT IPI handler - [mips*] hpet: Choose a safe value for the ETIME check - [mips*] Fix buffer overflow in syscall_get_arguments() - EDAC: Robustify workqueues destruction - EDAC, mc_sysfs: Fix freeing bus' name - [sparc64] fix incorrect sign extension in sys_sparc64_personality - [armhf] clk: exynos: use irqsave version of spin_lock to avoid deadlock with irqs - [armhf] regulator: axp20x: Fix GPIO LDO enable value for AXP22x - virtio_balloon: fix race by fill and leak - virtio_balloon: fix race between migration and ballooning - virtio_pci: fix use after free on release - [x86] drm/vmwgfx: Fix an incorrect lock check - [x86] drm/vmwgfx: Fix a width / pitch mismatch on framebuffer updates - [x86] drm/vmwgfx: respect 'nomodeset' - [x86] drm/amdgpu: Fix off-by-one errors in amdgpu_vm_bo_map - [x86] drm/amdgpu: call hpd_irq_event on resume - [x86] drm/amdgpu: fix lost sync_to if scheduler is enabled. - [x86] drm/amdgpu: fix tonga smu resume - [x86] drm/amdgpu: fix amdgpu_bo_pin_restricted VRAM placing v2 - [x86] drm/amdgpu: no need to load MC firmware on fiji - [x86] drm/amdgpu: move gmc7 support out of CIK dependency - [x86] drm/amdgpu: iceland use CI based MC IP - [x86] drm/amdgpu: The VI specific EXE bit should only apply to GMC v8.0 above - [x86] drm/amdgpu: pull topaz gmc bits into gmc_v7 - [x86] drm/amdgpu: drop topaz support from gmc8 module - [x86] drm/amdgpu: don't load MEC2 on topaz - [x86] drm/amdgpu: remove exp hardware support from iceland - [x86] drm/amdgpu: fix s4 resume - [x86] drm/amdgpu: remove unnecessary forward declaration - [x86] drm/amdgpu: hold reference to fences in amdgpu_sa_bo_new (v2) - [x86] drm/amdgpu: fix issue with overlapping userptrs - [x86] drm/amdgpu: use post-decrement in error handling - [x86] drm/amdgpu: Don't hang in amdgpu_flip_work_func on disabled crtc. - [x86] drm/amdgpu/pm: adjust display configuration after powerstate - drm/nouveau/kms: take mode_config mutex in connector hotplug path - drm/nouveau/display: Enable vblank irqs after display engine is on again. (regression in 4.4) - drm/nouveau/disp/dp: ensure sink is powered up before attempting link training - drm/nouveau: platform: Fix deferred probe - drm/radeon: Fix off-by-one errors in radeon_vm_bo_set_addr - drm/radeon: Fix "slow" audio over DP on DCE8+ - drm/radeon: clean up fujitsu quirks - drm/radeon: properly byte swap vce firmware setup - drm/radeon: cleaned up VCO output settings for DP audio - drm/radeon: Add a common function for DFS handling - drm/radeon: fix DP audio support for APU with DCE4.1 display engine - drm/radeon: mask out WC from BO on unsupported arches - drm/radeon: hold reference to fences in radeon_sa_bo_new - drm: fix missing reference counting decrease - [x86] drm/i915: Restore inhibiting the load of the default context - [x86] drm/i915: intel_hpd_init(): Fix suspend/resume reprobing - [x86] drm/i915: Init power domains early in driver load - [x86] drm/i915: Make sure DC writes are coherent on flush. - [x86] drm/i915/dp: fall back to 18 bpp when sink capability is unknown - [x86] drm/i915: Don't reject primary plane windowing with color keying enabled on SKL+ - [x86] drm/i915/skl: Don't skip mst encoders in skl_ddi_pll_select() - [x86] drm/i915/dsi: defend gpio table against out of bounds access - [x86] drm/i915/dsi: don't pass arbitrary data to sideband - [x86] drm/i915: fix error path in intel_setup_gmbus() - drm/qxl: use kmalloc_array to alloc reloc_info in qxl_process_single_command - drm/radeon: use post-decrement in error handling - drm: No-Op redundant calls to drm_vblank_off() (v2) - drm: Prevent vblank counter bumps > 1 with active vblank clients. (v2) (regression in 4.4) - drm: Fix drm_vblank_pre/post_modeset regression from Linux 4.4 - drm: Fix treatment of drm_vblank_offdelay in drm_vblank_on() (v2) - drm/radeon: Don't hang in radeon_flip_work_func on disabled crtc. (v2) - drm/radeon/pm: adjust display configuration after powerstate - make sure that freeing shmem fast symlinks is RCU-delayed - [x86] toshiba_acpi: Fix blank screen at boot if transflective backlight is supported - [x86] ideapad-laptop: Add Lenovo ideapad Y700-17ISK to no_hw_rfkill dmi list - [x86] ideapad-laptop: Add Lenovo Yoga 700 to no_hw_rfkill dmi list - [x86] ACPI / video: Add disable_backlight_sysfs_if quirk for the Toshiba Portege R700 - [x86] ACPI / video: Add disable_backlight_sysfs_if quirk for the Toshiba Satellite R830 - [x86] ACPI: Revert "ACPI / video: Add Dell Inspiron 5737 to the blacklist" - [x86] ACPI / PCI / hotplug: unlock in error path in acpiphp_enable_slot() - nfit: fix multi-interface dimm handling, acpi6.1 compatibility - dmaengine: dw: fix cyclic transfer setup - dmaengine: dw: fix cyclic transfer callbacks - dmaengine: dw: disable BLOCK IRQs for non-cyclic xfer - IB/cm: Fix a recently introduced deadlock - IB/qib: fix mcast detach when qp not attached - IB/qib: Support creating qps with GFP_NOIO flag - IB/mlx5: Expose correct maximum number of CQE capacity - Thermal: initialize thermal zone device correctly - Thermal: handle thermal zone device properly during system sleep - Thermal: do thermal zone update after a cooling device registered - hwmon: (dell-smm) Blacklist Dell Studio XPS 8000 - hwmon: (gpio-fan) Remove un-necessary speed_index lookup for thermal hook - hwmon: (ads1015) Handle negative conversion values correctly - cpufreq: pxa2xx: fix pxa_cpufreq_change_voltage prototype - cpufreq: Fix NULL reference crash while accessing policy->governor_data - seccomp: always propagate NO_NEW_PRIVS on tsync - libceph: fix ceph_msg_revoke() - libceph: don't bail early from try_read() when skipping a message - libceph: use the right footer size when skipping a message - libceph: don't spam dmesg with stray reply warnings - sd: Optimal I/O size is in bytes, not sectors - Staging: speakup: Fix getting port information - cdc-acm:exclude Samsung phone 04e8:685d - tick/nohz: Set the correct expiry when switching to nohz/lowres mode - rfkill: fix rfkill_fop_read wait_event usage - mac80211: Requeue work after scan complete for all VIF types. - workqueue: handle NUMA_NO_NODE for unbound pool_workqueue lookup - Revert "workqueue: make sure delayed work run in local cpu" - ALSA: hda - Apply clock gate workaround to Skylake, too - ALSA: hda - Fixing background noise on Dell Inspiron 3162 - target: Fix LUN_RESET active I/O handling for ACK_KREF - target: Fix LUN_RESET active TMR descriptor handling - target: Fix TAS handling for multi-session se_node_acls - target: Fix remote-port TMR ABORT + se_cmd fabric stop - target: Fix race with SCF_SEND_DELAYED_TAS handling - qla2xxx: Fix stale pointer access. - libata: fix sff host state machine locking while polling - PCI/AER: Flush workqueue on device remove to avoid use-after-free - cpuset: make mm migration asynchronous - cgroup: make sure a parent css isn't offlined before its children - writeback: keep superblock pinned during cgroup writeback association switches - phy: core: fix wrong err handle for phy_power_on - [x86] i2c: i801: Adding Intel Lewisburg support for iTCO - bio: return EINTR if copying to user space got interrupted - block: fix use-after-free in dio_bio_complete - nfs: fix nfs_size_to_loff_t - NFSv4: Fix a dentry leak on alias use - KVM: async_pf: do not warn on page allocation failures - [armhf,arm64] KVM: vgic: Ensure bitmaps are long enough - [x86] KVM: fix missed hardware breakpoints - [x86] KVM: fix conversion of addresses to linear in 32-bit protected mode - [x86] KVM: MMU: fix ubsan index-out-of-range warning - [powerpc] eeh: Fix partial hotplug criterion - tracing: Fix showing function event in available_events - sunrpc/cache: fix off-by-one in qword_get() - kernel/resource.c: fix muxed resource handling in __request_region() - do_last(): don't let a bogus return value from ->open() et.al. to confuse us - [armhf] OMAP2+: Fix onenand initialization to avoid filesystem corruption - [armhf] xen: correctly handle DMA mapping of compound pages - xen/scsiback: correct frontend counting - xen/pciback: Check PF instead of VF for PCI_COMMAND_MEMORY - xen/pciback: Save the number of MSI-X entries to be copied later. - xen/pcifront: Fix mysterious crashes when NUMA locality information was extracted. - should_follow_link(): validate ->d_seq after having decided to follow - do_last(): ELOOP failure exit should be done after leaving RCU mode - [x86] mpx: Fix off-by-one comparison with nr_registers - [x86] entry/compat: Add missing CLAC to entry_INT80_32 - [x86] irq: Call chip->irq_set_affinity in proper context - [x86] irq: Fix a race in x86_vector_free_irqs() - [x86] irq: Validate that irq descriptor is still active - [x86] irq: Do not use apic_chip_data.old_domain as temporary buffer - [x86] irq: Reorganize the return path in assign_irq_vector - [x86] irq: Reorganize the search in assign_irq_vector - [x86] irq: Check vector allocation early - [x86] irq: Copy vectormask instead of an AND operation - [x86] irq: Remove offline cpus from vector cleanup - [x86] irq: Clear move_in_progress before sending cleanup IPI - [x86] irq: Remove the cpumask allocation from send_cleanup_vector() - [x86] irq: Remove outgoing CPU from vector cleanup mask - [x86] irq: Call irq_force_move_complete with irq descriptor - [x86] irq: Plug vector cleanup race - IB/cma: Fix RDMA port validation for iWarp - security: let security modules use PTRACE_MODE_* with bitmasks - iwlwifi: dvm: fix WoWLAN - iwlwifi: pcie: properly configure the debug buffer size for 8000 - iwlwifi: update and fix 7265 series PCI IDs - iwlwifi: mvm: don't allow sched scans without matches to be started [ Roger Shimizu ] * [armhf] dts: imx6dlq-wandboard-revb1: use unique model id (Closes: #813881). * [armel] dts: Add various device-tree fixes and improvements for Buffalo Linkstation devices. [ Ben Hutchings ] * udeb: Include more modules, including those needed on Firefly-RK3288, thanks to Vagrant Cascadian (Closes: #815476) - [armhf] core-modules: Include regulator drivers by default - mmc-modules: Include MMC controller drivers by default - mmc-modules: Depends on usb-modules - usb-modules: Include USB PHY drivers by default * uas: Fix high-order alloc * Fix/ignore module ABI changes in 4.4.4 as appropriate * Revert "drm/radeon: call hpd_irq_event on resume", reported to cause regressions (crash/hang) on some systems * [powerpc*] Fix module linking to work with binutils 2.26 (Closes: #808043): - Simplify module TOC handling - Fix dedotify for binutils >= 2.26 [ Ian Campbell ] * [armhf] dts: Add DTB for Novena, patches from Vagrant Cascadian (Closes: #815324) [ Uwe Kleine-König ] * [armhf] enable AXP20X_POWER (Closes: #815971) * [rt] Update to 4.4.3-rt9 -- Ben Hutchings Mon, 07 Mar 2016 19:27:18 +0000 linux-tools (4.4-4) unstable; urgency=medium * hyperv-daemons: Only build the progarams on x86 (fixes FTBFS) -- Ben Hutchings Sun, 21 Feb 2016 16:57:55 +0000 linux-tools (4.4-3) unstable; urgency=medium * hyperv-daemons: Add init scripts -- Ben Hutchings Sun, 21 Feb 2016 15:07:55 +0000 linux (4.4.2-3) unstable; urgency=medium * [x86] efi-bgrt: Fix kernel panic when mapping BGRT data (Closes: #815125) * [x86] efi-bgrt: Replace early_memremap() with memremap() -- Ben Hutchings Sun, 21 Feb 2016 13:11:18 +0000 linux-tools (4.4-2) unstable; urgency=medium * linux-perf: Include version number in strace groups installation directory (Closes: #813080) * [alpha,sh4] Attempt to fix build failures * Build fixdep under debian/build and clean it up properly -- Ben Hutchings Fri, 19 Feb 2016 17:11:29 +0000 linux (4.4.2-2) unstable; urgency=medium [ Ben Hutchings ] * udeb: Make DAC960 and cciss optional in scsi-modules again (fixes FTBFS on armhf, arm64) * [armel,armhf] net: mv643xx_eth: fix packet corruption with TSO and tiny unaligned packets. (Closes: #814681) * [mipsel/loongson-2f] udeb: Add i2c-modules to avoid duplicate modules [ Martin Michlmayr ] * [arm64] Create i2c-modules udeb to avoid duplicate modules. -- Ben Hutchings Fri, 19 Feb 2016 14:48:52 +0000 linux-tools (4.4-1) unstable; urgency=medium * Upload to unstable -- Ben Hutchings Thu, 18 Feb 2016 01:30:50 +0000 linux (4.4.2-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.2 - ALSA: usb-audio: avoid freeing umidi object twice (CVE-2016-2384) [ Ben Hutchings ] * Set ABI to 1 * iw_cxgb3: Fix incorrectly returning error on success (CVE-2015-8812) * fs/hugetlbfs/inode.c: fix bugs in hugetlb_vmtruncate_list() (CVE-2016-0617) (regression in 4.3) * af_unix: Guard against other == sk in unix_dgram_sendmsg (regression in 4.2.6-2) * Revert "workqueue: make sure delayed work run in local cpu" (regression in 4.3) * af_unix: Don't set err in unix_stream_read_generic unless there was an error (regression in 4.4, 4.3.4) * bpf: fix branch offset adjustment on backjumps after patching ctx expansion (CVE-2016-2383) * udeb: Combine scsi-{common,extra}-modules with scsi-modules * udeb: Use wildcards to include entire classes of drivers: - input-modules: Include HID drivers by default - nic{,-pcmcia,-usb,-wireless}-modules: Include Ethernet, USB and wireless drivers by default - {pata,sata}-modules: Include ATA drivers by default - sound-modules: Include sound drivers by default - scsi-modules: Include SCSI drivers by default - usb-modules: Include USB host drivers by default - usb-serial-modules: Include USB serial drivers by default - usb-storage-modules: Include USB storage drivers by default * udeb: Remove some obsolete drivers: - nic-modules: Remove FDDI and HIPPI drivers, and inet_lro module - nic-pcmcia-modules: Remove Arcnet drivers * udeb: Move most USB wireless drivers from nic-usb-modules to nic-wireless-modules * udeb: Really add virtio_input to virtio-modules (not input-modules) * [x86] Fix issues resulting in W+X pages: - [amd64] efi: Build our own page table structure - [i386/686-pae] mm: Fix types used in pgprot cacheability flags translations - [i386/686-pae] PCI: Set pci=nobios by default * IFF_NO_QUEUE: Fix for drivers not calling ether_setup() (regression in 4.3) * udeb: Fix issues with wildcards that caused FTBFS on armhf, thanks to Karsten Merker [ Roger Shimizu ] * Enable TTY_PRINTK as module (Closes: #814540). [ Uwe Kleine-König ] * [rt] Update to 4.4.1-rt6 -- Ben Hutchings Wed, 17 Feb 2016 21:20:12 +0000 linux (4.4.1-1~exp1) experimental; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1 [ Ricardo Salveti ] * Extending ARM64 support: - config: enabling support for the AMD Seattle platform - nic-modules: adding amd-xgbe - sata-modules: adding ahci_platform, required by AMD Overdrive - config: enabling the cpuidle ARM driver - config: enable multi-core scheduler support by default - config: enable PCI generic host bridge by default - config: enable CRYPTO_CRC32_ARM64 by default [ Ian Campbell ] * [arm64] Enabled support for QCOM platforms, options recommended by Martin Michlmayr. (Closes: #812386) * [armel/marvell] Declare breaks against flash-kernel << 3.57~ in order to force a version which understands about the merge of kirkwood and orion5x flavours into marvell. [ Ben Hutchings ] * linux-image: Make failure of depmod fatal, rather than asking what to do * [mips*] linux-image: Remove debconf question for requirement of initramfs * linux-image: Remove unnecessary debconf initialisations * linux-{headers,image}: Remove support for version-specific hooks * linux-headers: Make postinst script less verbose (see: #734266) * [armel] Replace kirkwood and orion5x flavours with a 'marvell' flavour * [armel/marvell] Adjust configuration to reduce image size: - Disable support for DNS-323 as the kernel image was already too large for this machine + Disable MACH_DNS323 + Change MTD_CFI_AMDSTD from built-in to module - input: Disable KEYBOARD_ATKBD - mtd: Change JFFS2_FS, MTD_SPI_NOR, and M25P80 from built-in to modules * [rt] Update to 4.4.1-rt5: - genirq: Add default affinity mask command line option - latencyhist: disable jump-labels - kernel/perf: mark perf_cpu_context's timer as irqsafe * bnx2x: Enable BNX2X_VXLAN * cgroups: Enable CGROUP_PIDS * crypto: Enable CRYPTO_CHACHA20, CRYPTO_POLY1305, CRYPTO_CHACHA20POLY1305, CRYPTO_USER_API_AEAD as modules * [x86] crypto: Enable CRYPTO_DEV_QAT_DH895xCC, CRYPTO_DEV_QAT_DH895xCCVF as modules * [amd64] crypto: Enable CRYPTO_CHACHA20_X86_64, CRYPTO_DES3_EDE_X86_64, CRYPTO_POLY1305_X86_64 as modules * [x86] dmaengine: Enable INTEL_IDMA64 as module * debug: Enable SCHED_STACK_END_CHECK * dm-cache: Enable DM_CACHE_SMQ as module * ethernet: Enable BNXT, QED, QEDE as modules * hci_uart: Enable BT_HCIUART_QCA * HID: Enable HID_CORSAIR, HID_GEMBIRD as modules * [x86] hwmon: Enable SENSORS_I5500 as module * [x86] IB: Enable INFINIBAND_USNIC as module * iio/light: Enable ACPI_ALS as module * [x86] input: Enable SURFACE_PRO3_BUTTON as module * [x86] iommu: Enable INTEL_IOMMU_SVM * ipvs: Enable IP_VS_OVF as module * media: Enable DVB_NETUP_UNIDVB, USB_GSPCA_TOUPTEK,_VIDEO_DT3155 as modules * [x86] mfd: Enable MFD_INTEL_LPSS_ACPI, MFD_INTEL_LPSS_PCI as modules * [amd64] mic: Enable INTEL_MIC_X100_DMA, MIC_COSM, SCIF, SCIF_BUS as modules * [powerpc*/*64*] misc: Enable GENWQE as module * net: Enable LWTUNNEL, NET_L3_MASTER_DEV; and MPLS_IPTUNNEL, NET_VRF as modules * [amd64] net: Enable FUJITSU_ES as module * netfilter: Really enable NF_TABLES_NETDEV, NFT_REDIR_IPV4, NFT_REDIR_IPV6 as modules * net/phy: Enable AQUANTIA_PHY, DP83848_PHY, MICROCHIP_PHY, TERANETICS_PHY as modules * net/sched: Really enable NET_CLS_FLOWER as module * net/usb: Enable USB_LAN78XX, USB_NET_CH9200 as modules * nfsd: Enable NFSD_PNFS * [x86] pinctrl: Enable PINCTRL_BROXTON, PINCTRL_SUNRISEPOINT * [x86] rfkill: Enable DELL_RBTN as module * serial: Enable SERIAL_OF_PLATFORM as module * sound/firewire: Enable SND_FIREWIRE_DIGI00X, SND_FIREWIRE_TASCAM as modules * [x86] thermal: Enable INTEL_PCH_THERMAL, INTEL_SOC_DTS_THERMAL as modules; disable THERMAL_OF * [x86] Enable INTEL_PMC_IPC as module * vfs,nvdimm: Really enable FS_DAX * [amd64] mm,nvdimm: Disable ZONE_DMA; enable ZONE_DEVICE, NVDIMM_PFN - This disables drivers for some AC'97 sound cards -- Ben Hutchings Wed, 10 Feb 2016 02:02:14 +0000 linux (4.4-1~exp1) experimental; urgency=medium * New upstream release: http://kernelnewbies.org/Linux_4.4 [ Ben Hutchings ] * [armhf] Enable EXTCON_USB_GPIO, ENSORS_GPIO_FAN as modules, and USB_DWC3_DUAL_ROLE instead of USB_DWC3_HOST (Closes: #810048) * [rt] Update to 4.4-rt2 -- Ben Hutchings Tue, 19 Jan 2016 22:25:06 +0000 linux-tools (4.4-1~exp2) experimental; urgency=medium * linux-perf: Fix FTBFS with gcc 6 (used on hppa, sparc64) -- Ben Hutchings Tue, 19 Jan 2016 22:11:13 +0000 linux-tools (4.4-1~exp1) experimental; urgency=medium * New upstream release [ Ben Hutchings ] * linux-perf: Fix reading of build-id from vDSO * linux-perf: Leave -rc suffix out of version in package description * debian.py: Implement stable order of fields not in the predefined order * genorig.py: Make orig tarballs really reproducible: - Override umask while extracting/exporting files - Override user and group names in tarball -- Ben Hutchings Tue, 19 Jan 2016 00:31:02 +0000 linux (4.4~rc8-1~exp1) experimental; urgency=medium * New upstream release candidate [ Ben Hutchings ] * [rt] Update to 4.4-rc6-rt1 and re-enable * [rt] Fix build error in kernel/time/hrtimer.c * [rt] latency_hist: Update sched_switch probe * [armhf] Add support for BCM2836 and Raspberry Pi 2: - pwm: bcm2835: Calculate scaler in ->config() - pwm: bcm2835: Prevent division by zero - drm: Create a driver hook for allocating GEM object structs - drm/vc4: Add a BO cache - drm/vc4: Add create and map BO ioctls - drm/vc4: Add an API for creating GPU shaders in GEM BOs - drm/vc4: Fix a typo in a V3D debug register - drm/vc4: Bind and initialize the V3D engine - drm/vc4: Add support for drawing 3D frames - drm/vc4: Add support for async pageflips - drm/vc4: Add an interface for capturing the GPU state after a hang - drm/vc4: copy_to_user() returns the number of bytes remaining - drm/vc4: allocate enough memory in vc4_save_hang_state() - drm/vc4: fix an error code - bcm2835: Add a compat string for bcm2836 machine probe - bcm2835: Add Kconfig support for bcm2836 - bcm2835: Define two new packets from the latest firmware - bcm2835: add rpi power domain driver - bcm2835: Split the DT for peripherals from the DT for the CPU - bcm2835: Move the CPU/peripheral include out of common RPi DT - bcm2835: Add devicetree for bcm2836 and Raspberry Pi 2 B - bcm2835: Add the auxiliary clocks to the device tree - Enable ARCH_BCM, ARCH_BCM2835, DMA_BCM2835, BCM2835_MBOX, RASPBERRYPI_FIRMWARE, RASPBERRYPI_POWER - Enable DRM_VC4, I2C_BCM2835, MMC_SDHCI_BCM2835, PWM_BCM2835, SPI_BCM2835, SPI_BCM2835AUX, USB_DWC2, BCM2835_WDT, SND_BCM2835_SOC_I2S as modules - udeb: Add sdhci-bcm2835 to mmc-modules, dwc2 to usb-modules * [armhf] Enable INPUT_AXP20X_PEK, CAN_SUN4I, SND_SUN4I_CODEC as modules (Closes: #808623) * [x86] nvdimm: Change X86_PMEM_LEGACY from built-in to module * [x86] Enable DEBUG_WX, X86_INTEL_MPX [ Ian Campbell ] * [armel/kirkwood] Updates/clarifications to kernel size limitations from Martin Michlmayr. (Closes: #809528) * [armhf] Enable support for Rockchip devices. (Closes: #809083) * [armhf] Enable basic support for DRA7XX systems, such as Beagle-x15. (Closes: #807624) -- Ben Hutchings Mon, 04 Jan 2016 17:23:28 +0000 linux (4.4~rc6-1~exp1) experimental; urgency=medium * New upstream release candidate - include/linux/mmdebug.h: should include linux/bug.h (fixes FTBFS on arm64) [ Ben Hutchings ] * [sparc64] udeb: Replace mpt2sas with mpt3sas in scsi-common-modules (fixes FTBFS) -- Ben Hutchings Mon, 21 Dec 2015 17:30:10 +0000 linux (4.4~rc5-1~exp1) experimental; urgency=medium * New upstream release candidate [ Ben Hutchings ] * [arm64] Drop now-redundant patches for X-Gene (fixes FTBFS) * [s390x] udeb: Add crc-modules package (fixes FTBFS) * cirrus,mgag200: Drop patches for compatibility with wheezy userland -- Ben Hutchings Wed, 16 Dec 2015 17:16:09 +0000 linux-tools (4.4~rc4-1~exp1) experimental; urgency=medium * New upstream release candidate -- Ben Hutchings Mon, 14 Dec 2015 01:28:50 +0000 linux (4.4~rc4-1~exp1) experimental; urgency=medium * New upstream release candidate [ Ben Hutchings ] * aufs: Update support patches to aufs4.x-rcN-20151123 * udeb: Make md-modules depend on crc-modules (Closes: #807661) * [armel/kirkwood,armhf] crypto: Enable CRYPTO_DEV_MARVELL_CESA as module (Closes: #807634) -- Ben Hutchings Sun, 13 Dec 2015 16:25:45 +0000 linux (4.3.5-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.4 - toshiba_acpi: Initialize hotkey_event_type variable (regression in 4.3) - USB: add quirk for devices with broken LPM - usb: core : hub: Fix BOS 'NULL pointer' kernel panic - pppoe: fix memory corruption in padt work structure (regression in 4.1) - ipv6: keep existing flags when setting IFA_F_OPTIMISTIC (regression in 4.1) - vxlan: fix incorrect RCO bit in VXLAN header (regression in 4.0) - sctp: update the netstamp_needed counter when copying sockets - sctp: also copy sk_tsflags when copying the socket (regression in 3.17) - r8152: fix lockup when runtime PM is enabled (regression in 4.2) - ipv6: sctp: clone options to avoid use after free - phy: micrel: Fix finding PHY properties in MAC node. (regression in 4.2) - openvswitch: Fix helper reference leak - openvswitch: Respect conntrack zone even if invalid - net: fix IP early demux races - vlan: Fix untag operations of stacked vlans with REORDER_HEADER off - skbuff: Fix offset error in skb_reorder_vlan_header - net: check both type and procotol for tcp sockets - net_sched: make qdisc_tree_decrease_qlen() work for non mq (regression in 4.3.3) - net: fix uninitialized variable issue - ipv6: automatically enable stable privacy mode if stable_secret set - inet: tcp: fix inetpeer_set_addr_v4() (regression in 4.3) - rhashtable: Enforce minimum size on initial hash table (regression in 4.1) - fou: clean up socket with kfree_rcu - af_unix: Revert 'lock_interruptible' in stream receive code - tcp: restore fastopen with no data in SYN packet (regression in 4.0) - rhashtable: Fix walker list corruption (regression in 4.1) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.5 - [x86] mpx: Fix instruction decoder condition - [x86] signal: Fix restart_syscall number for x32 tasks - [x86] paravirt: Prevent rtc_cmos platform device init on PV guests (regression in 4.2) - [powerpc*] KVM: Book3S HV: Don't dynamically split core when already split (regression in 4.3) - [powerpc*] KVM: Book3S HV: Prohibit setting illegal transaction state in MSR - [x86] boot: Double BOOT_HEAP_SIZE to 64KB - [x86] mm: Add barriers and document switch_mm()-vs-flush synchronization (CVE-2016-2069) - timers: Use proper base migration in add_timer_on() - ipmi: move timer init to before irq is setup - ALSA: hda - Disable 64bit address for Creative HDA controllers - ALSA: hda - Fix lost 4k BDL boundary workaround (regression in 4.2) - [x86] ALSA: hda - Fix noise on Dell Latitude E6440 (regression in 4.1) - ALSA: hda - Skip ELD notification during system suspend (regression in 4.3) - ALSA: seq: Fix missing NULL check at remove_events ioctl - ALSA: usb-audio: Avoid calling usb_autopm_put_interface() at disconnect - ALSA: seq: Fix race at timer setup and close - [x86] ALSA: hda - Fix white noise on Dell Latitude E5550 (regression in 4.1) - ALSA: usb-audio: Fix mixer ctl regression of Native Instrument devices (regression in 3.19) - ALSA: timer: Harden slave timer list handling - ALSA: timer: Fix race among timer ioctls - ALSA: timer: Fix double unlink of active_list - [x86] ALSA: hda - Add fixup for Dell Latitidue E6540 (regression in 4.1) - ALSA: seq: Fix snd_seq_call_port_info_ioctl in compat mode - ALSA: pcm: Fix snd_pcm_hw_params struct copy in compat mode - ALSA: control: Avoid kernel warnings from tlv ioctl with numid 0 - ALSA: timer: Handle disconnection more safely - ASoC: rt286: Fix run time error while modifying const data (regression in 4.3) - airspy: increase USB control message buffer size (regression in 3.17) - USB: fix invalid memory access in hub_activate() - openvswitch: correct encoding of set tunnel action attributes (regression in 4.3) - veth: don’t modify ip_summed; doing so treats packets with bad checksums as good. - ipv6/addrlabel: fix ip6addrlbl_get() - addrconf: always initialize sysctl table data - connector: bump skb->users before callback invocation - af_unix: Fix splice-bind deadlock - bridge: Only call /sbin/bridge-stp for the initial network namespace - net: filter: make JITs zero A for SKF_AD_ALU_XOR_X (regression in 3.16) - net: sched: fix missing free per cpu on qstats (regression in 3.18) - net: possible use after free in dst_release - tcp: fix zero cwnd in tcp_cwnd_reduction (CVE-2016-2070) (regression in 4.3) - net: sctp: prevent writes to cookie_hmac_alg from accessing invalid memory - ipv6: tcp: add rcu locking in tcp_v6_send_synack() - tcp_yeah: don't set ssthresh below 2 - udp: disallow UFO for sockets with SO_NO_CHECK option (regression in 4.0) - net: preserve IP control block during GSO segmentation - phonet: properly unshare skbs in phonet_rcv() (regression in 4.0) - net: bpf: reject invalid shifts - ipv6: update skb->csum when CE mark is propagated - batman-adv: Avoid recursive call_rcu for batadv_bla_claim - batman-adv: Avoid recursive call_rcu for batadv_nc_node - batman-adv: Drop immediate batadv_orig_ifinfo free function - batman-adv: Drop immediate batadv_neigh_node free function - batman-adv: Drop immediate neigh_ifinfo free function - batman-adv: Drop immediate batadv_hard_iface free function - batman-adv: Drop immediate orig_node free function - team: Replace rcu_read_lock with a mutex in team_vlan_rx_kill_vid - xfrm: dst_entries_init() per-net dst_ops - [powerpc*] tm: Block signal return setting invalid MSR state - [powerpc*] tm: Check for already reclaimed tasks - [ppc64el] opal-irqchip: Fix double endian conversion (regression in 4.2) - [powerpc*] opal-irqchip: Fix deadlock introduced by "Fix double endian conversion" - [powerpc*] powernv: pr_warn_once on unsupported OPAL_MSG type - [powerpc*] Make value-returning atomics fully ordered - [powerpc*] Make {cmp}xchg* and their atomic_ versions fully ordered - [arm64] bpf: fix div-by-zero case - [arm64] bpf: fix mod-by-zero case - [arm64] cmpxchg_dbl: fix return value type (regression in 4.3) - [arm*] KVM: test properly for a PTE's uncachedness - [arm64] KVM: Fix AArch32 to AArch64 register mapping - [arm*] KVM: correct PTE uncachedness check - [arm64] kernel: enforce pmuserenr_el0 initialization and restore - [arm*] iommu/arm-smmu: Fix error checking for ASID and VMID allocation - HID: wacom: Tie cached HID_DG_CONTACTCOUNT indices to report ID (regression in 4.3) - HID: wacom: Expect 'touch_max' touches if HID_DG_CONTACTCOUNT not present (regression in 4.3) - HID: core: Avoid uninitialized buffer access - staging: lustre: echo_copy.._lsm() dereferences userland pointers directly - direct-io: Fix negative return from dio read beyond eof - fix the regression from "direct-io: Fix negative return from dio read beyond eof" - [arm64] KVM: Add workaround for Cortex-A57 erratum 834220 - [arm64] kernel: fix architected PMU registers unconditional access [ Ben Hutchings ] * fuse: break infinite loop in fuse_fill_write_pages() (CVE-2015-8785) * SCSI: fix crashes in sd and sr runtime PM (Closes: #801925) * rt2x00: fix monitor mode regression (regression in 4.2) * pipe: limit the per-user amount of pages allocated in pipes (CVE-2013-4312) [Original reference is incorrect; should be CVE-2016-2847.] * [powerpc*] Enable CRYPTO_DEV_VMX and enable CRYPTO_DEV_VMX_ENCRYPT as module (Closes: #813640) * debian/copyright: Add licence information for drivers/crypto/vmx/*.pl * udeb: Add hid-logitech-hidpp to input-modules (Closes: #796096) * hwrng: n2 - Attach on T5/M5, T7/M7 SPARC CPUs (Closes: #809815) [ Salvatore Bonaccorso ] * netfilter: nf_nat_redirect: add missing NULL pointer check (CVE-2015-8787) [ Aurelien Jarno ] * [mips*] Backport math emulation fix from 4.5. * [arm64] Enable RTC_DRV_EFI. [ Hendrik Brueckner ] * [s390x] udeb: include modules to mount ISOs (loop device) (Closes: #812336) * [s390x] udeb: include btrfs-modules (Closes: #812340) [ Martin Michlmayr ] * Include Device Tree model in reportbug script -- Ben Hutchings Sat, 06 Feb 2016 23:25:14 +0000 linux (4.3.3-7) unstable; urgency=medium * linux-image-dbg: Don't rely on upstream makefile to make .build-id links to vDSO debuginfo (fixes FTBFS on arm64, s390) -- Ben Hutchings Tue, 19 Jan 2016 17:29:21 +0000 linux (4.3.3-6) unstable; urgency=medium [ Ben Hutchings ] * debian.py: Implement stable order of fields in debian/tests/control * debian.py: Implement stable order of fields not in the predefined order * genorig.py: Make orig tarballs really reproducible: - Override umask while extracting/exporting files - Override user and group names in tarball * xen/gntdev: Grant maps should not be subject to NUMA balancing (Closes: #810472) * gpio: Enable GPIO_SYSFS wherever GPIOLIB is enabled (Closes: #810085) * [armhf] udeb: Include usbhid in input-modules (Closes: #809521) * linux-image-dbg: Include debugging symbols for VDSOs * [armel/kirkwood] power/reset: Re-enable POWER_RESET, POWER_RESET_GPIO (regression in 3.17~rc5-1~exp1) * usb: serial: visor: fix crash on detecting device without write_urbs (CVE-2015-7566) * tty: Fix unsafe ldisc reference via ioctl(TIOCGETD) (CVE-2016-0723) * [x86] drm/vmwgfx: Fix a width / pitch mismatch on framebuffer updates * bcache: Add upstream fixes marked for stable: - fix a livelock when we cause a huge number of cache misses - Add a cond_resched() call to gc - clear BCACHE_DEV_UNLINK_DONE flag when attaching a backing device - fix a leak in bch_cached_dev_run() - unregister reboot notifier if bcache fails to unregister device - allows use of register in udev to avoid "device_busy" error. - prevent crash on changing writeback_running - Change refill_dirty() to always scan entire disk if necessary * KEYS: Fix keyring ref leak in join_session_keyring() (CVE-2016-0728) [ Salvatore Bonaccorso ] * unix: properly account for FDs passed over unix sockets (CVE-2013-4312) -- Ben Hutchings Tue, 19 Jan 2016 00:41:31 +0000 linux (4.3.3-5) unstable; urgency=medium * [armhf] udeb: Fix duplication and circular dependency between core-modules and usb-modules (really fixes FTBFS) - Add core-modules as a dependency of usb-modules - Remove gpio-viperboard from core-modules as it is unlikely to be needed -- Ben Hutchings Mon, 04 Jan 2016 00:45:27 +0000 linux (4.3.3-4) unstable; urgency=medium * [armhf] udeb: Remove pbias-regulator module from mmc-modules as it's now in core-modules (fixes FTBFS) -- Ben Hutchings Sun, 03 Jan 2016 01:50:52 +0000 linux (4.3.3-3) unstable; urgency=medium [ Ben Hutchings ] * [ppc64*] drm: Enable DRM_AST as module (Closes: #808338) * block: ensure to split after potentially bouncing a bio (Closes: #809082) * pptp: verify sockaddr_len in pptp_bind() and pptp_connect() (CVE-2015-8569) * bluetooth: Validate socket address length in sco_sock_bind() (CVE-2015-8575) * [xen] Fix race conditions in back-end drivers (CVE-2015-8550, XSA-155) * [xen] pciback: Fix state validation in MSI control operations (CVE-2015-8551, CVE-2015-8852, XSA-157) * ptrace: being capable wrt a process requires mapped uids/gids (CVE-2015-8709) * KEYS: Fix race between read and revoke (CVE-2015-7550) * [armhf] udeb: Add modular clock, GPIO, PCIe PHY and regulator drivers to core-modules (Closes: #809521) * [armhf] udeb: Add more USB PHY drivers to usb-modules * drm/nouveau/pmu: do not assume a PMU is present (Closes: #809481) * [x86] drm/i915: Don't compare has_drrs strictly in pipe config (Closes: #808720) * [armhf] crypto: sun4i-ss - add missing statesize (Closes: #808625) * Revert "xhci: don't finish a TD if we get a short transfer event mid TD" (Closes: #808602, #808953, regression in 4.3-rc7) * [x86] pinctrl: Enable PINCTRL_CHERRYVIEW (Closes: #808044) * [s390x] udeb: Add crc-modules package (Closes: #808051) [ Salvatore Bonaccorso ] * ovl: fix permission checking for setattr (CVE-2015-8660) * [x86] kvm: Reload pit counters for all channels when restoring state (CVE-2015-7513) -- Ben Hutchings Sat, 02 Jan 2016 16:45:46 +0000 linux-tools (4.3.1-2) unstable; urgency=medium * Upload for Perl 5.22 transition (Closes: #808329) * debian/rules: Fix check for binNMU, broken since 4.1.4-1 -- Ben Hutchings Sat, 19 Dec 2015 03:47:10 +0000 linux (4.3.3-2) unstable; urgency=medium * [armhf,sparc64] Force ZONE_DMA to be enabled, reversing ABI change in 4.3.3 (fixes FTBFS) * [sh4] Disable CC_STACKPROTECTOR_STRONG temporarily (fixes FTBFS) -- Ben Hutchings Thu, 17 Dec 2015 18:21:52 +0000 linux (4.3.3-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.2 - X.509: Fix the time validation [ver #2] https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.3 - r8169: fix kasan reported skb use-after-free. (regression in 4.3) - af-unix: fix use-after-free with concurrent readers while splicing (regression in 4.2) - af_unix: don't append consumed skbs to sk_receive_queue (regression in 4.2) - af_unix: take receive queue lock while appending new skb (regression in 4.2) - af-unix: passcred support for sendpage (regression in 4.2) - ipv6: Avoid creating RTF_CACHE from a rt that is not managed by fib6 tree (regression in 4.2) - ipv6: Check expire on DST_NOCACHE route - ipv6: Check rt->dst.from for the DST_NOCACHE route (regression in 4.3) - Revert "ipv6: ndisc: inherit metadata dst when creating ndisc requests" (regression in 4.3) - packet: only allow extra vlan len on ethernet devices - packet: infer protocol from ethernet header if unset - packet: fix tpacket_snd max frame len - sctp: translate host order to network order when setting a hmacid - net/mlx5e: Added self loopback prevention (regression in 4.3) - net/mlx4_core: Fix sleeping while holding spinlock at rem_slave_counters (regression in 4.2) - ip_tunnel: disable preemption when updating per-cpu tstats - net/ip6_tunnel: fix dst leak (regression in 4.3) - tcp: disable Fast Open on timeouts after handshake - tcp: fix potential huge kmalloc() calls in TCP_REPAIR - tcp: initialize tp->copied_seq in case of cross SYN connection - net, scm: fix PaX detected msg_controllen overflow in scm_detach_fds - net: ipmr: fix static mfc/dev leaks on table destruction - net: ip6mr: fix static mfc/dev leaks on table destruction - vrf: fix double free and memory corruption on register_netdevice failure - tipc: fix error handling of expanding buffer headroom (regression in 4.3) - ipv6: distinguish frag queues by device for multicast and link-local packets - bpf, array: fix heap out-of-bounds access when updating elements - ipv6: add complete rcu protection around np->opt - net/neighbour: fix crash at dumping device-agnostic proxy entries - ipv6: sctp: implement sctp_v6_destroy_sock() - openvswitch: fix hangup on vxlan/gre/geneve device deletion - net_sched: fix qdisc_tree_decrease_qlen() races - btrfs: fix resending received snapshot with parent (regression in 4.2) - Btrfs: fix file corruption and data loss after cloning inline extents - Btrfs: fix regression when running delayed references (regression in 4.2) - Btrfs: fix race leading to incorrect item deletion when dropping extents - Btrfs: fix race leading to BUG_ON when running delalloc for nodatacow - Btrfs: fix race when listing an inode's xattrs - rbd: don't put snap_context twice in rbd_queue_workfn() - ext4 crypto: fix memory leak in ext4_bio_write_page() - ext4 crypto: fix bugs in ext4_encrypted_zeroout() - ext4: fix potential use after free in __ext4_journal_stop (regression in 4.2) - ext4, jbd2: ensure entering into panic after recording an error in superblock - nfsd: serialize state seqid morphing operations - nfsd: eliminate sending duplicate and repeated delegations - nfs4: start callback_ident at idr 1 - nfs4: resend LAYOUTGET when there is a race that changes the seqid - nfs: if we have no valid attrs, then don't declare the attribute cache valid - ocfs2: fix umask ignored issue - block: fix segment split (regression in 4.3) - ceph: fix message length computation - Btrfs: fix regression running delayed references when using qgroups (regression in 4.2) [ Ben Hutchings ] * net: add validation for the socket syscall protocol argument (CVE-2015-8543) * [armel/kirkwood] udeb: Override inclusion of gpio_keys in input-modules (fixes FTBFS) * vrf: Fix broken backport of "vrf: fix double free and memory corruption on register_netdevice failure" in 4.3.3 * net: Ignore ABI changes due to "ipv6: add complete rcu protection around np->opt", which don't appear to affect out-of-tree modules * tipc: Fix kfree_skb() of uninitialised pointer (regression in 4.3.3) -- Ben Hutchings Tue, 15 Dec 2015 21:25:26 +0000 linux-tools (4.3.1-1) unstable; urgency=medium * New upstream stable update - [x86] Add #AC to SVM_EXIT_REASONS [ Ben Hutchings ] * debian/bin/genorig.py: Add more files under arch/*/include/asm to file list (fixes FTBFS on several architectures) -- Ben Hutchings Mon, 14 Dec 2015 00:43:39 +0000 linux-tools (4.3-1) unstable; urgency=medium * New upstream release -- Ben Hutchings Sun, 13 Dec 2015 03:47:05 +0000 linux (4.3.1-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.1 [ Ben Hutchings ] * Set ABI to 1 * [armhf] rtc: Enable RTC_DRV_DS1307, RTC_DRV_PCF8563, RTC_DRV_ARMADA38X (Closes: #807632) * [armhf] Enable MACH_ARMADA_375, MACH_ARMADA_38X, MACH_ARMADA_39X (Closes: #807633) * [armhf] net: Enable MVPP2 as module * [armel/kirkwood] dts: Fix QNAP TS219 power-off (Closes: #807696) * [armhf] udeb: Add leds-modules package containing leds-gpio driver (Closes: #807721) * [x86] drm/i915: Mark uneven memory banks on gen4 desktop as unknown swizzling (Closes: #780363) * Enable CC_STACKPROTECTOR_STRONG (Closes: #805652) * [x86] input: Enable KEYBOARD_GPIO, INPUT_SOC_BUTTON_ARRAY (Closes: #804864) * [x86] nouveau: bios: return actual size of the buffer retrieved via _ROM (Closes: #772716) * [armhf] Add support for Odroid-XU4 (Closes: #804850) - mfd: s2mps11: Add manual shutdown method for Odroid XU3 - dts: Fix power off method for exynos5422-odroidxu3-common - dts: Split audio configuration to separate exynos5422-odroidxu3-audio - dts: Add support Odroid XU4 board for exynos5422-odroidxu4 * udeb: Add hid-chicony to input-modules (Closes: #766570) * sched: Enable CFS_BANDWIDTH (Closes: #802746) -- Ben Hutchings Sun, 13 Dec 2015 00:38:54 +0000 linux (4.3-1~exp2) experimental; urgency=medium [ Ben Hutchings ] * mv643xx_eth: Re-enable TSO, fixed upstream in 4.3 * debian/control: Move patchutils from Build-Depends to Build-Depends-Indep, as we only use filterdiff when building linux-source- * debian/control,debian/rules: Support a 'stage1' build profile which builds only linux-libc-dev (Closes: #695243) * debian/control: Add ':any' to Build-Depends on python3, to support cross- bootstrap * [armhf] Enable new drivers for Allwinner chips (Closes: #804856) - crypto: Enable CRYPTO_DEV_SUN4I_SS as module - musb: Enable USB_MUSB_SUNXI as module * aufs: Update support patches to aufs4.3-20151116 * [armhf] USB: Change USB, USB_GADGET, and various drivers from built-in to modules - musb: Enable USB_MUSB_DUAL_ROLE * [armhf] musb: Disable MUSB_PIO_ONLY and enable USB_INVENTRA_DMA, USB_TI_CPPI41_DMA, USB_TUSB_OMAP_DMA [ Ian Campbell ] * [armel/orion5x] Enable Device Tree for orion5x. Patch from Roger Shimizu (Closes: #803159) * [armel/orion5x] Enable CONFIG_DEBUG_LL_UART_8250. -- Ben Hutchings Fri, 04 Dec 2015 19:36:10 +0000 linux (4.3-1~exp1) experimental; urgency=medium * New upstream release [ Ben Hutchings ] * netfilter: Enable NFT_DUP_IPV4, NFT_DUP_IPV6 as modules (Closes: #803370) * tests: Add autopkgtest support * [x86] Compile with gcc-5 * [x86] Enable PINCTRL_BAYTRAIL (Closes: #797949) [ Salvatore Bonaccorso ] * Fix typo in image.plain.postinst template. Add missing space in warn message causing typo "dangling linkto". Thanks to Jakub Wilk (Closes: #803323) -- Ben Hutchings Wed, 04 Nov 2015 07:45:13 +0000 linux (4.3~rc7-1~exp1) experimental; urgency=medium * New upstream release candidate - [x86] smpboot: Fix CPU #1 boot timeout (Closes: #802464) -- Ben Hutchings Wed, 28 Oct 2015 11:04:27 +0900 linux-tools (4.3~rc5-1~exp2) experimental; urgency=medium * Fix the build-indep and binary-indep targets (fixes FTBFS for arch:all) -- Ben Hutchings Wed, 14 Oct 2015 02:08:09 +0100 linux-tools (4.3~rc5-1~exp1) experimental; urgency=medium * New upstream release candidate - perf: Fix build on architectures without CONFIG_PERF_REGS -- Ben Hutchings Wed, 14 Oct 2015 00:49:38 +0100 linux (4.3~rc5-1~exp1) experimental; urgency=medium * New upstream release candidate -- Ben Hutchings Wed, 14 Oct 2015 00:48:41 +0100 linux-tools (4.3~rc4-1~exp1) experimental; urgency=medium * New upstream release candidate -- Ben Hutchings Wed, 07 Oct 2015 01:15:46 +0100 linux (4.3~rc4-1~exp1) experimental; urgency=medium * New upstream release candidate [ Ben Hutchings ] * [armhf] dts: Fix Makefile target for sun4i-a10-itead-iteaduino-plus (fixes FTBFS) * [mips*] io: Define ioremap_uc (fixes FTBFS) -- Ben Hutchings Tue, 06 Oct 2015 23:27:45 +0100 linux (4.3~rc3-1~exp1) experimental; urgency=medium * New upstream release candidate [ Ben Hutchings ] * Disable CRAMFS; it was obsoleted by squashfs and initramfs * [i386] Replace 586 flavour with 686 - Enable support for OLPC and other Geode-based systems in the 686 flavour - udeb: Update kernel-versions -- Ben Hutchings Sun, 27 Sep 2015 21:02:54 +0100 linux (4.2.6-3) unstable; urgency=medium * Ignore some gpiochip ABI changes (fixes FTBFS on i386) -- Ben Hutchings Sun, 06 Dec 2015 02:12:41 +0000 linux (4.2.6-2) unstable; urgency=medium [ Salvatore Bonaccorso ] * [x86] KVM: svm: unconditionally intercept #DB (CVE-2015-8104) * [x86] KVM: rename update_db_bp_intercept to update_bp_intercept [ Ian Campbell ] * [x86] Xen: expose a more realistic max p2m size in the shared info, fixes migration (Closes: #797205) [ Ben Hutchings ] * media: usbvision: fix crash on detecting device with invalid configuration (CVE-2015-7833, partly fixed in 4.2.6-1) * udeb: Add dm-service-time to multipath-modules (Closes: #806131) * unix: avoid use-after-free in ep_remove_wait_queue (CVE-2013-7446) * isdn_ppp: Add checks for allocation failure in isdn_ppp_open() * ppp, slip: Validate VJ compression slot parameters completely (CVE-2015-7799) * Btrfs: fix truncation of compressed and inlined extents (CVE-2015-8374) * netfilter: Enable NFT_DUP_IPV4, NFT_DUP_IPV6 as modules (Closes: #803370) * [x86] Enable PINCTRL_BAYTRAIL (Closes: #797949) * qxl: Enable by default (Closes: #779515) * [s390*] Update linux-compiler metapackage to gcc-4.9 * firmware_class: Fix condition in directory search loop (Closes: #804862) * [x86] input: Enable MOUSE_ELAN_I2C as module, MOUSE_ELAN_I2C_I2C and MOUSE_ELAN_I2C_SMBUS (Closes: #791631) * [armhf] hsi: Enable CMT_SPEECH as module (Closes: #791819) * [armhf] power: Enable BATTERY_RX51 as module (Closes: #791820) * [x86] psmouse: Enable MOUSE_PS2_VMMOUSE (Closes: #802929) - linux-image: Add versioned Breaks on xserver-xorg-input-vmmouse to avoid driver conflicts * [armhf] udeb: Add stmmac platform modules dwmac-generic, dwmac-socfpga and dwmac-sunxi to nic-modules (Closes: #805098) * wireless: Enable WL_MEDIATEK, MT7601U as module * [x86] drm/i915: shut up gen8+ SDE irq dmesg noise (Closes: #806304) * [armhf] regulator: Enable REGULATOR_PFUZE100 as module (Closes: #806284) -- Ben Hutchings Fri, 04 Dec 2015 02:26:51 +0000 linux (4.2.6-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.2.6 - mmc: core: Fix init_card in 52Mhz (regression in 4.2) - rtlwifi: rtl8821ae: Fix system lockups on boot (regression in 4.2) - iwlwifi: mvm: init card correctly on ctkill exit check (regression in 3.18) - iwlwifi: mvm: flush fw_dump_wk when mvm fails to start (regression in 3.18) - [x86] iommu/vt-d: fix range computation when making room for large pages - [x86] iommu/amd: Fix BUG when faulting a PROT_NONE VMA - [x86] iommu/amd: Don't clear DTE flags when modifying it - drm: fix mutex leak in drm_dp_get_mst_branch_device - drm: Correct arguments to list_tail_add in create blob ioctl - drm: crtc: integer overflow in drm_property_create_blob() - rtl28xxu: fix control message flaws (regression in 4.0) - ALSA: hda - Fix deadlock at error in building PCM - [x86] ioapic: Prevent NULL pointer dereference in setup_ioapic_dest() (regression in 4.2.4) - mm: make sendfile(2) killable - drm/radeon/dpm: don't add pwm attributes if DPM is disabled (regression in 4.0) - [x86] drm/i915: Restore lost DPLL register write on gen2-4 (regression in 3.18) - [x86] drm/i915: Deny wrapping an userptr into a framebuffer - drm/radeon: don't try to recreate sysfs entries on resume (regression in 4.2.5) - drm/radeon: fix dpms when driver backlight control is disabled (regression in 4.2.4) - drm/radeon: move bl encoder assignment into bl init - rbd: require stable pages if message data CRCs are enabled - rbd: don't leak parent_spec in rbd_dev_probe_parent() - rbd: prevent kernel stack blow up on rbd map - [armhf] EXYNOS: Fix double of_node_put() when parsing child power domains (regression in 4.2) - [armhf] dts: Fix audio card detection on Peach boards (regression in 4.1) - [arm64] Revert "ARM64: unwind: Fix PC calculation" - block: don't release bdi while request_queue has live references (regression in 4.2) - dm btree remove: fix a bug when rebalancing nodes after removal - dm cache: the CLEAN_SHUTDOWN flag was not being set - dm btree: fix leak of bufio-backed block in btree_split_beneath error path - Revert "serial: 8250_dma: don't bother DMA with small transfers" (regression in 4.0) - [armel] i2c: mv64xxx: really allow I2C offloading (regression in 3.19) - clkdev: fix clk_add_alias() with a NULL alias device name (regression in 4.2) - fbcon: initialize blink interval before calling fb_set_par (regression in 4.2) - PCI: Prevent out of bounds access in numa_node override - ovl: free stack of paths in ovl_fill_super (regression in 4.0) - ovl: free lower_mnt array in ovl_put_super (regression in 4.0) - ovl: fix dentry reference leak - ovl: fix open in stacked overlay (regression in 4.2) - [x86] Input: alps - only the Dell Latitude D420/430/620/630 have separate stick button bits (regression in 4.1) - crypto: api - Only abort operations on fatal signal - md/raid1: submit_bio_wait() returns 0 on success (regression in 3.10) - md/raid10: submit_bio_wait() returns 0 on success (regression in 3.10) - md/raid5: fix locking in handle_stripe_clean_event() (regression in 3.13) - Revert "md: allow a partially recovered device to be hot-added to an array." (regression in 3.14) - [amd64] EDAC, sb_edac: Fix TAD presence check for sbridge_mci_bind_devs() (regression in 4.2) - mvsas: Fix NULL pointer dereference in mvs_slot_task_free - netfilter: ipset: Fix sleeping memory allocation in atomic context (regression in 4.2) - btrfs: fix possible leak in btrfs_ioctl_balance() (regression in 4.2.5) - kvm: irqchip: fix memory leak (regression in 4.2) - [armhf] thermal: exynos: Fix register read in TMU (regression in 4.2) - blk-mq: fix use-after-free in blk_mq_free_tag_set() (regression in 4.2) - IB/cm: Fix rb-tree duplicate free and use-after-free - sched/deadline: Fix migration of SCHED_DEADLINE tasks (regression in 4.2) - [arm64] compat: fix stxr failure case in SWP emulation - NVMe: Fix memory leak on retried commands - [x86] drm/vmwgfx: Fix up user_dmabuf refcounting - thp: use is_zero_pfn() only after pte_present() check (regression in 4.1) - xen: fix backport of previous kexec patch [ Ben Hutchings ] * usbvision: fix overflow of interfaces array (CVE-2015-7833) * RDS: fix race condition when sending a message on unbound socket (CVE-2015-7990) * media/vivid-osd: fix info leak in ioctl (CVE-2015-7884) * [x86] KVM: Intercept #AC to avoid guest->host denial-of-service (CVE-2015-5307) -- Ben Hutchings Tue, 10 Nov 2015 14:35:05 +0000 linux (4.2.5-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.2.4 - [armhf] KVM: Fix incorrect device to IPA mapping - [x86] KVM: vmx: fix VPID is 0000H in non-root operation - kvm: don't try to register to KVM_FAST_MMIO_BUS for non mmio eventfd - kvm: fix zero length mmio searching - kvm: factor out core eventfd assign/deassign logic - kvm: fix double free for fast mmio eventfd - [armhf] KVM: Disable virtual timer even if the guest is not using it - kvm: svm: reset mmu on VCPU reset - [x86] KVM: trap AMD MSRs for the TSeg base and mask - [powerpc*] KVM: Book3S: Take the kvm->srcu lock in kvmppc_h_logical_ci_load/store() - [powerpc*] KVM: Book3S HV: Pass the correct trap argument to kvmhv_commence_exit - [x86] Revert "KVM: x86: apply guest MTRR virtualization on host reserved pages" - [x86] Revert "KVM: SVM: use NPT page attributes" - [x86] Revert "KVM: SVM: Sync g_pat with guest-written PAT value" - time: Fix timekeeping_freqadjust()'s incorrect use of abs() instead of abs64() - target/iscsi: Fix np_ip bracket issue by removing np_ip - scsi: fix scsi_error_handler vs. scsi_host_dev_release race - target: Attach EXTENDED_COPY local I/O descriptors to xcopy_pt_sess - target: Fix PR registration + APTPL RCU conversion regression - iser-target: remove command with state ISTATE_REMOVE - iser-target: Put the reference on commands waiting for unsol data - toshiba_acpi: Fix hotkeys registration on some toshiba models - [x86] perf/intel: Fix constraint access - [x86] locking/qspinlock: Fix performance regression under unaccelerated VMs - [x86] locking/qspinlock: Only emit the test-and-set fallback when building guest support - [armhf] 8401/1: perf: Set affinity for PPI based PMUs - perf hists: Update the column width for the "srcline" sort key - perf stat: Get correct cpu id for print_aggr - perf tools: Add missing forward declaration of struct map to probe-event.h - perf tools: Add empty Build files for architectures lacking them - perf tools: Fix parse_events_add_pmu caller - perf header: Fixup reading of HEADER_NRCPUS feature - perf probe: Use existing routine to look for a kernel module by dso->short_name - watchdog: sunxi: fix activation of system reset - watchdog: imgpdc: Unregister restart handler on remove - sched: access local runqueue directly in single_task_running - hwmon: (nct6775) Swap STEP_UP_TIME and STEP_DOWN_TIME registers for most chips - [armhf] fix Thumb2 signal handling when ARMv6 is enabled - [armel,armhf] 8429/1: disable GCC SRA optimization - [powerpc*] windfarm: decrement client count when unregistering - [armhf] dts: omap5-uevm.dts: fix i2c5 pinctrl offsets - [armhf] dts: omap3-beagle: make i2c3, ddc and tfp410 gpio work again - [armhf] EXYNOS: reset Little cores when cpu is up - [armhf] dts: sunxi: Raise minimum CPU voltage for sun7i-a20 to meet SoC specifications - [armhf] dts: Fix wrong clock binding for sysmmu_fimd1_1 on exynos5420 - [armhf] dts: fix usb pin control for imx-rex dts - dax: fix O_DIRECT I/O to the last block of a blockdev - blockdev: don't set S_DAX for misaligned partitions - block: blkg_destroy_all() should clear q->root_blkg and ->root_rl.blkg - dmaengine: at_xdmac: change block increment addressing mode - dmaengine: at_xdmac: clean used descriptor - dmaengine: dw: properly read DWC_PARAMS register - dmaengine: at_xdmac: fix bug in prep_dma_cyclic - pmem: add proper fencing to pmem_rw_page() - [x86] apic: Serialize LVTT and TSC_DEADLINE writes - [x86] alternatives: Make optimize_nops() interrupt safe and synced - [i386] platform: Fix Geode LX timekeeping in the generic x86 build - [x86] ioapic: Force affinity setting in setup_ioapic_dest() - [x86] pci/intel_mid_pci: Work around for IRQ0 assignment - [x86] paravirt: Replace the paravirt nop with a bona fide empty function - [amd64] nmi: Fix a paravirt stack-clobbering bug in the NMI code - [x86] Use WARN_ON_ONCE for missing X86_FEATURE_NRIPS - [x86] efi: Fix boot crash by mapping EFI memmap entries bottom-up at runtime, instead of top-down - [x86] kexec: Fix kexec crash in syscall kexec_file_load() - [x86] process: Add proper bound checks in 64bit get_wchan() - [x86] mm: Set NX on gap between __ex_table and rodata - [x86] xen: Support kexec/kdump in HVM guests by doing a soft reset - leds:lp55xx: Correct Kconfig dependency for f/w user helper - leds/led-class: Add missing put_device() - sched/core: Fix TASK_DEAD race in finish_task_switch() - [s390x] compat: correct uc_sigmask of the compat signal frame - [s390x] boot/decompression: disable floating point in decompressor - Revert "cgroup: simplify threadgroup locking" - Revert "sched, cgroup: replace signal_struct->group_rwsem with a global percpu_rwsem" - memcg: make mem_cgroup_read_stat() unsigned - spi: Fix documentation of spi_alloc_master() - spi: bcm2835: BUG: fix wrong use of PAGE_MASK - spi: spidev: fix possible NULL dereference - mm: migrate: hugetlb: putback destination hugepage to active list - lib/iommu-common.c: do not try to deref a null iommu->lazy_flush() pointer when n < pool->hint - ocfs2/dlm: fix deadlock when dispatch assert master - mm: hugetlbfs: skip shared VMAs when unmapping private pages to satisfy a fault - memcg: fix dirty page migration - [armhf] ALSA: hda/tegra - async probe for avoiding module loading deadlock - ALSA: synth: Fix conflicting OSS device registration on AWE32 - ALSA: hda: Add dock support for ThinkPad T550 - ALSA: hda - Apply SPDIF pin ctl to MacBookPro 12,1 - ALSA: hda - Disable power_save_node for IDT 92HD73xx chips - ASoC: pxa: pxa2xx-ac97: fix dma requestor lines - ASoC: dwc: correct irq clear method - ASoC: db1200: Fix DAI link format for db1300 and db1550 - ASoC: sgtl5000: fix wrong register MIC_BIAS_VOLTAGE setup on probe - ASoC: tas2552: fix dBscale-min declaration - btrfs: skip waiting on ordered range for special files - Btrfs: fix read corruption of compressed and shared extents - Btrfs: update fix for read corruption of compressed and shared extents - PCI: Fix devfn for VPD access through function 0 - PCI: Use function 0 VPD for identical functions, regular VPD for others - PCI: Clear IORESOURCE_UNSET when clipping a bridge window - dm thin: disable discard support for thin devices if pool's is disabled - dm crypt: constrain crypt device's max_segment_size to PAGE_SIZE - ath10k: fix dma_mapping_error() handling - svcrdma: Fix send_reply() scatter/gather set-up - md/raid0: update queue parameter in a safer location. - md/raid0: apply base queue limits *before* disk_stack_limits - dm raid: fix round up of default region size - netfilter: nfnetlink: work around wrong endianess in res_id field - netfilter: nf_tables: Use 32 bit addressing register from nft_type_to_reg() - netfilter: ipset: Out of bound access in hash:net* types fixed - netfilter: ipset: Fixing unnamed union init - netfilter: nf_log: wait for rcu grace after logger unregistration - netfilter: nft_compat: skip family comparison in case of NFPROTO_UNSPEC - netfilter: nf_log: don't zap all loggers on unregister - regulator: core: Correct return value check in regulator_resolve_supply - regulator: axp20x: Fix enable bit indexes for DCDC4 and DCDC5 - regulator: core: Handle probe deferral from DT when resolving supplies - Bluetooth: Delay check for conn->smp in smp_conn_security() - nfs: fix v4.2 SEEK on files over 2 gigs - NFS: Do cleanup before resetting pageio read/write to mds - NFSv4: Recovery of recalled read delegations is broken - nfs: fix pg_test page count calculation - NFS: Fix a write performance regression - cifs: Fix sec=krb5 on smb3 mounts - cifs: disabling oplocks/leases via module parm enable_oplocks broken for SMB3 - cifs: Do not fall back to SMBWriteX in set_file_size error cases - drm/qxl: only report first monitor as connected if we have no state - drm/qxl: recreate the primary surface when the bo is not primary - drm/amdgpu: fix overflow on 32bit systems - drm/amdgpu: Disable UVD PG - drm/amdgpu: fix the UVD suspend sequence order - drm/amdgpu: make UVD handle checking more strict - drm/amdgpu: Fix max_vblank_count value for current display engines - drm/amdgpu: Restore LCD backlight level on resume - [x86] drm/i915/bios: handle MIPI Sequence Block v3+ gracefully - drm: Reject DRI1 hw lock ioctl functions for kms drivers - drm/radeon: Restore LCD backlight level on resume (>= R5xx) - drm/dp/mst: fixup handling hotplug on port removal. - drm/dp/mst: drop cancel work sync in the mstb destroy path (v2) - xhci: give command abortion one more chance before killing xhci - xhci: Move xhci_pme_quirk() behind #ifdef CONFIG_PM - usb: xhci: lock mutex on xhci_stop - usb: xhci: Clear XHCI_STATE_DYING on start - usb: xhci: stop everything on the first call to xhci_stop - usb: xhci: exit early in xhci_setup_device() if we're halted or dying - xhci: change xhci 1.0 only restrictions to support xhci 1.1 - xhci: init command timeout timer earlier to avoid deleting it uninitialized - usb: xhci: Add support for URB_ZERO_PACKET to bulk/sg transfers - batman-adv: Make DAT capability changes atomic - thermal: cpu_cooling: don't call kcalloc() under rcu_read_lock - thermal: cpu_cooling: free power table on error or when unregistering - [x86] hv: util: checking the wrong variable - mmc: dw_mmc: handle data blocks > than 4kB if IDMAC is used - usb: chipidea: imx: fix a typo for imx6sx - cifs: use server timestamp for ntlmv2 authentication - [armhf] irqchip/gic-v3-its: Add missing cache flushes - docs: update HOWTO for 3.x -> 4.x versioning - extcon: Fix signedness bugs about break error handling - extcon: Fix attached value returned by is_extcon_changed - [armhf] mtd: pxa3xx_nand: add a default chunk size - mtd: nand: sunxi: fix sunxi_nand_chips_cleanup() - mtd: nand: sunxi: fix OOB handling in ->write_xxx() functions - hpsa: fix an sprintf() overflow in the reset handler - PM / AVS: rockchip-io: depend on CONFIG_POWER_AVS - device property: fix potential NULL pointer dereference - ath10k: fix per-vif queue locking - ath10k: reject 11b tx fragmentation configuration - ath10k: fix peer limit enforcement - ath10k: wake up offchannel queue properly - ath10k: wake up queue upon vif creation - pcmcia: sa11x0: fix missing clk_put() in sa11x0 socket drivers - ipr: Enable SIS pipe commands for SIS-32 devices. - regmap: debugfs: Ensure we don't underflow when printing access masks - regmap: debugfs: Don't bother actually printing when calculating max length - security: fix typo in security_task_prctl - usb: musb: dsps: fix polling in device-only mode - usb: chipidea: udc: using the correct stall implementation - usb: Use the USB_SS_MULT() macro to get the burst multiplier. - usb: phy: phy-generic: Fix reset behaviour on legacy boot - usb: musb: cppi41: allow it to work again - USB: chaoskey read offset bug - usb: Add device quirk for Logitech PTZ cameras - USB: Add reset-resume quirk for two Plantronics usb headphones. - [armel,armhf] crypto: marvell - properly handle CRYPTO_TFM_REQ_MAY_BACKLOG-flagged requests - cpu/cacheinfo: Fix teardown path - cpufreq: dt: Tolerance applies on both sides of target voltage - [mips*] Fix console output for Fulong2e system - [mips*] bootmem: Fix mapstart calculation for contiguous maps - [mips*] dma-default: Fix 32-bit fall back to GFP_DMA - [mips*] CPS: Stop dangling delay slot from has_mt. - [mips*] CPS: Don't include MT code in non-MT kernels. - [mips*] CPS: #ifdef on CONFIG_MIPS_MT_SMP rather than CONFIG_MIPS_MT - batman-adv: Make NC capability changes atomic - batman-adv: Make TT capability changes atomic - batman-adv: Make MCAST capability changes atomic - batman-adv: Fix potential synchronization issues in mcast tvlv handler - batman-adv: Fix potentially broken skb network header access - [powerpc*] MSI: Fix race condition in tearing down MSI interrupts - rsi: Fix possible leak when loading firmware - UBIFS: Kill unneeded locking in ubifs_init_security - UBI: Validate data_size - UBI: return ENOSPC if no enough space available - net: via/Kconfig: GENERIC_PCI_IOMAP required if PCI not selected - iscsi-target: Avoid OFMarker + IFMarker negotiation - mmc: core: Don't return an error for CD/WP GPIOs when GPIOLIB is unset - mmc: core: fix dead loop of mmc_retune - [arm64] efi: Fix boot crash by not padding between EFI_MEMORY_RUNTIME regions - [arm64] ftrace: fix function_graph tracer panic - [arm64] readahead: fault retry breaks mmap file read random detection - [m68k] Define asmlinkage_protect - xen/blkback: free requests on disconnection - net/xen-netfront: only napi_synchronize() if running - igb: do not re-init SR-IOV during probe - genirq: Fix race in register_irq_proc() - clocksource: Fix abs() usage w/ 64bit values - md/bitmap: don't pass -1 to bitmap_storage_alloc. - nfs/filelayout: Fix NULL reference caused by double freeing of fh_array - cpufreq: acpi_cpufreq: prevent crash on reading freqdomain_cpus - [armhf] clk: ti: fix dual-registration of uart4_ick - [armhf] clk: ti: clk-7xx: Remove hardwired ABE clock configuration - [armhf] clk: samsung: fix cpu clock's flags checking - namei: results of d_is_negative() should be checked after dentry revalidation - dm: fix AB-BA deadlock in __dm_destroy() - dm cache: fix NULL pointer when switching from cleaner policy - staging: speakup: fix speakup-r regression - tty: fix stall caused by missing memory barrier in drivers/tty/n_tty.c - drivers/tty: require read access for controlling terminal - serial: 8250: add uart_config entry for PORT_RT2880 - serial: atmel: fix error path of probe function - mm/slab: fix unexpected index mapping result of kmalloc_size(INDEX_NODE+1) - blk-mq: avoid setting hctx->tags->cpumask before allocation - sched/preempt: Fix cond_resched_lock() and cond_resched_softirq() - 3w-9xxx: don't unmap bounce buffered commands - sched/preempt, xen: Use need_resched() instead of should_resched() - sched/preempt, powerpc, kvm: Use need_resched() instead of should_resched() https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.2.5 - [powerpc*] net/ibm/emac: bump version numbers for correct work with ethtool - l2tp: protect tunnel->del_work by ref_count - af_unix: Convert the unix_sk macro to an inline function for type safety - af_unix: return data from multiple SKBs on recv() with MSG_PEEK flag - net/unix: fix logic about sk_peek_offset - skbuff: Fix skb checksum flag on skb pull - skbuff: Fix skb checksum partial check. - inet: fix races in reqsk_queue_hash_req() - net: add pfmemalloc check in sk_add_backlog() - ppp: don't override sk->sk_state in pppoe_flush_dev() - inet: fix race in reqsk_queue_unlink() - bpf: fix panic in SO_GET_FILTER with native ebpf programs - ovs: do not allocate memory from offline numa node - act_mirred: clear sender cpu before sending to tx - bpf: clear sender_cpu before xmit - ipv6: Don't call with rt6_uncached_list_flush_dev - ethtool: Use kcalloc instead of kmalloc for ethtool_get_strings - tipc: move fragment importance field to new header position - netlink: Trim skb to alloc size to avoid MSG_TRUNC - drm: Fix locking for sysfs dpms file - [sparc*] crypto: initialize blkcipher.ivsize - crypto: ahash - ensure statesize is non-zero - memcg: convert threshold to bytes - btrfs: check unsupported filters in balance arguments - btrfs: fix use after free iterating extrefs - [arm64] errata: use KBUILD_CFLAGS_MODULE for erratum #843419 - nfsd/blocklayout: accept any minlength - [armhf] i2c: s3c2410: enable RuntimePM before registering to the core - i2c: designware: Do not use parameters from ACPI on Dell Inspiron 7348 - i2c: designware-platdrv: enable RuntimePM before registering to the core - workqueue: make sure delayed work run in local cpu - [x86] KVM: fix SMI to halted VCPU - [x86] KVM: fix RSM into 64-bit protected mode - drm/qxl: fix framebuffer dirty rectangle tracking. - drm/nouveau/fbcon: take runpm reference when userspace has an open fd - drm/dp/mst: make mst i2c transfer code more robust. - drm/radeon: attach tile property to mst connector - drm/radeon: add pm sysfs files late - dm thin: fix missing pool reference count decrement in pool_ctr error path - rbd: fix double free on rbd_dev->header_name - timekeeping: Increment clock_was_set_seq in timekeeping_init() - [arm64] Fix THP protection change logic - svcrdma: handle rdma read with a non-zero initial page offset [ Salvatore Bonaccorso ] * KEYS: Fix race between key destruction and finding a keyring by name * KEYS: Fix crash when attempt to garbage collect an uninstantiated keyring (CVE-2015-7872) * KEYS: Don't permit request_key() to construct a new keyring [ Ben Hutchings ] * [x86] drm: Enable DRM_AMDGPU and HSA_AMD as modules (Closes: #797752) * media: Enable DVB_AS102, VIDEO_GO7007, VIDEO_GO7007_USB, VIDEO_GO7007_LOADER, VIDEO_GO7007_USB_S2250_BOARD as modules * net: Enable LIQUIDIO and MLX5_CORE as modules; enable MLX5_CORE_EN * [x86] Enable X86_AMD_PLATFORM_DEVICE * linux-manual: Fix regression in reproducibility in 4.2~rc8-1~exp1 * net: Enable GENEVE_CORE as module - Re-enable GENEVE and OPENVSWITCH_GENEVE * bpf: Enable BPF_SYSCALL * ACPI: Enable ACPI_NFIT as module * tcp: Enable TCP_CONG_CDG as module * nftables: Enable NF_TABLES_NETDEV, NFT_REDIR_IPV4, NFT_REDIR_IPV6 as modules [This change was accidentally omitted] * net/sched: Enable NET_CLS_FLOWER as module [This change was accidentally omitted] * SCSI: Enable SCSI_SNIC as module * target: Enable TCM_USER2 as module * net/phy: Enable DP83867_PHY as module * drm: Enable DRM_VIRTIO_GPU as module * HID: Enable HID_BETOP_FF, HID_PLANTRONICS as modules * hwrng: Enable USB_CHAOSKEY as module * ext4: Enable EXT4_ENCRYPTION * f2fs: Enable F2FS_FS_ENCRYPTION * vfs,nvdimm: Enable FS_DAX [This change was accidentally omitted] -- Ben Hutchings Wed, 28 Oct 2015 05:46:49 +0900 linux (4.2.3-2) unstable; urgency=medium * nbd: Restore request timeout detection (Closes: #770479) * Ignore ABI changes in all mmc host drivers (fixes FTBFS on armhf) -- Ben Hutchings Wed, 14 Oct 2015 19:09:49 +0100 linux (4.2.3-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.2.2 - nfc: netlink: Add check on NFC_ATTR_VENDOR_DATA - nfc: nci: hci: Add check on skb nci_hci_send_cmd parameter - blk-mq: fix buffer overflow when reading sysfs file of 'pending' - blk-mq: fix race between timeout and freeing request - mac80211: enable assoc check for mesh interfaces - [powerpc*] cxl: Allow release of contexts which have been OPENED but not STARTED (regression in 4.2) - ext4: don't manipulate recovery flag when freezing no-journal fs (regression in 3.18) - Revert "ext4: remove block_device_ejected" (regression in 4.1) - [arm64] kconfig: Move LIST_POISON to a safe value - [arm64] entry: always restore x0 from the stack on syscall return - [arm64] flush FP/SIMD state correctly after execve() - [arm64] head.S: initialise mdcr_el2 in el2_setup - [armhf,arm64] KVM: vgic: Check for !irqchip_in_kernel() when mapping resources (regression in 4.0) - [arm64] KVM: add workaround for Cortex-A57 erratum #852523 - [powerpc*] pseries: Fix corrupted pdn list (regression in 4.1) - [powerpc*] eeh: Probe after unbalanced kref check (regression in 4.1) - [powerpc*] eeh: Fix fenced PHB caused by eeh_slot_error_detail() (regression in 3.18) - [powerpc*] powernv/pci-ioda: fix 32-bit TCE table init in kdump kernel (regression in 4.2) - [powerpc*] powernv/pci-ioda: fix kdump with non-power-of-2 crashkernel= (regression in 4.2) - [powerpc*] pseries: Release DRC when configure_connector fails (regression in 4.1) - [powerpc*] mm: Recompute hash value after a failed update - CIFS: fix type confusion in copy offload ioctl - mm: check if section present during memory block registering (regression in 3.19) - [i386] mm: Initialize pmd_idx in page_table_range_init_count() - [x86] i915: Set ddi_pll_sel in DP MST path (regression in 4.2) - Btrfs: check if previous transaction aborted to avoid fs corruption - nfsd: Fix an FS_LAYOUT_TYPES/LAYOUT_TYPES encode bug - nfsd: ensure that the ol stateid hash reference is only put once - nfsd: ensure that delegation stateid hash references are only put once - NFSv4.1/pnfs: Fix atomicity of commit list updates (regression in 4.0) - NFSv4: don't set SETATTR for O_RDONLY|O_EXCL - NFSv4.1/pNFS: Fix borken function _same_data_server_addrs_locked() - NFS: Fix a NULL pointer dereference of migration recovery ops for v4.2 client - NFS: nfs_set_pgio_error sometimes misses errors - NFS41/flexfiles: update inode after write finishes - NFSv4: Force a post-op attribute update when holding a delegation - NFS41/flexfiles: zero out DS write wcc - NFSv4.1/flexfiles: Fix a protocol error in layoutreturn - NFSv4.1: Fix a protocol issue with CLOSE stateids - nfs: Fix truncated client owner id without proto type (regression in 4.2) - Revert "NFSv4: Remove incorrect check in can_open_delegated()" (regression in 3.19) - svcrdma: Change maximum server payload back to RPCSVC_MAXPAYLOAD (regression in 4.2) - SUNRPC: Ensure that we wait for connections to complete before retrying (regression in 4.0) - SUNRPC: Lock the transport layer on shutdown - [hppa] PCI: Enable 64-bit bus addresses on PA-RISC (regression in 4.2) - [hppa] Use double word condition in 64bit CAS operation - fs: if a coredump already exists, unlink and recreate with O_EXCL - fs: Don't dump core if the corefile would become world-readable. - mmc: sdhci-of-esdhc: add workaround for pre divider initial value (regression in 4.2) - mmc: sdhci: also get preset value and driver type for MMC_DDR52 (regression in 3.16) - mmc: sdhci: fix dma memory leak in sdhci_pre_req() (regression in 4.0) - mmc: core: fix race condition in mmc_wait_data_done - [armhf] iommu/fsl: Really fix init section(s) content (regression in 4.0) - [armhf] iommu/io-pgtable-arm: Unmap and free table when overwriting with block - [x86] iommu/vt-d: Really use upper context table when necessary (regression in 4.1) - eCryptfs: Invalidate dcache entries when lower i_nlink is zero - hfs: fix B-tree corruption after insertion at position 0 - IB/srp: Handle partial connection success correctly - IB/srp: Stop the scsi_eh_ and scsi_tmf_ threads if login fails (regression in 4.2) - IB/uverbs: reject invalid or unknown opcodes - IB/uverbs: Fix race between ib_uverbs_open and remove_one - IB/iser: Fix missing return status check in iser_send_data_out (regression in 3.19) - IB/iser: Fix possible bogus DMA unmapping (regression in 3.19) - IB/mlx5: avoid destroying a NULL mr in reg_user_mr error flow (regression in 3.19) - IB/mlx4: Fix incorrect cq flushing in error state (regression in 4.0) - hfs,hfsplus: cache pages correctly between bnode_create and bnode_free - jbd2: avoid infinite loop when destroying aborted journal (regression in 4.2) https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.2.3 - phylib: fix device deletion order in mdiobus_unregister() (regression in 4.2) - sock, diag: fix panic in sock_diag_put_filterinfo (regression in 3.19) - net/ipv6: Correct PIM6 mrt_lock handling - ipv6: fix multipath route replace error recovery (regression in 4.1) - netlink, mmap: transform mmap skb into full skb on taps - bridge: fix igmpv3 / mldv2 report parsing (regression in 4.2) - [armhf] net: mvneta: fix DMA buffer unmapping in mvneta_rx() (regression in 4.2) - rtnetlink: catch -EOPNOTSUPP errors from ndo_bridge_getlink (regression in 4.2) - macvtap: fix TUNSETSNDBUF values > 64k (regression in 3.19) - netlink: Fix autobind race condition that leads to zero port ID (regression in 4.1) - netlink: Replace rhash_portid with bound - openvswitch: Zero flows on allocation. - tcp: add proper TS val into RST packets (regression in 3.18) - packet: Fix AF_PACKET ABI breakage in 4.2 - net: revert "net_sched: move tp->root allocation into fw_init()" (regression in 4.1) - fib_rules: fix fib rule dumps across multiple skbs - ppp: fix lockdep splat in ppp_dev_uninit() (regression in 4.2) - [armhf] mvneta: use inband status only when explicitly enabled (regression in 4.1) - net/mlx4_core: Capping number of requested MSIXs to MAX_MSIX - zram: fix possible use after free in zcomp_create() - [x86] hp-wmi: limit hotkey enable [ Ben Hutchings ] * ovl: conditionally use O_LARGEFILE in ovl_copy_up() (Closes: #800724) * [x86] ALSA: hda - Disable power_save_node for Thinkpads (Closes: #800694) * i2c: Enable I2C_CHARDEV as a module in all configurations with I2C support (Closes: #800597) * [mips*/octeon] Enable CAVIUM_CN63XXP1 (Closes: #800595) * [mips*/octeon] Enable MMC, MMC_BLOCK, OCTEON_MMC and other drivers as modules (Closes: #800594) * ath10k: add qca6164 support (Closes: #800703) * [!x86] net: Disable VMXNET3, only useful in VMware x86 virtual machines * netfilter: conntrack: use nf_ct_tmpl_free in CT/synproxy error paths (Closes: #800445) * [arm64] Defer workaround for erratum #843419 * [x86] crypto camellia_aesni_avx: Fix CPU feature checks (Closes: #800934) [ Salvatore Bonaccorso ] * ipc: Initialize msg/shm IPC objects before doing ipc_addid() (CVE-2015-7613) [ Ian Campbell ] * [armel] Update breaks on flash-kernel to anything earlier than 3.37 since that version adds the knowledge that various additional kirkwood systems need a DTB appending as of v3.17-rc1. (Closes: #797878) -- Ben Hutchings Tue, 06 Oct 2015 17:44:55 +0100 linux-tools (4.2-2) unstable; urgency=medium * [x32] Don't attempt to build linux-perf (fixes FTBFS) * [x32] Build hyperv-daemons package * [alpha] uapi: Add support for __SANE_USERSPACE_TYPES__(fixes FTBFS) -- Ben Hutchings Fri, 02 Oct 2015 18:41:22 +0100 linux (4.2.1-2) unstable; urgency=medium * media: uvcvideo: Disable hardware timestamps by default (Closes: #794327) * [mips*] udeb: Remove 'Provides: ata-modules' from kernel-image * [hppa/parisc64-smp,mips*el/loongson-3] udeb: Remove i2c-modules again, as the drivers that belong in it are actually built-in (fixes FTBFS) * sctp: fix race on protocol/netns initialization (CVE-2015-5283) * [mips*] pgtable-bits.h: Correct _PAGE_GLOBAL_SHIFT build failure (regression in 4.0, but not a build failure for us) -- Ben Hutchings Sun, 27 Sep 2015 14:17:34 +0100 linux-tools (4.2-1) unstable; urgency=medium * New upstream release [ Ben Hutchings ] * debian/bin,debian/control,debian/lib/python,debian/rules: Use Python 3 - debian/lib/python: Sync with linux package * debian/bin/genorig.py: Make orig tarballs reproducible * linux-perf: Fix installation directory for bash completions * linux-perf: Remove shebang lines from perf scripts * Set compiler flags according to dpkg-buildflags * hyperv-daemons: Fix fortify format warning * debian/rules: Add support for DEB_BUILD_OPTIONS=parallel=N * debian/control: Update policy version to 3.9.6; no changes required * linux-perf: Revert "perf build: Fix libunwind feature detection on 32-bit x86", which was a regression for us -- Ben Hutchings Fri, 25 Sep 2015 22:55:41 +0100 linux (4.2.1-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.2.1 [ Ben Hutchings ] * [mips*el/loongson-3] udeb: Add fb-modules containing radeon driver (Closes: #776274) * [hppa/parisc64-smp,[mips*el/loongson-3] udeb: Add i2c-modules and make fb-modules depend on it rather than including I2C modules directly * workqueue: Make flush_workqueue() available again to non GPL modules (Closes: #798311) * vfs: Fix possible escape from mount namespace (CVE-2015-2925): - dcache: Handle escaped paths in prepend_path - dcache: Reduce the scope of i_lock in d_splice_alias - vfs: Test for and handle paths that are unreachable from their mnt_root * aufs: Update support patches to aufs4.x-rcN-20150921 - mmap: Fix races in madvise_remove() and sys_msync() (Closes: #796036) * RDS: verify the underlying transport exists before creating a connection (CVE-2015-6937) * Set ABI to 1 * e1000e: Fix tight loop implementation of systime read algorithm * mmc: Drop "eMMC: Don't initialize partitions on RPMB flagged areas", as upstream commit 4e93b9a6abc0 ("mmc: card: Don't access RPMB partitions for normal read/write") looks like a cleaner solution * mm: Change ZBUD back to built-in, as it's not really useful as a module * USB: whiteheat: fix potential null-deref at probe (CVE-2015-5257) [ Aurelien Jarno ] * [mips*el] Fix BPF assembly code for pre-R2 CPUs. (fixes FTBFS) -- Ben Hutchings Fri, 25 Sep 2015 18:18:01 +0100 linux (4.2-1~exp1) experimental; urgency=medium * New upstream release: http://kernelnewbies.org/Linux_4.2 [ Ben Hutchings ] * Remove all support for ia64 (Closes: #679545, #691576, #728706) * [s390x] Compile with gcc-4.9 (Closes: #796845) * linux-source: Depend on xz-utils, not bzip2 (Closes: #796940) * gfs2: Make statistics unsigned, suitable for use with do_div() (fixes FTBFS on mipsel,m68k) * [amd64] Enable KALLSYMS_ALL (Closes: #660288), LIVEPATCH * Re-enable various config options disabled by name changes in 4.2: - SUNRPC_XPRT_RDMA replaced SUNRPC_XPRT_RDMA_{CLIENT,SERVER} - [mips*el/loongson*] LOONGSON64 replaced LOONGSON - [x86] COMEDI_8255_SA replaced COMEDI_8255 * [sparc] Remove linux-image, linux-header and udeb packages, as they are redundant with sparc64 and neither is an official port * Fix last issue that prevents a reproducible build (Closes: #769844): - DocBook: Use a fixed encoding for output * debian/bin,debian/control,debian/lib/python,debian/rules.real, linux-support: Use Python 3 * debian/bin/genorig.py: Make orig tarballs reproducible -- Ben Hutchings Mon, 31 Aug 2015 02:08:19 +0100 linux (4.2~rc8-1~exp1) experimental; urgency=medium * New upstream release candidate [ Aurelien Jarno ] * [mips*] Build ext4 as module. Add core-modules and ext4-modules udeb. Fixes FTBFS. * [mips,mips64] Remove r4k-ip22, r5k-ip32 and sb1-bcm91250a flavours. * [mipsel,mips64el] Remove sb1-bcm91250a flavour. [ Ben Hutchings ] * debian/control: Correct build-dependency on xz-utils, needed on all arches * Fix more issues that prevent a reproducible build: - Set LC_ALL=C.UTF-8 - Avoid creating man pages in source tree -- Ben Hutchings Mon, 24 Aug 2015 12:00:54 +0100 linux-tools (4.2~rc7-1~exp1) experimental; urgency=medium * New upstream release candidate [ Ben Hutchings ] * genorig: Include more mips makefiles (fixes FTBFS) -- Ben Hutchings Mon, 17 Aug 2015 10:42:08 +0200 linux-tools (4.2~rc6-1~exp1) experimental; urgency=medium * New upstream release candidate [ Ben Hutchings ] * Adjust for migration to git: - Update .gitignore files - debian/control: Update Vcs-* fields - debian/rules: Exclude .git from maintainerclean rule * Add packages of liblockdep (lockdep, liblockdep, liblockdep-dev) -- Ben Hutchings Fri, 14 Aug 2015 14:58:57 +0200 linux (4.2~rc6-1~exp1) experimental; urgency=medium * New upstream release candidate [ Ben Hutchings ] * Adjust for migration to git: - Update .gitignore files - debian/control: Update Vcs-* fields - README.Debian, README.source: Update references to svn * [rt] Disable until it is updated for 4.2 or later * debian/control: Drop Frederik Schüler from Uploaders -- Ben Hutchings Wed, 12 Aug 2015 20:48:00 +0200 linux (4.1.6-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.6 - [mips*/*-malta] Don't reinitialise RTC (regression in 3.14) - [mips*] Make set_pte() SMP safe. - fsnotify: fix oops in fsnotify_clear_marks_by_group_flags() - [x86] drm/i915: Declare the swizzling unknown for L-shaped configurations - [x86] drm/i915: Replace WARN inside I915_READ64_2x32 with retry loop - drm/radeon: rework audio detect (v4) (regression in 4.0) - drm/radeon/combios: add some validation of lvds values (regression in 4.0) - ipr: Fix incorrect trace indexing - ipr: Fix invalid array indexing for HRRQ - Bluetooth: Fix NULL pointer dereference in smp_conn_security - [armhf] dmaengine: pl330: Fix overflow when reporting residue in memcpy (regression in 4.0) - [armhf] dmaengine: pl330: Really fix choppy sound because of wrong residue calculation (regression in 4.0) - xhci: fix off by one error in TRB DMA address boundary check - ath10k: fix qca61x4 hw2.1 support - [sparc*] Fix userspace FPU register corruptions. (Closes: #789180) - ASoC: dapm: Lock during userspace access - ASoC: dapm: Don't add prefix to widget stream name (regression in 4.1) - [x86] xen: Probe target addresses in set_aliased_prot() before the hypercall - xen/gntdevt: Fix race condition in gntdev_release() - hwrng: core - correct error check of kthread_run call - [x86] crypto: qat - Fix invalid synchronization between register/unregister sym algs - rbd: fix copyup completion race - [armhf] OMAP2+: hwmod: Fix _wait_target_ready() for hwmods without sysc - [x86] hwmon: (dell-smm) Blacklist Dell Studio XPS 8100 - ocfs2: fix BUG in ocfs2_downconvert_thread_do_work() - ocfs2: fix shift left overflow - nfsd: Drop BUG_ON and ignore SECLABEL on absent filesystem - md/raid1: extend spinlock to protect raid1_end_read_request against inconsistencies - dm: fix dm_merge_bvec regression on 32 bit systems (regression in 3.19 - [x86] Input: alps - only Dell laptops have separate button bits for v2 dualpoint sticks (regression in 4.1) - mm, vmscan: Do not wait for page writeback for GFP_NOFS allocations - signalfd: fix information leak in signalfd_copyinfo - signal: fix information leak in copy_siginfo_to_user - signal: fix information leak in copy_siginfo_from_user32 - nfsd: do nfs4_check_fh in nfs4_check_file instead of nfs4_check_olstateid [ Aurelien Jarno ] * [mips*] Build ext4 as module. Add core-modules and ext4-modules udeb. Fixes FTBFS. [ Ben Hutchings ] * [i386] udeb: Make gpio_keys_polled and leds-gpio optional in input-modules as they are not built for the 686-pae flavour (fixes FTBFS) * perf: Fix AUX buffer refcounting * ovl: Revert changes in 4.1.5-1 due to regression (Reopens: #786925) -- Ben Hutchings Sun, 23 Aug 2015 12:19:22 +0200 linux (4.1.5-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.4 - Bluetooth: btbcm: allow btbcm_read_verbose_config to fail on Apple (regression in 4.1) - ath9k_htc: memory corruption calling set_bit() - ieee802154: Fix sockaddr_ieee802154 implicit padding information leak. - staging: vt6656: check ieee80211_bss_conf bssid not NULL - staging: vt6655: check ieee80211_bss_conf bssid not NULL - staging: vt6655: device_rx_srv check sk_buff is NULL - staging: rtl8712: prevent buffer overrun in recvbuf2recvframe - hid-sensor: Fix suspend/resume delay (regression in 4.0) - ext4: fix race between truncate and __ext4_journalled_writepage() - ext4: call sync_blockdev() before invalidate_bdev() in put_super() - ext4: don't retry file block mapping on bigalloc fs with non-extent file - ext4: fix fencepost error in lazytime optimization - ext4: avoid deadlocks in the writeback path by using sb_getblk_gfp - ext4: fix reservation release on invalidatepage for delalloc fs - ext4: be more strict when migrating to non-extent based file - ext4: correctly migrate a file with a hole at the beginning - jbd2: use GFP_NOFS in jbd2_cleanup_journal_tail() - jbd2: fix ocfs2 corrupt when updating journal superblock fails - [armhf] rtc: snvs: fix wakealarm by call enable_irq_wake earlier (regression in 3.19) - i2c: mux: Use __i2c_transfer() instead of calling parent's master_xfer() (regression in 4.1) - i2c: use parent adapter quirks in mux (regression in 4.1) - vb2: Don't WARN when v4l2_buffer.bytesused is 0 for multiplanar buffers (regression in 4.1) - media: Fix regression in some more dib0700 based devices (regression in 3.17) - rc-core: fix dib0700 scancode generation for RC5 (regression in 3.17) - cx24117: fix a buffer overflow when checking userspace params - af9013: Don't accept invalid bandwidth - s5h1420: fix a buffer overflow when checking userspace params - cx24116: fix a buffer overflow when checking userspace params - libata: Fall back to unqueued READ LOG EXT if the DMA variant fails (regression in 4.1) - libata: Expose TRIM capability in sysfs - libata: add ATA_HORKAGE_NOTRIM - libata: add ATA_HORKAGE_MAX_SEC_1024 to revert back to previous max_sectors limit (regression in 3.19) - libata: force disable trim for SuperSSpeed S238 - [armhf] usb: dwc3: gadget: don't clear EP_BUSY too early (regression in 3.15) - USB: devio: fix a condition in async_completed() - [armhf] phy: twl4030-usb: remove incorrect pm_runtime_get_sync() in probe function. (regression in 3.17) - usb: gadget: composite: Fix NULL pointer dereference (regression in 4.1) - usb: gadget: f_fs: do not set cancel function on synchronous {read,write} (regression in 4.0) - USB: OHCI: Fix race between ED unlink and URB submission (regression in 3.17) - usb: core: lpm: set lpm_capable for root hub device (regression in 3.15) - usb: xhci: Bugfix for NULL pointer deference in xhci_endpoint_init() function - dm cache: fix race when issuing a POLICY_REPLACE operation - dm btree remove: fix bug in redistribute3 - block: loop: convert to per-device workqueue (regression in 4.0) - block: loop: avoiding too many pending per work I/O (regression in 4.0) - block: Do a full clone when splitting discard bios (Closes: #793326) (regression in 3.14) - [armhf] drm/tegra: dpaux: Fix transfers larger than 4 bytes (regression in 3.15) - drm/qxl: Do not cause spice-server to clean our objects - drm/atomic: fix out of bounds read in for_each_*_in_state helpers (regression in 4.1) - drm/radeon: take the mode_config mutex when dealing with hpds (v2) - [x86] drm/i915/ppgtt: Break loop in gen8_ppgtt_clear_range failure path (regression in 4.1) - [x86] drm/i915: fix backlight after resume on 855gm (regression in 3.19) - [x86] drm/i915: Snapshot seqno of most recently submitted request. (regression in 4.0) - Revert "drm/radeon: dont switch vt on suspend" (regression in 4.1) - drm/radeon: unpin cursor BOs on suspend and pin them again on resume (v2) (regression in 4.1) - drm/radeon: fix user ptr race condition - drm/radeon/ci: silence a harmless PCC warning - drm: add a check for x/y in drm_mode_setcrtc - drm: Stop resetting connector state to unknown (regression in 4.1) - libata: Fix regression when the NCQ Send and Receive log page is absent - xfs: fix remote symlinks on V5/CRC filesystems - xfs: don't truncate attribute extents if no extents exist (regression in 4.1) - tpm: Fix initialization of the cdev (regression in 4.0) - tpm, tpm_crb: fail when TPM2 ACPI table contents look corrupted (regression in 4.1) - [armel,armhf] dmaengine: mv_xor: bug fix for racing condition in descriptors cleanup - md: clear mddev->private when it has been freed. (regression in 4.0) - md: unlock mddev_lock on an error path. (regression in 4.0) - md: Skip cluster setup for dm-raid (regression in 4.1) - Btrfs: don't invalidate root dentry when subvolume deletion fails (regression in 3.18) - Btrfs: use kmem_cache_free when freeing entry in inode cache - Btrfs: fix race between caching kthread and returning inode to inode cache (regression in 3.15) - Btrfs: fix fsync data loss after append write - Btrfs: fix list transaction->pending_ordered corruption (regression in 3.19) - Btrfs: fix file corruption after cloning inline extents - selinux: fix mprotect PROT_EXEC regression caused by mm change (regression in 4.1) - ceph/crush: fix a bug in tree bucket decode - ACPI / PNP: Reserve ACPI resources at the fs_initcall_sync stage (regression in 4.1) - ACPI / LPSS: Fix up acpi_lpss_create_device() (regression in 4.0) - ACPICA: Tables: Enable both 32-bit and 64-bit FACS (regression in 3.14) - ACPICA: Tables: Enable default 64-bit FADT addresses favor - ACPI / PCI: Fix regressions caused by resource_size_t overflow with 32-bit kernel (regression in 4.0) - mmc: sdhci: Restore behavior while creating OCR mask (regression in 3.17) - PM / clk: Fix clock error check in __pm_clk_add() (regression in 3.19) - RDMA/ocrdma: fix double free on pd (regression in 4.0) - mm/hugetlb: introduce minimum hugepage order (regression in 3.12) - PM / sleep: Increase default DPM watchdog timeout to 60 (regression in 3.13) - firmware: dmi_scan: Only honor end-of-table for 64-bit tables (regression in 3.19) - mac80211: fix the beacon csa counter for mesh and ibss (regression in 3.17) - iwlwifi: mvm: fix ROC reference accounting (regression in 3.17) - cfg80211: ignore netif running state when changing iftype - e1000e: Cleanup handling of VLAN_HLEN as a part of max frame size (regression in 3.15) - ovl: lookup whiteouts outside iterate_dir() (regression in 4.0) - pNFS: Fix a memory leak when attempted pnfs fails - pNFS/flexfiles: Fix the reset of struct pgio_header when resending - nfs: fixing infinite OPEN loop in 4.0 stateid recovery - NFS: Ensure we set NFS_CONTEXT_RESEND_WRITES when requeuing writes - nfs: fix potential credential leak in ff_layout_update_mirror_cred - nfs: always update creds in mirror, even when we have an already connected ds - 9p: forgetting to cancel request on interrupted zero-copy RPC - 9p: don't leave a half-initialized inode sitting around - p9_client_write(): avoid double p9_free_req() - [arm64] bpf: fix out-of-bounds read in bpf2a64_offset() - [arm64] bpf: fix endianness conversion bugs - [arm64] Don't report clear pmds and puds as huge - mm: avoid setting up anonymous pages into file mapping https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.5 - [powerpc*] powernv: Fix race in updating core_idle_state (regression in 3.19) - Revert "Input: synaptics - allocate 3 slots to keep stability in image sensors" (regression in 4.1) - [hppa] Fix some PTE/TLB race conditions and optimize __flush_tlb_range based on timing results - [hppa] mm: Fix a memory leak related to pmd not attached to the pgd (regression in 4.0) - [armel,armhf] 8404/1: dma-mapping: fix off-by-one error in bitmap size check (regression in 3.15) - [mips*] c-r4k: Fix cache flushing for MT cores - can: replace timestamp as unique skb attribute (regression in 4.1) - vfs: freeing unlinked file indefinitely delayed - [armhf] crypto: omap-des - Fix unmapping of dma channels - [s390x] nmi: fix vector register corruption - [s390x] bpf: clear correct BPF accumulator register - genirq: Prevent resend to interrupts marked IRQ_NESTED_THREAD - [x86] perf: Fix static_key bug in load_mm_cr4() (regression in 4.0) - Revert "dm: only run the queue on completion if congested or no requests pending" (regression in 4.1) - scsi: fix host max depth checking for the 'queue_depth' sysfs interface (regression in 3.19) - scsi: fix memory leak with scsi-mq (regression in 3.17) - mnt: Clarify and correct the disconnect logic in umount_tree (regressions in 4.0.2, 4.1) - mnt: In detach_mounts detach the appropriate unmounted mount (regression in 4.1) - ftrace: Fix breakage of set_ftrace_pid (regression in 3.16) - [x86] iommu/vt-d: Fix VM domain ID leak (regression in 3.17) - mmc: sdhci check parameters before call dma_free_coherent (regression in 3.16) - iwlwifi: mvm: fix antenna selection when BT is active (regression in 3.17) - md/raid1: fix test for 'was read error from last working device'. - [armhf] spi: imx: Fix small DMA transfers (regression in 3.18) - [armhf] regulator: s2mps11: Fix GPIO suspend enable shift wrapping bug - usb-storage: ignore ZTE MF 823 card reader in mode 0x1225 - [armhf] Revert "serial: imx: initialized DMA w/o HW flow enabled" (regression in 4.0) - serial: core: Fix crashes while echoing when closing (regression in 3.19) - efi: Handle memory error structures produced based on old versions of standard (regression in 3.13) - [x86] efi: Use all 64 bit of efi_memmap in setup_e820() - rds: rds_ib_device.refcount overflow - n_tty: signal and flush atomically (regression in 4.0) - [x86] perf/intel/cqm: Return cached counter value from IRQ context (regression in 4.1)f - NFS: Don't revalidate the mapping if both size and change attr are up to date (regression in 3.16) - NFSv4: We must set NFS_OPEN_STATE flag in nfs_resync_open_stateid_locked (regression in 4.0) - NFS: Fix a memory leak in nfs_do_recoalesce (regression in 4.0) - iscsi-target: Fix use-after-free during TPG session shutdown - iscsi-target: Fix iscsit_start_kthreads failure OOPs (regression in 4.0) - iscsi-target: Fix iser explicit logout TX kthread leak (regression in 4.0) - qla2xxx: Fix hardware lock/unlock issue causing kernel panic. (regression in 3.18) - qla2xxx: release request queue reservation. (regression in 3.18) - qla2xxx: Remove msleep in qlt_send_term_exchange (regression in 3.18) - qla2xxx: fix command initialization in target mode. (regression in 3.18) - qla2xxx: kill sessions/log out initiator on RSCN and port down efvents (regression in 3.18) - drm/nouveau/fbcon/nv11-: correctly account for ring space usage - drm/nouveau/kms/nv50-: guard against enabling cursor on disabled heads - drm/nouveau: hold mutex when calling nouveau_abi16_fini() - drm/nouveau/drm/nv04-nv40/instmem: protect access to priv->heap by mutex - xfs: remote attribute headers contain an invalid LSN - xfs: remote attributes need to be considered data [ Ian Campbell ] * [armhf] Enable cpufreq on some sunxi platforms (Closes: #793185) - Enable autoloading of the cpufreq-dt driver. - Enable autoloading of AXP20x regulator driver. [ Ben Hutchings ] * [x86] iio: Enable drivers for ACPI-discoverable devices as modules: AK8975, BMC150_ACCEL, BMG160, BMP280, INV_MPU6050_IIO, JSA1212, KMX61, KXCJK1013, MMA9551, MMA9553, SX9500 * Adjust for migration to git: - Update .gitignore files - debian/control: Update Vcs-* fields - README.Debian, README.source: Update references to svn * Bump ABI to 2 * virtio-net: drop NETIF_F_FRAGLIST (CVE-2015-5156) * ovl: Add support for NFS as lower filesystem (Closes: #786925) * perf: Fix double-free of the AUX buffer * linux-source: Fix compression of the source tarball (Closes: #795199) * udeb: Add newly enabled drivers: - [i386] Add gpio_keys_polled, leds-gpio to input-modules - Add virtio-input to input-modules - Add toshsd to mmc-modules - Add wd719x to scsi-extra-modules - Move eeprom_93cx6 to core-modules; make scsi-extra-modules depend on it -- Ben Hutchings Sat, 15 Aug 2015 23:37:20 +0200 linux-tools (4.1.4-2) unstable; urgency=medium * [mips*,alpha,hppa] linux-perf: Add empty Build files for these architectures (fixes FTBFS) -- Ben Hutchings Tue, 04 Aug 2015 17:11:46 +0100 linux-tools (4.1.4-1) unstable; urgency=medium * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.4 - perf bench numa: Fix to show proper convergence stats [ Ben Hutchings ] * linux-tools: Set $KBUILD_BUILD_TIMESTAMP from changelog and use it as man page date * hyperv-daemons: Only attempt to build package on i386, amd64 (fixes FTBFS on other architectures) * linux-tools: Rename to linux-perf-, since other tools are in other binary packages -- Ben Hutchings Tue, 04 Aug 2015 00:47:58 +0100 linux (4.1.3-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.3 [ Ben Hutchings ] * [armel/kirkwood] ubi: Change UBIFS_FS and MTD_UBI from built-in to modules, to reduce kernel image size (fixes FTBFS) * debian/rules.real: Use dpkg-parsechangelog -S * [rt] Update to 4.1.3-rt3 and re-enable * KEYS: ensure we free the assoc array edit if edit is valid (CVE-2015-1333) * [armel,sh4] linux-image: Recommend u-boot-tools rather than the obsolete uboot-mkimage package (Closes: #793608) * [i386/586] Enable KEYBOARD_GPIO_POLLED and LEDS_GPIO as modules, and ALIX, NET5501, GEOS (Closes: #734204) * [s390x] cachinfo: add missing facility check to init_cache_level() (Closes: #793929) * md: use kzalloc() when bitmap is disabled (CVE-2015-5697) * inet: Enable IPVLAN, NET_FOU as modules; enable NET_FOU_IP_TUNNELS * netfilter: Enable NFT_REDIR as module * net/sched: Enable NET_ACT_VLAN, NET_ACT_BPF, NET_ACT_CONNMARK as modules * mpls: Enable MPLS_ROUTING as module * hci_uart: Enable BT_HCIUART_INTEL, BT_HCIUART_BCM * SCSI: Enable SCSI_WD719X as module * dm: Enable DM_LOG_WRITES as module * cxgb4: Enable CHELSIO_T4_DCB * ixgbe: Enable IXGBE_VXLAN * i40e: Enable I40E_FCOE * drm: Enable DRM_VGEM as module * virtio: Enable VIRTIO_INPUT as module * mmc: Enable MMC_TOSHIBA_PCI as module * [x86] block: Enable BLK_DEV_PMEM as module; enable X86_PMEM_LEGACY * [x86] tpm: Enable TCG_CRB as module * debug: Enable DEBUG_LIST * security: Apply and enable GRKERNSEC_PERF_HARDEN feature from Grsecurity, disabling use of perf_event_open() by unprivileged users by default (sysctl: kernel.perf_event_paranoid) * Set ABI to 1 [ Ian Campbell ] * [armhf] Set CONFIG_ARM_TEGRA_CPUFREQ as builtin. * [armhf] Enable new drivers for sunxi platforms (Closes: #792388) -- Ben Hutchings Mon, 03 Aug 2015 22:17:15 +0100 linux-tools (4.1.2-1~exp1) experimental; urgency=medium * New upstream release [ Bastian Blank ] * Add hyperv-daemons package, thanks to Hideki Yamane (closes: #782761) [ Ben Hutchings ] * hyperv-daemons: Rewrite description -- Ben Hutchings Mon, 13 Jul 2015 01:33:27 +0100 linux (4.1.2-1~exp1) experimental; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.2 [ Ben Hutchings ] * Fix more issues that prevent a reproducible build: - linux-doc: DocBook: generate consistent IDs - linux-manual: DocBook: Fix duplicate man pages - linux-manual: kernel-doc: Use $KBUILD_BUILD_TIMESTAMP as man page date * [i386] Disable VM86 (Closes: #792003) -- Ben Hutchings Sat, 11 Jul 2015 18:01:42 +0100 linux (4.1.1-1~exp1) experimental; urgency=medium * New upstream release: http://kernelnewbies.org/Linux_4.1 - i40e: start up in VEPA mode by default (Closes: #790953) * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.1 [ Ben Hutchings ] * Fix some issues that prevent a reproducible build (thanks to Jérémy Bobbio): - linux-image: Fix timestamps in the built-in initramfs - linux-source: Fix timestamps and sort files in the tarball - linux-doc,linux-manual: Drop original timestamp (and name) when compressing - linux-doc: Parse kernel-doc deterministically * aufs: Apply patches to enable building aufs out-of-tree * [x86] Enable MMIOTRACE (Closes: #790808) [ maximilian attems ] * [x86] Enable SND_SOC_INTEL_BROADWELL_MACH. (closes: #785422) [ Ian Campbell ] * [arm64+armhf] Enable SYSCON poweroff driver. -- Ben Hutchings Tue, 07 Jul 2015 09:15:45 +0100 linux (4.0.8-2) unstable; urgency=high [ Uwe Kleine-König ] * [rt] Update to 4.0.8-rt6 [ Ben Hutchings ] * [amd64] Fix nested NMI handling (CVE-2015-3290, CVE-2015-3291, CVE-2015-5157) - Enable nested do_nmi handling for 64-bit kernels - Remove asm code that saves cr2 - Switch stacks on userspace NMI entry - Reorder nested NMI checks - Use DF to avoid userspace RSP confusing nested NMI detection -- Ben Hutchings Wed, 22 Jul 2015 21:45:07 +0100 linux (4.0.8-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.8 - netfilter: nft_rbtree: fix locking - [armhf] clk-imx6q: refine sata's parent - KVM: nSVM: Check for NRIPS support before updating control field - [sparc*] Use GFP_ATOMIC in ldc_alloc_exp_dring() as it can be called in softirq context - bridge: fix multicast router rlist endless loop - net: igb: fix the start time for periodic output signals - net: don't wait for order-3 page allocation - sctp: fix ASCONF list handling (CVE-2015-3212) - bridge: fix br_stp_set_bridge_priority race conditions - packet: read num_members once in packet_rcv_fanout() - packet: avoid out of bounds read in round robin fanout - neigh: do not modify unlinked entries - tcp: Do not call tcp_fastopen_reset_cipher from interrupt context - ip: report the original address of ICMP messages - net/mlx4_en: Release TX QP when destroying TX ring - net/mlx4_en: Wake TX queues only when there's enough room - net/mlx4_en: Fix wrong csum complete report when rxvlan offload is disabled - mlx4: Disable HA for SRIOV PF RoCE devices - net: phy: fix phy link up when limiting speed via device tree - bnx2x: fix lockdep splat - sctp: Fix race between OOTB responce and route removal - [armhf] net: mvneta: introduce compatible string "marvell, armada-xp-neta" - [armhf] mvebu: update Ethernet compatible string for Armada XP - [armhf] net: mvneta: disable IP checksum with jumbo frames for Armada 370 - usb: gadget: f_fs: fix check in read operation - usb: gadget: f_fs: add extra check before unregister_gadget_item - crypto: talitos - avoid memleak in talitos_alg_alloc() - Revert "crypto: talitos - convert to use be16_add_cpu()" - [armhf/armmp-lpae] iommu/arm-smmu: Fix broken ATOS check - [x86] iommu/amd: Handle large pages correctly in free_pagetable - mmc: sdhci: fix low memory corruption - [x86] intel_pstate: set BYT MSR with wrmsrl_on_cpu() - selinux: fix setting of security labels on NFS - [armhf] KVM: force execution of HCPTR access on VM exit - [armhf] kvm: psci: fix handling of unimplemented functions - [armhf] tegra20: Store CPU "resettable" status in IRAM - [powerpc*] tick/idle: Do not register idle states with CPUIDLE_FLAG_TIMER_STOP set in periodic mode - [powerpc*] perf: Fix book3s kernel to userspace backtraces - [x86] PCI: Use host bridge _CRS info on systems with >32 bit addressing - [x86] PCI: Use host bridge _CRS info on Foxconn K8M890-8237A - [s390x] KVM: fix external call injection without sigp interpretation - [s390x] kdump: fix REGSET_VX_LOW vector register ELF notes - [s390x] KVM: virtio-ccw: don't overwrite config space values - [x86] KVM: properly restore LVT0 - [x86] KVM: make vapics_in_nmi_mode atomic - fs: Fix S_NOSEC handling - fs/ufs: revert "ufs: fix deadlocks introduced by sb mutex merge" - fs/ufs: restore s_lock mutex - vfs: Remove incorrect debugging WARN in prepend_path - vfs: Ignore unlocked mounts in fs_fully_visible - ufs: Fix warning from unlock_new_inode() - ufs: Fix possible deadlock when looking up directories - fs/ufs: restore s_lock mutex_init() [ Ben Hutchings ] * [ppc64el] Ignore ABI changes due to disabling HIBERNATION (fixes FTBFS) * [x86] kvm: fix kvm_apic_has_events to check for NULL pointer (CVE-2015-4692) -- Ben Hutchings Sat, 11 Jul 2015 04:58:05 +0100 linux (4.0.7-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.6 - crush: ensuring at most num-rep osds are selected - aio: fix serial draining in exit_aio() - net: core: Correct an over-stringent device loop detection. - [x86] bpf_jit: fix FROM_BE16 and FROM_LE16/32 instructions - [x86] bpf_jit: fix compilation of large bpf programs - net: phy: Allow EEE for all RGMII variants - netlink: Reset portid after netlink_insert failure - rtnl/bond: don't send rtnl msg for unregistered iface - tcp/ipv6: fix flow label setting in TIME_WAIT state - net/ipv6/udp: Fix ipv6 multicast socket filter regression - net: sched: fix call_rcu() race on classifier module unloads - ipv4: Avoid crashing in ip_error - cdc_ncm: Fix tx_bytes statistics - bridge: fix parsing of MLDv2 reports - net: dp83640: fix broken calibration routine. - net: dp83640: reinforce locking rules. - net: dp83640: fix improper double spin locking. - unix/caif: sk_socket can disappear when state is unlocked - xen/netback: Properly initialize credit_bytes - net_sched: invoke ->attach() after setting dev->qdisc - sctp: Fix mangled IPv4 addresses on a IPv6 listening socket - bridge: fix br_multicast_query_expired() bug - udp: fix behavior of wrong checksums (CVE-2015-5364) - tcp: fix child sockets to use system default congestion control if not set - xen: netback: read hotplug script once at start of day. - ipv4/udp: Verify multicast group is ours in upd_v4_early_demux() - be2net: Replace dma/pci_alloc_coherent() calls with dma_zalloc_coherent() - bridge: disable softirqs around br_fdb_update to avoid lockup - netlink: Disable insertions/removals during rehash - drivers/base: cacheinfo: handle absence of caches - n_tty: Fix auditing support for cannonical mode - [x86] iommu/vt-d: Allow RMRR on graphics devices too - [x86] iommu/vt-d: Fix passthrough mode with translation-disabled devices - ALSA: hda/realtek - Add a fixup for another Acer Aspire 9420 - ALSA: usb-audio: Add mic volume fix quirk for Logitech Quickcam Fusion - ALSA: usb-audio: don't try to get Outlaw RR2150 sample rate - ALSA: usb-audio: add MAYA44 USB+ mixer control names - ALSA: usb-audio: fix missing input volume controls in MAYA44 USB(+) - ALSA: usb-audio: add native DSD support for JLsounds I2SoverUSB - [armhf] dmaengine: pl330: Fix hang on dmaengine_terminate_all on certain boards - dmaengine: Fix choppy sound because of unimplemented resume - Input: alps - do not reduce trackpoint speed by half - Input: synaptics - add min/max quirk for Lenovo S540 - Input: elantech - fix detection of touchpads where the revision matches a known rate - Input: elantech - add new icbody type - block: fix ext_dev_lock lockdep report - block: discard bdi_unregister() in favour of bdi_destroy() - USB: cp210x: add ID for HubZ dual ZigBee and Z-Wave dongle - USB: serial: ftdi_sio: Add support for a Motion Tracker Development Board - usb: host: xhci: add mutex for non-thread-safe data - usb: make module xhci_hcd removable - [x86] asm/irq: Stop relying on magic JMP behavior for early_idt_handlers - [armhf] dts: am335x-boneblack: disable RTC-only sleep to avoid hardware damage - [x86] drm/amdkfd: fix topology bug with capability attr. - drm/radeon: use proper ACR regisiter for DCE3.2 - [x86] drm/i915/hsw: Fix workaround for server AUX channel clock divisor - [x86] drm/i915: Don't skip request retirement if the active list is empty - [x86] drm/i915: Fix DDC probe for passive adapters - drm/radeon: fix freeze for laptop with Turks/Thames GPU. - Revert "drm/radeon: don't share plls if monitors differ in audio support" - Revert "drm/radeon: adjust pll when audio is not enabled" - drm/radeon: Make sure radeon_vm_bo_set_addr always unreserves the BO - serial: imx: Fix DMA handling for IDLE condition aborts - [powerpc*] of/dynamic: Fix test for PPC_PSERIES - virtio_pci: Clear stale cpumask when setting irq affinity - [armel,armhf] bus: mvebu-mbus: do not set WIN_CTRL_SYNCBARRIER on non io-coherent platforms. - [armel,armhf] Revert "bus: mvebu-mbus: make sure SDRAM CS for DMA don't overlap the MBus bridge window" - [arm64] dts: mt8173-evb: fix model name - mm/memory_hotplug.c: set zone->wait_table to null after freeing it - md: Close race when setting 'action' to 'idle'. - md: don't return 0 from array_state_store - sched, numa: do not hint for NUMA balancing on VM_MIXEDMAP mappings - blk-mq: free hctx->ctxs in queue's release handler - cfg80211: wext: clear sinfo struct before calling driver - [armhf] irqchip: sunxi-nmi: Fix off-by-one error in irq iterator - Btrfs: send, add missing check for dead clone root - Btrfs: send, don't leave without decrementing clone root's send_progress - btrfs: incorrect handling for fiemap_fill_next_extent return - btrfs: cleanup orphans while looking up default subvolume - Btrfs: fix range cloning when same inode used as source and destination - Btrfs: fix uninit variable in clone ioctl - Btrfs: fix regression in raid level conversion https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.7 - crypto: caam - improve initalization for context state saves - crypto: caam - fix RNG buffer cache alignment - [x86] KVM: fix lapic.timer_mode on restore - ALSA: hda - adding a DAC/pin preference map for a HP Envy TS machine - tracing: Have filter check for balanced ops - iser-target: Fix variable-length response error completion - iser-target: Fix possible use-after-free - drm/mgag200: Reject non-character-cell-aligned mode widths - [x86] drm/i915: Always reset vma->ggtt_view.pages cache on unbinding - [x86] Revert "drm/i915: Don't skip request retirement if the active list is empty" - drm/radeon: Add RADEON_INFO_VA_UNMAP_WORKING query - ath3k: Add support of 0489:e076 AR3012 device - ath3k: add support of 13d3:3474 AR3012 device - b43: fix support for 14e4:4321 PCI dev with BCM4321 chipset - cdc-acm: Add support of ATOL FPrint fiscal printers - [armhf] EXYNOS: Fix failed second suspend on Exynos4 - [x86] kprobes: Return correct length in __copy_instruction() - dm: fix NULL pointer when clone_and_map_rq returns !DM_MAPIO_REMAPPED - [x86] drm/i915: Avoid GPU hang when coming out of s3 or s4 - [powerpc*] powernv: Restore non-volatile CRs after nap [ Ben Hutchings ] * mm: Re-enable ZBUD as module (Closes: #789094) * mm: Change ZSMALLOC from built-in to module * Revert "tcp: fix child sockets to use system default congestion control if not set" to avoid ABI change * [ppc64el] Disable HIBERNATION (Closes: #789070) * [mips*] Correct FP ISA requirements (Closes: #781892) * udeb: Add more drivers to sound-modules, thanks to Samuel Thibault (Closes: #782495) -- Ben Hutchings Mon, 06 Jul 2015 02:57:42 +0100 linux (4.0.5-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.5 - [x86] iommu/amd: Fix bug in put_pasid_state_wait (regression in 4.0) - [x86] fpu: Disable XSAVES* support for now (regression in 3.17) - [x86] KVM: MMU: fix smap permission check - [x86] kvm: fix crash in kvm_vcpu_reload_apic_access_page - [x86] KVM: MMU: fix SMAP virtualization - ktime: Fix ktime_divns to do signed division (regression in 3.17) - omfs: fix sign confusion for bitmap loop counter (regression in 3.18) - xfs: xfs_attr_inactive leaves inconsistent attr fork state behind - xfs: xfs_iozero can return positive errno (regression in 3.17) - ovl: don't remove non-empty opaque directory (regression in 4.0) - [armhf] mfd: da9052: Fix broken regulator probe (regression in 3.19) - libceph: request a new osdmap if lingering request maps to no osd - Revert "libceph: clear r_req_lru_item in __unregister_linger_request()" (regression in 3.18) - Btrfs: fix racy system chunk allocation when setting block group ro (regression in 4.0) - xen/events: don't bind non-percpu VIRQs with percpu chip - hwmon: (tmp401) Do not auto-detect chip on I2C address 0x37 - clk: add missing lock when call clk_core_enable in clk_set_parent (regression in 4.0) - brcmfmac: avoid null pointer access when brcmf_msgbuf_get_pktid() fails - lib: Fix strnlen_user() to not touch memory after specified maximum - vfs: d_walk() might skip too much - module: Call module notifier on failure after complete_formation() (regression in 3.16) - Revert "ALSA: hda - Add mute-LED mode control to Thinkpad" (regression in 4.0.3) - xhci: Solve full event ring by increasing TRBS_PER_SEGMENT to 256 - [powerpc*] mce: fix off by one errors in mce event handling (regression in 3.19) - pty: Fix input race when closing (regression in 3.19) - ext4: fix lazytime optimization - ext4: fix NULL pointer dereference when journal restart fails - ext4: check for zero length extent explicitly - jbd2: fix r_count overflows leading to buffer overflow in journal recovery - libata: Ignore spurious PHY event on LPM policy change - libata: Blacklist queued TRIM on all Samsung 800-series - [arm64] bpf: fix signedness bug in loading 64-bit immediate (regression in 3.18) - [x86] gpio: gpio-kempld: Fix get_direction return value - [s390x] crypto: ghash - Fix incorrect ghash icv buffer handling. - mac80211: move WEP tailroom size check - mac80211: don't use napi_gro_receive() outside NAPI context - [s390x] mm: correct return value of pmd_pfn (regression in 3.17) - [armhf] EXYNOS: Fix dereference of ERR_PTR returned by of_genpd_get_from_provider (regression in 4.0) - [arm*] fix missing syscall trace exit - [hppa] Fix crashes due to stack randomization on stack-grows-upwards architectures - kernfs: do not account ino_ida allocations to memcg - nfsd: fix the check for confirmed openowner in nfs4_preprocess_stateid_op - md/raid5: don't record new size if resize_stripes fails. - Revert "HID: logitech-hidpp: support combo keyboard touchpad TK820" (regression in 3.19) - [mips*] fix FP mode selection in lieu of .MIPS.abiflags data (regression in 4.0) - ACPI / init: Fix the ordering of acpi_reserve_resources() - iwlwifi: mvm: Free fw_status after use to avoid memory leak (regression in 3.19) - iwlwifi: pcie: prevent using unmapped memory in fw monitor - drm/plane-helper: Adapt cursor hack to transitional helpers (regression in 4.0) - drm/radeon/audio: make sure connector is valid in hotplug case - Revert "drm/radeon: only mark audio as connected if the monitor supports it (v3)" (regression in 4.0.3) - dm: fix casting bug in dm_merge_bvec() (regression in 3.19) - dm: fix reload failure of 0 path multipath mapping on blk-mq devices (regression in 4.0) - UBI: block: Add missing cache flushes - md: fix race when unfreezing sync_action (regression in 4.0) - fs/binfmt_elf.c:load_elf_binary(): return -EINVAL on zero-length mappings (regression in 4.0.2) [ Ben Hutchings ] * udeb: Remove i2o modules (fixes FTBFS on amd64) (Closes: #787004) * Revert "libata: Ignore spurious PHY event on LPM policy change" to avoid ABI change [ Ian Campbell ] * [armhf] Enable PCIe support for IMX6 boards. Patch from Vagrant Cascadian (Closes: #787029) * [armhf] Add stmmac-platform module to nic-modules udeb. (Closes: #786716) * [arm] Fix mvebu-mbus for non-io-coherent platforms. In particular armel/{orion5x,kirkwood}. * [armel/kirkwood]: Enable CONFIG_ARM_KIRKWOOD_CPUIDLE. (Closes: #787716) [ Uwe Kleine-König ] * [rt] Update to 4.0.5-rt3 -- Ben Hutchings Tue, 16 Jun 2015 15:40:49 +0100 linux (4.0.4-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.3 - bpf: fix 64-bit divide - route: Use ipv4_mtu instead of raw rt_pmtu (regression in 3.19) - cxgb4: Fix MC1 memory offset calculation (regression in 3.19) - [mips*] Revert "MIPS: Remove race window in page fault handling" (regression in 3.17) - [mips*] Fix race condition in lazy cache flushing. - [mips*/octeon] Remove udelay() causing huge IRQ latency - [mips*] Fix cpu_has_mips_r2_exec_hazard. - [mips*] asm: elf: Set O32 default FPU flags (regression in 4.0) - ALSA: emux: Fix mutex deadlock in OSS emulation - cdc-acm: prevent infinite loop when parsing CDC headers. (regression in 4.0) - [arm64] dma-mapping: always clear allocated buffers - [arm64] add missing PAGE_ALIGN() to __dma_free() - [armhf] usb: chipidea: otg: remove mutex unlock and lock while stop and start role (regression in 3.16) - btrfs: unlock i_mutex after attempting to delete subvolume during send (regression in 3.16) - [x86] ACPI / SBS: Enable battery manager when present (regression in 3.18) - rbd: end I/O the entire obj_request on error - ext4: fix data corruption caused by unwritten and delayed extents (Closes: #785672) - ext4: move check under lock scope to close a race. - SCSI: add 1024 max sectors black list flag (regression in 3.19) - 3w-xxxx: fix command completion race - 3w-9xxx: fix command completion race - 3w-sas: fix command completion race - drm/radeon: fix lockup when BOs aren't part of the VM on release - drm/radeon: reset BOs address after clearing it. - drm/radeon: check new address before removing old one - hfsplus: don't store special "osx" xattr prefix on-disk https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.4 - [x86] spinlocks: Fix regression in spinlock contention detection (regression in 4.0) - [x86] ACPI / SBS: Add 5 us delay to fix SBS hangs on MacBook (regression in 3.18) - [x86] PCI/ACPI: Make all resources except [io 0xcf8-0xcff] available on PCI bus (regression in 4.0) - ACPI / PNP: add two IDs to list for PNPACPI device enumeration (regression in 3.16) - ocfs2: dlm: fix race between purge and get lock resource - nilfs2: fix sanity check of btree level in nilfs_btree_root_broken() - mnt: Fix fs_fully_visible to verify the root directory is visible - mm/memory-failure: call shake_page() when error hits thp tail page - vfio: Fix runaway interruptible timeout (regression in 4.0) - Revert "dm crypt: fix deadlock when async crypto algorithm returns -EBUSY" (regression in 4.0.2) - block: destroy bdi before blockdev is unregistered. (regression in 4.0) - blk-mq: fix race between timeout and CPU hotplug - blk-mq: fix CPU hotplug handling - [armhf] dts: imx6: phyFLEX: USB VBUS control is active-high (regression in 3.16) - [armhf] mvebu: armada-xp-openblocks-ax3-4: Disable internal RTC - [armhf] OMAP2+: Fix omap off idle power consumption creeping up (regression in 3.16) - [armel,armhf] net fix emit_udiv() for BPF_ALU | BPF_DIV | BPF_K intruction. - drm: Zero out invalid vblank timestamp in drm_update_vblank_count. (regression in 3.17) - [x86] drm/i915/dp: there is no audio on port A - [x86] drm/amdkfd: allow unregister process with queues - drm/radeon: disable semaphores for UVD V1 (v2) - drm/radeon: don't setup audio on asics that don't support it - drm/radeon: fix userptr BO unpin bug v3 - drm/radeon: make VCE handle check more strict - drm/radeon: make UVD handle checking more strict - drm/radeon: more strictly validate the UVD codec - pinctrl: Don't just pretend to protect pinctrl_maps, do it for real - mmc: card: Don't access RPMB partitions for normal read/write [ Ben Hutchings ] * Fix error messages at boot on systems without an RTC (Closes: #784146): - rtc: hctosys: do not treat lack of RTC device as error - rtc: hctosys: use function name in the error log * [rt] Update to 4.0.4-rt1 and re-enable * linux-image: Depend on kmod without an alternative of module-init-tools * linux-image: Add versioned Breaks on udev (<< 208-8~) due to #752742 and #756312 * [i386] pnp: Disable PNPBIOS_PROC_FS * [arm64] USB: Add support for XHCI on APM Mustang (Closes: #785707) - Change USB_XHCI_HCD to built-in and enable USB_XHCI_PLATFORM as built-in - Make xhci platform driver use 64 bit or 32 bit DMA - Add support for ACPI identification to xhci-platform * md/raid0: fix restore to sector variable in raid0_make_request (Closes: #786372) (regression in 4.0.2) * [x86] e1000e: Add support for Sunrise Point (i219) (Closes: #784546) * [x86] config: Enable NEED_DMA_MAP_STATE by default when SWIOTLB is selected (Closes: #786551) * cdc_ncm: Fix tx_bytes statistics (regression in 4.0) * [armhf] USB: musb: Fix order of conditions for assigning end point operations (regression in 3.19) * [armel/{kirkwood,orion5x}] Disable PM again to reduce kernel image size * [armel/kirkwood] Enable DEBUG_MVEBU_UART0_ALTERNATE, replacing DEBUG_MVEBU_UART_ALTERNATE * i2o: Disable I2O * [x86] vmwgfx: Enable DRM_VMWGFX_FBCON (Closes: #714929) * media: Enable DVB_SMIPCIE as module (Closes: #785153) * Bump ABI to 2 * [x86] i2c: Change I2C to built-in and enable ACPI_I2C_OPREGION (Closes: #778896) * usb-storage: Enable USB_UAS for the third time, hoping that it's finally robust enough (Closes: #749014) * zram: Enable ZRAM_LZ4_COMPRESS (Closes: #770958) * HID: Enable HID_BATTERY_STRENGTH (Closes: #783214) * [x86] ALSA: Enable SND_SOC_INTEL_BROADWELL_MACH as module (Closes: #785422) [ Ian Campbell ] * [armhf+arm64] Enabled generic SYSCON regmap reset driver * [arm64] Enable PCI support and related modules, adjusting udeb module lists for new modules. * [arm64] Build XHCI platform drivers as a module. -- Ben Hutchings Tue, 26 May 2015 02:30:06 +0100 linux (4.0.2-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.1 - udptunnels: Call handle_offloads after inserting vlan tag. - tcp: tcp_make_synack() should clear skb->tstamp - bnx2x: Fix busy_poll vs netpoll - bpf: fix verifier memory corruption - Revert "net: Reset secmark when scrubbing packet" - skbuff: Do not scrub skb mark within the same name space - fs: take i_mutex during prepare_binprm for set[ug]id executables (CVE-2015-3339) * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.2 - tcp: fix possible deadlock in tcp_send_fin() - tcp: avoid looping in tcp_send_fin() (regression in 4.0) - net: do not deplete pfmemalloc reserve - net: fix crash in build_skb() - net: rfs: fix crash in get_rps_cpus() (regression in 4.0) - md: fix md io stats accounting broken (regression in 3.19) - [x86] perf/intel: Fix Core2,Atom,NHM,WSM cycles:pp events (regression in 3.19) - [x86] fix special __probe_kernel_write() tail zeroing case (regression in 4.0) - Btrfs: fix log tree corruption when fs mounted with -o discard - btrfs: don't accept bare namespace as a valid xattr - Btrfs: fix inode eviction infinite loop after cloning into it - Btrfs: fix inode eviction infinite loop after extent_same ioctl - mm/hugetlb: use pmd_page() in follow_huge_pmd() (regression in 4.0) - [powerpc] hugetlb: Call mm_dec_nr_pmds() in hugetlb_free_pmd_range() (regression in 4.0) - [s390x] KVM: fix handling of write errors in the tpi handler - [s390x] KVM: reinjection of irqs can fail in the tpi handler - [s390x] KVM: fix get_all_floating_irqs (regression in 3.15) - [s390x] hibernate: fix save and restore of kernel text section - KVM: use slowpath for cross page cached accesses - [arm*] KVM: check IRQ number on userland injection - [x86] KVM: VMX: Preserve host CR4.MCE value while in guest mode. - [mips*el] Loongson-3: Add IRQF_NO_SUSPEND to Cascade irqaction (regression in 3.19) - [mips*] Hibernate: flush TLB entries earlier - md/raid0: fix bug with chunksize not a power of 2. - [armhf] spi: imx: read back the RX/TX watermark levels earlier (regression in 3.18) - ring-buffer: Replace this_cpu_*() with __this_cpu_*() - NFS: fix BUG() crash in notify_change() with patch to chown_common() - [armhf] fix broken hibernation (regression in 3.16) - [armel,armhf] 8320/1: fix integer overflow in ELF_ET_DYN_BASE - ALSA: emu10k1: don't deadlock in proc-functions - Input: alps - fix touchpad buttons getting stuck when used with trackpoint (regression in 4.0) - mfd: core: Fix platform-device name collisions (regression in 3.19) - fs/binfmt_elf.c: fix bug in loading of PIE binaries - ptrace: fix race between ptrace_resume() and wait_task_stopped() - ext4: make fsync to sync parent dir in no-journal for real this time - mnt: Prevent circumvention of locked mounts using umount(MNT_DETACH) (CVE-2014-9717) - tpm: fix: sanitized code paths in tpm_chip_register() (regression in 4.0) - [powerpc/powerpc64,ppc64*] perf: Cap 64bit userspace backtraces to PERF_MAX_STACK_DEPTH (Closes: #784278) - UBI: account for bitflips in both the VID header and data - UBI: fix out of bounds write - UBI: fix check for "too many bytes" - target: Fix COMPARE_AND_WRITE with SG_TO_MEM_NOALLOC handling - target/file: Fix SG table for prot_buf initialization - [arm64] head.S: ensure visibility of page tables (regression in 3.15) - [arm64] errata: add workaround for cortex-a53 erratum #845719 - [powerpc/powerpc64,ppc64*] powernv: Don't map M64 segments using M32DT (regression in 3.17) - [powerpc/powerpc64,ppc64] cell: Fix crash in iic_setup_cpu() after per_cpu changes (regression in 3.19) - [powerpc/powerpc64,ppc64] cell: Fix cell iommu after it_page_shift changes - [i386/686-pae] ACPICA: Utilities: split IO address types from data type models. - ACPICA: Store GPE register enable masks upfront (regression in 3.19) - [armhf] clk: samsung: exynos4: Disable ARMCLK down feature on Exynos4210 SoC (regression in 3.17) - [armhf] clk: tegra: Use the proper parent for plld_dsi (regression in 4.0) - [armhf] serial: imx: Fix clearing of receiver overrun flag - serial: 8250: Check UART_SCR is writable (regression in 4.0) - sd: Unregister integrity profile (regression in 3.18) - sd: Fix missing ATO tag check (regression in 3.18) - [x86] Drivers: hv: vmbus: Fix a bug in the error path in vmbus_open() - IB/core: disallow registering 0-sized memory region - IB/iser: Fix wrong calculation of protection buffer length (regression in 3.16) - i2c: Mark adapter devices with pm_runtime_no_callbacks (regression in 4.0) - [armhf] drm/exynos: Enable DP clock to fix display on Exynos5250 and other (regression in 4.0) - [x86] drm/i915: vlv: fix save/restore of GFX_MAX_REQ_COUNT reg (regression in 3.16) - [x86] drm/i915: cope with large i2c transfers - vfs: RCU pathwalk breakage when running into a symlink overmounting something - Revert "nfs: replace nfs_add_stats with nfs_inc_stats when add one" (regression in 3.19) - nfsd4: disallow ALLOCATE with special stateids (regression in 3.19) - nfsd4: fix READ permission checking (regression in 3.16) - nfsd4: disallow SEEK with special stateids (regression in 3.18) - nfsd: eliminate NFSD_DEBUG (regression of linux-libc-dev in 3.19) - nfs: fix high load average due to callback thread sleeping (regression in 4.0) - nfs: fix DIO good bytes calculation (regression in 4.0) - nfs: remove WARN_ON_ONCE from nfs_direct_good_bytes - NFS: Add a stub for GETDEVICELIST (regression in 3.18) - sched/deadline: Always enqueue on previous rq when dl_task_timer() fires (regression in 4.0) - mac80211: send AP probe as unicast again (regression in 3.19) - lib: memzero_explicit: use barrier instead of OPTIMIZER_HIDE_VAR - [armhf] crypto: omap-aes - Fix support for unequal lengths - memstick: mspro_block: add missing curly braces - drivers: platform: parse IRQ flags from resources (regression in 3.18) [ Ben Hutchings ] * debian.py,gencontrol.py: Fix the version sanity checks for backports and security/LTS uploads * ipv4: Missing sk_nulls_node_init() in ping_unhash() (CVE-2015-3636) * [armel/orion5x] Increase maximum kernel image size to ~2 MB, removing support for DNS-323 (fixes FTBFS) - Re-enable BLK_DEV_INTEGRITY, SCSI_UFSHCD, TCM_IBLOCK, AUDIT, USER_NS, PCI_QUIRKS, FTRACE, DEBUG_BUGVERBOSE, SECURITY - Enable DYNAMIC_DEBUG, FRONTSWAP * [arm64,armhf,powerpcspe,x86] gpio: Explicitly enable GPIOLIB, as some drivers now depend on rather than selecting it (fixes FTBFS on i386) * [x86] thermal: Enable INT340X_THERMAL as module, replacing ACPI_INT3403_THERMAL * [x86] Re-enable IOSF_MBI and INTEL_RAPL as modules * sound: Enable SND_USB_POD, SND_USB_PODHD, SND_USB_TONEPORT, SND_USB_VARIAX as modules, replacing LINE6_USB * media/rc: Enable IR_IGORPLUGUSB as module, replacing LIRC_IGORPLUGUSB * [amd64] misc: Enable INTEL_MIC_BUS and re-enable INTEL_MIC_HOST as modules * sound/firewire: Enable SND_OXFW as module, replacing SND_FIREWIRE_SPEAKERS * [x86] Enable DW_DMAC and re-enable SND_SOC_INTEL_HASWELL_MACH, SND_SOC_INTEL_BYT_RT5640_MACH, SND_SOC_INTEL_BYT_MAX98090_MACH as modules * [x86] tpm: Enable TCG_TIS_I2C_ST33 as module, replacing TCG_ST33_I2C * [armel/kirkwood] regulator: Re-enable REGULATOR, REGULATOR_FIXED_VOLTAGE * [armel/kirkwood] sound: Enable SND_SIMPLE_CARD as module, replacing SND_KIRKWOOD_SOC_OPENRD, SND_KIRKWOOD_SOC_T5325; re-enable SND_SOC_ALC5623, SND_SOC_CS42L51_I2C as modules * [alpha,armel/kirkwood,hppa,ia64,mips*/{octeon,sb1-bcm91250a}] Re-enable PM * [armel/orion5x] Enable PM * [armhf] sound: Enable SND_SIMPLE_CARD as module * path_openat(): fix double fput() * [x86] serial: Enable SERIAL_8250_DW as built-in * [armhf] Enable ARM_ERRATA_430973 (Closes: #768890), ARM_ERRATA_643719, ARM_ERRATA_754327, ARM_ERRATA_773022 * [x86] nfc: Enable NFC_HCI, NFC_MEI_PHY, NFC_PN544, NFC_PN544_MEI as modules (Closes: #770323) * Set ABI to 1 * mnt: Add missing pieces of fix for CVE-2014-9717: - mnt: Fail collect_mounts when applied to unmounted mounts - fs_pin: Allow for the possibility that m_list or s_list go unused. [ Ian Campbell ] * [armhf] Enable support for Freescale SNVS RTC. (Closes: #782364) * [armhf] Add ehci-orion module to usb-modules udeb. (Closes: #783324) * [armhf] imx-hdmi module is now called dw_hdmi-imx, so update fb-modules udeb. Patches from both Vagrant Cascadian and Wookey. (Closes: #783275) * [arm*] Install DTBS using dtbs_install target. (Closes: #784761) -- Ben Hutchings Mon, 11 May 2015 04:29:06 +0100 linux-tools (4.0.2-1) unstable; urgency=medium * New upstream release * Thanks to Luca Boccassi and Lukas Wunner for some hints on upgrading to 4.0 (Closes: #778588) * debian/control: Add gcc-multilib to Build-Depends in order to build perf-read-vdso{,x}32 * linux-tools: Install perf-read-vdso{,x}32 in versioned directory under /usr/lib * linux-tools: Set ARCH=x86 when building perf for amd64, i386 or x32 * linux-kbuild: Include Makefile.kasan (Closes: #783681) * linux-kbuild: Enable Large File Support (Closes: #778942) -- Ben Hutchings Mon, 11 May 2015 03:53:12 +0100 linux (4.0-1~exp1) experimental; urgency=medium * New upstream release: http://kernelnewbies.org/Linux_4.0 [ Ben Hutchings ] * [i386,s390] Remove 64-bit kernel flavours, which are also available through multiarch * [x86] Enable PARAVIRT_SPINLOCKS -- maximilian attems Tue, 21 Apr 2015 21:46:47 +0200 linux (3.19.3-1~exp1) experimental; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.2 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.3 -- maximilian attems Sun, 29 Mar 2015 20:14:33 +0200 linux (3.19.1-1~exp1) experimental; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.1 - Bluetooth: ath3k: workaround the compatibility issue with xHCI controller (Closes: #778463) - random: Fix fast_mix() function (regression in 3.17) - xfs: inode unlink does not set AGI buffer type - xfs: set buf types when converting extent formats - xfs: set superblock buffer type correctly - iwlwifi: mvm: validate tid and sta_id in ba_notif - iwlwifi: mvm: fix failure path when power_update fails in add_interface (regression in 3.15) - HID: i2c-hid: Limit reads to wMaxInputLength bytes for input events (regression in 3.19) - cpufreq: Set cpufreq_cpu_data to NULL before putting kobject - [xen] manage: Fix USB interaction issues when resuming (regression in 3.17) - [xen] xen-scsiback: mark pvscsi frontend request consumed only after last read - megaraid_sas: endianness related bug fixes and code optimization - rc-main: Re-apply filter for no-op protocol change (regression in 3.17) - proc/pagemap: walk page tables under pte lock - NFS: struct nfs_commit_info.lock must always point to inode->i_lock (regression in 3.17) - [mips*] asm: asmmacro: Replace "add" instructions with "addu" - mm/hugetlb: pmd_huge() returns true for non-present hugepage - blk-mq: fix double-free in error path - nfs41: .init_read and .init_write can be called with valid pg_lseg (regression in 3.15) - SUNRPC: NULL utsname dereference on NFS umount during namespace cleanup - NFSv4: Ensure we reference the inode for return-on-close in delegreturn - NFSv4.1: Fix a kfree() of uninitialised pointers in decode_cb_sequence_args - sg: fix unkillable I/O wait deadlock with scsi-mq - sg: fix EWOULDBLOCK errors with scsi-mq - iscsi-target: Drop problematic active_ts_list usage - cipso: don't use IPCB() to locate the CIPSO IP option (regression in 3.18) - ring-buffer: Do not wake up a splice waiter when page is not full (regression in 3.18) - tty: Remove warning in tty_lock_slave() (regression in 3.19) - tty: Prevent untrappable signals from malicious program - USB: fix use-after-free bug in usb_hcd_unlink_urb() - [armhf] usb: dwc3: gadget: add missing spin_lock() (regression in 3.19) - usb: core: buffer: smallest buffer should start at ARCH_DMA_MINALIGN - cdc-acm: add sanity checks - ntp: Fixup adjtimex freq validation on 32-bit systems (regression in 3.19) - udf: Check length of extended attributes and allocation descriptors - [s390*] KVM: forward hrtimer if guest ckc not pending yet (regression in 3.17) - [s390*] KVM: base hrtimer on a monotonic clock - [s390*] KVM: floating irqs: fix user triggerable endless loop - [s390*] KVM: avoid memory leaks if __inject_vm() fails - gpiolib: of: allow of_gpiochip_find_and_xlate to find more than one chip per node (regression in 3.19) - sb_edac: Fix detection on SNB machines (regression in 3.18) - jffs2: fix handling of corrupted summary length - samsung-laptop: Add use_native_backlight quirk, and enable it on some models (regression in 3.16) - libceph: fix double __remove_osd() problem - btrfs: fix leak of path in btrfs_find_item - Btrfs: fix fsync data loss after adding hard link to inode - blk-throttle: check stats_cpu before reading it from sysfs - [x86] efi: Avoid triple faults during EFI mixed mode calls - [x86][xen] irq: Fix regression in 3.19 - Replace ACCESS_ONCE of non-scalar types with READ_ONCE - kernel: tighten rules for ACCESS_ONCE - [x86] spinlocks/paravirt: Fix memory corruption on unlock - quota: Store maximum space limit in bytes [ Ben Hutchings ] * [armhf] Drop sun7i device tree patches which are included in 3.19 (fixes FTBFS) (Closes: #779799) * nfsd: Enable NFSD_V4_SECURITY_LABEL [ Helge Deller ] * [hppa] Add virtio udeb modules * [alpha] Add debian-installer udeb packages * [alpha] Drop alpha-legacy kernel image -- Ben Hutchings Sun, 08 Mar 2015 15:29:45 +0000 linux (3.19-1~exp1) experimental; urgency=medium * New upstream release: http://kernelnewbies.org/Linux_3.19 * Enable SCSI_AM53C974 where tmscim was enabled. -- maximilian attems Thu, 12 Feb 2015 23:41:05 +0100 linux (3.18.6-1~exp1) experimental; urgency=medium [ Ben Hutchings ] * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.6 -- maximilian attems Sat, 07 Feb 2015 22:38:37 +0100 linux-tools (3.18.5-1~exp1) experimental; urgency=medium * New upstream release * linux-tools: Fix build configuration to avoid linking perf with libbfd (Closes: #763002) * linux-tools: Add a check that perf is not linked with libbfd * [arm64] Enable building linux-tools, thanks to Steve Capper (Closes: #771340) * [armel,armhf] linux-tools: Enable use of libunwind * [hppa,sparc] linux-tools: Enable use of libnuma * [mips*,powerpcspe,x32] Enable building linux-tools -- Ben Hutchings Sun, 01 Feb 2015 02:53:07 +0100 linux (3.18.5-1~exp1) experimental; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.4 - [hppa] fix out-of-register compiler error in ldcw inline assembler function https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.5 [ Helge Deller ] * [hppa] Enable CONFIG_PPDEV to avoid CUPS complaining with systemd -- maximilian attems Sat, 31 Jan 2015 22:20:40 +0100 linux (3.18.3-1~exp1) experimental; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.1 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.2 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.3 [ Ian Campbell ] * [armel/kirkwood]: Enable DEBUG_MVEBU_UART_ALTERNATE to match the behaviour of previous boardfile based kirkwood kernels. Otherwise the kernel silently crashes during boot. * [armel/kirkwood]: Add versioned breaks on flash-kernel << 3.30~, versions before this do not append a DTB on all platforms. This is required now that board file support is removed. * Add xhci-pci and xhci-plat-hcd to usb-modules udeb. (Inspired by #770912). * [armhf/armmp]: Enable support for Tegra124 based platforms. [ Helge Deller ] * [hppa] udeb: Fix duplicate modules in ata-modules, pata-modules (Closes: #770102) * [hppa] Create build-dependencies on binutils-hppa64 and gcc-4.9-hppa64 [ Ben Hutchings ] * [sh4] ftrace: Remove -m32 option from recordmcount.pl (Closes: #775611) -- Ben Hutchings Sun, 18 Jan 2015 20:48:06 +0000 linux (3.18-1~exp1) experimental; urgency=medium * New upstream release: http://kernelnewbies.org/Linux_3.18 [ Ben Hutchings ] * Remove aufs * vfs: Enable OVERLAY_FS as module * drivers/base: Disable UEVENT_HELPER, only needed for compatibility with wheezy's udev package * net: Enable 6LOWPAN as module; re-enable BT_6LOWPAN and IEEE802154_6LOWPAN as modules * net: Enable GENEVE as module; enable OPENVSWITCH_GENEVE * ipv4: Enable TCP_CONG_DCTCP as module * netfilter: Enable IP6_NF_NAT, IP_SET_HASH_MAC, IP_VS_FO, NF_LOG_ARP, NF_LOG_BRIDGE, NFT_BRIDGE_REJECT, NFT_MASQ, NFT_MASQ_IPV4, NFT_MASQ_IPV6 as modules * SCSI,xen: Enable XEN_SCSI_FRONTEND, XEN_SCSI_BACKEND as modules * SCSI: Re-enable LIBFCOE, FCOE, FCOE_FNIC, SCSI_BNX2X_FCOE as modules * drivers/net: Enable ET131X as module for all architectures * wireless: Enable BRCMFMAC as module for all architectures; enable BRCMFMAC_USB and BRCMFMAC_PCIE * wireless: Enable RTL8192EE, RTL8821AE as modules for all architectures (replacing R8192EE, R8821AE for x86 only) * media: Enable VIDEO_VIVID as module (replacing VIDEO_VIVI) * [armel/kirkwood] Enable ARCH_MULTI_V5, ARCH_MVEBU, MACH_KIRKWOOD and MACH_NETXBIG, replacing ARCH_KIRKWOOD etc. * [powerpc/powerpc64,ppc64*] Enable SCSI_IBMVFC as module, replacing SCSI_IBMVSCSIS * input/tablet: Enable TABLET_SERIAL_WACOM4 as module * media: Enable MEDIA_SDR_SUPPORT; enable DVB_PT3, DVB_USB_DVBSKY, USB_AIRSPY, USB_HACKRF, VIDEO_TW68 as modules; enable VIDEO_SOLO6X10 as module on all architectures (replacing SOLO6X10 on x86); enable USB_MSI2500 on all architectures (replacing USB_MSI3101 on x86) * au0828: Enable VIDEO_AU0828_RC * HID,gpio,i2c: Enable HID_CP2112 as module * HID: Enable HID_PENMOUNT as module * USB,leds: Enable USB_LED_TRIG * leds: Disable LEDS_PCA9532, apparently only needed on armel/iop32x * [x86] platform: Enable TOSHIBA_HAPS as module * [x86] serial: Enable SERIAL_8250_FINTEK as module * [x86] Enable MFD_MENF21BMC, LEDS_MENF21BMC, SENSORS_MENF21BMC_HWMON, MENF21BMC_WATCHDOG as modules * [x86] edac: Enable EDAC_IE31200 as module * [x86] drivers/crypto: Enable CRYPTO_DEV_QAT_DH895xCC as module * [x86] comedi: Enable COMEDI_NI_USB6501 as module * [armel] Change configuration to reduce kernel image size (fixes FTBFS) - [/kirkwood] netlink: Disable NETLINK_MMAP - [/kirkwood] cgroups: Disable MEMCG - [/kirkwood] Disable CHECKPOINT_RESTORE - [/kirkwood] mm: Disable COMPACTION, KSM - [/kirkwood] crypto: Disable CRYPTO_FIPS - [/kirkwood] power: Disable HIBERNATION, PM_RUNTIME - [/orion5x] mm: Disable COMPACTION, MIGRATION - [/orion5x] block: Disable BLK_DEV_INTEGRITY - [/orion5x] SCSI: Disable SCSI_UFSHCD - [/orion5x] target: Disable TCM_IBLOCK - [/orion5x] Disable AUDIT, DEBUG_BUGVERBOSE, PROFILING, OPROFILE, RD_LZO * [armel] Include size of appended DTBs in image size check -- Ben Hutchings Thu, 11 Dec 2014 00:43:21 +0000 linux (3.17.4-1~exp1) experimental; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.1 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.2 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.3 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4 [ Ben Hutchings ] * Set ABI to trunk * aufs: Update to aufs3.17-20141020: - support for AT_EMPTY_PATH/LOOKUP_EMPTY - Show union filesystem paths in /proc/*/map_files/* - bugfix, fix the returning size of the branch attr * Compile with gcc-4.9 (except for ia64,m68k,s390*,sh4) -- maximilian attems Mon, 24 Nov 2014 00:00:27 +0100 linux-tools (3.17-1~exp1) experimental; urgency=medium * New upstream release - usbip userspace moved to tools/usb/usbip -- Ben Hutchings Fri, 17 Oct 2014 14:58:51 +0200 linux (3.17-1~exp1) experimental; urgency=medium * New upstream release: http://kernelnewbies.org/Linux_3.17 * armel: Drop ixp4xx image. * topconfig: Reenable renamed IP_NF_NAT. (closes #762458) * udeb: refix renamed i2c-core. -- maximilian attems Tue, 14 Oct 2014 23:01:39 +0200 linux (3.17~rc5-1~exp1) experimental; urgency=medium * New upstream release candidate [ Ben Hutchings ] * aufs: Update to aufs3.x-rcN-20140908 [ maximilian attems ] * udeb: fix renamed i2ccore. -- maximilian attems Thu, 18 Sep 2014 23:50:00 +0200 linux (3.16.7-ckt9-3) unstable; urgency=high [ Ben Hutchings ] * [x86] crypto: aesni - fix memory usage in GCM decryption (Closes: #782561) (CVE-2015-3331) * tcp: Fix crash in TCP Fast Open (Closes: #782515) (CVE-2015-3332) * kernel: Provide READ_ONCE and ASSIGN_ONCE * Replace use of ACCESS_ONCE on non-scalar types with READ_ONCE or barriers as appropriate * kernel: tighten rules for ACCESS ONCE * kernel: Change ASSIGN_ONCE(val, x) to WRITE_ONCE(x, val) * fs: take i_mutex during prepare_binprm for set[ug]id executables (CVE-2015-3339) [ Ian Campbell ] * [xen] release per-queue Tx and Rx resource when disconnecting, fixing network after save/restore or migration. (Closes: #782698) -- Ben Hutchings Thu, 23 Apr 2015 16:41:27 +0100 linux (3.16.7-ckt9-2) unstable; urgency=medium * btrfs: simplify insert_orphan_item (Closes: #782362) -- Ben Hutchings Mon, 13 Apr 2015 02:01:54 +0100 linux (3.16.7-ckt9-1) unstable; urgency=medium * New upstream stable update: http://kernel.ubuntu.com/stable/ChangeLog-3.16.7-ckt8 - usb: core: buffer: smallest buffer should start at ARCH_DMA_MINALIGN - btrfs: fix leak of path in btrfs_find_item - tpm_tis: verify interrupt during init - xfs: ensure buffer types are set correctly - xfs: inode unlink does not set AGI buffer type - xfs: set buf types when converting extent formats - xfs: set superblock buffer type correctly - [s390*] KVM: avoid memory leaks if __inject_vm() fails - samsung-laptop: Add use_native_backlight quirk, and enable it on some models (regression in 3.14) - staging: comedi: comedi_compat32.c: fix COMEDI_CMD copy back - nfs: don't call blocking operations while !TASK_RUNNING - cdc-acm: add sanity checks - USB: fix use-after-free bug in usb_hcd_unlink_urb() - iwlwifi: mvm: fix failure path when power_update fails in add_interface - tty: Prevent untrappable signals from malicious program - cpufreq: Set cpufreq_cpu_data to NULL before putting kobject - nfs41: .init_read and .init_write can be called with valid pg_lseg (regression in 3.15) - mei: mask interrupt set bit on clean reset bit (regression in 3.16.7-ckt5) - [s390*] KVM: floating irqs: fix user triggerable endless loop - cfq-iosched: handle failure of cfq group allocation - tracing: Fix unmapping loop in tracing_mark_write - fsnotify: fix handling of renames in audit - blk-mq: fix double-free in error path - NFSv4.1: Fix a kfree() of uninitialised pointers in decode_cb_sequence_args - mm/hugetlb: pmd_huge() returns true for non-present hugepage - mm/hugetlb: take page table lock in follow_huge_pmd() - mm/hugetlb: fix getting refcount 0 page in hugetlb_fault() - mm/hugetlb: add migration/hwpoisoned entry check in hugetlb_change_protection - mm/hugetlb: add migration entry check in __unmap_hugepage_range - iscsi-target: Drop problematic active_ts_list usage - mm/memory.c: actually remap enough memory - mm: hwpoison: drop lru_add_drain_all() in __soft_offline_page() (regression in 3.11) - jffs2: fix handling of corrupted summary length - dm mirror: do not degrade the mirror on discard error - dm io: reject unsupported DISCARD requests with EOPNOTSUPP - NFS: struct nfs_commit_info.lock must always point to inode->i_lock (regression in 3.16.4) - target: Add missing WRITE_SAME end-of-device sanity check - target: Check for LBA + sectors wrap-around in sbc_parse_cdb - Btrfs: fix fsync data loss after adding hard link to inode - sg: fix read() error reporting - IB/qib: Do not write EEPROM - [amd64] EDAC, amd64_edac: Prevent OOPS with >16 memory controllers (regression in 3.11) - md/raid5: Fix livelock when array is both resyncing and degraded. - locking/rtmutex: Avoid a NULL pointer dereference on deadlock (regression in 3.16) - time: adjtimex: Validate the ADJ_FREQUENCY values - ntp: Fixup adjtimex freq validation on 32-bit systems - dm: fix a race condition in dm_get_md - dm snapshot: fix a possible invalid memory access on unload - libceph: fix double __remove_osd() problem - blk-throttle: check stats_cpu before reading it from sysfs - debugfs: leave freeing a symlink body until inode eviction - procfs: fix race between symlink removals and traversals - autofs4 copy_dev_ioctl(): keep the value of ->size we'd used for allocation - clk-gate: fix bit # check in clk_register_gate() (regression in 3.11) - [powerpc*] kernel: Avoid memory corruption at early stage (regression in 3.14) - GFS2: Fix crash during ACL deletion in acl max entry check in gfs2_set_acl() (regression in 3.14) - net: llc: use correct size for sysctl timeout entries (CVE-2015-2041) - net: rds: use correct size for max unacked packets and bytes (CVE-2015-2042) - HID: i2c-hid: Limit reads to wMaxInputLength bytes for input events (regression in 3.16.7-ckt4) - net: sctp: fix race for one-to-many sockets in sendmsg's auto associate - ipv6: mld: fix add_grhead skb_over_panic for devs with large MTUs - IB/core: When marshaling ucma path from user-space, clear unused fields (regression in 3.14) - IB/core: Fix deadlock on uverbs modify_qp error flow (regression in 3.14) - IB/mlx4: Fix wrong usage of IPv4 protocol for multicast attach/detach (regression in 3.14) - IB/iser: Use correct dma direction when unmapping SGs (regression in 3.15) - staging: comedi: cb_pcidas64: fix incorrect AI range code handling - target: Fix R_HOLDER bit usage for AllRegistrants - target: Avoid dropping AllRegistrants reservation during unregister - target: Allow AllRegistrants to re-RESERVE existing reservation - target: Allow Write Exclusive non-reservation holders to READ - vhost/scsi: potential memory corruption - mm: softdirty: unmapped addresses between VMAs are clean - proc/pagemap: walk page tables under pte lock http://kernel.ubuntu.com/stable/ChangeLog-3.16.7-ckt9 - netfilter: nft_compat: fix module refcount underflow - netfilter: xt_socket: fix a stack corruption bug - ipvs: add missing ip_vs_pe_put in sync code - flowcache: Fix kernel panic in flow_cache_flush_task (regression in 3.15) - tcp: make sure skb is not shared before using skb_get() (regression in 3.16) - gen_stats.c: Duplicate xstats buffer for later use - ematch: Fix auto-loading of ematch modules. - openvswitch: Fix net exit. - net: reject creation of netdev names with colons - macvtap: make sure neighbour code can push ethernet header - udp: only allow UFO for packets from SOCK_DGRAM sockets - gpiolib: of: allow of_gpiochip_find_and_xlate to find more than one chip per node (regression in 3.16.7-ckt6) - [x86] drm/i915: Check obj->vma_list under the struct_mutex (regression in 3.15) - ALSA: hda - Disable runtime PM for Panther Point again (regression in 3.14) - nilfs2: fix potential memory overrun on inode - [armhf] usb: dwc3: dwc3-omap: Fix disable IRQ - [i386] KVM: emulate: fix CMPXCHG8B on 32-bit hosts - xhci: Allocate correct amount of scratchpad buffers - USB: usbfs: don't leak kernel data in siginfo - efi/libstub: Fix boundary checking in efi_high_alloc() - USB: serial: fix potential use-after-free after failed probe - USB: serial: fix tty-device error handling at probe - staging: comedi: adv_pci1710: fix AI INSN_READ for non-zero channel - mei: make device disabled on stop unconditionally - NFSv4: Don't call put_rpccred() under the rcu_read_lock() - btrfs: fix lost return value due to variable shadowing - eCryptfs: don't pass fs-specific ioctl commands through - drm/radeon: fix DRM_IOCTL_RADEON_CS oops - [armhf] ASoC: omap-pcm: Correct dma mask - [amd64] x86/asm/entry/64: Remove a bogus 'ret_from_fork' optimization (CVE-2015-2830) - Btrfs: fix data loss in the fast fsync path - Btrfs:__add_inode_ref: out of bounds memory read when looking for extended ref. - svcrpc: fix memory leak in gssp_accept_sec_context_upcall (regression in 3.12) - SUNRPC: Always manipulate rpc_rqst::rq_bc_pa_list under xprt->bc_pa_lock (regression in 3.15) - net: cls_bpf: fix size mismatch on filter preparation - net: cls_bpf: fix auto generation of per list handles - qlge: Fix qlge_update_hw_vlan_features to handle if interface is down (regression in 3.13) - libsas: Fix Kernel Crash in smp_execute_task - ALSA: hda - Fix regression of HD-audio controller fallback modes (regression in 3.11) - can: add missing initialisations in CAN related skbuffs - ftrace: Fix en(dis)able graph caller when en(dis)abling record via sysctl - ftrace: Fix ftrace enable ordering of sysctl ftrace_enabled - [armhf] imx6qdl-sabresd: set swbst_reg as vbus's parent reg - [armhf] imx6sl-evk: set swbst_reg as vbus's parent reg - xen-pciback: limit guest control of command register (CVE-2015-2150) - drm/vmwgfx: Reorder device takedown somewhat - ALSA: control: Add sanity checks for user ctl id name string - Revert "i2c: core: Dispose OF IRQ mapping at client removal time" (regression in 3.16.7-ckt2) - nilfs2: fix deadlock of segment constructor during recovery (regression in 3.16.7-ckt7) - clk: divider: fix calculation of maximal parent rate for a given divider (regression in 3.15) - [sparc*] Fix several bugs in memmove(). - net: sysctl_net_core: check SNDBUF and RCVBUF for min length - inet_diag: fix possible overflow in inet_diag_dump_one_icsk() - caif: fix MSG_OOB test in caif_seqpkt_recvmsg() - rxrpc: bogus MSG_PEEK test in rxrpc_recvmsg() - tcp: fix tcp fin memory accounting - net: compat: Update get_compat_msghdr() to match copy_msghdr_from_user() behaviour (regression in 3.13) - tcp: make connect() mem charging friendly [ Ian Campbell ] * Initialise framebuffer console earlier. (Closes: #779935) * [xen] Enable Xen MCE log support. (Closes: #779698) * [armhf] mvebu: do not register custom DMA operations when coherency is disabled (Closes: #780858) * [armhf] Enable power control on various sunxi platforms, enable MFD_AXP20X and REGULATOR_AXP20X and adding the necessary DTB nodes. (Closes: #781576) [ Ben Hutchings ] * [armel/kirkwood] linux-image: Add versioned Breaks against flash-kernel, to ensure that an FDT is appended to the image if needed (Closes: #781193) * Revert "quota: Store maximum space limit in bytes" to avoid ABI change * IB/core: Prevent integer overflow in ib_umem_get address arithmetic (CVE-2014-8159) * Btrfs: make xattr replace operations atomic (CVE-2014-9710) * ext4: fix ZERO_RANGE bug hidden by flag aliasing * ext4: fix accidental flag aliasing in ext4_map_blocks flags * ext4: allocate entire range in zero range (CVE-2015-0275) * [x86] microcode/intel: Guard against stack overflow in the loader (CVE-2015-2666) * ipv6: Don't reduce hop limit for an interface (CVE-2015-2922) * [powerpc/powerpc64,ppc64] Disable THERM_PM72 and enable its replacements WINDFARM_PM72 and WINDFARM_RM31 as modules. Update the udeb config accordingly. Thanks to Milan Kupcevic. (Closes: #781934) * psmouse: Add support for FocalTech touchpads, thanks to Rafal Ramocki (Closes: #780971) * [x86] drm/i915: Add limited color range readout for HDMI/DP ports on g4x/vlv/chv (Closes: #775217) * HID: thingm: fix workqueue race on remove (Closes: #780055) * [x86] Disable X86_VERBOSE_BOOTUP (Closes: #781953) * eMMC: Don't initialize partitions on RPMB flagged areas (Closes: #782038) * [x86] powercap / RAPL: change domain detection message (Closes: #781418) * procfs: Avoid ABI change in 3.16.7-ckt8 * [powerpc/powerpc] udeb: Add fb-modules package containing radeonfb driver (Closes: #782058) -- Ben Hutchings Wed, 08 Apr 2015 01:03:08 +0100 linux (3.16.7-ckt7-1) unstable; urgency=medium * New upstream stable update: http://kernel.ubuntu.com/stable/ChangeLog-3.16.7-ckt5 - [x86] vdso: Use asm volatile in __getcpu - SCSI: fix regression in scsi_send_eh_cmnd() (regression in 3.16) - Btrfs: don't delay inode ref updates during log replay (regression in 3.16.7) - mm: propagate error from stack expansion even for guard page - vfio-pci: Fix the check on pci device type in vfio_pci_probe() - rpc: fix xdr_truncate_encode to handle buffer ending on page boundary (regression in 3.16) - [arm64] efi: add missing call to early_ioremap_reset() (regression in 3.16) - exit: fix race between wait_consider_task() and wait_task_zombie() (regression in 3.15) - mm: prevent endless growth of anon_vma hierarchy - mm: protect set_page_dirty() from ongoing truncation - mm, vmscan: prevent kswapd livelock due to pfmemalloc-throttled process being killed - sched/deadline: Fix migration of SCHED_DEADLINE tasks - HID: roccat: potential out of bounds in pyra_sysfs_write_settings() - mm: Don't count the stack guard page towards RLIMIT_STACK - mm: fix corner case in anon_vma endless growing prevention - [arm*][xen] introduce xen_arch_need_swiotlb - fsnotify: next_i is freed during fsnotify_unmount_inodes. - [armhf] ASoC: eukrea-tlv320: Fix of_node_put() call with uninitialized object (regression in 3.15) - HID: i2c-hid: Do not free buffers in i2c_hid_stop() (regression in 3.15) - ALSA: fireworks: fix an endianness bug for transaction length (regression in 3.16) - [armhf] mtd: nand: omap: Fix NAND enumeration on 3430 LDP (regression in 3.13) - ocfs2: fix the wrong directory passed to ocfs2_lookup_ino_from_name() when link file (regression in 3.14) - [powerpc*] Fix bad NULL pointer check in udbg_uart_getc_poll() (regression in 3.12) - nilfs2: fix the nilfs_iget() vs. nilfs_new_inode() races - [armhf] OMAP4: PM: Only do static dependency configuration in omap4_init_static_deps (regression in 3.11) - [armel,armhf] Revert "ARM: 7830/1: delay: don't bother reporting bogomips in /proc/cpuinfo" (regression in 3.12) - gre: fix the inner mac header in nbma tunnel xmit path (regression in 3.16.7-ckt3) - netlink: Always copy on mmap TX. - netlink: Don't reorder loads/stores before marking mmap netlink frame as available - batman-adv: Unify fragment size calculation (regression in 3.13) - batman-adv: avoid NULL dereferences and fix if check (regression in 3.13) - net: Fix stacked vlan offload features computation - net: Reset secmark when scrubbing packet - xen-netback: fixing the propagation of the transmit shaper timeout (regression in 3.16) - team: avoid possible underflow of count_pending value for notify_peers and mcast_rejoin (regression in 3.12) - usb: gadget: gadgetfs: Free memory allocated by memdup_user() (regression in 3.15) - iwlwifi: mvm: fix Rx with both chains (regression in 3.16) - LOCKD: Fix a race when initialising nlmsvc_timeout (regression in 3.11) - NFSv4.1: Fix client id trunking on Linux - vhost-scsi: Add missing virtio-scsi -> TCM attribute conversion - xhci: Check if slot is already in default state before moving it there (regression in 3.14) - USB: console: fix uninitialised ldisc semaphore (regression in 3.12) - USB: console: fix potential use after free - [armhf] usb: dwc3: gadget: Fix TRB preparation during SG - [x86] ftrace/jprobes: Fix conflict between jprobes and function graph tracing - clk: Don't try to use a struct clk* after it could have been freed - [x86] drm/i915: Evict CS TLBs between batches - [xen] Revert "swiotlb-xen: pass dev_addr to swiotlb_tbl_unmap_single" (regression in 3.16.7-ckt4) http://kernel.ubuntu.com/stable/ChangeLog-3.16.7-ckt6 - ipvs: uninitialized data with IP_VS_IPV6 - netfilter: nfnetlink: validate nfnetlink header from batch - time: settimeofday: Validate the values of tv from user - drm/radeon: fix VM flush on cayman/aruba (v3) - drm/radeon: fix VM flush on SI (v3) - drm/radeon: fix VM flush on CIK (v3) - drm/radeon: add a dpm quirk list (regression around 3.14) - can: dev: fix crtlmode_supported check - can: kvaser_usb: Don't free packets when tight on URBs - drm/radeon: use rv515_ring_start on r5xx (regression in 3.12) - PCI: Mark Atheros AR93xx to avoid bus reset (regression in 3.14) - [x86] PCI: Clip bridge windows to fit in upstream windows (regression in 3.16) - [armhf] mvebu: completely disable hardware I/O coherency - cifs: fix deadlock in cifs_ioctl_clone() - ipr: wait for aborted command responses - libata: allow sata_sil24 to opt-out of tag ordered submission (regression in 3.14.4, 3.15) - [media] vb2: fix vb2_thread_stop race conditions - [i386/586] apic: Re-enable PCI_MSI support for non-SMP X86_32 (regression in 3.12) - dm cache: share cache-metadata object across inactive and active DM tables - dm cache: fix problematic dual use of a single migration count variable - Input: evdev - fix EVIOCG{type} ioctl - tty: Fix pty master poll() after slave closes v2 (regression in 3.12) - [armhf] bus: omap_l3_noc: Add resume hook to restore context (regression in 3.16) - decompress_bunzip2: off by one in get_next_block() - kbuild: Fix removal of the debian/ directory (regression in 3.16) - mm: get rid of radix tree gfp mask for pagecache_get_page (regression in 3.16) - regulator: core: fix race condition in regulator_put() - ASoC: simple-card: Fix crash in asoc_simple_card_unref() (regression in 3.15) - [ppc64el] xmon: Fix another endiannes issue in RTAS call from xmon - nfs: fix dio deadlock when O_DIRECT flag is flipped - mac80211: properly set CCK flag in radiotap (regression in 3.12) - [x86] drm/i915: Only fence tiled region of object. - can: kvaser_usb: Do not sleep in atomic context - can: kvaser_usb: Send correct context to URB completion - rbd: fix rbd_dev_parent_get() when parent_overlap == 0 - rbd: drop parent_ref in rbd_dev_unprobe() unconditionally - dm cache: fix missing ERR_PTR returns and handling - dm thin: don't allow messages to be sent to a pool target in READ_ONLY or FAIL mode - [armhf] mvebu: don't set the PL310 in I/O coherency mode when I/O coherency is disabled - vm: add VM_FAULT_SIGSEGV handling support - vm: make stack guard page errors return VM_FAULT_SIGSEGV rather than SIGBUS - perf: Tighten (and fix) the grouping condition - iwlwifi: mvm: drop non VO frames when flushing (regression in 3.16) - memcg: remove extra newlines from memcg oom kill log (regression in 3.15) - ipv4: try to cache dst_entries which would cause a redirect (regression in 3.16) (CVE-2015-1465) http://kernel.ubuntu.com/stable/ChangeLog-3.16.7-ckt7 - [ppc64el] powerpc: add little endian flag to syscall_get_arch() - [arm64] Fix up /proc/cpuinfo - cifs: Complete oplock break jobs before closing file handle (regression in 3.15) - [arm64,or1k] lib/checksum.c: fix carry in csum_tcpudp_nofold - [mips*] Fix kernel lockup or crash after CPU offline/online - md/raid5: fix another livelock caused by non-aligned writes. (regression in 3.16) - drm/radeon: fix PLLs on RS880 and older v2 (regression in 3.15) (Closes: #770790) - [armhf/armmp-lpae] 8299/1: mm: ensure local active ASID is marked as allocated on rollover - PCI: Handle read-only BARs on AMD CS553x devices (regression in 3.16.7-ckt4) - mm: pagewalk: call pte_hole() for VM_PFNMAP during walk_page_range - nilfs2: fix deadlock of segment constructor over I_SYNC flag - ip: zero sockaddr returned on error queue - net: rps: fix cpu unplug - ipv6: stop sending PTB packets for MTU < 1280 - udp_diag: Fix socket skipping within chain - ping: Fix race in free in receive path - net: don't OOPS on socket aio - ipv4: tcp: get rid of ugly unicast_sock - ppp: deflate: never return len larger than output buffer - [x86] hyperv: Fix the error processing in netvsc_send() - Bluetooth: ath3k: workaround the compatibility issue with xHCI controller - ceph: introduce global empty snap context - drm/vmwgfx: Don't use memory accounting for kernel-side fence objects - net:socket: set msg_namelen to 0 if msg_name is passed as NULL in msghdr struct from userland. - virtio_pci: defer kfree until release callback [ Ian Campbell ] * [armhf] Add DTB for Olimex A20-OLinuXino-LIME2. (Closes: #777455) * [armhf] Enable CONFIG_BACKLIGHT_GPIO as a module. (Closes: #778783) * [armhf] Enable FB_SIMPLE on sunxi platform, backporting fixes and DTS entries. [ Ben Hutchings ] * shm: add memfd.h to UAPI export list, so kdbus will build * [x86] HPET force enable for e6xx based systems (Closes: #772951) * vfs: read file_handle only once in handle_to_path (CVE-2015-1420) * ASLR: fix stack randomization on 64-bit systems (CVE-2015-1593) * Revert "quota: Switch ->get_dqblk() and ->set_dqblk() to use bytes as space units" to avoid ABI change * rmap: Fix ABI change in 3.16.7-ckt5 * perf: Fix ABI change in 3.16.7-ckt6 * mm: Fix pagecache_get_page() ABI change in 3.16.7-ckt6 * tcp: Fix ABI change in 3.16.7-ckt7 * [x86] ACPI / video: Add disable_native_backlight quirk for various Samsung models and Dell XPS15 L521X (Closes: #772440) * [x86] ALSA: Enable SND_SOC, SND_SOC_INTEL_SST, SND_SOC_INTEL_HASWELL_MACH, SND_SOC_INTEL_BYT_RT5640_MACH, SND_SOC_INTEL_BYT_MAX98090_MACH as modules (Closes: #773835) * arcmsr: Backport changes up to Linux 3.18 (Closes: #698821) * [x86] drm/i915: Quietly reject attempts to create non-pagealigned stolen objects (Closes: #763155) * KEYS: request_key() should reget expired keys rather than give EKEYEXPIRED (Closes: #758870) * drm: Enable DRM_BOCHS, DRM_QXL as modules - qxl: Disable by default, as it is incompatible with wheezy's xserver-xorg-video-qxl. It can be forced to load with module parameter modeset=1. * of.h: Keep extern declaration of of_* variables when !CONFIG_OF (for simplefb) [ Helge Deller ] * [alpha] build debian-installer udeb packages * [hppa] build virtio udeb packages [ Uwe Kleine-König ] * Add support for Bananapro board, thanks Karsten Merker for the patch. (Closes: 779311) -- Ben Hutchings Sun, 01 Mar 2015 15:13:40 +0000 linux (3.16.7-ckt4-3) unstable; urgency=medium [ Ben Hutchings ] * [sh4] ftrace: Remove -m32 option from recordmcount.pl (Closes: #775611) * [x86] Revert "KVM: Fix of previously incomplete fix for CVE-2014-8480" as that issue does not affect 3.16 * [amd64] tls, ldt: Stop checking lm in LDT_empty (regression in 3.16.7-ckt4) * [x86] tls: Interpret an all-zero struct user_desc as "no segment" (regression in 3.16.7-ckt4) * net: sctp: fix slab corruption from use after free on INIT collisions (CVE-2015-1421) [ Ian Campbell ] * [xen] cancel ballooning if adding new memory failed (Closes: #776448) * [arm64] Only use the virtual counter (CNTVCT) on arm64. (Closes: #776957) -- Ben Hutchings Tue, 03 Feb 2015 20:07:06 +0000 linux-tools (3.16-3) unstable; urgency=medium * linux-tools: Fix build configuration to avoid linking perf with libbfd (Closes: #763002) * linux-tools: Add a check that perf is not linked with libbfd * [arm64] Enable building linux-tools, thanks to Steve Capper (Closes: #771340) -- Ben Hutchings Mon, 02 Feb 2015 22:05:59 +0000 linux (3.16.7-ckt4-2) unstable; urgency=medium [ Ian Campbell ] * [arm64] udeb: Remove zlib-modules, as ZLIB_DEFLATE is now built-in (fixes FTBFS) * [xen] Revert "swiotlb-xen: pass dev_addr to swiotlb_tbl_unmap_single" (Closes: #776237) [ Helge Deller ] * [hppa] udeb: Fix duplicate modules in ata-modules, pata-modules (Closes: #770102) * [hppa] Enable CONFIG_PPDEV to avoid CUPS complaining with systemd [ Ben Hutchings ] * crypto: Fix unprivileged arbitrary module loading (CVE-2013-7421, CVE-2014-9644) - prefix module autoloading with "crypto-" - include crypto- module prefix in template - add missing crypto module aliases * [x86] KVM: Fix of previously incomplete fix for CVE-2014-8480 * [x86] KVM: SYSENTER emulation is broken (CVE-2015-0239) -- Ben Hutchings Tue, 27 Jan 2015 03:57:26 +0000 linux (3.16.7-ckt4-1) unstable; urgency=medium * New upstream stable update: http://kernel.ubuntu.com/stable/ChangeLog-3.16.7-ckt3 - [x86] kvm: use alternatives for VMCALL vs. VMMCALL if kernel text is read-only - [sparc*] Fix constraints on swab helpers. - inetdevice: fixed signed integer overflow - ieee802154: fix error handling in ieee802154fake_probe() - bonding: fix curr_active_slave/carrier with loadbalance arp monitoring (regression in 3.14) - pptp: fix stack info leak in pptp_getname() - ipx: fix locking regression in ipx_sendmsg and ipx_recvmsg - net/mlx4_en: Add VXLAN ndo calls to the PF net device ops too (regression in 3.15) - net/mlx4_en: Advertize encapsulation offloads features only when VXLAN tunnel is set (regression in 3.15) - target: Don't call TFO->write_pending if data_length == 0 - vhost-scsi: Take configfs group dependency during VHOST_SCSI_SET_ENDPOINT - iser-target: Handle DEVICE_REMOVAL event on network portal listener correctly - ASoC: dpcm: Fix race between FE/BE updates and trigger - mac80211: Fix regression that triggers a kernel BUG with CCMP (regression in 3.13) - rt2x00: do not align payload on modern H/W - bitops: Fix shift overflow in GENMASK macros - [x86] Require exact match for 'noxsave' command line option - [x86] drm/i915: Kick fbdev before vgacon (regression in 3.16) - can: dev: avoid calling kfree_skb() from interrupt context - [x86] mm: Set NX across entire PMD at boot - of: Fix crash if an earlycon driver is not found - btrfs: fix lockups from btrfs_clear_path_blocking - [i386/686-pae,armhf/armmp-lpae] PCI: Support 64-bit bridge windows if we have 64-bit dma_addr_t (regression in 3.14) - ACPI / PM: Ignore wakeup setting if the ACPI companion can't wake up (regression in 3.13) - drm/radeon: fix endian swapping in vbios fetch for tdp table - Bluetooth: Fix endian and alignment issue with ath3k version handling - nfs: Don't busy-wait on SIGKILL in __nfs_iocounter_wait - [armhf] 8109/1: mm: Modify pte_write and pmd_write logic for LPAE - aio: fix incorrect dirty pages accouting when truncating AIO ring buffer (regression in 3.12) - [armel,armhf] mvebu: add missing of_node_put() call in coherency.c (regression in 3.16) - iio: Fix IIO_EVENT_CODE_EXTRACT_DIR bit mask - spi: Fix mapping from vmalloc-ed buffer to scatter list - SUNRPC: Fix locking around callback channel reply receive - nfsd: Fix slot wake up race in the nfsv4.1 callback code - bnx2fc: do not add shared skbs to the fcoe_rx_list - Revert "xhci: clear root port wake on bits if controller isn't wake-up capable" (regression in 3.16) - usb: xhci: rework root port wake bits if controller isn't allowed to wakeup - ixgbe: Correctly disable VLAN filter in promiscuous mode (regression in 3.16) - ixgbe: fix use after free adapter->state test in ixgbe_remove/ixgbe_probe (regression in 3.15) - ALSA: hda - Limit 40bit DMA for AMD HDMI controllers - PCI/MSI: Add device flag indicating that 64-bit MSIs don't work - gpu/radeon: Set flag to indicate broken 64-bit MSI - sound/radeon: Move 64-bit MSI quirk from arch to driver - [powerpc*] pseries: Honor the generic "no_64bit_msi" flag - [mips*] fix EVA & non-SMP non-FPU FP context signal handling (regression in 3.15) - [x86] drm/i915: Ignore SURFLIVE and flip counter when the GPU gets reset (regression in 3.16) - [powerpc*] 32 bit getcpu VDSO function uses 64 bit instructions - [armhf] 8222/1: mvebu: enable strex backoff delay - [armel,armhf] 8226/1: cacheflush: get rid of restarting block - btrfs: zero out left over bytes after processing compression streams - [armhf] net: sun4i-emac: fix memory leak on bad packet - [armhf] i2c: omap: fix NACK and Arbitration Lost irq handling - [media] s2255drv: fix payload size for JPG, MJPEG (regression in 3.15) - nouveau: move the hotplug ignore to correct place. (regression in 3.16.4) - mm: frontswap: invalidate expired data on a dup-store failure - mm/vmpressure.c: fix race in vmpressure_work_fn() - xen-netfront: Remove BUGs on paged skb data which crosses a page boundary - drivers/input/evdev.c: don't kfree() a vmalloc address (regression in 3.13) - mm: fix anon_vma_clone() error treatment (regression in 3.12) - ip_tunnel: the lack of vti_link_ops' dellink() cause kernel panic - vxlan: Fix race condition between vxlan_sock_add and vxlan_sock_release - bond: Check length of IFLA_BOND_ARP_IP_TARGET attributes - gre: Set inner mac header in gro complete (regression in 3.16.7-ckt1) - [mips*] bpf: Fix broken BPF_MOD http://kernel.ubuntu.com/stable/ChangeLog-3.16.7-ckt4 - [x86] drm/i915: don't warn if backlight unexpectedly enabled (Closes: #757805) - [x86] drm/i915/dp: only use training pattern 3 on platforms that support it (regression in 3.15) - btrfs: don't go readonly on existing qgroup items - writeback: fix a subtle race condition in I_DIRTY clearing - [s390*] KVM: flush CPU on load control - UBI: Fix double free after do_sync_erase() - [x86] Drivers: hv: util: make struct hv_do_fcopy match Hyper-V host messages (regression for amd64 in 3.16.7) - Drivers: hv: vmbus: Fix a race condition when unregistering a device - misc: genwqe: check for error from get_user_pages_fast() - drbd: merge_bvec_fn: properly remap bvm->bi_bdev - PCI: Restore detection of read-only BARs - scsi: correct return values for .eh_abort_handler implementations - genhd: check for int overflow in disk_expand_part_tbl() - Btrfs: make sure we wait on logged extents when fsycning two subvols - Btrfs: make sure logged extents complete in the current transaction V3 - Btrfs: do not move em to modified list when unpinning - [armhf] mvebu: disable I/O coherency on non-SMP situations on Armada 370/375/38x/XP - nfs41: fix nfs4_proc_layoutget error handling - USB: cdc-acm: check for valid interfaces - HID: i2c-hid: fix race condition reading reports - [armhf] mfd: twl4030-power: Fix regression with missing compatible flag (regression in 3.16) - [armhf] serial: samsung: wait for transfer completion before clock disable - n_tty: Fix read_buf race condition, increment read_head after pushing data (regression in 3.12) - dm cache: only use overwrite optimisation for promotion when in writeback mode - dm cache: dirty flag was mistakenly being cleared when promoting via overwrite - dm bufio: fix memleak when using a dm_buffer's inline bio - iwlwifi: dvm: fix flush support for old firmware (regression in 3.16.7-ckt1) - iwlwifi: mvm: update values for Smart Fifo (regression in 3.14) - iommu/vt-d: Fix an off-by-one bug in __domain_mapping() - dm crypt: use memzero_explicit for on-stack buffer - mnt: Implicitly add MNT_NODEV on remount when it was implicitly added by mount (regression in 3.16.3) - umount: Disallow unprivileged mount force - md/raid5: fetch_block must fetch all the blocks handle_stripe_dirtying wants. - [x86] drm/i915: Only warn the first time we attempt to mmio whilst suspended (regression in 3.15) - drm/vmwgfx: Fix error printout on signals pending - drm/radeon: check the right ring in radeon_evict_flags() - swiotlb-xen: pass dev_addr to xen_dma_unmap_page and xen_dma_sync_single_for_cpu - [armhf/armmp] swiotlb-xen: remove BUG_ON in xen_bus_to_phys - swiotlb-xen: call xen_dma_sync_single_for_device when appropriate - swiotlb-xen: pass dev_addr to swiotlb_tbl_unmap_single - [powerpc] book3s: Fix partial invalidation of TLBs in MCE code. - [armhf] clocksource: arch_timer: Fix code to use physical timers when requested (regression in 3.11) - userns: Prevent evasion of group negative permissions through a userns (CVE-2014-8989): + Don't allow setgroups until a gid mapping has been setablished + Don't allow unprivileged creation of gid mappings + Add a knob to disable setgroups on a per user namespace basis + Allow setting gid_maps without privilege when setgroups is disabled - KEYS: Fix stale key registration at error path - blk-mq: Fix a use-after-free - blk-mq: Fix a race between bt_clear_tag() and bt_get() - nfsd4: fix xdr4 count of server in fs_location4 (regression in 3.16) - [x86] drm/i915: Don't complain about stolen conflicts on gen3 (regression in 3.12) - [x86] kvm: Clear paravirt_enabled on KVM guests for espfix32's benefit (CVE-2014-8134) - blk-mq: Fix uninitialized kobject at CPU hotplugging - ncpfs: return proper error from NCP_IOC_SETROOT ioctl - [armhf] rtc: omap: fix clock-source configuration (regression in 3.16) - exit: pidns: alloc_pid() leaks pid_namespace if child_reaper is exiting - [amd64] switch_to(): Load TLS descriptors before switching DS and ES (CVE-2014-9419) - [x86] KVM: nVMX: Disable unrestricted mode if ept=0 (regression in 3.13) - [x86] KVM: em_ret_far overrides cpl (follow-up to CVE-2014-3647 fix) - pstore-ram: Fix hangs by using write-combine mappings - HID: i2c-hid: prevent buffer overflow in early IRQ - mac80211: fix multicast LED blinking and counter (regression in 3.16.7-ckt2) - cfg80211: avoid mem leak on driver hint set - nl80211: check matches array length before acessing it - cfg80211: don't WARN about two consecutive Country IE hint (regression in 3.14) - tracing/sched: Check preempt_count() for current when reading task->state (regression in 3.13) - [x86] tls: Validate TLS entries to protect espfix (CVE-2014-8133) - [x86] tls: Disallow unusual TLS segments - isofs: Fix infinite looping over CE entries (CVE-2014-9420) - mac80211: free management frame keys when removing station - ceph: do_sync is never initialized (regression in 3.12) - mnt: Fix a memory stomp in umount (regression in 3.14) - ocfs2: fix journal commit deadlock - md/bitmap: always wait for writes on unplug. - [armhf] mmc: omap_hsmmc: Fix UHS card with DDR50 support (regression in 3.16) - [x86] mmc: sdhci-pci-o2micro: Fix Dell E5440 issue (regression in 3.14) - dm space map metadata: fix sm_bootstrap_get_nr_blocks() - dm thin: fix a race in thin_dtr - eCryptfs: Force RO mount when encrypted view is enabled - eCryptfs: Remove buggy and unnecessary write in file name decode routine - tcm_loop: Fix wrong I_T nexus association - Btrfs: fix fs corruption on transaction abort if device supports discard - [x86] perf/intel/uncore: Make sure only uncore events are collected - perf: Fix events installation during moving group - iscsi,iser-target: Initiate termination only once (regression in 3.16.4) - iser-target: Fix flush + disconnect completion handling - iser-target: Parallelize CM connection establishment - iser-target: Fix connected_handler + teardown flow race - iser-target: Handle ADDR_CHANGE event for listener cm_id - iser-target: Fix implicit termination of connections - iser-target: Allocate PI contexts dynamically - iser-target: Fix NULL dereference in SW mode DIF - iscsi,iser-target: Expose supported protection ops according to t10_pi - genirq: Prevent proc race against freeing of irq descriptors - [powerpc] powernv: Switch off MMU before entering nap/sleep/rvwinkle mode - [x86] storvsc: ring buffer failures may result in I/O freeze - iscsi-target: Fail connection on short sendmsg writes - [x86] drm/i915: Invalidate media caches on gen7 - [x86] drm/i915: Force the CS stall for invalidate flushes - dm thin: fix inability to discard blocks when in out-of-data-space mode - dm thin: fix missing out-of-data-space to write mode transition if blocks are released - dm: fix missed error code if .end_io isn't implemented by target_type - [armhf] i2c: mv64xxx: rework offload support to fix several problems (regression in 3.12) - [x86] tls: Don't validate lm in set_thread_area() after all - ALSA: usb-audio: extend KEF X300A FU 10 tweak to Arcam rPAC - tick/powerclamp: Remove tick_nohz_idle abuse - audit: don't attempt to lookup PIDs when changing PID filtering audit rules (regression in 3.15) - audit: use supplied gfp_mask from audit_buffer in kauditd_send_multicast_skb (regression in 3.16) - [arm64] kernel: fix __cpu_suspend mm switch on warm-boot - audit: restore AUDIT_LOGINUID unset ABI (regression in 3.10) - Btrfs: fix loop writing of async reclaim - isofs: Fix unchecked printing of ER records (CVE-2014-9584) - crypto: af_alg - fix backlog handling - udf: Check path length when reading symlink - udf: Verify i_size when loading inode - udf: Verify symlink size before loading it - udf: Check component length before reading it - [x86] platform/chrome: chromeos_laptop - Add support for Acer C720 (Closes: #774209) - batman-adv: Calculate extra tail size based on queued fragments (Closes: #774155) (CVE-2014-9428) - vfs: move d_rcu from overlapping d_child to overlapping d_alias - vfs: deal with deadlock in d_walk() (CVE-2014-8559) - KEYS: close race between key lookup and freeing (CVE-2014-9529) [ Ben Hutchings ] * [sh4] Build with gcc-4.8 (Closes: #772602) * Fix inconsistent ABI name generation in debian/bin/{abiupdate,buildcheck,gencontrol}.py (Closes: #773233) * iov: Revert unwanted ABI 'fix' in 3.16.7-ckt2-1 * [armel,armhf] thread_info: Fix ABI change in 3.16.7-ckt3 * PCI: Fix ABI change in 3.16.7-ckt3 * Ignore some ABI changes that don't appear to affect OOT modules: - Removal of __add_pages(), __remove_pages(), of_device_is_stdout_path(), clk_divider_ro_ops, tick_nohz_idle_enter, tick_nohz_idle_exit - Changes to ASoC functions * [arm64] Enable PSTORE as built-in and EFI_VARS_PSTORE as module; ensure efivars and efi-pstore are loaded on EFI systems (Closes: #773309) * hwmon: Enable SENSORS_NCT6683 as module (Closes: #774372) * udeb: Add i2c-designware-{core,platform} to i2c-modules and i2c-hid to input-modules (Closes: #772578) * [x86] ACPI / video: Run _BCL before deciding registering backlight (regression in 3.16) (Closes: #762285) * [amd64] Enable EFI_MIXED to support Bay Trail systems * efi: Expose underlying UEFI firmware platform size to userland, to support installation on Bay Trail systems (Closes: #775191) * vfs: Changes for compatibility with CVE-2014-8559 fix: - aufs: move d_rcu from overlapping d_child to overlapping d_alias - vfs: Avoid ABI change for dentry union changes * [powerpc/powerpc{,-smp}] video/fb: Change FB_RADEON back to module (Closes: #748398) (thanks to John Paul Adrian Glaubitz for thoroughly testing this change) * userns: Fix ABI change in 3.16.7-ckt4 * netfilter: conntrack: disable generic tracking for known protocols (CVE-2014-8160) * [amd64] vdso: Fix the vdso address randomization algorithm (CVE-2014-9585) [ Ian Campbell ] * [armhf] Enable support for support OMAP5432 uEVM by enabling: TI_SOC_THERMAL, MFD_PALMAS, REGULATOR_PALMAS, REGULATOR_PBIAS, REGULATOR_TI_ABB, PINCTRL_PALMAS, GPIO_PALMAS, RTC_DRV_PALMAS, OMAP5_DSS_HDMI, DISPLAY_ENCODER_TPD12S015, DISPLAY_CONNECTOR_HDMI, USB_DWC3_OMAP, EXTCON_PALMAS, TI_EMIF and DDR. Based on a patch from Chen Baozi (Closes: #772953) * [armel] Change configuration to reduce kernel image size - Warn if image size leaves less than 1% spare capacity in the flash. This allows some slack for growth over the lifetime of a stable release. - [/kirkwood] Disable RD_LZO and RD_LZ4 - [/kirkwood] mm: Disable KSM - [/kirkwood] Disable CHECKPOINT_RESTORE - [/kirkwood] Disable ZSMALLOC - [/kirkwood] Disable CRYPTO_FIPS - [/kirkwood] Disable NET_MPLS_GSO - [/kirkwood] Disable NETLINK_MMAP - [/kirkwood] Disable PROFILING - [/kirkwood] Disable BPF_JIT - [/kirkwood] Disable KPROBES - [/ixp4xx,orion5x]: Disable RD_LZO - [/ixp4xx,orion5x]: Disable PROFILING - [/orion5x]: Make SERIO and dependants modular * [arhmf] Add device-tree for LinkSprite pcDuino V3. Patch from Karsten Merker (Closes: #774067) * [xen] More netback fixes (including reintroducing support for feature-rx-notify, which was regressed by the fix to #767261). * Disable TSO in mv643xx_eth driver by default again, since previous fix appears to not work on all platforms (Closes: #764162). -- Ben Hutchings Fri, 16 Jan 2015 00:15:12 +0000 linux (3.16.7-ckt2-1) unstable; urgency=high * New upstream stable update: http://kernel.ubuntu.com/stable/ChangeLog-3.16.7-ckt1 - drm/tilcdc: Fix the error path in tilcdc_load() - usb: phy: return -ENODEV on failure of try_module_get - PM / clk: Fix crash in clocks management code if !CONFIG_PM_RUNTIME - rt2x00: support Ralink 5362. - wireless: rt2x00: add new rt2800usb devices - NFS: Fix /proc/fs/nfsfs/servers and /proc/fs/nfsfs/volumes - nfs: fix duplicate proc entries - mm: page_alloc: fix zone allocation fairness on UP - ext4: check EA value offset when loading - jbd2: free bh when descriptor block checksum fails - ext4: don't check quota format when there are no quota files - target: Fix queue full status NULL pointer for SCF_TRANSPORT_TASK_SENSE - vfs: fix data corruption when blocksize < pagesize for mmaped data - ext4: fix mmap data corruption when blocksize < pagesize - ext4: grab missed write_count for EXT4_IOC_SWAP_BOOT - qla_target: don't delete changed nacls - target: Fix APTPL metadata handling for dynamic MappedLUNs - iser-target: Disable TX completion interrupt coalescing - ext4: don't orphan or truncate the boot loader inode - ext4: add ext4_iget_normal() which is to be used for dir tree lookups - ext4: fix reservation overflow in ext4_da_write_begin - ext4: Replace open coded mdata csum feature to helper function - ext4: move error report out of atomic context in ext4_init_block_bitmap() - ext4: check s_chksum_driver when looking for bg csum presence - drm/radeon: fix speaker allocation setup - drm/radeon: use gart memory for DMA ring tests - random: add and use memzero_explicit() for clearing data - freezer: Do not freeze tasks killed by OOM killer - OOM, PM: OOM killed task shouldn't escape PM suspend - [mips*/loongson-2f] loongson2_cpufreq: Fix CPU clock rate setting mismerge - drm/cirrus: bind also to qemu-xen-traditional - cpufreq: intel_pstate: Fix setting max_perf_pct in performance policy - cpufreq: expose scaling_cur_freq sysfs file for set_policy() drivers - cpufreq: intel_pstate: Reflect current no_turbo state correctly - [x86] intel_pstate: Don't lose sysfs settings during cpu offline - [x86] intel_pstate: Fix BYT frequency reporting - [x86] intel_pstate: Correct BYT VID values. - [x86] kvm: don't kill guest on unknown exit reason - kvm: fix excessive pages un-pinning in kvm_iommu_map error path. (CVE-2014-8369) - vfs: be careful with nd->inode in path_init() and follow_dotdot_rcu() - pstore: Fix duplicate {console,ftrace}-efi entries - [x86] bpf_jit: fix two bugs in eBPF JIT compiler (regression in 3.16) - vxlan: fix a use after free in vxlan_encap_bypass - vxlan: using pskb_may_pull as early as possible - vxlan: fix a free after use - ipv4: dst_entry leak in ip_send_unicast_reply() - ipv4: fix a potential use after free in ip_tunnel_core.c (regression in 3.11) - net: tso: fix unaligned access to crafted TCP header in helper API - [x86] hyperv: Fix the total_data_buflen in send path - tcp: md5: do not use alloc_percpu() - macvlan: fix a race on port dismantle and possible skb leaks (regression in 3.16) - net/mlx4_en: Don't attempt to TX offload the outer UDP checksum for VXLAN (regression in 3.14) - gre: Use inner mac length when computing tunnel length (regression in 3.14) - [armhf] spi: pl022: Fix incorrect dma_unmap_sg - mac80211: fix typo in starting baserate for rts_cts_rate_idx - staging: comedi: (regression) channel list must be set for COMEDI_CMD ioctl (regression in 3.15) - nfsd4: fix response size estimation for OP_SEQUENCE (regression in 3.16) - quota: Properly return errors from dquot_writeback_dquots() - i3200_edac: Report CE events properly - i82860_edac: Report CE events properly - cpc925_edac: Report UE events properly - e7xxx_edac: Report CE events properly - scsi: Fix error handling in SCSI_IOCTL_SEND_COMMAND - usb: serial: ftdi_sio: add "bricked" FTDI device PID - [armhf] Revert "usb: dwc3: dwc3-omap: Disable/Enable only wrapper interrupts in prepare/complete" (regression in 3.16) - usb: gadget: f_fs: remove redundant ffs_data_get() (regression in 3.14) - [armhf] usb: ffs: fix regression when quirk_ep_out_aligned_size flag is set (regression in 3.15) - [armhf] usb: musb: dsps: start OTG timer on resume again (regression in 3.16.6) - usb: gadget: udc: core: fix kernel oops with soft-connect - nfsd4: fix crash on unknown operation number - Revert "iwlwifi: mvm: treat EAPOLs like mgmt frames wrt rate" (regression in 3.16.4) - [armhf] usb: dwc3: gadget: Properly initialize LINK TRB - posix-timers: Fix stack info leak in timer_create() - futex: Fix a race condition between REQUEUE_PI and task death - ALSA: bebob: Uninitialized id returned by saffirepro_both_clk_src_get - PM / Sleep: fix async suspend_late/freeze_late error handling (regression in 3.15) - Revert "block: all blk-mq requests are tagged" (regression in 3.16) - ALSA: pcm: Zero-clear reserved fields of PCM status ioctl in compat mode - zap_pte_range: update addr when forcing flush after TLB batching faiure - staging: comedi: fix memory leak / bad pointer freeing for chanlist (regression in 3.15) - [x86] drm/i915: Ignore VBT backlight check on Macbook 2, 1 (regression in 3.15) - [i386/686-pae] pageattr: Prevent overflow in slow_virt_to_phys() for X86_PAE - [x86] ACPI / EC: Fix regression due to conflicting firmware behavior between Samsung and Acer. (regression in 3.16.3) - mm: free compound page with correct order - lib/bitmap.c: fix undefined shift in __bitmap_shift_{left|right}() - ext4: fix overflow when updating superblock backups after resize - ext4: fix oops when loading block bitmap failed - ext4: enable journal checksum when metadata checksum feature enabled - ext4: prevent bugon on race between write/fcntl - ext4: bail out from make_indexed_dir() on first error - PCI: Rename sysfs 'enabled' file back to 'enable' (regression in 3.13) - fs: allow open(dir, O_TMPFILE|..., 0) with mode 0 - [arm*] tracing/syscalls: Ignore numbers outside NR_syscalls' range - nfs: fix kernel warning when removing proc entry http://kernel.ubuntu.com/stable/ChangeLog-3.16.7-ckt2 - rbd: Fix error recovery in rbd_obj_read_sync() - regulator: max77693: Fix use of uninitialized regulator config - xhci: no switching back on non-ULT Haswell (regression in 3.12) - Btrfs: fix kfree on list_head in btrfs_lookup_csums_range error cleanup - ocfs2: fix breakage in o2net_send_tcp_msg() (regression in 3.15) - [armhf] phy: omap-usb2: Enable runtime PM of omap-usb2 phy properly (regression in 3.16) - USB: cdc-acm: add quirk for control-line state requests (regression in 3.16) - sysfs: driver core: Fix glue dir race condition by gdp_mutex - drm/nouveau: make sure display hardware is reinitialised on runtime resume (regression in 3.15) - drm/nv50/disp: fix dpms regression on certain boards - drm/nouveau/bios: memset dcb struct to zero before parsing - GFS2: Make rename not save dirent location (regression in 3.14) - netfilter: ipset: off by one in ip_set_nfnl_get_byindex() - netfilter: nf_tables: check for NULL in nf_tables_newchain pcpu stats allocation (regression in 3.16) - netfilter: nfnetlink_log: fix maximum packet length logged to userspace - netfilter: nft_compat: fix wrong target lookup in nft_target_select_ops() - mmc: core: sdio: Fix unconditional wake_up_process() on sdio thread (regression in 3.16) - mmc: don't request CD IRQ until mmc_start_host() - fs: make cont_expand_zero interruptible - UBIFS: fix a race condition - [x86] fpu: __restore_xstate_sig()->math_state_restore() needs preempt_disable() - [x86] fpu: shift drop_init_fpu() from save_xstate_sig() to handle_signal() - perf: Fix unclone_ctx() vs. locking - evm: properly handle INTEGRITY_NOXATTRS EVM status - [alpha] vfs: missing data dependency barrier in prepend_name() - jffs2: kill wbuf_queued/wbuf_dwork_lock - fix misuses of f_count() in ppp and netlink - sched: Use dl_bw_of() under RCU read lock - [s390*] topology: call set_sched_topology early - [armhf] mfd: ti_am335x_tscadc: Fix TSC operation after ADC continouous mode (regression in 3.14) - [armhf] mfd: ti_am335x_tscadc: Fix TSC resume (regression in 3.14) - selinux: fix inode security list corruption - blk-mq: fix potential hang if rolling wakeup depth is too high (regression in 3.16) - block: fix alignment_offset math that assumes io_min is a power-of-2 - drm/nouveau/gpio: rename g92 class to g94 (regression in 3.16) - [x86] drm/i915: Do not leak pages when freeing userptr objects - media: v4l2-common: fix overflow in v4l_bound_align_image() - sched: Use rq->rd in sched_setaffinity() under RCU read lock - [powerpc*] use device_online/offline() instead of cpu_up/down() (regression in 3.11) - xen-blkback: fix leak on grant map error path - net: skb_fclone_busy() needs to detect orphaned skb (regression in 3.16) - rbd: avoid format-security warning inside alloc_workqueue() - rbd: fix error return code in rbd_dev_device_setup() - media: ttusb-dec: buffer overflow in ioctl (CVE-2014-8884) - dm raid: ensure superblock's size matches device's logical block size - ahci: disable MSI instead of NCQ on Samsung pci-e SSDs on macbooks (Closes: #772435) - mac80211: properly flush delayed scan work on interface removal - [i386] microcode, AMD: Fix early ucode loading on 32-bit (regression in 3.14) - [armhf] mvebu: armada xp: Generalize use of i2c quirk (regression in 3.12) - mac80211: fix use-after-free in defragmentation - iwlwifi: fix RFkill while calibrating (regression in 3.16) - tun: Fix csum_start with VLAN acceleration (regression in 3.12) - macvtap: Fix csum_start when VLAN tags are present - dm thin: grab a virtual cell before looking up the mapping - [x86] KVM: Fix uninitialized op->type for some immediate values - [powerpc*] hwrng: pseries - port to new read API and fix stack corruption - drm/radeon: set correct CE ram size for CIK - drm/radeon: make sure mode init is complete in bandwidth_update - cpufreq: Avoid crash in resume on SMP without OPP (regresion in 3.12) - [i386] microcode, AMD: Fix ucode patch stashing on 32-bit (regression in 3.14) - [armhf] mfd: twl4030-power: Fix poweroff with PM configuration enabled (regression in 3.16) - [hppa] Use compat layer for msgctl, shmat, shmctl and semtimedop syscalls - tracing: Do not busy wait in buffer splice (regresion in 3.16) - param: fix crash on bad kernel arguments (regression in 3.16) - audit: keep inode pinned - drm/radeon: add locking around atombios scratch space usage - nfs: fix pnfs direct write memory leak - nfs: Fix use of uninitialized variable in nfs_getattr() - NFSv4: Ensure that we remove NFSv4.0 delegations when state has expired - NFSv4.1: nfs41_clear_delegation_stateid shouldn't trust NFS_DELEGATED_STATE - NFSv4: Fix races between nfs_remove_bad_delegation() and delegation return - NFSv4: Ensure that we call FREE_STATEID when NFSv4.x stateids are revoked - NFS: Don't try to reclaim delegation open state if recovery failed - [arm64] efi: Fix stub cache maintenance - [arm64] __clear_user: handle exceptions on strb (CVE-2014-7843) - [arm64] Correct the race condition in aarch64_insn_patch_text_sync() - Fix thinko in iov_iter_single_seg_count - libceph: do not crash on large auth tickets - [armel,armhf] 8191/1: decompressor: ensure I-side picks up relocated code - zram: avoid kunmap_atomic() of a NULL pointer - firewire: cdev: prevent kernel stack leaking into ioctl arguments - md: Always set RECOVERY_NEEDED when clearing RECOVERY_FROZEN (regression in 3.13) - vxlan: Do not reuse sockets for a different address family - net: sctp: fix NULL pointer dereference in af->from_addr_param on malformed packet (CVE-2014-7841) - net: sctp: fix memory leak in auth key management - [armel,m68k] ipv6: fix IPV6_PKTINFO with v4 mapped (regression in 3.15) - netlink: Properly unbind in error conditions. (regression in 3.16) - smsc911x: power-up phydev before doing a software reset. (regression in 3.14) - [sparc*] sunvdc: limit each sg segment to a page - [sparc*] vio: fix reuse of vio_dring slot - drm/radeon: initialize sadb to NULL in the audio code - [x86] KVM: Don't report guest userspace emulation error to userspace - crypto: caam - remove duplicated sg copy functions - audit: correct AUDIT_GET_FEATURE return message type - memory-hotplug: Remove "weak" from memory_block_size_bytes() declaration (regression in 3.14) - [s390*] vmcore: Remove "weak" from function declarations - [s390*] clocksource: Remove "weak" from clocksource_default_clock() declaration - IB/core: Clear AH attr variable to prevent garbage data - [amd64] x32, audit: Fix x32's AUDIT_ARCH wrt audit - [armhf] dts: am335x-evm: Fix 5th NAND partition's name (regression in 3.15) - dell-wmi: Fix access out of memory [ Ben Hutchings ] * [x86] Complete Thunderbolt support on Apple computers (Closes: #768653) - PCI: Add pci_fixup_suspend_late quirk pass - PCI: Suspend/resume quirks for Apple thunderbolt - Enable THUNDERBOLT as module * [amd64] traps: Stop using IST for #SS (CVE-2014-9090) * [amd64] traps: Fix the espfix64 #DF fixup and rewrite it in C * [amd64] traps: Rework bad_iret * [amd64] asm/traps: Disable tracing and kprobes in fixup_bad_iret and sync_regs * Fix ABI changes in iovec, of, perf and truncate * Ignore ABI changes in iwlwifi, KVM and spi-nor * Revert "drivers/net: Disable UFO through virtio" in macvtap and tun. This removes the need to shut down VMs if migrating to a patched host. [ Ian Campbell ] * [xen] Backport various netback fixes (Closes: #767261). * Backport fix for TSO with mv643xx_eth driver, replacing previous workaround (#764162) * [armhf] Increase Ethernet phy startup delay on Banana-Pi. Patch from Karsten Merker (Closes: #767042) * [armhf] Enable FB_SIMPLE, used on some Exynos platforms and elsewhere. * [arm64] Backport various upstream fixes and improvements to the APM X-gene Ethernet driver. * Honour stdout-path from Device Tree, along with supporting any supplied options. (Closes: #770212) * [armhf] Add udeb modules to support video and keyboard for imx6. Patch from Vagrant Cascadian (Closes: #770635) * [device-tree] Reserve memreserve regions even if they partially overlap with an existing reservation. Fixes boot on Midway. * [arm64] Enable reboot on the Xgene platform. -- Ben Hutchings Mon, 08 Dec 2014 20:03:18 +0000 linux (3.16.7-2) unstable; urgency=medium [ Ian Campbell ] * Disable TSO in mv643xx_eth driver by default (Closes: #764162). [ Aurelien Jarno ] * [i386] Rename 486 flavour to 586 for udebs. (Closes: #768288) [ Ben Hutchings ] * [hppa] udeb: Fix modules in multiple packages (Closes: 768297) -- Ben Hutchings Thu, 06 Nov 2014 17:42:26 +0000 linux (3.16.7-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.6 - rtnetlink: fix VF info size (regression in 3.11) - myri10ge: check for DMA mapping errors - Revert "macvlan: simplify the structure port" (regression in 3.16) - tcp: don't use timestamp from repaired skb-s to calculate RTT (v2) (regression in 3.15) - tcp: fix tcp_release_cb() to dispatch via address family for mtu_reduced() - tipc: fix message importance range check (regression in 3.15) - packet: handle too big packets for PACKET_V3 - bnx2x: Revert UNDI flushing mechanism (regression in 3.14) - net: ipv6: fib: don't sleep inside atomic lock (regression in 3.15) - openvswitch: fix panic with multiple vlan headers - ipv6: fix rtnl locking in setsockopt for anycast and multicast - l2tp: fix race while getting PMTU on PPP pseudo-wire (regression in 3.15) - ipv6: restore the behavior of ipv6_sock_ac_drop() - bonding: fix div by zero while enslaving and transmitting (regression in 3.12) - net: filter: fix possible use after free (regression in 3.15) - net: allow macvlans to move to net namespace (regression in 3.13) - macvlan: allow to enqueue broadcast pkt on virtual device (regression in 3.16) - xfrm: Generate blackhole routes only from route lookup functions - xfrm: Generate queueing routes only from route lookup functions - macvtap: Fix race between device delete and open. - net/mlx4_core: Allow not to specify probe_vf in SRIOV IB mode (regression in 3.15) - net/mlx4: Correctly configure single ported VFs from the host (regression in 3.15) - gro: fix aggregation for skb using frag_list (regression in 3.13) - hyperv: Fix bug in netvsc_start_xmit() (potential use-after-free) - team: avoid race condition in scheduling delayed work - hyperv: Fix bug in netvsc_send() (potential use-after-free) - sctp: handle association restarts when the socket is closed. - net_sched: copy exts->type in tcf_exts_change() (regression in 3.14) - crypto: caam - fix addressing of struct member - driver/base/node: remove unnecessary kfree of node struct from unregister_one_node (regression in 3.15) https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.7 - btrfs: wake up transaction thread from SYNC_FS ioctl - Btrfs: fix up bounds checking in lseek - Btrfs: don't do async reclaim during log replay - Btrfs: cleanup error handling in build_backref_tree - Btrfs: fix build_backref_tree issue with multiple shared blocks - Btrfs: fix race in WAIT_SYNC ioctl - fs: Add a missing permission check to do_umount (CVE-2014-7975) - kvm: fix potentially corrupt mmio cache - [x86] kvm,vmx: Preserve CR4 across VM entry (CVE-2014-3690) - be2iscsi: check ip buffer before copying (stack buffer overflow) - mptfusion: enable no_write_same for vmware scsi disks - qla2xxx: fix kernel NULL pointer access (regression in 3.16) (Closes: #764804) - qla2xxx: Fix shost use-after-free on device removal (regression in 3.14) - dmaengine: fix xor sources continuation - [arm64] debug: don't re-enable debug exceptions on return from el1_dbg - mei: bus: fix possible boundaries violation - nfsv4: Fixing lease renewal (regression in 3.13) - lzo: check for length overrun in variable length encoding. - [armhf] tty: omap-serial: fix division by zero - NFSv4: Fix lock recovery when CREATE_SESSION/SETCLIENTID_CONFIRM fails - NFSv4: fix open/lock state recovery error handling - NFSv4.1: Fix an NFSv4.1 state renewal regression - nfsd4: reserve adequate space for LOCK op (regression in 3.16) - NFS: Fix an uninitialised pointer Oops in the writeback error path - NFS: Fix a bogus warning in nfs_generic_pgio (regression in 3.16.4) - iwlwifi: mvm: disable BT Co-running by default - [armel,armhf] PCI: mvebu: Fix uninitialized variable in mvebu_get_tgt_attr() - Revert "ath9k_hw: reduce ANI firstep range for older chips" (regression in 3.15) - fanotify: enable close-on-exec on events' fd when requested in fanotify_init() - futex: Ensure get_futex_key_refs() always implies a barrier (regression in 3.14) - [ppc64el] iommu/ddw: Fix endianness - [arm64] compat: fix compat types affecting struct compat_elf_prpsinfo - ALSA: emu10k1: Fix deadlock in synth voice lookup - ALSA: hda - Add missing terminating entry to SND_HDA_PIN_QUIRK macro - [armhf] mvebu: Netgear RN104: Use Hardware BCH ECC - [armhf] mvebu: Netgear RN2120: Use Hardware BCH ECC - [armhf] mvebu: Netgear RN102: Use Hardware BCH ECC - ecryptfs: avoid to access NULL pointer when write metadata in xattr - xfs: ensure WB_SYNC_ALL writeback handles partial pages correctly - [sparc*] Do not disable interrupts in nmi_cpu_busy() - [sparc*] Fix pcr_ops initialization and usage bugs. - [sparc*] sun4v TLB error power off events - [sparc*] Fix corrupted thread fault code. - [sparc*] find_node adjustment - [sparc*] Let memset return the address argument - [sparc*] bpf_jit: fix support for ldx/stx mem and SKF_AD_VLAN_TAG - [sparc*] bpf_jit: fix loads from negative offsets - [sparc*] Fix FPU register corruption with AES crypto offload. - [sparc*] Do not define thread fpregs save area as zero-length array. - [sparc*] Fix hibernation code refrence to PAGE_OFFSET. - [sparc*] correctly recognise M6 and M7 cpu type - [sparc*] T5 PMU - [sparc*] Switch to 4-level page tables. - [sparc*] Adjust KTSB assembler to support larger physical addresses. - [sparc*] Fix physical memory management regressions with large max_phys_bits. - [sparc*] Use kernel page tables for vmemmap. - [sparc*] Increase MAX_PHYS_ADDRESS_BITS to 53. - [sparc*] sparse irq - [sparc*] Fix register corruption in top-most kernel stack frame during boot. - [sparc*] Implement __get_user_pages_fast(). [ Ben Hutchings ] * [i386] Rename 486 flavour to 586, as it has not worked on 486 processors since we enabled CC_STACKPROTECTOR (Closes: #766105) - Select M586TSC instead of M486 * [x86] r8723au: Backport changes up to Linux 3.17 (Closes: #765685) * mmc_block: Increase max_devices and set MMC_BLOCK_MINORS to 256 (Closes: #765621) * [x86] drm/i915: Initialise userptr mmu_notifier serial to 1 (Closes: #765590) * rtsx_usb_ms: Use msleep_interruptible() in polling loop (Closes: #765717) * Bump ABI to 4 * Add '.0' to the kernel version string (Closes: #742226, #745984) * vfs,fuse: Change iov_iter_get_pages() to take both maxsize and maxpages parameters (Closes: #764285) * lockd: Try to reconnect if statd has moved (Closes: #767219) * m25p80: Fix module device ID table * HID: i2c-hid: call the hid driver's suspend and resume callbacks (Closes: #767204) * [x86] drm/i915: Add some L3 registers to the parser whitelist (Closes: #767148) * wireless: rt2x00: add new rt2800usb device (thanks to Cyril Brulebois) (Closes: #766802) * drivers/net,ipv6: Fix virtio/IPv6 regression in 3.16: - drivers/net: Disable UFO through virtio - drivers/net,ipv6: Select IPv6 fragment idents for virtio UFO packets * [x86] KVM: Check non-canonical addresses upon WRMSR (CVE-2014-3610) * [x86] KVM: Prevent host from panicking on shared MSR writes. (CVE-2014-3610) * [x86] KVM: Improve thread safety in pit (CVE-2014-3611) * [x86] kvm: vmx: handle invvpid vm exit gracefully (CVE-2014-3646) * [x86] KVM: Fix wrong masking on relative jump/call * [x86] KVM: Emulator fixes for eip canonical checks on near branches (CVE-2014-3647) * [x86] KVM: Handle errors when RIP is set during far jumps (CVE-2014-3647) * [x86] KVM: Fix far-jump to non-canonical check * net: sctp: fix skb_over_panic when receiving malformed ASCONF chunks (CVE-2014-3673) * net: sctp: fix panic on duplicate ASCONF chunks (CVE-2014-3687) * net: sctp: fix remote memory pressure from excessive queueing (CVE-2014-3688) * mnt: Prevent pivot_root from creating a loop in the mount tree (CVE-2014-7970) * linux-image: Recommend irqbalance if CONFIG_SMP is enabled (Closes: #577788) * [armhf] leds: Enable LEDS_PWM as module (for Cubox-i) * [x86] Backport Thunderbolt support on Apple computers from 3.17 * [x86] linux-image: Remove lilo from suggested boot loaders * [amd64] linux-image: Add grub-efi to suggested boot loaders * [hppa] Reduce SIGRTMIN from 37 to 32 to behave like other Linux architectures (Closes: #766635) * [hppa] udeb: Add many more module packages (Closes: #766793) * iwlwifi: Backport firmware monitor from 3.17 (Closes: #767088) * bug script: Warn if the running kernel matches the ABI name of the package but is not the installed version [ Mauricio Faria de Oliveira ] * [ppc64el] Disable CONFIG_CMDLINE{,_BOOL} usage for setting consoles (Closes: #764745) [ Uwe Kleine-König ] * [armhf] enable rtc driver for i.MX6 * [armhf] add chipidea usb host driver to usb-modules-$version-armmmp-di for i.MX6 * [armhf] enable PCI and NAND driver for Armada 370 * [armhf] enable RTC, GPIO_PCA953X, SENSORS_G762 and watchdog driver for Netgear ReadyNAS 102/104 [ Ian Campbell ] * [armhf] Build i2c-s3c2410 statically, it is used by the arndale power controller. * [armhf] Backport device tree file for Olimex A20-OLinuXino-LIME. (Closes: #764967) * [armhf] Enable various drivers for the Nokia N900. Patch from Sebastian Reichel. (Closes: #766070) * [arm64] Enable EHCI and OHCI platform USB HCD drivers. * Enable MTD and MTDBLOCK in top-level config. * [armhf] Add mtd-modules udeb. Patch from Uwe Kleine-Koenig. [ Aurelien Jarno ] * [mips*] Backport a hugetlb fix for Octeon from 3.18. * [mips*] Backport math emulation fix for MIPS32r2 from 3.18. * [mips*] Only define MAX_PHYSMEM_BITS on Loongson-3, until a better fix is committed upstream. Fixes Loongson-2 kernel and maybe more. Closes: #764223. * [mips*/octeon] Add support for the UBNT E200 board (EdgeRouter/EdgeRouter Pro 8 port). * [mips*/octeon] Enable SERIAL_8250_DW. Disable KEYBOARD_ATKBD, MOUSE_PS2, SERIO_I8042. * [mips*/octeon] Really enable USB_OCTEON_EHCI and USB_OCTEON_OHCI. Closes: Closes: #762066. -- Ben Hutchings Tue, 04 Nov 2014 09:47:27 +0000 linux (3.16.5-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.4 - module: Clean up ro/nx after early module load failures (regression in 3.16) - [armhf] cpufreq: OPP: Avoid sleeping while atomic - [armhf] drm/tilcdc: Fix various bugs in removal path - drm/ttm: Fix possible stack overflow by recursive shrinker calls. - [x86] drm/i915: Fix crash when failing to parse MIPI VBT (regression in 3.16) - [x86] drm/i915: read HEAD register back in init_ring_common() to enforce ordering (Closes: #763583) - libata: widen Crucial M550 blacklist matching - pata_scc: propagate return value of scc_wait_after_reset - pwm: Fix period and polarity in pwm_get() for non-perfect matches - aio: add missing smp_rmb() in read_events_ring - [arm64] flush TLS registers during exec - [arm64] use irq_set_affinity with force=false when migrating irqs (regression in 3.15) - [arm*] KVM: Nuke Hyp-mode tlbs before enabling MMU - [x86] i2c: ismt: use correct length when copy buffer - ftrace: Use current addr when converting to nop in __ftrace_replace_code() (regression in 3.16) - ALSA: core: fix buffer overflow in snd_info_get_line() - ALSA: firewire-lib/dice: add arrangements of PCM pointer and interrupts for Dice quirk (regression in 3.16) - HID: picolcd: sanity check report size in raw_event() callback (CVE-2014-3186) - HID: magicmouse: sanity check report size in raw_event() callback (CVE-2014-3181) - HID: logitech-dj: prevent false errors to be shown (regression in 3.16.2) - [x86] drm/i915: Skip load detect when intel_crtc->new_enable==true (regression in 3.16) - [x86] drm/i915: fix plane/cursor handling when runtime suspended (regression in 3.14) - [x86] drm/i915: Ignore VBT backlight presence check on Acer C720 (4005U) (regression in 3.15) - [x86] drm/i915: Wait for vblank before enabling the TV encoder (regression in 3.16) - [x86] drm/i915/hdmi: fix hdmi audio state readout (regression in 3.16) - drm/radeon: Add ability to get and change dpm state when radeon PX card is turned off (regression in 3.15) - locks: pass correct "before" pointer to locks_unlink_lock in generic_add_lease - ufs: fix deadlocks introduced by sb mutex merge (regression in 3.16) - USB: serial: fix potential stack buffer overflow - USB: serial: fix potential heap buffer overflow - USB: option: reduce interrupt-urb logging verbosity (regression in 3.16) - [armhf] usb: phy: twl4030-usb: Fix lost interrupts after ID pin goes down (regression in 3.13) - [armhf] usb: phy: twl4030-usb: Fix regressions to runtime PM on omaps (regressions in 3.14, 3.15) - uwb: init beacon cache entry before registering uwb device - usb: hub: take hub->hdev reference when processing from eventlist - USB: EHCI: unlink QHs even after the controller has stopped - Revert "ACPI / battery: fix wrong value of capacity_now reported when fully charged" (regression in 3.16) - [x86] iommu/vt-d: Check return value of acpi_bus_get_device() (regression in 3.15) - [armhf/armmp-lpae] iommu/arm-smmu: fix programming of SMMU_CBn_TCR for stage 1 - cgroup: check cgroup liveliness before unbreaking kernfs (regression in 3.15) - NFSv4: Fix another bug in the close/open_downgrade code (regression in 3.16.2) - nfsd4: fix corruption of NFSv4 read data (regression in 3.16) - nfs: check wait_on_bit_lock err in page_group_lock - nfs: clear_request_commit while holding i_lock - nfs: fix nonblocking calls to nfs_page_group_lock - nfs: use blocking page_group_lock in add_request - nfs: fix error handling in lock_and_join_requests - nfs: don't sleep with inode lock in lock_and_join_requests - nfs: disallow duplicate pages in pgio page vectors - nfs: can_coalesce_requests must enforce contiguity - [armhf] 8129/1: errata: work around Cortex-A15 erratum 830321 using dummy strex - [armhf] 8133/1: use irq_set_affinity with force=false when migrating irqs (regression in 3.15) - [armel,armhf] 8148/1: flush TLS and thumbee register state during exec - [armel,armhf] 8149/1: perf: Don't sleep while atomic when enabling per-cpu interrupts (regression in 3.15) - [armhf] imx: fix .is_enabled() of shared gate clock (regression in 3.16) - [armhf] 8165/1: alignment: don't break misaligned NEON load/store - [mips*] Fix MFC1 & MFHC1 emulation for 64-bit MIPS systems (regression in 3.15) - ACPICA: Update to GPIO region handler interface. - gpio / ACPI: Use pin index and bit length - ACPI / platform / LPSS: disable async suspend/resume of LPSS devices (regression in 3.16) - ACPI / hotplug: Generate online uevents for ACPI containers (regression in 3.14) - ACPI / video: disable native backlight for ThinkPad X201s (regression in 3.16) - regmap: Fix regcache debugfs initialization (regression in 3.15) - regmap: Fix handling of volatile registers for format_write() chips - regmap: Don't attempt block writes when syncing cache on single_rw devices - cgroup: reject cgroup names with '\n' - cgroup: delay the clearing of cgrp->kn->priv - cgroup: fix unbalanced locking (regression in 3.14) - [s390*] KVM: Fix user triggerable bug in dead code - [s390*] KVM: mm: try a cow on read only pages for key ops - [s390*] KVM: mm: Fix storage key corruption during swapping - [s390*] KVM: mm: Fix guest storage key corruption in ptep_set_access_flags - [x86] xen: don't copy bogus duplicate entries into kernel page tables - [x86] early_ioremap: Increase FIX_BTMAPS_SLOTS to 8 (regression in 3.16) - shmem: fix nlink for rename overwrite directory - SMB3: Fix oops when creating symlinks on smb3 - iio: Fix indio_dev->trig assignment in several drivers - Target/iser: Don't put isert_conn inside disconnected handler - target: Fix inverted logic in SE_DEV_ALUA_SUPPORT_STATE_STORE (regression in 3.13) - iscsi-target: Fix memory corruption in iscsit_logout_post_handler_diffcid - SCSI: libiscsi: fix potential buffer overrun in __iscsi_conn_send_pdu - Revert "iwlwifi: dvm: don't enable CTS to self" (regression in 3.16) - iwlwifi: mvm: fix endianity issues with Smart Fifo commands (regression in 3.14) - iwlwifi: mvm: set MAC_FILTER_IN_BEACON correctly for STA/P2P client (regression in 3.16) - workqueue: apply __WQ_ORDERED to create_singlethread_workqueue() (regression in 3.10) - futex: Unlock hb->lock in futex_wait_requeue_pi() error path - block: Fix dev_t minor allocation lifetime - dm cache: fix race causing dirty blocks to be marked as clean - percpu: fix pcpu_alloc_pages() failure path - percpu: perform tlb flush after pcpu_map_pages() failure - regulatory: add NUL to alpha2 - lockd: fix rpcbind crash on lockd startup failure (regression in 3.15) - genhd: fix leftover might_sleep() in blk_free_devt() - eventpoll: fix uninitialized variable in epoll_ctl - kcmp: fix standard comparison bug - fs/notify: don't show f_handle if exportfs_encode_inode_fh failed - nilfs2: fix data loss with mmap() - mm, slab: initialize object alignment on cache creation - fs/cachefiles: add missing \n to kerror conversions (regression in 3.16) - mm: softdirty: keep bit when zapping file pte - sched: Fix unreleased llc_shared_mask bit during CPU hotplug - brcmfmac: handle IF event for P2P_DEVICE interface (regression in 3.12) - ath9k_htc: fix random decryption failure (regression in 3.15) - [powerpc,ppc*] Add smp_mb() to arch_spin_is_locked() - [powerpc,ppc*] Add smp_mb()s to arch_spin_unlock_wait() - [hppa] Implement new LWS CAS supporting 64 bit operations. - alarmtimer: Return relative times in timer_gettime - alarmtimer: Do not signal SIGEV_NONE timers - alarmtimer: Lock k_itimer during timer callback - GFS2: fix d_splice_alias() misuses - IB/qib: Correct reference counting in debugfs qp_stats - IB/mlx4: Avoid null pointer dereference in mlx4_ib_scan_netdevs() (regression in 3.14) - IB/mlx4: Don't duplicate the default RoCE GID (regression in 3.14) - IB/core: When marshaling uverbs path, clear unused fields (regression in 3.14) - mm: Fix unbalanced mutex in dma_pool_create(). (regression in 3.16) - PCI: Add pci_ignore_hotplug() to ignore hotplug events for a device (regression in 3.15) - Revert "PCI: Don't scan random busses in pci_scan_bridge()" (regression in 3.15) - drm/nouveau/runpm: fix module unload - drm/radeon/px: fix module unload - fs: Fix nasty 32-bit overflow bug in buffer i/o code. - blk-mq: Avoid race condition with uninitialized requests - [x86] crypto: ccp - Check for CCP before registering crypto algs - nl80211: clear skb cb before passing to netlink - Revert "PCI: Make sure bus number resources stay within their parents bounds" (regression in 3.15) - cpufreq: release policy->rwsem on error (regression in 3.14) - cpufreq: fix cpufreq suspend/resume for intel_pstate (regression in 3.15) - media: it913x: init tuner on attach (regression in 3.15) - media: videobuf2-dma-sg: fix for wrong GFP mask to sg_alloc_table_from_pages (regression in 3.13) - media: vb2: fix vb2 state check when start_streaming fails (regression in 3.16.3) - media: vb2: fix plane index sanity check in vb2_plane_cookie() - md/raid1: clean up request counts properly in close_sync() (regression in 3.13) - md/raid1: be more cautious where we read-balance during resync. (regression in 3.13) - md/raid1: make sure resync waits for conflicting writes to complete. (regression in 3.13) - md/raid1: Don't use next_resync to determine how far resync has progressed (regression in 3.13) - md/raid1: update next_resync under resync_lock. (regression in 3.13) - md/raid1: count resync requests in nr_pending. (regression in 3.13) - md/raid1: fix_read_error should act on all non-faulty devices. - md/raid1: intialise start_next_window for READ case to avoid hang (regression in 3.13) - netfilter: xt_hashlimit: perform garbage collection from process context - mmc: mmci: Reverse IRQ handling for the arm_variant (regression in 3.15) - partitions: aix.c: off by one bug (regression in 3.11) - cpufreq: update 'cpufreq_suspended' after stopping governors - aio: block exit_aio() until all context requests are completed - ext4: propagate errors up to ext4_find_entry()'s callers - ext4: avoid trying to kfree an ERR_PTR pointer https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.5 - udf: Avoid infinite loop when processing indirect ICBs (CVE-2014-6410) - ASoC: core: fix possible ZERO_SIZE_PTR pointer dereferencing error. - perf: fix perf bug in fork() - mm: memcontrol: do not iterate uninitialized memcgs (regression in 3.14) - mm: migrate: Close race between migration completion and mprotect - [x86] ACPI / i915: Update the condition to ignore firmware backlight change request (regression in 3.16) - [x86] cpufreq: pcc-cpufreq: Fix wait_event() under spinlock (regression in 3.15) - md/raid5: disable 'DISCARD' by default due to safety concerns. - [x86] drm/i915: Flush the PTEs after updating them before suspend (regression in 3.12) - cifs: Fix problem recognizing symlinks (regression in 3.13) - ring-buffer: Fix infinite spin in reading buffer (regression in 3.16.3) - mm: numa: Do not mark PTEs pte_numa when splitting huge pages - media: vb2: fix VBI/poll regression [ Ian Campbell ] * [armhf] Add Exynos5 disk/usb/nic modules to udebs. * [armhf] Backport BananaPi device tree files. Patch from Karsten Merker (Closes: #763897). [ Ben Hutchings ] * [hppa/parisc64-smp] Work around gcc 4.8 miscompilation (Closes: #762390) * [powerpc/powerpc64,ppc64*] video/fb: Change FB_MATROX, FB_RADEON, FB_ATY, FB_SIS, FB_3DFX, FB_VOODOO1 back to modules (Closes: #748398) * udeb: Add pata_rdc to pata-modules (Closes: #633128) * [s390*] 3215: fix tty output containing tabs (Closes: #758264) * radeon: Don't check for installed firmware if driver is built-in (Closes: #763305) * Bump ABI to 3 * vfs: fold swapping ->d_name.hash into switch_names() * vfs: Don't exchange "short" filenames unconditionally. (Closes: #763700) * [hppa,m68k,mips/r4k-ip22,sparc*] bluetooth: Enable BT as module (Closes: #764524) [ Aurelien Jarno ] * [arm64] Change RTC_DRV_PL031 and RTC_DRV_XGENE from modules to built-ins as the kernel isn't able to initialize the system clock from a hardware clock whose driver is a module, and as there is no initramfs mechanism to do that. * [armhf] Change RTC_DRV_DA9052, RTC_DRV_IMXDI, RTC_DRV_MC13XXX, RTC_DRV_MV, RTC_DRV_MXC, RTC_DRV_OMAP, RTC_DRV_PL030, RTC_DRV_PL031, RTC_DRV_S5M, RTC_DRV_SUNXI, RTC_DRV_VT8500 from modules to built-ins for the same reason as above. -- Ben Hutchings Fri, 10 Oct 2014 09:15:17 +0100 linux (3.16.3-2) unstable; urgency=medium [ Ben Hutchings ] * [s390*] syscall: Fix unimplented-syscall entries added before memfd_create() (fixes FTBFS) (Closes: #762221) * [armel/kirkwood] Change configuration to reduce kernel image size (fixes FTBFS) (Closes: #762219) - block: Change IOSCHED_DEADLINE to module - gpu: Disable VGA_ARB [ Aurelien Jarno ] * [mips*/octeon] Enable OCTEON_USB, USB_EHCI_HCD, USB_OHCI_HCD, and USB_OCTEON_EHCI, USB_OCTEON_OHCI (Closes: #762066). -- Bastian Blank Sat, 20 Sep 2014 11:43:05 +0200 linux (3.16.3-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.3 - reiserfs: fix corruption introduced by balance_leaf refactor (regression in 3.16) (Closes: #761457) - reiserfs: Fix use after free in journal teardown - media: v4l: vb2: Fix stream start and buffer completion race - [x86] iommu/vt-d: Exclude devices using RMRRs from IOMMU API domains - [powerpc*] powerpc/powernv: Fix IOMMU group lost (regression in 3.15) - [x86] iommu/vt-d: Defer domain removal if device is assigned to a driver - [x86] iommu/amd: Fix cleanup_domain for mass device removal - [s390*] locking: Reenable optimistic spinning - firmware: Do not use WARN_ON(!spin_is_locked()) - CAPABILITIES: remove undefined caps from all processes - fanotify: fix double free of pending permission events - ocfs2: do not write error flag to user structure we cannot copy from/to - [powerpc*] mm: fix potential infinite loop in dissolve_free_huge_pages() - drivers/mfd/rtsx_usb.c: export device table (Closes: #761428) - [powerpc*] mm: Use read barrier when creating real_pte - [powerpc*] thp: Add write barrier after updating the valid bit - [powerpc*] thp: Invalidate old 64K based hash page mapping before insert of 4k pte - [powerpc*] thp: Handle combo pages in invalidate - [powerpc*] thp: Invalidate with vpn in loop - [powerpc*] thp: Use ACCESS_ONCE when loading pmdp - SCSI: save command pool address of Scsi_Host (regression in 3.15) - fix regression in SCSI_IOCTL_SEND_COMMAND (regression in 3.16) - [mips*] GIC: Prevent array overrun - [mips*] ptrace: Test correct task's flags in task_user_regset_view() - [mips*] ptrace: Change GP regset to use correct core dump register layout - [mips*] ptrace: Avoid smp_processor_id() when retrieving FPU IR - [mips*] syscall: Fix AUDIT value for O32 processes on MIPS64 - [mips*] scall64-o32: Fix indirect syscall detection - [mips,powerpc] bfa: Fix undefined bit shift on big-endian architectures with 32-bit DMA address - ACPI / hotplug: Check scan handlers in acpi_scan_hot_remove() (regression in 3.14) - ACPI: Run fixed event device notifications in process context (regression in 3.15) - ACPI / scan: Allow ACPI drivers to bind to PNP device objects (regression in 3.16) - ACPI / EC: Add support to disallow QR_EC to be issued when SCI_EVT isn't set (regression in 3.14.13, 3.16) - ACPI / EC: Add support to disallow QR_EC to be issued before completing previous QR_EC (regression in 3.14.13, 3.16) - ACPI / scan: not cache _SUN value in struct acpi_device_pnp (regression in 3.14) - ACPI / video: Add a disable_native_backlight quirk - ACPI / video: Disable native_backlight on HP ENVY 15 Notebook PC - ring-buffer: Always reset iterator to reader page - ring-buffer: Up rb_iter_peek() loop count to 3 - vfs: get rid of propagate_umount() mistakenly treating slaves as busy. (regression in 3.15) - Bluetooth: Fix tracking local SSP authentication requirement - Bluetooth: Avoid use of session socket after the session gets freed - vfs: __generic_file_write_iter(): fix handling of sync error after DIO (regression in 3.16) - rbd: rework rbd_request_fn() (regression in 3.15) - vfs: fix copy_tree() regression (regression in 3.14) - md/raid1,raid10: always abort recover on write error. - md/raid5: avoid livelock caused by non-aligned writes. (regression in 3.16) - md/raid6: avoid data corruption during recovery of double-degraded RAID6 - md/raid10: fix memory leak when reshaping a RAID10. - xfs: ensure verifiers are attached to recovered buffers - xfs: quotacheck leaves dquot buffers without verifiers - xfs: don't dirty buffers beyond EOF - xfs: don't zero partial page cache pages during O_DIRECT writes - xfs: don't zero partial page cache pages during O_DIRECT reads - libceph: set last_piece in ceph_msg_data_pages_cursor_init() correctly - libceph: gracefully handle large reply messages from the mon - libceph: do not hard code max auth ticket len (CVE-2014-6416, CVE-2014-6417, CVE-2014-6418) - CIFS: Fix async reading on reconnects - CIFS: Possible null ptr deref in SMB2_tcon - CIFS: Fix wrong directory attributes after rename - mtd/ftl: fix the double free of the buffers allocated in build_maps() - mtd: nand: omap: Fix 1-bit Hamming code scheme, omap_calculate_ecc() - dm table: propagate QUEUE_FLAG_NO_SG_MERGE (regression in 3.16) - KEYS: Fix use-after-free in assoc_array_gc() - KEYS: Fix termination condition in assoc array garbage collection (CVE-2014-3631) [ Ben Hutchings ] * sfc: Adding PCI ID for Solarflare 7000 series 40G network adapter. * sfc: Add 40G link capability decoding * Bump ABI to 2 (Closes: #761874) * ata: Enable SATA_ZPODD * tracing: Enable TRACER_SNAPSHOT * Add memfd_create() and shared memory sealing (Closes: #760702): - mm: allow drivers to prevent new writable mappings - shm: add sealing API - shm: add memfd_create() syscall - shm: wait for pins to be released when sealing - mm: Add memfd_create() system call - [arm*,m68k,mips*,powerpc*,s390*,sparc*] Wire up memfd_create() * udeb: Add ccm, ctr to crypto-modules (Closes: #761902) * [armhf] udeb: Add ehci-platform, ohci-platform and phy-sun4i-usb to usb-modules (Closes: #761591) [ Ian Campbell ] * [armhf] Enable support for Exynos5 systems. (Closes: #759291) * [arm64] Enable crypto accelerator modules * [arm64] Add cdrom-core-modules udeb [ Aurelien Jarno ] * [powerpc/powerpc64,ppc64el] Backport more KVM patches from 3.17. Enable KVM_BOOK3S_64, KVM_BOOK3S_64_HV, KVM_BOOK3S_64_PR and KVM_XICS. (Closes: #761656). -- Ben Hutchings Thu, 18 Sep 2014 03:32:47 +0100 linux (3.16.2-3) unstable; urgency=medium [ Ben Hutchings ] * [armhf] udeb: Remove efi-modules, as EFI is not yet supported on ARM! * [arm64] ata: Enable PHY_XYGENE, AHCI_XGENE as modules - udeb: Add ahci_xgene to sata-modules (fixes FTBFS) * [arm64] rtc: Enable RTC_DRV_XGENE as module * mfd,mmc,memstick: Enable MFD_RTSX_USB, MMC_REALTEK_USB, MEMSTICK_REALTEK_USB as modules (Closes: #761099) * [mips64,mips64el] Properly add the 5kc-malta flavour (should fix FTBFS) * batman-adv: Enable BATMAN_ADV_MCAST * can: Enable CAN_GS_USB as module * bluetooth: Enable BT_6LOWPAN * ubi: Enable MTD_UBI_BLOCK * md: Enable DM_ERA as module * qlcnic: Enable QLCNIC_VXLAN * net/wireless: Enable RSI_91X, RSI_USB as modules - udeb: Add rsi_usb to nic-wireless-modules * i2c: Enable I2C_ROBOTFUZZ_OSIF as module * mfd,gpio,i2c,iio: Enable MFD_VIPERBOARD, GPIO_VIPERBOARD, I2C_VIPERBOARD, VIPERBOARD_ADC as modules * media/usb/gspca: Enable USB_GSPCA_DTCS033 as module * media/pci/cx23885: Enable MEDIA_ALTERA_CI as module * sound/usb: Enable SND_USB_HIFACE, SND_BCD2000 as modules * usb/misc: Enable USB_EHSET_TEST_FIXTURE as module * usb/gadget: Enable USB_NET2280 as module * leds: Enable LEDS_TRIGGER_CPU as built-in and LEDS_TRIGGER_ONESHOT, LEDS_TRIGGER_GPIO, LEDS_TRIGGER_TRANSIENT, LEDS_TRIGGER_CAMERA as modules * uio: Enable UIO_MF624 as module * iio: Enable HID_SENSOR_PROX, HID_SENSOR_DEVICE_ROTATION, HID_SENSOR_PRESS as modules * ecryptfs: Enable ECRYPT_FS_MESSAGING * ceph: Enable CEPH_FSCACHE * crypto: Enable CRYPTO_LZ4, CRYPTO_LZ4HC as modules * [x86] mfd,gpio,i2c,watchdog: Enable KEMPLD_MFD, GPIO_KEMPLD, I2C_KEMPLD, KEMPLD_WDT as modules * [x86] staging: Enable R8723AU as module * [x86] staging: Enable WIMAX_GDM72XX as modules - gdmwm: Enable WIMAX_GDM72XX_USB, WIMAX_GDM72XX_USB_PM * [x86] staging/media: Enable DVB_AS102, USB_MSI3101, MEDIA_TUNER_MSI001, SOLO6X10 as modules * [x86] dvb-usb-rtl28xxu: Enable DVB_RTL2832_SDR * [x86] platform: Enable ALIENWARE_WMI, DELL_SMO8800, IBM_RTL, SAMSUNG_Q10, INTEL_RST, INTEL_SMARTCONNECT (Closes: #749273), PVPANIC as modules * [x86] sony-laptop: Enable SONYPI_COMPAT * [x86,ia64] firmware: Enable DMI_SYSFS * [x86] Disable USB_SN9C102; this driver is deprecated in favour of the gspca drivers * [i386] usb/gadget: Enable USB_AMD5536UDC as module * [i386] comedi: Enable COMEDI_AMPLC_DIO200_ISA, COMEDI_AMPLC_PC236_ISA, COMEDI_AMPLC_PC263_ISA, COMEDI_DAS08_ISA, COMEDI_NI_LABPC_ISA as modules * [i386] speakup: Enable SPEAKUP_SYNTH_DECPC as module * [!x86] staging: Enable R8712U, R8188EU as modules (Closes: #742055, #760859) * i2o: Disable I2O_EXT_ADAPTEC on 64-bit, as it assumes 32-bit virtual addresses * SCSI: aic94xx: Remove broken fallback for missing 'Ctrl-A' user settings * udeb: Add ath6kl_sdio, libertas_cs, libertas_sdio, mwifiex_sdio, r8192u_usb, r8723au, rtl8188eu, rtl818x_pci, rtl8723be, rtl8821ae, spectrum_cs to nic-wireless-modules * builddeb: put the dbg files into the correct directory * [ppc64el] deb-pkg: Add support for powerpc little endian * [armhf] deb-pkg: Add automatic support for armhf architecture * debian/rules.real: Never make kernel-wedge errors non-fatal, as in practice this meant we didn't see them until they appeared in unstable * udeb: Fix typo in dependencies of speakup-modules (fixes FTBFS on mips64el due to interaction with another bug in kernel-wedge) * libceph: Apply critical fixes: - set last_piece in ceph_msg_data_pages_cursor_init() correctly - gracefully handle large reply messages from the mon - add process_one_ticket() helper - do not hard code max auth ticket len [ Ian Campbell ] * [armel/orion5x] udeb: Include mvmdio in nic-modules udeb. * [arm64] Backport X-GENE Ethernet driver from v3.17-rcs * [arm64] Including phy-xgene in sata-modules udeb since it is needed by ahci_xgene. [ Aurelien Jarno ] * [mips64el] Drop loongson-2e and loongson-2f flavour as the minimum supported ISA will be at least MIPS64. -- Ben Hutchings Sat, 13 Sep 2014 03:49:53 +0100 linux-tools (3.16-2) unstable; urgency=medium * linux-kbuild: Change the type headers used for devicetable-offsets.c to avoid depending on UAPI headers or . This really closes: #754213. It also fixes modpost handling of input device IDs when host and target have differing word size. -- Ben Hutchings Tue, 09 Sep 2014 13:21:05 +0100 linux-tools (3.16-1) unstable; urgency=medium * New upstream release [ Mauricio Faria de Oliveira ] * [ppc64el] Build linux-tools binary package (Closes: #754213) [ Ben Hutchings ] * linux-kbuild: Build and install recordmcount and recordmcount.pl, needed for kernels with DYNAMIC_FTRACE enabled * linux-kbuild: Fix recordmcount dependency for OOT modules -- Ben Hutchings Mon, 08 Sep 2014 18:45:06 +0100 linux (3.16.2-2) unstable; urgency=medium [ Ben Hutchings ] * [armel,mips*] udeb: Remove lzo-modules, as LZO_COMPRESS is now built-in (fixes FTBFS) -- Ben Hutchings Mon, 08 Sep 2014 18:39:25 +0100 linux (3.16.2-1) unstable; urgency=medium * New upstream stable update (closes: #748615): https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.1 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.2 - isofs: Fix unbounded recursion when processing relocated directories (CVE-2014-5471, CVE-2014-5472) - kvm: iommu: fix the third parameter of kvm_iommu_put_pages (CVE-2014-3601) [ Ben Hutchings ] * HID: Enable HID_RMI as module (Closes: #754519) * Set ABI to 1 * [armhf,arm64] udeb: Add efi-modules * ftrace: Enable more tracers (Closes: #563847, #758469): - Enable FUNCTION_TRACER and DYNAMIC_FTRACE - Enable FUNCTION_GRAPH_TRACER, FTRACE_SYSCALLS and STACK_TRACER (except on armel/kirkwood) * [powerpc] drm: Disable DRM_RADEON_UMS, as radeon X driver now requires KMS * aio: fix reqs_available handling (regression in 3.14.10) * mm: Enable FRONTSWAP, ZSWAP (except armel/{ixp4xx,orion5x}) (Closes: #725703) * [x86] mgag200: Enable auto-loading, but require mode-setting to be explicitly enabled (as xserver-xorg-video-modesetting does) * [armel] Remove obsolete mv78xx0 flavour * virtio-scsi: Implement change_queue_depth for virtscsi targets (Closes: #760324) * sound/firewire: Enable SND_DICE, SND_FIREWORKS, SND_BEBOB as modules (Closes: #756842) * hid-sony: Enable SONY_FF (Closes: #760684) * mtd: Enable MTD_SPI_NOR as module, since M25P80 now depends on it * [m68k] Enable CGROUPS, required by systemd * [armhf] Re-enable SPI_IMX as module * [i386] comedi: Enable COMEDI_DAC02 as module, replacing COMEDI_POC * sound: Disable SND_CS5535AUDIO on all but i386 and mips*/loongson-2f * [mips*/loongson-2f] video: Re-add and enable sm7xxfb driver, removed upstream in 3.15 * mnt: Fix flag handling on remount (CVE-2014-5206, CVE-2014-5207) - mnt: Only change user settable mount flags in remount - mnt: Move the test for MNT_LOCK_READONLY from change_mount_flags into do_remount - mnt: Correct permission checks in do_remount - mnt: Change the default remount atime from relatime to the existing value - mnt: Add tests for unprivileged remount cases that have found to be faulty * [armel/kirkwood] mm: Enable HIGHMEM (Closes: #760786) * aufs: Update to aufs3.16-20140908: - bugfix, missing mnt_want_write in moo - new ioctl BRINFO - bugfix, restore the lost unlock in an error path - allow deleting a branch who has an opened dir - bugfix, stop passing an error code to dput() - possible bugfix, ptr in an array - implement fhsm (not enabled) - si_files has all opened files - bugfix, use id instead of index to identify a branch - new move-down flag AUFS_MVDOWN_FHSM_LOWER - branch attr 'fhsm' is independent from rw/ro attrib - support for a branch ro+fhsm - fhsm notify after fixing inode attrib - bugfix, hfile test in br_del_file() - bugfix, pinning in mvdown - bugfix, instantiate-revalidate race - possible bugfix, temporary d_inode - fhsm and br_del, allow the root dir only - bugfix, get a removed dentry from an inode * MAINTAINERS: Change aufs entry to say it's not upstream [ Vagrant Cascadian ] * [armmp] Enable IMX_IPUV3_CORE (closes: #756810). [ Aurelien Jarno ] * [mips*] Fix FP emulation for unaligned accesses. * Update Spanish debconf template translations (Matias A. Bellone) (Closes: #758591). * [mips*/loongson3] Backport Loongson 3B support from 3.17. * [powerpc,ppc64el] Backport KVM little endian support from 3.17. [ maximilian attems ] * Redisable UAS due to trouble with Seagate expansion drives (closes: #755995, #759662), (reopen: #749014). [ Ian Campbell ] * [armhf] Remove incomplete list of hardware from image description. See https://wiki.debian.org/DebianKernel/ARMMP for details. * [armel/kirkwood] Enable CONFIG_MTD_SPI_NOR for flash access. * [ppc64el] debian/patches/debian/ppc64el-disable-zImage.patch: remove patch. The 'powerpc/boot: 64bit little endian wrapper' patch-set is in linux 3.16, thus the default make/image-y target is OK now. -- Ben Hutchings Mon, 08 Sep 2014 03:17:11 +0100 linux (3.16-1~exp1) experimental; urgency=medium * New upstream release: http://kernelnewbies.org/Linux_3.16 [ Aurelien Jarno ] * [x86] vfio: Enable VFIO_PCI_VGA. * udeb: rename crc32c.ko into crc32c_generic.ko in crc-modules. * [mips*] Fix FP emulation. * [mips*/loongson3] Enable TRANSPARENT_HUGEPAGE. [ Bastian Blank ] * [x86] Enable Xen PVH support. * Enable more Nftables modules. * [x86] Enable EARLY_PRINTK_EFI. * Enable stack protector on all supported architectures. (closes: #756898) * [powerpc64, s390x] Enable PCI hotplug. * Enable RTL8723BE. * Enable OPROFILE. * [ppc64] Enable 64KiB pages. [ Ben Hutchings ] * udeb: Add new sound drivers to sound-modules (thanks to Samuel Thibault) (Closes: #756998) * [armhf] touchscreen: Enable TOUCHSCREEN_SUN4I as module (Closes: #757086) * [!alpha,m68k,x86] Disable USELIB, only needed by libc5 * [arm*,ia64,ppc64el,s390*,sh4] Disable SYSFS_SYSCALL, only needed for SVR4 compatibility * [armel] Disable BINFMT_AOUT * [armel] Re-enable ixp4xx flavour * [armel] Change configuration to reduce kernel image size - [/kirkwood] Change IPV6 to module - [/ixp4xx,orion5x] Change IOSCHED_DEADLINE to module - [/ixp4xx,orion5x] Disable SECURITY (i.e. Linux Security Modules, including SELinux) -- Ben Hutchings Sat, 09 Aug 2014 21:58:12 +0100 linux-tools (3.16~rc7-1~exp1) experimental; urgency=medium * New upstream release candidate [ Ben Hutchings ] * genorig: Include new directory for usbip UAPI header * debian/control: Update Build-Depends for usbip switching from libsysfs to libudev * perf: Build with V=1 as V=2 no longer works * perf: Change build command to avoid a rebuild during 'make install' * linux-tools: Install traceevent plugins in /usr/lib/traceevent_/plugins (Closes: #756429) * linux-kbuild: Install scripts/Makefile.extrawarn -- Ben Hutchings Tue, 29 Jul 2014 21:11:10 +0100 linux (3.16~rc6-1~exp1) experimental; urgency=medium * New upstream rc [ Aurelien Jarno ] * [mipsel/loongson3] Enable SND_HDA_INTEL. * [mips/4kc-malta, mips/5kc-malta] Cleanup configuration file. * [mips/sb1-bcm91250a] Cleanup configuration file. * [mips/r4k-ip22] Cleanup configuration file. * [mips/r5k-ip32] Cleanup configuration file. * [mips64,mips64el] Add a 5kc-malta flavour. [ Ben Hutchings ] * [x86] wireless: Enable R8192EE as module (Closes: #755310) * net: Re-enable CGROUP_NET_PRIO as builtin -- maximilian attems Mon, 21 Jul 2014 21:51:45 +0200 linux (3.16~rc5-1~exp1) experimental; urgency=medium [ maximilian attems ] * New upstream rc [ Ben Hutchings ] * aufs: Update to aufs3.x-rcN-20140714: - tiny, no msg in spinlock regeion - minor bugfix, correct error value in link(2) - O_TMPFILE support - bugfix, handling an error in opening a FIFO - propagate aufs file references to new vmas created by remap_file_pages() - begin supporting fallocate(2) - linux-3.16, convert iovec into iov_iter - allow an unprivileged mount under user_ns (enabled by module parameter) - simply handing attribute string - add mount option for copy-up on open - add mount option for move-up on open - add dirperm1 mount option - mvdown, return a subset of statfs(2) optionally - mvdown, tell about the branch is at the bottom -- maximilian attems Tue, 15 Jul 2014 22:57:31 +0200 linux (3.15.5-1~exp1) experimental; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.4 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.5 -- maximilian attems Thu, 10 Jul 2014 16:02:29 +0200 linux (3.15.3-1~exp1) experimental; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.2 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.3 [ Yunqiang Su ] * [mips,mipsel] Move common MIPS kernel config files to kernelarch-mips. * [mips,mipsel] Clean mipsel installer by using symlinks to the mips versions. * [mips,mipsel] Add mips64 and mips64el support (Closes: #749688). -- maximilian attems Wed, 02 Jul 2014 20:30:41 +0200 linux (3.15.1-1~exp1) experimental; urgency=medium * New upstream release: http://kernelnewbies.org/Linux_3.15 * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.1 [ maximilian attems ] * Update policy version to 3.9.5 without changes [ Ian Campbell ] * [armhf] Enable HDMI on imx6qdl-wandboard, SolidRun HummingBoard and Cubox -i. (Closes: #750406) [ Ben Hutchings ] * [powerpc] Build-depend on gcc-4.8 (>= 4.8.2-1) to ensure that JUMP_LABEL works -- maximilian attems Fri, 20 Jun 2014 23:13:13 +0200 linux (3.15~rc8-1~exp1) experimental; urgency=medium * New upstream release candidate [ Ian Campbell ] * [armhf] Enable Broadcom IEEE802.11n embedded FullMAC WLAN driver (Closes: #734430) * [armhf] Backport and enable sunxi MMC driver (Closes: #749484) -- maximilian attems Tue, 03 Jun 2014 11:43:26 +0200 linux (3.15~rc7-1~exp1) experimental; urgency=medium * New upstream release candidate [ maximilian attems ] * Enable USB_UAS in topconfig (closes: #749014) [ Ian Campbell ] * [armhf] Enable SERIAL_OF_PLATFORM. * [armhf] Enable DRM drivers DRM_IMX_* for IMX platform (Closes: #748406) * [armhf] Enable SND_SOC_IMX_SPDIF (Closes: #748890) -- maximilian attems Tue, 27 May 2014 10:55:32 +0200 linux (3.15~rc5-1~exp1) experimental; urgency=medium * New upstream release candidate [ Ben Hutchings ] * aufs: Update to aufs3.x-rcN-20140421 * [rt] Disable until it is updated for 3.15 or later [ Aurelien Jarno ] * [mipsel] Add a loongson-3 flavour to support Loongson 3A/3B machines. * [mips/mipsel] Remove the sb1a-bcm91480b flavour. [ Ian Campbell ] * [armel/orion5x] Disable BPF_JIT, MEMCG, USER_NS to reduce kernel size. * [armel/kirkwood] Enable PCI_MVEBU for PCI support when booted via Device Tree. -- maximilian attems Fri, 16 May 2014 14:33:57 +0200 linux (3.14.15-2) unstable; urgency=medium [ Aurelien Jarno ] * [mips*/4kc-malta] Remove ABI reference as previous kernels were not really usable, and the fix changes the ABI. -- Ben Hutchings Sat, 09 Aug 2014 01:09:38 +0100 linux (3.14.15-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.14 - Bluetooth: Ignore H5 non-link packets in non-active state - fuse: timeout comparison fix - tracing: instance_rmdir() leaks ftrace_event_file->filter (regression in 3.11) - xen/balloon: set ballooned out pages as invalid in p2m (regression in 3.12) - quota: missing lock in dqcache_shrink_scan() (regression in 3.12) - shmem: fix faulting into a hole, not taking i_mutex (CVE-2014-4171) - shmem: fix splicing from a hole while it's punched (CVE-2014-4171) - e1000e: Fix SHRA register access for 82579 (regression in 3.12) - ip_tunnel: fix ip_tunnel_lookup - net: sctp: check proc_dointvec result in proc_sctp_do_auth - 8021q: fix a potential memory leak - net: fix UDP tunnel GSO of frag_list GRO packets - ipv4: fix dst race in sk_dst_get() - ipv4: irq safe sk_dst_[re]set() and ipv4_sk_update_pmtu() fix - bnx2x: fix possible panic under memory stress - tcp: Fix divide by zero when pushing during tcp-repair - ipv4: icmp: Fix pMTU handling for rare case - net: Fix NETDEV_CHANGE notifier usage causing spurious arp flush (regression in 3.11) - igmp: fix the problem when mc leave group - appletalk: Fix socket referencing in skb - netlink: Fix handling of error from netlink_dump(). - tipc: clear 'next'-pointer of message fragments before reassembly (regression in 3.13) - net: sctp: fix information leaks in ulpevent layer - bonding: fix ad_select module param check (regression in 3.14) - net-gre-gro: Fix a bug that breaks the forwarding path (regression in 3.14) - perf/x86/intel: ignore CondChgd bit to avoid false NMI handling - mwifiex: fix Tx timeout issue - [x86] tsc: Fix cpufreq lockup (regression in 3.14) - dm thin metadata: do not allow the data block size to change - dm cache metadata: do not allow the data block size to change - locking/mutex: Disable optimistic spinning on some architectures - sched: Fix possible divide by zero in avg_atom() calculation - aio: protect reqs_available updates from changes in interrupt handlers (regression in 3.14.10) - Don't trigger congestion wait on dirty-but-not-writeout pages (regression in 3.11) https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.15 - nfs: only show Posix ACLs in listxattr if actually present (regression in 3.14) - block: don't assume last put of shared tags is for the host - libata: support the ata host which implements a queue depth less than 32 (regression in 3.14.4) - libata: introduce ata_host->n_tags to avoid oops on SAS controllers - blkcg: don't call into policy draining if root_blkg is already gone - coredump: fix the setting of PF_DUMPCORE - [hppa] Remove SA_RESTORER define - hwmon: (smsc47m192) Fix temperature limit and vrm write operations - fs: umount on symlink leaks mnt count (CVE-2014-5045) - [x86] x86_32, entry: Store badsys error code in %eax (regression in 3.14.10) - drm/radeon: fix irq ring buffer overflow handling (regression in 3.14) - mm: hugetlb: fix copy_hugetlb_page_range() (regression in 3.14.12) - [x86] efi: Include a .bss section within the PE/COFF headers - nl80211: move set_qos_map command into split state (regression in 3.14) - platform_get_irq: Revert to platform_get_resource if of_irq_get fails (regression in 3.14.6) [ Aurelien Jarno ] * Update German debconf template translations (Holger Wansing) (Closes: #756049). * Update French debconf template translations (David Prévot) (Closes: #756134). * Rewrite postinst to not require File::stat perl module (Closes: #756207). * [mips*] Avoid smp_processor_id() in preemptible code. * [mips*/octeon] Fix /proc/cpuinfo issues. * [mips,mipsel/4kc-malta] Fix bug which can cause incorrect system call restarts (fix hang on boot). * [mips*] Fix hugepage support on machines with R4K like TLB. * [mips*] Prevent user from setting FCSR cause bits and cause possible kernel oops. * Update Japanese debconf template translations (Victory). [ Ben Hutchings ] * [amd64] Reject x32 executables if x32 ABI not supported * [amd64] Make x32 syscall support conditional on a kernel parameter * [amd64] Enable X86_X32 (Closes: #708070) and X86_X32_DISABLED. Use the kernel parameter "syscall.x32=y" to enable support for x32. * [s390,s390x] 3215: fix hanging console issue (Closes: #747922) * [armhf] Enable BRCMFMAC, BRCMFMAC_SDIO as modules (Closes: #734430) * net: sctp: inherit auth_capable on INIT collisions (CVE-2014-5077) -- Ben Hutchings Thu, 07 Aug 2014 16:47:21 +0100 linux (3.14.13-2) unstable; urgency=medium [ Aurelien Jarno ] * [mips64,mips64el] Really enable mips64 and mips64el architectures. * [mips64,mips64el] Build udebs for 5kc-malta flavour. * [mipsel,mips64el/loongson-3] Disable not built modules in nic-modules, scsi-common-modules, scsi-extra-modules, scsi-modules (fixes FTBFS). * Add scsi_transport_sas and scsi_transport_spi to scsi-core-modules udeb as optional so that these modules do not end up in two different udebs as dependencies. Remove them from the i386, ia64, powerpc and sparc definition. * [mipsel,mips64el/loongson-2e,2f] Enable CONFIG_RTC_DRV_CMOS as built-in. * [mips*] Add few new udebs and use standard udebs configuration when possible. * [s390,s390x] ptrace: fix PSW mask check (CVE-2014-3534). * [mipsel,mips64el/loongson-3] Enable PREEMPT instead of PREEMPT_VOLUNTARY as it workarounds SMP issues. -- Aurelien Jarno Thu, 24 Jul 2014 21:05:08 +0200 linux (3.14.13-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.13 - iio: ti_am335x_adc: Fix: Use same step id at FIFOs both ends (regression in 3.11) - [hppa] Do not hardcode maximum userspace stack size (regression in 3.14) - workqueue: fix dev_set_uevent_suppress() imbalance (regression in 3.10) - workqueue: zero cpumask of wq_numa_possible_cpumask on init (regression in 3.10) - i8k: Fix non-SMP operation (regression in 3.14) - Revert "ACPI / AC: Remove AC's proc directory." (regression in 3.13) - ACPI / resources: only reject zero length resources based at address zero (regression in 3.14) - ACPI / EC: Avoid race condition related to advance_transaction() - ACPI / EC: Fix race condition in ec_transaction_completed() - [x86] crypto: sha512_ssse3 - fix byte count to bit count conversion - [arm64] implement TASK_SIZE_OF - phy: core: Fix error path in phy_create() - dm io: fix a race condition in the wake up code for sync_io - [x86] intel_pstate: Fix setting VID (regression in 3.14.6) - PCI: Fix unaligned access in AF transaction pending test (regression in 3.14) - ext4: fix unjournalled bg descriptor while initializing inode bitmap - ext4: fix a potential deadlock in __ext4_es_shrink() - drm/radeon: stop poisoning the GART TLB - [x86] drm/i915: Don't clobber the GTT when it's within stolen memory [ Ian Campbell ] * [armel] Remove drivers/net/phy configs which are redundant with toplevel. * [armhf] Add MMC and NIC modules for BeagleBone Black to udebs. (Closes: #754491) * [arm64] Add xfs-modules udeb and add xen-netfront to nic-modules udeb. * aufs: Fix build on arm64. [ Aurelien Jarno ] * [mips,mipsel] Add a debconf note to warn users that they have to configure the system bootloader to load initramfs. * Update Polish debconf template translations (Łukasz Dulny). * Update Czech debconf template translations (Michal Simunek) (Closes: #755060). * Update Russian debconf template translations (Yuri Kozlov) (Closes: #755085). * Update Portuguese debconf template translations (Américo Monteiro) (Closes: #755100). * Update Swedish debconf template translations (Martin Bagge) (Closes: #755145). * Update Slovak debconf template translation (Slavko) (Closes: #755152). * Update Turkish debconf template translation (Mert Dirik) (Closes: #755223). * Update Danish debconf template translation (Joe Dalton) (Closes: #755400). * [mips,mipsel] Cleanup configuration files. * [mips,mipsel] Move common MIPS kernel config files to kernelarch-mips. * [mips,mipsel] Clean mipsel installer by using symlinks to the mips versions. * [mipsel] Backport Loongson 3A/3B support from 3.15 and add the corresponding flavour. * [mips,mipsel] Remove the sb1a-bcm91480b flavour. * [mips,mipsel] Add mips64 and mips64el support (Closes: #749688). * [mips/octeon] Backport from upstream PCIe2 support and interface mode detection for Octeon. * [mips/sb1-91250a] Backport from upstream additional build flags to fix excessive kernel warnings. * [mips/malta] Backport from upstream power management support for Malta. * [mipsel/loongson3] Add support for Loongson 3 LS3A RS780E 1-way boards. [ Ben Hutchings ] * net/l2tp: don't fall back on UDP [get|set]sockopt (CVE-2014-4943) * Bump ABI to 2 (Closes: #754902) * [powerpc/powerpc64] Re-enable JUMP_LABEL * [powerpc/powerpc64,ppc64] Enable PPC_TRANSACTIONAL_MEM * Enable DYNAMIC_DEBUG (except for armel/orion5x) (Closes: #694884) * [rt] Update to 3.14.12-rt9 (no functional changes) * udeb: Add sdhci-acpi to mmc-modules (Closes: #747284) -- Ben Hutchings Mon, 21 Jul 2014 14:02:14 +0100 linux (3.14.12-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.11 - iscsi-target: Avoid rejecting incorrect ITT for Data-Out - iscsi-target: Explicily clear login response PDU in exception path (regression in 3.10) - iscsi-target: fix iscsit_del_np deadlock on unload (regression in 3.13) - Input: synaptics - fix resolution for manually provided min/max (regression in 3.14) - [mips] MSC: Prevent out-of-bounds writes to MIPS SC ioremap'd region - UBIFS: fix an mmap and fsync race condition - UBIFS: Remove incorrect assertion in shrink_tnc() - IB/ipath: Translate legacy diagpkt into newer extended diagpkt - IB/srp: Fix a sporadic crash triggered by cable pulling - IB/umad: Fix error handling - IB/umad: Fix use-after-free on close - nfsd4: fix FREE_STATEID lockowner leak (regression in 3.14.6) - nfsd: getattr for FATTR4_WORD0_FILES_AVAIL needs the statfs buffer - NFS: Don't declare inode uptodate unless all attributes were checked - nfs: Fix cache_validity check in nfs_write_pageuptodate() - [powerpc] mm: Check paca psize is up to date for huge mappings - [powerpc] perf: Ensure all EBB register state is cleared on fork() - xfs: xfs_readsb needs to check for magic numbers (regression in 3.14) - reiserfs: call truncate_setsize under tailpack mutex - ipvs: Fix panic due to non-linear skb - tracing: Fix syscall_*regfunc() vs copy_process() race - ALSA: usb-audio: Fix races at disconnection and PCM closing https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.12 - [powerpc] ibmvscsi: Abort init sequence during error recovery - [powerpc] ibmvscsi: Add memory barriers for send / receive - virtio-scsi: avoid cancelling uninitialized work items - scsi_error: fix invalid setting of host byte - virtio-scsi: fix various bad behavior on aborted requests - xhci: Use correct SLOT ID when handling a reset device command (regression in 3.13) - usb: chipidea: udc: delete td from req's td list at ep_dequeue - mtd: eLBC NAND: fix subpage write support (regression in 3.10) - mtd: nand: omap: fix BCHx ecc.correct to return detected bit-flips in erased-page - [x86] drm/i915: Avoid div-by-zero when pixel_multiplier is zero (regression in 3.13) - [x86] drm/i915: set backlight duty cycle after backlight enable for gen4 (regression in 3.14) - Bluetooth: Fix SSP acceptor just-works confirmation without MITM - Bluetooth: Fix check for connection encryption - rbd: use reference counts for image requests - rbd: handle parent_overlap on writes correctly - mac80211: fix a memory leak on sta rate selection table (regression in 3.10) - hugetlb: fix copy_hugetlb_page_range() to handle migration/hwpoisoned entry - [arm64] mm: Make icache synchronisation logic huge page aware - [arm64] Bug fix in stack alignment exception - fs/cifs: fix regression in cifs_create_mf_symlink() (regression in 3.14) - blkcg: fix use-after-free in __blkg_release_rcu() by making blkcg_gq refcnt an atomic_t - ext4: Fix buffer double free in ext4_alloc_branch() - ext4: Fix hole punching for files with indirect blocks - [x86] KVM: preserve the high 32-bits of the PAT register - [x86] kvm: fix wrong address when writing Hyper-V tsc page - nfsd: fix rare symlink decoding bug - tracing: Remove ftrace_stop/start() from reading the trace file - md: flush writes before starting a recovery. - mlx4_core: Fix incorrect FLAGS1 bitmap test in mlx4_QUERY_FUNC_CAP (regression in 3.14) - netfilter: nf_nat: fix oops on netns removal - brcmfmac: Fix brcmf_chip_ai_coredisable not applying reset bits to BCMA_IOCTL (regression in 3.14) - mmc: rtsx: add R1-no-CRC mmc command type handle (regression in 3.13) - aio: block io_destroy() until all context requests are completed (regression in 3.11) - audit: remove superfluous new- prefix in AUDIT_LOGIN messages (regression in 3.14) - mm/numa: Remove BUG_ON() in __handle_mm_fault() (regression in 3.13) - slab: fix oops when reading /proc/slab_allocators - sym53c8xx_2: Set DID_REQUEUE return code when aborting squeue - mm: fix crashes from mbind() merging vmas [ Ben Hutchings ] * [rt] Update to 3.14.10-rt7: - rtmutex: Resolve conflicts with changes in 3.14.10 - sched: Do not clear PF_NO_SETAFFINITY flag in select_fallback_rq() - workqueue: Prevent deadlock/stall on RT * [rt] random: Restore interrupt randomness dropped in 3.14.10-rt6 * [s390,s390x] Ignore ABI change in lowcore structure (fixes FTBFS) * [m68k] block: Change IOSCHED_CFQ to built-in and make it the default I/O scheduler, consistent with other architectures -- Ben Hutchings Fri, 11 Jul 2014 17:56:20 +0100 linux (3.14.10-1) unstable; urgency=high * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.10 - [s390] af_iucv: wrong mapping of sent and confirmed skbs - Staging: rtl8188eu: overflow in update_sta_support_rate() - USB: option: fix runtime PM handling - hugetlb: restrict hugepage_migration_support() to x86_64 - kthread: fix return value of kthread_create() upon SIGKILL. - mm/memory-failure.c-failure: send right signal code to correct thread - mm/memory-failure.c: don't let collect_procs() skip over processes for MF_ACTION_REQUIRED - ptrace: fix fork event messages across pid namespaces - idr: fix overflow bug during maximum ID calculation at maximum height - [s390] time: cast tv_nsec to u64 prior to shift in update_vsyscall (regression in 3.13) - [s390] lowcore: reserve 96 bytes for IRB in lowcore - ext4: fix data integrity sync in ordered mode - ext4: fix zeroing of page during writeback - ext4: fix wrong assert in ext4_mb_normalize_request() - USB: usb_wwan: fix race between write and resume - USB: usb_wwan: fix write and suspend race - USB: usb_wwan: fix urb leak at shutdown - USB: sierra: fix use after free at suspend/resume - USB: sierra: fix remote wakeup - USB: serial: fix potential runtime pm imbalance at device remove - media: stk1160: Avoid stack-allocated buffer for control URBs - rtmutex: Detect changes in the pi lock chain - rtmutex: Handle deadlock detection smarter - rtmutex: Plug slow unlock race - media: uvcvideo: Fix clock param realtime setting - media: saa7134: fix regression with tvtime (regression in 3.14) - Bluetooth: Fix L2CAP deadlock - Target/iser: Wait for proper cleanup before unloading - target: Set CMD_T_ACTIVE bit for Task Management Requests - target: Use complete_all for se_cmd->t_transport_stop_comp - iscsi-target: Fix ABORT_TASK + connection reset iscsi_queue_req memory leak - target: Explicitly clear ramdisk_mcp backend pages - [x86] x86-32, espfix: Remove filter for espfix32 due to race - aio: fix aio request leak when events are reaped by userspace - aio: fix kernel memory disclosure in io_getevents() introduced in v3.10 (CVE-2014-0206) - CIFS: Fix memory leaks in SMB2_open - Btrfs: fix double free in find_lock_delalloc_range - Btrfs: make sure there are not any read requests before stopping workers - Btrfs: mark mapping with error flag to report errors to userspace - Btrfs: set right total device count for seeding support - fs: btrfs: volumes.c: Fix for possible null pointer dereference - Btrfs: don't check nodes for extent items - Btrfs: fix scrub_print_warning to handle skinny metadata extents - btrfs: fix use of uninit "ret" in end_extent_writepage() - btrfs: allocate raid type kobjects dynamically - lz4: fix another possible overrun - epoll: fix use-after-free in eventpoll_release_file - builddeb: use $OBJCOPY variable instead of objcopy (regression in 3.12) - [i386] efi-pstore: Fix an overflow on 32-bit builds [ Ben Hutchings ] * [amd64] ptrace,x86: force IRET path after a ptrace_stop() (CVE-2014-4699) * shmem: fix faulting into a hole while it's punched (CVE-2014-4171) -- Ben Hutchings Mon, 07 Jul 2014 09:54:10 +0100 linux (3.14.9-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.8 - Target/iscsi,iser: Avoid accepting transport connections during stop stage - iser-target: Fix multi network portal shutdown regression https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.9 - target: Fix NULL pointer dereference for XCOPY in target_put_sess_cmd (regression in 3.14.6) - iscsi-target: Reject mutual authentication with reflected CHAP_C - ima: audit log files opened with O_DIRECT flag - ima: introduce ima_kernel_read() (regression in 3.10) - evm: prohibit userspace writing 'security.evm' HMAC value - net: Use netlink_ns_capable to verify the permisions of netlink messages (CVE-2014-0181) - netlink: Only check file credentials for implicit destinations - qlcnic: info leak in qlcnic_dcb_peer_app_info() - ipv6: Fix regression caused by efe4208 in udp_v6_mcast_next() (regression in 3.13) - netlink: rate-limit leftover bytes warning and print process name - bridge: Prevent insertion of FDB entry with disallowed vlan - net: tunnels - enable module autoloading - [sparc] net: filter: fix typo in sparc BPF JIT - sfc: PIO:Restrict to 64bit arch and use 64-bit writes. (regression in 3.13) - ipv4: fix a race in ip4_datagram_release_cb() - sctp: Fix sk_ack_backlog wrap-around problem - udp: ipv4: do not waste time in __udp4_lib_mcast_demux_lookup (regression in 3.13) - USB: cdc-acm: Fix various bugs in power management - USB: cdc-acm: fix I/O after failed open - [x86] hv: use correct order when freeing monitor_pages - ASoC: dapm: Make sure to always update the DAPM graph in _put_volsw() (regression in 3.12) - lzo: properly check for overruns (CVE-2014-4608) - lz4: ensure length does not wrap (CVE-2014-4608) - ALSA: compress: Cancel the optimization of compiler and fix the size of struct for all platform. - ALSA: control: Protect user controls against concurrent access (CVE-2014-4652) - ALSA: control: Fix replacing user controls (CVE-2014-4654, CVE-2014-4655) - ALSA: control: Don't access controls outside of protected regions (CVE-2014-4653) - ALSA: control: Make sure that id->index does not overflow; Handle numid overflow (CVE-2014-4656) [ Ben Hutchings ] * aufs: Update to aufs3.14-20140616: - tiny, no msg in spinlock regeion - minor bugfix, correct error value in link(2) - O_TMPFILE support - bugfix, handling an error in opening a FIFO - propagate aufs file references to new vmas created by remap_file_pages() * linux-image: Make initramfs support unconditional * [x86] x86_32, entry: Do syscall exit work on badsys (CVE-2014-4508) * [rt] Fix latency histogram after "hrtimer: Set expiry time before switch_hrtimer_base()" in 3.14.6 [ Aurelien Jarno ] * [arm64] Enable COMPAT to support 32-bit binaries. * [mips,mipsel] Enable initramfs for all flavours, but keep the disk related drivers built-in for now. -- Ben Hutchings Mon, 30 Jun 2014 13:57:11 +0100 linux (3.14.7-1) unstable; urgency=medium * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.6 - [mipsel] loongson2_cpufreq: Fix CPU clock rate setting (regression in 3.14) - rtmutex: Fix deadlock detector for real - kernfs: add back missing error check in kernfs_fop_mmap() (regression in 3.14) - coredump: fix va_list corruption (regression in 3.11) - mm: make fixup_user_fault() check the vma access rights too - serial: 8250: Fix thread unsafe __dma_tx_complete function - 8250_core: Fix unwanted TX chars write - iwlwifi: 7000: bump API to 9 - timer: Prevent overflow in apply_slack - cfg80211: free sme on connection failures (regression in 3.11) - cfg80211: add cfg80211_sched_scan_stopped_rtnl (regression in 3.14) - mac80211: fix nested rtnl locking on ieee80211_reconfig (regression in 3.14) - mm, thp: close race between mremap() and split_huge_page() - [x86] mm, hugetlb: Add missing TLB page invalidation for hugetlb_cow() - hwpoison, hugetlb: lock_page/unlock_page does not match for handling a free hugepage - iwlwifi: mvm: delay enabling smart FIFO until after beacon RX (regression in 3.14) - aio: fix potential leak in aio_run_iocb(). - Revert "hwmon: (coretemp) Refine TjMax detection" - hrtimer: Prevent remote enqueue of leftmost timers - hrtimer: Set expiry time before switch_hrtimer_base() - dm verity: fix biovecs hash calculation regression (regression in 3.14) - dm cache: fix writethrough mode quiescing in cache_map (regression in 3.13) - md/raid10: call wait_barrier() for each request submitted. (regression in 3.14) - PNP / ACPI: Do not return errors if _DIS or _SRS are not present (regression in 3.14) - ACPI / EC: Process rather than discard events in acpi_ec_clear (regression in 3.13.7, 3.14) - irqchip: armada-370-xp: fix invalid cast of signed value into unsigned variable (regression in 3.13) - irqchip: armada-370-xp: implement the ->check_device() msi_chip operation (regression in 3.13) - irqchip: armada-370-xp: Fix releasing of MSIs (regression in 3.13) - [x86] drm/i915: Allow user modes to exceed DVI 165MHz limit (regression in 3.14) - [x86] drm/i915: Don't check gmch state on inherited configs (regression in 3.13?) - [x86] drm/i915: Don't WARN nor handle unexpected hpd interrupts on gmch platforms (regression in 3.13) - [x86] drm/radeon: fix runpm handling on APUs (v4) (regression in 3.13) - drm/radeon: disable mclk dpm on R7 260X (regression in 3.14) - drm/radeon: add support for newer mc ucode on SI (v2) - drm/radeon: add support for newer mc ucode on CI (v2) - drm/radeon: re-enable mclk dpm on R7 260X asics - drm/radeon/uvd: use lower clocks on old UVD to boot v2 (regression in 3.13) - drm/radeon: check buffer relocation offset - USB: Nokia 305 should be treated as unusual dev - USB: Nokia 5300 should be treated as unusual dev - Revert "Bluetooth: Enable autosuspend for Intel Bluetooth device" (regression in 3.14) - posix_acl: handle NULL ACL in posix_acl_equiv_mode - fs/affs/super.c: bugfix / double free (regression in 3.14) - [armel/orion5x] fix target ID for crypto SRAM window (regression in 3.12) - [armel/kirkwood]: dts: fix mislocated pcie-controller nodes (regression in 3.12) - [armhf/armmp-lpae] 8012/1: kdump: Avoid overflow when converting pfn to physaddr - drm/nouveau: fix another lock unbalance in nouveau_crtc_page_flip (regression in 3.11) - drm/i915/vlv: reset VLV media force wake request register (regression in 3.14?) - i40e: potential array underflow in i40e_vc_process_vf_msg() - igb: Fix Null-pointer dereference in igb_reset_q_vector (regression in 3.14) - igb: Unset IGB_FLAG_HAS_MSIX-flag when falling back to msi-only (regression in 3.14) - leds: leds-pwm: properly clean up after probe failure - device_cgroup: rework device access check and exception checking - device_cgroup: check if exception removal is allowed - media: media-device: fix infoleak in ioctl media_enum_entities() (CVE-2014-1739) - Input: Add INPUT_PROP_TOPBUTTONPAD device property - Input: synaptics - report INPUT_PROP_TOPBUTTONPAD property - e1000e: Fix no connectivity when driver loaded with cable out (regression in 3.12) - autofs: fix lockref lookup - vfs: fix races between __d_instantiate() and checks of dentry flags - ALSA: hda - hdmi: Set converter channel count even without sink (regression in 3.13) - NFSd: Move default initialisers from create_client() to alloc_client() - NFSd: call rpc_destroy_wait_queue() from free_client() - NFSD: Call ->set_acl with a NULL ACL structure if no entries - nfsd4: remove lockowner when removing lock stateid - workqueue: fix bugs in wq_update_unbound_numa() failure path - workqueue: fix a possible race condition between rescuer and pwq-release - [arm] mvebu: mvebu-soc-id: add missing clk_put() call (regression in 3.14) - [arm] mvebu: mvebu-soc-id: keep clock enabled if PCIe unit is enabled (regression in 3.14) - ASoC: dapm: Skip CODEC<->CODEC links in connect_dai_link_widgets() (regression in 3.14) - [hppa] ratelimit userspace segfault printing - [amd64] modify_ldt: Make support for 16-bit segments a runtime option - sysfs: make sure read buffer is zeroed (possible regression in 3.13) - Target/iser: Fix wrong connection requests list addition - Target/iser: Fix iscsit_accept_np and rdma_cm racy flow - iscsi-target: Change BUG_ON to REJECT in iscsit_process_nop_out (regression in 3.11) - target: fix memory leak on XCOPY - [x86] drm/i915: Disable self-refresh for untiled fbs on i915gm (regression in 3.14) - [x86] drm/i915: move power domain init earlier during system resume (regression in 3.14?) - [x86] drm/i915: Fix unsafe loop iteration over vma whilst unbinding them (regression in 3.12) - iwlwifi: mvm: BT Coex - fix Look Up Table (regression in 3.13) - PCI: Wrong register used to check pending traffic (regression in 3.14) - dm crypt: fix cpu hotplug crash by removing per-cpu structure - dm thin: allow metadata commit if pool is in PM_OUT_OF_DATA_SPACE mode (regression in 3.14) - dm thin: add timeout to stop out-of-data-space mode holding IO forever - dmaengine: fix dmaengine_unmap failure - dma: mv_xor: Flush descriptors before activating a channel - tcm_fc: Fix free-after-use regression in ft_free_cmd (regression in 3.13) - ACPICA: Tables: Restore old behavor to favor 32-bit FADT addresses. (regression in 3.14) - ACPI: Revert "ACPI: Remove CONFIG_ACPI_PROCFS_POWER and cm_sbsc.c" (regression in 3.13) - ACPI: Revert "ACPI / Battery: Remove battery's proc directory" (regression in 3.13) - [x86] ACPI / video: Add use_native_backlight quirks for more systems - ACPI: Revert "ACPI / AC: convert ACPI ac driver to platform bus" (regression in 3.13) - [x86] ACPI / TPM: Fix resume regression on Chromebooks (regression in 3.14) - i2c: s3c2410: resume race fix - [x86] intel_pstate: Set turbo VID for BayTrail - [s390] crypto: fix aes,des ctr mode concurrency finding. - clk: Fix double free due to devm_clk_register() - clk: Fix slab corruption in clk_unregister() - [powerpc] powernv: Reset root port in firmware (regression in 3.14) - [powerpc] irq work racing with timer interrupt can result in timer interrupt hang (regression in 3.14) - [powerpc] kexec: Fix "Processor X is stuck" issue during kexec from ST mode (regression in 3.13) - spi: core: Ignore unsupported Dual/Quad Transfer Mode bits (regression in 3.12) - libceph: fix corruption when using page_count 0 page in rbd - media: V4L2: ov7670: fix a wrong index, potentially Oopsing the kernel from user-space http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.7 - perf: Limit perf_event_attr::sample_period to 63 bits - perf: Fix race in removing an event - SCSI: scsi_transport_sas: move bsg destructor into sas_rphy_remove (regression in 3.13) - [arm] 8051/1: put_user: fix possible data corruption in put_user - [arm] 8064/1: fix v7-M signal return (regression in 3.11) - cpufreq: remove race while accessing cur_policy - firewire: revert to 4 GB RDMA, fix protocols using Memory Space (regression in 3.14) - [mips] Fix typo when reporting cache and ftlb errors for ImgTec cores (regression in 3.14) - dm cache: always split discards on cache block boundaries - virtio_blk: fix race between start and stop queue - sched/deadline: Restrict user params max value to 2^63 ns - sched/dl: Fix race in dl_task_timer() - drm/radeon: avoid crash if VM command submission isn't available - [x86] drm/i915: Only copy back the modified fields to userspace from execbuffer - drm/radeon/dpm: resume fixes for some systems (regression in 3.14) - libata: Blacklist queued trim for Crucial M500 (regression in 3.14.4) - md: always set MD_RECOVERY_INTR when aborting a reshape or other "resync". - md: always set MD_RECOVERY_INTR when interrupting a reshape thread. (regression in 3.12.9, 3.13) - xhci: delete endpoints from bandwidth list before freeing whole device - staging: comedi: ni_daq_700: add mux settling delay - staging: r8192e_pci: fix htons error (regression in 3.14) - ALSA: hda/analog - Fix silent output on ASUS A8JN (regression in 3.12) - USB: io_ti: fix firmware download on big-endian machines (part 2) - usb: pci-quirks: Prevent Sony VAIO t-series from switching usb ports (regression in 3.12) - percpu-refcount: fix usage of this_cpu_ops - [x86] intel_pstate: Remove C0 tracking (regression in 3.14) - [x86] intel_pstate: Correct rounding in busy calculation (regression in 3.14) - [x86] intel_pstate: add sample time scaling - [x86] intel_pstate: Improve initial busy calculation - mm: add !pte_present() check on existing hugetlb_entry callbacks (CVE-2014-3940) - mm: rmap: fix use-after-free in __put_anon_vma - iser-target: Add missing target_put_sess_cmd for ImmedateData failure - iscsi-target: Fix wrong buffer / buffer overrun in iscsi_change_param_value() - target: Fix alua_access_state attribute OOPs for un-configured devices - netfilter: Fix potential use after free in ip6_route_me_harder() - netfilter: nfnetlink: Fix use after free when it fails to process batch - [x86] iommu/vt-d: Fix missing IOTLB flush in intel_iommu_unmap() [ Ian Campbell ] * [armhf] Enable VIRTIO_BALLOON and VIRTIO_PCI (Closes: #750742) * [arm64] Update modules included in installer udebs. * Include virtio_mmio in virtio-modules udeb when available. [ Aurelien Jarno ] * topconfig: Enable modular HW_RANDOM. * [kernelarch-powerpc] Remove HW_RANDOM. * [kernelarch-x86] Remove HW_RANDOM. * [mips/4kc-malta] Remove HW_RANDOM. * [mips/5kc-malta] Remove HW_RANDOM. * [mips/octeon] Remove HW_RANDOM. * [arm64] Enable modular RTC_DRV_PL031. [ Ben Hutchings ] * [ppc64el] Add kernel image, thanks to Mauricio Faria de Oliveira: - Split common/big-endian powerpc64 options - Add little-endian powerpc64 options - Temporarily disable zImage - powerpc/powernv: Add calls to support little endian host - Add 'ppc64le' (uname output) to bug/include-model script - udeb: Add packages based on ppc64 configuration * netfilter: ipv4: defrag: set local_df flag on defragmented skb (regression in 3.14.5) * [mips] seccomp: Check system calls whenever seccomp is enabled, even if audit and trace are disabled (Closes: #751417) * auditsc: audit_krule mask accesses need bounds checking (CVE-2014-3917) * fs,userns: Change inode_capable to capable_wrt_inode_uidgid (CVE-2014-4014) * SCSI: Fix spurious request sense in error handling (regression in 3.14) * PCI/MSI: Fix memory leak in free_msi_irqs() (regression in 3.14) * [rt] hrtimer: Disable MISSED_TIMER_OFFSETS_HIST as it will currently result in a panic -- Ben Hutchings Mon, 16 Jun 2014 09:51:49 +0100 linux (3.14.5-1) unstable; urgency=high * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.5 - SCSI: dual scan thread bug fix - SCSI: megaraid: missing bounds check in mimd_to_kioc() - [x86] KVM: remove WARN_ON from get_kernel_ns() - audit: convert PPIDs to the inital PID namespace. - netfilter: nf_tables: fix nft_cmp_fast failure on big endian for size < 4 - netfilter: nf_conntrack: reserve two bytes for nf_ct_ext->len (Closes: #741667) - netfilter: Can't fail and free after table replacement - [i386] x86,preempt: Fix preemption for i386 - rbd: fix error paths in rbd_img_request_fill() - [x86] drm/i915: restore QUIRK_NO_PCH_PWM_ENABLE (regression in 3.14) - tick-sched: Don't call update_wall_time() when delta is lesser than tick_period (regression in 3.14) - tick-sched: Check tick_nohz_enabled in tick_nohz_switch_to_nohz() (regression in 3.13) - [hppa] change value of SHMLBA from 0x00400000 to PAGE_SIZE - [hppa] fix epoll_pwait syscall on compat kernel - [hppa] remove _STK_LIM_MAX override - vfs: don't bother with {get,put}_write_access() on non-regular files - cifs: Wait for writebacks to complete before attempting write. - xen/spinlock: Don't enable them unconditionally. (regression in 3.12) - thp: close race between split and zap huge pages (regression in 3.13) - mm/hugetlb.c: add cond_resched_lock() in return_unused_surplus_pages() - mm: use paravirt friendly ops for NUMA hinting ptes - USB: io_ti: fix firmware download on big-endian machines - fs: Don't return 0 from get_anon_bdev (regression in 3.14) - [x86] drm/vmwgfx: Make sure user-space can't DMA across buffer object boundaries v2 - [x86] drm/i915: Do not dereference pointers from ring buffer in evict event (regression in 3.13) - net: core: don't account for udp header size when computing seglen (regression in 3.14) - bridge: Fix double free and memory leak around br_allowed_ingress - filter: prevent nla extensions to peek beyond the end of the message (CVE-2014-3144, CVE-2014-3145) - Revert "net: sctp: Fix a_rwnd/rwnd management to reflect real state of the receiver's buffer" (regression in 3.14) - ip6_gre: don't allow to remove the fb_tunnel_dev - net: sctp: cache auth_enable per endpoint - net: Fix ns_capable check in sock_diag_put_filterinfo - rtnetlink: Warn when interface's information won't fit in our packet - rtnetlink: Only supply IFLA_VF_PORTS information when RTEXT_FILTER_VF is set - tcp_cubic: fix the range of delayed_ack - net: cdc_ncm: fix buffer overflow (regression in 3.13) - ip_tunnel: Set network header properly for IP_ECN_decapsulate() (regression in 3.11) - ipv4: ip_tunnels: disable cache for nbma gre tunnels (regression in 3.14) - net: cdc_mbim: __vlan_find_dev_deep need rcu_read_lock (regression in 3.13) - net: ipv4: ip_forward: fix inverted local_df test (regression in 3.14) - net: ipv6: send pkttoobig immediately if orig frag size > mtu (regression in 3.14) - ip6_tunnel: fix potential NULL pointer dereference - neigh: set nud_state to NUD_INCOMPLETE when probing router reachability (regression in 3.14) - batman-adv: fix neigh_ifinfo imbalance (regression in 3.14) - batman-adv: fix neigh reference imbalance (regression in 3.14) - batman-adv: always run purge_orig_neighbors (regression in 3.14) - batman-adv: fix removing neigh_ifinfo (regression in 3.14) - [s390,x86] net: filter: fix JIT address randomization - net: avoid dependency of net_get_random_once on nop patching (regression in 3.13) - ipv6: fix calculation of option len in ip6_append_data (regression in 3.13) - rtnetlink: wait for unregistering devices in rtnl_link_unregister() - bonding: fix out of range parameters for bond_intmax_tbl (regression in 3.14) - net: gro: make sure skb->cb[] initial content has not to be zero (regression in 3.13) - batman-adv: fix indirect hard_iface NULL dereference (regression in 3.14) - batman-adv: fix reference counting imbalance while sending fragment (regression in 3.14) - batman-adv: increase orig refcount when storing ref in gw_node - batman-adv: fix local TT check for outgoing arp requests in DAT (regression in 3.13) - net_sched: fix an oops in tcindex filter (regression in 3.14) - ipv6: gro: fix CHECKSUM_COMPLETE support (regression in 3.14) - ipv4: initialise the itag variable in __mkroute_input - net-gro: reset skb->truesize in napi_reuse_skb() [ Ben Hutchings ] * [x86] ACPICA: Tables: Fix invalid pointer accesses in acpi_tb_parse_root_table(). (Closes: #748574) * net: Revert lockdep changes in 3.14.5 to avoid an ABI change * futex: Add another early deadlock detection check * futex: Prevent attaching to kernel threads * futex: Forbid uaddr == uaddr2 in futex_requeue(..., requeue_pi=1) (CVE-2014-3153) * futex: Validate atomic acquisition in futex_lock_pi_atomic() * futex: Always cleanup owner tid in unlock_pi * futex: Make lookup_pi_state more robust [ Ian Campbell ] * [arm64] Initial kernel configuration and packaging (Closes: #745349). * [armhf] Add virtio-modules udeb. [ Aurelien Jarno ] * [mips,mipsel] Fix branch emulation of branch likely instructions. -- Ben Hutchings Thu, 05 Jun 2014 13:49:15 +0100 linux (3.14.4-1) unstable; urgency=high * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.3 - ASoC: pcm: Drop incorrect double/extra frees - [s390] KVM: Optimize ucontrol path (regression in 3.11) - [s390] bitops,atomic: add missing memory barriers - [s390] fix control register update (regression in 3.14) - mei: me: do not load the driver if the FW doesn't support MEI interface - staging: comedi: usbdux: bug fix for accessing 'ao_chanlist' in private data - [x86] AVX-512: AVX-512 Feature Detection - [x86] AVX-512: Enable AVX-512 States Context Switch - [x86] ftrace: One more missing sync after fixup of function modification failure - [amd64] modify_ldt: Ban 16-bit segments on 64-bit kernels - [armhf] PCI: imx6: Wait for retraining (regression in 3.14) - [arm] PCI: mvebu: Fix potential issue in range parsing (regression in 3.12) - NFSv4: Fix a use-after-free problem in open() - nfsd: revert v2 half of "nfsd: don't return high mode bits" (regression in 3.14) - nfsd4: buffer-length check for SUPPATTR_EXCLCREAT - nfsd4: fix test_stateid error reply encoding - nfsd: notify_change needs elevated write count - nfsd: check passed socket's net matches NFSd superblock's one - nfsd4: fix memory leak in nfsd4_encode_fattr() - nfsd4: fix setclientid encode size - NFSD: Traverse unconfirmed client through hash-table - IB/ipath: Fix potential buffer overrun in sending diag packet routine - IB/nes: Return an error on ib_copy_from_udata() failure instead of NULL - IB/mthca: Return an error on ib_copy_to_udata() failure - IB/ehca: Returns an error on ib_copy_to_udata() failure - IB/core: Don't resolve passive side RoCE L2 address in CMA REQ handler (regression in 3.14) - ib_srpt: Use correct ib_sg_dma primitives - SCSI: arcmsr: upper 32 of dma address lost - iscsi-target: Fix ERL=2 ASYNC_EVENT connection pointer bug - target/iblock: Fix double bioset_integrity_free bug - target/tcm_fc: Fix use-after-free of ft_tpg - [x86] efi: Correct EFI boot stub use of code32_start - efi: Pass correct file handle to efi_file_{read,close} - reiserfs: fix race in readdir - media: v4l2-dv-timings: add module name, description, license - media: em28xx-audio: fix user counting in snd_em28xx_capture_open() - [armhf] usb: musb: fix PHY power on/off (regression in 3.14) - mtip32xx: Unmap the DMA segments before completing the IO request - mtip32xx: mtip_async_complete() bug fixes - iser-target: Match FRMR descriptors to available session tags - iser-target: Add missing se_cmd put for WRITE_PENDING in tx_comp_err - [sh] fix format string bug in stack tracer - mm: page_alloc: spill to remote nodes before waking kswapd (regression in 3.12/3.13) - mm: try_to_unmap_cluster() should lock_page() before mlocking (CVE-2014-3122) (Closes: #747326) - xattr: guard against simultaneous glibc header inclusion - ocfs2: do not put bh when buffer_uptodate failed - ocfs2: fix panic on kfree(xattr->name) - vfs: smarter propagate_mnt() - block: Fix for_each_bvec() - ext4: FIBMAP ioctl causes BUG_ON due to handle EXT_MAX_BLOCKS - ext4: note the error in ext4_end_bio() - ext4: move ext4_update_i_disksize() into mpage_map_and_submit_extent() - ext4: use i_size_read in ext4_unaligned_aio() http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.4 - tty: Fix lockless tty buffer race - n_tty: Fix n_tty_write crash when echoing in raw mode (CVE-2014-0196) (Closes: #747166) - floppy: ignore kernel-only members in FDRAWCMD ioctl input (CVE-2014-1737) - floppy: don't write kernel-only members to FDRAWCMD ioctl output (CVE-2014-1738) - KVM: async_pf: mm->mm_users can not pin apf->mm - KVM: ioapic: fix assignment of ioapic->rtc_status.pending_eoi (CVE-2014-0155) - [powerpc] KVM: Book3S HV: Fix KVM hang with CONFIG_KVM_XICS=n (regression in 3.14) - [mips] Hibernate: Flush TLB entries in swsusp_arch_resume() - [powerpc] Fix Oops in rtas_stop_self() (regression in 3.14) - [s390] bpf,jit: initialize A register if 1st insn is BPF_S_LDX_B_MSH - SUNRPC: Ensure that call_connect times out correctly (regression in 3.13) - SUNRPC: Ensure call_connect_status() deals correctly with SOFTCONN tasks (regression in 3.13) - Revert "net: mvneta: fix usage as a module on RGMII configurations" (regression in 3.14) - iwlwifi: dvm: take mutex when sending SYNC BT config command - mac80211: fix potential use-after-free - mac80211: fix WPA with VLAN on AP side with ps-sta again - locks: allow __break_lease to sleep even when break_time is 0 - rtlwifi: rtl8192se: Fix regression due to commit 1bf4bbb (regression in 3.13) - dm cache: prevent corruption caused by discard_block_size > cache_block_size - dm transaction manager: fix corruption due to non-atomic transaction commit - dm: take care to copy the space map roots before locking the superblock - dm thin: fix dangling bio in process_deferred_bios error path - aio: v4 ensure access to ctx->ring_pages is correctly serialised for migration - cpufreq: loongson2_cpufreq: don't declare local variable as static (regression in 3.14) [ Ben Hutchings ] * [or1k] Build a linux-libc-dev package (Closes: #746309) * net: Start with correct mac_len in skb_network_protocol (Closes: #746453) * [x86] ACPI/Processor: Fix failure of loading acpi-cpufreq driver (Closes: #746448) * [armhf] ARM: sun4i: dt: Add bindings for USB clocks (fixes FTBFS, Closes: #746420) * [x86] udeb: Add hyperv-keyboard to hyperv-modules * drm: Enable auto-loading of ast, udl * [ppc64el] Build a linux-libc-dev package (Closes: #747367) * net: ipv4: current group_info should be put after using. (CVE-2014-2851) * filter: prevent nla extensions to peek beyond the end of the message (CVE-2014-3144, CVE-2014-3145) * [powerpc,ppc64] Add versioned build-dependency on gcc-4.8, as compiler changes have resulted in a different kernel module ABI - [powerpc] Bump ABI to 1a as 3.14.2-1 was built with an older compiler * [armhf] Enable IR_GPIO_CIR as module (Closes: #747762) * [hppa/parisc64-smp] ipmi: Enable IPMI_HANDLER, IPMI_DEVICE_INTERFACE, IPMI_SI, IPMI_WATCHDOG, IPMI_POWEROFF as modules (Closes: #747482) * [armhf] Enable various drivers to support BeagleBone Black (Closes: #747364) * [hppa] udeb: Add xfs-modules (Closes: #746506) * udeb: Add mtip32xx, nvme to sata-modules * [rt] Update to 3.14.3-rt5: - tracing: use migrate_disable() to prevent beeing pushed off the cpu - rwsem-rt: Do not allow readers to nest - Revert "migrate_disable pushd down in atomic_dec_and_spin_lock" - rwlock: disable migration before taking a lock - timer: do not spin_trylock() on UP - stomp-machine: Fix wait for completion - stomp-machine: create lg_global_trylock_relax() primitive - stomp-machine: use lg_global_trylock_relax() to dead with stop_cpus_lock lglock - blk-mq: revert raw locks, post pone notifier to POST_DEAD - use EXPORT_SYMBOL() on __rt_mutex_init() and rt_down_write_nested_lock() - netconsole: Allow use with PREEMPT_RT_FULL * aufs: Update to aufs3.14-20140512: - bugfix, stop calling security_mmap_file() again -- Ben Hutchings Wed, 14 May 2014 00:46:05 +0100 linux-tools (3.14-1) unstable; urgency=medium * New upstream release -- Ben Hutchings Mon, 28 Apr 2014 17:46:24 +0100 linux (3.14.2-1) unstable; urgency=medium * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.2 [ Ian Campbell ] * [armhf] Drop suffix from kernel udeb. * [armhf] Backport sunxi AHCI and GMAC drivers from v3.15-rc1 [ Ben Hutchings ] * [x86] Enable X86_INTEL_LPSS (Closes: #745331) * [x86] thinkpad_acpi: Add support for X1 Carbon 2nd generation's adaptive keyboard (Closes: #745252) * [armhf] Enable more Allwinner/sunxi drivers (Closes: #745972): - spi: sunxi: Add Allwinner A31 SPI controller driver - ARM: dt: sun4i: Add A10 SPI controller nodes - PHY: sunxi: Add driver for sunxi usb phy - ARM: sun4i: dt: Add USB host bindings - Enable PHY_SUN4I_USB, RTC_DRV_SUNXI, SPI_SUN6I, USB_EHCI_HCD_PLATFORM, USB_OHCI_HCD_PLATFORM and CONFIG_SUNXI_WATCHDOG as modules * Set ABI to 1 * Staging: speakup: Move pasting into a work item and update it to match vt (Closes: #735202, #744015) -- Ben Hutchings Mon, 28 Apr 2014 17:12:03 +0100 linux (3.14.1-1~exp1) experimental; urgency=medium * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.1 [ Ben Hutchings ] * [armel] Disable ixp4xx flavour (fixes FTBFS) * [armhf] Enable SECURITY_APPARMOR, SECURITY_TOMOYO * [rt] Update to 3.14.0-rt1 and reenable -- Ben Hutchings Thu, 17 Apr 2014 13:17:18 +0100 linux (3.14-1~exp1) experimental; urgency=medium * New upstream release: http://kernelnewbies.org/Linux_3.14 [ Ben Hutchings ] * nftables: Enable NF_TABLES_BRIDGE, NF_TABLES_IPV4, NFT_CHAIN_ROUTE_IPV4, NFT_CHAIN_NAT_IPV4, NF_TABLES_ARP, NF_TABLES_IPV6, NFT_CHAIN_ROUTE_IPV6, NFT_CHAIN_NAT_IPV6 as modules (Closes: #742763) * udeb: Update sound-modules, thanks to Samuel Thibault (Closes: #743319) * aufs: Update to aufs3.14-20140407 (no functional changes) * mtd: Enable MTD_NAND_ECC_BCH (Closes: #743933) * drm: Enable DRM_LOAD_EDID_FIRMWARE (Closes: #728275) -- Ben Hutchings Wed, 09 Apr 2014 09:53:05 +0100 linux-tools (3.14~rc7-1~exp1) experimental; urgency=medium * New upstream release candidate -- Ben Hutchings Mon, 17 Mar 2014 19:31:14 +0000 linux (3.14~rc7-1~exp1) experimental; urgency=medium * New upstream release candidate [ Ben Hutchings ] * bfa,bna: Replace large udelay() with mdelay() (fixes FTBFS on arm) (Closes: #741142) * aufs: Update to aufs3.x-rcN-20140310 - bugfix, Fix unmount to properly free anonymous block devices -- Ben Hutchings Mon, 17 Mar 2014 13:30:03 +0000 linux (3.14~rc5-1~exp1) experimental; urgency=medium * New upstream release candidate [ Ben Hutchings ] * mm: Enable ZSMALLOC as built-in, ZRAM as module (except for armel/{ixp4xx,orion5x}) (Closes: #676779) * iio,HID: Enable HID_SENSOR_INCLINOMETER_3D as module * media/radio: Enable USB_RAREMONO as module * i40e: Enable I40E_VXLAN, I40E_DCB * net: Enable I40EVF, USB_NET_SR9800 as modules * serial: Enable USB_SERIAL_MXUPORT as module * ceph: Enable CEPH_FS_POSIX_ACL * netfilter: Enable NF_TABLES_INET, NFT_QUEUE, NFT_REJECT, NETFILTER_XT_MATCH_CGROUP, NETFILTER_XT_MATCH_IPCOMP as modules * net/sched: Enable NET_SCH_HHF, NET_SCH_PIE as modules * [x86] crypto: Enable CRYPTO_DEV_CCP, CRYPTO_DEV_CCP_DD, CRYPTO_DEV_CCP_CRYPTO as modules * [x86] platform: Enable CHROMEOS_PSTORE, HP_WIRELESS as modules * [x86] comedi: Enable COMEDI_MF6X4 as modules * [x86] staging: Enable R8821AE, RTS5208 as modules * [x86] thermal: Enable ACPI_INT3403_THERMAL as module -- Ben Hutchings Fri, 07 Mar 2014 03:36:35 +0000 linux (3.13.10-1) unstable; urgency=medium * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.8 - ALSA: compress: Pass through return value of open ops callback - [hppa] partly revert commit 8a10bc9: parisc/sti_console: prefer Linux fonts over built-in ROM fonts (regression in 3.13.2) - [armhf] net: davinci_emac: Replace devm_request_irq with request_irq (regression in 3.11) - NFSv4: Use the correct net namespace in nfs4_update_server - media: cxusb: unlock on error in cxusb_i2c_xfer() (regression in 3.13) - media: dw2102: some missing unlocks on error (regression in 3.13) - libceph: block I/O when PAUSE or FULL osd map flags are set - libceph: resend all writes after the osdmap loses the full flag - stop_machine: Fix^2 race between stop_two_cpus() and stop_cpus() - [arm] 7941/2: Fix incorrect FDT initrd parameter override (regression in 3.13) - [x86] bpf_jit: support negative offsets - printk: fix syslog() overflowing user buffer - Fix uses of dma_max_pfn() when converting to a limiting address - deb-pkg: Fix building for MIPS big-endian or ARM OABI - deb-pkg: Fix cross-building linux-headers package - fs/proc/proc_devtree.c: remove empty /proc/device-tree when no openfirmware exists. - KVM: MMU: handle invalid root_hpa at __direct_map - [x86] KVM: x86: handle invalid root_hpa everywhere - KVM: VMX: fix use after free of vmx->loaded_vmcs http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.9 - ext4: atomically set inode->i_flags in ext4_set_inode_flags() - rcuwalk: recheck mount_lock after mountpoint crossing attempts - Input: mousedev - fix race when creating mixed device - xen/balloon: flush persistent kmaps in correct position - Revert "xen: properly account for _PAGE_NUMA during xen pte translations" (regression in 3.13.5) - drm/i915: Undo gtt scratch pte unmapping again (regression in 3.12) - [i386/486] fix boot on uniprocessor systems - random32: avoid attempt to late reseed if in the middle of seeding - rcuwalk: switch mnt_hash to hlist - mm: close PageTail race - cgroup: protect modifications to cgroup_idr with cgroup_mutex - netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages (CVE-2014-2523) http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.10 - selinux: correctly label /proc inodes in use before the policy is loaded - net: sctp: fix skb leakage in COOKIE ECHO path of chunk->auth_chunk - bridge: multicast: add sanity check for query source addresses - tipc: allow connection shutdown callback to be invoked in advance - tipc: fix connection refcount leak - tipc: drop subscriber connection id invalidation - inet: frag: make sure forced eviction removes all frags - vlan: Set correct source MAC address with TX VLAN offload enabled (regression in 3.13) - tcp: tcp_release_cb() should release socket ownership - bridge: multicast: add sanity check for general query destination - bridge: multicast: enable snooping on general queries only - net: socket: error on a negative msg_namelen (regression in 3.11.10) - bonding: set correct vlan id for alb xmit path (regression in 3.12) - ipv6: Avoid unnecessary temporary addresses being generated - net: cdc_ncm: fix control message ordering (regression in 3.13) - tcp: syncookies: do not use getnstimeofday() (regression in 3.13) - tipc: fix spinlock recursion bug for failed subscriptions - ip_tunnel: Fix dst ref-count. (regression in 3.13.7) - tg3: Do not include vlan acceleration features in vlan_features - virtio-net: correct error handling of virtqueue_kick() (regression in 3.13) - usbnet: include wait queue head in device structure - vhost: fix total length when packets are too short (CVE-2014-0077) - vhost: validate vhost_get_vq_desc return value (CVE-2014-0055) - tcp: fix get_timewait4_sock() delay computation on 64bit (regression in 3.13) - xen-netback: remove pointless clause from if statement - netlink: don't compare the nul-termination in nla_strcmp - xen-netback: disable rogue vif in kthread context - net: vxlan: fix crash when interface is created with no group - rds: prevent dereference of a NULL device in rds_iw_laddr_check (CVE-2014-2678) - powernow-k6: disable cache when changing frequency - [m68k] Skip futex_atomic_cmpxchg_inatomic() test - crypto: ghash-clmulni-intel - use C implementation for setkey() -- Ben Hutchings Tue, 15 Apr 2014 22:12:38 +0100 linux (3.13.7-1) unstable; urgency=medium * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.7 - mm: page_alloc: exempt GFP_THISNODE allocations from zone fairness (regression in 3.12) - mm: include VM_MIXEDMAP flag in the VM_SPECIAL list to avoid m(un)locking (regression in 3.12) - ocfs2: fix quota file corruption - ocfs2 syncs the wrong range... - memcg: fix endless loop in __mem_cgroup_iter_next() (regression in 3.13.3) - net-tcp: fastopen: fix high order allocations - ipv6: reuse ip6_frag_id from ip6_ufo_append_data - ipv4: ipv6: better estimate tunnel header cut for correct ufo handling - ip_tunnel:multicast process cause panic due to skb->_skb_refdst NULL pointer - mac80211: clear sequence/fragment number in QoS-null frames - ath9k: Fix ETSI compliance for AR9462 2.0 - ath9k: protect tid->sched check - cpuset: fix a locking issue in cpuset_migrate_mm() - cpuset: fix a race condition in __cpuset_node_allowed_softwall() - firewire: net: fix use after free - firewire: don't use PREPARE_DELAYED_WORK - libata: disable queued TRIM for Crucial M500 mSATA SSDs - libata: use wider match for blacklisting Crucial M500 - NFSv4: Fix another nfs4_sequence corruptor (Closes: #734268) - cpufreq: use cpufreq_cpu_get() to avoid cpufreq_get() race conditions - cpufreq: Skip current frequency initialization for ->setpolicy drivers (regression in 3.13) - iscsi/iser-target: Use list_del_init for ->i_conn_node - iser-target: Ignore completions for FRWRs in isert_cq_tx_work - iser-target: Fix post_send_buf_count for RDMA READ/WRITE - mm/readahead.c: fix do_readahead() for no readpage(s) (regression in 3.13) - fs/proc/base.c: fix GPF in /proc/$PID/map_files - drm/i915: fix pch pci device enumeration (regression in 3.11) - drm/i915: Reject >165MHz modes w/ DVI monitors (regression in 3.11) - drm/radeon: fix runpm disabling on non-PX harder (may fix #741619, #742507) - PCI: Enable INTx in pci_reenable_device() only when MSI/MSI-X not enabled (fixes regression in 3.13.6) - [x86] vmxnet3: fix netpoll race condition - mm/compaction: break out of loop on !PageBuddy in isolate_freepages_block - dm space map metadata: fix refcount decrement below 0 which caused corruption - dm cache: fix truncation bug when copying a block to/from >2TB fast device - net: unix socket code abuses csum_partial - SCSI: qla2xxx: Fix multiqueue MSI-X registration. - [x86] fpu: Check tsk_used_math() in kernel_fpu_end() for eager FPU - Btrfs: fix tree mod logging - Btrfs: fix data corruption when reading/updating compressed extents - intel_pstate: Add setting voltage value for baytrail P states. - Fix mountpoint reference leakage in linkat - bio-integrity: Fix bio_integrity_verify segment start bug - memcg: reparent charges of children before processing parent [ Ben Hutchings ] * [arm] mm: Avoid ABI change in 3.13.6 (fixes FTBFS) * nfqueue: Orphan frags in nfqnl_zcopy() and handle errors (CVE-2014-2568) -- Ben Hutchings Tue, 25 Mar 2014 17:23:31 +0000 linux-tools (3.13.6-1) unstable; urgency=medium * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.5 - Modpost: fixed USB alias generation for ranges including 0x9 and 0xA http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.6 - perf trace: Fix ioctl 'request' beautifier build problems on !(i386 || x86_64) arches [ Ben Hutchings ] * linux-tools: Remove the 'trace_3.13' link to perf * Clean another autoconf-generated file so double-builds work -- Ben Hutchings Wed, 19 Mar 2014 22:33:21 +0000 linux (3.13.6-1) unstable; urgency=high * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.6 - drm/nouveau/fb: use correct ram oclass for nv1a hardware (regression in 3.13) - ext4: fix xfstest generic/299 block validity failures - ext4: fix error paths in swap_inode_boot_loader() - ext4: don't try to modify s_flags if the the file system is read-only - ext4: fix online resize with a non-standard blocks per group setting - [arm] 7950/1: mm: Fix stage-2 device memory attributes - [arm] 7953/1: mm: ensure TLB invalidation is complete before enabling MMU - [arm] 7957/1: add DSB after icache flush in __flush_icache_all() - powerpc: Set the correct ksp_limit on ppc32 when switching to irq stack (regression in 3.12) - jbd2: fix use after free in jbd2_journal_start_reserved() - cifs: ensure that uncached writes handle unmapped areas correctly (CVE-2014-0069) - NFS: Do not set NFS_INO_INVALID_LABEL unless server supports labeled NFS (regression in 3.11) - NFS fix error return in nfs4_select_rw_stateid (regression in 3.12) - bridge: fix netconsole setup over bridge (regression in 3.12) - net: fix 'ip rule' iif/oif device rename - net: asix: add missing flag to struct driver_info - gre: add link local route when local addr is any (regression in 3.13) - ipv4: fix counter in_slow_tot - net: use __GFP_NORETRY for high order allocations - batman-adv: fix soft-interface MTU computation (regression in 3.13) - batman-adv: fix TT-TVLV parsing on OGM reception - batman-adv: release vlan object after checking the CRC - batman-adv: properly check pskb_may_pull return value - batman-adv: avoid potential race condition when adding a new neighbour - batman-adv: fix TT CRC computation by ensuring byte order (regression in 3.13) - batman-adv: free skb on TVLV parsing success - batman-adv: avoid double free when orig_node initialization fails - batman-adv: fix potential kernel paging error for unicast transmissions - cgroup: fix error return value in cgroup_mount() - cgroup: fix error return from cgroup_create() - cgroup: fix locking in cgroup_cfts_commit() - cgroup: update cgroup_enable_task_cg_lists() to grab siglock - fs: fix iversion handling - kvm: x86: fix emulator buffer overflow (CVE-2014-0049) - kvm, vmx: Really fix lazy FPU on nested guest - SUNRPC: Ensure that gss_auth isn't freed before its upcall messages - powerpc/powernv: Fix opal_xscom_{read,write} prototype - powerpc/powernv: Fix indirect XSCOM unmangling - perf/x86: Fix event scheduling - sata_sil: apply MOD15WRITE quirk to TOSHIBA MK2561GSYN - cpufreq: powernow-k8: Initialize per-cpu data-structures properly (regression in 3.12) - Revert "writeback: do not sync data dirtied after sync start" (regression in 3.13) - [arm] PCI: mvebu: Use Device ID and revision from underlying endpoint - PCI: Enable INTx if BIOS left them disabled - i7core_edac: Fix PCI device reference count - can: kvaser_usb: check number of channels returned by HW - usb: chipidea: need to mask when writting endptflush and endptprime - mei: set client's read_cb to NULL when flow control fails - workqueue: ensure @task is valid across kthread_stop() - regulator: da9063: Bug fix when setting max voltage on LDOs 5-11 - [armhf] mtd: nand: omap: fix ecclayout to be in sync with u-boot NAND driver (regression in 3.13) - [armhf] mtd: nand: omap: fix ecclayout->oobfree->offset - [armhf] mtd: nand: omap: fix ecclayout->oobfree->length - [armhf/armmp-lpae] iommu/arm-smmu: fix pud/pmd entry fill sequence - [armhf/armmp-lpae] iommu/arm-smmu: really fix page table locking - [armhf/armmp-lpae] iommu/arm-smmu: fix table flushing during initial allocations - [armhf/armmp-lpae] iommu/arm-smmu: set CBARn.BPSHCFG to NSH for s1-s2-bypass contexts - perf: Fix hotplug splat - quota: Fix race between dqput() and dquot_scan_active() - ipc,mqueue: remove limits for the amount of system-wide queues - mm, thp: fix infinite loop on memcg OOM - qla2xxx: Fix kernel panic on selective retransmission request - i7300_edac: Fix device reference count - dm cache: move hook_info into common portion of per_bio_data structure (regression in 3.13) - drm/radeon: fix missing bo reservation - drm/radeon: free uvd ring on unload [ Ben Hutchings ] * xhci: Revert more sg changes (Closes: #741989; also see #738113): - Revert "xhci 1.0: Limit arbitrarily-aligned scatter gather." - Revert "USBNET: ax88179_178a: enable tso if usb host supports sg dma" * aufs: Update to aufs3.13-20140303 - bugfix, Fix unmount to properly free anonymous block devices * net: fix for a race condition in the inet frag code (CVE-2014-0100) * net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH capable (CVE-2014-0101) * KEYS: Make the keyring cycle detector ignore other keyrings of the same name (CVE-2014-0102) * skbuff: skb_segment: orphan frags before copying (CVE-2014-0131) * ipv6: don't set DST_NOCOUNT for remotely added routes (CVE-2014-2309) -- Ben Hutchings Wed, 19 Mar 2014 16:18:42 +0000 linux (3.13.5-1) unstable; urgency=medium * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.5 - xen: properly account for _PAGE_NUMA during xen pte translations - mm: fix page leak at nfs_symlink() - mm/memory-failure.c: move refcount only in !MF_COUNT_INCREASED - CIFS: Fix SMB2 mounts so they don't try to set or get xattrs via cifs - CIFS: Add protocol specific operation for CIFS xattrs - CIFS: retrieving CIFS ACLs when mounted with SMB2 fails dropping session - mac80211: release the channel in error path in start_ap - mac80211: Fix IBSS disconnect - mac80211: fix fragmentation code, particularly for encryption - ath9k_htc: Do not support PowerSave by default - ath9k: Do not support PowerSave by default - [s390x] fix kernel crash due to linkage stack instructions - raw: test against runtime value of max_raw_minors - hwmon: (ntc_thermistor) Avoid math overflow - lockd: send correct lock when granting a delayed lock. - drm/i915: Pair va_copy with va_end in i915_error_vprintf - vt: Fix secure clear screen - staging: lustre: fix quotactl permission denied (LU-4530) - staging: comedi: adv_pci1710: fix analog output readback value - iio: adis16400: Set timestamp as the last element in chan_spec - iio: ak8975: Fix calculation formula for convert micro tesla to gauss unit - usb-storage: add unusual-devs entry for BlackBerry 9000 - usb-storage: restrict bcdDevice range for Super Top in Cypress ATACB - xhci 1.0: Limit arbitrarily-aligned scatter gather. - Revert "usbcore: set lpm_capable field for LPM capable root hubs" (regression in 3.12.1) - block: __elv_next_request() shouldn't call into the elevator if bypassing - block: Fix nr_vecs for inline integrity vectors - block: add cond_resched() to potentially long running ioctl discard loop - compiler/gcc4: Make quirk for asm_volatile_goto() unconditional - misc: mic: fix possible signed underflow (undefined behavior) in userspace API - KVM: return an error code in kvm_vm_ioctl_register_coalesced_mmio() - md/raid1: restore ability for check and repair to fix read errors. (regression in 3.10.5) - i2c: mv64xxx: refactor message start to ensure proper initialization - target: Fix free-after-use regression in PR unregister - drivers/edac/edac_mc_sysfs.c: poll timeout cannot be zero - EDAC: Poll timeout cannot be zero, p2 - EDAC: Correct workqueue setup path [ Ben Hutchings ] * [armhf] net/wireless: Really enable WL_TI and dependent modules * aufs: Update to aufs3.13-20140127 (no functional changes) * [powerpc] Change I2C_POWERMAC from module to built-in (Closes: #713943) * [mips] rtl8187: fix regression on MIPS without coherent DMA (Closes: #739978) * [x86] Enable CHROME_PLATFORMS and re-enable CHROMEOS_LAPTOP as module (Closes: #740042) * [armel/!kirkwood] udeb: Re-add lzo-modules udeb as lzo_compress is a module again (Closes: #740219) * debian/control: Simplify build-dependencies: - Remove versions for debhelper, python, kernel-wedge that are satisfied by stable - Remove module-init-tools as alternative to kmod, which is in stable -- Ben Hutchings Tue, 04 Mar 2014 19:49:27 +0000 linux-tools (3.13.4-1) unstable; urgency=medium * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.2 - perf kvm: Fix kvm report without guestmount. -- Ben Hutchings Sat, 22 Feb 2014 15:39:27 +0000 linux (3.13.4-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.1 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.2 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.3 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.4 [ Ben Hutchings ] * [x86] Enable POWERCAP, INTEL_RAPL as module (Closes: #736399) * [arm] Disable OABI_COMPAT and enable AUDITSYSCALL (except for armel/{ixp4xx,orion5x}) (Closes: #728975, #736843) * [x86] Enable R8188EU as module, 88EU_AP_MODE and 88EU_P2P (Closes: #736905) * [x86] Enable I2C_DESIGNWARE_PLATFORM as module (Closes: #737163) * [x86] snd-pcsp: Disable autoload (Closes: #697709) * DFSG: Remove the af9005 initialisation script and vs6624 driver again (they were renamed in 3.7) * linux-image.postinst: Use lstat() to check symlink existence (Closes: #738707) * [hppa] Update configuration, thanks to Helge Deller (Closes: #738487) - megaraid: Enable MEGARAID_NEWGEN as module; disable MEGARAID_LEGACY - drm: Change DRM from module to built-in - [/parisc64-smp] udeb: Add fb-modules package containing radeon driver * udeb: Add various recently enabled drivers - Add i40e to nic-modules - Add r815x to nic-usb-modules - Add ath10k_core, ath10k_pci, brcmfmac to nic-wireless-modules - Add esas2r to scsi-modules * Bluetooth: allocate static minor for vhci (fixes depmod error) * Set ABI to 1 -- Ben Hutchings Sat, 22 Feb 2014 11:54:57 +0000 linux-tools (3.13-1~exp3) experimental; urgency=medium * linux-tools: Fix/revert unportable code in perf trace (fixes FTBFS on powerpc, sparc) -- Ben Hutchings Fri, 07 Feb 2014 20:36:29 +0000 linux-tools (3.13-1~exp2) experimental; urgency=medium * Merge changes from sid up to 3.12.6-3 -- Ben Hutchings Sun, 02 Feb 2014 16:57:49 +0100 linux-tools (3.13-1~exp1) experimental; urgency=low * New upstream release -- Ben Hutchings Sun, 02 Feb 2014 12:02:29 +0100 linux (3.13-1~exp1) experimental; urgency=low * New upstream release: http://kernelnewbies.org/Linux_3.13 [ Ben Hutchings ] * [armhf] xen/pci: Fix build on non-x86 * [hppa/parisc64-smp] Disable MLONGCALLS (Closes: #733897) * [armel] Remove iop32x flavour (fixes FTBFS) * aufs: Update to aufs3.x-rcN-20140120 - bugfix, removed /proc/PID/fd/N [ Bastian Blank ] * Initial Python 3 support: - Build-depend on python-six. [ Aurelien Jarno ] * [mipsel] Remove cobalt d-i files. * [mipsel] Enable KEXEC like on mips. * [mipsel] Explicitly unset RAPIDIO like on mips. -- Ben Hutchings Mon, 20 Jan 2014 05:43:51 +0000 linux (3.13~rc6-1~exp1) experimental; urgency=low * New upstream release candidate [ Ben Hutchings ] * [rt] Disable until it is updated for 3.13 or later * aufs: Update to aufs3.x-rcN-20131223 * [x86] staging: lustre: Make LUSTRE_LLITE_LLOOP tristate * mm: Enable MEM_SOFT_DIRTY, NUMA_BALANCING but not NUMA_BALANCING_DEFAULT_ENABLED * ipv6: Enable IPV6_VTI as module * netfilter: Enable NF_TABLES, NFT_EXTHDR, NFT_META, NFT_CT, NFT_RBTREE, NFT_HASH, NFT_COUNTER, NFT_LOG, NFT_LIMIT, NFT_NAT, NFT_COMPAT, IP_SET_HASH_NETPORTNET, IP_SET_HASH_NETNET, IP_NF_TARGET_SYNPROXY, IP6_NF_TARGET_SYNPROXY as modules * net/sched: Enable NET_CLS_BPF as module * nfc: Enable NFC_DIGITAL, NFC_PORT100 as modules * block: Enable BLK_DEV_NULL_BLK, BLK_DEV_SKD as modules * SCSI: Enable SCSI_ESAS2R as module * net/usb: Enable USB_NET_HUAWEI_CDC_NCM as module * touchscreen: Enable TOUCHSCREEN_SUR40 as module * [x86] video: Enable X86_SYSFB, FB_SIMPLE * [x86] ACPI: Enable ACPI_EXTLOG * [x86] touchscreen: Enable TOUCHSCREEN_TSC_SERIO as module * [x86] tpm: Enable TCG_TIS_I2C_ATMEL, TCG_TIS_I2C_INFINEON, TCG_TIS_I2C_NUVOTON, TCG_ST33_I2C, TCG_XEN as modules * [amd64] misc: Enable INTEL_MIC_HOST as module * [powerpc/powerpc64] block: Enable AIX_PARTITION * net/sched: Change NET_CLS_CGROUP from built-in to module * nfc: Disable NFC_NCI as no enabled drivers need it * misc: Disable BMP085_I2C as unlikely to be useful [ Aurelien Jarno ] * [mipsel] Remove r5k-cobalt flavour. -- Ben Hutchings Mon, 30 Dec 2013 02:36:11 +0100 linux-tools (3.12.6-3) unstable; urgency=medium * linux-tools: Explicitly enable/disable libunwind usage for all architectures (fixes FTBFS on s390x and sparc) * linux-tools: Only use libunwind on x86, as perf needs additional porting work for other architectures (fixes FTBFS on arm and powerpc) -- Ben Hutchings Sun, 02 Feb 2014 16:46:44 +0100 linux-tools (3.12.6-2) unstable; urgency=medium * linux-tools: Replace build-dependency on libunwind7-dev with libunwind8-dev -- Ben Hutchings Sun, 02 Feb 2014 11:51:18 +0100 linux (3.12.9-1) unstable; urgency=high * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.9 - Revert "ACPI: Add BayTrail SoC GPIO and LPSS ACPI IDs" (regression in 3.12.7) - GFS2: Increase i_writecount during gfs2_setattr_chown - vfs: Fix a regression in mounting proc (regression in 3.12) - fork: Allow CLONE_PARENT after setns(CLONE_NEWPID) (regression in 3.12) - i2c: Re-instate body of i2c_parent_is_i2c_adapter() (regression in 3.12) - writeback: Fix data corruption on NFS - thp: fix copy_page_rep GPF by testing is_huge_zero_pmd once only - [x86] ftrace: Load ftrace_ops in parameter not the variable holding it - nilfs2: fix segctor bug that causes file system corruption - md: fix problem when adding device to read-only array with bitmap. - md/raid10: fix bug when raid10 recovery fails to recover a block. - md/raid10: fix two bugs in handling of known-bad-blocks. - md/raid5: Fix possible confusion when multiple write errors occur. - mm: Make {,set}page_address() static inline if WANT_PAGE_VIRTUAL (fixes FTBFS on sparc and m68k) - [x86] drm/i915: Don't grab crtc mutexes in intel_modeset_gem_init() (regression in 3.12.7) - [arm] 7938/1: OMAP4/highbank: Flush L2 cache before disabling [ Ben Hutchings ] * HID: Enable HID_ELO, HID_XINMO as modules (Closes: #736369) * xhci: Revert generalised sg support (Closes: #733826, #736274) -- Ben Hutchings Sat, 01 Feb 2014 18:50:01 +0100 linux (3.12.8-1) unstable; urgency=medium * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.7 - [powerpc] kvm: fix rare but potential deadlock scene - [m68k] TTY: pmac_zilog, check existence of ports in pmz_console_init() - xhci: Limit the spurious wakeup fix only to HP machines (fixes regression in 3.12) - usb: chipidea: host: Only disable the vbus regulator if it is not NULL (fixes regression in 3.12) - aio: fix kioctx leak introduced by "aio: Fix a trinity splat" - iser-target: Move INIT_WORK setup into isert_create_device_ib_res - [x86] idle: Repair large-server 50-watt idle-power regression (fixes regression in 3.10) - ext4: call ext4_error_inode() if jbd2_journal_dirty_metadata() fails - ext4: fix use-after-free in ext4_mb_new_blocks - ext4: fix del_timer() misuse for ->s_err_report - ext4: add explicit casts when masking cluster sizes - ext4: fix bigalloc regression - sched/rt: Fix rq's cpupri leak while enqueue/dequeue child RT entities - net_dma: mark broken (fixes potential data loss) - drm/i915: Take modeset locks around intel_modeset_setup_hw_state() - drm/i915: Hold mutex across i915_gem_release - drm/i915: Fix use-after-free in do_switch - drm/i915: don't update the dri1 breadcrumb with modesetting - drm/i915: Fix erroneous dereference of batch_obj inside reset_status - ceph: Avoid data inconsistency due to d-cache aliasing in readpage() - tg3: Expand 4g_overflow_test workaround to skb fragments of any size. - cgroup: fix cgroup_create() error handling path - [powerpc] auxvec.h: account for AT_HWCAP2 in AT_VECTOR_SIZE_BASE - ath9k_htc: properly set MAC address and BSSID mask (CVE-2013-4579) (Closes: #729573) - KVM: nVMX: Unconditionally uninit the MMU on nested vmexit - [x86] KVM: Fix APIC map calculation after re-enabling - [powerpc] Fix bad stack check in exception entry - libata: implement ATA_HORKAGE_NO_NCQ_TRIM and apply it to Micro M500 SSDs (fixes potential data loss) - radiotap: fix bitmap-end-finding buffer overrun - mm: numa: serialise parallel get_user_page against THP migration - mm: numa: call MMU notifiers on THP migration - mm: clear pmd_numa before invalidating - mm: numa: do not clear PTE for pte_numa update - mm: numa: ensure anon_vma is locked to prevent parallel THP splits - sched: numa: skip inaccessible VMAs - mm: numa: clear numa hinting information on mprotect - mm: fix TLB flush race between migration, and change_protection_range - mm: numa: guarantee that tlb_flush_pending updates are visible before page table updates - mm/mempolicy: correct putback method for isolate pages if failed - mm/compaction: respect ignore_skip_hint in update_pageblock_skip - mm/hugetlb: check for pte NULL pointer in __page_check_address() - mm: munlock: fix a bug where THP tail page is encountered - mm: munlock: fix deadlock in __munlock_pagevec() - mm: fix use-after-free in sys_remap_file_pages - Input: allocate absinfo data when setting ABS capability - GFS2: Fix use-after-free race when calling gfs2_remove_from_ail - GFS2: Fix slab memory leak in gfs2_bufdata - GFS2: Fix incorrect invalidation for DIO/buffered I/O - [s390] 3270: fix allocation of tty3270_screen structure - [sh] always link in helper functions extracted from libgcc - selinux: look for IPsec labels on both inbound and outbound packets - selinux: process labeled IPsec TCP SYN-ACK packets properly in selinux_ip_postroute() - aio: clean up and fix aio_setup_ring page mapping - aio/migratepages: make aio migrate pages sane - ACPIPHP / radeon / nouveau: Fix VGA switcheroo problem related to hotplug (regression in 3.12) http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.8 - IPv6: Fixed support for blackhole and prohibit routes - net: do not pretend FRAGLIST support - tun: unbreak truncated packet signalling - macvtap: signal truncated packets - br: fix use of ->rx_handler_data in code executed on non-rx_handler path - inet: fix NULL pointer Oops in fib(6)_rule_suppress - vxlan: release rt when found circular route - ipv6: fix illegal mac_header comparison on 32bit - ip_gre: fix msg_name parsing for recvfrom/recvmsg - net: inet_diag: zero out uninitialized idiag_{src,dst} fields - drivers/net/hamradio: Integer overflow in hdlcdrv_ioctl() - hamradio/yam: fix info leak in ioctl - net: fec: fix potential use after free - rds: prevent dereference of a NULL device - arc_emac: fix potential use after free - net: rose: restore old recvmsg behavior (regression in 3.12.4) - vlan: Fix header ops passthru when doing TX VLAN offload. - virtio-net: fix refill races during restore - net: llc: fix use after free in llc_ui_recvmsg - netpoll: Fix missing TXQ unlock and and OOPS. - bridge: use spin_lock_bh() in br_multicast_set_hash_max - sfc: Add length checks to efx_xmit_with_hwtstamp() and efx_ptp_is_ptp_tx() - sfc: PTP: Moderate log message on event queue overflow - sfc: Rate-limit log message for PTP packets without a matching timestamp event - [arm] fix "bad mode in ... handler" message for undefined instructions - [arm] 7923/1: mm: fix dcache flush logic for compound high pages - [hppa] Ensure full cache coherency for kmap/kunmap - clk: clk-divider: fix divisor > 255 bug - mfd: rtsx_pcr: Disable interrupts before cancelling delayed works - netfilter: fix wrong byte order in nf_ct_seqadj_set internal information (regression in 3.12) - netfilter: nf_nat: fix access to uninitialized buffer in IRC NAT helper - x86, fpu, amd: Clear exceptions in AMD FXSAVE workaround (CVE-2014-1438) (Closes: #733551) - sched: Fix race on toggling cfs_bandwidth_used - sched: Fix cfs_bandwidth misuse of hrtimer_expires_remaining - sched: Fix hrtimer_cancel()/rq->lock deadlock [ Ben Hutchings ] * [hppa] Update configuration, thanks to Helge Deller (Closes: #733895) - Change AGP, AGP_PARISC from modules to built-in, to work around race condition between DRM and AGP - Enable DEBUG_STACKOVERFLOW - udeb: Build packages for the parisc64-smp flavour instead of the removed parisc flavour (fixes FTBFS) * linux-image: Make maintainer scripts less verbose (Closes: #734266) * [m68k] Enable EARLY_PRINTK (Closes: #734289) * crypto: Enable more processor-specific algorithms and drivers: - [amd64] Enable CRYPTO_CRCT10DIF_PCLMUL, CRYPTO_SHA256_SSSE3, CRYPTO_SHA512_SSSE3, CRYPTO_GHASH_CLMUL_NI_INTEL, CRYPTO_CAMELLIA_AESNI_AVX_X86_64, CRYPTO_CAMELLIA_AESNI_AVX2_X86_64, CRYPTO_CAST5_AVX_X86_64, CRYPTO_CAST6_AVX_X86_64, CRYPTO_SERPENT_AVX2_X86_64 as modules (Closes: #734376) - [arm] Enable CRYPTO_SHA1_ARM, CRYPTO_AES_ARM as modules - [powerpc] Enable CRYPTO_SHA1_PPC as module - [sparc] Enable CRYPTO_CRC32C_SPARC64, CRYPTO_MD5_SPARC64, CRYPTO_SHA1_SPARC64, CRYPTO_SHA256_SPARC64, CRYPTO_SHA512_SPARC64, CRYPTO_AES_SPARC64, CRYPTO_CAMELLIA_SPARC64, CRYPTO_DES_SPARC64, CRYPTO_DEV_NIAGARA2 as modules - [x86] Enable CRYPTO_CRC32_PCLMUL as module * [powerpc] Remove AT_HWCAP2 from auxv to avoid module ABI change * [rt] Update to 3.12.6-rt9: - rcu: Don't activate RCU core on NO_HZ_FULL CPUs - timers: do not raise softirq unconditionally - rcutree/rcu_bh_qs: disable irq while calling rcu_preempt_qs() * Revert "net: unix: allow set_peek_off to fail", included in 3.12.8, as it would cause an ABI change * media: Enable VIDEO_STK1160_COMMON (new dependency of VIDEO_STK1160) as module (Closes: #735870) * [x86] brcm80211: Enable BRCMFMAC as module, and BRCMFMAC_SDIO (Closes: #735245) * [x86] staging: lustre: Make LUSTRE_LLITE_LLOOP tristate [ Ian Campbell ] * [armel/kirkwood] Fix interrupt handling on non-DT platforms (Closes: #735172) * [armhf/armmp] Add mmci driver to mmc-module udeb. -- Ben Hutchings Sun, 19 Jan 2014 19:22:22 +0000 linux (3.12.6-2) unstable; urgency=medium [ Bastian Blank ] * [x86] Make MICROCODE built-in for early microcode loading. [ Ben Hutchings ] * [armhf] linux-headers: Fix typo in compiler dependency -- Ben Hutchings Sun, 29 Dec 2013 16:56:20 +0100 linux (3.12.6-1) unstable; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4 - net: x86: bpf: don't forget to free sk_filter (v2) - net: Fix "ip rule delete table 256" (Closes: #724783) - net-tcp: fix panic in tcp_fastopen_cache_set() - inet: prevent leakage of uninitialized memory to user in recv syscalls (CVE-2013-6405) - ping: prevent NULL pointer dereference on write to msg_name (CVE-2013-6432) - ipv6: fix leaking uninitialized port number of offender sockaddr - netfilter: push reasm skb through instead of original frag skbs - packet: fix use after free race in send path when dev is released - gso: handle new frag_list of frags GRO packets - net: update consumers of MSG_MORE to recognize MSG_SENDPAGE_NOTLAST - xfs: add capability check to free eofblocks ioctl - iommu/vt-d: Fixed interaction of VFIO_IOMMU_MAP_DMA with IOMMU address limits - aio: Fix a trinity splat - aio: prevent double free in ioctx_alloc https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.5 - [s390,s390x] crypto: Fix aes-xts parameter corruption - crypto: scatterwalk - Set the chain pointer indication bit - crypto: ccm - Fix handling of zero plaintext when computing mac - crypto: authenc - Find proper IV address in ablkcipher callback - [armhf] mvebu: use the virtual CPU registers to access coherency registers - vfs: fix subtle use-after-free of pipe_inode_info - SCSI: bfa: Fix crash when symb name set for offline vport - SCSI: hpsa: do not discard scsi status on aborted commands - [hppa] fix mmap(MAP_FIXED|MAP_SHARED) to already mmapped address - net: update consumers of MSG_MORE to recognize MSG_SENDPAGE_NOTLAST - SCSI: Disable WRITE SAME for RAID and virtual host adapter drivers - tg3: avoid double-freeing of rx data memory - crypto: scatterwalk - Use sg_chain_ptr on chain entries http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.6 - ALSA: memalloc.h - fix wrong truncation of dma_addr_t - [arm] 7912/1: check stack pointer in get_wchan - [arm] 7913/1: fix framepointer check in unwind_frame - KVM: Improve create VCPU parameter (CVE-2013-4587) - [x86] KVM: Fix potential divide by 0 in lapic (CVE-2013-6367) - [x86] KVM: Convert vapic synchronization to _cached functions (CVE-2013-6368) - [x86] KVM: fix guest-initiated crash with x2apic (CVE-2013-6376) - xfs: growfs overruns AGFL buffer on V4 filesystems - futex: fix handling of read-only-mapped hugepages - nfsd: when reusing an existing repcache entry, unhash it first - [armhf] usb: musb: musb_cppi41: handle pre-mature TX complete interrupt - powerpc: Fix PTE page address mismatch in pgtable ctor/dtor - mm: memcg: do not allow task about to OOM kill to bypass the limit - mm: memcg: fix race condition between memcg teardown and swapin - cfg80211: disable 5/10 MHz support for all drivers - Revert "mac80211: allow disable power save in mesh" - mac80211: fix scheduled scan rtnl deadlock - iwlwifi: mvm: check sta_id/drain values in debugfs - Btrfs: fix access_ok() check in btrfs_ioctl_send() - dm snapshot: avoid snapshot space leak on crash - dm array: fix a reference counting bug in shadow_ablock - dm space map metadata: return on failure in sm_metadata_new_block - dm space map: disallow decrementing a reference count below zero - dm table: fail dm_table_create on dm_round_up overflow - dm thin: switch to read only mode if a mapping insert fails - dm thin: switch to read-only mode if metadata space is exhausted - dm thin: always fallback the pool mode if commit fails - dm thin: re-establish read-only state when switching to fail mode - dm thin: allow pool in read-only mode to transition to read-write mode - media/cxd2820r_core: Fix regression in 3.12.3 - sched: Avoid throttle_cfs_rq() racing with period_timer stopping - Btrfs: do a full search everytime in btrfs_search_old_slot - Btrfs: reset intwrite on transaction abort - Btrfs: fix memory leak of chunks' extent map - Btrfs: fix hole check in log_one_extent - Btrfs: fix incorrect inode acl reset - Btrfs: take ordered root lock when removing ordered operations inode - Btrfs: do not run snapshot-aware defragment on error - Btrfs: fix a crash when running balance and defrag concurrently - Btrfs: fix lockdep error in async commit [ Ben Hutchings ] * udeb: Add ohci-pci to usb-modules (Closes: #730789) * cifs: Enable CIFS_SMB2 * [hppa] Update flavours and configuration, thanks to Helge Deller (Closes: #721191) - Remove parisc-smp and parisc64 (UP) flavours - Build with gcc-4.8 - rtc: Enable HP_SDC_RTC as module - megaraid: Enable MEGARAID_NEWGEN - [/parisc64-smp] Enable MLONGCALLS, DISCONTIGMEM_MANUAL - [/parisc64-smp] Enable PATA_SIL680, AGP, AGP_PARISC, DRM, DRM_RADEON as modules * firmware: Disable FW_LOADER_USER_HELPER (see #725714) * firmware: Improve logging of success/failure for direct file loading * media: az6007: support Technisat Cablestar Combo HDCI (minus remote) (Closes: #732106) * linux-source: Compress with gzip -1 (Closes: #725492) * [alpha] Prevent a NULL ptr dereference in csum_partial_copy * Set ABI to 1 * [ia64] Enable PSTORE, EFI_VARS_PSTORE * [x86,ia64] udeb: Remove zlib-modules as zlib is now built-in * [rt] Update to 3.12.5-rt7: - ptrace: fix ptrace vs tasklist_lock race - migrate_disable pushd down in atomic_dec_and_spin_lock - migrate_disable pushd down in rt_spin_trylock_irqsave - migrate_disable pushd down in rt_write_trylock_irqsave - Revert "sched/rt: Fix wait_task_interactive() to test rt_spin_lock state" - seqlock: consolidate spin_lock/unlock waiting with spin_unlock_wait - softirq: make migrate disable/enable conditioned on softirq_nestcnt [ Ian Campbell ] * [armel/kirkwood+orion] Reenable MARVELL_PHY (Closes: #723177) -- Ben Hutchings Sat, 21 Dec 2013 03:12:38 +0000 linux (3.12.3-1~exp1) experimental; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.1 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.2 - libertas: potential oops in debugfs (CVE-2013-6378) - exec/ptrace: fix get_dumpable() incorrect tests (CVE-2013-2929) https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.3 [ Ben Hutchings ] * [rt] Update to 3.12.0-rt2 and reenable * HID: Enable UHID as module (Closes: #729338) * [sh4] Remove some accidental inconsistencies in config * Enable CHECKPOINT_RESTORE (Closes: #682700) * Enable JUMP_LABEL (Closes: #730071) * [x86] staging: Enable CRYSTALHD as module (Closes: #730832) * aufs: Update to aufs3.12-20131111 (no functional change) * [rt] Update to 3.12.1-rt4 * udeb: Add snd-usb-hiface to sound-modules, thanks to Samuel Thibault (Closes: #730418) * linux-image-dbg: Use correct objcopy command when cross-compiling, thanks to Jon Severinsson [ Bastian Blank ] * Use compiler name instead of Linux version in compiler meta-packages. [ Ian Campbell ] * [armhf]: Enable AHCI_IMX in armmp+lpae flavours. [ Aurelien Jarno ] * [mips/octeon] Add kernel udebs. * [mipsel] Add a loongson-2e flavour. -- Ben Hutchings Thu, 05 Dec 2013 14:34:39 +0000 linux-tools (3.12.6-1) unstable; urgency=medium * New upstream stable update - perf tools: Remove cast of non-variadic function to variadic - perf tools: Synthesize anon MMAP records again [ Ben Hutchings ] * linux-tools: Replace build-dependency on binutils-dev with libiberty-dev (or old binutils-dev, for ease of backporting) (Closes: #730883) -- Ben Hutchings Sat, 30 Nov 2013 23:48:32 +0000 linux-tools (3.12-1~exp1) experimental; urgency=low * New upstream release (Closes: #729197) * [x86, powerpc, ppc64] linux-tools: Build perf with libnuma -- Ben Hutchings Mon, 18 Nov 2013 05:14:34 +0000 linux (3.12-1~exp1) experimental; urgency=low * New upstream release: http://kernelnewbies.org/Linux_3.12 [ Ben Hutchings ] * namespaces: Enable USER_NS (Closes: #712870) - Restrict creation of user namespaces to root (CAP_SYS_ADMIN) by default (sysctl: kernel.unprivileged_userns_clone) * aufs: Update to aufs3.x-rcN-20131104 - mmap() holds a reference to the union file as well as the branch file * [armel/{iop32x,ixp4xx}] Disable BPF_JIT, MEMCG, USER_NS to reduce kernel size * [arm,x86,s390,s390x] Introduce linux-compiler meta-packages to allow use of foreign linux-headers packages with a native multilib compiler * perf/ftrace: Fix paranoid level for enabling function tracer (CVE-2013-2930) * media/usb/gspca: Enable USB_GSPCA_STK1135 as module * net/ethernet: Enable I40E as module * net/usb: Enable USB_NET_SR9700 as module * net/wireless/rt2x00: Enable RT2800USB_RT3573 * openvswitch: Enable OPENVSWITCH_VXLAN * net/sched: Enable NET_SCH_FQ as module * [x86] HID: Enable I2C_HID as module (Closes: #729801) * [x86] input/misc: Enable INPUT_IDEAPAD_SLIDEBAR as module * [x86] fs: Enable LUSTRE_FS, LUSTRE_LLITE_LOOP, LNET_XPRT_IB as modules * [x86] thermal: Enable INTEL_POWERCLAMP, X86_PKG_TEMP_THERMAL as modules * [armhf/armmp] udeb: Add zlib-modules [ Thorsten Glaser ] * Update m68k config (Closes: #728392): - enable COMPAT_BRK by explicit upstream (m68k maintainer) request - re-enable FPU emulation after discussion upstream, by popular request - disable ADB_MACIISI by upstream (Mac68k maintainer) request -- Ben Hutchings Sun, 17 Nov 2013 22:41:26 +0000 linux (3.12~rc7-1~exp1) experimental; urgency=low * New upstream release candidate [ Ben Hutchings ] * aufs: Update to aufs3.x-rcN-20131014 -- Ben Hutchings Mon, 28 Oct 2013 04:12:20 +0000 linux (3.11.10-1) unstable; urgency=medium * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.11.9 - net/mlx4_core: Fix call to __mlx4_unregister_mac - net: sctp: do not trigger BUG_ON in sctp_cmd_delete_tcb - cxgb3: Fix length calculation in write_ofld_wr() on 32-bit architectures - tcp: gso: fix truesize tracking - xen-netback: Handle backend state transitions in a more robust way - xen-netback: transition to CLOSED when removing a VIF - [x86] hyperv-fb: add pci stub - tracing: Fix potential out-of-bounds in trace_get_user() - perf: Fix perf ring buffer memory ordering http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.11.10 - ACPICA: DeRefOf operator: Update to fully resolve FieldUnit and BufferField refs. - libertas: potential oops in debugfs (CVE-2013-6378) - aacraid: prevent invalid pointer dereference - ACPICA: Return error if DerefOf resolves to a null package element. - ACPICA: Fix for a Store->ArgX when ArgX contains a reference to a field. - USB: mos7840: fix tiocmget error handling - Btrfs: relocate csums properly with prealloc extents - [s390,s390x] crypto: s390 - Fix aes-cbc IV corruption - can: c_can: Fix RX message handling, handle lost message before EOB - ipc,shm: correct error return value in shmctl (SHM_UNLOCK) - ipc,shm: fix shm_file deletion races - drm/nvc0-/gr: fix a number of missing explicit array terminators... - sched, idle: Fix the idle polling state logic - [x86] ACPI / EC: Ensure lock is acquired before accessing ec struct members - [x86] ACPI / video: Quirk initial backlight level 0 - Staging: zram: Fix access of NULL pointer - Drivers: hv: vmbus: Fix a bug in channel rescind code - rt2x00: fix a crash bug in the HT descriptor handling fix - Bluetooth: revert: "Bluetooth: Add missing reset_resume dev_pm_ops" - exec/ptrace: fix get_dumpable() incorrect tests (CVE-2013-2929) [ Ben Hutchings ] * net: clamp ->msg_namelen instead of returning an error * tcp: tsq: restore minimal amount of queueing * rds: prevent BUG_ON triggered on congestion update to loopback (CVE-2012-2372) * ipv6: fix headroom calculation in udp6_ufo_fragment (CVE-2013-4563) * [s390,s390x] qeth: avoid buffer overflow in snmp ioctl (CVE-2013-6381) * xfs: underflow bug in xfs_attrlist_by_handle() (CVE-2013-6382) * [x86] Enable CHROMEOS_LAPTOP as module (Closes: #731271) - iio/light: Enable SENSORS_TSL2563, SENSORS_ISL29018, TSL2583 as modules -- Ben Hutchings Wed, 04 Dec 2013 14:49:01 +0000 linux (3.11.8-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.11.8 - bcache: Fixed incorrect order of arguments to bio_alloc_bioset() - cgroup: fix to break the while loop in cgroup_attach_task() correctly - mac80211: drop spoofed packets in ad-hoc mode - mac80211: fix crash if bitrate calculation goes wrong - rtlwifi: rtl8192cu: Fix error in pointer arithmetic - jfs: fix error path in ialloc - SCSI: sd: call blk_pm_runtime_init before add_disk - ecryptfs: Fix memory leakage in keystore.c - eCryptfs: fix 32 bit corruption issue - raid5: set bio bi_vcnt 0 for discard request - raid5: avoid finding "discard" stripe - libata: make ata_eh_qc_retry() bump scmd->allowed on bogus failures - Revert "epoll: use freezable blocking call" - Revert "select: use freezable blocking call" - md: Fix skipping recovery for read-only arrays. - vhost/scsi: Fix incorrect usage of get_user_pages_fast write parameter - Fix a few incorrectly checked [io_]remap_pfn_range() calls - lib/scatterlist.c: don't flush_kernel_dcache_page on slab page - aacraid: missing capable() check in compat ioctl - mm: Wait for THP migrations to complete during NUMA hinting faults - mm: Prevent parallel splits during THP migration - mm: Close races between THP migration and PMD numa clearing - mm/pagewalk.c: fix walk_page_range() access of wrong PTEs - drm: Prevent overwriting from userspace underallocating core ioctl structs - seq_file: always update file->f_pos in seq_lseek() [ Ben Hutchings ] * perf/ftrace: Fix paranoid level for enabling function tracer (CVE-2013-2930) * [armhf] Bump ABI to 2 * [armhf/armmp] udeb: Add zlib-modules (fixes FTBFS) -- Ben Hutchings Wed, 13 Nov 2013 05:36:36 +0000 linux (3.11.7-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.11.7 - tcp: TSO packets automatic sizing - tcp: TSQ can use a dynamic limit - tcp: must unclone packets before mangling them - tcp: fix incorrect ca_state in tail loss probe (Closes: #728726) [ Ben Hutchings ] * [armel] udeb: Re-enable iop32x flavour * Bump ABI to 2 due to TCP changes -- Ben Hutchings Sat, 09 Nov 2013 20:18:02 +0000 linux (3.11.6-2) unstable; urgency=medium [ Ben Hutchings ] * [sh4] Reduce compiler version to gcc-4.7, as gcc-4.8 is not yet available * [ia64] Reduce compiler version to gcc-4.6, matching gcc-defaults (fixes FTBFS) * [armhf] Bump ABI to 1a, as enabling Xen and KVM support changes ABI * net: Fix infinite loop in in skb_flow_dissect() (CVE-2013-4348) * net: do not call sock_put() on TIMEWAIT sockets * l2tp: fix kernel panic when using IPv4-mapped IPv6 addresses * net: heap overflow in __audit_sockaddr() * proc connector: fix info leaks * bridge: update mdb expiration timer upon reports. * Revert "bridge: only expire the mdb entry when query is received" * unix_diag: fix info leak * be2net: pass if_id for v1 and V2 versions of TX_CREATE cmd * net: fix cipso packet validation when !NETLABEL * inet: fix possible memory corruption with UDP_CORK and UFO * [arm] 7851/1: check for number of arguments in syscall_get/set_arguments() * ext[34]: fix double put in tmpfile * dm snapshot: fix data corruption (CVE-2013-4299) * i2c: ismt: initialize DMA buffer * mm: fix BUG in __split_huge_page_pmd * writeback: fix negative bdi max pause [ Aurelien Jarno ] * UAPI: include in linux/raid/md_p.h. -- Ben Hutchings Fri, 01 Nov 2013 05:23:13 +0000 linux-tools (3.11-3) unstable; urgency=low * linux-tools: Replace build-dependency on libunwind8-dev with libunwind7-dev, as the new libunwind will not enter testing soon -- Ben Hutchings Tue, 29 Oct 2013 02:12:36 +0000 linux (3.11.6-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.11.6 - random: run random_int_secret_init() run after all late_initcalls - ext4: fix memory leak in xattr - KVM: PPC: Book3S HV: Fix typo in saving DSCR - ipc: Apply mainline changes up to 3.12-rc5 [ Ian Campbell ] * [armhf] Enable Xen and virtio for armmp and armmp-lpae as well as KVM for armmp-lpae only. [ Ben Hutchings ] * kbuild: Use -nostdinc in compile tests (Closes: #726861, workaround for #717557) * Disable CC_OPTIMIZE_FOR_SIZE (Closes: #635899, fixes FTBFS on mips, mipsel, powerpc) [!armel/{iop32x,ixp4xx,kirkwood,orion5x},m68k] * aufs: Update to aufs3.11-20131014 - Remove dependency on loop module (Closes: #727243) * [armhf/armmp] udeb: Add ppp-modules -- Ben Hutchings Sun, 27 Oct 2013 19:02:04 +0000 linux-tools (3.11-2) unstable; urgency=low * linux-tools: Limit build-dependency on libunwind8-dev to architectures where it is available and needed -- Ben Hutchings Sun, 27 Oct 2013 18:01:37 +0000 linux-tools (3.11-1) unstable; urgency=low * New upstream release * linux-tools: Build perf with libaudit and libunwind -- Ben Hutchings Sat, 19 Oct 2013 02:38:59 +0100 linux (3.11.5-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.11.1 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.11.2 - media: siano: fix divide error on 0 counters (Closes: #719623) http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.11.3 - HID: multitouch: validate indexes details (CVE-2013-2897) - HID: LG: validate HID output report details (CVE-2013-2893) - HID: zeroplus: validate output report details (CVE-2013-2889) - HID: lenovo-tpkbd: fix leak if tpkbd_probe_tp fails (CVE-2013-2894) - HID: steelseries: validate output report details (CVE-2013-2891) - HID: logitech-dj: validate output report details (CVE-2013-2895) http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.11.4 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.11.5 - cpqarray: fix info leak in ida_locked_ioctl() (CVE-2013-2147) - cciss: fix info leak in cciss_ioctl32_passthru() (CVE-2013-2147) - tuntap: correctly handle error in tun_set_iff() (CVE-2013-4343) - net: sctp: fix ipv6 ipsec encryption bug in sctp_v6_xmit (CVE-2013-4350) - ipv6: udp packets following an UFO enqueued packet need also be handled by UFO (CVE-2013-4387) [ Ben Hutchings ] * udeb: Update config to match previous kernel config changes: - Remove ext{2,3}-modules - Update description of ext4-modules and let it provide ext{2,3}-modules - Remove aic7xxx_old, enc28j60 and imm from module lists - [sh4] kernel-image no longer provides ext3-modules * [hppa] udeb: kernel-image does not provide ext2-modules (since 3.2.7-1) * [arm] thermal: Re-enable CPU_THERMAL as built-in (regression in 3.10~rc4-1~exp1) * Stop providing virtual packages linux-image (Closes: #724569), linux-headers and linux-source * hwmon: Enable SENSORS_JC42, SENSORS_NCT6775 as modules (Closes: #722062) * compiler/gcc4: Add quirk for 'asm goto' miscompilation bug * [arm64] Build a linux-libc-dev package (Closes: #695241) * crypto: ansi_cprng - Fix off by one error in non-block size request (CVE-2013-4345) * mvsas: Recognise device/subsystem 9485/9485 as 88SE9485 * Set ABI to 1 * [i386] Remove xen-linux-system- packages (Closes: #726010) [ Ian Campbell ] * [armhf] Enable CONFIG_PCI for multiplatform flavour. - Enable standard NIC and SCSI modules and include in udebs. * [armhf] Add multiplatform + LPAE flavour (armmp-lpae). * [armhf] Remove mx5, omap and vexpress flavours. These are all supported by the multiplatform flavour. * [armel/kirkwood] Add orion-ehci, mvmdio and of_mdio modules to udebs. -- Ben Hutchings Thu, 17 Oct 2013 14:46:41 +0100 linux (3.11-1~exp1) experimental; urgency=low * New upstream release: http://kernelnewbies.org/Linux_3.11 [ Ben Hutchings ] * Disable drivers for various platform/undetectable devices by default: - ata: Disable PATA_ARASAN_CF - hwrng: Disable HW_RANDOM_TIMERIOMEM - mdio: Disable MDIO_BITBANG - media: Disable SOC_CAMERA - media/radio: Disable I2C_SI470X, RADIO_SAA7706H, RADIO_SI4713, RADIO_TEA5764, RADIO_TEF6862, RADIO_WL1273 - mfd: Disable HTC_PASIC3, MFD_PCF50633, MFD_SM501, TPS65010 - mtd: Disable MTD_ONENAND_GENERIC - mmc: Disable MMC_SPI, MMC_SDHCI_PLTFM - net/can: Disable CAN_MCP251X - net/ethernet: Disable DNET, ENC28J60, ETHOC, KS8842, KS8851, KS8851_MLL, WIZNET_W5100, WIZNET_W5300 - net/wireless: Disable LIBERTAS_SPI, P54_SPI - parport: Disable PARPORT_AX88796 - power: Disable BATTERY_BQ27x00, BATTERY_DS2760, BATTERY_DS2782, BATTERY_MAX17040 - regulator: Disable all drivers - rtc: Disable all drivers except RTC_DRV_CMOS - serial: Disable SERIAL_MAX3100 - spi: Disable SPI_TLE62X0 - uio: Disable UIO_PDRV, UIO_PDRV_GENIRQ - USB: Disable USB_C67X00_HCD, USB_ISP116X_HCD, USB_R8A66597_HCD - video: Disable FB_METRONOME - w1: Disable W1_SLAVE_DS2760 * [x86] mtd: Disable MTD_NAND_PLATFORM * [x86] power: Disable PDA_POWER * [x86] video: Disable FB_S1D13XXX * Disable some old non-hotplug PCI drivers: - SCSI: Disable SCSI_AIC7XXX_OLD - [x86] mtd: Disable MTD_PMC551 - [x86] net/wan: Disable SBNI * Disable parport drivers that are no longer likely to be useful: - block: Disable PARIDE - media: Disable VIDEO_BWQCAM, VIDEO_CQCAM, VIDEO_W9966 - SCSI: Disable SCSI_IMM, SCSI_PPA - [x86] net/ethernet: Disable ATP * bluetooth: Disable BT_HCIBTUART; the serial_cs and hci_uart drivers should be used instead * PCI: Disable PCIEPORTBUS in configurations for systems without PCI Express: armel/{iop32x,ixp4xx}, mips/!octeon, mipsel/*, sh4/* * [armhf/{armmp,mx5}] cpufreq: Enable GENERIC_CPUFREQ_CPU0 as module, replacing CPU_FREQ_IMX * [armhf/armmp] Enable PINCTRL_WM8850, replacing GPIO_VT8500 * [powerpc/powerpc64] Enable CPU_FREQ_CBE (previously CBE_CPUFREQ) as module * [armel] Re-enable iop32x and ixp4xx flavours * aufs: Update to aufs3.x-rcN-20130909 [ Bastian Blank ] * Symlink doc directory in linux-headers packages. * Make gcc-4.8 the default compiler. * Use default font selection. * Enable NFS 4.2 client support. * Use ext4 for all ext-variants. -- Ben Hutchings Thu, 12 Sep 2013 03:57:27 +0100 linux (3.11~rc7-1~exp1) experimental; urgency=low * New upstream release candidate [ Ben Hutchings ] * [arm,mips,s390,sh4] Enable KPROBES * trace: Enable KPROBE_EVENT (Closes: #640953) * trace: Enable UPROBES, UPROBE_EVENT (Closes: #691167) * irq: Always define devm_{request_threaded,free}_irq() (fixes FTBFS on s390,s390x) * [armel] Disable iop32x and ixp4xx flavours (fixes FTBFS) * Clean up maintainer scripts and templating system - Move all templates under debian/templates - linux-image: Remove undocumented $KERNEL_ARCH variable from hook environment - Use only one template syntax (@keyword@) and do all substitutions in gencontrol.py - linux-image.postinst: Remove debconf warning about ramdisk variable in /etc/kernel-img.conf - linux-image.postinst: Remove debconf warning about missing firmware; this should now be redundant and it annoys users that don't need the files (Closes: #612822) * Update Brazilian Portugese debconf template translations (Fernando Ike de Oliveira) (Closes: #719725) * hid: Enable HID_HUION as module (Closes: #721002) * [powerpc,x86] hid: Enable HID_APPLEIR as module * ACPI: Enable ACPI_INITRD_TABLE_OVERRIDE (Closes: #721310) * net: Enable NET_MPLS_GSO * nfc: Enable NFC_SIM as module * md: Enable DM_SWITCH as module * net: Enable NLMON as module * wireless: Enable ATH10K, ATH10K_PCI as modules * media: Enable VIDEO_USBTV as module * video: Enable FB_SMSCUFX as module * usb/serial: Enable USB_SERIAL_WISHBONE, USB_SERIAL_FLASHLOADER, USB_SERIAL_SUUNTO as modules * infiniband: Enable INFINIBAND_ISERT as module * xen: Enable XEN_BALLOON_MEMORY_HOTPLUG * fs: Enable QNX6FS_FS as module * f2fs: Enable F2FS_FS_SECURITY * 9p: Enable 9P_FS_SECURITY * sunrpc: Enable SUNRPC_DEBUG * vhost: Enable VHOST_SCSI as module * [x86] video: Enable FB_HYPERV as module * [x86] snd-hda-intel: Enable SND_HDA_I915 * [x86] mmc: Enable MMC_SDHCI_ACPI as module * [x86] comedi: Enable COMEDI_ADV_PCI1724, COMEDI_NI_LABPC_PCI (formerly COMEDI_NI_LABPC) as modules * [x86] Enable MLX5_INFINIBAND as module * [amd64] iommu: Enable AMD_IOMMU_V2 * [x86,ia64] fs: Enable EFIVAR_FS as module * wireless/ti: Disable WL_TI on all configurations except armhf/armmp * [hppa,mips,mipsel,sh4,sparc] ehci-hcd: Enable USB_EHCI_ROOT_HUB_TT and USB_EHCI_TT_NEWSCHED in all configurations, consistent with other architectures -- Ben Hutchings Sun, 01 Sep 2013 05:15:57 +0100 linux-tools (3.11~rc4-1~exp1) experimental; urgency=low * New upstream release candidate [ Ben Hutchings ] * linux-tools: Build perf documentation out-of-tree, as this now works and our previous workaround does not -- Ben Hutchings Thu, 08 Aug 2013 16:21:00 +0200 linux (3.11~rc4-1~exp1) experimental; urgency=low * New upstream release candidate [ Ben Hutchings ] * aufs: Update to aufs3.x-rcN-20130805 [ Hector Oron ] * [armhf/armmp] Enable NET_CALXEDA_XGMAC as module (Closes: #717269) -- Ben Hutchings Thu, 08 Aug 2013 13:09:47 +0200 linux (3.10.11-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.8 - [arm] perf/arm: Fix armpmu_map_hw_event() - memcg: don't initialize kmem-cache destroying work for root caches - fs/proc/task_mmu.c: fix buffer overflow in add_page_map() - elevator: Fix a race in elevator switching - mac80211: fix infinite loop in ieee80211_determine_chantype - can: pcan_usb: fix wrong memcpy() bytes length - cfg80211: fix P2P GO interface teardown - ASoC: dapm: Fix empty list check in dapm_new_mux() - ALSA: 6fire: make buffers DMA-able (pcm) - ALSA: 6fire: make buffers DMA-able (midi) - USB: ti_usb_3410_5052: fix big-endian firmware handling - USB: mos7720: fix broken control requests - Fix TLB gather virtual address range invalidation corner cases - [arm] 7809/1: perf: fix event validation for software group leaders (CVE-2013-4254) - jbd2: Fix use after free after error in jbd2_journal_dirty_metadata() http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.9 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.10 - [s390] KVM: s390: move kvm_guest_enter,exit closer to sie - mac80211: don't wait for TX status forever - tracing/kprobe: Wait for disabling all running kprobe handlers - tracing: Fix many race conditions including potential use-after-free - tracing/kprobes: Fail to unregister if probe event files are in use - tracing/uprobes: Fail to unregister if probe event files are in use - ftrace: Check module functions being traced on reload - zd1201: do not use stack as URB transfer_buffer - VFS: collect_mounts() should return an ERR_PTR - [arm] davinci: nand: specify ecc strength - drm/radeon/r7xx: fix copy paste typo in golden register setup - drm/radeon: fix UVD message buffer validation - drm/i915: Invalidate TLBs for the rings after a reset - nilfs2: remove double bio_put() in nilfs_end_bio_write() for BIO_EOPNOTSUPP error - Hostap: copying wrong data prism2_ioctl_giwaplist() - SCSI: zfcp: fix lock imbalance by reworking request queue locking - SCSI: zfcp: fix schedule-inside-lock in scsi_device list loops - SCSI: sg: Fix user memory corruption when SG_IO is interrupted by a signal - [x86] get_unmapped_area: Access mmap_legacy_base through mm_struct member - bcache: FUA fixes http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.11 - drm/nouveau/mc: fix race condition between constructor and request_irq() - jfs: fix readdir cookie incompatibility with NFSv4 (Closes: #714974) - [powerpc] Work around gcc miscompilation of __pa() on 64-bit - [powerpc] Don't Oops when accessing /proc/powerpc/lparcfg without hypervisor - timer_list: correct the iterator for timer_list - drivers/base/memory.c: fix show_mem_removable() to handle missing sections - memcg: check that kmem_cache has memcg_params before accessing it - SUNRPC: Fix memory corruption issue on 32-bit highmem systems - ath9k_htc: Restore skb headroom when returning skb to mac80211 - iscsi-target: Fix ImmediateData=Yes failure regression in >= v3.10 - iscsi-target: Fix potential NULL pointer in solicited NOPOUT reject - ACPI / EC: Add ASUSTEK L4R to quirk list in order to validate ECDT - regmap: rbtree: Fix overlapping rbnodes. [ Ben Hutchings ] * [rt] Update to 3.10.10-rt7: - hwlat-detector: Update hwlat_detector to add outer loop detection - hwlat-detector: Use thread instead of stop machine - hwlat-detector: Use trace_clock_local if available - genirq: do not invoke the affinity callback via a workqueue - simple-wait: rename and export the equivalent of waitqueue_active() - simple-wait: Fix a race condition with swait wakeups vs adding items to the list - rcu: Use swait_wake_all() in rcu_nocb_gp_cleanup() * aufs: Update to aufs3.10-20130826 * aufs: mvdown, don't let unprivileged users provoke a WARNING * [x86] ACPI: Re-enable ACPI_HOTPLUG_MEMORY as built-in * [x86] amd64_edac: Fix single-channel setups (Closes: #717473) * [x86] efi: Ensure efi-pstore is loaded on EFI systems * bug script: Prompt to include crash logs from pstore * ipv6: remove max_addresses check from ipv6_create_tempaddr (CVE-2013-0343) * HID: validate HID report id size (CVE-2013-2888) * HID: pantherlord: validate output report details (CVE-2013-2892) * HID: ntrig: validate feature report details (CVE-2013-2896) * HID: sensor-hub: validate feature report details (CVE-2013-2898) * HID: picolcd_core: validate output report details (CVE-2013-2899) * HID: check for NULL field when setting values [ Ian Campbell ] * [armel]: Enable MVMDIO and USB_EHCI_HCD_ORION on Kirkwood and Orion (Closes: #719680) * Bump ABI to 3 * [armhf]: Add udebs for armmp flavour -- Ben Hutchings Tue, 10 Sep 2013 14:13:16 +0100 linux-tools (3.10-4) unstable; urgency=low * Sourceful upload for the perl 5.18 transition * usbip: Fix package version override to be binNMU-safe -- Ben Hutchings Fri, 30 Aug 2013 12:44:56 +0100 linux (3.10.7-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.6 - [arm] Modify vectors page to defend against ROP buffer overflow attacks - [armel] 7790/1: Fix deferred mm switch on VIVT processors - [armel] 7791/1: a.out: remove partial a.out support - [powerpc] VPHN topology change updates all siblings - hwmon: (max6697) fix MAX6581 ideality - USB: mos7840: fix race in register handling - USB: mos7840: fix race in led handling - mac80211: fix duplicate retransmission detection - mac80211: fix ethtool stats for non-station interfaces - ixgbe: Fix Tx Hang issue with lldpad on 82598EB - Bluetooth: ath3k: don't use stack memory for DMA - Bluetooth: fix wrong use of PTR_ERR() in btusb - svcrpc: fix gss-proxy xdr decoding oops - svcrpc: fix gss_rpc_upcall create error - svcrpc: fix kfree oops in gss-proxy code - zram: avoid invalid memory access in zram_exit() - zram: use zram->lock to protect zram_free_page() in swap free notify path - zram: avoid double free in function zram_bvec_write() - zram: avoid access beyond the zram device - zram: protect sysfs handler from invalid memory access - Revert "cpuidle: Quickly notice prediction failure in general case" - cpufreq: Fix cpufreq driver module refcount balance after suspend/resume - Revert "cpuidle: Quickly notice prediction failure for repeat mode" - drm/radeon: Disable dma rings for bo moves on r6xx - xen-blkfront: use a different scatterlist for each request - drm/radeon: never unpin UVD bo v3 - Btrfs: fix crash regarding to ulist_add_merge - [s390] bitops: fix find_next_bit_left - userns: unshare_userns(&cred) should not populate cred on failure (CVE-2013-4205) - ipv6: take rtnl_lock and mark mrt6 table as freed on namespace cleanup - usbnet: do not pretend to support SG/TSO - net_sched: Fix stack info leak in cbq_dump_wrr(). - af_key: more info leaks in pfkey messages - net_sched: info leak in atm_tc_dump_class() - 8139cp: Add dma_mapping_error checking http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.7 - [powerpc] Save the TAR register earlier - [powerpc] tm: Fix context switching TAR, PPR and DSCR SPRs - ext4: make sure group number is bumped after a inode allocation race - regmap: cache: Make sure to sync the last register in a block - hwmon: (adt7470) Fix incorrect return code check - media: em28xx: fix assignment of the eeprom data - ACPI / PM: Walk physical_node_list under physical_node_lock - ALSA: 6fire: fix DMA issues with URB transfer_buffer usage - Btrfs: release both paths before logging dir/changed extents - LOCKD: Don't call utsname()->nodename from nlmclnt_setlockargs - SUNRPC: Don't auto-disconnect from the local rpcbind socket - SUNRPC: If the rpcbind channel is disconnected, fail the call to unregister - virtio/console: Quit from splice_write if pipe->nrbufs is 0 - virtio/console: Add pipe_lock/unlock for splice_write - virtio: console: fix race with port unplug and open/close - virtio: console: fix race in port_fops_open() and port unplug - virtio: console: clean up port data immediately at time of unplug - virtio: console: fix raising SIGIO after port unplug - virtio: console: return -ENODEV on all read operations after unplug - drm/radeon: stop sending invalid UVD destroy msg - ext4: flush the extent status cache during EXT4_IOC_SWAP_BOOT - cifs: extend the buffer length enought for sprintf() using - zram: allow request end to coincide with disksize - reiserfs: fix deadlock in umount - [x86] drm/i915: initialize gt_lock early with other spin locks [ Ben Hutchings ] * [x86] Enable ASUS_OLED as module (Closes: #680016) * [armel/orion5x] I2C: mv64xxx: fix race between FSM/interrupt and process context (Closes: #622325) * [rt] Update to 3.10.6-rt3 - hpsa: fix warning with smp_processor_id() in preemptible * [arm] Change SERIAL_8250_PCI from built-in to module * net: Change WIZNET_W5{1,3}00 from built-in(!) to module * net: Change DROP_MONITOR from built-in to module * netlink: Change NETLINK_DIAG from built-in to module; enable on armel/{iop32x,ixp4xx,orion5x} [ Thorsten Glaser ] * [m68k] debian/patches/bugfix/m68k/atari-irqs.patch: patch from mailing list to silence IRQ problems on Atari platforms with multi-platform kernel * [m68k] debian/patches/bugfix/m68k/type-fix-div64.patch: patch from Andreas Schwab to handle do_div being called with a non-u32 second argument * [m68k] begin working on d-i kernel configs (just enough to not FTBFS) -- Ben Hutchings Sat, 17 Aug 2013 22:35:15 +0200 linux-tools (3.10-3) unstable; urgency=low * linux-kbuild: Fix no-modules case in modpost wrapper (Closes: #719129) -- Ben Hutchings Thu, 08 Aug 2013 21:49:02 +0200 linux (3.10.5-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.4 - ipv6,mcast: always hold idev->lock before mca_lock - ipv6: call udp_push_pending_frames when uncorking a socket with AF_INET pending data (CVE-2013-4162) - ipv6: ip6_append_data_mtu did not care about pmtudisc and frag_size (CVE-2013-4163) - sunvnet: vnet_port_remove must call unregister_netdev - ipv6: only static routes qualify for equal cost multipathing (CVE-2013-4125) - atl1e: fix dma mapping warnings - atl1e: unmap partially mapped skb on dma error and free skb - vlan: mask vlan prio bits - vlan: fix a race in egress prio management - fuse: readdirplus: fix dentry leak - fuse: readdirplus: fix instantiate - fuse: readdirplus: sanity checks - bcache: Fix a dumb race - bcache: Advertise that flushes are supported - bcache: Shutdown fix (possibly fixes #715019) - bcache: Fix a sysfs splat on shutdown - bcache: Journal replay fix - ext4: fix error handling in ext4_ext_truncate() - media: saa7134: Fix unlocked snd_pcm_stop() call - media: dmxdev: remove dvb_ringbuffer_flush() on writer side - lockd: protect nlm_blocked access in nlmsvc_retry_blocked http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.5 - mm: fix the TLB range flushed when __tlb_remove_page() runs out of slots - iscsi-target: Fix tfc_tpg_nacl_auth_cit configfs length overflow - iser-target: Fix session reset bug with RDMA_CM_EVENT_DISCONNECTED - iscsi-target: Fix ISCSI_OP_SCSI_TMFUNC handling for iser - firewire: fix libdc1394/FlyCap2 iso event regression - SCSI: sd: fix crash when UA received on DIF enabled device - tracing: Remove locking trace_types_lock from tracing_reset_all_online_cpus() - usb: host: xhci: Enable XHCI_SPURIOUS_SUCCESS for all controllers with xhci 1.0 - xhci: fix null pointer dereference on ring_doorbell_for_active_rings - xhci: Avoid NULL pointer deref when host dies. - staging: comedi: fix a race between do_cmd_ioctl() and read/write - Btrfs: fix wrong write offset when replacing a device - Btrfs: fix lock leak when resuming snapshot deletion - Btrfs: re-add root to dead root list if we stop dropping it - xen-netfront: pull on receive skb may need to happen earlier - md: Remove recent change which allows devices to skip recovery. - md/raid1: fix bio handling problems in process_checks() - md/raid5: fix interaction of 'replace' and 'recovery'. - md/raid10: remove use-after-free bug. - svcrdma: underflow issue in decode_write_list() - nfsd: nfsd_open: when dentry_open returns an error do not propagate as struct file - ACPI / scan: Do not try to attach scan handlers to devices having them - drm/radeon: fix endian issues with DP handling (v3) - drm/radeon: fix combios tables on older cards - drm/i915: fix up ring cleanup for the i830/i845 CS tlb w/a - drm/i915: Fix write-read race with multiple rings - Partially revert "drm/i915: unconditionally use mt forcewake on hsw/ivb" - drm/i915: Fix incoherence with fence updates on Sandybridge+ - drm/i915: fix long-standing SNB regression in power consumption after resume v2 - drm/i915: Fix dereferencing invalid connectors in is_crtc_connector_off() - drm/i915: correctly restore fences with objects attached - drm/i915: Serialize almost all register access - drm/radeon/atom: initialize more atom interpretor elements to 0 - mm: mempolicy: fix mbind_range() && vma_adjust() interaction - tty_port: Fix refcounting leak in tty_port_tty_hangup() - vfs: livelock avoidance in sget() - iscsi-target: Fix iscsit_add_reject* usage for iser - drm/i915: Correct obj->mm_list link to dev_priv->dev_priv->mm.inactive_list [ Ben Hutchings ] * [hppa] udeb: Add core-modules package (Closes: #718270) * nl80211: fix another nl80211_fam.attrbuf race * Bump ABI to 2 * ext4: fix retry handling in ext4_ext_truncate() * atl1c: Fix misuse of netdev_alloc_skb in refilling rx ring (Closes: #718505) * [rt] genpatch.py: Accept missing series-rt * [rt] Update to 3.10.4-rt1 and reenable * [rt] genpatch.py: Fix parsing of upstream patches with no header * aufs: Update to aufs3.10-20130805 * [rt] md: Disable BCACHE, as it fails to build * SCSI: Don't attempt to send extended INQUIRY command if skip_vpd_pages is set (Closes: #719002) -- Ben Hutchings Wed, 07 Aug 2013 22:38:45 +0200 linux (3.10.3-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.2 - CIFS: Fix a deadlock when a file is reopened - jbd2: move superblock checksum calculation to jbd2_write_superblock() - jbd2: fix theoretical race in jbd2__journal_restart - ext4: fix corruption when online resizing a fs with 1K block size - ext3,ext4: don't mess with dir_file->f_pos in htree_dirblock_to_tree() - ext4: check error return from ext4_write_inline_data_end() - xhci: check for failed dma pool allocation - [x86] drivers: hv: switch to use mb() instead of smp_mb() - cgroup: fix umount vs cgroup_event_remove() race - cgroup: fix RCU accesses to task->cgroups - [hppa] Fix gcc miscompilation in pa_memcpy() - [hppa] Ensure volatile space register %sr1 is not clobbered - genirq: Fix can_request_irq() for IRQs without an action (Closes: #709647) - [x86] ACPI: Fix HP Folio 13 EC register access (Closes: #684186) + ACPI: Add CMOS RTC Operation Region handler support + ACPI / EC: Add HP Folio 13 to ec_dmi_table in order to skip DSDT scan - ocfs2: xattr: fix inlined xattr reflink - iwlwifi: pcie: fix race in queue unmapping - Btrfs: fix estale with btrfs send - Btrfs: hold the tree mod lock in __tree_mod_log_rewind - Btrfs: only do the tree_mod_log_free_eb if this is our last ref - ext4: fix data offset overflow on 32-bit archs in ext4_inline_data_fiemap() - ext4: fix overflows in SEEK_HOLE, SEEK_DATA implementations - ext4: fix data offset overflow in ext4_xattr_fiemap() on 32-bit archs - ext4: fix overflow when counting used blocks on 32-bit architectures - ext4: fix ext4_get_group_number() - ext4: don't allow ext4_free_blocks() to fail due to ENOMEM - [arm] 7767/1: let the ASID allocator handle suspended animation - [arm] 7768/1: prevent risks of out-of-bound access in ASID allocator - [arm] 7769/1: Cortex-A15: fix erratum 798181 implementation - [arm] 7778/1: smp_twd: twd_update_frequency need be run on all online CPUs - [armhf] dts: imx: cpus/cpu nodes dts updates - [armhf] drivers/dma/pl330.c: fix locking in pl330_free_chan_resources() - memcg, kmem: fix reference count handling on the error path * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.3 - cpufreq: Revert commit a66b2e to fix suspend/resume regression - iio: Fix iio_channel_has_info - iio: inkern: fix iio_convert_raw_to_processed_unlocked - ALSA: seq-oss: Initialize MIDI clients asynchronously - ALSA: Fix unlocked snd_pcm_stop() calls in various drivers - libata-zpodd: Use ata_tf_init() to select the right device - md/raid10: fix bug which causes all RAID10 reshapes to move no data. - md/raid10: fix two bugs affecting RAID10 reshape. - md/raid10: fix two problems with RAID10 resync. (Closes: #717681) - mac80211: close AP_VLAN interfaces before unregistering all - svcrpc: fix failures to handle -1 uid's - svcrpc: fix handling of too-short rpc's - drm/i915: Fix context sizes on HSW - drm/i915: Only clear write-domains after a successful wait-seqno - drm/gem: fix not to assign error value to gem name - drm/nv50-/disp: Use output specific mask in interrupt (Closes: #717590) - iommu/amd: Only unmap large pages from the first pte - MIPS: Octeon: Don't clobber bootloader data structures. - perf: Clone child context from parent context pmu - perf: Remove WARN_ON_ONCE() check in __perf_event_enable() for valid scenario - perf: Fix perf_lock_task_context() vs RCU - tracing: Protect ftrace_trace_arrays list in trace_events.c - tracing: Fix race between deleting buffer and setting events [ Arnaud Patard ] * udeb: add ehci-pci to usb-modules [ Ben Hutchings ] * udeb: Add snd-cmi8328 and snd-scs1x to sound-modules, thanks to Samuel Thibault (Closes: #717183) * be2net: Fix to avoid hardware workaround when not needed * iwlwifi: Update 3160 and 7260 support to work with production firmware * rtlwifi: rtl8723ae: Fix typo in firmware names * [x86] Change INTEL_MEI_ME back to a module (Closes: #717383) * [armhf/armmp] Enable NET_CALXEDA_XGMAC as module (Closes: #717269) * linux-source: Switch compression of tarball and patch to xz. Disable compression of package (but use gzip, to keep old tools happy). * linux-source: Install kernel config files for linux-image packages in /usr/src/linux-config-$UPSTREAMVERSION directory * ata: Disable SATA_INIC162X - this driver corrupts data and is not expected to be fixed (Closes: #714295) * writeback: Fix periodic writeback after fs mount * sfc: Fix memory leak when discarding scattered packets * neighbour: fix a race in neigh_destroy() * virtio: support unlocked queue poll * virtio_net: fix race in RX VQ processing * vhost-net: fix use-after-free in vhost_net_flush * tuntap: correctly linearize skb when zerocopy is used * macvtap: correctly linearize skb when zerocopy is used * ipv6: in case of link failure remove route directly instead of letting it expire * 9p: fix off by one causing access violations and memory corruption [ Thorsten Glaser ] * Update m68k configs (Closes: #717689): - disable some functionality due to size constraints - switch to using initrd - drop all flavours; build a generic image that runs on multiple subarchitectores (old Amiga, Atari, Macintosh tested; old BVME6000, MVME147, MVME16x, new Apollo, Q40/Q60 untested) - use gcc-4.8 - add patch to make Atari EtherNAT actually selectable * nfs: Enable swap on NFS * fs/nls: Enable Macintosh HFS+ codepage modules * debian/control: Fix Vcs-Svn: use anonscm.debian.org -- Ben Hutchings Sun, 28 Jul 2013 00:33:32 +0100 linux-tools (3.10-2) unstable; urgency=low * linux-kbuild: Fix use of getline() in modpost wrapper (Closes: #717195) -- Ben Hutchings Thu, 18 Jul 2013 04:02:11 +0100 linux-tools (3.10-1) unstable; urgency=low * New upstream release [ Chris Boot ] * Update modpost-symbol-prefix.patch for 3.10 [ Ben Hutchings ] * debian/patches: Add DEP-3 headers (From, Subject, Forwarded) to all patches * debian/copyright: Convert to machine-readable format (fka DEP-5) * debian/copyright: Add explanation of indirect linking of perf to OpenSSL * debian/rules.real: Remove support for pre-multiarch dpkg * Update policy version to 3.9.4 - debian/rules: Implement build-arch and build-indep targets * linux-kbuild: Update modpost wrapper for 3.10 - Implement the -T option -- Ben Hutchings Tue, 16 Jul 2013 13:29:22 +0100 linux (3.10.1-1) unstable; urgency=low * New upstream release: http://kernelnewbies.org/Linux_3.10 - netfilter: nf_nat_sip: fix mangling (Closes: #715822) - drm/i915: Add HPD IRQ storm detection (Closes: #572537) - ipv6: ip6_sk_dst_check() must not assume ipv6 dst (CVE-2013-2232) - af_key: fix info leaks in notify messages (CVE-2013-2234) * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.1 - libceph: Fix NULL pointer dereference in auth client code (CVE-2013-1059) - ceph: fix sleeping function called from invalid context. - libceph: fix invalid unsigned->signed conversion for timespec encoding - module: do percpu allocation after uniqueness check. No, really! - charger-manager: Ensure event is not used as format string - hpfs: better test for errors - crypto: sanitize argument for format string - MAINTAINERS: add stable_kernel_rules.txt to stable maintainer information - futex: Take hugepages into account when generating futex_key - tty: Reset itty for other pty - Revert "serial: 8250_pci: add support for another kind of NetMos Technology PCI 9835 Multi-I/O Controller" - NFSv4.1 end back channel session draining - nfsd4: fix decoding of compounds across page boundaries - KVM: VMX: mark unusable segment as nonpresent - SCSI: sd: Fix parsing of 'temporary ' cache mode prefix - cpufreq: Fix cpufreq regression after suspend/resume - Revert "memcg: avoid dangling reference count in creation failure" [ Ben Hutchings ] * cassini: Make missing firmware non-fatal (Closes: #714128) * debian/patches: Add DEP-3 headers (From/Author, Subject/Description, Forwarded/Origin) to all patches * aufs: Add DEP-3 headers to generated/copied patches * [rt] genpatch.py: Work with upstream patch series as well as git - Fold convert-series into genpatch.py * [rt] genpatch.py: Add Origin header to all patches * debian/bin/check-patches.sh: Report missing DEP-3 headers * alx: Use upstream minimal driver - Update to 3.11-rc1 * [x86] efivars: Reenable 'paranoid' size check by default, as it should no longer have false positives * debian/patches: Reorder and group patches in series * debian/rules.real: Remove support for pre-multiarch dpkg * Update policy version to 3.9.4 - debian/control: Put xen-linux-system-* in the 'metapackages' section * linux-source: Add bc to recommended packages (Closes: #715413) * udeb: Add ath6kl_usb and mwifiex_usb to nic-wireless-modules * udeb: Add pm80xx (previously pm8001) to scsi-extra-modules * udeb: Add virtio_scsi to virtio-modules * Set ABI to 1 * xen/blkback: Check device permissions before allowing OP_DISCARD (CVE-2013-2140) * udeb: Remove obsolete and unsupported drivers and filesystems - Remove ppa from scsi-modules - Remove floppy-modules, irda-modules, parport-modules, plip-modules, qnx4-modules, reiserfs-modules, ufs-modules * [x86] efivars: Re-enable pstore support by default. It can be disabled by setting module parameter pstore_disable=Y. -- Ben Hutchings Tue, 16 Jul 2013 02:06:53 +0100 linux (3.10~rc7-1~exp1) experimental; urgency=low * New upstream release candidate [ Ben Hutchings ] * [armhf/armmp] Add EMAC ethernet driver found on Allwinner A10 SoCs, thanks to Niall Walsh (Closes: #711998) - Add MDIO bus driver for the Allwinner EMAC - Add EMAC controller node to sun4i DTSI - cubieboard: Enable ethernet (EMAC) support in dts - Add EMAC Controller to Hackberry dt * [x86] cpufreq: Enable X86_INTEL_PSTATE (Closes: #712062) * debian/control: Add Homepage field * debian/watch: Add watch file and update script * misc/bmp085: Enable building as a module * misc: Enable BMP085_I2C as module * team: Enable NET_TEAM_MODE_RANDOM as module * 8021q: Enable VLAN_8021Q_MVRP * batman: Enable BATMAN_ADV_NC * netlink: Enable NETLINK_MMAP, NETLINK_DIAG [!armel/{iop32x,ixp4xx,orion5x}] * sctp: Enable SCTP_COOKIE_HMAC_SHA1 * tipc: Enable TIPC_MEDIA_IB * [x86] cpufreq: Enable X86_AMD_FREQ_SENSITIVITY as module * [x86] i2c: Enable I2C_ISMT, I2C_DESIGNWARE_PCI as modules * [x86] mouse: Enable MOUSE_CYAPA as modules * [armel/{iop32x,ixp4xx,orion5x}] Disable features to reduce kernel size - Disable KSM, YAMA - [armel/orion5x] Disable FTRACE -- Ben Hutchings Mon, 24 Jun 2013 14:55:23 +0100 linux (3.10~rc5-1~exp1) experimental; urgency=low * New upstream release candidate [ Ben Hutchings ] * [x86] Enable HYPERVISOR_GUEST * udeb: Clean up configuration: - Move i2c-algo-bit to i2c-modules - Remove redundant control file overrides - [s390] Use symlinks to follow s390x configuration - [sparc64] Use symlinks to follow sparc configuration - Only list the 'new' firewire modules in firewire-core-modules - Remove obsolete eth1394 and firewire-core-modules dependency from nic-modules - Move ide-modules and ide-core-modules into ia64 configuration - [powerpc,x86] Fold nic-extra-modules into nic-modules * iwlegacy: Use consistent condition for il_pm_ops (fixes FTBFS on ia64) -- Ben Hutchings Tue, 11 Jun 2013 04:44:05 +0100 linux (3.10~rc4-1~exp1) experimental; urgency=low * New upstream release candidate [ Ben Hutchings ] * aufs: Update to aufs3.x-rcN-20130520 * alx: Update VLAN tag handling for 3.10 * md: Enable BCACHE as module * net/usb: Enable USB_RTL8152 as module - udeb: Add r8152 to nic-usb-modules * rt2800usb: Enable RT2800USB_RT55XX * net/wireless: Enable RTL8188EE - udeb: Add rtl8188ee to nic-wireless-modules * linux-image: Restore package date (in ISO format) to utsname version string ('uname -v' output) -- Ben Hutchings Mon, 03 Jun 2013 02:43:51 +0100 linux (3.9.8-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.9.7 - b43: stop format string leaking into error msgs (CVE-2013-2852) - ACPI / video: Do not bind to device objects with a scan handler - libceph: must hold mutex for reset_changed_osds() - ceph: ceph_pagelist_append might sleep while atomic - rbd: don't destroy ceph_opts in rbd_add() - Bluetooth: Fix missing length checks for L2CAP signalling PDUs - kmsg: honor dmesg_restrict sysctl on /dev/kmsg - memcg: don't initialize kmem-cache destroying work for root caches - md/raid1: consider WRITE as successful only if at least one non-Faulty and non-rebuilding drive completed it. - md/raid1,5,10: Disable WRITE SAME until a recovery strategy is in place - [x86] Modify UEFI anti-bricking code - powerpc: Fix stack overflow crash in resume_kernel when ftracing - USB: pl2303: fix device initialisation at open - USB: f81232: fix device initialisation at open - USB: spcp8x5: fix device initialisation at open * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.9.8 - ARM: 7752/1: errata: LoUIS bit field in CLIDR register is incorrect - clk: remove notifier from list before freeing it - [hppa] make interrupt and interruption stack allocation reentrant - ACPI / dock: Take ACPI scan lock in write_undock() - net: fec: fix kernel oops when plug/unplug cable many times - tcp: fix tcp_md5_hash_skb_data() - net/802/mrp: fix lockdep splat - ipv6: fix possible crashes in ip6_cork_release() - r8169: fix offloaded tx checksum for small packets. - xfrm: properly handle invalid states as an error - ip_tunnel: fix kernel panic with icmp_dest_unreach - net: Block MSG_CMSG_COMPAT in send(m)msg and recv(m)msg - net: force a reload of first item in hlist_nulls_for_each_entry_rcu - vhost_net: clear msg.control for non-zerocopy case during tx - net: sctp: fix NULL pointer dereference in socket destruction - team: check return value of team_get_port_by_index_rcu() for NULL - team: move add to port list before port enablement - l2tp: Fix PPP header erasure and memory leak - sctp: fully initialize sctp_outq in sctp_outq_init - macvtap: set transport header before passing skb to lower device - tuntap: set transport header before passing it to kernel - packet: set transport header before doing xmit - netback: set transport header before passing it to kernel - net_sched: better precise estimation on packet length for untrusted packets - firmware loader: fix use-after-free by double abort - target/iscsi: don't corrupt bh_count in iscsit_stop_time2retain_timer() - rbd: use the correct length for format 2 object names - perf: Fix perf mmap bugs - perf: Fix mmap() accounting hole [ Ben Hutchings ] * yama: Disable ptrace restrictions by default, and change boot message to indicate this (Closes: #712740) * fanotify: info leak in copy_event_to_user() (CVE-2013-2148) * drivers/cdrom/cdrom.c: use kzalloc() for failing hardware (CVE-2013-2164) * block: do not pass disk names as format strings (CVE-2013-2851) -- Ben Hutchings Sat, 29 Jun 2013 18:44:21 +0100 linux (3.9.6-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.9.6 - xhci - correct comp_mode_recovery_timer on return from hibernate - usb: musb: make use_sg flag URB specific - USB: keyspan: fix bogus array index - [arm] 7747/1: pcpu: ensure __my_cpu_offset cannot be re-ordered across barrier() - hpfs: fix warnings when the filesystem fills up - cifs: fix off-by-one bug in build_unc_path_to_root - ecryptfs: fixed msync to flush data - eCryptfs: Check return of filemap_write_and_wait during fsync - hwmon: (adm1021) Strengthen chip detection for ADM1021, LM84 and MAX1617 - drm: fix a use-after-free when GPU acceleration disabled - [powerpc] pseries: Force 32 bit MSIs for devices that require it - [powerpc] pseries: Make 32-bit MSI quirk work on systems lacking firmware support [ Ben Hutchings ] * [armel/orion5x] Enable EXPERT; disable FIPS, OABI_COMPAT, PCI_QUIRKS, VGA_ARB to reduce kernel size (really fixes FTBFS) -- Ben Hutchings Sat, 15 Jun 2013 04:53:13 +0100 linux (3.9.5-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.9.5 - [arm] 7723/1: crypto: sha1-armv4-large.S: fix SP handling - mac80211: use just spin_lock() in ieee80211_get_tkip_p2k() - USB: cxacru: potential underflow in cxacru_cm_get_array() - TTY: Fix tty miss restart after we turn off flow-control (Closes: #465823) - cifs: only set ops for inodes in I_NEW state - drivers/char/random.c: fix priming of last_data - random: fix accounting race condition with lockless irq entropy_count update - fat: fix possible overflow for fat_clusters - tg3: Fix data corruption on 5725 with TSO - ocfs2: goto out_unlock if ocfs2_get_clusters_nocache() failed in ocfs2_fiemap() - mm compaction: fix of improper cache flush in migration code - klist: del waiter from klist_remove_waiters before wakeup waitting process - wait: fix false timeouts when using wait_event_timeout() - nilfs2: fix issue of nilfs_set_page_dirty() for page at EOF boundary - mm: mmu_notifier: re-fix freed page still mapped in secondary MMU - mm: memcg: remove incorrect VM_BUG_ON for swap cache pages in uncharge - mm/pagewalk.c: walk_page_range should avoid VM_PFNMAP areas - mm/THP: use pmd_populate() to update the pmd with pgtable_t pointer - module: don't unlink the module until we've removed all exposure. - xfs: kill suid/sgid through the truncate path. - SUNRPC: Prevent an rpc_task wakeup race - cifs: fix potential buffer overrun when composing a new options string - cgroup: initialize xattr before calling d_instantiate() - [powerpc] 32bit:Store temporary result in r0 instead of r8 - [powerpc] tm: Fix userspace stack corruption on signal delivery for active transactions - [powerpc] tm: Abort on emulation and alignment faults - iscsi-target: fix heap buffer overflow on error - KVM: fix sil/dil/bpl/spl in the mod/rm fields - reiserfs: fix deadlock with nfs racing on create/lookup - reiserfs: fix problems with chowning setuid file w/ xattrs - reiserfs: fix spurious multiple-fill in reiserfs_readdir_dentry - jfs: fix a couple races - IB/iser: Return error to upper layers on EAGAIN registration failures - fuse: fix readdirplus Oops in fuse_dentry_revalidate - target: Re-instate sess_wait_list for target_wait_for_sess_cmds - xen-netback: Fix regressions caused by fix for CVE-2013-0216 + coalesce slots in TX path and fix regressions + don't disconnect frontend when seeing oversize packet [ Ben Hutchings ] * [powerpcspe] Remove installer udebs (really fixes FTBFS) * [s390] Add pgste to ptep_modify_prot_start() * [s390] Enable PCI, PCI and USB drivers * [powerpc] Fix build error in stable/3.9 * [armel/iop32x,armel/ixp4xx] Disable OABI_COMPAT, PCI_QUIRKS to reduce kernel size (fixes FTBFS) * ath9k: Disable PowerSave by default (Closes: #695968) * [i386] udeb: Add viafb to fb-modules (Closes: #705788) - [i386] udeb: Move i2c-algo-bit to i2c-modules and make fb-modules depend on it - viafb: Autoload on OLPC XO 1.5 only * fs: Enable F2FS_FS as module (Closes: #711342) * iio,HID: Enable IIO, HID_SENSOR_HUB, HID_SENSOR_ACCEL_3D, HID_SENSOR_ALS, HID_SENSOR_GYRO_3D, HID_SENSOR_MAGNETOMETER_3D as modules (Closes: #711690) -- Ben Hutchings Mon, 10 Jun 2013 02:41:53 +0100 linux-tools (3.9.4-1) unstable; urgency=low * New upstream release -- Ben Hutchings Mon, 03 Jun 2013 13:45:52 +0100 linux (3.9.4-1) unstable; urgency=low * New upstream release: http://kernelnewbies.org/Linux_3.9 - ALSA: hda - Add generic parser support to Analog Device codec driver (Closes: #659033) - Input: add support for Cypress PS/2 Trackpads (Closes: #703607) - [armel] media: VIDEO_ZORAN is disabled as it requires virt_to_bus() - [armhf/omap] OMAP_MBOX_FWK and TIDSPBRIDGE is disabled as they are not yet compatible with ARM multiplatform * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.9.1 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.9.2 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.9.3 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.9.4 [ Ben Hutchings ] * [rt] Disable until it is updated for Linux 3.9 or later * Build-Depend on bc, needed to build kernel/timeconst.h * [x86] Enable VMWARE_VMCI, VSOCKETS, VMWARE_VMCI_VSOCKETS as modules (Closes: #707676) * README.Debian: Correct reference to Berkeley Database development package * aufs: Update to aufs3.9-20130506 * [powerpcspe] Prevent building uImage with missing mkimage, thanks to Roland Stigge (Closes: #708094) * udeb: Fix yet more configuration errors causing FTBFS: - [powerpc/powerpc64] Replace ibmvscsic with ibmvscsi in scsi-modules - [ppc64] Use symlinks to follow powerpc/powerpc64 configuration - [powerpcspe] Use symlinks to follow powerpc configuration (Closes: #708336, #708662) - Add raid6_pq to md-modules, and make btrfs-modules depend on it * netfilter: Enable NETFILTER_XT_MATCH_BPF, NETFILTER_XT_MATCH_CONNLABEL as modules * bridge: Enable BRIDGE_VLAN_FILTERING * batman: Enable BATMAN_ADV_DAT * nfc: Enable NFC_LLCP * can: Enable CAN_PEAK_USB, CAN_8DEV_USB as modules * hci_uart: Enable BT_HCIUART_3WIRE * [amd64,powerpc/powerpc64,ppc64] block: Enable BLK_DEV_RSXX as module * SCSI: Enable SCSI_CHELSIO_FCOE, SCSI_MPT3SAS, SCSI_UFSHCD as modules - udeb: Add csiostor, mpt3sas, ufshcd, ufshcd-pci to scsi-extra-modules * md: Enable DM_CACHE as module * net/usb: Enable USB_NET_AX88179_178A as module (Closes: #704129) - udeb: Add ax88179_178a to nic-usb-modules * net/wireless: Enable AR5523 (Closes: #701777), IWLMVM, RTL8723AE (Closes: #708348), WIL6210 as modules - udeb: Add ar5523, iwldvm, iwlmvm, rtl8723ae, wil6210 to nic-wireless-modules * serial: Enable SERIAL_RP2 as module - udeb: Add rp2 to serial-modules * hw_random: Enable HW_RANDOM_TPM as module * [x86] watchdog: Enable IE6XX_WDT, VIA_WDT as modules * media/usb: Enable DVB_USB_AZ6007, USB_GSPCA_JL2005BCD as modules * stk1160: Enable VIDEO_STK1160_AC97 * ivtv: Enable VIDEO_IVTV_ALSA as module * radio: Enable RADIO_SHARK, RADIO_SHARK2, USB_KEENE, USB_MA901 as modules * hda: Enable SND_HDA_CODEC_CA0132_DSP * sound/firewire: Enable SND_SCS1X as module * hid-holtek: Enable HOLTEK_FF * hid: Enable HID_ICADE, HID_PS3REMOTE, HID_STEELSERIES, HID_THINGM as modules * usb/serial: Enable USB_SERIAL_F81232, USB_SERIAL_METRO, USB_SERIAL_QT2, USB_SERIAL_XSENS_MT, USB_SERIAL_ZTE as modules - udeb: Add f81232, quatech2, zte_ev to usb-serial-modules * infiniband: Enable INFINIBAND_OCRDMA as module * [x86] vfio: Enable VFIO, VFIO_PCI as modules * [x86] hv: Enable HYPERV_BALLOON as module * security: Enable SECURITY_YAMA, SECURITY_YAMA_STACKED (Closes: #704750) * iscsi-target: fix heap buffer overflow on error (CVE-2013-2850) [ Aurelien Jarno ] * [mips] Enable KEXEC. [ Arnaud Patard ] * [armhf] Add armmp flavour * [armhf] backport usb support for imx53 through chipidea and usb phy nop fixes * [armhf] backport armada 370/xp thermal support * [armhf] fix hard freeze when mvneta is used as module * [arm] backport ehci split patches for omap and orion * [armel] enable thermal * [armel] kirkwood: enable more DT configs, thermal, POWER_RESET_* -- Ben Hutchings Sat, 01 Jun 2013 23:13:01 +0100 linux (3.8.13-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.13 - autofs - remove autofs dentry mount check - hugetlbfs: fix mmap failure in unaligned size request (fixes regression in 3.4) - perf/x86/intel/lbr: Fix LBR filter - perf/x86/intel/lbr: Demand proper privileges for PERF_SAMPLE_BRANCH_KERNEL - ipvs: ip_vs_sip_fill_param() BUG: bad check of return value - netfilter: ctnetlink: don't permit ct creation with random tuple - ext4: add check for inodes_count overflow in new resize ioctl - r8169: fix 8168evl frame padding. - drm/prime: keep a reference from the handle to exported dma-buf (v6) - Btrfs: compare relevant parts of delayed tree refs - Btrfs: fix extent logging with O_DIRECT into prealloc - kernel/audit_tree.c: tree will leak memory when failure occurs in audit_trim_trees() [ Ben Hutchings ] * udeb: Fix more configuration errors causing FTBFS: - [m68k,mips,mipsel,ppc64,sparc64] Add crc-modules as common dependency of btrfs-modules and xfs-modules (and others) - [powerpc] Add llc to nic-shared-modules * Bump ABI to 2 -- Ben Hutchings Thu, 16 May 2013 00:28:04 +0100 linux (3.8.12-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.12 - [powerpc] spufs: Initialise inode->i_ino in spufs_new_inode() (possibly fixes: #707175) - iwlwifi: fix freeing uninitialized pointer - tty: fix up atime/mtime mess, take three - sysfs: fix use after free in case of concurrent read/write and readdir - [ia64] Fix initialization of CMCI/CMCP interrupts - [ia64] Wrong asm register contraints in the futex implementation (Closes: #702641) - [ia64] Wrong asm register contraints in the kvm implementation (Closes: #702639) - fs/fscache/stats.c: fix memory leak - hrtimer: Fix ktime_add_ns() overflow on 32bit architectures - swap: redirty page if page write fails on swap file - mm: swap: mark swap pages writeback before queueing for direct IO - ACPI: Fix wrong parameter passed to memblock_reserve - cgroup: fix an off-by-one bug which may trigger BUG_ON() - cgroup: fix broken file xattrs - clockevents: Set dummy handler on CPU_DEAD shutdown (Closes: #700333) - inotify: invalid mask should return a error number but not set it (fixes regression in 3.8.1) - exec: do not abuse ->cred_guard_mutex in threadgroup_lock() - md: bad block list should default to disabled. - MD: ignore discard request for hard disks of hybid raid1/raid10 array (fixes regression in 3.6) - nfsd4: don't close read-write opens too soon - wireless: regulatory: fix channel disabling race condition - ext4/jbd2: don't wait (forever) for stale tid caused by wraparound - jbd2: fix race between jbd2_journal_remove_checkpoint and ->j_commit_callback - ext4: fix journal callback list traversal - ext4: fix big-endian bug in metadata checksum calculations - [x86] KVM: X86 emulator: fix source operand decoding for 8bit mov[zs]x instructions [ Ben Hutchings ] * [rt] Remove xen-linux-system packages and references to Xen support, as Xen does not support real-time scheduling * udeb: Fix configuration errors causing FTBFS: - [armhf/vexpress] Remove ipv6-modules; ipv6 is now built-in - [mipsel/sb1-bcm91250a,sparc] Add crc-modules as common dependency of btrfs-modules and xfs-modules (and others) - [powerpc] Add nic-shared-modules as common dependency of nic-modules and nic-extra-modules - Unify module list for nic-shared-modules across architectures [!m68k] * [rt] Update to 3.8.11-rt8: - time/timekeeping: shadow tk->cycle_last together with clock->cycle_last - sched/workqueue: Only wake up idle workers if not blocked on sleeping spin lock * aufs: Update to aufs3.8-20130506 - for linux-3.7, btrfs limits the link count explicitly - for linux-3.6, push mnt_want_write() outside of i_mutex - possible bugfix, make sure the target branch is upper - possible bugfix, error handling in reopen_nondir() - new copyup implementation - pin the branch dir - convert the plink list into hlist * linux-doc: Include aufs documentation * [x86] zsmalloc: Change to built-in, as it can no longer be modular -- Ben Hutchings Fri, 10 May 2013 04:46:36 +0100 linux-tools (3.8.11-1) unstable; urgency=low * New upstream stable update [ Ben Hutchings ] * Upload to unstable (Closes: #707023) -- Ben Hutchings Tue, 07 May 2013 02:11:16 +0100 linux (3.8.11-1) unstable; urgency=high * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.6 - sysfs: fix race between readdir and lseek - sysfs: handle failure path correctly for readdir() - rtlwifi: usb: add missing freeing of skbuff - b43: A fix for DMA transmission sequence errors - tg3: fix length overflow in VPD firmware parsing (CVE-2013-1929) - xen-blkback: fix dispatch_rw_block_io() error path - net/irda: add missing error path release_sock call - usb: xhci: Fix TRB transfer length macro used for Event TRB. - Btrfs: fix locking on ROOT_REPLACE operations in tree mod log - Btrfs: fix race between mmap writes and compression - USB: serial: fix use-after-free in TIOCMIWAIT - loop: prevent bdev freeing while device in use - virtio: console: add locking around c_ovq operations - nfsd4: reject "negative" acl lengths - Btrfs: fix space leak when we fail to reserve metadata space - net: remove a WARN_ON() in net_enable_timestamp() - 8021q: fix a potential use-after-free - unix: fix a race condition in unix_release() - atl1e: drop pci-msi support because of packet corruption (possibly fixes: #577747) - ipv6: fix bad free of addrconf_init_net - ipv6: don't accept multicast traffic with scope 0 - ipv6: don't accept node local multicast traffic from the wire - pch_gbe: fix ip_summed checksum reporting on rx http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.7 - drm/nouveau: fix handling empty channel list in ioctl's - drm/i915: Be sure to turn hsync/vsync back on at crt enable (v2) (fixes regression in 3.8.3) - drm: correctly restore mappings if drm_open fails - mm: prevent mmap_cache race in find_vma() - mwifiex: limit channel number not to overflow memory - spinlocks and preemption points need to be at least compiler barriers - crypto: gcm - fix assumption that assoc has one segment - NFSv4/4.1: Fix bugs in nfs4[01]_walk_client_list - vfio-pci: Fix possible integer overflow - can: gw: use kmem_cache_free() instead of kfree() http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.8 - ipc: set msg back to -EAGAIN if copy wasn't performed - GFS2: Fix unlock of fcntl locks during withdrawn state - cifs: Allow passwords which begin with a delimitor (fixes regression in 3.8) - [i386] Fix possible incomplete TLB invalidate with PAE pagetables - sched_clock: Prevent 64bit inatomicity on 32bit systems - [x86] mm, paravirt: Fix vmalloc_fault oops during lazy MMU updates - tty: don't deadlock while flushing workqueue http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9 - [powerpc] add a missing label in resume_kernel - [powerpc] kvm/powerpc/e500mc: fix tlb invalidation on cpu migration - kthread: Prevent unpark race which puts threads on the wrong cpu - hrtimer: Don't reinitialize a cpu_base lock on CPU_UP - hugetlbfs: add swap entry check in follow_hugetlb_page() - kernel/signal.c: stop info leak via the tkill and the tgkill syscalls - hfsplus: fix potential overflow in hfsplus_file_truncate() - md: raid1,10: Handle REQ_WRITE_SAME flag in write bios - [x86] KVM: Allow cross page reads and writes from cached translations. (fixes regression in fix for CVE-2013-1796) - hsched: Convert BUG_ON()s in try_to_wake_up_local() to WARN_ON_ONCE()s - [armel] Fix kexec by setting outer_cache.inv_all for Feroceon - ath9k_htc: accept 1.x firmware newer than 1.3 - mac80211: fix cfg80211 interaction on auth/assoc request - crypto: algif - suppress sending source address information in recvmsg (CVE-2013-3076) - vm: add and use vm_iomap_memory() helper function - Btrfs: make sure nbytes are right after log replay http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.10 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.11 - TTY: do not update atime/mtime on read/write - TTY: fix atime/mtime regression - [sparc] sparc64: Fix race in TLB batch processing. - atm: update msg_namelen in vcc_recvmsg() (CVE-2013-3222) - ax25: fix info leak via msg_name in ax25_recvmsg() (CVE-2013-3223) - Bluetooth: fix possible info leak in bt_sock_recvmsg() (CVE-2013-3224) - Bluetooth: RFCOMM - Fix missing msg_namelen update in rfcomm_sock_recvmsg() (CVE-2013-3225) - Bluetooth: SCO - Fix missing msg_namelen update in sco_sock_recvmsg() - caif: Fix missing msg_namelen update in caif_seqpkt_recvmsg() (CVE-2013-3227) - irda: Fix missing msg_namelen update in irda_recvmsg_dgram() (CVE-2013-3228) - [s390] iucv: Fix missing msg_namelen update in iucv_sock_recvmsg() (CVE-2013-3229) - l2tp: fix info leak in l2tp_ip6_recvmsg() - llc: Fix missing msg_namelen update in llc_ui_recvmsg() (CVE-2013-3231) - netrom: fix info leak via msg_name in nr_recvmsg() - NFC: llcp: fix info leaks via msg_name in llcp_sock_recvmsg() - rose: fix info leak via msg_name in rose_recvmsg() (CVE-2013-3234) - tipc: fix info leaks via msg_name in recv_msg/recv_stream (CVE-2013-3235) - atl1e: limit gso segment size to prevent generation of wrong ip length fields (Closes: #565404) - af_unix: If we don't care about credentials coallesce all messages - ipv6/tcp: Stop processing ICMPv6 redirect messages - rtnetlink: Call nlmsg_parse() with correct header length - tcp: incoming connections might use wrong route under synflood - tcp: Reallocate headroom if it would overflow csum_start - net: cdc_mbim: remove bogus sizeof() - net: fix incorrect credentials passing (CVE-2013-1979) - net: drop dst before queueing fragments [ Ben Hutchings ] * [rt] Update to 3.8.10-rt6 * aufs: Update to aufs3.8-20130325 - ftruncate() supports sb_{start,end}_write() - replace mnt_drop_write_file() by __mnt_drop_write() - support for vfs_truncate() * udeb: Move modules and adjust dependencies to avoid duplicates (Closes: #706646) - Move crc16 to crc-modules; make ext4-modules and nic-usb-modules depend on it - Make xfs-modules depends on crc-modules - Move pps_core and ptp to nic-common-modules or nic-modules as appropriate * udeb: Merge redundant configuration for ext{2,3} dependency on mbcache * Set ABI to 1 * bug script: Remove broken sound functions (Closes: #705619) * [i386/486] udeb: Add lxfb to fb-modules (Closes: #705780) -- Ben Hutchings Sat, 04 May 2013 21:45:23 +0100 linux (3.8.5-1~experimental.1) experimental; urgency=high * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.4 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.5 [ Ben Hutchings ] * signal: Fix use of missing sa_restorer field (build regression introduced by fix for CVE-2013-0914) * udeb: Add hid-generic, hid-holtek-kbd, hid-lenovo-tpkbd, hid-roccat-isku, hid-roccat-lua, hid-roccat-savu to input-modules * cdc_ncm,cdc_mbim: Use NCM by default * [rt] Update to 3.8.4-rt2 and reenable * [rt] wireless: orinoco_usb is BROKEN -- Ben Hutchings Sun, 31 Mar 2013 07:35:31 +0100 linux (3.8.3-1~experimental.1) experimental; urgency=high * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.3 [ Ben Hutchings ] * aufs: Update to aufs3.8-20130311 * USB: cdc-wdm: fix buffer overflow (CVE-2013-1860) * signal: always clear sa_restorer on execve (CVE-2013-0914) * ext3: Fix format string issues (CVE-2013-1848) * net/sctp: Validate parameter size for SCTP_GET_ASSOC_STATS (CVE-2013-1828) * bridge: fix mdb info leaks * rtnl: fix info leak on RTM_GETLINK request for VF devices * dcbnl: fix various netlink info leaks * ALSA: seq: Fix missing error handling in snd_seq_timer_open() [ Ian Campbell ] * arm: correct path to DTB files. Patch from Nobuhiro Iwamatsu. (Closes: #703082) -- Ben Hutchings Tue, 19 Mar 2013 04:52:46 +0000 linux-tools (3.8.2-1~experimental.1) experimental; urgency=low * New upstream release (Closes: #702450) [ Ben Hutchings ] * linux-tools: Install bash_completion script for perf with a version- dependent name (Closes: #701790) -- Ben Hutchings Thu, 07 Mar 2013 05:32:40 +0000 linux (3.8.2-1~experimental.1) experimental; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.1 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.2 [ Ben Hutchings ] * linux-image: Increase minimum version of initramfs-tools to 0.110~ which copes with the recently renamed EHCI and NFS modules * genorig: Accept xz-compressed upstream tarballs and patches, thanks to Sedat Dilek * net: Enable USB_NET_CDC_MBIM as module (Closes: #701869) * mfd,mmc,memstick: Enable MFD_RTSX_PCI, MMC_REALTEK_PCI and MEMSTICK_REALTEK_PCI as modules, replacing RTS_PSTOR (Closes: #702108) * [mips,mipsel] Add dependencies for HAVE_ARCH_TRANSPARENT_HUGEPAGE (fixes FTBFS) [ Aurelien Jarno ] * [mips/octeon] Change HW_RANDOM and HW_RANDOM_OCTEON to modules. -- Ben Hutchings Thu, 07 Mar 2013 04:00:04 +0000 linux (3.8-1~experimental.1) experimental; urgency=low * New upstream release: http://kernelnewbies.org/Linux_3.8 - pidns: Support unsharing the pid namespace. (Closes: #595920) - fsnotify: Rework locking and reference counting (Closes: #602966) [ Ben Hutchings ] * aufs: Update to aufs3.x-rcN-20130204 * sock_diag: Fix out-of-bounds access to sock_diag_handlers[] -- Ben Hutchings Mon, 25 Feb 2013 05:29:53 +0000 linux (3.7.8-1~experimental.1) experimental; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.4 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.5 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.6 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.7 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.8 [ Ben Hutchings ] * Add powerpcspe architecture, thanks to Roland Stigge (Closes: #693042) * aufs: Hide CONFIG_AUFS_PROC_MAP, which requires a patch we don't apply (Closes: #693332) -- Ben Hutchings Fri, 15 Feb 2013 00:42:03 +0000 linux (3.7.3-1~experimental.1) experimental; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.2 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.3 [ Ben Hutchings ] * [ia64] nouveau: Disable another bit of ACPI support (fixes FTBFS) * [armhf/omap] Make OMAP_DMA built-in (fixes FTBFS) * ath6kl: Do not use virt_addr_valid() (fixes FTBFS on mips,mipsel) * [armel/iop32x,armel/ixp4xx,armel/orion5x] Make IPV6 a module again due to kernel size limit (fixes FTBFS) * ALSA: usb-audio: Avoid autopm calls after disconnection; Fix missing autopm for MIDI input (Closes: #664068) * [!x86] Disable ZRAM, ZSMALLOC as modules (Reopens: #676779), as they really aren't portable yet. * udeb: Remove ipv6-modules on all architectures/flavours where it's now built-in (fixes FTBFS) [ Ian Campbell ] * [x86/xen] Update microcode driver to use new API. -- Ben Hutchings Fri, 18 Jan 2013 01:36:15 +0000 linux (3.7.1-1~experimental.2) experimental; urgency=low [ Ben Hutchings ] * linux-headers-common: Include the include/uapi/asm-generic directory (Closes: #696664) * linux-headers-common: Do not use link-vmlinux.sh when cleaning external modules (Closes: #696775) * Enable ZRAM, ZSMALLOC as modules on all architectures (Closes: #676779) -- Ben Hutchings Sat, 05 Jan 2013 17:48:05 +0000 linux-tools (3.7.1-1~experimental.1) experimental; urgency=low * New upstream release [ Ben Hutchings ] * [amd64] linux-tools: Enable optimisations and special-casing of x86_64 (Closes: #694759) [ Uwe Kleine-König ] * linux-kbuild: debian/control: Use Section: kernel (Closes: #545017) -- Jonathan Nieder Fri, 28 Dec 2012 09:29:53 -0800 linux (3.7.1-1~experimental.1) experimental; urgency=low * New upstream release: http://kernelnewbies.org/Linux_3.7 * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.1 [ maximilian attems ] * Enable WIZNET_W5100, WIZNET_W5300, AMD_PHY, BCM87XX_PHY. [ Ben Hutchings ] * aufs: Update to aufs3.x-rcN-20121210 * [rt] Disable until it is updated for Linux 3.7 or later * Make gcc-4.7 the default compiler * [mips,mipsel,sparc] media/parpot: Disable VIDEO_PMS in all configurations where the other parport video drivers are disabled * [x86] fs: Re-enable PSTORE_RAM (formerly known as RAMOOPS) as module * net/wireless: Enable WL_TI; re-enable WL1251 and WL12XX as modules * staging: Enable RTLLIB; re-enable RTL8192E as module * media: Enable IR_TTUSBIR as module, replacing LIRC_TTUSBIR * media: Enable VIDEO_STK1160 as module, replacing EASYCAP * [armhf/mx5] Update configuration: - Enable MACH_IMX51_DT, replacing MACH_MX51_EFIKAMX (but not fully working in this kernel version) - Enable SOC_IMX53, replacing MACH_MX53_{EVK,SMD,LOCO,ARD} - Re-enable MFD_MC13XXX_SPI (formerly included in MFD_MC13XXX) - Enable PWM and re-enable PWM_IMX (formerly known as MXC_PWM) * [i386] comedi: Re-enable COMEDI_ISA_DRIVERS * [i386,alpha] media/radio: Enable V4L_RADIO_ISA_DRIVERS and re-enable the ISA drivers * PCI: Enable PCI_REALLOC_ENABLE_AUTO * [x86] PCI: Enable PCI_PRI, PCI_PASID, PCI_IOAPIC * [amd64] ACPI: Enable ACPI_BGRT * net: Enable INET_UDP_DIAG, NET_IPVTI, PACKET_DIAG, UNIX_DIAG as modules * netfilter: Enable NF_NAT_IPV6, IP6_NF_TARGET_MASQUERADE, IP6_NF_TARGET_NPT, NF_CT_NETLINK_HELPER as modules * net/sched: Enable NET_EMATCH_CANID, NET_EMATCH_IPSET as modules * can: Enable CAN_PEAK_PCIEC, CAN_PEAK_PCMCIA, CAN_PEAK_USB as modules * [i386] can: Enable CAN_CC770, CAN_CC770_ISA as module * block: Enable BLK_DEV_NVME, BLK_DEV_PCIESSD_MTIP32XX as modules * qla2xxx: Enable TCM_QLA2XXX as module * team: Enable NET_TEAM_MODE_BROADCAST as module * net: Enable VXLAN as module * phy: Enable AT803X_PHY as module * rt2800pci: Enable RT2800PCI_RT3290 * wireless/ti: Enable WL18XX as module * ptp: Enable clock drivers along with associated net/PHY drivers * [!x86] drm: Disable DRM_VMWGFX * drm: Enable DRM_UDL as module - Disable autoloading as it is incompatible with older versions of xserver-xorg-video-displaylink * [x86] drm: Enable DRM_AST, DRM_MGAG200 as modules - Disable autoloading as they are incompatible with older versions of xserver-xorg-video-ast and xserver-xorg-video-mga -- Ben Hutchings Mon, 24 Dec 2012 02:50:21 +0000 linux (3.6.9-1~experimental.1) experimental; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.6.9 [ maximilian attems ] * Enable NETFILTER_XT_TARGET_HMARK, NET_EMATCH_IPSET, USB_NET_QMI_WWAN. * Enable more HID drivers. * [x86] Enable INTEL_MEI. * [ARM]: 7492/1: add strstr declaration for decompressors. [ Ben Hutchings ] * HID: Add Apple wireless keyboard 2011 ANSI to special driver list (Closes: #694546) [ Arnaud Patard ] * [ARM]: add patch from staging-next to fix lis3l02dq on omap * [ARM]: backport omap usb fixes to make it build again. * Change musb Kconfig so that our configuration of USB_MUSB_OMAP2PLUS is used and not set to 'm'. -- maximilian attems Wed, 05 Dec 2012 16:16:50 +0100 linux (3.6.8-1~experimental.1) experimental; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.6.7 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.6.8 [ Bastian Blank ] * Enable POWER_SUPPLY, BLK_DEV_THROTTLING and NETPRIO_CGROUP. * [amd64] Enable CRYPTO_CAMELLIA_X86_64, CRYPTO_SERPENT_AVX_X86_64 and CRYPTO_TWOFISH_AVX_X86_64. * [x86] Enable more platform drivers. * [s390/s390x-tape, s390x/s390x-tape] Remove not longer supported image variant. * [s390, s390x] Enable support for transparent hugepages. * Use XZ for kernel images if supported. [ maximilian attems ] * Enable DVB_USB_RTL28XXU. (closes: #692749) * Enable SBP_TARGET. (closes: #685341) -- maximilian attems Wed, 28 Nov 2012 18:35:41 +0100 linux-tools (3.6-1~experimental.1) experimental; urgency=low * New upstream release (Closes: #690011) [ Ben Hutchings ] * genorig: Accept xz-compressed upstream tarballs and patches, and generate an xz-compressed orig tarball, thanks to Sedat Dilek * source: Enable xz-compression for debian directory tarball [ Jonathan Nieder ] * Add myself to uploaders list. -- Jonathan Nieder Sat, 24 Nov 2012 13:40:28 -0800 linux (3.6.6-1~experimental.1) experimental; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.6.5 - [x86] mm: Find_early_table_space based on ranges that are actually being mapped (Closes: #692067) http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.6.6 - ext4: fix unjournaled inode bitmap modification (Closes: #692411) [ Uwe Kleine-König ] * [rt] bump to 3.6.4-rt10 [ Ben Hutchings ] * [x86] staging: Re-enable ZSMALLOC as module, previously selected by ZRAM but now a dependency (Closes: #692024) * fs: Re-enable link security restrictions that are disabled by default in 3.6.5 * [rt] Update to 3.6.6-rt17 * rc: Enable RC_DEVICES; re-enable LIRC; re-enable the drivers that depend on those; enable IR_SANYO_DECODER and IR_IGUANA as modules [ Bastian Blank ] * [sparc] Remove IP_PNP, IP_PNP_RARP, NET_IPGRE and ARPD overrides. * Enable IPv6 globally. -- Ben Hutchings Thu, 15 Nov 2012 04:49:50 +0000 linux (3.6.4-1~experimental.1) experimental; urgency=low * New upstream release: http://kernelnewbies.org/Linux_3.6 * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.6.1 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.6.2 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.6.3 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.6.4 [ Ben Hutchings ] * aufs: Update to aufs3.6-20121015 * cirrus: Disable by default, as it is currently incompatible with xserver-xorg-video-cirrus. It can be forced to load with module parameter modeset=1. [ Uwe Kleine-König ] * reenable the rt featureset using 3.6.3-rt8 -- Ben Hutchings Mon, 29 Oct 2012 04:22:02 +0000 linux (3.5.5-1~experimental.1) experimental; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.5.3 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.5.4 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.5.5 [ Ben Hutchings ] * mfd: lpc_ich: Fix a 3.5 kernel regression for iTCO_wdt driver (Closes: #686040) * drm: Enable various drivers (Closes: #685479): - [x86] Enable DRM_GMA500 (previously DRM_PSB) as module - Enable DRM_CIRRUS_QEMU as module * media/dvb: Enable DVB_USB_AF9035 as module (Closes: #687050) [ Bastian Blank ] * Remove superfluous dependency in debugging packages. -- Bastian Blank Thu, 04 Oct 2012 15:19:30 +0200 linux-tools (3.5-1~experimental.1) experimental; urgency=low * New upstream release -- Ben Hutchings Mon, 20 Aug 2012 00:57:12 +0100 linux (3.5.2-1~experimental.1) experimental; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.5.1 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.5.2 [ Ben Hutchings ] * genorig: Fix linux_upstream_full compute for version with modifier, thanks to Julien Danjou (Closes: #683824) -- Ben Hutchings Sun, 19 Aug 2012 21:36:04 +0100 linux (3.5-1~experimental.1) experimental; urgency=low * New upstream release: http://kernelnewbies.org/Linux_3.5 [ Ben Hutchings ] * net: Enable OPENVSWITCH as module (Closes: #675010) * aufs: Update to aufs3.5-20120730 * rt: Disable until it is updated for Linux 3.5 or later * debian/copyright: Convert to machine-readable format (fka DEP-5) * debian/copyright: Add copyright notice for newly-added Unicode data * [x86] seccomp: Enable SECCOMP_FILTER * [x86] applesmc: Update to Linux 3.6, including fixes for new MacBook models -- Ben Hutchings Wed, 01 Aug 2012 14:08:55 +0100 linux (3.4.4-1~experimental.1) experimental; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.2 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.3 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.4 [ Ben Hutchings ] * [ia64] Export to userland (fixes FTBFS) * [x86] Enable BATTERY_SBS as module (Closes: #662902) * team: Enable NET_TEAM_MODE_LOADBALANCE as module * [x32] Build a linux-libc-dev package * input: Enable MOUSE_SYNAPTICS_USB (Closes: #678071) * [x86] staging: zsmalloc: Finish conversion to a separate module (Closes: #677273) * [rt] Update to 3.4.4-rt13 [ Arnaud Patard ] * [armel] disable FIPS, VGA_ARB, FTRACE on iop32x and ixp4xx to reduce kernel size. * [armel] disable virtio modules on all platforms except versatile * [armel] enable PHYSMAP on all platforms except ixp4xx -- Ben Hutchings Tue, 26 Jun 2012 07:28:41 +0100 linux-tools (3.4-1~experimental.1) experimental; urgency=low * New upstream release * Build-Depend on bison and flex, now required to build perf * Fix version insertion in perf man pages -- Ben Hutchings Sat, 09 Jun 2012 20:51:12 +0100 linux-2.6 (3.4.1-1~experimental.1) experimental; urgency=low * New upstream release: http://kernelnewbies.org/Linux_3.4 * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.1 [ maximilian attems ] * Enable DM_VERITY, NF_CONNTRACK_TIMEOUT, NF_CT_NETLINK_TIMEOUT, IP_NF_MATCH_RPFILTER, IP6_NF_MATCH_RPFILTER, NETFILTER_NETLINK_ACCT, NETFILTER_XT_MATCH_NFACCT, NET_SCH_PLUG, SCSI_UFSHCD, SCSI_VIRTIO, NET_TEAM, ATH6KL. [ Ben Hutchings ] * DFSG: Remove the new vs6624 driver, which contains non-free firmware * aufs: Update to aufs3.4-20120521 * [rt] Update to 3.4-rt8 and reenable -- maximilian attems Wed, 06 Jun 2012 10:25:57 +0200 linux-2.6 (3.3.6-1~experimental.1) experimental; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.5 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.6 - USB: cdc-wdm: fix race leading leading to memory corruption - autofs: make the autofsv5 packet file descriptor use a packetized pipe (Closes: #633423) - PM / Hibernate: fix the number of pages used for hibernate/thaw buffering (Closes: #659363) - efi: Validate UEFI boot variables - efivars: Improve variable validation - fs/cifs: fix parsing of dfs referrals - hfsplus: Fix potential buffer overflows (CVE-2012-2319) - exit_signal: fix the "parent has changed security domain" logic - net: l2tp: unlock socket lock before returning from l2tp_ip_sendmsg - sky2: fix receive length error in mixed non-VLAN/VLAN traffic (Closes: #492853) - [s390] KVM: do store status after handling STOP_ON_STOP bit - [s390] KVM: Sanitize fpc registers for KVM_SET_FPU - KVM: Fix write protection race during dirty logging - KVM: mmu_notifier: Flush TLBs before releasing mmu_lock - KVM: Ensure all vcpus are consistent with in-kernel irqchip settings (CVE-2012-1601) - KVM: nVMX: Fix erroneous exception bitmap check - KVM: VMX: Fix kvm_set_shared_msr() called in preemptible context - KVM: lock slots_lock around device assignment - hugepages: fix use after free bug in "quota" handling -- Ben Hutchings Fri, 18 May 2012 03:53:16 +0100 linux-2.6 (3.3.4-1~experimental.1) experimental; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.3 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.4 [ Ben Hutchings ] * [x86] dell-laptop: Terminate quirks list properly -- Ben Hutchings Tue, 01 May 2012 01:23:59 +0100 linux-2.6 (3.3.2-1~experimental.1) experimental; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.1 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.2 [ Ben Hutchings ] * [armel/iop32x] Add missing #includes (fixes FTBFS) -- Ben Hutchings Sun, 15 Apr 2012 16:36:13 +0100 linux-tools (3.3-1~experimental.1) experimental; urgency=low * New upstream release candidate * linux-kbuild: debian/control: Set Multi-Arch: foreign * linux-tools: Build perf on alpha and hppa (Closes: #664834) -- Ben Hutchings Sat, 24 Mar 2012 23:15:59 +0000 linux-2.6 (3.3-1~experimental.1) experimental; urgency=low * New upstream release: http://kernelnewbies.org/Linux_3.3 [ Ben Hutchings ] * [x86] crypto: Enable CRYPTO_SERPENT_SSE2_586, CRYPTO_SERPENT_SSE2_X86_64 * aufs: Update to aufs3.x-rcN-20120312 * IB: Enable INFINIBAND_SRPT as module (Closes: #663041) -- Ben Hutchings Wed, 21 Mar 2012 03:08:36 +0000 linux-2.6 (3.3~rc6-1~experimental.1) experimental; urgency=low * New upstream release candidate [ Ben Hutchings ] * aufs: Update to aufs3.x-rcN-20120123 * rt: Disable until it is updated for Linux 3.3 or later -- Ben Hutchings Sun, 04 Mar 2012 20:27:42 +0000 linux (3.2.41-2) unstable; urgency=low * [ia64] udeb: Remove efi-modules package; make kernel-image provide efi-modules (fixes FTBFS) * linux-headers: Fix file installation on architectures without Kbuild.platforms (Closes: #703800) * [x86] drm/i915: bounds check execbuffer relocation count (CVE-2013-0913) * [x86] drm: Enable DRM_GMA500 as module, replacing DRM_PSB (Closes: #703506) - Enable DRM_GMA600, DRM_GMA3600, DRM_MEDFIELD * [x86] KVM: x86: fix for buffer overflow in handling of MSR_KVM_SYSTEM_TIME (CVE-2013-1796) * [x86] KVM: x86: Convert MSR_KVM_SYSTEM_TIME to use gfn_to_hva_cache functions (CVE-2013-1797) * KVM: Fix bounds checking in ioapic indirect register reads (CVE-2013-1798) -- Ben Hutchings Mon, 25 Mar 2013 15:17:44 +0000 linux (3.2.41-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.40 - ext4: return ENOMEM if sb_getblk() fails - ext4: fix possible use-after-free with AIO - s390/kvm: Fix store status for ACRS/FPRS - staging: comedi: disallow COMEDI_DEVCONFIG on non-board minors - ext4: fix race in ext4_mb_add_n_trim() - UBIFS: fix double free of ubifs_orphan objects - hrtimer: Prevent hrtimer_enqueue_reprogram race - nfsd: Fix memleak - x86: Do not leak kernel page mapping locations - USB: usb-storage: unusual_devs update for Super TOP SATA bridge - posix-cpu-timers: Fix nanosleep task_struct leak - NFSv4.1: Don't decode skipped layoutgets - cgroup: fix exit() vs rmdir() race - cpuset: fix cpuset_print_task_mems_allowed() vs rename() race - ext4: fix xattr block allocation/release with bigalloc - mm: fix pageblock bitmap allocation - target: Add missing mapped_lun bounds checking during make_mappedlun setup - b43: Increase number of RX DMA slots - posix-timer: Don't call idr_find() with out-of-range ID - fs: Fix possible use-after-free with AIO - powerpc/kexec: Disable hard IRQ before kexec - mmu_notifier_unregister NULL Pointer deref and multiple ->release() callouts - tmpfs: fix use-after-free of mempolicy object (CVE-2013-1767) - ocfs2: fix possible use-after-free with AIO - ocfs2: fix ocfs2_init_security_and_acl() to initialize acl correctly - ocfs2: ac->ac_allow_chain_relink=0 won't disable group relink - idr: fix a subtle bug in idr_get_next() - idr: make idr_get_next() good for rcu_read_lock() - idr: fix top layer handling - sysctl: fix null checking in bin_dn_node_address() - nbd: fsync and kill block device on shutdown - s390/timer: avoid overflow when programming clock comparator (regression in 3.2.38) - xen-pciback: rate limit error messages from xen_pcibk_enable_msi{,x}() (CVE-2013-0231) - xen-netback: correctly return errors from netbk_count_requests() - xen-netback: cancel the credit timer when taking the vif down - ipv6: use a stronger hash for tcp - staging: comedi: ni_labpc: correct differential channel sequence for AI commands - staging: comedi: ni_labpc: set up command4 register *after* command3 - vhost: fix length for cross region descriptor (CVE-2013-0311) http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.41 - NFS: Don't allow NFS silly-renamed files to be deleted, no signal - ARM: VFP: fix emulation of second VFP instruction - md: fix two bugs when attempting to resize RAID0 array. - proc connector: reject unprivileged listener bumps - cifs: ensure that cifs_get_root() only traverses directories - dm: fix truncated status strings - hw_random: make buffer usable in scatterlist. (real fix for #701784) - efi_pstore: Check remaining space with QueryVariableInfo() before writing data - efi: be more paranoid about available space when creating variables (Closes: #703574) - vfs: fix pipe counter breakage - xen/pciback: Don't disable a PCI device that is already disabled. - ALSA: seq: Fix missing error handling in snd_seq_timer_open() - ext3: Fix format string issues (CVE-2013-1848) - keys: fix race with concurrent install_user_keyrings() (CVE-2013-1792) - USB: cdc-wdm: fix buffer overflow (CVE-2013-1860) - signal: always clear sa_restorer on execve (CVE-2013-0914) - crypto: user - fix info leaks in report API (CVE-2013-2546, CVE-2013-2547, CVE-2013-2548) - Fix: compat_rw_copy_check_uvector() misuse in aio, readv, writev, and security keys - batman-adv: bat_socket_read missing checks - batman-adv: Only write requested number of byte to user buffer - mm/hotplug: correctly add new zone to all other nodes' zone lists (CVE-2012-5517) - btrfs: use rcu_barrier() to wait for bdev puts at unmount [ Aurelien Jarno] * [mips,mipsel] Disable VGA_CONSOLE and ignore the corresponding ABI change. It is completely broken on MIPS. * headers: Include Kbuild.platforms and Platform files in -common to fix out-of-tree building on mips and mipsel. * [{mips,mipsel}/{4,5}kc-malta] Enable HW_RANDOM as module so that both flavours have a consistent configuration. [ Ben Hutchings ] * [x86] ata_piix: reenable MS Virtual PC guests (fixes regression in 3.2.19-1) * test-patches: Clean up all previous test patches, whether or not they were applied * test-patches: Add --fuzz option to allow testing patches that have fuzz * [x86] efi: Fix processor-specific memcpy() build error (Closes: #698581) * udeb: Add hid-topseed to input-modules (Closes: #702611) * [x86] drm/i915: Unconditionally initialise the interrupt workers, thanks to Bjørn Mork (Closes: #692607) * efi: Ensure efivars is loaded on EFI systems (Closes: #703363) - [x86] Use a platform device to trigger loading of efivars - [ia64] Change EFI_VARS from module to built-in * efivars: Work around serious firmware bugs - Allow disabling use as a pstore backend - Add module parameter to disable use as a pstore backend * [x86] Set EFI_VARS_PSTORE_DEFAULT_DISABLE=y - explicitly calculate length of VariableName - Handle duplicate names from get_next_variable() * efi_pstore: Introducing workqueue updating sysfs * efivars: pstore: Do not check size when erasing variable * efivars: Remove check for 50% full on write * kmsg_dump: Only dump kernel log in error cases (Closes: #703386) - kexec: remove KMSG_DUMP_KEXEC - kmsg_dump: don't run on non-error paths by default * [x86] i915: initialize CADL in opregion (Closes: #703271) * drm, agp: Update to 3.4.37: - drm/radeon/dce6: fix display powergating - drm: don't add inferred modes for monitors that don't support them - drm/i915: Increase the RC6p threshold. * signal: Fix use of missing sa_restorer field (build regression introduced by fix for CVE-2013-0914) * rds: limit the size allocated by rds_message_alloc() * rtnl: fix info leak on RTM_GETLINK request for VF devices * dcbnl: fix various netlink info leaks * [s390] mm: fix flush_tlb_kernel_range() * [powerpc] Fix cputable entry for 970MP rev 1.0 * vhost/net: fix heads usage of ubuf_info * udf: avoid info leak on export (CVE-2012-6548) * isofs: avoid info leak on export (CVE-2012-6549) * [x86,powerpc/powerpc64] random: Change HW_RANDOM back from built-in to module, as we now have a real fix for #701784 * [rt] Update to 3.2.40-rt60 -- Ben Hutchings Sat, 23 Mar 2013 03:54:34 +0000 linux (3.2.39-2) unstable; urgency=high * [s390,s390x] virtio: Ignore ABI changes in 3.2.39 (fixes FTBFS) * [sparc] drm: Ignore ABI changes in 3.2.39 (fixes FTBFS) * [sparc] drm: Change from built-in to module * [rt] Update to 3.2.39-rt59: - acpi/rt: Convert acpi_gbl_hardware lock back to a raw_spinlock_t - printk: Fix rq->lock vs logbuf_lock unlock lock inversion - wait-simple: Simple waitqueue implementation - rcutiny: Use simple waitqueue * [x86] efi: Fix ABI change for introduction of efi_enabled() function in 3.2.38 (Closes: #701690) * [armel/versatile] i2c: Re-enable I2C_PCA_PLATFORM as module, erroneously disabled in 3.2.39-1 (fixes FTBFS) * [x86,powerpc/powerpc64] random: Change HW_RANDOM from module to built-in, to work around virtio-rng bug (Closes: #701784) -- Ben Hutchings Wed, 27 Feb 2013 03:48:30 +0000 linux (3.2.39-1) unstable; urgency=high * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.36 - freezer: PF_FREEZER_NOSIG should be cleared along with PF_NOFREEZE (Closes: #697077) - tmpfs: fix shared mempolicy leak - virtio: 9p: correctly pass physical address to userspace for high pages - virtio: force vring descriptors to be allocated from lowmem - USB: EHCI: bugfix: urb->hcpriv should not be NULL - rcu: Fix batch-limit size problem - Bluetooth: ath3k: Add support for VAIO VPCEH [0489:e027] (Closes: #700550) - mvsas: fix undefined bit shift - ALSA: usb-audio: Avoid autopm calls after disconnection; Fix missing autopm for MIDI input (Closes: #664068) - target/file: Fix 32-bit highmem breakage for SGL -> iovec mapping - SCSI: fix Null pointer dereference on disk error - proc: pid/status: show all supplementary groups - nfsd4: fix oops on unusual readlike compound - ARM: missing ->mmap_sem around find_vma() in swp_emulate.c - sctp: fix memory leak in sctp_datamsg_from_user() when copy from user space fails - ne2000: add the right platform device - irda: sir_dev: Fix copy/paste typo - ipv4: ip_check_defrag must not modify skb before unsharing - telephony: ijx: buffer overflow in ixj_write_cid() - udf: fix memory leak while allocating blocks during write http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.37 - ext4: fix extent tree corruption caused by hole punch - jbd2: fix assertion failure in jbd2_journal_flush() - tmpfs mempolicy: fix /proc/mounts corrupting memory - sparc: huge_ptep_set_* functions need to call set_huge_pte_at() - inet: Fix kmemleak in tcp_v4/6_syn_recv_sock and dccp_v4/6_request_recv_sock - net: sched: integer overflow fix - tcp: implement RFC 5961 3.2 - tcp: implement RFC 5961 4.2 - tcp: refine SYN handling in tcp_validate_incoming - tcp: tcp_replace_ts_recent() should not be called from tcp_validate_incoming() - tcp: RFC 5961 5.2 Blind Data Injection Attack Mitigation - RDMA/nes: Fix for crash when registering zero length MR for CQ - ACPI : do not use Lid and Sleep button for S5 wakeup http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.38 - staging: comedi: comedi_test: fix race when cancelling command - mm: use aligned zone start for pfn_to_bitidx calculation - [s390] s390/time: fix sched_clock() overflow (Closes: #698382) - [i386] xen: Fix stack corruption in xen_failsafe_callback for 32bit PVOPS guests. (CVE-2013-0190) - KVM: PPC: Emulate dcbf - evm: checking if removexattr is not a NULL - ath9k_htc: Fix memory leak - ath9k: do not link receive buffers during flush - ath9k: fix double-free bug on beacon generate failure - x86/msr: Add capabilities check - can: c_can: fix invalid error codes - can: ti_hecc: fix invalid error codes - can: pch_can: fix invalid error codes - smp: Fix SMP function call empty cpu mask race - xfs: Fix possible use-after-free with AIO - EDAC: Test correct variable in ->store function - samsung-laptop: Disable on EFI hardware, to avoid damaging it - NFS: Don't silently fail setattr() requests on mountpoints - intel-iommu: Prevent devices with RMRRs from being placed into SI Domain - ALSA: usb-audio: Fix regression by disconnection-race-fix patch (Closes: #696321) - printk: fix buffer overflow when calling log_prefix function from call_console_drivers http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.39 - USB: XHCI: fix memory leak of URB-private data - sched/rt: Use root_domain of rt_rq not current processor - mwifiex: fix incomplete scan in case of IE parsing error - x86-64: Replace left over sti/cli in ia32 audit exit code - Bluetooth: Fix handling of unexpected SMP PDUs - ptrace/x86: Partly fix set_task_blockstep()->update_debugctlmsr() logic - Fix race condition with PTRACE_SETREGS and fatal signal (CVE-2013-0871) + ptrace: introduce signal_wake_up_state() and ptrace_signal_wake_up() + ptrace: ensure arch_ptrace/ptrace_request can never race with SIGKILL + wake_up_process() should be never used to wakeup a TASK_STOPPED/TRACED task - net: prevent setting ttl=0 via IP_TTL - ipv6: fix header length calculation in ip6_append_data() - netxen: fix off by one bug in netxen_release_tx_buffer() - r8169: remove the obsolete and incorrect AMD workaround - net: loopback: fix a dst refcounting issue - packet: fix leakage of tx_ring memory - net: sctp: sctp_setsockopt_auth_key: use kzfree instead of kfree - net: sctp: sctp_endpoint_free: zero out secret key data - xen/netback: shutdown the ring if it contains garbage. (CVE-2013-0216) - xen/netback: don't leak pages on failure in xen_netbk_tx_check_gop. - xen/netback: free already allocated memory on failure in xen_netbk_get_requests - netback: correct netbk_tx_err to handle wrap around. (CVE-2013-0217) - tcp: frto should not set snd_cwnd to 0 - tcp: fix for zero packets_in_flight was too broad - tcp: fix MSG_SENDPAGE_NOTLAST logic - bridge: Pull ip header into skb->data before looking into ip header. (Closes: #697903) - x86/xen: don't assume %ds is usable in xen_iret for 32-bit PVOPS. (CVE-2013-0228) [ Aurelien Jarno ] * [armhf/vexpress] Add kernel udebs. [ Julien Cristau ] * Backport drm and agp subsystems from Linux 3.4.29 (closes: #687442) - [x86] i915: Fixes freezes on Ivy Bridge (Closes: #689268) - nouveau: Support for newer nvidia chipsets (Closes: #690284) - radeon: Support for HD7000 'Southern Islands' chips - [x86] drm/i915: add Ivy Bridge GT2 Server entries (Closes: #684767) - [x86] drm/i915: Close race between processing unpin task and queueing the flip [ Ben Hutchings ] * Input: wacom - fix touch support for Bamboo Fun CTH-461 * media/rc: Add iguanair driver from Linux 3.7 (Closes: #696925) * rt2800: add chipset revision RT5390R support (Closes: #696592) * [armhf/mx5] mtd: Enable MTD_BLOCK as module * [armhf/mx5] udeb: Add missing storage drivers (Closes: #697128) - Add ata-modules including libata, pata-modules including pata_imx, sata-modules including ahci_platform - Add sdhci-esdhc-imx to mmc-modules - Add mtd-modules including mtd, mtdblock and m25p80 * [armhf] udeb: Fix network driver selection - [armhf/mx5] Remove nic-modules - [armhf/vexpress] Add usb-modules - Add standard set of USB drivers to nic-usb-modules - Add nic-wireless-modules * be2net: Apply backported fixes requested by Emulex (Closes: #697479) - be2net: do not modify PCI MaxReadReq size - be2net: fix reporting number of actual rx queues - be2net: do not use SCRATCHPAD register - be2net: reduce gso_max_size setting to account for ethernet header. - be2net: Increase statistics structure size for skyhawk. - be2net: Explicitly clear the reserved field in the Tx Descriptor - be2net: Regression bug wherein VFs creation broken for multiple cards. - be2net: Fix to trim skb for padded vlan packets to workaround an ASIC Bug - be2net: Fix Endian - be2net: Enable RSS UDP hashing for Lancer and Skyhawk - be2net: dont pull too much data in skb linear part - be2net: Fix to parse RSS hash from Receive completions correctly. - be2net: Avoid disabling BH in be_poll() * udeb: Add specialised USB keyboard/mouse drivers to input-modules: hid-a4tech, hid-cypress, hid-ezkey (Closes: #697035), hid-kensington, hid-keytouch, hid-kye, hid-multitouch, hid-ortek, hid-primax, hid-quanta, hid-samsung, hid-speedlink * radeon: Firmware is required for DRM and KMS on R600 onward, but not for KMS on earlier chips (Closes: #697229) * [!powerpc] radeon: Reenable DRM_RADEON_KMS, as it apparently works on most non-PowerMac systems * fs: cachefiles: add support for large files in filesystem caching (Closes: #698376) * [rt] Update to 3.2.38-rt57: - sched: Adjust sched_reset_on_fork when nothing else changes - sched: Queue RT tasks to head when prio drops - sched: Consider pi boosting in setscheduler - sched: Init idle->on_rq in init_idle() - sched: Check for idle task in might_sleep() - mm: swap: Initialize local locks early * [armel/versatile,armhf/vexpress] i2c: Enable I2C, I2C_VERSATILE as modules (Closes: #696182) * ext4: Fix corruption by hole punch in large files (Closes: #685726) - rewrite punch hole to use ext4_ext_remove_space() - fix hole punch failure when depth is greater than 0 - fix kernel BUG on large-scale rm -rf commands * md: protect against crash upon fsync on ro array (Closes: #696650) * net: Add alx driver for Atheros AR8161 and AR8162 (Closes: #699129) - Mark as staging, since it has not been accepted upstream * [armel/kirkwood] rtc-s35390a: add wakealarm support (Closes: #693997) * [x86] i915: Invert backlight brightness control for various models including Packard Bell NCL20 (Closes: #627372) and eMachines G725 (Closes: #680737) - Also allow this behaviour to be enabled via module parameter invert_brightness=1 * [amd64] edac: Enable EDAC_SBRIDGE as module (Closes: #699283) * SCSI: Add virtio_scsi driver (Closes: #686636) * [x86] sound: Enable LINE6_USB as module (Closes: #700211) - Apply upstream changes up to Linux 3.8-rc1 * [armhf/mx5] Update description to mention i.MX53 * mm: Try harder to allocate vmemmap blocks (Closes: #699913) * aufs: Update to aufs3.2-20130204: - support for syncfs(2) - possible bugfix, race in lookup - bugfix, half refreshed iinfo - possible bugfix, au_lkup_by_ino() returns ESTALE * [x86] efi: Clear EFI_RUNTIME_SERVICES rather than EFI_BOOT by "noefi" boot parameter * [x86] efi: Make "noefi" really disable EFI runtime serivces * drm, agp: Update to 3.4.32 - drm/radeon: add WAIT_UNTIL to the non-VM safe regs list for cayman/TN - drm/radeon: prevent crash in the ring space allocation * linux-image-dbg: Add symlinks to vmlinux from the locations expected by kdump-tools (Closes: #700418), systemtap and others * mm: fix pageblock bitmap allocation (fixes regression in 3.2.38) * USB: usb-storage: unusual_devs update for Super TOP SATA bridge [ Cyril Brulebois ] * Bump python build-dep, needed since the switch from local SortedDict to collections.OrderedDict (new in version 2.7). (Closes: #697740) -- Ben Hutchings Mon, 25 Feb 2013 00:36:51 +0000 linux (3.2.35-2) unstable; urgency=low * [ia64] Make IPV6 built-in (fixes FTBFS) * [rt] Update to 3.2.35-rt52 * audit: Increase maximum number of names logged per syscall to 30 (Closes: #631799) * asix: Add support for Lenovo 10/100 USB dongle (Closes: #696248) * udeb: Add ums-eneub6250, ums-realtek (Closes: #694348) to usb-storage-modules -- Ben Hutchings Wed, 19 Dec 2012 03:41:35 +0000 linux (3.2.35-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.33 - samsung-laptop: don't handle backlight if handled by acpi/video (Closes: #693190) - e1000: fix vlan processing regression (Closes: #690956) - [x86] drm/i915: no lvds quirk for Zotac ZDBOX SD ID12/ID13 (Closes: #691122) - au0828: fix case where STREAMOFF being called on stopped stream causes BUG() - net: Fix skb_under_panic oops in neigh_resolve_output - vlan: don't deliver frames for unknown vlans to protocols - RDS: fix rds-ping spinlock recursion - tcp: resets are misrouted - nfsd4: fix nfs4 stateid leak - [arm] vfp: fix saving d16-d31 vfp registers on v6+ kernels - scsi_debug: Fix off-by-one bug when unmapping region - storvsc: Account for in-transit packets in the RESET path - tmpfs,ceph,gfs2,isofs,reiserfs,xfs: fix fh_len checking - ext4: race-condition protection for ext4_convert_unwritten_extents_endio (CVE-2012-4508) - md/raid10: use correct limit variable - net/wireless: ipw2200: Fix panic occurring in ipw_handle_promiscuous_tx() - USB: cdc-acm: fix pipe type of write endpoint - [x86] xen: don't corrupt %eip when returning from a signal handler - sysfs: sysfs_pathname/sysfs_add_one: Use strlcat() instead of strcat() - fs/compat_ioctl.c: VIDEO_SET_SPU_PALETTE missing error check - netfilter: nf_conntrack: fix racy timer handling with reliable events http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.34 - x86: Remove the ancient and deprecated disable_hlt() and enable_hlt() facility (Closes: #667501) - ALSA: PCM: Fix some races at disconnection - ALSA: usb-audio: Fix races at disconnection - crypto: cryptd - disable softirqs in cryptd_queue_worker to prevent data corruption - mac80211: Only process mesh config header on frames that RA_MATCH - mac80211: fix SSID copy on IBSS JOIN - mac80211: check management frame header length - mac80211: verify that skb data is present - mac80211: make sure data is accessible in EAPOL check - ath9k: Test for TID only in BlockAcks while checking tx status - nfs: Show original device name verbatim in /proc/*/mount{s,info} (Closes: #669314) - target: Avoid integer overflow in se_dev_align_max_sectors() - hwmon: (w83627ehf) Force initial bank selection - xfs: fix reading of wrapped log data - fanotify: fix missing break - drm/vmwgfx: Fix a case where the code would BUG when trying to pin GMR memory - sctp: fix call to SCTP_CMD_PROCESS_SACK in sctp_cmd_interpreter() - netlink: use kfree_rcu() in netlink_release() - tcp: fix FIONREAD/SIOCINQ - net: fix divide by zero in tcp algorithm illinois (CVE-2012-4565) - af-packet: fix oops when socket is not present - r8169: Fix WoL on RTL8168d/8111d. (Closes: #674154) - sky2: Fix for interrupt handler (Closes: #681280) http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.35 - UBIFS: fix mounting problems after power cuts - [s390] gup: add missing TASK_SIZE check to get_user_pages_fast() - [x86] Exclude E820_RESERVED regions and memory holes above 4 GB from direct mapping. - netfilter: Mark SYN/ACK packets as invalid from original direction - netfilter: Validate the sequence number of dataless ACK packets as well - ipv4: avoid undefined behavior in do_ip_setsockopt() - Input: i8042 - also perform controller reset when suspending (Closes: #693934) - brcm80211: smac: only print block-ack timeout message at trace level (Closes: #674430) - GFS2: Test bufdata with buffer locked and gfs2_log_lock held - [x86] mce, therm_throt: Don't report power limit and package level thermal throttle events in mcelog (Closes: #695209) - [hppa] fix virtual aliasing issue in get_shared_area() - xfs: drop buffer io reference when a bad bio is built - reiserfs: Protect reiserfs_quota_{on,write}() with write lock - md: Reassigned the parameters if read_seqretry returned true in func md_is_badblock. - md: Avoid write invalid address if read_seqretry returned true. - [i386] Fix invalid stack address while in softirq - selinux: fix sel_netnode_insert() suspicious rcu dereference - [hppa] fix user-triggerable panic on parisc - block: Don't access request after it might be freed - futex: avoid wake_futex() for a PI futex_q [ Ben Hutchings ] * [x86] udeb: Re-add isci to scsi-extra-modules (Closes: #690886; regression of #652897 in version 3.2~rc7-1~experimental.1 due to mis-merge) * udeb: Add missing net drivers: - Add 8021q (Closes: #689159), cxgb4, cxgb4vf, igbvf, ixgbevf, micrel, mlx4_en, pch_gbe, qlge, smsc9420, tehuti, vxge to nic-extra-modules - Add int51x1, smsc75xx, smsc95xx to nic-usb-modules - Add adm8211, at76c50x-usb, b43legacy, iwl4965, libertas_tf_usb, mwifiex_pcie, mwl8k, orinoco_usb, prism2_usb, r8187se, r8192e_pci, r8712u, rtl8192ce (Closes: #686605), rtl8192cu, rtl8192de, rtl8192se vt6656_stage to nic-wireless-modules - Move broadcom to nic-modules, as it may be needed by tg3 * udeb: Add bnx2fc, fnic, pmcraid to scsi-extra-modules * udeb: Move rtl8180 to nic-wireless-modules * [x86] asus-laptop: Do not call HWRS on init (Closes: #692436) * [x86] drm/i915: Only kick out vesafb if we takeover the fbcon with KMS (Closes: #686284) * [!x86] radeon: Disable DRM_RADEON_KMS, as this is still not expected to work (Closes: #628972) * radeon: Disable KMS earlier if firmware is not installed (Closes: #607194) * [amd64] linux-image: Include VIA Nano in package description * linux-image-dbg: Change package description to use the phrase 'debugging symbols' and correct grammar * usb: Disable UAS; it is known to be broken, and the supported devices can also work with usb-storage * ipv6: Treat ND option 31 as userland (DNSSL support) (Closes: #694522) * rt2x00: Add device IDs 5362, 5392, 539b (Closes: #694312) * udeb: Add pata_piccolo to pata-modules (Closes: #695437) * firmware_class: Log every success and failure against given device * firmware: Remove redundant log messages from drivers * [x86] ACPI / video: ignore BIOS initial backlight value for HP Folio 13-2000 (Closes: #692361) * [x86] KVM: x86: invalid opcode oops on SET_SREGS with OSXSAVE bit set (CVE-2012-4461) * kmod: make __request_module() killable (CVE-2012-4398) * exec: do not leave bprm->interp on stack (CVE-2012-4530) * exec: use -ELOOP for max recursion depth * [rt] Update to 3.2.34-rt51: - hrtimer: Raise softirq if hrtimer irq stalled - rcu: Disable RCU_FAST_NO_HZ on RT - net: netfilter: Serialize xt_write_recseq sections on RT * megaraid_sas: fix memory leak if SGL has zero length entries (Closes: #688198) [ Ian Campbell ] * [xen] add support for microcode updating. (Closes: #693053) -- Ben Hutchings Mon, 10 Dec 2012 00:14:55 +0000 linux (3.2.32-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.31 - target: Fix ->data_length re-assignment bug with SCSI overflow - hpsa: fix handling of protocol error - cifs: fix return value in cifsConvertToUTF16 - asix: Support DLink DUB-E100 H/W Ver C1 (Closes: #687567) - dj: memory scribble in logi_dj - dm: handle requests beyond end of device instead of using BUG_ON - md/raid10: fix "enough" function for detecting if array is failed. - libata: Prevent interface errors with Seagate FreeAgent GoFlex - vfs: dcache: fix deadlock in tree traversal - Revert "drm/radeon: rework pll selection (v3)" (regression in 3.2.30) - HID: hidraw: don't deallocate memory when it is in use - xfrm: Workaround incompatibility of ESN and async crypto - xfrm_user: fix various information leaks - xfrm_user: ensure user supplied esn replay window is valid - net: guard tcp_set_keepalive() to tcp sockets - ipv4: raw: fix icmp_filter() - ipv6: raw: fix icmpv6_filter() - ipv6: mip6: fix mip6_mh_filter() - netrom: copy_datagram_iovec can fail http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.32 - mtd: nand: Use the mirror BBT descriptor when reading its version - TTY: ttyprintk, don't touch behind tty->write_buf - n_gsm: fix various serious bugs - hpsa: Use LUN reset instead of target reset - staging: comedi: don't dereference user memory for INSN_INTTRIG - ext4: fix potential deadlock in ext4_nonda_switch() - staging: comedi: fix memory leak for saved channel list - scsi_remove_target: fix softlockup regression on hot remove (Closes: #690990) - usb: host: xhci: Fix Null pointer dereferencing with 71c731a for non-x86 systems (regression in 3.2.30) - ext4: online defrag is not supported for journaled files - staging: comedi: s626: don't dereference insn->data - serial: pl011: handle corruption at high clock speeds - ext4: always set i_op in ext4_mknod() - ext4: fix fdatasync() for files with only i_size changes - [x86] drm/i915: use adjusted_mode instead of mode for checking the 6bpc force flag (regression in 3.2.29) - staging: comedi: jr3_pci: fix iomem dereference - JFFS2: don't fail on bitflips in OOB - mtd: nandsim: bugfix: fail if overridesize is too big - pnfsblock: fix partial page buffer wirte - target/file: Re-enable optional fd_buffered_io=1 operation - iscsit: remove incorrect unlock in iscsit_build_sendtargets_resp - rapidio/rionet: fix multicast packet transmit logic - ALSA: aloop - add locking to timer access - [armhf/omap] counter: add locking to read_persistent_clock - mm: fix invalidate_complete_page2() lock ordering - mm: thp: fix pmd_present for split_huge_page and PROT_NONE with THP - mm: hugetlb: fix pgoff computation when unmapping page from vma - hugetlb: do not use vma_hugecache_offset() for vma_prio_tree_foreach - [x86] firewire: cdev: fix user memory corruption (i386 userland on amd64 kernel) - udf: fix retun value on error path in udf_load_logicalvol - eCryptfs: Unlink lower inode when ecryptfs_create() fails - eCryptfs: Initialize empty lower files when opening them - eCryptfs: Revert to a writethrough cache model - eCryptfs: Write out all dirty pages just before releasing the lower file - eCryptfs: Call lower ->flush() from ecryptfs_flush() - mempolicy: remove mempolicy sharing - mempolicy: fix a race in shared_policy_replace() - mempolicy: fix refcount leak in mpol_set_shared_policy() - mempolicy: fix a memory corruption by refcount imbalance in alloc_pages_vma() - hpsa: dial down lockup detection during firmware flash - netfilter: nf_ct_ipv4: packets with wrong ihl are invalid - netfilter: nf_nat_sip: fix incorrect handling of EBUSY for RTCP expectation - netfilter: nf_ct_expect: fix possible access to uninitialized timer - ipvs: fix oops on NAT reply in br_nf context [ Ben Hutchings ] * codel: refine one condition to avoid a nul rec_inv_sqrt * [mips,mipsel] Ignore NFS/SunRPC ABI changes in 3.2.30 (fixes FTBFS) * tg3: Fix TSO CAP for 5704 devs w / ASF enabled * SUNRPC: Set alloc_slot for backchannel tcp ops (regression in 3.2.30) * iwlwifi: Do not request unreleased firmware for IWL6000 (Closes: #689416) * aufs: Update to aufs3.2-20120827: - Fix statfs() values when different block sizes are in use * udeb: Add hid-logitech-dj to input-modules (Closes: #661379) * connector: Make CONNECTOR built-in; enable PROC_EVENTS (Closes: #588200) * e1000e: Change wthresh to 1 to avoid possible Tx stalls * [x86] efi: Build EFI stub with EFI-appropriate options * [rt] Update to 3.2.32-rt48: - random: Make add_interrupt_randomness() work on rt - softirq: Init softirq local lock after per cpu section is set up - mm: slab: Fix potential deadlock - mm: page_alloc: Use local_lock_on() instead of plain spinlock - rt: rwsem/rwlock: lockdep annotations - sched: Better debug output for might sleep - stomp_machine: Use mutex_trylock when called from inactive cpu * [x86] storvsc: Account for in-transit packets in the RESET path * fs: handle failed audit_log_start properly * fs: prevent use after free in auditing when symlink following was denied * kernel/sys.c: fix stack memory content leak via UNAME26 (CVE-2012-0957) * ALSA: hda: Fix oops caused by "Fix internal mic for Lenovo Ideapad U300s" in 3.2.32 -- Ben Hutchings Mon, 22 Oct 2012 06:25:37 +0100 linux (3.2.30-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.30 - ext3: Fix fdatasync() for files with only i_size changes - UBI: fix a horrible memory deallocation bug - fuse: fix retrieve length - mmc: card: Skip secure erase on MoviNAND; causes unrecoverable corruption - udf: Fix data corruption for files in ICB - xen: Use correct masking in xen_swiotlb_alloc_coherent. - CIFS: Fix error handling in cifs_push_mandatory_locks - [x86] drm/i915: Wait for all pending operations to the fb before disabling the pipe - xhci: Fix bug after deq ptr set to link TRB - NFS: Fix the initialisation of the readdir 'cookieverf' array - staging: comedi: das08: Correct AI encoding for das08jr-16-ao - staging: comedi: das08: Correct AO output for das08jr-16-ao - rt2800usb: Added rx packet length validity check - staging: zcache: fix cleancache race condition with shrinker - NFS: return error from decode_getfh in decode open - ARM: 7526/1: traps: send SIGILL if get_user fails on undef handling path - ahci: Add alternate identifier for the 88SE9172 [ Ben Hutchings ] * [s390/s390x-tape] udeb: Remove fuse-modules configuration (fixes FTBFS) -- dann frazier Wed, 26 Sep 2012 16:00:58 +0900 linux (3.2.29-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.24 - sched/nohz: Rewrite and fix load-avg computation -- again (Closes: #674153) - libsas: fix taskfile corruption in sas_ata_qc_fill_rtf - md/raid1: fix use-after-free bug in RAID1 data-check code. - PCI: EHCI: fix crash during suspend on ASUS computers - cpufreq / ACPI: Fix not loading acpi-cpufreq driver (regression in 3.2.2) - block: fix infinite loop in __getblk_slow (regression in 3.2.19) (Closes: #684293) - PM / Hibernate: Hibernate/thaw fixes/improvements - tcm_fc: Fix crash seen with aborts and large reads - fifo: Do not restart open() if it already found a partner - cifs: on CONFIG_HIGHMEM machines, limit the rsize/wsize to the kmap space - UBIFS: fix a bug in empty space fix-up - ore: Fix NFS crash by supporting any unaligned RAID IO - ore: Remove support of partial IO request (NFS crash) - pnfs-obj: don't leak objio_state if ore_write/read fails - pnfs-obj: Fix __r4w_get_page when offset is beyond i_size - dm raid1: fix crash with mirror recovery and discard - dm raid1: set discard_zeroes_data_unsupported - time: Fix bugs in leap-second handling (Closes: #679882) + ntp: Fix leap-second hrtimer livelock + timekeeping: Fix leapsecond triggered load spike issue - bnx2x: fix checksum validation - bnx2x: fix panic when TX ring is full - eCryptfs: Gracefully refuse miscdev file ops on inherited/passed files - ACPI / PM: Make acpi_pm_device_sleep_state() follow the specification http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.25 - mm: Fix various performance problems, particularly affecting use of transparent hugepages (Closes: #675493) - target: Add range checking to UNMAP emulation - target: Fix reading of data length fields for UNMAP commands - target: Fix possible integer underflow in UNMAP emulation - target: Check number of unmap descriptors against our limit - ext4: don't let i_reserved_meta_blocks go negative - ext4: undo ext4_calc_metadata_amount if we fail to claim space - locks: fix checking of fcntl_setlease argument - Btrfs: call the ordered free operation without any locks held http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.26 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.27 - lirc_sir: make device registration work (Closes: #680762) - random: Improve random number generation on non-interactive systems + random: Use arch_get_random_int instead of cycle counter if avail + random: Use arch-specific RNG to initialize the entropy store + random: make 'add_interrupt_randomness()' do something sane + usb: feed USB device information to the /dev/random driver + net: feed /dev/random with the MAC address when registering a device + rtc: wm831x: Feed the write counter into device_add_randomness() + mfd: wm831x: Feed the device UUID into device_add_randomness() - futex: Test for pi_mutex on fault in futex_wait_requeue_pi() - futex: Forbid uaddr == uaddr2 in futex_wait_requeue_pi() - s390/mm: downgrade page table after fork of a 31 bit process - asus-wmi: use ASUS_WMI_METHODID_DSTS2 as default DSTS ID. (Closes: #679158) - md/raid1: don't abort a resync on the first badblock. - [arm] 7467/1: mutex: use generic xchg-based implementation for ARMv6+ - [arm] 7476/1: vfp: only clear vfp state for current cpu in vfp_pm_suspend - [arm] 7477/1: vfp: Always save VFP state in vfp_pm_suspend on UP - [arm] 7478/1: errata: extend workaround for erratum #720789 - [arm] Fix undefined instruction exception handling - mm: mmu_notifier: fix freed page still mapped in secondary MMU - mm: hugetlbfs: close race during teardown of hugetlbfs shared page tables http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.28 - bnx2: Fix bug in bnx2_free_tx_skbs(). - sch_sfb: Fix missing NULL check - sctp: Fix list corruption resulting from freeing an association on a list - cipso: don't follow a NULL pointer when setsockopt() is called - caif: fix NULL pointer check - net/tun: fix ioctl() based info leaks - rtlwifi: rtl8192cu: Change buffer allocation for synchronous reads - hfsplus: fix overflow in sector calculations in hfsplus_submit_bio - drm/i915: fixup seqno allocation logic for lazy_request http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.29 - pnfs: defer release of pages in layoutget - fuse: verify all ioctl retry iov elements - usb: serial: mos7840: Fixup mos7840_chars_in_buffer() - sched: fix divide by zero at {thread_group,task}_times - vfs: canonicalize create mode in build_open_flags() - dccp: check ccid before dereferencing - md: Don't truncate size at 4TB for RAID0 and Linear - target: fix NULL pointer dereference bug alloc_page() fails to get memory - USB: CDC ACM: Fix NULL pointer dereference - alpha: Don't export SOCK_NONBLOCK to user space. (Closes: #658460) - radeon: Fix various bugs in reading vbios (Closes: #685604) - vfs: missed source of ->f_pos races - svcrpc: fix BUG() in svc_tcp_clear_pages - svcrpc: sends on closed socket should stop immediately - fbcon: fix race condition between console lock and cursor timer (v1.1) - mm: hugetlbfs: correctly populate shared pmd - fs/buffer.c: remove BUG() in possible but rare condition - block: replace __getblk_slow misfix by grow_dev_page fix - Staging: speakup: fix an improperly-declared variable. (Closes: #685953) - NFS: Fix Oopses in nfs_lookup_revalidate and nfs4_lookup_revalidate [ Ben Hutchings ] * Bump ABI to 4 * linux-image: Include package version in utsname version string ('uname -v' output) (Closes: #638878) * linux-source: Drop support for version.$DISTRIBUTION * [arm,ia64,powerpc,s390,sh,x86] linux-image: Include package version in stack traces from WARN, BUG, Oops etc. * udeb: Add snd-hda-codec-ca0132 to sound-modules (Closes: #682368) * linux-source: Suggest pkg-config, needed to build kconfig GUIs (Closes: #682726) * debugfs: Add mode, uid and gid mount options; set default mode to 700 (Closes: #681418) * net: new counter for tx_timeout errors in sysfs * net: Add byte queue limits (bql) for reduced buffer-bloat * bnx2,bnx2x,e1000e,forcedeth,igb,ixgbe,sfc,skge,sky2,tg3: Add support for bql * fs: Update link security restrictions to match Linux 3.6: - Drop kconfig options; restrictions can only be disabled by sysctl - Change the audit message type from AUDIT_AVC (1400) to AUDIT_ANON_LINK (1702) * [rt] Update to 3.2.28-rt42: - time/rt: Fix up leap-second backport for RT changes - fix printk flush of messages * rds: set correct msg_namelen (CVE-2012-3430) * e1000: add dropped DMA receive enable back in for WoL (Closes: #684618) * PCI/PM/Runtime: make PCI traces quieter (Closes: #684049) * rc: ite-cir: Initialise ite_dev::rdev earlier (Closes: #684441) * input: Enable TOUCHSCREEN_ATMEL_MXT as module (Closes: #685123) * usb: Add USB_QUIRK_RESET_RESUME for all Logitech UVC webcams (Closes: #668211) * [alpha] Use gcc-4.6 (Closes: #685894) - Use large data model to work around link failure * [i386/486] video: Change FB_GEODE_LX from built-in to module (lxfb) (Closes: #686528) * [i386/686-pae] video: Disable Geode framebuffer drivers, not used with any chips that support PAE * [x86] drm/i915: Fix i8xx interrupt handling (Closes: #655152) * [armel/kirkwood] ahci: Add JMicron 362 device IDs (Closes: #634180) * speakup: lower default software speech rate (Closes: #686742) * e1000e: Fix potential DoS when TSO enabled * mm: Remove user-triggerable BUG from mpol_to_str * sfc: Fix maximum number of TSO segments and minimum TX queue size (CVE-2012-3412) - tcp: Apply device TSO segment limit earlier * net_sched: gact: Fix potential panic in tcf_gact(). * af_packet: remove BUG statement in tpacket_destruct_skb * net: Fix various information leaks * af_packet: don't emit packet on orig fanout group * af_netlink: force credentials passing (CVE-2012-3520) * netlink: fix possible spoofing from non-root processes * net: ipv4: ipmr_expire_timer causes crash when removing net namespace * [i386] i810fb: Enable FB_I810_GTF, FB_I810_I2C (Closes: #687644) * udeb: Add fuse-modules to support os-prober (see #684265) [ Bastian Blank ] * Make xen-linux-system meta-packages depend on xen-system. This allows automatic updates. (closes: #681637) -- Ben Hutchings Sun, 16 Sep 2012 06:16:38 +0100 linux (3.2.23-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.22 - nilfs2: ensure proper cache clearing for gc-inodes - ath9k_hw: avoid possible infinite loop in ar9003_get_pll_sqsum_dvc http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.23 - splice: fix racy pipe->buffers uses - NFC: Prevent multiple buffer overflows in NCI (CVE-2012-3364) - NFC: Return from rawsock_release when sk is NULL - md/raid5: Do not add data_offset before call to is_badblock - md/raid5: In ops_run_io, inc nr_pending before calling md_wait_for_blocked_rdev - md/raid10: fix failure when trying to repair a read error. - udf: Improve sanity checking of filesystem metadata (CVE-2012-3400) + udf: Avoid run away loop when partition table length is corrupted + udf: Fortify loading of sparing table - l2tp: fix a race in l2tp_ip_sendmsg() - netpoll: fix netpoll_send_udp() bugs - Btrfs: run delayed directory updates during log replay - ocfs2: clear unaligned io flag when dio fails - aio: make kiocb->private NUll in init_sync_kiocb() - mm: Hold a file reference in madvise_remove [ Ben Hutchings ] * linux-libc-dev: Fix redundant 'GNU glibc' in description (Closes: #631228) * README.source: Correct name of main patch series file * [sh] Fix up store queue code for subsys_interface changes (Closes: #680025) * scsi: Silence unnecessary warnings about ioctl to partition (Closes: #656899) * Update Czech debconf template translations (Michal Simunek) (Closes: #679674) * linux-image: Remove versioned relations where stable version is new enough * udf: Improve table length check to avoid possible overflow * CIFS: Respect negotiated MaxMpxCount (deferred from 3.2.14) * epoll: clear the tfile_check_list on -ELOOP (CVE-2012-3375) * nouveau: Update to support Fermi (NVC0+) acceleration (Closes: #679566) - Refactor sub-channel use - Bump version to 1.0.0 * e100: ucode is optional in some cases * [x86] drm/i915: prefer wide & slow to fast & narrow in DP configs (Closes: #658662) * cipso: don't follow a NULL pointer when setsockopt() is called * [x86] hwmon: Enable SENSORS_SCH5636 as module (Closes: #680934) * atl1c: fix issue of transmit queue 0 timed out * raid5: delayed stripe fix (Closes: #680366) * fs: Remove easily user-triggerable BUG from generic_setlease * tcp: drop SYN+FIN messages * fifo: Do not restart open() if it already found a partner (Closes: #678852) * [rt] linux-source: Include -rt version suffix * [rt] Update to 3.2.23-rt37: - Latency histogramms: Cope with backwards running local trace clock - Latency histograms: Adjust timer, if already elapsed when programmed - Disable RT_GROUP_SCHED in PREEMPT_RT_FULL - Latency histograms: Detect another yet overlooked sharedprio condition - slab: Prevent local lock deadlock - fs, jbd: pull your plug when waiting for space - perf: Make swevent hrtimer run in irq instead of softirq - cpu/rt: Rework cpu down for PREEMPT_RT - cpu/rt: Fix cpu_hotplug variable initialization - workqueue: Revert workqueue: Fix PF_THREAD_BOUND abuse - workqueue: Revert workqueue: Fix cpuhotplug trainwreck [ Arnaud Patard ] * [mipsel] add r8169 to d-i udeb. -- Ben Hutchings Sun, 22 Jul 2012 23:25:47 +0100 linux (3.2.21-3) unstable; urgency=low * driver core: remove __must_check from device_create_file (fixes FTBFS on sparc) * i2400m: Disable I2400M_SDIO; hardware did not reach production * apparmor: remove advertising the support of network rules from compat iface (Closes: #676515) * xen/netfront: teardown the device before unregistering it (Closes: #675190) * linux-{doc,manual,source,support}: Mark as capable of satisfying relations from foreign packages (Multi-Arch: foreign) (Closes: #679202) -- Ben Hutchings Thu, 28 Jun 2012 04:58:18 +0100 linux (3.2.21-2) unstable; urgency=low * [i386] cpufreq/gx: Fix the compile error * [powerpc] Enable PPC_DISABLE_WERROR (fixes FTBFS) * tracing/mm: Move include of trace/events/kmem.h out of header into slab.c (fixes FTBFS on sparc) * [i386] Disable incomplete lguest support * udeb: Add missing dependencies for various modules (see #678587) - [armel/kirkwood] fb-modules depends on kernel-image - [ia64] nic-usb-modules depends on kernel-image, nic-shared-modules, usb-modules - [ia64] sata-modules depends on kernel-image, scsi-core-modules - [ia64] scsi-modules depends on scsi-core-modules - [ia64,powerpc,ppc64] pcmcia-modules depends on kernel-image - [powerpc,ppc64] nic-pcmcia-modules depends on kernel-image, nic-shared-modules, pcmcia-modules - [powerpc,ppc64,x86] scsi-modules depends on ata-modules - [x86] nic-extra-modules depends on i2c-modules * wacom: do not crash when retrieving touch_max (Closes: #678798) * wacom: Revert unintended changes to handling of Tablet PCs (Closes: #677164) * linux-image, README.Debian: Suggest debian-kernel-handbook package [ Arnaud Patard ] * [armel, armhf] backport BPF JIT support -- Ben Hutchings Tue, 26 Jun 2012 01:56:42 +0100 linux-tools (3.2.17-1) unstable; urgency=low * New upstream stable updates: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.15 - modpost: fix ALL_INIT_DATA_SECTIONS http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.16 - perf hists: Catch and handle out-of-date hist entry maps. http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.17 - Perf: fix build breakage * Fix version insertion in perf man pages * Build usbip userland packages (Closes: #568362) - Do not build a shared library package; the API and ABI have changed from libusbip0 but there has been no upstream soversion change * usbipd: Enable TCP wrappers for access control -- Ben Hutchings Sun, 24 Jun 2012 02:52:26 +0100 linux (3.2.21-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.21 - NFSv4.1: Fix a request leak on the back channel - target: Return error to initiator if SET TARGET PORT GROUPS emulation fails - USB: add NO_D3_DURING_SLEEP flag and revert 151b61284776be2 - USB: fix gathering of interface associations [ Ben Hutchings ] * [ia64,powerpc] udeb: Add crc-itu-t to crc-modules; make firewire-core-modules depend on it (fixes FTBFS) * [arm,m68k,sh4] udeb: Build ipv6-modules * ethtool: allow ETHTOOL_GSSET_INFO for users * [rt] bump version to 3.2.20-rt32 * cpu: Convert 'cpu' and 'machinecheck' sysdev_class to a regular subsystem * [x86] Add driver auto probing for x86 features - crypto: Add support for x86 cpuid auto loading for x86 crypto drivers (Closes: #568008) - intel-idle: convert to x86_cpu_id auto probing - HWMON: Convert coretemp to x86 cpuid autoprobing - HWMON: Convert via-cputemp to x86 cpuid autoprobing - cpufreq: Add support for x86 cpuinfo auto loading (Closes: #664813) * [x86] ACPI: Load acpi-cpufreq from processor driver automatically * Bump ABI to 3 * input: Add Synaptics USB device driver (Closes: #678071) * [x86] udeb: Fix dependencies for nic-wireless-modules [ Aurelien Jarno ] * [mips,mipsel] udeb: Remove rivafb and nvidiafb. * [ppc64]: add udebs, based on powerpc/powerpc64. [ Bastian Blank ] * Support build-arch and build-indep make targets. [ Arnaud Patard ] * [armel/kirkwood] Add dreamplug and iconnect support (Closes: #675922) -- Ben Hutchings Fri, 22 Jun 2012 13:54:15 +0100 linux (3.2.20-1) unstable; urgency=low * The "Confused? You Won't Be" release * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.20 - cifs: fix oops while traversing open file list (try #4) - mm/fork: fix overflow in vma length when copying mmap on clone - mm: fix faulty initialization in vmalloc_init() - x86, amd, xen: Avoid NULL pointer paravirt references - ext4: force ro mount if ext4_setup_super() fails - ext4: disallow hard-linked directory in ext4_lookup - ext4: add missing save_error_info() to ext4_error() - ALSA: usb-audio: fix rate_list memory leak - Bluetooth: btusb: typo in Broadcom SoftSailing id (Closes: #674565) - ipv4: Do not use dead fib_info entries. - ipv4: fix the rcu race between free_fib_info and ip_route_output_slow - l2tp: fix oops in L2TP IP sockets for connect() AF_UNSPEC case - btree: fix tree corruption in btree_get_prev() - asix: allow full size 8021Q frames to be received (Closes: #676545) - ext4: don't trash state flags in EXT4_IOC_SETFLAGS - ext4: fix the free blocks calculation for ext3 file systems w/ uninit_bg [ Ben Hutchings ] * Rename source package to 'linux' (Closes: #636010) * Convert source package format to 3.0 (quilt) - Convert patch system to quilt, except for the 'orig' patch series - Use xz compression for upstream and Debian tarballs - README.source: Update description of patch system to match current usage - linux-patch-debian: Remove; it is no longer necessary for GPL compliance and does not work with our current patch management * linux-image: Change package name for bugs to 'src:linux' (Closes: #644198) * DFSG: video: Remove nvidiafb and rivafb, which include apparently obfuscated code (Closes: #383481, #609615). The nouveau driver supports all the same hardware, aside from RIVA 128 (NV3). * udeb: Add udf-modules containing UDF filesystem module (Closes: #613972) * [mipsel/loongson2f] linux-image: Recommend libc6-loongson2f (Closes: #629410) * Build-Depend on kmod or module-init-tools, not just the latter * test-patches: Recognise the rt featureset automatically * udeb: Build-Depend on kernel-wedge >= 2.84; this allows us to list modules as required even if they are built-in in some configurations * filter: Allow to create sk-unattached filters * proc: Backport hidepid mount option from Linux 3.4 (Closes: #669028) * NFSv4: Reduce the footprint of the idmapper (Closes: #657078) * [i386] thp: avoid atomic64_read in pmd_read_atomic for 32bit PAE (Closes: #676360) * linux-source: Add single patch for each featureset * [x86] Enable CRASH_DUMP, PROC_VMCORE (Closes: #623177) * media/dvb: Enable DVB_DDBRIDGE as module (Closes: #676952) * net: sock: validate data_len before allocating skb in sock_alloc_send_pskb() (CVE-2012-2136) * macvtap: zerocopy: fix offset calculation when building skb * macvtap: zerocopy: fix truesize underestimation * macvtap: zerocopy: put page when fail to get all requested user pages * macvtap: zerocopy: set SKBTX_DEV_ZEROCOPY only when skb is built successfully * macvtap: zerocopy: validate vectors before building skb (CVE-2012-2119) * KVM: Fix buffer overflow in kvm_set_irq() (CVE-2012-2137) [ Bastian Blank ] * [s390/s390x,s390x/s390x] Build debugging symbols. -- Ben Hutchings Mon, 11 Jun 2012 02:46:34 +0100 linux-2.6 (3.2.19-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.19 - hpsa: Fix problem with MSA2xxx devices (Closes: #661057) - IB/core: Fix mismatch between locked and pinned pages - iommu: Fix off by one in dmar_get_fault_reason() - vfs: make AIO use the proper rw_verify_area() area helpers - HID: logitech: read all 32 bits of report type bitfield (Closes: #671292) - USB: Remove races in devio.c - ext{3,4}: Fix error handling on inode bitmap corruption - uvcvideo: Fix ENUMINPUT handling - dl2k: Clean up rio_ioctl (CVE-2012-2313) - [x86] MCE: Fix vm86 handling for 32bit mce handler - [x86] mce: Fix check for processor context when machine check was taken. - ethtool: Null-terminate filename passed to ethtool_ops::flash_device - NFSv4: Fix buffer overflows in ACL support (CVE-2012-2375) + Avoid reading past buffer when calling GETACL + Avoid beyond bounds copy while caching ACL [ Ben Hutchings ] * be2net: Backport most changes up to Linux 3.5-rc1, thanks to Sarveshwar Bandi (Closes: #673391) - Add support for Skyhawk cards * net/sched: Add codel and fq_codel from Linux 3.5-rc1 * [x86] udeb: Add hyperv-modules containing Hyper-V paravirtualised drivers * [x86] ata_piix: defer disks to the Hyper-V drivers by default * [x86] drm/i915:: Disable FBC on SandyBridge (Closes: #675022) * AppArmor: compatibility patch for v5 interface (Closes: #661151) * hugepages: fix use after free bug in "quota" handling (CVE-2012-2133) * [x86] mm: pmd_read_atomic: fix 32bit PAE pmd walk vs pmd_populate SMP race condition (CVE-2012-2373) * hugetlb: fix resv_map leak in error path (CVE-2012-2390) * [SCSI] fix scsi_wait_scan (Closes: #647436) -- Ben Hutchings Fri, 01 Jun 2012 13:15:48 +0100 linux-2.6 (3.2.18-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.18 - hugetlb: prevent BUG_ON in hugetlb_fault() -> hugetlb_cow() - net: l2tp: unlock socket lock before returning from l2tp_ip_sendmsg - [sparc] sparc64: Do not clobber %g2 in xcall_fetch_glob_regs(). - ext4: avoid deadlock on sync-mounted FS w/o journal - brcm80211: smac: fix endless retry of A-MPDU transmissions (Closes: #672891) - target: Fix SPC-2 RELEASE bug for multi-session iSCSI client setups - ALSA: hda/idt - Fix power-map for speaker-pins with some HP laptops (Closes: #672582) - usbnet: fix skb traversing races during unlink(v2) - [arm] prevent VM_GROWSDOWN mmaps extending below FIRST_USER_ADDRESS [ Jonathan Nieder ] * wacom: Add support for various tablet models (Closes: #671801) * rt2800usb: Add support for Ralink RT5392/RF5372 chipset (Closes: #673186) [ Ben Hutchings ] * test-patches: Fix -j option, broken since 3.1.0-1~experimental.1 * rt2800usb: Re-enable powersaving by default, as it should work better than in 2.6.38 * [sparc,sparc64] Build virtio-modules-udeb for use in qemu (Closes: #673320) * KVM: mmu_notifier: Flush TLBs before releasing mmu_lock * [x86] KVM: nVMX: Fix erroneous exception bitmap check * [x86] KVM: VMX: vmx_set_cr0 expects kvm->srcu locked * [s390] KVM: do store status after handling STOP_ON_STOP bit * [s390] KVM: Sanitize fpc registers for KVM_SET_FPU * ACPI battery: only refresh the sysfs files when pertinent information changes (Closes: #670958) -- Ben Hutchings Mon, 21 May 2012 04:07:08 +0100 linux-2.6 (3.2.17-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.17 - md: fix possible corruption of array metadata on shutdown. - ext4: fix endianness breakage in ext4_split_extent_at() - KVM: unmap pages from the iommu when slots are removed (CVE-2012-2121) - btrfs: btrfs_root_readonly() broken on big-endian - ocfs2: Fix various bugs affecting big-endian architectures - lockd: fix the endianness bug - phonet: Check input from user before allocating - netlink: fix races after skb queueing - net: fix a race in sock_queue_err_skb() - net/ethernet: ks8851_mll fix rx frame buffer overflow - x86, apic: APIC code touches invalid MSR on P5 class machines - drm/i915: fix integer overflow in i915_gem_execbuffer2() - drm/i915: fix integer overflow in i915_gem_do_execbuffer() - USB: cdc-wdm: fix race leading leading to memory corruption - autofs: make the autofsv5 packet file descriptor use a packetized pipe (Closes: #633423) - efi: Validate UEFI boot variables - efivars: Improve variable validation - fs/cifs: fix parsing of dfs referrals - hfsplus: Fix potential buffer overflows (CVE-2012-2319) - exit_signal: fix the "parent has changed security domain" logic [ Ben Hutchings ] * aufs: Enable AUFS_EXPORT * ext4: Report max_batch_time option correctly (Closes: #654206) * [i386/rt-686-pae] Enable HIGHMEM64G as intended for this configuration * NFSv4: Revalidate uid/gid after open (Closes: #659111) * sky2: propogate rx hash when packet is copied * sky2: fix receive length error in mixed non-VLAN/VLAN traffic (Closes: #492853) * KVM: Ensure all vcpus are consistent with in-kernel irqchip settings (CVE-2012-1601) * KVM: lock slots_lock around device assignment (CVE-2012-2121) * [rt] bump version to 3.2.16-rt27 [ Bastian Blank ] * [s390] Enable IUCV special message support. (closes: #671238) [ Arnaud Patard ] * [armhf] Add vexpress support from Vagrant Cascadian with a slightly modified kernel configuration (Closes: #670462) * [armel] Introduce a new udeb module for leds and use it on kirkwoord kernel thanks to Simon Guinot (Closes: #671200) -- Ben Hutchings Sat, 12 May 2012 15:29:09 +0100 linux-2.6 (3.2.16-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.16 - drm/i915: properly compute dp dithering for user-created modes (Closes: #666360) - md/bitmap: prevent bitmap_daemon_work running while initialising bitmap - [ia64] Fix futex_atomic_cmpxchg_inatomic() (Closes: #659485) - USB: serial: fix race between probe and open - fcaps: clear the same personality flags as suid when fcaps are used (CVE-2012-2123) - ACPICA: Fix to allow region arguments to reference other scopes (Closes: #661581) - futex: Do not leak robust list to unprivileged process - drm/radeon/kms: fix the regression of DVI connector check (Closes: #670047) [ Ben Hutchings ] * rt2x00: Identify rt2800usb chipsets. (Closes: #658067) * [x86] Add EFI boot stub support (Closes: #669033) * brcmsmac: "INTERMEDIATE but not AMPDU" only when tracing * NFSv4: Fix error handling and improve error reporting for file locking (Closes: #669270) - Rate limit the state manager for lock reclaim warning messages - Ensure that the LOCK code sets exception->inode - Ensure that we check lock exclusive/shared type against open modes * [x86] i915: Fix integer overflows in i915_gem_{do_execbuffer,execbuffer2} * Revert "autofs: work around unhappy compat problem on x86-64". Reopens #633423. -- Ben Hutchings Sun, 29 Apr 2012 08:00:53 +0100 linux-2.6 (3.2.15-1) unstable; urgency=high * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.15 - drm/radeon/kms: fix fans after resume (Closes: #596741) - sysctl: fix write access to dmesg_restrict/kptr_restrict - [x86] PCI: use host bridge _CRS info on MSI MS-7253 (Closes: #619034) - nfs: Fix length of buffer copied in __nfs4_get_acl_uncached - [x86] ioat: fix size of 'completion' for Xen (Closes: #660554) - cred: copy_process() should clear child->replacement_session_keyring [ Ben Hutchings ] * net: fix /proc/net/dev regression (Closes: #659499) * [armel/orion5x] Fix GPIO enable bits for MPP9 (Closes: #667446) * [x86] drm/i915: mask transcoder select bits before setting them on LVDS * [armhf/mx5,mipsel/loongson-2f] input: Enable INPUT_TOUCHSCREEN (Closes: #668036) * [x86] hv: Update all Hyper-V drivers to 3.4-rc1 (Closes: #661318) * hugetlb: fix race condition in hugetlb_fault() -- Ben Hutchings Sat, 14 Apr 2012 18:23:44 +0100 linux-2.6 (3.2.14-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.14 - mm: thp: fix pmd_bad() triggering in code paths holding mmap_sem read mode (CVE-2012-1179) - hugetlbfs: avoid taking i_mutex from hugetlbfs_read() - md/bitmap: ensure to load bitmap when creating via sysfs (Closes: #661558) - md: dont set md arrays to readonly on shutdown - md/raid1,raid10: avoid deadlock during resync/recovery (Closes: #584881) - md: fix clearing of the changed flags for the bad blocks list - xfs: fix inode lookup race - sysctl: protect poll() in entries that may go away - NFSv4: Rate limit the state manager warning messages (Closes: #666121) - jbd2: clear BH_Delay & BH_Unwritten in journal_unmap_buffer - ext4: ignore EXT4_INODE_JOURNAL_DATA flag with delalloc - ext4: fix race between sync and completed io work - ext4: check for zero length extent - vfs: fix d_ancestor() case in d_materialize_unique - udf: Fix deadlock in udf_release_file() - dm crypt: add missing error handling - dm thin: fix stacked bi_next usage - xfs: Fix oops on IO error during xlog_recover_process_iunlinks() - NFSv4: Fix two infinite loops in the mount code - drm/i915: suspend fbdev device around suspend/hibernate (Closes: #645547) - net: fix a potential rcu_read_lock() imbalance in rt6_fill_node() - [x86] tls: Off by one limit check - PCI: ASPM: Fix pcie devices with non-pcie children (Closes: #665420) [ Jonathan Nieder ] * ata: Enable PATA_IT8213 as module (Closes: #666506) -- Ben Hutchings Thu, 05 Apr 2012 05:02:45 +0100 linux-2.6 (3.2.13-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.13 [ Ben Hutchings ] * kbuild: do not check for ancient modutils tools [ Uwe Kleine-König ] * [rt] bump version to 3.2.12-rt22 [ Bastian Blank ] * [s390x] Ignore ABI change. -- Bastian Blank Wed, 28 Mar 2012 13:40:26 +0200 linux-tools (3.2.7-2) unstable; urgency=high * Apply upstream changes to fix various buffer overflow bugs: - perf tools: Use scnprintf where applicable - perf tools: Incorrect use of snprintf results in SEGV -- Ben Hutchings Tue, 20 Mar 2012 04:54:22 +0000 linux-2.6 (3.2.12-1) unstable; urgency=high * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.11 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.12 - aio: fix io_setup/io_destroy race - aio: fix the "too late munmap()" race - vfs: fix double put after complete_walk() - acer-wmi: No wifi rfkill on Lenovo machines (Closes: #655941) - tcp: fix false reordering signal in tcp_shifted_skb - r8169: corrupted IP fragments fix for large mtu - tcp: don't fragment SACKed skbs in tcp_mark_head_lost() - tcp: fix tcp_shift_skb_data() to not shift SACKed data below snd_una - block: Fix NULL pointer dereference in sd_revalidate_disk (Closes: #649735) - block: fix __blkdev_get and add_disk race condition [ Ben Hutchings ] * [powerpc] Enable KVM_GUEST * [s390] Ignore arch_pick_mmap_layout version change; it should not be needed by modules (fixes FTBFS) * [x86] Disable POHMELFS; this version is obsolete * epoll: Don't limit non-nested epoll paths * CIFS: Fix a spurious error in cifs_push_posix_locks * [rt] bump rt patch to version 3.2.11-rt20 * aufs: Update to aufs3.2-20120312 * tcp: fix syncookie regression * ipv6: Don't dev_hold(dev) in ip6_mc_find_dev_rcu [ Jonathan Nieder ] * [x86] Enable RTS5139 as module (Closes: #663912) -- Ben Hutchings Tue, 20 Mar 2012 04:32:51 +0000 linux-2.6 (3.2.10-1) unstable; urgency=high * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.10 - regset: Prevent null pointer reference on readonly regsets (CVE-2012-1097) [ Uwe Kleine-König ] * [rt] bump rt patch to version 3.2.9-rt17 * [rt] fix conflict between the security restrictions on links introduced in 3.2.9-1 and rt (Closes: #663269) [ Aurelien Jarno ] * [mips,mipsel] Mark ext4-modules as provided by the kernel-image udeb, remove ide-core-modules provide. [ Ben Hutchings ] * [x86,ia64] PCI/hotplug: Build-in common hotplug drivers: - Change HOTPLUG_PCI, HOTPLUG_PCI_PCIE to built-in - [x86] Change HOTPLUG_PCI_ACPI to built-in (Closes: #663433) - [ia64] Enable HOTPLUG_PCI_SGI as built-in * linux-headers: Remove unused, broken symlinks to Kbuild (Closes: #663597) * udeb: Remove dependency of {pcmcia,usb}-storage-modules on ide-core-modules * [mips,mipsel] Mark ata-modules as provided by the kernel-image udeb for most flavours -- Bastian Blank Tue, 13 Mar 2012 17:19:32 +0100 linux-tools (3.2.7-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.7 - perf tools: Fix perf stack to non executable on x86_64 - perf evsel: Fix an issue where perf report fails to show the proper percentage -- Ben Hutchings Mon, 05 Mar 2012 00:19:02 +0000 linux-2.6 (3.2.9-1) unstable; urgency=high * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.8 - [i386] i387: move TS_USEDFPU flag from thread_info to task_struct - [x86] additional refactoring of FPU/SSE state save and restore http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.9 - vfs: fix d_inode_lookup() dentry ref leak - target: Allow control CDBs with data > 1 page - epoll: introduce POLLFREE to flush ->signalfd_wqh before kfree() - epoll: ep_unregister_pollwait() can use the freed pwq->whead - epoll: limit paths (CVE-2011-1083) - cdrom: use copy_to_user() without the underscores [ Bastian Blank ] * [mips,mipsel] Also remove ext4 modules from installer. [ Ben Hutchings ] * Update debconf template translations: - Update Dutch (Willem Kuyn) (Closes: #658736) - Add Polish (Michał Kułach) (Closes: #658912) * Bump ABI to 2 * fs: Introduce and enable security restrictions on links: - Do not follow symlinks in /tmp that are owned by other users (sysctl: fs.protected_symlinks) - Do not allow unprivileged users to create hard links to sensitive files (sysctl: fs.protected_hardlinks) (Closes: #609455) + This breaks the 'at' package in stable, which will be fixed shortly (see #597130) The precise restrictions are specified in Documentation/sysctl/fs.txt in the linux-doc-3.2 and linux-source-3.2 packages. * iwlwifi: fix key removal (Closes: #651199) * cgroups: Set CGROUP_PERF * hid: Enable HID_HOLTEK, HID_PRIMAX, HID_SPEEDLINK, HID_WIIMOTE as modules, HID_ACRUX_FF * media/rc: Enable RC_ATI_REMOTE as module * gspca: Enable USB_GSPCA_TOPRO as module * dvb-usb: Enable DVB_USB_PCTV452E, DVB_USB_MXL111SF as modules [ Uwe Kleine-König ] * [x86] Update rt featureset to 3.2.9-rt15 -- Ben Hutchings Sun, 04 Mar 2012 15:32:20 +0000 linux-2.6 (3.2.7-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.7 [ Ben Hutchings ] * Add Turkish debconf template translations (Mert Dirik) (Closes: #660117) * [amd64] Disable BLK_DEV_IDEPNP, BLK_DEV_OPTI621, IDE_GENERIC * Use libata-based drivers for most of the remaining PATA controllers: - pata_legacy replaces ide-generic - pata_isapnp replaces ide-pnp - pata_opti replaces opti621 - pata_hpt366 and pata_hpt37x replace hpt366 - pata_ninja32 replaces delkin_cb - pata_cs5535 replaces cs5535 - pata_winbond replaces sl82c105 - [alpha] pata_cypress replaces cy82c693 - [hppa] pata_ns87415 replaces ns87415 - [sparc] Various replacements, as for x86 in 2.6.32-10 * Disable old IDE subsystem [!ia64,m68k]: - Disable BLK_DEV_IT8172, BLK_DEV_IT8213, BLK_DEV_TC86C001, BLK_DEV_TRM290 - [alpha] Disable BLK_DEV_4DRIVES, BLK_DEV_ALI14XX, BLK_DEV_DTC2278, BLK_DEV_HT6560B, BLK_DEV_QD65XX, BLK_DEV_UMC8672 * fs: Enable EFI_PARTITION in all configurations (Closes: #660582) * [i386] Re-enable INTEL_IOMMU, IRQ_REMAP * [mips/r5k-ip32] Enable INPUT_SGI_BTNS (previously INPUT_SGIO2_BTNS) * [powerpc/powerpc64] Enable IBM_EMAC (previously IBM_NEW_EMAC) * [x86] drm/i915: do not enable RC6p on Sandy Bridge (Closes: #660265) * ipsec: be careful of non existing mac headers (Closes: #660804) * version: Use maintainer rather than uploader address for official binary packages [ Bastian Blank ] * Don't advertise Xen support for rt images. (closes: #659988) * [m68k,mips,mipsel] Use ext4 for all ext-variants. (closes: #660446) * [m68k,mips,mipsel] Don't built-in ramdisk support. * [hppa,mips,mipsel] Don't built-in cramfs support. * [alpha,hppa] Don't built-in ext2. * Remove IDE trigger for LED support. * Remove all framebuffer bootup logos. * NFSv4: Fix an Oops in the NFSv4 getacl code. -- Bastian Blank Tue, 28 Feb 2012 16:00:41 +0100 linux-2.6 (3.2.6-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.5 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.6 - ALSA: hda - Apply 0x0f-VREF fix to all ASUS laptops with ALC861/660 (Closes: #657302) - [armhf] vfp: flush thread hwstate before restoring context from sigframe - proc: mem_release() should check mm != NULL - proc: make sure mem_open() doesnt pin the targets memory - [arm] sched/rt: Fix task stack corruption under __ARCH_WANT_INTERRUPTS_ON_CTXSW - eCryptfs: Infinite loop due to overflow in ecryptfs_write() - iscsi-target: Fix reject release handling in iscsit_free_cmd() - iscsi-target: Fix double list_add with iscsit_alloc_buffs reject - pcmcia: fix socket refcount decrementing on each resume [ Aurelien Jarno ] * hwmon: backport IT8728F support for linux 3.3. [ Uwe Kleine-König ] * [amd64] Update rt featureset to 3.2.5-rt12 * [i386] enable rt featureset for 686-pae [ Arnaud Patard ] * Merge ixp4xx oops fix when probing mtd. [ Ben Hutchings ] * Change linux-image dependencies to allow kmod as an alternative to module-init-tools * relay: prevent integer overflow in relay_open() * builddeb: Don't create files in /tmp with predictable names * ath9k: fix a WEP crypto related regression (Closes: #659484) -- Ben Hutchings Thu, 16 Feb 2012 02:38:38 +0000 linux-2.6 (3.2.4-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.3 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.4 - eCryptfs: Sanitize write counts of /dev/ecryptfs - eCryptfs: Make truncate path killable - eCryptfs: Check inode changes in setattr - drm/i915: paper over missed irq issues with force wake voodoo - tpm_tis: add delay after aborting command (Closes: #649033) - USB: ftdi_sio: fix initial baud rate (Closes: #658164) - USB: Realtek cr: fix autopm scheduling while atomic (Closes: #656724) [ Ben Hutchings ] * [armel] Add mv78xx0 flavour; thanks to Steve McIntyre for the config * net: Disable FIXED_PHY; this driver only causes trouble * PCI: Rework ASPM disable code (fixes power usage regression on some systems) [ Bastian Blank ] * Remove unneeded scmversion workaround. -- Bastian Blank Sun, 05 Feb 2012 15:42:21 +0100 linux-2.6 (3.2.2-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.2 - ext4: fix undefined behavior in ext4_fill_flex_info() (CVE-2009-4307) - Unused iocbs in a batch should not be accounted as active (CVE-2012-0058) - uvcvideo: Fix integer overflow in uvc_ioctl_ctrl_map() - [arm] proc: clear_refs: do not clear reserved pages [ Ben Hutchings ] * Clean up linux-image maintainer scripts: - Stop changing 'build' and 'source' symlinks; these now belong to the linux-headers packages - Remove unused configuration variables - prerm: Remove last vestige of /usr/doc transition - postrm: Remove modules.*.bin; currently modules.builtin.bin is left behind * [alpha] Build with gcc-4.5 (Closes: #657112) * aufs: Update to aufs3.2-20120109 (fixes FTBFS on m68k) * [m68k] Fix assembler constraint to prevent overeager gcc optimisation * sdhci-pci: Include driver in installer * [armel] udeb: Do not attempt to build lzo-modules udeb as lzo_compress is now built-in (fixes FTBFS) * [armhf] udeb: Include rt2800usb in nic-modules, replacing rt2870sta which was removed from the kernel * drm: Fix authentication kernel crash * xfs: Fix missing xfs_iunlock() on error recovery path in xfs_readlink() * jbd: Issue cache flush after checkpointing * crypto: sha512 - make it work, undo percpu message schedule - crypto: sha512 - reduce stack usage to safe number * [x86] xen: size struct xen_spinlock to always fit in arch_spinlock_t * l2tp: l2tp_ip - fix possible oops on packet receive * macvlan: fix a possible use after free * tcp: fix tcp_trim_head() to adjust segment count with skb MSS * [x86] KVM: fix missing checks in syscall emulation (CVE-2012-0045) [ Thorsten Glaser ] * [m68k] Use gcc-4.6 like (almost) all other architectures * Pass the cflags define as CFLAGS_KERNEL and CFLAGS_MODULE to kbuild * [m68k] Use cflags -ffreestanding (Closes: #648996) [ Aurelien Jarno ] * [mips,octeon] Disabled CONFIG_FIXED_PHY as it conflicts with the octeon phy driver. -- Ben Hutchings Wed, 01 Feb 2012 01:44:05 +0000 linux-tools (3.2.1-2) unstable; urgency=low * Add Vcs-{Svn,Browser} fields * Reduce minimum version of linux-base to 3.4~ to support backports -- Ben Hutchings Tue, 24 Jan 2012 04:26:24 +0000 linux-2.6 (3.2.1-2) unstable; urgency=high [ Stefan Lippers-Hollmann ] * udeb: Add missing modules to nic-wireless-modules: - lib80211 encryption algorithms (lib80211_crypt_{wep,ccmptkip}) needed for e.g. ipw2x00 wlan modules (Closes: #636259) - ath9k_htc, carl9170 and rt2800{pci,usb} drivers (Closes: #636321, #636353, #636385) [ Ben Hutchings ] * Update Vcs-Browser URL for the switch to ViewVC * Point Vcs-{Svn,Browser} at trunk branch, since the sid branch does not always exist * Build linux-libc-dev without multiarch if dpkg does not support it, to support backports * proc: clean up and fix /proc//mem handling (CVE-2012-0056) [ Aurelien Jarno ] * [x86] Backport KVM nested VMX fixes from 3.3 to fix warnings and crashes of L1 guests. -- Ben Hutchings Mon, 23 Jan 2012 15:10:04 +0000 linux-tools (3.2.1-1) unstable; urgency=low * New upstream release -- Ben Hutchings Thu, 19 Jan 2012 04:17:19 +0000 linux-2.6 (3.2.1-1) unstable; urgency=low * New upstream release: http://kernelnewbies.org/Linux_3.2 * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.1 [ Aurelien Jarno ] * [arm, mips, mipsel, sh4] Add a virtio-modules udeb on flavours which can be emulated by QEMU. [ Ben Hutchings ] * media/dvb: Enable DVB_USB_IT913X as module (Closes: #653776) * [arm] Remove use of possibly undefined BUILD_BUG_ON in (fixes FTBFS) * Install /lib/modules//modules.builtin in linux-image packages * [ia64] Add accept4() syscall (Closes: #647825) * [x86] staging: Enable STAGING_MEDIA, which various drivers now depend on (Closes: #654800) * [um,m68k] Register a generic CPU device (fixes regression introduced by the fix for #649216) * [alpha] add io{read,write}{16,32}be functions, thanks to Michael Cree * net: reintroduce missing rcu_assign_pointer() calls * Input: ALPS - add support for protocol versions 3 and 4 (Closes: #618422, #648207) * [powerpc/powerpc64] udeb: Drop zlib-modules; ZLIB_DEFLATE is built-in * [amd64] iommu: Enable INTEL_IOMMU, INTEL_IOMMU_FLOPPY_WA, IRQ_REMAP * [amd64] cpufreq: Enable X86_P4_CLOCKMOD (Closes: #656328) * Refresh list of related firmware packages for bug script [ Bastian Blank ] * [amd64] crypt: Enable some amd64 only ciphers. * Packaging updates: - Use unicode. - Cleanup config handling. - Remove support for plain-xen image type. - Allow disabling debug infos for unreleased builds. [ Arnaud Patard ] * [armel] disable tomoyo and apparmor to allow kernel image to fit into flash. * [armel] add back ixp4xx gpiolib patch * [arm] backport topdown mmap support from rmk's tree * [armel] Enable support from LaCIE kirkwood devices, thanks to Simon Guinot (Closes: #655344) * [armel] Backport 88f6282 A1 support [ Jurij Smakov ] * [sparc] Add mpt2sas to scsi-common-modules udeb on sparc and sparc64, needed by Niagara T3 machines. -- Ben Hutchings Wed, 18 Jan 2012 16:14:12 +0000 linux-2.6 (3.2~rc7-1~experimental.1) experimental; urgency=low * New upstream release candidate - [powerpc] pasemi_mac: Fix building as module - [x86] mpparse: Account for bus types other than ISA and PCI (Closes: #586494) - EHCI : Fix a regression in the ISO scheduler (Closes: #651382) - [arm] setup: initialize arm_dma_zone_size earlier (Closes: #651215) [ Ben Hutchings ] * [x86] et131x: Include driver in installer (Closes: #651440) * security: Enable APPARMOR (Closes: #598408) [ Uwe Kleine-König ] * [amd64] Update rt featureset to 3.2-rc5-rt8 [ Bastian Blank ] * Use xz compression for all packages. -- Bastian Blank Wed, 28 Dec 2011 14:55:38 +0100 linux-tools (3.2~rc4-1~experimental.1) experimental; urgency=low * New upstream release candidate -- Ben Hutchings Wed, 07 Dec 2011 01:53:15 +0000 linux-2.6 (3.2~rc4-1~experimental.1) experimental; urgency=low * New upstream release candidate [ Ben Hutchings ] * aufs: Update to aufs3.x-rcN-20111114 * ieee802154: Enable IEEE802154_6LOWPAN as module * can: Enable CAN_GW, CAN_EMS_PCMCIA, CAN_PEAK_PCI as modules * nfc: enable NFC_NCI as module * scsi: Enable MVUMI as module * dm: Enable DM_THIN_PROVISIONING as module * b43: Enable B43_PHY_HT * [ia64,powerpc,sparc,x86] wireless: Enable MWIFIEX_PCIE as module * udeb: Update configuration for 3.2: - Provide the default configuration instead of including it from the kernel-wedge package - iwlagn is renamed to iwlwifi - blowfish is renamed to blowfish_generic [ Uwe Kleine-König ] * [amd64] reenable rt featureset with 3.2-rc4-rt5 -- Ben Hutchings Sat, 03 Dec 2011 23:07:41 +0000 linux-2.6 (3.1.8-2) unstable; urgency=high * igmp: Avoid zero delay when receiving odd mixture of IGMP queries (Closes: #654876) (CVE-2012-0207) -- Ben Hutchings Tue, 10 Jan 2012 00:14:39 +0000 linux-2.6 (3.1.8-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1.7 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1.8 - Revert "clockevents: Set noop handler in clockevents_exchange_device()", included in stable update 3.1.5 (Closes: #653398) - cfq-iosched: fix cfq_cic_link() race condition - binary_sysctl(): fix memory leak - cgroups: fix a css_set not found bug in cgroup_attach_proc - iwlwifi: allow to switch to HT40 if not associated (Closes: #653423) - futex: Fix uninterruptible loop due to gate_area - drm/radeon/kms: bail on BTC parts if MC ucode is missing - [sparc] sparc64: Fix masking and shifting in VIS fpcmp emulation. - llc: llc_cmsg_rcv was getting called after sk_eat_skb. - ipv4: reintroduce route cache garbage collector - Revert "rtc: Disable the alarm in the hardware" (Closes: #652869) [ Ben Hutchings ] * snapshot: Implement compat_ioctl (Closes: #502816) * drm/radeon: flush read cache for gtt with fence on r6xx and newer GPU (Closes: #646376) * rtc: Fix alarm rollover when day or month is out-of-range (Closes: #646429) * l2tp: ensure sk->dst is still valid (Closes: #652503) * Update Russian debconf template translations (Yuri Kozlov) (Closes: #653716) * v4l2-ioctl: integer overflow in video_usercopy() * Restrict ioctl forwarding on partitions and logical volumes (CVE-2011-4127) * [x86] KVM: Prevent starting PIT timers in the absence of irqchip support (CVE-2011-4622) [ Jonathan Nieder ] * prerm: Print an error message when aborting removal of the running kernel (Closes: #601962) [ Aurelien Jarno ] * [sh4] Remove core-modules udeb as it is empty. * [sh4/sh7751r] Disable CONFIG_RTS7751R2D_1. Support for this board implies IRQless IDE, which causes data corruption. -- Ben Hutchings Sun, 08 Jan 2012 16:31:16 +0000 linux-2.6 (3.1.6-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1.6 - staging: r8712u: Add new USB ID (Closes: #651622) - [arm] setup: initialize arm_dma_zone_size earlier (Closes: #651215) [ Ben Hutchings ] * [x86] Enable HYPERV, HYPERV_STORAGE, HYPERV_NET, HYPERV_UTILS, HYPERV_MOUSE as modules (Closes: #652014) * cciss: Add IRQF_SHARED back in for the non-MSI(X) interrupt handler (Closes: #650119) * udeb: Update configuration: - Provide the default configuration instead of including it from the kernel-wedge package - [x86] Include et131x (Closes: #651440) - [x86] Include isci (Closes: #652897) -- Bastian Blank Fri, 23 Dec 2011 17:02:26 +0100 linux-tools (3.1.1-3) unstable; urgency=low * Fix s390x support. -- Aurelien Jarno Sun, 18 Dec 2011 19:32:12 +0100 linux-2.6 (3.1.5-1) unstable; urgency=low * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1.5 - bridge: correct IPv6 checksum after pull (Closes: #651469) - USB: EHCI: fix HUB TT scheduling issue with iso transfer (Closes: #651015) - [x86] mpparse: Account for bus types other than ISA and PCI (Closes: #586494) [ Bastian Blank ] * Fix generation of revisions for the patch list. [ Hector Oron ] * regulator: backport fix for nullpointer dereference in core. [ Ben Hutchings ] * [x86] Enable MEMTEST (Closes: #613321, #646361) - If bad RAM is detected, WARN and recommend a more thorough test * brcmsmac: Fix I/O functions for MIPS and for big-endian architectures * [x86] Enable GPIO_PCH, GPIO_ML_IOH, I2C_EG20T, PCH_CAN, PCH_DMA, PCH_GBE, PCH_PHUB, SERIAL_PCH_UART, SPI_TOPCLIFF_PCH, USB_GADGET, USB_EG20T as modules -- Ben Hutchings Sun, 11 Dec 2011 05:28:40 +0000 linux-2.6 (3.1.4-1) unstable; urgency=low * New upstream stable updates: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1.2 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1.3 - TTY: ldisc, wait for ldisc infinitely in hangup (Closes: #645071) http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1.4 [ Martin Michlmayr ] * [armel] Set the priority of pata-modules to standard since the GLAN Tank uses PATA. [ Ben Hutchings ] * Enable BCMA as module, BCMA_HOST_PCI and B43_BCMA (Closes: #649567) but limit these to devices not supported by brcmsmac * brcmsmac: Enable as module for all architectures * Include module taint flags in bug reports * lirc_serial: Fix various bugs that may result in a crash, deadlock or other failure (Closes: #645811) * amilo-rfkill: Use proper functions to write to the i8042 safely * topology: Provide CPU topology in sysfs in !SMP configurations (Closes: #649216) [ Bastian Blank ] * Include generated headers. (closes: #650085) -- Bastian Blank Tue, 29 Nov 2011 14:14:14 +0100 linux-tools (3.1.1-2) unstable; urgency=low * Change the check for stale debian/control to tolerate binNMUs (Closes: #649005) * Rebuild with perl 5.14 (Closes: #649006) -- Ben Hutchings Thu, 17 Nov 2011 03:18:03 +0000 linux-tools (3.1.1-1) unstable; urgency=low * New upstream release [ Bastian Blank ] * Rename to linux-tools. * Use 3.0 (quilt) source format. * Properly patch modpost symbol prefix setting. * Build linux-tools binary package. -- Ben Hutchings Mon, 14 Nov 2011 04:57:47 +0000 linux-2.6 (3.1.1-1) unstable; urgency=high * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1.1 [ Aurelien Jarno ] * [s390x] Add s390x udebs, based on linux-kernel-di-s390x-2.6. * [sparc64] Sync udebs with sparc. [ Ben Hutchings ] * [powerpc] Fix module selection for {ata,ide,scsi-core}-modules udebs * [alpha] wire up accept4 syscall, thanks to Michael Cree * iwlagn: fix modinfo display for 135 ucode (Closes: #647958) * [powerpc] ptrace: Fix build with gcc 4.6 * [arm] add io{read,write}{16,32}be functions (fixes FTBFS) * cifs, freezer: add wait_event_freezekillable and have cifs use it (Closes: #488794) * [alpha] Remove old, broken udeb configuration (Closes: #647586) * DFSG: Remove drivers/staging/ft1000/ft1000-*/*.img, non-free firmware for drivers we don't build * hfs: fix hfs_find_init() sb->ext_tree NULL ptr oops (CVE-2011-2203) * vmscan: fix shrinker callback bug in fs/super.c * block: Always check length of all iov entries in blk_rq_map_user_iov() * [x86] Add amilo-rfkill driver for some Fujitsu-Siemens Amilo laptops (Closes: #631664) [ Arnaud Patard ] * [arm] add missing ioread/write be functions to ixp4xx to fix FTBFS * [armhf] allow to build kernel image for iMX51 and iMX53 and enable some iMX53 platforms. * [armhf] add ahci for iMX53, pata for iMX51 -- Ben Hutchings Sun, 13 Nov 2011 20:08:09 +0000 linux-2.6 (3.1.0-1~experimental.1) experimental; urgency=low * New upstream release: http://kernelnewbies.org/Linux_3.1 - drm/i915: FBC off for ironlake and older, otherwise on by default (Closes: #641622) - drm/radeon: Update AVIVO cursor coordinate origin before x/yorigin calculation (Closes: #585130) - crypto: ghash - Avoid null pointer dereference if no key is set [ Ben Hutchings ] * [powerpc/powerpc64] Add missing #include to LPAR console selection fix * Make kernel-wedge package checks non-fatal in experimental builds * [x86/!486] Enable INTEL_IDLE * aufs: Update to aufs3.1-20111031 (Closes: #644687) [ Bastian Blank ] * Use xz compression for debug packages. * Make gcc-4.6 the default compiler. * Use shorter versions in the package names. * Remove linux-tools-* binary package. * Drop external module packages stuff. * Set default security module to Unix Discretionary Access Controls. - Remove unneeded selinux boot parameter. -- Bastian Blank Thu, 03 Nov 2011 20:03:14 +0100 linux-2.6 (3.1.0~rc7-1~experimental.1) experimental; urgency=low * New upstream release candidate [ Ben Hutchings ] * Build udebs for the installer -- Ben Hutchings Sun, 25 Sep 2011 22:52:50 +0100 linux-2.6 (3.1.0~rc6-1~experimental.1) experimental; urgency=low * New upstream release candidate [ Ben Hutchings ] * [ia64] Disable GENERIC_GPIO (fixes FTBFS) * [i386] libertas: prioritize usb8388_olpc.bin firmware on OLPC machines * [armel/ixp4xx] Add gpioblib support (fixes FTBFS) * [i386] Fix alignment of alternative instruction entries (Closes: #640964) -- Ben Hutchings Wed, 21 Sep 2011 05:45:40 +0100 linux-2.6 (3.1.0~rc4-1~experimental.1) experimental; urgency=low * New upstream release candidate [ Ben Hutchings ] * aufs: Disable until it is updated for Linux 3.1 * rt: Disable until it is updated for Linux 3.1 * nfs: Enable NFSv4.1/pNFS (Closes: #627655) * [x86] ACPI: Enable ACPI_APEI_GHES as built-in (no longer modular). Enable ACPI_APEI_MEMORY_FAILURE. * netfilter: Enable IP_SET_HASH_NETIFACE as module * net: Enable NFC, NFC_PN533 as modules * video: Enable FB_UDL as module (Closes: #618261) * target: Enable ISCSI_TARGET as module * skge: Enable SKGE_GENESIS * net/wireless: Enable RTL8192DE as module * hwmon: Enable SENSORS_EMC2103, SENSORS_LM95245, SENSORS_MAX1668, SENSORS_NTC_THERMISTOR, SENSORS_SMM665 as modules * [i386] Enable GPIO_CS5535, MFD_CS5535, CS5535_MFGPT, CS5535_CLOCK_EVENT_SRC, GPIO_VX855, MFD_VX855 as modules; [i386/486] Enable OLPC_XO1_PM, OLPC_XO1_RTC, OLPC_XO1_SCI, OLPC_XO15_SCI (Closes: #639113) * media/dvb: Enable DVB_NET * media/rc: Enable IR_MCE_KBD_DECODER as module * gspca: Enable USB_GSPCA_SE401 as module * de4x5: Disable on all architectures except alpha (Closes: #639538) * wl128x: Disable on all flavours except armhf/omap * Make bug script accept failure of lspci (Closes: #639439) * [alpha] Disable GENERIC_GPIO (Closes: #638696) -- Ben Hutchings Mon, 29 Aug 2011 14:48:28 +0100 linux-2.6 (3.0.0-6) unstable; urgency=high [ Uwe Kleine-König ] * [amd64] Update rt featureset to 3.0.7-rt20 [ Bastian Blank ] * Add stable 3.0.7, including: - drm/radeon: Update AVIVO cursor coordinate origin before x/yorigin calculation (Closes: #585130) - ipv6: fix NULL dereference in udp6_ufo_fragment() (Closes: #643817) For the complete list of changes, see: http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.0.7 [ Ben Hutchings ] * [powerpc] Change ATA, PATA_MACIO from module to built-in (Closes: #641210) * [powerpc] Change IDE, IDE_GD from built-in to module * Add stable 3.0.8, including: - cputimer: Cure lock inversion - drm/ttm: ensure ttm for new node is bound before calling move_notify() - drm/ttm: unbind ttm before destroying node in accel move cleanup - CIFS: Fix ERR_PTR dereference in cifs_get_root - xfs: start periodic workers later - mm: fix race between mremap and removing migration entry - x25: Prevent skb overreads when checking call user data - crypto: ghash - Avoid null pointer dereference if no key is set (CVE-2011-4081) - hfsplus: Fix kfree of wrong pointers in hfsplus_fill_super() error path For the complete list of changes, see: http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.0.8 * [{mips,mipsel}/{4,5}kc-malta] Disable X.25, as in all other configurations * ark3116: Fix initialisation order (Closes: #640391) * Add empty files to trigger generation of kernel-image udebs * aufs: Update to aufs3.0-20111031 (Closes: #644687) * xfs: Fix possible memory corruption in xfs_readlink (CVE-2011-4077) * oom: fix integer overflow of points in oom_badness (CVE-2011-4097) -- Ben Hutchings Tue, 01 Nov 2011 14:50:06 +0000 linux-2.6 (3.0.0-5) unstable; urgency=low [ Ben Hutchings ] * Bump ABI to 2 * kobj_uevent: Ignore if some listeners cannot handle message (Closes: #641661) * Build udebs for the installer * Add stable 3.0.5 and 3.0.6, including: - TTY: pty, fix pty counting - pata_via: disable ATAPI DMA on AVERATEC 3200 - atm: br2684: Fix oops due to skb->dev being NULL - alarmtimers: Avoid possible null pointer traversal - alarmtimers: Memset itimerspec passed into alarm_timer_get - alarmtimers: Avoid possible denial of service with high freq periodic timers - rtc: Fix RTC PIE frequency limit - x86, perf: Check that current->mm is alive before getting user callchain - xen/smp: Warn user why they keel over - nosmp or noapic and what to use instead. (Closes: #637308) - drm/nouveau: properly handle allocation failure in nouveau_sgdma_populate - net/9p: fix client code to fail more gracefully on protocol error - virtio: Fix the size of receive buffer packing onto VirtIO ring. - virtio: VirtIO can transfer VIRTQUEUE_NUM of pages. - fs/9p: Fid is not valid after a failed clunk. - fs/9p: When doing inode lookup compare qid details and inode mode bits. - fs/9p: Always ask new inode in create - net/9p: Fix the msize calculation. - 9p: close ACL leaks - fs/9p: Add fid before dentry instantiation - net/9p: Fix kernel crash with msize 512K - fs/9p: Always ask new inode in lookup for cache mode disabled - vfs: restore pinning the victim dentry in vfs_rmdir()/vfs_rename_dir() - cifs: fix possible memory corruption in CIFSFindNext (CVE-2011-3191) - writeback: introduce .tagged_writepages for the WB_SYNC_NONE sync stage - writeback: update dirtied_when for synced inode to prevent livelock - fib:fix BUG_ON in fib_nl_newrule when add new fib rule - scm: Capture the full credentials of the scm sender - vlan: reset headers on accel emulation path - xfrm: Perform a replay check after return from async codepaths - bridge: Pseudo-header required for the checksum of ICMPv6 - bridge: fix a possible use after free - TPM: Call tpm_transmit with correct size (CVE-2011-1161) - TPM: Zero buffer after copying to userspace (CVE-2011-1162) - ALSA: fm801: Gracefully handle failure of tuner auto-detect (Closes: #641946) - btrfs: fix d_off in the first dirent - ARM: 7091/1: errata: D-cache line maintenance operation by MVA may not succeed - ARM: 7099/1: futex: preserve oldval in SMP __futex_atomic_op - ALSA: usb-audio: Check for possible chip NULL pointer before clearing probing flag - cfg80211: Fix validation of AKM suites - iwlagn: fix dangling scan request - block: Free queue resources at blk_release_queue() (Closes: #631187) For the complete list of changes, see: http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.0.5 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.0.6 * Make taskstats require root access (CVE-2011-2494) [ Uwe Kleine-König ] * [amd64] Update rt featureset to 3.0.6-rt16 (Closes: #643301) -- Ben Hutchings Wed, 05 Oct 2011 15:14:34 +0100 linux-2.6 (3.0.0-4) unstable; urgency=low [ Ben Hutchings ] * Make bug script accept failure of lspci (Closes: #639439) * [alpha] Disable GENERIC_GPIO (Closes: #638696) * Add stable 3.0.4, including: - loop: fix deadlock when sysfs and LOOP_CLR_FD race against each other - Btrfs: fix an oops of log replay - ext4: Fix ext4_should_writeback_data() for no-journal mode - ext4: call ext4_ioend_wait and ext4_flush_completed_IO in ext4_evict_inode - ext4: Resolve the hang of direct i/o read in handling EXT4_IO_END_UNWRITTEN. - ext4: fix nomblk_io_submit option so it correctly converts uninit blocks - xen-blkfront: Drop name and minor adjustments for emulated scsi devices - xen/x86: replace order-based range checking of M2P table by linear one - rt2x00: fix order of entry flags modification - Add a personality to report 2.6.x version numbers For the complete list of changes, see: http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.0.4 * sendmmsg/sendmsg: fix unsafe user pointer access * rt2x00: fix crash in rt2800usb_write_tx_desc * rt2x00: fix crash in rt2800usb_get_txwi (Closes: #636531) * [sparc] Only Panther cheetah+ chips have POPC (Closes: #639949) * uvcvideo: Fix crash when linking entities (Closes: #637740) * Update Spanish debconf template translations (Omar Campagne) (Closes: #636242) [ Moritz Muehlenhoff ] * Update German Debconf translation. Thanks to Holger Wansing (Closes: #641487) [ Uwe Kleine-König ] * [amd64] Update rt featureset to 3.0.4-rt14 -- Ben Hutchings Mon, 19 Sep 2011 14:40:42 +0100 linux-2.6 (3.0.0-3) unstable; urgency=low [ Ben Hutchings ] * Disable SENSORS_SHT15, unlikely to be usable on any supported platform (Closes: #638696) * Add stable 3.0.3, including: - atm: br2864: sent packets truncated in VC routed mode (Closes: #638656) For the complete list of changes, see: http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.0.3 * netfilter: TCP and raw fix for ip_route_me_harder (fixes case where SNAT/masquerading is not done) * Remove net device features from bug reports (Closes: #638956) * [mips,mipsel] Ignore nfs ABI changes made in 3.0.0-2; fixes FTBFS * genirq: Fix wrong bit operation * befs: Validate length of long symbolic links (CVE-2011-2928) * CIFS: Fix memory corruption on mount (Closes: #635344) * x86-32, vdso: On system call restart after SYSENTER, use int $0x80 * drm/ttm: fix ttm_bo_add_ttm(user) failure path * fuse: check size of FUSE_NOTIFY_INVAL_ENTRY message -- Ben Hutchings Sat, 27 Aug 2011 08:04:02 +0100 linux-2.6 (3.0.0-2) unstable; urgency=high [ Aurelien Jarno ] * Add configuration files for s390x architecture. [ Ben Hutchings ] * linux-libc-dev: Install include/asm under arch-specific directory (thanks to Aurelien for correcting the directory); mark package as multi-arch-coinstallable (Multi-Arch: same) * [powerpc] Use libata-based drivers for most PATA controllers (Closes: #636854): - Various drivers replaced as for x86 in 2.6.32-10 - pata_macio replaces ide_pmac * Add stable 3.0.2, including: - net: Cap number of elements for sendmmsg - net: Fix security_socket_sendmsg() bypass problem - [x86] xen: allow enable use of VGA console on dom0 - net: Compute protocol sequence numbers and fragment IDs using MD5 - cifs: cope with negative dentries in cifs_get_root - ALSA: snd-usb: avoid dividing by zero on invalid input - ipv6: make fragment identifications less predictable (CVE-2011-2699) - sch_sfq: fix sfq_enqueue() (Closes: #631945) - gre: fix improper error handling - ecryptfs: Add mount option to check uid of device being mounted = expect uid - ecryptfs: Return error when lower file pointer is NULL - ext{3,4}: Properly count journal credits for long symlinks For the complete list of changes, see: http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.0.2 * [x86] Enable RTS_PSTOR as module [ maximilian attems ] * Add stable 3.0.1, including: - gro: Only reset frag0 when skb can be pulled (CVE-2011-2723) - staging: comedi: fix infoleak to userspace (CVE-2011-2909) - rtc: limit frequency - CIFS: Fix oops while mounting with prefixpath - [SCSI] fix crash in scsi_dispatch_cmd() - tracing: Fix bug when reading system filters on module removal - tracing: Have "enable" file use refcounts like the "filter" file - ext4: fix i_blocks/quota accounting when extent insertion fails - ext4: free allocated and pre-allocated blocks when check_eofblocks_fl fails - ext3: Fix oops in ext3_try_to_allocate_with_rsv() - nfsd4: remember to put RW access on stateid destruction - nfsd4: fix file leak on open_downgrade - NFS: Fix spurious readdir cookie loop messages - proc: fix a race in do_io_accounting() - ipc/sem.c: fix race with concurrent semtimedop() timeouts and IPC_RMID - [armel,armhf,hppa] dm io: flush cpu cache with vmapped io - dm snapshot: flush disk cache when merging For the complete list of changes, see: http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.0.1 [ Jonathan Nieder ] * perf: do not look at ./config for configuration (Closes: #632923) (CVE-2011-2905) [ Uwe Kleine-König ] * [amd64] Update rt featureset to 3.0.1-rt11 -- Ben Hutchings Tue, 16 Aug 2011 06:08:53 +0100 linux-kbuild-2.6 (3.0.0-2) unstable; urgency=low * Include new script depmod.sh (Closes: #635539) -- Ben Hutchings Fri, 29 Jul 2011 01:00:20 +0200 linux-kbuild-2.6 (3.0.0-1) unstable; urgency=low * New upstream release -- Ben Hutchings Sun, 24 Jul 2011 15:38:35 +0200 linux-2.6 (3.0.0-1) unstable; urgency=low * New upstream release: http://kernelnewbies.org/Linux_3.0 [ maximilian attems ] * Topconfig enable modular VIDEO_SR030PC30, VIDEO_NOON010PC30, SOC_CAMERA_IMX074, SOC_CAMERA_OV2640, SOC_CAMERA_OV6650, SOC_CAMERA_OV9740, USB_YUREX. * [x86] enable modular VIDEO_VIA_CAMERA. * [x86_32] enable modular XO15_EBOOK. * ALSA: hda - Enable auto-parser as default for Conexant codecs. [ Ben Hutchings ] * linux-support, linux-tools: Use dh_python2 instead of dh_pysupport * aufs: Update for 3.0 * [amd64] Enable PCMCIA_AHA152X as module (Closes: #632929) * Update debconf template translations: - Slovak (Slavko) * [x86] comedi: Enable the same drivers as in stable (squeeze), except for ISA drivers on amd64 (Closes: #633516) * Reduce required initramfs-tools version to 0.99~, to ease backporting * [armhf/mx5] Explicitly configure this flavour to support i.MX51; it is not currently possible to support other i.MX5x processors as well [ Arnaud Patard ] * Merge ixp4xx build fix and enable ixp4xx back [ Aurelien Jarno ] * [mips/octeon] Disable MEGARAID_SAS, SUSPEND, HIBERNATION, PM_RUNTIME. Enable FUSION, FUSION_SAS, HW_RANDOM, HW_RANDOM_OCTEON, OCTEON_MGMT_ETHERNET, CONFIG_OCTEON_ETHERNET. [ Bastian Blank ] * [xen] Allow autoloading of backend drivers. [ Uwe Kleine-König ] * [amd64] Add rt featureset with 3.0-rt2 patch set -- Ben Hutchings Sun, 24 Jul 2011 02:42:27 +0200 linux-2.6 (3.0.0~rc6-1~experimental.1) experimental; urgency=low * New upstream release candidate [ maximilian attems ] * Topconfig enable modular USB_NET_KALMIA, I2C_DIOLAN_U2C, SMBUS, SENSORS_SMBUS, SENSORS_SHT21, SENSORS_EMC6W201, SENSORS_SCH5627, SENSORS_ADS1015, SENSORS_W83795, SENSORS_DS620, SENSORS_LINEAGE, SENSORS_LTC4151, SENSORS_LTC4261, SENSORS_MAX16065, SENSORS_MAX6639, SENSORS_MAX6642, BT_WILINK. * [x86_32] enable modular I2C_PXA. * [x86] enable modular SENSORS_FAM15H_POWER. * drm/i915: Hold struct_mutex during i915_save_state/i915_restore_state. * [thinkpad]: Add KEY_MICMUTE and enable it on Lenovo X220. * [m68k]: resources: Add lookup_resource(). * m68k/atari: Reserve some ST-RAM early on for device buffer use. * ALSA: hda - Handle -1 as invalid position, too * ALSA: hda - Judge playback stream from stream id in azx_via_get_position() [ Ben Hutchings ] * [x86] Enable SCSI_ISCI as module -- maximilian attems Tue, 05 Jul 2011 11:05:43 +0200 linux-kbuild-2.6 (3.0.0~rc5-1~experimental.1) experimental; urgency=low * New upstream release candidate -- Ben Hutchings Wed, 29 Jun 2011 02:32:31 +0100 linux-2.6 (3.0.0~rc5-1~experimental.1) experimental; urgency=low * New upstream release candidate - fix wrong iput on d_inod. (closes: #631255, #631802) [ maximilian attems ] * [x86] enable some comedi modules. (closes: #631199) * [kirkwood] Enable sound support for the HP t5325 (closes: #631762) [ Arnaud Patard ] * [armel] disable ixp4xx, until upstream agrees on how to fix the build error * [armel] Remove configuration options which don't exist anymore * [armhf] disable net dma/async tx on mx5 as it can't work -- maximilian attems Tue, 28 Jun 2011 11:55:21 +0200 linux-2.6 (3.0.0~rc4-1~experimental.1) experimental; urgency=low * New upstream release candidate - drm/i915: Fixes. (closes: #627976) [ maximilian attems ] * [x86] enable modular INTEL_OAKTRAIL, ACPI_APEI_PCIEAER. * Topconfig enable modular RADIO_WL1273, RADIO_WL128X. [ Ben Hutchings ] * rt2800pci: Add device ID for RT539F device (Closes: #630960) * atm: Enable for all architectures except m68k, s390 (Closes: #630900) -- maximilian attems Tue, 21 Jun 2011 15:00:23 +0200 linux-2.6 (3.0.0~rc3-1~experimental.1) experimental; urgency=low * New upstream release candidate [ Ben Hutchings ] * [i386] idle: EXPORT_SYMBOL(default_idle, pm_idle) if CONFIG_APM_MODULE (only); fixes FTBFS [ maximilian attems ] * Update configs. * Topconfig enable BPF_JIT. (closes: #630553) * Update debconf pt (Américo Monteiro) translations. (closes: #627631) * Add kbuild fixes out of linux-next. -- maximilian attems Thu, 16 Jun 2011 15:04:33 +0200 linux-2.6 (3.0.0~rc2-1~experimental.1) experimental; urgency=low * New upstream release candidate [ maximilian attems ] * Newer Standards-Version 3.9.2 without changes. [ Hector Oron ] * [armel/iop32x] Fix FTBFS (Closes: #629342) [ Aurelien Jarno ] * [mips,mipsel] Update arch/mips/kernel/i8259.c to fix FTBFS. * [mips,mipsel] Remove explicit disable of CONFIG_DRM_NOUVEAU and CONFIG_DRM_RADEON_KMS. [ Ben Hutchings ] * perf: Cancel -Werror compiler option; fixes FTBFS with perl 5.14 * qla4xxx: Remove our fix for #598503; it has now been fixed upstream in a different way and the two changes resulted in FTBFS * [ia64] nouveau: Disable ACPI support. It probably wasn't very useful on ia64, and now depends on mxm-wmi which is definitely x86-only. * Make gcc-4.5 the default compiler (except for alpha, hppa and m68k) * Restore xen-linux-system-- packages -- Ben Hutchings Thu, 09 Jun 2011 01:10:53 +0100 linux-kbuild-2.6 (3.0.0~rc1-1~experimental.1) experimental; urgency=low * New upstream release candidate * Remove docproc, no longer required for module builds -- Ben Hutchings Wed, 01 Jun 2011 10:21:01 +0100 linux-2.6 (3.0.0~rc1-1~experimental.1) experimental; urgency=low * New upstream release candidate [ Ben Hutchings ] * [x86] Enable BACKLIGHT_APPLE, replacing BACKLIGHT_MBP_NVIDIA (Closes: #627492) * cgroups: Disable memory resource controller by default. Allow it to be enabled using kernel parameter 'cgroup_enable=memory'. * rt2800usb: Enable support for more USB devices including Linksys WUSB600N (Closes: #596626) (this change was accidentally omitted from 2.6.39-1) * fs: Enable FHANDLE * cgroups: Enable CGROUP_MEM_RES_CTLR_SWAP but not CGROUP_MEM_RES_CTLR_SWAP_ENABLED. Swap accounting can be enabled using kernel parameter 'swapaccount'. * ipv4: Enable IP_FIB_TRIE_STATS * netfilter: Enable IP_SET, IP_SET_BITMAP_IP, IP_SET_BITMAP_IPMAC, IP_SET_BITMAP_PORT, IP_SET_HASH_IP, IP_SET_HASH_IPPORT, IP_SET_HASH_IPPORTIP, IP_SET_HASH_IPPORTNET, IP_SET_HASH_NET, IP_SET_HASH_NETPORT, IP_SET_LIST_SET, NETFILTER_XT_SET as modules * net/sched: Enable NET_SCH_QFQ as module * can: Enable CAN_SOFTING, CAN_SOFTING_CS as modules * mtd: Enable MTD_SWAP as module * of, proc: Enable PROC_DEVICETREE * dm: Enable DM_RAID, DM_FLAKEY as modules. Note these are currently experimental. * target: Enable TCM_FC as module * net/wireless/ath: Enable CARL9170 as module (carl9170, replacing ar9170usb) * rtlwifi: Enable RTL8192SE as module (Closes: #590280) * net/wireless: Enable MWIFIEX, MWIFIEX_SDIO as modules * net/usb: Enable USB_VL600 as module * tablet: Enable drivers for all possible architectures and flavours * tablet: Enable TABLET_USB_HANWANG as module * pps: Enable PPS_CLIENT_PARPORT as module * ptp: Enable PTP_1588_CLOCK, PTP_1588_CLOCK_GIANFAR, PTP_1588_CLOCK_IXP46X as modules * [x86] watchdog: Enable SP5100_TCO, NV_TCO as modules * media/rc: Enable IR_REDRAT3, RC_LOOPBACK as module * [x86] media/rc: Enable IR_ITE_CIR, IR_FINTEK as modules * gspca: Enable USB_GSPCA_KINECT as module * [i386] radio: Enable RADIO_MIROPCM20 as module * s3fb: Enable FB_S3_DDC * viafb: Enable FB_VIA_X_COMPATIBILITY * es1968: Enable SND_ES1968_RADIO * sound: Enable SND_ISIGHT, SND_LOLA as modules * hid: Enable HID_ACRUX, HID_EMS_FF, HID_KEYTOUCH, HID_LCPOWER, HID_MULTITOUCH, HID_ROCCAT_ARVO, HID_ROCCAT_KONEPLUS, HID_ROCCAT_KOVAPLUS as modules * usb-storage: Enable USB_STORAGE_REALTEK, USB_STORAGE_ENE_UB6250 as modules * mmc: Enable MMC_VUB300, MMC_USHC as modules * memstick: Enable MEMSTICK_R592 as module * [x86] edac: Enable EDAC_I7300 as module * [i386] staging, video: Enable FB_OLPC_DCON as module * [x86] staging, drm: Enable DRM_PSB as module * crypto, net: Enable CRYPTO_USER_API_HASH, CRYPTO_USER_API_SKCIPHER as modules * [x86] block, xen: Enable XEN_BLKDEV_BACKEND as module -- Ben Hutchings Wed, 01 Jun 2011 06:41:14 +0100 linux-2.6 (2.6.39-3) unstable; urgency=low [ Ben Hutchings ] * [x86] i915: Revert "drm/i915: Enable GMBUS for post-gen2 chipsets" (Closes: #627575) * linux-source-: Suggest libqt4-dev (for 'make xconfig') instead of libqt3-mt-dev (Closes: #631666) * [armhf] Add omap flavour, thanks to Sebastian Reichel * [armhf] rtc-twl: Switch to using threaded irq * bridge/netfilter: provide a cow_metrics method for fake_ops (Closes: #629932) * Update debconf template translations: - Danish (Joe Dalton) (Closes: #632551) - Slovak (Slavko) (Closes: #608684) * partitions/efi: Fix crash (oops) caused by corrupted GUID partition table (CVE-2011-1577) * ksm: fix NULL pointer dereference in scan_get_next_rmap_item() (CVE-2011-2183) * inet_diag: Fix infinite loop in inet_diag_bc_audit() (CVE-2011-2213) * taskstats: don't allow duplicate entries in listener mode (CVE-2011-2484) * bluetooth: Prevent buffer overflow in l2cap config request (CVE-2011-2497) [ maximilian attems ] * Add stable 2.6.39.2, including: - block: Fix crash (oops) in blkdev_get() on failed exclusive open (Closes: #631574) - nl80211: fix check for valid SSID size in scan operations (CVE-2011-2517) - drm/radeon/kms: viewport height has to be even - drm/radeon/kms: fix for radeon on systems >4GB without hardware iommu - fat: Fix corrupt inode flags when remove ATTR_SYS flag - scsi: Fix oops caused by queue refcounting failure - cifs: don't allow cifs_reconnect to exit with NULL socket pointer - drm/radeon/kms: do bounds checking for 3D_LOAD_VBPNTR and bump array limit - TOMOYO: Fix oops in tomoyo_mount_acl() (CVE-2011-2518) For the complete list of changes, see: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.2 -- Ben Hutchings Mon, 04 Jul 2011 07:08:10 +0100 linux-2.6 (2.6.39-2) unstable; urgency=low [ Ben Hutchings ] * [x86] Enable BACKLIGHT_APPLE, replacing BACKLIGHT_MBP_NVIDIA (Closes: #627492) * cgroups: Disable memory resource controller by default. Allow it to be enabled using kernel parameter 'cgroup_enable=memory'. * rt2800usb: Enable support for more USB devices including Linksys WUSB600N (Closes: #596626) (this change was accidentally omitted from 2.6.39-1) * [x86] Remove Celeron from list of processors supporting PAE. Most 'Celeron M' models do not. * Update debconf template translations: - Swedish (Martin Bagge) (Closes: #628932) - French (David Prévot) (Closes: #628191) * aufs: Update for 2.6.39 (Closes: #627837) * Add stable 2.6.39.1, including: - ext4: dont set PageUptodate in ext4_end_bio() - pata_cmd64x: fix boot crash on parisc (Closes: #622997, #622745) - ext3: Fix fs corruption when make_indexed_dir() fails - netfilter: nf_ct_sip: validate Content-Length in TCP SIP messages - sctp: fix race between sctp_bind_addr_free() and sctp_bind_addr_conflict() - sctp: fix memory leak of the ASCONF queue when free asoc - md/bitmap: fix saving of events_cleared and other state - cdc_acm: Fix oops when Droids MuIn LCD is connected - cx88: Fix conversion from BKL to fine-grained locks (Closes: #619827) - keys: Set cred->user_ns in key_replace_session_keyring (CVE-2011-2184) - tmpfs: fix race between truncate and writepage - nfs41: Correct offset for LAYOUTCOMMIT - xen/mmu: fix a race window causing leave_mm BUG() - ext4: fix possible use-after-free in ext4_remove_li_request() For the complete list of changes, see: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.1 * Bump ABI to 2 * netfilter: Enable IP_SET, IP_SET_BITMAP_IP, IP_SET_BITMAP_IPMAC, IP_SET_BITMAP_PORT, IP_SET_HASH_IP, IP_SET_HASH_IPPORT, IP_SET_HASH_IPPORTIP, IP_SET_HASH_IPPORTNET, IP_SET_HASH_NET, IP_SET_HASH_NETPORT, IP_SET_LIST_SET, NETFILTER_XT_SET as modules (Closes: #629401) [ Aurelien Jarno ] * [mipsel/loongson-2f] Disable_SCSI_LPFC to workaround GCC ICE. -- Ben Hutchings Tue, 07 Jun 2011 12:14:05 +0100 linux-kbuild-2.6 (2.6.39-1) unstable; urgency=low * New upstream release -- Ben Hutchings Fri, 20 May 2011 04:53:57 +0100 linux-2.6 (2.6.39-1) unstable; urgency=low [ maximilian attems ] * [x86] Enable CRYPTO_AES_NI_INTEL for all flavours. (closes: #623631) * topconfig: Enable SND_USB_6FIRE, SND_FIREWIRE_SPEAKERS, MEDIA_CONTROLLER, DVB_USB_TECHNISAT_USB2, USB_GSPCA_NW80X, USB_GSPCA_VICAM, XEN_WDT, LOOPBACK_TARGET. * [x86] Enable modular XEN_NETDEV_BACKEND. * topconfig enable mem cgroup RESOURCE_COUNTERS, CGROUP_MEM_RES_CTLR. (closes: #534964) * Cleanup configs. [ Ben Hutchings ] * [!x86] Disable TPM drivers. TPMs are currently only fitted in PCs. * rt2800usb: Enable support for more USB devices including Linksys WUSB600N (Closes: #596626) * mm: Select SLAB allocator again. Although SLUB is currently the upstream default, this was set as an experiment rather than a recommendation! SLUB generally has poorer performance than SLAB on larger systems. * postinst: Remove specific support for running a ramdisk creator; warn users that specify one in /etc/kernel-img.conf * Require initramfs-tools >= 0.99, which installs a postinst hook [ Arnaud Patard ] * [armel] Disable eeti touchscreen driver due to missing irq_to_gpio on several platforms. -- maximilian attems Thu, 19 May 2011 15:34:37 +0200 linux-2.6 (2.6.39~rc7-1~experimental.1) experimental; urgency=low * [x86] Enable modular ASUS_WMI and ASUS_NB_WMI. (closes: #626141) * [x86] Enable modular DELL_WMI_AIO, HP_ACCEL, INTEL_IPS, ACPI_IPMI. * [x86/486] Enable modular XO1_RFKILL, XO15_EBOOK. * topconfig: Enable modular NF_CONNTRACK_TIMESTAMP, NF_CONNTRACK_SNMP, NETFILTER_XT_TARGET_AUDIT, NETFILTER_XT_MATCH_ADDRTYPE, NETFILTER_XT_MATCH_DEVGROUP, NET_SCH_SFB, NET_SCH_MQPRIO, NET_SCH_CHOKE, SATA_ACARD_AHCI, PATA_ARASAN_CF, SCSI_BNX2X_FCOE. * Add nl debconf template translation. (closes: #622967) Thanks willem kuyn . * topconfig Enable modular RTL8192CU. (closes: #625613) -- maximilian attems Tue, 10 May 2011 15:11:00 +0200 linux-2.6 (2.6.39~rc6-1~experimental.1) experimental; urgency=low * New upstream release candidate [ maximilian attems ] * Enable SQUASHFS_{LZO,XZ}. (closes: #613658) * [x86] Enable EASYCAP. (closes: #624505) [ Ben Hutchings * xhci-hcd: Include in xhci-pci.c (fixes FTBFS on armel) * [x86] Enable BRCMSMAC; the brcmsmac module replaces brcm80211 (Closes: #625510) [ Aurelien Jarno ] * drm/nouveau, drm/radeon: remove fix for non-powerpc/sparc/x86. * [mips,mipsel] Disabled CONFIG_DRM_NOUVEAU and CONFIG_DRM_RADEON_KMS. * [mips/octeon] Disabled CONFIG_HOTPLUG_CPU and CONFIG_PM. -- maximilian attems Sun, 08 May 2011 12:23:15 +0200 linux-2.6 (2.6.39~rc5-1~experimental.1) experimental; urgency=low * New upstream release candidate [ Ben Hutchings ] * [powerpc] kexec: Fix build failure on 32-bit SMP * net/wireless: Adjust config for iwlegacy/iwlwifi split (Closes: #624124) - Enable IWLWIFI_LEGACY as module - Enable IWL4965 as module; it is no longer part of the iwlagn module * [armhf] Actually install zImage into the linux-image package, thanks to Sebastian Reichel * [armhf] Build a linux-tools package * Fix configuration for features that are no longer modular, thanks to Sedat Dilek (Closes: #624372): - bluetooth: Re-enable BT_L2CAP and BT_SCO as part of bluetooth module - leds: Explicitly enable LEDS_CLASS as built-in - mfd: Explicitly disable MFD_WM8994 [ Aurelien Jarno ] * drm/nouveau, drm/radeon: fix build failure on mips. -- Ben Hutchings Fri, 29 Apr 2011 06:04:13 +0100 linux-2.6 (2.6.39~rc4-1~experimental.1) experimental; urgency=low * New upstream release candidate [ Ben Hutchings ] * [i386] Rename '686-bigmem' flavour to '686-pae'; remove '686' flavour. For 686-class systems without PAE, the '486' flavour is more efficient than the '686' flavour due to optimisation for uniprocessor systems. * Add armhf architecture with mx5 flavour, thanks to Hector Oron and Vagrant Cascadian (Closes: #621032) -- Ben Hutchings Sun, 24 Apr 2011 03:21:31 +0100 linux-2.6 (2.6.38-5) unstable; urgency=medium [ Thorsten Glaser ] * [m68k] atari: Enable and compile in generic RTC * [m68k] Backport the most urgent fixes from 2.6.39 - Add helper functions to handle kernel faults, traps and exceptions better (used by the other patches below) - Add improved support for running under the ARAnyM emulator (its native features interface) and emulated hardware + block access (similar to virtio-block) + console access (redirection to stdout) + network access (Ethernet) (Closes: #599121) * [m68k] Add patch from queue fixing atarifb console output on machines with a lot of FastRAM by reserving some ST-RAM early * [m68k] Add patch from mm mailing list to fix SLUB breakage [ Aurelien Jarno ] * [mips/octeon] Disable CONFIG_HOTPLUG_CPU. [ Ben Hutchings ] * rt2800pci, rt2800usb: Enable experimental support for more recent chips (Closes: #623808) * [x86] staging: Enable EASYCAP as module (Closes: #624505) * Add stable 2.6.38.5, including: - p54: Initialize extra_len in p54_tx_80211 - nfsd4: Fix filp leak (regression introduced in 2.6.38.3) - radeon: PLL tweaks for R7xx - nouveau: Fix notifier memory corruption bug - radeon: Fix bad shift in atom iio table parser - [x86] i915: Sanitize the output registers after resume - [x86] ideapad: Read brightness setting on brightness key notify - ath9k_hw: Partially revert "fix dma descriptor rx error bit parsing" - [s390] pfault: fix token handling - ACPI/PM: Avoid infinite recurrence while registering power resources - [hppa] slub: Disable use with DISCONTIGMEM && !NUMA - vfs: avoid large kmalloc()s for the fdtable - agp: Fix arbitrary kernel memory writes (CVE-2011-1745) - agp: Fix OOM and buffer overflow (CVE-2011-1746) For the complete list of changes, see: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.5 * [hppa] Bump ABI to 2a * mpt2sas: Prevent heap overflows and unchecked reads (CVE-2011-1494, CVE-2011-1495) * [armel] Prevent heap corruption in OABI semtimedop * can: Add missing socket check in can/bcm release (CVE-2011-1598) * ldm: Disable broken support for VBLK fragments (CVE-2011-1017) -- Ben Hutchings Sat, 07 May 2011 21:24:55 +0100 linux-2.6 (2.6.38-4) unstable; urgency=low * usb-audio: Define another USB ID for a buggy USB MIDI cable (Closes: #617743) * net: Enable BATMAN_ADV as module (Closes: #622361) * Add stable 2.6.38.3, including: - eCryptfs: Unlock page in write_begin error path - irda: validate peer name and attribute lengths (CVE-2011-1180) - irda: prevent heap corruption on invalid nickname - nilfs2: fix data loss in mmap page write for hole blocks - ALSA: pcm: fix infinite loop in snd_pcm_update_hw_ptr0() - inotify: fix double free/corruption of stuct user - perf: Fix task_struct reference leak - ROSE: prevent heap corruption with bad facilities (CVE-2011-1493) - [x86] mtrr, pat: Fix one cpu getting out of sync during resume - Input: synaptics - fix crash in synaptics_module_init() - ath9k: fix a chip wakeup related crash in ath9k_start - mac80211: fix a crash in minstrel_ht in HT mode with no supported MCS rates - UBIFS: fix oops on error path in read_pnode - quota: Don't write quota info in dquot_commit() - mm: avoid wrapping vm_pgoff in mremap() - wl12xx: fix potential buffer overflow in testmode nvs push - Bluetooth: sco: fix information leak to userspace (CVE-2011-1078) - bridge: netfilter: fix information leak (CVE-2011-1080) - Bluetooth: bnep: fix buffer overflow (CVE-2011-1079) - netfilter: ip_tables: fix infoleak to userspace (CVE-2011-1171) - netfilter: arp_tables: fix infoleak to userspace (CVE-2011-1170) - [x86] Revert "x86: Cleanup highmap after brk is concluded" (Closes: #621072) - Squashfs: handle corruption of directory structure - ext4: fix a double free in ext4_register_li_request - ext4: fix credits computing for indirect mapped files - nfsd: fix auth_domain reference leak on nlm operations - nfsd4: fix oops on lock failure - char/tpm: Fix unitialized usage of data buffer (CVE-2011-1160) - ipv6: netfilter: ip6_tables: fix infoleak to userspace (CVE-2011-1172) - econet: 4 byte infoleak to the network (CVE-2011-1173) - sound/oss: remove offset from load_patch callbacks (CVE-2011-1476, CVE-2011-1477) - inotify: fix double free/corruption of stuct user (CVE-2011-1479) For the complete list of changes, see: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.3 * Add stable 2.6.38.4, including: - vm: Fix vm_pgoff wrap in stack expansion - cifs: Always do is_path_accessible check in cifs_mount - cifs: Check for private_data before trying to put it - sn9c102: Restrict world-wirtable sysfs files - UBIFS: Restrict world-writable debugfs files - vm: Fix mlock() on stack guard page - UBIFS: Fix assertion warnings - perf: Fix task context scheduling - fib: Add rtnl locking in ip_fib_net_exit - l2tp: Fix possible oops on l2tp_eth module unload - ipv6: Fix duplicate /proc/sys/net/ipv6/neigh directory entries. - net_sched: fix ip_tos2prio - pppoe: drop PPPOX_ZOMBIEs in pppoe_flush_dev - xfrm: Refcount destination entry on xfrm_lookup - vlan: Take into account needed_headroom - bridge: Reset IPCB when entering IP stack on NF_FORWARD - futex: Set FLAGS_HAS_TIMEOUT during futex_wait restart setup - oom-kill: Remove boost_dying_task_prio() - UBIFS: Fix oops when R/O file-system is fsync'ed - sched: Fix erroneous all_pinned logic - vmscan: all_unreclaimable() use zone->all_unreclaimable as a name - next_pidmap: fix overflow condition - proc: Do proper range check on readdir offset - [powerpc] Fix oops if scan_dispatch_log is called too early - ehci: Unlink unused QHs when the controller is stopped - USB: Fix formatting of SuperSpeed endpoints in /proc/bus/usb/devices - xhci: Fix math in xhci_get_endpoint_interval() - xhci: Also free streams when resetting devices - USB: Fix unplug of device with active streams - bluetooth: Fix HCI_RESET command synchronization - bridge: Reset IPCB in br_parse_ip_options - ip: ip_options_compile() resilient to NULL skb route For the complete list of changes, see: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.4 * [s390] pfault: fix token handling (Closes: #622570) -- Ben Hutchings Sat, 23 Apr 2011 03:17:53 +0100 linux-2.6 (2.6.38-3) unstable; urgency=low [ Ben Hutchings ] * [ppc64] Add to linux-tools package architectures (Closes: #620124) * [amd64] Save cr4 to mmu_cr4_features at boot time (Closes: #620284) * appletalk: Fix bugs introduced when removing use of BKL * ALSA: Fix yet another race in disconnection * cciss: Fix lost command issue * ath9k: Fix kernel panic in AR2427 * ses: Avoid kernel panic when lun 0 is not mapped * PCI/ACPI: Report ASPM support to BIOS if not disabled from command line [ Aurelien Jarno ] * rtlwifi: fix build when PCI is not enabled. [ Martin Michlmayr ] * rtlwifi: Eliminate udelay calls with too large values (Closes: #620204) -- Ben Hutchings Wed, 06 Apr 2011 13:53:30 +0100 linux-2.6 (2.6.38-2) unstable; urgency=low [ Ben Hutchings ] * kconfig: Avoid buffer underrun in choice input (fixes FTBFS on mips) * rt2800usb: Disable powersaving by default (Closes: #618930) * b43: Enable B43_PHY_N (Closes: #619070) * net/wireless: Enable RTL8192CE as module (Closes: #619051) * Add configuration for Debian architecture ppc64, matching the powerpc/powerpc64 flavour (Closes: #618976) * Enable BOOT_PRINTK_DELAY (support for the boot_delay kernel parameter) * [x86/!486] Enable TRANSPARENT_HUGEPAGE, TRANSPARENT_HUGEPAGE_MADVISE (Closes: #618924) * [x86/486] Enable X86_32_IRIS (IRIS power-off support) (Closes: #619493) * Add stable 2.6.38.1, including: - RDMA/cma: Fix crash in request handlers (CVE-2011-0695) For the complete list of changes, see: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.1 * radeon: Add some sanity checks to obj info record parsing, thanks to John Lindgren (Closes: #618847) * [x86] KVM: remove isr_ack logic from PIC (Closes: #612105) * Add stable 2.6.38.2, including: - cgroups: If you list_empty() a head then don't list_del() it - oom: Fix various bugs in victim task selection - xen-kbdfront: Advertise either absolute or relative coordinates - signal: Prevent rt_sigqueueinfo and rt_tgsigqueueinfo from spoofing the signal code (CVE-2011-1182) - ext3: Skip orphan cleanup on rocompat fs - sysctl: Restrict write access to dmesg_restrict - proc: Protect mm start_code/end_code in /proc/pid/stat - nfsd: Fix internal NFSv4.1 operation flags to be non-overlapping - nfsd: Fix wrong limit used in NFSv4 session creation - USB: Do not pass negative length to snoop_urb() - cdc-acm: Fix various bugs that can lead to a crash or memory corruption - fs: Fix deadlock in pivot_root() - fs: Assign sb->s_bdi to default_backing_dev_info if the bdi is going away - x86: Cleanup highmap after brk is concluded - NFS: Fix a hang/infinite loop in nfs_wb_page() - ext4: Skip orphan cleanup if fs has unknown ROCOMPAT features For the complete list of changes, see: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.2 * [amd64] media/rc: Enable IR_NUVOTON as module (Closes: #619937) * [x86] media/rc: Enable IR_WINBOND_CIR as module * [x86] Enable DEBUG_SET_MODULE_RONX (Closes: #619838) * SCSI: Enable TARGET_CORE and related modules (Closes: #619298) * [hppa] Remove .size directive for flush_alias_page (should fix FTBFS) [ Jurij Smakov ] * Bump CONFIG_NR_CPUS on sparc to 256 to accomodate T2+ machines (Closes: #619435) * Bump ABI to 2 -- Ben Hutchings Tue, 29 Mar 2011 05:31:03 +0100 linux-kbuild-2.6 (2.6.38-1) unstable; urgency=low * New upstream release -- Ben Hutchings Wed, 16 Mar 2011 13:45:58 +0000 linux-2.6 (2.6.38-1) unstable; urgency=low * New upstream release: http://kernelnewbies.org/Linux_2_6_38 [ Ben Hutchings ] * Move firmware-linux-free to separate source package (firmware-free) * Move linux-base to separate source package * net/can: Enable CAN_SLCAN as module (Closes: #617629) * sound: Enable SND_ALOOP as module (Closes: #617869) * Remove the Big Kernel Lock: - adfs,appletalk,i810,ufs,usbip: Refactor locking - hpfs: Disable HPFS_FS * ext4: Disable FS_IOC_FIEMAP ioctl temporarily (together with fixes for btrfs in 2.6.38, closes: #615035) * sched: Build with SCHED_AUTOGROUP, but do not enable autogrouping by default (use sysctl kernel.sched_autogroup_enabled=1) (Closes: #618486) * Set ABI to 1 [ Aurelien Jarno] * mips/malta-[45]kc: - disable ATM, TR, WAN. - synchronize options in malta-4kc and malta-5kc. -- Ben Hutchings Wed, 16 Mar 2011 04:47:57 +0000 linux-2.6 (2.6.38~rc8-1~experimental.1) experimental; urgency=low * New upstream release candidate [ Ben Hutchings ] * [sparc] Fix .size directive for do_int_load * [arm] Fix .size directive for xscale_dma_a0_map_area -- Ben Hutchings Sat, 12 Mar 2011 03:31:52 +0000 linux-2.6 (2.6.38~rc7-1~experimental.1) experimental; urgency=low [ maximilian attems ] * New upstream release candidate - swiotlb: Fix wrong panic (Closes: #615990) * x86: Set DRM_I915_KMS on request by xorg team. [ Ben Hutchings ] * [x86] Correct typos in label names in two asm functions (Closes: #616426) * [x86] Enable VT6656, loading firmware from a separate file (requires firmware-linux-nonfree 0.29) (Closes: #568454) * perf: Build with libdwarf for improved analysis capabilities * perf: Build with newt for improved user interface (Closes: #615868) * aufs: Update for 2.6.38 * aufs: Fix device numbers passed to security_path_mknod() * dib0700/dib7000m: Add pid filtering (Closes: #614837) * [powerpc] Revert fb module changes (Closes: #614221) -- Ben Hutchings Tue, 08 Mar 2011 02:34:04 +0000 linux-2.6 (2.6.38~rc6-1~experimental.1) experimental; urgency=low [ Ben Hutchings ] * New upstream release candidate - drm/radeon/kms: hopefully fix pll issues for real (v3) (Closes: #614566) - r8169: Keep firmware in memory (Closes: #609538) - [sparc] Fix misaligned tracing information which the module loader does not support (Closes: #609371) - [sh4] Export cpu_core_map to fix build failure with CONFIG_SFC=m. - [armel] Support for Buffalo LS-CHL (Closes: #590105). - btrfs: Prevent heap corruption in btrfs_ioctl_space_info() (CVE-2011-0699) - [s390] Remove task_show_regs (CVE-2011-0710) * DFSG: Remove drivers/staging/ft1000/ft1000-pcmcia/boot.h, non-free firmware for a driver we don't build (Closes: #609448) * module,bug: Add TAINT_OOT_MODULE flag for modules that weren't built in-tree [ maximilian attems ] * [x86] linux-images suggest extlinux, s/grub/grub-pc/. (closes: #613909) [ Aurelien Jarno] * mips/swarm: enable PATA drivers that have been lost during IDE -> PATA conversion. * mips/malta-[45]kc: set VIRTUALIZATION. -- maximilian attems Tue, 22 Feb 2011 14:36:33 +0100 linux-2.6 (2.6.37-2) unstable; urgency=low [ Ben Hutchings ] * Add stable 2.6.37.1: - libata: Set queue DMA alignment to sector size for ATAPI too - USB: serial: add missing .usb_driver field in serial drivers - USB: EHCI: fix scheduling while atomic during suspend - zram: Fix data corruption issue - brcm80211: Fix suspend/resume issue - ath9k: Fix system hang when resuming from S3/S4 - SCSI: Fix medium error problems with some arrays which can cause data corruption - libsas: Fix runaway error handler problem - NFS: Don't use vm_map_ram() in readdir - NFS: Fix NFSv3 exclusive open semantics - /proc/kcore: Fix seeking - mm: Fix migration hangs on anon_vma lock - writeback: Stop background/kupdate works from livelocking other works - writeback: Avoid livelocking WB_SYNC_ALL writeback - ext4: Fix trimming of a single group - af_unix: Avoid socket->sk NULL OOPS in stream connect security hooks - virtio_net: Add schedule check to napi_enable call - ptrace: Use safer wake up on ptrace_detach() - net: Fix ip link add netns oops - SMP: Fix smp_call_function_many() SMP race - md: Ensure no IO request to get md device before it is properly initialised - PM/runtime: Don't enable interrupts while running in_interrupt - [x86] mm: Avoid possible bogus TLB entries by clearing prev mm_cpumask after switching mm * Kbuild: Include localversion file in linux-headers-*; fixes output of 'make kernelrelease' * Add stable 2.6.37.2: - nfsd: Memory corruption due to writing beyond the stat array - xen: p2m: Correctly initialize partial p2m leaf - av7110: Check for negative array offset (CVE-2011-0521) - cred: Fix kernel panic upon security_file_alloc() failure - btrfs: Prevent heap corruption in btrfs_ioctl_space_info() (CVE-2011-0699) - cred: Fix BUG() upon security_cred_alloc_blank() failure - cred: Fix memory and refcount leaks upon security_prepare_creds() failure - PCI: Use security_capable() when checking capablities during config space read - [s390] Remove task_show_regs (CVE-2011-0710) - PM/hibernate: Return error code when alloc_image_page() fails - fs/partitions: Validate map_count in Mac partition tables - workqueue: Wake up a worker when a rescuer is leaving a gcwq - ALSA: caiaq - Fix possible string-buffer overflow * Set ABI to 2 [ Martin Michlmayr ] * [armel/orion5x] Re-enable all devices. * [armel/kirkwood] Re-enable Seagate FreeAgent DockStar support. -- Ben Hutchings Sat, 26 Feb 2011 03:16:16 +0000 linux-kbuild-2.6 (2.6.37-1) unstable; urgency=low * Upload to unstable -- Ben Hutchings Tue, 15 Feb 2011 14:15:36 +0000 linux-2.6 (2.6.37-1) unstable; urgency=low [ Ben Hutchings ] * [arm] ixp4xx: Revert build fix, now applied upstream which resulted in another build failure * r8169: Keep firmware in memory (Closes: #609538) * r8712u: Firmware filename is rtlwifi/rtl8712u.bin (Closes: #602450) * [sparc] Fix misaligned tracing information which the module loader does not support (Closes: #609371) * Set ABI to 1 * Add aufs2.1, marked as staging (Closes: #573189, #613248) * fs/notify: Enable FANOTIFY (Closes: #599877) * acer-wmi, aic94xx, asus_acpi, iscsi, janz-ican3, rtc-ds1511, tc1100-wmi: Restrict write permissions on files in procfs/sysfs * nbd: Remove module-level ioctl mutex mistakenly introduced in 2.6.37 * [x86] crypto: Re-enable AES_NI_INTEL as module (Closes: #597658) * [powerpc] video/fb: Enable FB_VGA16 as built-in; build FB_CT65550, FB_NVIDIA, FB_MATROX, FB_RADEON, FB_ATY128, FB_ATY, FB_SIS, FB_3DFX as modules (Closes: #609615) [ Aurelien Jarno ] * [sh4] Export cpu_core_map to fix build failure with CONFIG_SFC=m. * [mips/5kc-malta] Enable CONFIG_VGA_CONSOLE. [ Bastian Blank ] * Enable CIFS fscache and ACL support. * Enable Xen PCI frontend. -- Ben Hutchings Tue, 15 Feb 2011 04:14:09 +0000 linux-kbuild-2.6 (2.6.37-1~experimental.1) experimental; urgency=low * New upstream version * Include new script gcc-goto.sh -- Ben Hutchings Sun, 16 Jan 2011 15:14:34 +0000 linux-2.6 (2.6.37-1~experimental.1) experimental; urgency=low * New upstream release: http://kernelnewbies.org/Linux_2_6_37 - starfire: Fix dma_addr_t size test for MIPS (fixes FTBFS) - watchdog: Improve failure message and documentation (Closes: #608138) [ Ben Hutchings ] * i2c-i801: Include (fixes FTBFS on alpha) * [x86] Staging: Enable R8712U as module (r8712u, replacing r8192s_usb) - Enable loading external firmware, thanks to Stefan Lippers-Hollmann * linux-base: Look for GRUB 1 configuration in both /boot/grub and /boot/boot/grub (Closes: #607863) * btrfs: Require CAP_SYS_ADMIN for filesystem rebalance (Closes: #608185) * r8169: Change RTL8111D/RTL8168D initialisation and firmware loading to match upstream version (Closes: #596390 with firmware-realtek 0.28) -- Ben Hutchings Wed, 05 Jan 2011 02:44:28 +0000 linux-2.6 (2.6.37~rc7-1~experimental.1) experimental; urgency=low * New upstream release candidate - [mips] Rename mips_dma_cache_sync back to dma_cache_sync (fixes FTBFS) [ Ben Hutchings ] * debian/copyright: Add explanation of indirect linking of perf to OpenSSL (Closes: #606520) * [powerpc,x86] Enable PATA_PCMCIA (Closes: #606324) * Disable BLK_DEV_IDECS * [alpha] Use libata-based drivers for most PATA controllers * [powerpc] linux-base: Run ybin after updating yaboot.conf (Closes: #607284) * Update debconf template translations: - Add Catalan (Jordi Mallach) - Update Danish (Joe Hansen) - Update Spanish (Omar Campagne, Javier Fernández-Sanguino) - Add Italian (Luca Bruno) - Update Japanese (Nobuhiro Iwamatsu) - Add Brazilian Portugese (Flamarion Jorge) - Update Vietnamese (Clytie Siddall) * debian/bin/test-patches: Restrict patches to featureset when building with a featureset (thanks to Tim Small) * Recommend use of 'make deb-pkg' to build custom kernel packages * [ia64] drm/nouveau: Revert unnecessary exclusion of ACPI support code -- Ben Hutchings Sat, 25 Dec 2010 16:21:09 +0000 linux-2.6 (2.6.37~rc5-1~experimental.3) experimental; urgency=low * Really apply patches added in the previous version -- Ben Hutchings Sat, 11 Dec 2010 16:27:21 +0000 linux-2.6 (2.6.37~rc5-1~experimental.2) experimental; urgency=low * Second attempt to fix FTBFS on various architectures: - [alpha] Do not use -Werror for arch/alpha - [arm/ixp4xx] Rename FREQ macro to avoid collisions (v2) - drm/nouveau: Only select ACPI_VIDEO if its dependencies are met - [mips] Change mips_sc_is_activated() to do what the comment says -- Ben Hutchings Sat, 11 Dec 2010 06:27:51 +0000 linux-2.6 (2.6.37~rc5-1~experimental.1) experimental; urgency=low * New upstream release candidate [ Ben Hutchings ] * Attempt to fix FTBFS on various architectures: - [alpha] Do not use -Werror for arch/alpha/kernel - [arm/ixp4xx] Rename FREQ macro to avoid collisions - [mips] Add the necessary parameter to mips_sc_is_activated() -- Ben Hutchings Fri, 10 Dec 2010 02:59:12 +0000 linux-2.6 (2.6.37~rc4-1~experimental.1) experimental; urgency=low * New upstream release candidate [ maximilian attems ] * Newer Standards-Version 3.9.1 without changes. [ Martin Michlmayr ] * Add ixp4xx build fix from Arnaud Patard (Closes: #602669) * [armel/kirkwood] Enable sound. * ASoC: Add support for OpenRD Ultimate (Arnaud Patard). [ Ben Hutchings ] * Enable PM_ADVANCED_DEBUG (Closes: #603254) * Disable X.25 protocol and related drivers. This 10 year old experiment has stalled and is a source of security bugs. * Disable Econet protocol. It is unmaintained upstream, probably broken, and of historical interest only. * af_802154,decnet,rds: Disable auto-loading as mitigation against local exploits. These protocol modules are not widely used and can be explicitly loaded or aliased on systems where they are wanted. * debian/rules: Change 'clean' rule to remove package build directories even after a version bump, thanks to Timo Juhani Lindfors * dm: Deal with merge_bvec_fn in component devices better (Closes: #604457) * 9p: Enable 9P_FS_POSIX_ACL * netfilter/ipvs: Enable IP_VS_PE_SIP as module * net/sched: Enable NET_ACT_CSUM as module * can: Enable CAN_SJA1000_ISA, CAN_TSCAN1 as modules * block: Enable BLK_DEV_RBD (Rados) as module * sensors: Enable AD525X_DPOT_SPI, APDS9802ALS, ISL29020, SENSORS_BH1780, SENSORS_BH1770, SENSORS_APDS990X, HMC6352, BMP085 as modules * scsi: Enable SCSI_CXGB4_ISCSI as module * net/ppp: Enable PPTP as module * net: Enable BNA, SMCTR, USB_NET_CX82310_ETH as modules * IR: Enable IR_RC5_SZ_DECODER as module * [i386] IR: Enable IR_NUVOTON as module * V4L: Enable GSPCA_KONICA, GSPCA_XIRLINK_CIT as modules * DVB: Enable USB_LME2510 as module * [i386] sound/isa: Enable SND_AZT1605, SND_AZT2316, SND_JAZZ16, SND_MSND_PINNACLE, SND_MSND_CLASSIC as modules * HID: Enable HID_UCLOGIC, HID_WALTOP, HID_ROCCAT_PYRA as modules * hid-logitech: Enable LOGIWII_FF * Enable USB_UAS (USB-attached SCSI) as module * serial: Enable USB_SERIAL_SAMBA as module * drm/nouveau: Enable DRM_I2C_SIL164 as module * perf: Use libiberty, not libbfd, for symbol demangling (Closes: #604750, #606050) * firmware: Correct copyright information and add source for CIS files (accidentally omitted when merging from sid branch) -- Ben Hutchings Sun, 05 Dec 2010 23:19:38 +0000 linux-kbuild-2.6 (2.6.36-1~experimental.1) experimental; urgency=low * New upstream version -- Ben Hutchings Mon, 15 Nov 2010 00:20:33 +0000 linux-2.6 (2.6.36-1~experimental.1) experimental; urgency=low * New upstream release: http://kernelnewbies.org/Linux_2_6_36 - writeback: always use sb->s_bdi for writeback purposes (Closes: #599466) - i7core_edac: fix panic in udimm sysfs attributes registration (Closes: #600528) [ Ben Hutchings ] * qla4xxx: Fix build on some architectures lacking 64-bit I/O (Closes: #598503) * [x86] Enable modular TM6000, TM6000_ALSA, TM6000_DVB * [x86] Staging: fix Makefile so brcm80211 will actually build (Closes: #599465) * [x86] Enable modular IDEAPAD_ACPI (Closes: #599444) * perf: Enable Perl and Python scripting - Move scripts to /usr/share/perf_-core (Closes: #599624) * crypto: Explicitly enable algorithm self-tests (Closes: #599441) * [x86] Skip looking for ioapic overrides when ioapics are not present (Closes: #598533) * [x86] ata_piix: Add device ID for ICH4-L * [armel/iop32x,ia64,x86] Disable BLK_DEV_PIIX as obsolete * [amd64] Disable DRM_I810; i81x chipsets do not support 64-bit processors * [x86] Disable DRM_I830; the i915 driver is now used instead [ Martin Michlmayr ] * Kirkwood: restrict the scope of the PCIe reset workaround -- maximilian attems Wed, 27 Oct 2010 13:23:11 +0200 linux-2.6 (2.6.36~rc6-1~experimental.1) experimental; urgency=low * New upstream release candidate - drm/i915: Ensure that the crtcinfo is populated during mode_fixup() (Closes: #592415) - USB: fix bug in initialization of interface minor numbers (Closes: #598207) [ Ben Hutchings ] * linux-base: Remove dependency on libapt-pkg-perl (Closes: #589996, really) * Disable INTEL_IDLE. It can no longer be built as a module and so was actually disabled by the previous version, but I do not consider it ready to build-in yet. * Enable modular NETFILTER_XT_TARGET_CHECKSUM, NETFILTER_XT_TARGET_IDLETIMER, NETFILTER_XT_MATCH_CPU, NETFILTER_XT_MATCH_IPVS * Reenable LOCKUP_DETECTOR, accidentally disabled by the previous version * Enable modular AD525X_DPOT_I2C, ATM_NICSTAR, CAN_ESD_USB2, CHELSIO_T4VF, FIREWIRE_NOSY, HID_ACRUX_FF, HID_ELECOM, INFINIBAND_CXGB4, INFINIBAND_QIB, MTD_PCMCIA, ORINOCO_USB, PPS_CLIENT_LDISC, RAMOOPS, SERIAL_MFD_HSU, UIO_NETX, USB_GSPCA_SPCA1528, USB_GSPCA_SQ930X, USB_SERIAL_SSU100, USB_SERIAL_ZIO, WL1271_SDIO, WL1271_SPI * Enable BT_HCIUART_ATH3K, USB_SERIAL_MOS7715_PARPORT * [x86] Enable modular SENSORS_PKGTEMP * Enable modular IR_CORE, RC_MAP, all IR decoders, IR_IMON, IR_MCEUSB, IR_ENE, IR_STREAMZAP * [x86] Enable modular LIRC drivers -- Ben Hutchings Sun, 03 Oct 2010 21:18:41 +0100 linux-2.6 (2.6.36~rc5-1~experimental.1) experimental; urgency=low * New upstream release candidate - 3c59x: Fix deadlock in vortex_error() (Closes: #595554) [ Ben Hutchings ] * speakup: Update to match Debian package version 3.1.5.dfsg.1-1 * [x86] Add brcm80211 driver for Broadcom 802.11n wireless network controllers * [x86] Set XEN_PLATFORM_PCI=y -- Ben Hutchings Tue, 21 Sep 2010 02:15:33 +0100 linux-2.6 (2.6.35-1~experimental.3) experimental; urgency=low [ Ritesh Raj Sarraf ] * Add .gnu_debuglink information into kernel modules (Closes: #555549) [ Ben Hutchings ] * linux-base: Remove dependency on libapt-pkg-perl (Closes: #589996) * Update debconf template translations: - Czech (Michal Simunek) (Closes: #590546) - Portugese (Américo Monteiro) (Closes: #590557) - French (David Prévot) (Closes: #591149) - Russian (Yuri Kozlov) (Closes: #591241) - Swedish (Martin Bagge) (Closes: #592045) - German (Holger Wansing) (Closes: #592226) * [x86] Enable samsung-laptop driver * [sparc] Enable XVR1000 driver (Closes: #574243) * Change BLK_CGROUP from module to built-in so that cfq can be the default I/O scheduler again (Closes: #593720) * [mipsel/loongson-2f] Enable smtcfb (FB_SM7XX) driver (Closes: #594642) [ Ian Campbell ] * Fixes/overrides for Linitan warnings: - Add "(meta package)" to short description of linux-headers metapackages, resolves empty-binary-package. - Add dependency on ${misc:Depends} to all packages, resolves debhelper-but-no-misc-depends. Required update to gencontrol.py to augment rather than override headers_arch_depends read from templates. - Override dbg-package-missing-depends for linux-image-*-dbg. It is not necessary to install the kernel image package to use the dbg package since the dbg package already contains a complete image with symbols. [ Bastian Blank ] * Disable Ralink staging drivers, the in-tree ones reached "works-for-me" status. [ Aurelien Jarno ] * Fix netfilter CONFIG_COMPAT support. * [sh4] set VIRTUALIZATION. * [mips] Add an octeon flavour. [ maximilian attems] * Add stable 2.6.35.3 and 2.6.35.4. -- maximilian attems Mon, 06 Sep 2010 15:16:17 +0200 linux-2.6 (2.6.35-1~experimental.2) experimental; urgency=low * images: Nuke modules.devname on removal. (closes: #590607) * Add stable 2.6.35.1 and 2.6.35.2. * mm: fix page table unmap for stack guard page properly. * mm: fix up some user-visible effects of the stack guard page. * config.loongson-2f: Enable USB and RTC for loongson-2f. Thanks Geert Stappers (closes: #583689) -- maximilian attems Mon, 16 Aug 2010 23:49:32 +0200 linux-kbuild-2.6 (2.6.35-1~experimental.1) experimental; urgency=low * New upstream version * Update policy version to 3.9.1; no changes required * Fix minor issues reported by lintian: - Add ${misc:Depends} to dependencies - Add debian/source/format file - Remove redundant priority and section fields -- Ben Hutchings Sun, 08 Aug 2010 22:31:47 +0100 linux-2.6 (2.6.35-1~experimental.1) experimental; urgency=low * New upstream release: http://kernelnewbies.org/Linux_2_6_35 - [ia64] Fix crash when gcore reads gate area (Closes: #588574) - tpm_tis: fix subsequent suspend failures (Closes: #591031) * topconfig enable BLK_CGROUP, NETFILTER_XT_TARGET_TEE, VMWARE_BALLOON, ATH9K_HTC, TOUCHSCREEN_HAMPSHIRE, TOUCHSCREEN_TPS6507X, SND_ASIHPI, SQUASHFS_XATTRS, RCU_FAST_NO_HZ, COMPACTION, IP_MROUTE_MULTIPLE_TABLES, IPV6_MROUTE_MULTIPLE_TABLES, NET_DCCPPROBE, NET_SCTPPROBE, L2TP, BT_L2CAP_EXT_FEATURES, MTD_NAND_RICOH, ATA_BMDMA, KEYBOARD_QT2160, N_GSM, SENSORS_SHT15, SENSORS_EMC1403, SENSORS_ADS7871, SENSORS_TMP102, SND_ES1968_INPUT, SND_MAESTRO3_INPUT, LEDS_LT3593, LEDS_MC13783. * x86 enable INTEL_IDLE, ACPI_HED, ACPI_APEI, ACPI_APEI_GHES, PCI_CNB20LE_QUIRK. -- maximilian attems Tue, 03 Aug 2010 16:21:16 +0200 linux-2.6 (2.6.35~rc6-1~experimental.1) experimental; urgency=low * New upstream release candidate - drm/i915: Add 'reclaimable' to i915 self-reclaimable page allocations (Closes: #534422) [ Ben Hutchings ] * [!x86] Disable FB_VIA; these GPUs are only found on x86 motherboards * ds2782_battery: Fix build failure on several architectures * postinst: Remove support for 'default' boot loaders. Warn users on upgrade if the current configuration may rely on this. * [i386/686] Remove AMD K6 from the list of supported processors; it does not implement the CMOV instruction * 3c59x: Fix call to mdio_sync() with the wrong argument (Closes: #589989) -- Ben Hutchings Sat, 24 Jul 2010 01:00:26 +0100 linux-2.6 (2.6.35~rc5-1~experimental.1) experimental; urgency=low * New upstream release candidate [ Ben Hutchings ] * Consistently name the linux-tools package and perf binary using the upstream version without any -rcN suffix -- Ben Hutchings Tue, 13 Jul 2010 01:09:27 +0100 linux-2.6 (2.6.35~rc4-1~experimental.1) experimental; urgency=low * New upstream snapshot - [hppa] clear floating point exception flag on SIGFPE signal (Closes: #559406) - Add mantis and hopper DVB drivers (Closes: #577264) - eeepc-laptop: Disable wireless hotplug on more models where the controller is not at the expected address (Closes: #576199) - qcserial: Add support for Qualcomm Gobi 2000 devices (Closes: #585661) - radeon: Fix MacBook Pro connector quirk (Closes: #585943) - r8169: Fix MDIO timing (Closes: #583139) - asix: fix setting mac address for AX88772 (Closes: #587580) - Update Marvell CESA (mv_cesa) driver (Closes: #585790): [ Ben Hutchings ] * ipr: add writeq definition if needed (Closes: #584840) * [mips] Fix boot from ATA hard drives (Closes: #584784): - Set io_map_base for several PCI bridges lacking it - Replace per-platform built-in IDE drivers with libata-based drivers - Enable BLK_DEV_SD as built-in on all platforms * Update Spanish debconf templates, thanks to Omar Campagne (Closes: #580538) * [powerpc] Enable pata_amd driver, replacing amd74xx * linux-base: Don't identify LVM2 PVs by UUID (Closes: #585852) * Move NEWS to linux-latest-2.6 (Closes: #586401) * 3c59x: Change locking to avoid use of disable_irq() (Closes: #586967) * Enable IPv6 support for IPVS (IP_VS_IPV6) (Closes: #584549) * linux-base: If the disk ID update process fails, give the user a chance to retry or change their answers (Closes: #585609) * ipv6: Clamp reported valid_lft to a minimum of 0 (Closes: #514644) * ipv6: Use interface max_desync_factor instead of static default (Closes: #514646) * [ia64, powerpc, sparc, x86] Enable KPROBES and KRETPROBES (Closes: #584130) * r8192s_usb: Fix various bugs: - Clean up in case of an error in module initialisation - Rename and remove proc directories correctly if an interface is not called wlan0 (Closes: #582972) - Correct device ID table (Closes: #584945, #587985) * [x86] Enable r8192u_usb driver * Add linux-tools- package containing the perf tool (Closes: #548715) * Enable SERIAL_USB_TI (Closes: #588096) and SERIAL_USB_WHITEHEAT * [x86] Enable EDAC_I7CORE [ maximilian attems ] * Enable DRM_RADEON_KMS. [ Martin Michlmayr ] * OpenRD-Base: revert patch "allow SD/UART1 selection" since it never made it upstream. * ARM: update mach types. * Add support for OpenRD-Ultimate. * QNAP TS-11x/TS-21x: Add MPP44 (board ID). * Add support for the HP t5325 Thin Client. * m25p80: Add support for Macronix 25L8005. * [armel/kirkwood] Enable FB_XGI and FRAMEBUFFER_CONSOLE. * [armel] Make MOUSE_PS2 modular. * [armel] Build INPUT_UINPUT for all flavours. * [armel/kirkwood] Enable FB_UDL. * [armel] Disable PARPORT_PC (Closes: #588164) [ Bastian Blank ] * Disable mISDN support for NETJet cards. The driver binds a generic PCI bridge. * Disable ISDN4Linux drivers. -- Ben Hutchings Sat, 10 Jul 2010 21:53:57 +0100 linux-2.6 (2.6.34-1~experimental.2) experimental; urgency=low [ Ben Hutchings ] * [x86] Reenable rtl8192su, accidentally disabled in previous version (Closes: #580740) * writeback: Update dirty flags in two steps * writeback: ensure that WB_SYNC_NONE writeback with sb pinned is sync (Closes: #582808) * writeback: fix non-integrity write-back * [mipsel] Add a loongson-2f flavour * [mipsel] Loongson: Define rtc device on MC146818-equipped systems * Make gcc-4.4 the default compiler * [ia64] Hardcode the output of the scripts under arch/ia64/scripts so that we can build out-of-tree modules correctly (refresh and re-add dropped patch) (Closes: #392592) * [ia64] Enable SGI SN support and mspec driver (Closes: #582224) * iwlwifi: Disable QoS when connected to a non-QoS-capable AP (Closes: #578262) * [x86] Disable e_powersaver cpufreq driver as unsafe. It has already been blacklisted by cpufrequtils. The acpi-cpufreq driver can be used instead on some VIA C7 systems. (Closes: #566208) * [amd64] ext4: Fix compat EXT4_IOC_ADD_GROUP (used by online resize) * Install debug kernel image in /usr/lib/debug/boot (Closes: #582810) * Build inet_lro as a module * [sparc] Enable CONFIG_FB_XVR500, CONFIG_FB_XVR2500 (Closes: #508108) [ maximilian attems ] * topconfig enable CFQ_GROUP_IOSCHED, MFD_WM8994, REGULATOR_MAX8649, REGULATOR_WM8994, VHOST_NET, BT_ATH3K, CRYPTO_PCRYPT. * [x86] Enable X86_PCC_CPUFREQ, VGA_SWITCHEROO (closes: #582637). [ Martin Michlmayr ] * QNAP TS-419P: Export GPIO indicating jumper setting of JP1. [ dann frazier ] * [hppa] clear floating point exception flag on SIGFPE signal (Closes: #559406) [ Aurelien Jarno ] * [sh4] fix sh_tmu clocksource following recent nohz changes. [ Moritz Muehlenhoff ] * Enable X86 board specific fixups for reboot (Closes: #536537) -- Ben Hutchings Sun, 06 Jun 2010 18:53:04 +0100 linux-kbuild-2.6 (2.6.34-1~experimental.1) experimental; urgency=low * New upstream version -- Ben Hutchings Thu, 20 May 2010 01:19:43 +0100 linux-2.6 (2.6.34-1~experimental.1) experimental; urgency=low * New upstream release: http://kernelnewbies.org/Linux_2_6_34 * New upstream release - rtl8192su: Add IDs for several more devices (Closes: #580740) [ maximilian attems ] * topconfig enable IPV6_SIT_6RD, NETFILTER_XT_TARGET_CT, IP_VS_PROTO_SCTP, NF_CONNTRACK_ZONES, CAN_PLX_PCI, TI_DAC7512, SCSI_HPSA, PATA_TOSHIBA, MACVTAP, CHELSIO_T4, IXGBEVF, QLCNIC, LIBERTAS_MESH, USB_NET_SMSC75XX, USB_SIERRA_NET, VIDEO_CX18_ALSA, USB_GSPCA_BENQ, USB_GSPCA_CPIA1, USB_GSPCA_OV534_9, USB_GSPCA_SN9C2028, RADIO_TEF6862, RADIO_SAA7706H, SND_USB_UA101, CEPH_FS, MICREL_PHY, KSZ884X_PCI, SENSORS_ADT7411, SENSORS_ASC7621, VIDEO_TLG2300, DVB_USB_AZ6027, DVB_NGENE, HID_3M_PCT, LOGIG940_FF, HID_MAGICMOUSE, HID_MOSART, HID_NTRIG, HID_QUANTA, HID_STANTUM, HID_WACOM, USB_SERIAL_QCAUX, USB_SERIAL_VIVOPAY_SERIAL, MMC_RICOH_MMC, LEDS_DELL_NETBOOKS, LOGFS. * [x86] Enable EEEPC_WMI. * Fix backlight support on some recent Thinkpads. * acpi: Fall back to manually changing SCI_EN. * Explicitly pass in whether sb is pinned or not. [ Ben Hutchings ] * Prepare debconf templates for translation (Closes: #576758) * [x86] Enable r8187se driver, previously named rtl8187se [ Aurelien Jarno ] * mips/swarm: fix boot from IDE based media (Sebastian Andrzej Siewior) (closes: #466977). * mips/*: remove SND_* options, as they are already enabled in topconfig. -- maximilian attems Wed, 19 May 2010 17:06:13 +0200 linux-2.6 (2.6.33-1~experimental.5) experimental; urgency=low [ Ian Campbell ] * Include Xen hypervisor in reportbug "related to" list. [ maximilian attems] * Add stable 2.6.33.2. [ Ben Hutchings ] * [x86] Enable ramzswap driver (Closes: #573912) * [x86] Re-enable rt2860sta and rt2870sta drivers which were accidentally disabled when moving to Linux 2.6.33 (Closes: #576723) * Add stable 2.6.33.3: - ACPI: EC: Allow multibyte access to EC; fixes temperature monitoring on some Dell laptops (Closes: #563313) [ Aurelien Jarno ] * Add support for sh4 architecture, patch by Nobuhiro Iwamatsu (Closes: #569034) * [mips*/*malta] Remove options that are present in topconfig. -- maximilian attems Wed, 05 May 2010 16:38:53 +0200 linux-2.6 (2.6.33-1~experimental.4) experimental; urgency=low [ Ben Hutchings ] * Include aufs2, marked as staging (Closes: #573189) * Remove /usr/include/drm from linux-libc-dev; let libdrm-dev provide it again (Closes: #572067) * [x86] Enable rtl8192su driver using external firmware [ maximilian attems] * Add stable 2.6.33.1. -- maximilian attems Wed, 17 Mar 2010 18:13:53 +0100 linux-2.6 (2.6.33-1~experimental.3) experimental; urgency=low [ Ben Hutchings ] * Fix regexp for binNMU versions in modules/rules.include (Closes: #524632) * linux-base: Fix bugs and improve libata transition code: - Fix calls to disk_id_to_path (renamed to id_to_path) (Closes: #572283) - Don't show empty list of devices to be relabelled - Don't update udev CD rules unnecessarily - Show the device paths to be added to udev CD rules - Ignore nonexistent devices and properly handle devices of unknown filesystem type (Closes: #572341, #572445) - Don't accept empty filesystem labels as identifiers (Closes: #572438) - For consistency with fresh installations, use or assign UUIDs rather than labels where both are available (Closes: #572376) - Replace CD/DVD/BD device names with udev-provided persistent aliases - Fix update of boot device name for LILO and related loaders - Update uswsusp resume device name -- maximilian attems Thu, 11 Mar 2010 05:58:02 +0100 linux-2.6 (2.6.33-1~experimental.2) experimental; urgency=low [ Ben Hutchings ] * Add missing debconf templates for linux-base (Closes: #571558) * Fix libata transition code for GRUB 1 config (Closes: #571662) -- maximilian attems Sun, 28 Feb 2010 17:48:11 +0100 linux-2.6 (2.6.33-1~experimental.1) experimental; urgency=low * New upstream release: http://kernelnewbies.org/Linux_2_6_33 [ maximilian attems] * [topconfig] set BLK_DEV_DRBD, DRM_NOUVEAU, DRM_NOUVEAU_BACKLIGHT, DRM_VMWGFX, SENSORS_LM73, SENSORS_AMC682, SENSORS_LIS3_I2C, SENSORS_MC13783_ADC, TOUCHSCREEN_DYNAPRO, TOUCHSCREEN_MC13783, GIGASET_CAPI, LEDS_DAC124S085, LEDS_INTEL_SS4200, LEDS_INTEL_SS4200, DVB_FIREDTV, DVB_USB_EC168, SOC_CAMERA_MT9T112, SOC_CAMERA_OV9640, USB_GSPCA_PAC7302, USB_GSPCA_STV0680, AD525X_DPOT, CAN_MCP251X, RT2800PCI, REGULATOR_MAX8660, RTC_DRV_BQ32K, RTC_DRV_MSM6242, RTC_DRV_RP5C01, VMWARE_PVSCSI, SCSI_PM8001, WIMAX_IWMC3200_SDIO, INPUT_SPARSEKMAP, SERIO_ALTERA_PS2, MANTIS_CORE, DVB_MANTIS, DVB_HOPPER. * [x86] set CS5535_MFGPT, SENSORS_K10TEMP, GEODE_WDT, MSI_WMI, TOSHIBA_BT_RFKILL, ACPI_CMPC, CRYPTO_GHASH_CLMUL_NI_INTE. [ Ben Hutchings ] * Use libata-based drivers for most PATA controllers (Closes: #444182): - pata_triflex replaces triflex - pata_atiixp replaces atiixp - pata_ns87415 replaces ns87415 - pata_sc1200 replaces sc1200 - pata_cs5536 replaces cs5536 - pata_amd replaces amd74xx - pata_sis replaces sis5513 - pata_rz1000 replaces rz1000 - pata_efar replaces slc90e66 - pata_pdc202xx_old replaces pdc202xx_old - pata_pdc2027x replaces pdc202xx_new - pata_cs5520 replaces cs5520 - pata_cs5530 replaces cs5530 - pata_cmd64x replaces cmd64x - pata_sil680 replaces siimage - pata_ali replaces alim15x3 - pata_via replaces via82cxxx - pata_serverworks replaces serverworks - pata_artop replaces aec62xx - pata_it821x replaces it821x - ata_piix, pata_oldpiix, pata_mpiix mostly replace piix - ata_generic, pata_ns87410, pata_netcell replace ide-pci-generic * Add libata transition script -- maximilian attems Thu, 25 Feb 2010 15:21:38 +0100 linux-2.6 (2.6.32-30) unstable; urgency=high [ Ben Hutchings ] * mpt2sas: Fix incorrect scsi_dma_map error checking (Closes: #606968) * Update Spanish debconf template translation (Omar Campagne, Javier Fernández-Sanguino) (Really closes: #600694) * intel-iommu: Force-disable IOMMU for iGFX on broken Cantiga revisions (Closes: #607095) * [powerpc] linux-base: Run ybin after updating yaboot.conf (Closes: #607284) * tehuti: Firmware filename is tehuti/bdx.bin * iwlwifi: Reduce a failure-prone memory allocation (Closes: #599345) * linux-base: Look for GRUB 1 configuration in both /boot/grub and /boot/boot/grub (Closes: #607863) * rt28x0: Add ieee80211_regdom module parameter mimicking cfg80211 as a workaround for incorrect region code in NVRAM (Closes: #594561) * btrfs: Require CAP_SYS_ADMIN for filesystem rebalance (Closes: #608185) * [x86] dell-laptop: Enable for some newer Dell models * r8169: Change RTL8111D/RTL8168D initialisation and firmware loading to match upstream version (Closes: #596390 with firmware-realtek 0.28) * Add stable 2.6.32.28: - NFS: Fix panic after nfs_umount() - usb-storage/libusual: Add support for Samsung YP-CP3 MP4 Player, thanks to Vitaly Kuznetsov (Closes: #555835) - bfa: Fix system crash when reading sysfs fc_host statistics (CVE-2010-4343) - IB/uverbs: Handle large number of entries in poll CQ (CVE-2010-4649) - orinoco: Fix TKIP countermeasure behaviour (CVE-2010-4648) - mm: Add security_file_mmap check to install_special_mapping (CVE-2010-4346) - sctp: Fix a race between ICMP protocol unreachable and connect() (CVE-2010-4526) - hvc_console: Fix race between hvc_close and hvc_remove (CVE-2010-2653) (previously applied as an isolated fix in 2.6.32-25) - fuse/cuse: Verify ioctl retries (CVE-2010-4650) * [powerpc] Restore device tree source files to linux-image packages (Closes: #609155) [ maximilian attems ] * [openvz] Reenable NF_CONNTRACK_IPV6. (closes: #580507) * cifs: fix another memleak, in cifs_root_iget. * b43: Fix warning at drivers/mmc/core/core.c:237 in mmc_wait_for_cmd. * drm/radeon/kms: MC vram map needs to be >= pci aperture size. * drm/radeon/kms: make sure blit addr masks are 64 bit. * drm/radeon/kms: fix handling of tex lookup disable in cs checker on r2xx. * drm/i915: Free hardware status page on unload when physically mapped. * drm/i915/overlay: Ensure that the reg_bo is in the GTT prior to writing. * drm/radeon/kms/atom: set sane defaults in atombios_get_encoder_mode(). * drm/radeon/kms: fix typos in disabled vbios code. * drm/radeon/kms: add workaround for dce3 ddc line vbios bug. * drm/radeon/kms: fix interlaced and doublescan handling. * drm/i915/sdvo: Always add a 30ms delay to make SDVO TV detection reliable. * wireless: b43: fix error path in SDIO. * drm/radeon/kms: don't apply 7xx HDP flush workaround on AGP. [ Ian Campbell ] * xen: backport TTM patches to use PCI API. Fixes PCIe GPU (specifically Radeon and Nouveau) on Xen (Closes: #601341). * xen: netback: drop SKBs which are GSO but do not have a partial checksum set (Closes: #608144). [ dann frazier ] * exec: make argv/envp memory visible to oom-killer (CVE-2010-4243) * irda: Fix information leak in IRLMP_ENUMDEVICES (CVE-2010-4529) * af_unix: limit unix_tot_inflight (CVE-2010-4249) [ Moritz Muehlenhoff ] * net: ax25: fix information leak to userland (CVE-2010-3875) * net: packet: fix information leak to userland (CVE-2010-3876) * net: tipc: fix information leak to userland (CVE-2010-3877) * inet_diag: Make sure we actually run the same bytecode we audited (CVE-2010-3880) * econet: Fix crash in aun_incoming() (CVE-2010-4342) -- Ben Hutchings Tue, 11 Jan 2011 05:42:11 +0000 linux-2.6 (2.6.32-29) unstable; urgency=high [ Ben Hutchings ] * megaraid_sas: Add support for 'entry-level' SAS controllers including the 9240 family (Closes: #604083) * tcp: Make TCP_MAXSEG minimum more correct (refinement of fix for CVE-2010-4165) * l2tp: Fix UDP socket reference count bugs in the pppol2tp driver (Closes: #604748) * USB: Retain device power/wakeup setting across reconfiguration; don't enable remote wakeup by default (Closes: #605246) * dm: Deal with merge_bvec_fn in component devices better (Closes: #604457) * Update Spanish debconf template translation (Aaron H Farias Martinez) (Closes: #600694) * perf: Use libiberty, not libbfd, for symbol demangling (Closes: #590226, #606050) * [x86] Add support for Fintek hardware watchdogs (Closes: #601187) - resource: Add shared I/O region support - hwmon: f71882fg: Use a muxed resource lock for the Super I/O port - watchdog: Add f71808e_wdt driver * bcm5974: Add reporting of multitouch events (Closes: #605450) * fusion: Set FUSION_MAX_SGE=128, the upstream default (Closes: #606096) * Add stable 2.6.32.27: - block: limit vec count in bio_kmalloc() and bio_alloc_map_data() - block: take care not to overflow when calculating total iov length - block: check for proper length of iov entries in blk_rq_map_user_iov() (CVE-2010-4163) - net: clear heap allocation for ETHTOOL_GRXCLSRLALL (CVE-2010-3861) - asus_oled: fix up some sysfs attribute permissions - ipc: initialize structure memory to zero for compat functions (CVE-2010-4073) - ipc/shm: fix information leak to userland (CVE-2010-4072) - ipc/sem: sys_semctl: fix kernel stack information leakage (CVE-2010-4083) - tty: prevent DOS in the flush_to_ldisc - [x86] KVM: VMX: Fix host userspace gsbase corruption (Closes: #604956) - KVM: VMX: fix vmx null pointer dereference on debug register access (CVE-2010-0435) - KVM: x86: fix information leak to userland (CVE-2010-3881) - firewire/cdev: fix information leak - firewire-core: fix an information leak - firewire-ohci: fix buffer overflow in AR split packet handling - bio: take care not overflow page count when mapping/copying user data (CVE-2010-4162) - sisusbvga: fix information leak to userland - iowarrior: fix information leak to userland - usb: core: fix information leak to userland - usb-storage/sierra_ms: fix sysfs file attribute - ueagle-atm: fix up some permissions on the sysfs files - cypress_cy7c63: fix up some sysfs attribute permissions - usbled: fix up some sysfs attribute permissions - trancevibrator: fix up a sysfs attribute permission - usbsevseg: fix up some sysfs attribute permissions - do_exit(): make sure that we run with get_fs() == USER_DS (CVE-2010-4258) - DECnet: don't leak uninitialized stack byte - perf_events: Fix perf_counter_mmap() hook in mprotect() (CVE-2010-4169) - frontier: fix up some sysfs attribute permissions - net/sched: fix kernel information leak in act_police - can-bcm: fix minor heap overflow (CVE-2010-3874) - ivtvfb: prevent reading uninitialized stack memory (CVE-2010-4079) - net/sched: fix some kernel information leaks * TTY: Fix error return from tty_ldisc_open() (regression in 2.6.32.27) * filter: make sure filters dont read uninitialized memory (CVE-2010-4158) * posix-cpu-timers: workaround to suppress the problems with mt exec (CVE-2010-4248) [ Ian Campbell ] * xen: disable ACPI NUMA for PV guests and allow IRQ desc allocation on any node (Closes: #603632) * xen: handle potential time discontinuity on resume (Closes: #602273) * xen: don't bother to stop other cpus on shutdown/reboot (Closes: #605448) * xen: Add cpu hotplug support to prevent crash while parsing ACPI processor tables (Closes: #602109) [ Martin Michlmayr ] * Kirkwood: Add support for 6282 based QNAP devices. -- Ben Hutchings Fri, 10 Dec 2010 05:45:11 +0000 linux-2.6 (2.6.32-28) unstable; urgency=high [ maximilian attems ] * ipc: initialize structure memory to zero for shmctl. * drm/i915: set DIDL using the ACPI video output device _ADR method return. * images: Nuke modules.devname on removal. (closes: #590607) * Newer Standards-Version 3.9.1 without changes. * drm/ttm: Clear the ghost cpu_writers flag on ttm_buffer_object_transfer. * [openvz] Update upstream patch to 2.6.32-dzhanibekov. * [openvz] ubc: Fix orphan count checks after merge. [ Martin Michlmayr ] * Update udlfb to 2.6.37: - udlfb: minor cleanups - udlfb: fix coding style issues - udlfb: fbdev character read and write support - udlfb: add DPMS support - udlfb: remove metrics_misc sysfs attribute - udlfb: revamp reference handling to insure successful shutdown - udlfb: enhance EDID and mode handling support - udlfb: fix big endian rendering error - udlfb: support for writing backup EDID to sysfs file - udlfb: add module options for console and fb_defio - udlfb: fix incorrect fb_defio implementation for multiple framebuffers - udlfb: fix checkpatch and style [ Ben Hutchings ] * Update debconf template translations: - Update Japanese (Nobuhiro Iwamatsu) (Closes: #602152) - Update Catalan (Jordi Mallach) (Closes: #602520) - Add Italian (Luca Bruno) (Closes: #602945) * sunrpc: Fix NFS client over TCP hangs due to packet loss (Closes: #589945) * brcm80211: Update to 2.6.37-rc1 * [powerpc] ALSA: Fix headphone and line-out detection on PowerMac G4 DA (Closes: #603419) * [x86] snd-hda-codec-cirrus: Add quirks for IMac 27", MacBookPro 5,5 and 7,1 * [x86] btusb: Add device IDs for MacBookPro 6,2 and 7,1 (Closes: #603651) * [x86] applesmc: Add support for iMac 9,1 and MacBookPro 2,2, 5,3, 5,4, 6,* and 7,* * [x86] applesmc, bcm5974, btusb, HID, mbp_nvidia_bl, snd-hda-codec-cirrus: Add support for MacBookAir 3,1 and 3,2 (Closes: #603395) * [x86] mbp_nvidia_bl: Add support for MacBookPro 7,1 * x25: Fix remote denial-of-service vulnerabilities: - x25 accesses fields beyond end of packet - memory corruption in X.25 facilities parsing (CVE-2010-3873) - Prevent crashing when parsing bad X.25 facilities (CVE-2010-4164) * tcp: Increase TCP_MAXSEG socket option minimum (CVE-2010-4165) * rds: Fix integer overflow in RDS cmsg handling * af_802154,decnet,econet,rds,x25: Disable auto-loading as mitigation against local exploits. These protocol modules are not widely used and can be explicitly loaded or aliased on systems where they are wanted. * atl1c: Add support for Atheros AR8151 and AR8152 (Closes: #599771) * Add stable 2.6.32.26: - synclink_cs: Fix information leak to userland - bluetooth: Fix missing NULL check - [x86] KVM: VMX: Fix host GDT.LIMIT corruption - [x86] KVM: Fix fs/gs reload oops with invalid ldt (CVE-2010-3698) - gdth: Fix integer overflow in ioctl (CVE-2010-4157) * [x86] KVM: SVM: Fix wrong intercept masks for KVM_{GET,SET}_VCPU_EVENTS on 32 bit, thanks to Philipp Matthias Hahn (Closes: #599507) [ dann frazier ] * [vserver] Update patch to 2.6.32.25-vs2.3.0.36.29.6 * add qlcnic driver * econet: Avoid stack overflow w/ large msgiovlen (CVE-2010-3848) * econet: disallow NULL remote addr for sendmsg() (CVE-2010-3849) * econet: Add mising CAP_NET_ADMIN check in SIOCSIFADDR (CVE-2010-3850) -- Ben Hutchings Thu, 25 Nov 2010 01:20:50 +0000 linux-2.6 (2.6.32-27) unstable; urgency=high * The "We'll Always Have Paris" release [ Ben Hutchings ] * rndis_host: Restrict fix for #576929 to specific devices (Closes: #589403, #600660) * Add stable 2.6.32.25: - rme9652: prevent reading uninitialized stack memory (CVE-2010-4080, CVE-2010-4081) - ocfs2: Don't walk off the end of fast symlinks - ip: fix truesize mismatch in ip fragmentation - net: clear heap allocations for privileged ethtool actions - execve: setup_arg_pages: diagnose excessive argument size - execve: improve interactivity with large arguments - execve: make responsive to SIGKILL with large arguments - rose: Fix signedness issues wrt. digi count. (CVE-2010-3310) - ALSA: prevent heap corruption in snd_ctl_new() (CVE-2010-3442) - setup_arg_pages: diagnose excessive argument size (CVE-2010-3858) * btrfs: add a "df" ioctl for btrfs (Closes: #600190) * Update debconf template translations: - Add Catalan (Jordi Mallach) (Closes: #601146) - Add Brazilian Portugese (Flamarion Jorge) (Closes: #601102) - Update Vietnamese (Clytie Siddall) (Closes: #601534) * phonet: device notifier only runs on initial namespace (Really closes: #597904) * net/socket: Limit sendto()/recvfrom() length (CVE-2010-1187) [Original reference is incorrect; should be CVE-2010-3859.] [ Ian Campbell ] * xen: import additional fixes for disabling netfront smartpoll mode (Closes: #600992). [ dann frazier ] * e1000e: Reset 82577/82578 PHY before first PHY register read (Closes: #601017) [ Martin Michlmayr ] * Kirkwood: reset PCIe unit on boot * Kirkwood: restrict the scope of the PCIe reset workaround [ maximilian attems ] * Update abi files, readd Xen as ABI stable. * 2.6.33.stable-queue: drm/radeon: fix PCI ID 5657 to be an RV410. * Add drm changes from 2.6.32.24+drm33.11: - i915: return -EFAULT if copy_to_user fails. - drm/i915: Prevent double dpms on - drm: Only decouple the old_fb from the crtc is we call mode_set* - drm/i915: Unset cursor if out-of-bounds upon mode change (v4) - drm/i915,agp/intel: Add second set of PCI-IDs for B43 * net: Limit socket I/O iovec total length to INT_MAX. (CVE-2010-1187) [Original reference is incorrect; should be CVE-2010-3859.] * numa: fix slab_node(MPOL_BIND). -- maximilian attems Sat, 30 Oct 2010 12:24:37 +0200 linux-2.6 (2.6.32-26) unstable; urgency=high [ Ian Campbell ] * xen: fix PVHVM hang at boot when Xen does not support vector callbacks. * xen: fix race between PV drivers and xenstore initialisation which caused breakage in drivers for both regular PV and PVHVM guests. [ maximilian attems ] * [openvz] Enable ioprio. (closes: #596772) Thanks Daniel Hahler [ Ben Hutchings ] * [x86] radeon: Add quirks to make HP nx6125 and dv5000 laptops resume (Closes: #583968) * dm-crypt: Add 'plain64' IV; this avoids watermarking attacks that are possible with 'plain' IV on devices larger than 2TB (Closes: #600384) * [x86] ahci,ata_generic: let ata_generic handle new MBP w/ MCP89 (Closes: #600305) * debian/.../patches.py: Open files as needed, rather than all at once (Closes: #600423) * [openvz] printk: Handle global log buffer reallocation (Closes: #600299) * debian/bin/test-patches: Restrict patches to featureset when building with a featureset (thanks to Tim Small) * sata_via: Delay on vt6420 when starting ATAPI DMA write (Closes: #488566) * r6040: Fix various bugs in r6040_multicast_list() (Closes: #600155) [ dann frazier ] * Force enable DMA on MBP w/ MCP 7,1 * RDS sockets: remove unsafe kmap_atomic optimization (CVE-2010-3904) * v4l: disable dangerous buggy compat function (CVE-2010-2963) -- dann frazier Tue, 19 Oct 2010 07:50:55 -0600 linux-2.6 (2.6.32-25) unstable; urgency=high [ Ben Hutchings ] * mmc: build fix: mmc_pm_notify is only available with CONFIG_PM=y * Add stable 2.6.32.24 (trivial fix, already applied) * ipg: Remove device claimed by dl2k from pci id table (Closes: #599021) * linux-image: Include modules.order in image packages (Closes: #598518) * [x86] isdn/i4l: Reenable ISDN4Linux drivers, but mark them as staging (Closes: #588551) - hisax: Disable device aliases that conflict with mISDN * Update Danish debconf template translation (Joe Hansen) (Closes: #599457) * [x86] KVM: SVM: Fix wrong intercept masks on 32 bit (Closes: #599507) * e1000: fix Tx hangs by disabling 64-bit DMA (Closes: #518182) * rt2x00: Fix calculation of required TX headroom (Closes: #599395) * Add drm changes from 2.6.32.22+drm33.10: - i915: Don't touch PORT_HOTPLUG_EN in intel_dp_detect() - i915: Kill dangerous pending-flip debugging - radeon: release AGP bridge at suspend - radeon: initialize set_surface_reg for rs600 asic * [x86] toshiba_acpi: Add full hotkey support (Closes: #599768) [ Stephen R. Marenka ] * m68k: fix missing io macros. * m68k: modular swim on mac. * m68k: never build staging drivers on m68k. * m68k: build in rtc class on atari. [ Ian Campbell ] * xen: do not truncate machine address on gnttab_copy_grant_page hypercall (Closes: #599089) [ dann frazier ] * drm/i915: Sanity check pread/pwrite (CVE-2010-2962) * drm/i915: Rephrase pwrite bounds checking to avoid any potential overflow * GFS2: Fix writing to non-page aligned gfs2_quota structures (CVE-2010-1436) * hvc_console: Fix race between hvc_close and hvc_remove (CVE-2010-2653) * net sched: fix some kernel memory leaks (CVE-2010-2942) * niu: Fix kernel buffer overflow for ETHTOOL_GRXCLSRLALL (CVE-2010-3084) * rose: Fix signedness issues wrt. digi count (CVE-2010-3310) * Fix pktcdvd ioctl dev_minor range check (CVE-2010-3437) * ALSA: prevent heap corruption in snd_ctl_new() (CVE-2010-3442) * net sched: fix kernel leak in act_police (CVE-2010-3477) * sctp: Fix out-of-bounds reading in sctp_asoc_get_hmac() (CVE-2010-3705) -- dann frazier Thu, 14 Oct 2010 01:08:05 -0600 linux-2.6 (2.6.32-24) unstable; urgency=high [ Ben Hutchings ] * speakup: Update to match Debian package version 3.1.5.dfsg.1-1 * scsi_dh_emc: Fix mode select request setup (Closes: #591540) * snd-hda-codec-via: Fix syntax error when CONFIG_SND_HDA_POWER_SAVE is disabled (Closes: #597043) * Add stable 2.6.32.22: - [vserver] Revert sched changes since they conflict. * Recommend use of 'make deb-pkg' to build custom kernel packages * [x86] Revert "i915: Blacklist i830, i845, i855 for KMS". The current X driver (xserver-xorg-video-intel version 2.12.0+shadow-1) should work properly with KMS on these chips. (Closes: #596453) * phonet: Restrict to initial namespace (Closes: #597904) * Add stable 2.6.32.23: - serial/mos*: prevent reading uninitialized stack memory - net: Fix oops from tcp_collapse() when using splice() - rds: fix a leak of kernel memory - hso: prevent reading uninitialized memory (CVE-2010-3298) - cxgb3: prevent reading uninitialized stack memory (CVE-2010-3296) - eql: prevent reading uninitialized stack memory (CVE-2010-3297) - vt6655: fix buffer overflow - net/llc: make opt unsigned in llc_ui_setsockopt() - sisfb: prevent reading uninitialized stack memory - aio: check for multiplication overflow in do_io_submit (CVE-2010-3067) - xfs: prevent reading uninitialized stack memory (CVE-2010-3078) - viafb: prevent reading uninitialized stack memory - [hppa,ia64] mm: guard page for stacks that grow upwards (CVE-2010-2240) - sctp: Do not reset the packet during sctp_packet_config() (CVE-2010-3432) * xen: Fix typo in xen_percpu_chip definition * 3c59x: Remove incorrect locking (Closes: #598103) * f71882fg: Add support for the f71889fg (Closes: #597820) * drm/radeon: Fix regressions introduced in 2.6.34.3 (Closes: #597636) * mmc: fix hangs related to mmc/sd card insert/removal during suspend/resume (Closes: #598147) [ Martin Michlmayr ] * ARM: update mach types. * [armel/config.kirkwood] Enable MACH_DOCKSTAR. [ Ian Campbell ] * [x86/xen] Disable netfront's smartpoll mode by default. (Closes: #596635) [ maximilian attems ] * [openvz] Update upstream patch to 2.6.32-dyomin. -- Ben Hutchings Thu, 30 Sep 2010 00:46:16 +0100 linux-2.6 (2.6.32-23) unstable; urgency=low [ Ben Hutchings ] * cgroupfs: create /sys/fs/cgroup to mount cgroupfs on (Closes: #595964) * r8169: Fix MDIO timing (Closes: #583139; mistakenly reverted in 2.6.32-19) * gro: Fix bogus gso_size on the first fraglist entry (Closes: #596802) * vgaarb: Fix VGA arbiter to accept PCI domains other than 0 (from stable 2.6.32.12; mistakenly omitted in 2.6.32-12) [ maximilian attems ] * openvz: cfq-iosched: do not force idling for sync workload. [ Stephen R. Marenka ] * m68k: switch to generic siginfo layout. * m68k: NPTL support. [ dann frazier ] * compat: Make compat_alloc_user_space() incorporate the access_ok() (CVE-2010-3081) * x86-64, compat (CVE-2010-3301): - Retruncate rax after ia32 syscall entry tracing - Test %rax for the syscall number, not %eax * wireless extensions: fix kernel heap content leak (CVE-2010-2955) * KEYS (CVE-2010-2960): - Fix RCU no-lock warning in keyctl_session_to_parent() - Fix bug in keyctl_session_to_parent() if parent has no session keyring -- dann frazier Fri, 17 Sep 2010 15:27:04 -0600 linux-2.6 (2.6.32-22) unstable; urgency=low [ Ian Campbell ] * xen: backport pvhvm drivers from upstream. * Fixes/overrides for Lintian warnings: - Add "(meta package)" to short description of linux-headers metapackages, resolves empty-binary-package. - Add dependency on ${misc:Depends} to all packages, resolves debhelper-but-no-misc-depends. Required update to gencontrol.py to augment rather than override headers_arch_depends read from templates. - Override dbg-package-missing-depends for linux-image-*-dbg. It is not necessary to install the kernel image package to use the dbg package since the dbg package already contains a complete image with symbols. [ Ben Hutchings ] * [x86/xen] Restore stack guard page (CVE-2010-2240) * Add stable 2.6.32.21: - ext4: consolidate in_range() definitions (CVE-2010-3015) - mm: make the mlock() stack guard page checks stricter (avoids regression for Xen tools; closes: 594756) - [sparc] sunxvr500: Ignore secondary output PCI devices (Closes: #594604) - ocfs2: fix o2dlm dlm run purgelist (Closes: #593679) - Avoid ABI change in mm - Ignore ABI change in snd-emu10k1 * Add drm changes from stable 2.6.34.6: - drm: stop information leak of old kernel stack (CVE-2010-2803) * rt2870sta: Add more device IDs from vendor drivers * rt2860sta, rt2870sta: Enable channels 12-14 (Closes: #594561) * SCSI/mptsas: fix hangs caused by ATA pass-through (Closes: #594690) * sky2: Apply fixes and new hardware support from 2.6.33-2.6.35 (Closes: #571526) * postinst: Really warn users on upgrade if the current configuration may rely on running a default boot loader. * input: add compat support for sysfs and /proc capabilities output (Closes: #579017) * snd-hda-intel: Add support for VIA V1708S, VT1718S, VT1828S, VT2020, VT1716S, VT2002P, VT1812, VT1818S * hwmon/w83627ehf: Add support for W83667HG-B * 3c59x: Fix deadlock in vortex_error() (Closes: #595554) * [x86] paravirt: Add a global synchronization point for pvclock (from 2.6.32.16; reverted due to a regression which was addressed in 2.6.32.19) * sched, cputime: Introduce thread_group_times() (from 2.6.32.19; reverted due to the potential ABI change which we now carefully avoid) * net/{tcp,udp,llc,sctp,tipc,x25}: Add limit for socket backlog (Closes: #592187) * tun: Don't add sysfs attributes to devices without sysfs directories (Closes: #594845) * [x86] Add brcm80211 driver for Broadcom 802.11n wireless network controllers * r8169: Remove MODULE_FIRMWARE declarations since the firmware is non-essential and we do not distribute it * [x86] HPET: unmap unused I/O space * ipheth: add support for iPhone 4 * ipheth: remove incorrect devtype of WWAN * ALSA: emux: Add trivial compat ioctl handler (Closes: #596478) * hostap_pci: set dev->base_addr during probe (Closes: #595802) * ethtool: allow non-netadmin to query settings (see #520724) * ACPI: add boot option acpi=copy_dsdt to fix corrupt DSDT, and enable this automatically for known-bad Toshiba models (Closes: #596709) [ Bastian Blank ] * Use Breaks instead of Conflicts. [ Aurelien Jarno ] * [mips,mipsel] Fix computation of DMA flags from device's coherent_dma_mask. [ Martin Michlmayr ] * Add some patches from the Orion tree: - OpenRD: Enable SD/UART selection for serial port 1 - kirkwood: Unbreak PCIe I/O port - Kirkwood: support for Seagate DockStar [ dann frazier ] * netxen_nic: add support for loading unified firmware images * irda: Correctly clean up self->ias_obj on irda_bind() failure. (CVE-2010-2954) [ maximilian attems ] * [powerpc] Enable WINDFARM_PM121. (closes: #596515) Thanks Étienne BERSAC * nouveau: disable acceleration on NVA3/NVA5/NVA8 by default. * openvz: disable KSM. Thanks Dietmar Maurer . (closes: #585864) * Update openvz patch to d38b56fd0dca. * openvz: enalbe modular VZ_EVENT. -- maximilian attems Tue, 14 Sep 2010 14:17:11 +0200 linux-2.6 (2.6.32-21) unstable; urgency=high [ Ben Hutchings ] * Add stable 2.6.32.19: - ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files (CVE-2010-2066) - mm: keep a guard page below a grow-down stack segment (CVE-2010-2240) (not applied to xen featureset) - md/raid10: fix deadlock with unaligned read during resync (Closes: #591415) - Revert "sched, cputime: Introduce thread_group_times()" which would result in an ABI change * Add stable 2.6.32.20: - Fix regressions introduced by original fix for CVE-2010-2240 * Add drm and other relevant changes from stable 2.6.34.4 * Add 'breaks' relation from image packages to boot loader packages that do not install required hooks (Closes: #593683) * [x86] i915: Blacklist i830, i845, i855 for KMS (Closes: #568207, #582105, #593432, #593507) [ Bastian Blank ] * Update Xen patch. - Notify Xen on crash. - Several blktap fixes. [ Ritesh Raj Sarraf ] * Add .gnu_debuglink information into kernel modules (Closes: #555549) [ Ian Campbell ] * [x86/xen] temporarily remove stack guard page, it breaks the xen toolstack. [ Aurelien Jarno ] * [mips,mipsel] Fix 64-bit atomics. -- Ben Hutchings Wed, 25 Aug 2010 01:06:18 +0100 linux-2.6 (2.6.32-20) unstable; urgency=low [ Moritz Muehlenhoff ] * Backport XVR1000 driver (Closes: #574243) [ Ben Hutchings ] * Add stable 2.6.32.18: - CIFS: Fix compile error with __init in cifs_init_dns_resolver() definition (FTBFS for most architectures) - GFS2: rename causes kernel Oops (CVE-2010-2798) - xfs: prevent swapext from operating on write-only files (CVE-2010-2226) * Update debconf template translations: - Swedish (Martin Bagge) (Closes: #592045) - German (Holger Wansing) (Closes: #592226) * [i386/openvz-686] Remove AMD Geode LX and VIA C3 "Nehemiah" from the list of supported processors; they do not implement PAE * V4L/DVB: Add Elgato EyeTV Diversity to dibcom driver (Closes: #591710) * [s390] dasd: use correct label location for diag fba disks (Closes: #582281) * Add drm changes from stable 2.6.34.2 (thanks to Stefan Bader) and 2.6.34.3 * drm/i915: disable FBC when more than one pipe is active (Closes: #589077) * IB/ipath: Fix probe failure path (Closes: #579393) * ext4: fix freeze deadlock under IO (regression introduced in 2.6.32.17) * xen: Completely disable use of XSAVE (Closes: #592428) [ Martin Michlmayr ] * [armel/orion5x] Add a missing #include to fix a build issue. * [armel/kirkwood, armel/orion5x] Build-in support for more devices. [ dann frazier ] * can: add limit for nframes and clean up signed/unsigned variables -- Ben Hutchings Thu, 12 Aug 2010 03:26:39 +0100 linux-2.6 (2.6.32-19) unstable; urgency=low [ maximilian attems ] * inotify send IN_UNMOUNT events. * inotify fix oneshot support. [ Ben Hutchings ] * linux-base: Remove dependency on libapt-pkg-perl (Closes: #589996) * pata_pdc202xx_old: Fix UDMA mode for PDC2024x and PDC2026x controllers (Closes: #590532) * Update debconf template translations: - Czech (Michal Simunek) (Closes: #590546) - Portugese (Américo Monteiro) (Closes: #590557) - French (David Prévot) (Closes: #591149) - Russian (Yuri Kozlov) (Closes: #591241) * Add stable 2.6.32.17: - ethtool: Fix potential kernel buffer overflow in ETHTOOL_GRXCLSRLALL (CVE-2010-2478) - GFS2: Fix up system xattrs (CVE-2010-2525) - Revert ABI changes in firmware_class and ssb - Ignore ABI changes in acpi_processor, hostap and jbd2 * Add drm changes from stable 2.6.33.7: - drm/i915: Enable low-power render writes on GEN3 hardware (915, 945, G33 and Atom "Pineview") (Closes: #590193, maybe others) * [i386/xen-686] Remove AMD Geode LX and VIA C3 "Nehemiah" from the list of supported processors; they do not implement PAE * [x86] Add samsung-laptop driver [ dann frazier ] * [ia64] Fix crash when gcore reads gate area (Closes: #588574) [ Bastian Blank ] * Update Xen patch. - Ignore ABI changes. -- Ben Hutchings Thu, 05 Aug 2010 02:43:19 +0100 linux-2.6 (2.6.32-18) unstable; urgency=low [ Ben Hutchings ] * iwlwifi: Allocate pages for RX buffers, reducing the probability of allocation failure (Closes: #580124) * postinst: Remove support for 'default' boot loaders. Warn users on upgrade if the current configuration may rely on this. * rt2860sta, rt2870sta: Apply changes from Linux 2.6.33 and 2.6.34 - rt2860sta: Fix WPA(2)PSK issue when group cipher of AP is WEP40 or WEP104 (Closes: #574766) * rt3090sta: Replace with rt2860sta (Closes: #588863) * [i386/686] Remove AMD K6 from the list of supported processors; it does not implement the CMOV instruction * drm/i915: Add 'reclaimable' to i915 self-reclaimable page allocations (really closes: #534422, we hope) * Revert "x86, paravirt: Add a global synchronization point for pvclock", included in stable 2.6.32.16 (Closes: #588426) * 3c59x: Fix call to mdio_sync() with the wrong argument (Closes: #589989) [ Martin Michlmayr ] * Add some patches from the Orion tree, including support for Marvell's Armada 300 (88F6282): - Kirkwood: update MPP definition. - Kirkwood: fix HP t5325 after updating MPP definitions - leds: leds-gpio: Change blink_set callback to be able to turn off blinking - net/phy/marvell: Expose IDs and flags in a .h and add dns323 LEDs setup flag - orion5x: Base support for DNS-323 rev C1 - orion5x: Fix soft-reset for some platforms - mtd: orion/kirkwood: add RnB line support to orion mtd driver - mtd: kirkwood: allow machines to register RnB callback - Kirkwood: add support for rev A1 of the 88f6192 and 88f6180 chips - Kirkwood: Add support for 88f6282 - PCI: add platform private data to pci_sys_data - Kirkwood: add support for PCIe1 - Kirkwood: more factorization of the PCIe init code [ maximilian attems ] * sched: Fix over-scheduling bug. -- Ben Hutchings Fri, 23 Jul 2010 03:48:08 +0100 linux-2.6 (2.6.32-17) unstable; urgency=low [ maximilian attems ] * agp: add no warn since we have a fallback to vmalloc paths. [ Ben Hutchings ] * linux-tools: Fix build for hppa and do not attempt to build for architectures where perf events are not available (Closes: #588409) * linux-tools: Add build-dependency on binutils-dev to enable symbol demangling in perf * drm/i915: Fix memory corruption on resume from hibernation (Closes: #534422) -- Ben Hutchings Sat, 10 Jul 2010 16:40:38 +0100 linux-2.6 (2.6.32-16) unstable; urgency=low [ dann frazier ] * [hppa] clear floating point exception flag on SIGFPE signal (Closes: #559406) [ Ben Hutchings ] * Add stable 2.6.32.15 * Add mantis and hopper DVB drivers with mb86a16 and tda665x DVB front-ends, backported by Bjørn Mork (Closes: #577264) * Build inet_lro as a module * [sparc] Enable CONFIG_FB_XVR500, CONFIG_FB_XVR2500 (Closes: #508108) * Update Spanish debconf templates, thanks to Omar Campagne (Closes: #580538) * Revert "Add EC path for Thinkpad X100."; it is incomplete and broken * sctp: fix append error cause to ERROR chunk correctly (regression due to fix for CVE-2010-1173) * [powerpc] Enable pata_amd driver, replacing amd74xx * eeepc-laptop: Disable wireless hotplug on more models where the controller is not at the expected address (Closes: #576199) * [mips] Fix boot from ATA hard drives (Closes: #584784): - Set io_map_base for several PCI bridges lacking it - Replace per-platform built-in IDE drivers with libata-based drivers - Enable BLK_DEV_SD as built-in on all platforms * Revert "vlan/macvlan: propagate transmission state to upper layers" (Closes: #585770) * linux-base: Don't identify LVM2 PVs by UUID (Closes: #585852) * usb-serial: Add generic USB WWAN code, backported by Mark Hymers (Closes: #585661) - option, qcserial: Use generic USB WWAN code - qcserial: Add support for Qualcomm Gobi 2000 devices * radeon: Fix MacBook Pro connector quirk (Closes: #585943) * r8169: Fix MDIO timing (Closes: #583139) * Move NEWS to linux-latest-2.6 (Closes: #586401) * 3c59x: Change locking to avoid use of disable_irq() (Closes: #586967) * Enable IPv6 support for IPVS (IP_VS_IPV6) (Closes: #584549) * Revert "tpm: autoload tpm_tis based on system PnP IDs", included in stable 2.6.32.12 (Closes: #584273) * linux-base: If the disk ID update process fails, give the user a chance to retry or change their answers (Closes: #585609) * asix: fix setting mac address for AX88772 (Closes: #587580) * ipv6: Clamp reported valid_lft to a minimum of 0 (Closes: #514644) * ipv6: Use interface max_desync_factor instead of static default (Closes: #514646) * Add stable 2.6.32.16: - Fixes CVE-2010-1641, CVE-2010-1187, CVE-2010-1148, CVE-2010-1173 and CVE-2010-2071 - libata: disable ATAPI AN by default (Closes: #582737, #582903) * Add drm changes from stable 2.6.33.6 * [ia64, powerpc, sparc, x86] Enable KPROBES and KRETPROBES (Closes: #584130) * r8192s_usb: Fix various bugs: - Check for skb allocation failure in 2 more places - Update LED control code - Clean up in case of an error in module initialisation - Rename and remove proc directories correctly if an interface is not called wlan0 (Closes: #582972) - Correct device ID table (Closes: #584945, #587985) * Add r8192u_usb driver * Add linux-tools- package containing the perf tool (Closes: #548715) * Enable USB_SERIAL_TI (Closes: #588096) and USB_SERIAL_WHITEHEAT [ Aurelien Jarno ] * [sh4] optimize runtime disabling of trapped I/O. * [mips] backport mips/swarm: fix M3 TLB exception handler. [ Moritz Muehlenhoff ] * Enable X86 board specific fixups for reboot (Closes: #536537) [ Martin Michlmayr ] * OpenRD-Base: revert patch "allow SD/UART1 selection" since it never made it upstream. * ARM: update mach types. * Add support for OpenRD-Ultimate. * QNAP TS-11x/TS-21x: Add MPP36 (RAM) and MPP44 (board ID). * Add support for the HP t5325 Thin Client. * m25p80: Add support for Macronix 25L8005. * Add framebuffer driver for XGI chipsets. * [armel/kirkwood] Enable FB_XGI and FRAMEBUFFER_CONSOLE. * [armel] Make MOUSE_PS2 modular. * [armel] Build INPUT_UINPUT for all flavours. * Update Marvell CESA (mv_cesa) driver (Closes: #585790): - Invoke the user callback from a softirq context - Remove compiler warning in mv_cesa driver - Fix situation where the dest sglist is organized differently than... - Fix situations where the src sglist spans more data than the reques... - Enqueue generic async requests - Rename a variable to a more suitable name - Execute some code via function pointers rathr than direct calls - Make the copy-back of data optional - Support processing of data from previous requests - Add sha1 and hmac(sha1) async hash drivers * Update DisplayLink (udlfb) driver: - add dynamic modeset support - checkpatch cleanup - reorganize function order - pre-allocated urb list helpers - clean up function naming - Add functions to expose sysfs metrics and controls - Rework startup and teardown to fix race conditions - improved rendering performance - Support for fbdev mmap clients (defio) - explicit dependencies and warnings - remove printk and small cleanup * [armel/kirkwood] Enable FB_UDL. * [armel] Disable PARPORT_PC (Closes: #588164) [ Bastian Blank ] * Disable mISDN support for NETJet cards. The driver binds a generic PCI bridge. * Disable ISDN4Linux drivers. [ maximilian attems] * Update openvz patch to 5fd638726a69. -- Ben Hutchings Mon, 05 Jul 2010 22:13:33 +0100 linux-2.6 (2.6.32-15) unstable; urgency=low [ Ben Hutchings ] * [hppa] Ignore ABI change caused by disabling CONFIG_IDE_TIMINGS * [powerpc] Fix unnecessary ABI change [ Bastian Blank ] * xen: Fix crash in netback. -- Ben Hutchings Tue, 01 Jun 2010 01:31:05 +0100 linux-2.6 (2.6.32-14) unstable; urgency=low [ Ben Hutchings ] * [ia64] Hardcode the output of the scripts under arch/ia64/scripts so that we can build out-of-tree modules correctly (refresh and re-add dropped patch) (Closes: #392592) * vlan/macvlan: propagate transmission state to upper layers * macvlan: add GRO bit to features mask * macvlan: allow multiple driver backends * Add macvtap driver (Closes: #568755) * [ia64] Enable SGI SN support and mspec driver (Closes: #582224) * iwlwifi: Disable QoS when connected to a non-QoS-capable AP (Closes: #578262) * [x86] Disable e_powersaver cpufreq driver as unsafe. It has already been blacklisted by cpufrequtils. The acpi-cpufreq driver can be used instead on some VIA C7 systems. (Closes: #566208) * nouveau: Fix fbcon corruption with font width not divisible by 8 (Closes: #583162) * [amd64] ext4: Fix compat EXT4_IOC_ADD_GROUP (used by online resize) * Install debug kernel image in /usr/lib/debug/boot (Closes: #582810) * net: sysfs: Check for null ethtool_ops before getting speed/duplex * Add stable 2.6.32.14: - [hppa] Revert "parisc: Set PCI CLS early in boot.", erroneously included in 2.6.32.13 causing FTBFS - btrfs: check for read permission on src file in the clone ioctl (CVE-2010-1636) [ Bastian Blank ] * Update Xen patch. - Fix checksum offloading in netback. (closes: #583366) [ maximilian attems] * Add drm changes from stable 2.6.33.5: - i915: Disable FBC on 915GM and 945GM (Closes: #582427) * Update openvz patch to e7399c239fad. [ Martin Michlmayr ] * QNAP TS-419P: Export GPIO indicating jumper setting of JP1. -- Ben Hutchings Sat, 29 May 2010 00:32:44 +0100 linux-2.6 (2.6.32-13) unstable; urgency=low [ Frederik Schueler ] * sparc: Fix use of uid16_t and gid16_t in asm/stat.h [ Moritz Muehlenhoff ] * Enable tomoyo (Closes: #562486) [ maximilian attems] * backport KVM: x86: Extend KVM_SET_VCPU_EVENTS with selective updates. (closes: #580652) * KEYS: find_keyring_by_name() can gain access to a freed keyring. CVE-2010-1437 * hppa, sparc, powerpc disable BLK_DEV_CMD64X. * topconfig enable PATA_CMD64X. (closes: #580799) * x86: Disable CRYPTO_AES_NI_INTEL as it causes boot failures on T410. * Add stable 2.6.32.13: - [SCSI] Enable retries for SYNCRONIZE_CACHE commands to fix I/O error. - [SCSI] Retry commands with UNIT_ATTENTION sense codes to fix ext3/ext4 I/O errors. - [SCSI] skip sense logging for some ATA PASS-THROUGH cdbs (Closes: #578129) - raid6: fix recovery performance regression. - raid456: Enable error-correction on singly-degraded RAID6 (Closes: #581392) - r8169: fix broken register writes (Closes: #407217, #573007) - V4L/DVB: budget: Fix crash in case of failure to attach frontend (Closes: #575207) * drm/edid: Fix 1024x768@85Hz. [ Ben Hutchings ] * linux-base: Fix typo in disk relabelling code (Closes: #580467) * linux-base: Don't quote boot device name in elilo.conf (Closes: #580710; works-around: #581173) * rtl8192su: Add IDs for several more devices (Closes: #580740) * Add drm and sfc changes from stable 2.6.33.4 * Improve workaround for HPAs (Host Protected Areas) overlapping partitions, thanks to Tejun Heo: - SCSI/libata: Disable HPA if it overlaps a partition (Closes: #572618) - buffer: Make invalidate_bdev() drain all percpu LRU add caches - block: Rescan partition tables after HPA is disabled - libata: Disable HPA if it is only enabled after suspend * V4L/DVB: budget: Select correct frontend drivers (Closes: #575223) * 3c503: Fix IRQ probing (Closes: #566522) * sis-agp: Remove SIS 760, handled by amd64-agp * amd64-agp: Probe unknown AGP devices the right way (Closes: #548090) [ Aurelien Jarno ] * mips/swarm: fix boot from IDE based media (Sebastian Andrzej Siewior) (closes: #466977). * backport mips/swarm: fix M3 TLB exception handler. [This patch was actually reverted and never applied in version 2.6.32-13] * backport MIPS FPU emulator: allow Cause bits of FCSR to be writeable by ctc1. (closes: #580602). * mips/swarm: enable adm* hwmon drivers. * backport Input: Add support of Synaptics Clickpad device (Closes: #572842) [ Bastian Blank ] * Fix symlinks in several packages. * Update Xen patch. * [amd64, i386/{686-bigmem,openvz-686,vserver-686-bigmem,xen-686}] Build debugging symbols. (closes: #365349) * Ignore crypto ABI changes. [ Martin Michlmayr ] * Backport GuruPlug support. [ Christian Perrier ] * Update debconf templates: - English revised by the debian-l10n-english team as part of the Smith review project (Closes: #578349) - Vietnamese (Clytie Siddall) (Closes: #579234) - German (Holger Wansing) (Closes: #579864) - Russian (Yuri Kozlov) (Closes: #578994) - Estonian (mihkel) (Closes: #579019) - Czech (Michal Simunek) (Closes: #579268) - Swedish (Martin Bagge) (Closes: #579308) - French (David Prévot) (Closes: #579763) - Spanish (Omar Campagne) (Closes: #580538) - Portuguese (Américo Monteiro) (Closes: #577227) - Japanese (Kenshi Muto) (Closes: #580855) - Danish (Joe Hansen) (Closes: #580915) - Czech (Michal Simunek) (Closes: #581399) -- maximilian attems Mon, 17 May 2010 15:29:27 +0200 linux-2.6 (2.6.32-12) unstable; urgency=low * The "Microwave Background" release [ Ben Hutchings ] * Prepare debconf templates for translation. (closes: #576758) * [x86] PCI/forcedeth: Disable MSI for MCP55 on P5N32-E SLI (Closes: #552299) * phylib: Fix typo in bcm63xx PHY driver table * linux-base: Fix bugs and improve libata transition code: - Fix scope of _system() function (Closes: #576925) - Fix case where a file may wrongly be listed as automatically converted (Closes: #577047) - Check device IDs in mdadm.conf rather than assuming it needs manual conversion - Use vol_id if available since the version of blkid in lenny does not support the output format we need (Closes: #576608) - Fix missing line breaks in updated crypttab (Closes: #577735) * i915: Stop trying to use ACPI lid status to determine LVDS connection (Closes: #577724) * forcedeth: Fix hardware version check for TX bug workaround (Closes: #572201) * rndis_host: Poll status channel before control channel (Closes: #576929) * megaraid_sas: Fix copying of sense data for 32-bit management tools on 64-bit kernel (Closes: #578398) * Add ipheth driver for iPhone tethering * virtio_net: Make delayed refill more reliable (Closes: #576838) [ maximilian attems] * [ia64] Built in fbcon. * Update openvz patch to c05f95fcb04e. (closes: #574598) * Reenable nouveau autoloading. * reiserfs: Fix permissions on .reiserfs_priv. CVE-2010-1146 * libata,ata_piix: detect and clear spurious IRQs. * libata/SCSI: fix locking around blk_abort_request(). * topconfig enable NET_DROP_MONITOR. (closes: #578568) * Add stable 2.6.32.12: - ACPI: EC: Allow multibyte access to EC; fixes temperature monitoring on some Dell laptops (Closes: #563313) - [x86] KVM: disable paravirt mmu reporting (Closes: #573071) - thinkpad-acpi: lock down video output state access (Closes: #565790) - xfs update (closes: #579410) * Add drm changes from stable 2.6.33.3: - drm/radeon: R300 AD only has one quad pipe (Closes: #575681) * libata: Fix accesses at LBA28 boundary (old bug, but nasty) (v2) * Add EC path for Thinkpad X100. * Bump ABI to 5, apply: - hrtimer: Tune hrtimer_interrupt hang logic * Add libata TRIM support. * Backport radeon r800 modesetting support. * drm/radeon/kms: further spread spectrum fixes. * Backport p54 fixes. * net: export device speed and duplex via sysfs. * postrm: rm modules.softdep. (closes: #579175) * Backport KVM: Xen PV-on-HVM guest support. * Backport KVM: x86: Add KVM_GET/SET_VCPU_EVENTS. * hugetlb: fix infinite loop in get_futex_key() when backed by huge pages * ext4: Issue the discard operation *before* releasing the blocks to be reused. * libiscsi: regression: fix header digest errors. * Revert module.c and module.h changes from -stable update. [ dann frazier ] * Add DRBD backport * sctp: Fix skb_over_panic resulting from multiple invalid parameter errors (CVE-2010-1173) * [CIFS] Allow null nd (as nfs server uses) on create (CVE-2010-1148) * tipc: Fix oops on send prior to entering networked mode (CVE-2010-1187) * [powerpc] KGDB: don't needlessly skip PAGE_USER test for Fsl booke Note: KGDB is not currently enabled in debian builds (CVE-2010-1446) [ Aurelien Jarno ] * [sh4] Add a sh7751r flavour. * [mips/*malta] Remove options that are present in topconfig. [ Martin Michlmayr ] * dns323-setup.c: fix WARN() when booting (Arnaud Patard). * mips: enable PATA platform on SWARM and LITTLESUR (Sebastian Andrzej Siewior). * [mips/sb1-bcm91250a] Enable PATA_PLATFORM. [ Bastian Blank ] * Update Xen patch. -- Ben Hutchings Sat, 01 May 2010 02:58:31 +0100 linux-2.6 (2.6.32-11) unstable; urgency=low [ Ben Hutchings ] * [sparc] Provide io{read,write}{16,32}be() (Closes: #574421) * Use libata-based drivers for most PATA controllers on all architectures (previously applied only to x86) * linux-base: Fix bugs and improve libata transition code: - Handle duplicates in /etc/udev/rules.d/70-persistent-cd.rules (Closes: #574630) - Always attempt conversion if $DEBCONF_RECONFIGURE is set - Never attempt conversion during a fresh installation (Closes: #576243) - Convert disk IDs in crypttab (Closes: #575056) - Redirect stdin and stdout of child processes to avoid interfering with debconf (Closes: #574987) - Report when hdparm.conf or mdadm.conf may need to be updated (Closes: #576442) - Where a device has both a UUID and a label, prefer to identify it by UUID, consistent with fresh installations - Do not use device labels including certain unsafe characters (Closes: #576537) * iwlwifi: Fix repeated warnings about tfds_in_queue (Closes: #574526) * eeepc-laptop: Disable CPU speed control on 701 and 702 since it can cause the system to hang (Closes: #559578) * eeepc-laptop: Disable wireless hotplug on 1005HA, 1201N and 1005PE since it disconnects the wrong device (Closes: #573607) * linux-headers-*: Support postinst hooks in /etc/kernel/header_postinst.d, thanks to Michael Gilbert (Closes: #569724) * rt2860sta: Fix argument to linux_pci_unmap_single() (Closes: #575726) * nouveau: nv50: Implement ctxprog/state generation * phylib: Support PHY module autoloading (Closes: #553024) * [x86] Add ramzswap driver (Closes: #573912) [ maximilian attems] * [alpha, hppa] Disable oprofile as tracing code is unsupported here. (closes: #574368) * Update openvz patch to 14a9729fab67. (closes: #574598, #575189) * [x86]: Disable FB_INTEL. (closes: #447575, #503766, #574401) * ssb: do not read SPROM if it does not exist. * ssb: Avoid null pointer dereference by aboves. * Add stable 2.6.32.11. - MIPS: Cleanup forgotten label_module_alloc in tlbex.c (Closes: #571305) - ath5k: fix setup for CAB queue (closes: #576213) - NFS: Prevent another deadlock in nfs_release_page() (Closes: #574348) * Revert to keep ABI: - hrtimer: Tune hrtimer_interrupt hang logic [ Moritz Muehlenhoff ] * Add support for sh4 architecture, patch by Nobuhiro Iwamatsu (Closes: #569034) [ Bastian Blank ] * Update Xen patch. - Fix free interrupt problem on uni-processor machines. [ Ian Campbell ] * Include Xen hypervisor in reportbug "related to" list. -- maximilian attems Mon, 05 Apr 2010 20:31:15 +0200 linux-2.6 (2.6.32-10) unstable; urgency=low * The "Big Bang" release [ maximilian attems] * tcp: fix ICMP-RTO war. * Add stable 2.6.32.10. - net/via-rhine: Fix scheduling while atomic bugs (closes: #549606) - HID: remove TENX iBuddy from blacklist (Closes: #551312) - USB: SIS USB2VGA DRIVER: support KAIREN's USB VGA adaptor USB20SVGA-MB-PLUS (Closes: #565857) * Bump ABI to 4. * [x86] Add openvz flavour. - adds ppp support (closes: #550975) * Prevent nouveau from autoloading until xserver-xorg-video-nouveau lands. [ Moritz Muehlenhoff ] * Enable CONFIG_KEYS_DEBUG_PROC_KEYS (Closes: #400932) * Amend README.source with documentation on how to generate a source tree with all patches applied (Closes: #509156) * Document needed packages for preparatory packaging steps (Closes: #548028) [ Aurelien Jarno ] * Fix signal stack alignement on sparc64 (Closes: #569797) [ Bastian Blank ] * Add support for Xen dom0 into its featureset. (Closes: #499745, #503857, #504805, #505545, #506118, #507785, #509085, #509733, #511963, #513835, #514511, #516223, #516374, #516635, #517048, #519586, #520702, #522452, #524571, #524596, #526695, #533132, #533432, #534880, #534978, #541227, #542299, #542614, #543489, #544525, #548345, #554564, #554621, #559175, #559634) * [alpha, amd64, i386, amd64, powerpc] Make all AGP driver built-in to workaround race-condition between DRM and AGP. [ Ben Hutchings ] * drm: Apply all changes from 2.6.33 and 2.6.33.1: - Add nouveau driver - i915: Fix disappearing mouse pointer (Closes: #551330) - i915: Restore video overlay support (Closes: #560033) - i915: Fix DDC on some systems by clearing BIOS GMBUS (Closes: #567747) - radeon: Enable KMS support * qla2xxx: Disable MSI/MSI-X on some chips or as selected by module parameter (Closes: #572322) - MSI is disabled on QLA24xx chips other than QLA2432 (MSI-X already was) - MSI-X is disabled if qlx2enablemsix=2 - MSI and MSI-X are disabled if qlx2enablemsix=0 * [sparc64] Make prom entry spinlock NMI safe (Closes: #572442) * firmware: Correct copyright information and add source for CIS files * Fix first line of kernel-doc for a few functions so that they get valid manual pages * Remove /usr/include/drm from linux-libc-dev; let libdrm-dev provide it again * [x86] Enable rtl8192su driver using external firmware * [x86] Use libata-based drivers for most PATA controllers (Closes: #444182): - pata_triflex replaces triflex - pata_atiixp replaces atiixp - pata_ns87415 replaces ns87415 - pata_sc1200 replaces sc1200 - pata_cs5536 replaces cs5536 - pata_amd replaces amd74xx - pata_sis replaces sis5513 - pata_rz1000 replaces rz1000 - pata_efar replaces slc90e66 - pata_pdc202xx_old replaces pdc202xx_old - pata_pdc2027x replaces pdc202xx_new - pata_cs5520 replaces cs5520 - pata_cs5530 replaces cs5530 - pata_cmd64x replaces cmd64x - pata_sil680 replaces siimage - pata_ali replaces alim15x3 - pata_via replaces via82cxxx - pata_serverworks replaces serverworks - pata_artop replaces aec62xx - pata_it821x replaces it821x - ata_piix, pata_oldpiix, pata_mpiix mostly replace piix - ata_generic, pata_ns87410, pata_netcell replace ide-pci-generic * linux-base: Add libata transition script * Hide sensitive information when including network configuration in bug reports and running a different kernel version [ Martin Michlmayr ] * Add some ARM patches from git: - Update mach types - eSATA SheevaPlug: basic board support - eSATA SheevaPlug: configure SoC SATA interface - eSATA SheevaPlug: correlate MPP to SD CD and SD WP * [armel/kirkwood] Enable MACH_ESATA_SHEEVAPLUG. -- maximilian attems Tue, 16 Mar 2010 23:39:05 +0100 linux-2.6 (2.6.32-9) unstable; urgency=high [ Ben Hutchings ] * Do not build obsolete lgs8gl5 driver * [x86] Enable USB IP drivers (Closes: #568903) * Ignore failure of lsusb when gathering information for bug reports (Closes: #569725) * macvlan: Add bridge, VEPA and private modes (Closes: #568756) * [sparc] sunxvr500: Support Intergraph graphics chips again (Closes: #508108) * sfc: Apply fixes from 2.6.33 * ath9k: Add support for AR2427 * fs/exec.c: fix initial stack reservation (regression in 2.6.32.9) [ maximilian attems] * Postinst don't refercence k-p related manpage. (closes: #542208) * Postinst only write kernel-img.conf for palo boxes. * Enable VT_HW_CONSOLE_BINDING for unbinding efifb. (closes: #569314) * hwmon: Add driver for VIA CPU core temperature. * wireless: report reasonable bitrate for MCS rates through wext. * efifb: fix framebuffer handoff. (bugzilla.k.o #15151) * Add stable 2.6.32.9: - drm/i915: Fix DDC on some systems by clearing BIOS GMBUS setup. (closes: #567747) - futex: Handle futex value corruption gracefully. (CVE-2010-0623) - futex_lock_pi() key refcnt fix. (CVE-2010-0623) - Staging: fix rtl8187se compilation errors with mac80211. (closes: #566726) * r8169 patch for rx length check errors. (CVE-2009-4537) * vgaarb: fix incorrect dereference of userspace pointer. * Bump ABI to 3. * drm/i915: give up on 8xx lid status. * vgaarb: fix "target=default" passing. * drm/radeon: block ability for userspace app to trash 0 page and beyond. (closes: #550562) [ Bastian Blank ] * Restrict access to sensitive SysRq keys by default. * debian/rules.real: Install arch specific scripts. [ Moritz Muehlenhoff ] * Set source format to 1.0 [ Martin Michlmayr ] * [armel/iop32x] Enable ARCH_IQ80321 and ARCH_IQ31244 (Thanks Arnaud Patard). * [armel/kirkwood] Disable MTD_NAND_VERIFY_WRITE to avoid errors with ubifs on OpenRD (Thanks Gert Doering) (Closes: #570407) * OpenRD-Base: allow SD/UART1 selection (Closes: #571019) * D-Link DNS-323 revision A1: implement power LED (Closes: 503172). -- maximilian attems Wed, 24 Feb 2010 17:06:27 +0100 linux-2.6 (2.6.32-8) unstable; urgency=high [ Bastian Blank ] * Don't let default compiler flags escape into build. [ dann frazier ] * KVM: PIT: control word is write-only (CVE-2010-0309) * Fix potential crash with sys_move_pages (CVE-2010-0415) [ Ben Hutchings ] * Build lgs8gxx driver along with cxusb (Closes: #568414) * Revert incorrect change to powerpc clocksource setup (Closes: #568457) * Add stable release 2.6.32.8: - Remove TIF_ABI_PENDING bit from x86, sparc & powerpc, fixing 32-bit userland/64-bit kernel breakage (Closes: #568416) - connector: Delete buggy notification code. (CVE-2010-0410) * [x86] KVM: Add IOPL/CPL checks to emulator, to prevent privilege escalation within a guest. (CVE-2010-0298, CVE-2010-0306) [ Martin Michlmayr ] * Implement power-off for D-Link DNS-323 rev B1 and fix the blinking power LED (Erik Benada) (Closes: #503172). [ Aurelien Jarno ] * Enable CONFIG_FB_CIRRUS and CONFIG_LOGO on 4kc-malta and 5kc-malta. -- Ben Hutchings Thu, 11 Feb 2010 02:17:17 +0000 linux-2.6 (2.6.32-7) unstable; urgency=low [ maximilian attems] * [x86] Disable deprecated X86_CPU_DEBUG, causes boot failures. * Newer Standards-Version 3.8.4 without changes. [ Ben Hutchings ] * clocksource/events: Fix fallout of generic code changes (Closes: #568030) * Set ABI to 2. [ dann frazier ] * Disable FUNCTION_TRACER due to performance/build issues. (Closes: #568025) * Split 'flush_old_exec' into two functions (CVE-2010-0307) -- dann frazier Wed, 03 Feb 2010 18:35:21 -0700 linux-2.6 (2.6.32-6) unstable; urgency=high [ Ben Hutchings ] * Documentation/3c509: document ethtool support (Closes: #564743) * Add MODULE_FIRMWARE declarations to several drivers that lacked them * [x86] Update rt2860sta/rt2870sta firmware loader patch - Accept 8K versions of rt2870.bin - Fix hang on resume * [x86] Enable rt3090sta using firmware loader * Add stable release 2.6.32.4: - untangle the do_mremap() mess (CVE-2010-0291) - fasync: split 'fasync_helper()' into separate add/remove functions (CVE-2009-4141) - kernel/signal.c: fix kernel information leak with print-fatal-signals=1 (CVE-2010-0003) - netfilter: ebtables: enforce CAP_NET_ADMIN (CVE-2010-0007) - quota: Fix dquot_transfer for filesystems different from ext4 (Closes: #566532) - audit: Fix memory management bugs (Closes: #562815) + fix braindamage in audit_tree.c untag_chunk() + fix more leaks in audit_tree.c tag_chunk() - ipv6: skb_dst() can be NULL in ipv6_hop_jumbo(). (CVE-2010-0006) - Fix DMA mapping for i915 driver (Closes: #558237, #567352) + drm: remove address mask param for drm_pci_alloc() + agp/intel-agp: Clear entire GTT on startup * e1000,e1000e: Discard all fragments of received over-length packets (CVE-2009-4536, CVE-2009-4538) * Enable the '686' configuration options in '686-vserver' packages and the '686-bigmem' configuration options in '686-bigmem-vserver' packages (Closes: #566213) * Add stable release 2.6.32.5: - inotify: do not reuse watch descriptors (Closes: #561880) - megaraid_sas: remove sysfs poll_mode_io world writeable permissions (CVE-2009-3939) (Closes: #562975) * Force distribution=UNRELEASED in debian/bin/test-patches so that it works in released source packages * Add stable release 2.6.32.6 * postinst: Enable escape sequences in debconf notes (Closes: #566539) * Add 3w-sas driver for LSI 3ware 9750 SAS controllers * aufs2: Update to snapshot from 2010-01-25 (Closes: #567391) * cdc_ether: Do not set link down initially; not all devices send link change interrupts (Closes: #567689) * Add stable release 2.6.32.7: - clockevent: Don't remove broadcast device on halt or CPU hotplug (Closes: #566547) * sfc: Apply fixes from 2.6.33-rc{5,6} * Set ABI to 1. [ Ian Campbell ] * xen: Enable up to 32G of guest memory on i386. [ Julien Cristau ] * drm/i915: disable powersave by default (closes: #564807) [ Bastian Blank ] * Enable all NCP file system options. * [amd64] Make AGP support again built-in to fullfill the not completely documented dependency with GART IOMMU support. (closes: #561552) * Enable dynamic minor allocations for ALSA, DVB and USB. (closes: #510593) [ maximilian attems ] * [topconfig] set MEMORY_FAILURE, 9P_FSCACHE, INFINIBAND_IPOIB_CM (closes: #565494), ITCO_VENDOR_SUPPORT (closes: #525232), PCIEASPM (closes: #545417), HWPOISON_INJECT. * Enable easier debugging of Power Managment code. (closes: #478315) * Pass `DEB_MAINT_PARAMS' to hook scripts. (closes: #563161) * Enable more mobile IPv6 needs. (closes: #528834) [ dann frazier ] * [vserver] explicitly disable CFS_HARD_LIMITS * Enable FUNCTION_TRACER and STACK_TRACER (Closes: #563847) -- Ben Hutchings Sun, 31 Jan 2010 23:09:28 +0000 linux-2.6 (2.6.32-5) unstable; urgency=low [ Ben Hutchings ] * sfc: Apply fixes from 2.6.33-rc3 * ath5k: Fix eeprom checksum check for custom sized eeproms (Closes: #563136) [ maximilian attems ] * topconfig unset USB_ISP1362_HCD FTBFS on armel and useless. (closes: #564156) * topconfig set PATA_ATP867X, PATA_RDC, SND_CS5535AUDIO, PM_RUNTIME, ATA_VERBOSE_ERROR, RTC_DRV_WM831X, RTC_DRV_PCF2123, RTC_DRV_AB3100, SND_HDA_PATCH_LOADER, DEVTMPFS (closes: #560040). * [x86] set RTL8192E, TOPSTAR_LAPTOP, I2C_SCMI. * Explicitly disable diverse staging drivers. -- Ben Hutchings Sun, 10 Jan 2010 03:22:23 +0000 linux-2.6 (2.6.32-4) unstable; urgency=low [ Ben Hutchings ] * Correct comments referring to dpkg --print-installation-architecture in maintainer scripts (Closes: #558077) * modules: Skip empty sections when exporting section notes (Closes: #563036) * via-velocity: Give RX descriptors to the NIC later on open or MTU change (Closes: #508527) * dmfe/tulip: Let dmfe handle DM910x except for SPARC on-board chips (Closes: #515533) * Add stable release 2.6.32.3: - ath5k: fix SWI calibration interrupt storm (may fix #563466) - iwl3945: disable power save (Closes: #563693) - rt2x00: Disable powersaving for rt61pci and rt2800pci (may fix #561087) [ maximilian attems ] * topconfig set CAN_EMS_USB, BT_MRVL, BT_MRVL_SDIO, BE2ISCSI, SCSI_PMCRAID, SCSI_BFA_FC, USB_GL860, USB_GSPCA_JEILINJ, I2C_SI4713, RADIO_SI4713, RADIO_SI470X, DVB_USB_FRIIO, EDAC_I3200, SENSORS_TMP421, SENSORS_WM8350, SBC_FITPC2_WATCHDOG, TOUCHSCREEN_MCS5000, UIO_PCI_GENERIC, KSZ8842, KS8851, KS8851_MLL, MISDN_AVMFRITZ, MISDN_SPEEDFAX, MISDN_INFINEON, MISDN_W6692, MISDN_NETJET, INPUT_WINBOND_CIR, BATTERY_DS2782, MFD_WM831X, MFD_MC13783, MTD_SST25L, TOUCHSCREEN_USB_E2I, INPUT_WM831X_ON, SENSORS_WM831X, WM831X_WATCHDOG, AB3100_OTP, REGULATOR_WM831X, REGULATOR_MC13783, REGULATOR_AB3100, REGULATOR_TPS65023, REGULATOR_TPS6507X, VIDEO_SAA7164, DVB_PT1, BACKLIGHT_WM831X, SND_HDA_CODEC_CIRRUS, USB_ISP1362_HCD, LEDS_WM831X_STATUS, MTD_ONENAND_GENERIC, B43_SDIO, B43_PHY_LP, KEYBOARD_ADP5588, QT2160, KEYBOARD_LM8323, KEYBOARD_MAX7359, KEYBOARD_OPENCORES, MOUSE_PS2_SENTELIC, WM831X_POWER. * [x86] set ACPI_POWER_METER, ACPI_PROCESSOR_AGGREGATOR, SFI, EDAC_DECODE_MCE. * Set MOUSE_PS2_ELANTECH for various EeePc. (closes: #522920) [ dann frazier ] * Fix vserver build on ia64 (Closes: #563356) * Fix vserver build on s390 (Closes: #563355) [ Martin Michlmayr ] * Report model information on armel when filing a bug. * ARM: Add an earlyprintk debug console (Catalin Marinas) * [armel] Enable EARLY_PRINTK. -- Ben Hutchings Thu, 07 Jan 2010 03:33:39 +0000 linux-2.6 (2.6.32-3) unstable; urgency=high * The "Not a Suitable Christmas Present" release [ Martin Michlmayr ] * [armel/orion5x] Build MTD_CFI_AMDSTD into the kernel again since it's needed on the D-Link DNS-323 (thanks Manuel Roeder). (Closes: #562205) [ dann frazier ] * Input: ALPS - add support for touchpads with 4-directional button * Input: ALPS - add interleaved protocol support (Dell E6x00 series) (Closes: #561589) * Re-enable vserver [ Ben Hutchings ] * sfc: Apply changes from 2.6.33-rc1 adding support for SFC9000 family * Add stable release 2.6.32.2: - KVM: x86 emulator: limit instructions to 15 bytes (CVE-2009-4031) - hfs: fix a potential buffer overflow (CVE-2009-4020) * radeon: fix crtc vblank update for r600 (regression in 2.6.32.2) * ia64: Include header in ; fixes FTBFS * r8169: Allow RTL8168D v1 and v2 to be used without firmware files (Closes: #561309) * Enable vmxnet3 (VMware guest paravirt net driver) (Closes: #562046) -- Ben Hutchings Thu, 24 Dec 2009 04:28:55 +0000 linux-2.6 (2.6.32-2) unstable; urgency=high [ Bastian Blank ] * Allow memory hot-add and -remove if possible. * Enable USB suspend. * Enable kernel samepage merging. (closes: #558200) * [s390] - Enable SECCOMP. - Enable z/VM Watchdog Timer. [ Moritz Muehlenhoff ] * Disable cryptoloop (Closes: #559755) * Initial work on a README.source file as suggested by current policy [ Ben Hutchings ] * aufs2: Update to snapshot from 2009-12-05 * postinst: Fix failure paths in check for missing firmware (Closes: #560263) * atl1c: Fix system hang when link drops (Closes: #559577) * netfilter: xtables: fix conntrack match v1 ipt-save output (Closes: #556587) [ Aurelien Jarno ] * Add support for the sparc64 architecture. [ dann frazier ] * Add stable release 2.6.32.1: - ext4: Fix double-free of blocks with EXT4_IOC_MOVE_EXT (CVE-2009-4306) - ext4: avoid divide by zero when trying to mount a corrupted file system (CVE-2009-4307) - ext4: Fix insufficient checks in EXT4_IOC_MOVE_EXT (CVE-2009-4131) -- Ben Hutchings Wed, 16 Dec 2009 21:42:49 +0000 linux-kbuild-2.6 (2.6.32-1) unstable; urgency=low [ Ben Hutchings ] * New upstream version. (closes: #560090) * Include new script module-common.lds, thanks to Zoran Dzelajlija. [ Bastian Blank ] * Move contents of linux-kbuild package to /usr/lib. -- Bastian Blank Fri, 11 Dec 2009 16:16:12 +0100 linux-2.6 (2.6.32-1) unstable; urgency=low * New upstream release candidate: - Fixes wifi with rt73usb (Closes: #555640) [ Martin Michlmayr ] * [armel/kirkwood] Turn on USB_SUSPEND (on the request of a SheevaPlug user). * [mips/4kc-malta, mips/5kc-malta] Compile USB as a module rather than into the kernel. [ Bastian Blank ] * Enable PCI_MSI. * [powerpc] Properly enable Apple PMU battery. * [mips/mipsel] Drop remaining OSS drivers. * [powerpc] Enable PCIe support. * Move contents of linux-support package to /usr/share. * Make linux-patch package depend against python. * Use python-support instead of python-central. * Always enable software watchdog support. * Always enable complete USB mass storage support. * [amd64, powerpc, sparc] Build USB support as module. * [amd64] Build AGP support as module. * Always enable dummy net driver support. * Drop linux-tree package, it have no users left. [ Ben Hutchings ] * Re-enable accidentally omitted drivers, thanks to Uwe Kleine-König (Closes: #558011): - Atheros wireless drivers (ar9170, ath5k, ath9k) - TI wl12xx wireless drivers (wl1251_spi, wl1251_sdio and wl1271 replace wl12xx) - Silicon Labs Si470x FM Radio Receiver driver (radio-usb-si470x) * Add 'removable' option to the mmc module. Setting this to 0 causes MMC/SD cards to be assumed non-removable, and filesystems on them will remain mounted over a suspend/resume cycle. (Closes: #504391) * Add MODULE_FIRMWARE declarations to many drivers that lacked them, so that missing firmware will be reported automatically during upgrades * atl1e: Remove broken implementation of TSO for TCP/IPv6 (Closes: #558426) and allow other hardware offloads to be disabled in case they are also buggy * usbnet: Set link down initially for drivers that update link state (Closes: #444043) * aufs2: Update to snapshot from 2009-11-29 * i915: Enable auto-loading even though CONFIG_DRM_I915_KMS is not set [ dann frazier ] * mac80211 (CVE-2009-4026, CVE-2009-4027): - fix two remote exploits - fix spurious delBA handling -- Bastian Blank Sun, 06 Dec 2009 18:17:39 +0100 linux-2.6 (2.6.32~rc8-1~experimental.1) unstable; urgency=low [ Ben Hutchings ] * New upstream release candidate. - slip: Clean up create and destroy (Closes: #408635) - signal: Fix alternate signal stack check (Closes: #544905) * README.Debian: Add brief information about building specific binary packages (Closes: #546182) * lgs8gxx: Remove firmware for lgs8g75 and use request_firmware() to load it * r8169: Remove firmware for RTL8168D v1 and v2 and use request_firmware() to load it * DocBook: Fix build breakage * Hide WPA authentication parameters and comments when including network configuration in bug reports [ Bastian Blank ] * [mips] Don't force EMBEDDED on. * [sparc] Don't builtin Ext2 support. * Enable PERF_EVENTS, EVENT_PROFILE, CRYPTO_VMAC, CRYPTO_GHASH, TREE_RCU. * Use SLUB as default SLAB allocator. [ Martin Michlmayr ] * [armel] Make some options modular (since there's no reason for them to be built in): FTL, NFTL, MTD_CFI_AMDSTD, MTD_CFI_STAA. * [armel/orion5x, armel/kirkwood] Enable ISDN (requested by Markus Krebs). * Add patch from Albin Tonnerre to add HAVE_KERNEL_LZMA to arm. * [armel] Enable KERNEL_LZMA, i.e. compress kernels with lzma to get much better compression. * [armel] Re-enable options that were turned off recently because of size constraints: DEBUG_USER, DEBUG_KERNEL, BOOT_TRACER, ARM_UNWIND, BLK_DEV_IO_TRACE and SECURITY_SELINUX. [ maximilian attems ] * Simplify postinst nuke reverse symlinks handling. Patch from Sebastian Andrzej Siewior . -- Bastian Blank Sat, 21 Nov 2009 21:41:45 +0100 linux-2.6 (2.6.31-2) unstable; urgency=low [ Martin Michlmayr ] * [armel/orion5x, armel/kirkwood] Make sure VGA_CONSOLE is disabled, otherwise the kernel won't boot. * [armel/kirkwood] Enable CRYPTO_DEV_MV_CESA (Closes: #552270). * [armel/kirkwood, armel/orion5x] Enable ORION_WATCHDOG (the name of the config variable changed). * Add OpenRD-Client support again. * Add QNAP TS-41x support. * [armel/orion5x, armel/kirkwood] Enable ISDN (requested by Markus Krebs). * Fix a build failure of the ISDN hisax elsa driver on ARM. * mips: fix build of vmlinux.lds (Closes: #552422). [ Ben Hutchings ] * postinst: Accept absolute paths in modules.dep generated by the lenny version of module-init-tools (Closes: #552610) * aufs2: Remove incorrect static assertion (Closes: #554120) * Add stable release 2.6.31.6: - fs: pipe.c null pointer dereference (CVE-2009-3547) - KEYS: get_instantiation_keyring() should inc the keyring refcount in all cases (CVE-2009-3624) - netlink: fix typo in initialization (CVE-2009-3612) * Undo PCMCIA ABI change in 2.6.31.6 * Hide wireless keys and wake-on-LAN password when including network configuration in bug reports * Add Geode LX/NX to list of 686-class processors [ Bastian Blank ] * [powerpc] Remove SMP warning from PowerMac cpufreq (Closes: #554124) [ maximilian Attems ] * Really fix making a debian kernel installable without kernel-img.conf. Thanks for patch to Sebastian Andrzej Siewior . (closes: #555093). -- Ben Hutchings Sun, 15 Nov 2009 18:47:49 +0000 linux-kbuild-2.6 (2.6.31.2-1) unstable; urgency=low * Upload to unstable. -- Ben Hutchings Sun, 25 Oct 2009 18:38:44 +0000 linux-2.6 (2.6.31-1) unstable; urgency=low [ Ben Hutchings ] * Include aufs2, marked as staging (Closes: #541828) * Include speakup modules under staging * Add stable release 2.6.31.5 * [x86_64] Enable NUMA_EMU (Closes: #541389) [ Martin Michlmayr ] * CPUidle: always return with interrupts enabled. * [armel/orion5x, armel/kirkwood] Enable FB since some Kirkwood machines have a VGA chip (e.g. OpenRD-Client) and because it's possible to use a DisplayLink USB virtual graphics adapter. [ maximilian attems ] * [alpha] Disable SND_MIXART, causes gcc ICE. * [x86] Enable modular X86_MCE_INJECT. * [x86_32] Set LSM_MMAP_MIN_ADDR to zero to unbreak dosemu and 16-bit Wine, ia64 and x86_64 to 65536 otherwise default to 32768. * Unset UEVENT_HELPER_PATH to save some boot cycles. [ Bastian Blank ] * Set ABI to 1. * Enable Apple PMU battery. (closes: #544264) -- Bastian Blank Sat, 24 Oct 2009 19:17:30 +0200 linux-kbuild-2.6 (2.6.31.2-1~experimental.1) experimental; urgency=low [ Bastian Blank ] * New upstream version. [ Ben Hutchings ] * Include new script gcc-x86_32-has-stack-protector.sh. * Add myself to Uploaders. * New upstream version (2.6.31.2). -- Ben Hutchings Sat, 17 Oct 2009 23:05:27 +0100 linux-2.6 (2.6.31-1~experimental.2) experimental; urgency=low [ Ben Hutchings ] * Include more information in bug reports: - Model information - Firmware package status - Network configuration and status (optional) - USB device list * nfs: Avoid overrun when copying client IP address string (Closes: #549002) * Add support for DEB_BUILD_OPTIONS=parallel=N (Closes: #458560) * sfc: Fix initial link state * Improve package descriptions - Clarify the differences between i386 flavours (Closes: #414690) - Simplify wording of the description template * Add stable release 2.6.31.3 * Remove /usr/include/scsi from linux-libc-dev; these headers are provided by libc6-dev (Closes: #550130) * Remove dummy dot-files from linux-libc-dev * hfsplus: Refuse to mount volumes larger than 2TB, which may otherwise be corrupted (Closes: #550010) * Add stable release 2.6.31.4 - x86: Don't leak 64-bit kernel register values to 32-bit processes (CVE-2009-2910) - appletalk: Fix skb leak when ipddp interface is not loaded (CVE-2009-2903) [ maximilian attems ] * Add stable release 2.6.31.2 - ax25: Fix signed comparison in the sockopt handler (CVE-2009-2909) - PM / yenta: Fix cardbus suspend/resume regression (Closes: #522828) [ dann frazier ] * [sparc] build zImage by default, fixes build * [ia64] Fix call to elilo in postinst -- maximilian attems Mon, 12 Oct 2009 23:54:52 +0200 linux-2.6 (2.6.31-1~experimental.1) experimental; urgency=low * New upstream release. - Support for W83627DHG-P (closes: #535646). - Restore MAC address and MTU change operations on Orinoco and others (Closes: #536455) - Remove incorrect ACPI blacklisting of ASUS P4B266 mainboards (Closes: #525625) - atl1c fixes for Eee PC model 1005HA-H. (closes: #538410) - parisc64-smp boot fix on J5600. (closes: #539369) - parisc: Fix GOT overflow during module load on 64bit kernel (closes: #539378) - xfs: fix freeing of inodes not yet added to the inode cache (Closes: #527517) - IPv6: add "disable" module parameter support to ipv6.ko. (closes: #542470) - IPv6: avoid wraparound for expired preferred lifetime (Closes: #518710) - Fixes lockups with older dual-CPU machines (Closes: #542551) - x86, pat: Allow ISA memory range uncacheable mapping requests (Closes: #538159) - drm/i915: Hook connector to encoder during load detection (Closes: #522358) - module: workaround duplicate section names (Closes: #545229) - b43: Add fw capabilities (Closes: #533357) - procfs: Fix idle time in uptime (Closes: #545981) - e1000, e1000e, igb, ixgb, ixgbe: Fix initial link state (Closes: #546041) - CIFS: Handle port= mount option correctly (Closes: #524142) - i915: Prevent screen flickering in X11 (Closes: #545377) - hppa: Ensure broadcast tlb purge runs single threaded (Closes: #539215) [ maximilian attems ] * [powerpc64] Enable modular RTC_DRV_PS3, PS3_VRAM. (Closes: #528694) * Set new NETFILTER_XT_MATCH_OSF, FIREWIRE_NET, SND_CTXFI, USB_XHCI_HCD, IEEE802154, CAN_DEV, EEPROM_MAX6875, DM_LOG_USERSPACE, DM_MULTIPATH_QL, DM_MULTIPATH_ST, LIBERTAS_SPI, CAN_SJA1000, CAN_SJA1000_PLATFORM, CAN_EMS_PCI, CAN_KVASER_PCI, CB710_CORE, CNIC, RT2800USB, USB_NET_INT51X1, SND_LX6464ES, BLK_DEV_OSD, SCSI_BNX2_ISCSI, IWM, IEEE802154_DRIVERS, TOUCHSCREEN_EETI, TOUCHSCREEN_W90X900, BATTERY_MAX17040, SENSORS_TMP401, REGULATOR_USERSPACE_CONSUMER, REGULATOR_MAX1586, REGULATOR_LP3971, MEDIA_SUPPORT, CUSE, WL12XX, PPS, AB3100_CORE, SND_HDA_INPUT_JACK,MMC_SDHCI_PLTFM, MMC_CB710, MMC_VIA_SDMMC, LEDS_LP3944, RTC_DRV_RX8025, SMARTJOYPLUS_FF, USB_CDC_PHONET, USB_GSPCA_SN9C20X, MOUSE_SYNAPTICS_I2C, PCIEAER_INJECT. * Disable v4l1 ov511 and quickcam_messenger drivers. * [x86_64] Enable HW_RANDOM_VIA. * [x86] Keep divers staging stuff enabled. * [x86] Enable RT3070, COMEDI_PCMCIA_DRIVERS, ACERHDF, EDAC_AMD64, XEN_DEV_EVTCHN, XEN_SYS_HYPERVISOR, PERF_COUNTERS, CC_STACKPROTECTOR, DEFAULT_MMAP_MIN_ADDR=65536. * rtl8192su: remove firmware and disable. * Newer Standards-Version 3.8.2 without changes. * Allow install in chroot without do_initrd check for piuparts. * Cleanup Maintainer scripts from ancient pre linux-2.6 assumptions. (Also closes: #536333) * Disable DEVKMEM. * [ppc, sparc] Enable EFI_PARTITION. (closes: #540486) * Disable old USB_DEVICE_CLASS. (Closes: #510279) * Drop yaird initramfs generator support. * Add stable release 2.6.31.1. * Enable PREEMPT_VOLUNTARY. [ Ben Hutchings ] * mga: remove unnecessary change from firmware-loading patch * cxgb3: remove PHY firmware and use request_firmware() to load it * Add firmware-linux-free package containing DFSG-free firmware * av7110: include firmware source and binary * snd-cs46xx: reenable using external firmware (closes: #464197, but note that Debian cannot currently distribute the firmware), thanks to Kalle Olavi Niemitalo * ib_ipath: remove firmware for QLogic IBA7220 and use request_firmware() to load it * dvb-usb-af9005: remove initialisation script derived from Windows driver and use request_firmware() to extract it at run-time (closes: #494119) * Add warning on upgrade to a new upstream version where the system appears to be missing necessary firmware files (closes: #541702) * qla1280: Release spinlock when requesting firmware (closes: #543244) * r128: Add test for initialisation to all ioctls that require it (closes: #541630) * rt{2860,2870,3070}sta: Use existing CCITT CRC implementation on firmware rather than adding an equivalent variant of ITU-T CRC * rd: Build as a module since we do not require initrd support * x86: Fix crash in text_poke_early() on 486-class processors (Closes: #515982) * intel-agp: Fix cache flushing on i8xx chipsets, avoiding graphics corruption and GPU lock-ups (Closes: #541307) * Generate architecture-qualified package relations as needed for flavours that exist for multiple architectures (Closes: #278729) * Prompt bug reporters to run the kernel version they're reporting on or otherwise record boot messages * Include PCI device list in bug reports even if the running kernel doesn't match [ Martin Michlmayr ] * [armel/orion5x, armel/kirkwood] Set GPIO_SYSFS=y since these platforms have been converted to GPIOLIB. * [armel/orion5x, armel/kirkwood] Disable MARVELL_PHY since it may lead to conflicts with the built-in Ethernet. * Add features from 2.6.32: - crypto: mv_cesa - Add support for Orion5X crypto engine * [armel/orion5x] Enable CRYPTO_DEV_MV_CESA. * Disable SYS_HAS_EARLY_PRINTK on SGI IP22 to work around a hang during bootup (Closes: #507557) * [armel] Enable BPQETHER (on the request of Iain Young) and some other AX25 drivers. [ Bastian Blank ] * Disable staging drivers by default. * Force all bugs against images to be reported to linux-2.6. (closes: #539176) * [arm] Remove old arm architecture. * Use kernel architecture for libc-dev build. [ Moritz Muehlenhoff ] * Fix Linus' name in copyright file (Closes: #530620) * More verbose explanation on difference between Alpha flavour (Closes: #497230) * Add Vcs-Svn and Vcs-Browser stanzas pointing to the SVN branch used for development in unstable. There are other branches used for experimental (trunk), oldstable and stable, but Vcs-* doesn't yet provide the ability to distinguish branches in a more fine-grained manner. (Closes: #471495) * Update Standards-Version to 3.8.3, no changes needed * Disable PROM console support (Closes: #525958) * Make the description of linux-support a little more verbose (Closes: #400825) * This upload fixes the following security issues: - CVE-2009-3290 (2.6.31) - CVE-2009-3288 (2.6.31.1) - CVE-2009-3280 (2.6.31.1) - CVE-2009-3234 (2.6.31.1) - CVE-2009-3043 (2.6.31) - CVE-2009-3002 (2.6.31) - CVE-2009-3001 (2.6.31) - CVE-2009-2844 (2.6.31) - CVE-2009-2695 (2.6.31) - CVE-2009-2691 (2.6.31) [ dann frazier ] * n_tty: Fix echo race * [ia64] Stop disabling CONFIG_HOTPLUG_CPU, which was blocking CONFIG_KEXEC from being enabled * [hppa] Disable CONFIG_AB3100_CORE, it fails to build -- maximilian attems Sun, 04 Oct 2009 20:27:05 +0200 linux-2.6 (2.6.30-8) unstable; urgency=low [ Martin Michlmayr ] * Disable SYS_HAS_EARLY_PRINTK on SGI IP22 to work around a hang during bootup (Closes: #507557) * module: workaround duplicate section names to fix a panic on boot on hppa (Closes: #545229). * Add stable release 2.6.30.8. * [armel/kirkwood] Add Marvell OpenRD-Client support (Dhaval Vasa). Thanks Stefan Kaltenbrunner. -- Bastian Blank Fri, 25 Sep 2009 23:47:56 +0200 linux-2.6 (2.6.30-7) unstable; urgency=low [ Martin Michlmayr ] * [armel/kirkwood] Enable eSATA on QNAP TS-219P (John Holland). * [armel/kirkwood] Marvell OpenRD-Base board support (Dhaval Vasa). * [armel/kirkwood] Initialise SATA for OpenRD-Base (Ron Lee). * [armel/kirkwood] Enable SATA_AHCI. [ Ben Hutchings ] * qla1280: Release spinlock when requesting firmware (closes: #543244) * r128: Add test for initialisation to all ioctls that require it (closes: #541630) * [i386] Fix crash in text_poke_early() on 486-class processors (Closes: #515982) * intel-agp: Fix cache flushing on i8xx chipsets, avoiding graphics corruption and GPU lock-ups (Closes: #541307) * [i386] Allow ISA memory range uncacheable mapping requests (Closes: #538159) * Fix idle time in /proc/uptime (Closes: #545981) * e1000, e1000e, igb, ixgb, ixgbe, sfc: Fix initial link state (Closes: #546041) [ Bastian Blank ] * Add stable release 2.6.30.5. - drm/i915: Hook connector to encoder during load detection (fixes tv/vga detect) (Closes: #522358) * Add stable release 2.6.30.6. - x86: Fix lock-up on SMP Pentium Pro, Pentium 2, Pentium 3, and Athlon MP systems (Closes: #542551) - NET: Fix information leaks from getsockname() (CVE-2009-3001, CVE-2009-3002) - iwl3945/rfkill: Reenable radio when hardware switch turned back on (Closes: #530554) * Bump ABI to 2. * Apply missing fixes: - block: fix sg SG_DXFER_TO_FROM_DEV regression. - sched_rt: Fix overload bug on rt group scheduling. * Add stable release 2.6.30.7. * [sparc] Disable PROM console. (closes: #525958) -- Bastian Blank Wed, 16 Sep 2009 17:23:13 +0200 linux-2.6 (2.6.30-6) unstable; urgency=high [ Bastian Blank ] * Set default low address space protection to default value. [ dann frazier ] * Make sock_sendpage() use kernel_sendpage() (CVE-2009-2692) * flat: fix uninitialized ptr with shared libs * [parisc] isa-eeprom - Fix loff_t usage * do_sigaltstack: avoid copying 'stack_t' as a structure to user space * posix-timers: Fix oops in clock_nanosleep() with CLOCK_MONOTONIC_RAW -- Bastian Blank Sat, 15 Aug 2009 15:50:02 +0200 linux-2.6 (2.6.30-5) unstable; urgency=high [ maximilian attems ] * Add stable release 2.6.30.4. - cifs: fix regression with O_EXCL creates and optimize away lookup (closes: #536426) - ecryptfs: check tag 11 literal data buffer size (CVE-2009-2406) - ecryptfs: check tag 3 package encrypted size (CVE-2009-2407) * Ignore nf_conntrack ABI change. * Revert to keep ABI: - block: fix sg SG_DXFER_TO_FROM_DEV regression. - sched_rt: Fix overload bug on rt group scheduling. * [hppa]: Ignore any ABI (broke on 2.6.30.2). -- maximilian attems Mon, 03 Aug 2009 12:08:56 +0200 linux-2.6 (2.6.30-4) unstable; urgency=low [ Bastian Blank ] * Add stable release 2.6.30.2. * Fix pci access in x86 startup code. (closes: #537783) * Ignore ABI changes. * Include all plattform and mach specific headers on arm. [ maximilian attems ] * Add stable release 2.6.30.3. -- Bastian Blank Thu, 30 Jul 2009 11:55:11 +0200 linux-2.6 (2.6.30-3) unstable; urgency=low [ Bastian Blank ] * Build-Depend against cpio. (closes: #536196) [ Martin Michlmayr ] * [arm] Export __cpu_flush_dcache_page. [ Aurelien Jarno ] * [ia64] Fix asm/fpu.h includes. [ dann frazier ] * Fix NULL pointer dereference in tun_chr_pool() (CVE-2009-1897) * personality: fix PER_CLEAR_ON_SETID (CVE-2009-1895) * Add -fno-delete-null-pointer-checks to CFLAGS -- Bastian Blank Sat, 18 Jul 2009 10:00:01 +0200 linux-2.6 (2.6.30-2) unstable; urgency=low [ dann frazier ] * [powerpc] Use generic rtc (closes: #535354) * [parisc] - ensure broadcast tlb purge runs single threaded - fix ldcw inline assembler (closes: #535844) [ Bastian Blank ] * Add stable release 2.6.30.1: - KVM: x86: check for cr3 validity in ioctl_set_sregs (CVE-2009-2287) - ALSA: intel8x0 - Fix PCM position craziness (closes: #533780) - ide-cd: prevent null pointer deref via cdrom_newpc_intr (closes: #535342) * Ignore ABI changes. [ maximilian attems ] * [alpha] Add upstream smp buildfix. * [parisc] Disable vxge and niu. -- Bastian Blank Tue, 07 Jul 2009 14:45:43 +0200 linux-kbuild-2.6 (2.6.30-1) unstable; urgency=low * New upstream version. -- Bastian Blank Wed, 17 Jun 2009 16:49:57 +0200 linux-2.6 (2.6.30-1) unstable; urgency=low * New upstream release. - radeonfb: suspend/resume for ATI Mobility Radeon RV350. (closes: #506964) - tcp: fix MSG_PEEK race check (closes: #513695) - e100 fixes (closes: #527056) - mos7840: fix miscalculation of minor numbers (closes: #498293) - reiserfs update (closes: #531804) - bluetooth stack suspend/resume (closes: #508426, #529785) - e1000e: Remove mutex_trylock and associated WARN on failure (closes: #524699) [ maximilian attems ] * [sparc] Enable BLK_DEV_CRYPTOLOOP. (closes: #521829) * Enable PATA_JMICRON instead of legacy BLK_DEV_JMICRON. (closes: #431500, #458493) * Set new NILFS2, AT76C50X_USB, MWL8K, P54_SPI, AR9170_USB, NETFILTER_XT_MATCH_CLUSTER, RDS, SCSI_MPT2SAS, SCSI_OSD_INITIATOR, ETHOC, IGBVF, VXGE, TOUCHSCREEN_AD7877, SENSORS_ATK0110, NETFILTER_XT_TARGET_LED, 3C359, HW_RANDOM_TIMERIOMEM, SENSORS_G760A, SENSORS_LTC4215, SENSORS_LM95241, USB_GSPCA_MR97310A, USB_GSPCA_SQ905, USB_GSPCA_SQ905C, USB_PWC_INPUT_EVDEV, DVB_USB_CE6230, SND_INDIGOIOX, SND_INDIGODJX, USB_SERIAL_CP210X, USB_SERIAL_QUALCOMM, USB_SERIAL_SYMBOL, ISL29003, SERIAL_MAX3100, VIDEO_HDPVR, VIDEO_CX231XX, DRAGONRISE_FF, LEDS_LP5521, LEDS_DAC124S085, LEDS_BD2802, UIO_AEC, CRYPTO_ZLIB, REGULATOR_FIXED_VOLTAGE, NOP_USB_XCEIV, POHMELFS, FSCACHE, CACHEFILES, EXOFS, NFS_FSCACHE, AFS_FSCACHE, MTD_NAND_NANDSIM, STRIP_ASM_SYMS, FCOE_FNIC, USB_NET_CDC_EEM, PCI_IOV, ASYNC_TX_DMA, ROMFS_BACKED_BY_BOTH, DETECT_HUNG_TASK. * [amd64, i386] Set new DELL_WMI, EDAC_AMD8131, EDAC_AMD8111, X86_PAT, DMAR, X86_CPU_DEBUG, CRYPTO_AES_NI_INTEL, X86_X2APIC. * Newer Standards-Version 3.8.1 without changes. * xfs: fix freeing memory in xfs_getbmap(). [ Ben Hutchings ] * Remove firmware from drivers/staging (closes: #521553) - make rt2860sta and rt2870sta use request_firmware(), thanks to Darren Salt * Remove some sourceless firmware not included in Debian kernel images [ Martin Michlmayr ] * [mipsel/r5k-cobalt] Enable SCSI_SYM53C8XX_2 (closes: #526836). * [arm/iop32x, arm/ixp4xx, arm/orion5x] Turn off BOOT_TRACER, BLK_DEV_IO_TRACE, CONTEXT_SWITCH_TRACER, ARM_UNWIND and SECURITY_SELINUX because of size constraints. * [mips/sb1-bcm91250a] There is a platform PATA driver for SWARM IDE these days, so disable IDE and build in ATA, SCSI and BLK_DEV_SD. * [mips/sb1-bcm91250a, mips/sb1a-bcm91480b] Compile in SB1250_MAC and BROADCOM_PHY. * [mips/r4k-ip22] Enable NET_ISA and various ISA network modules on the request of Damian Dimmich since they might be useful on the SGI Indigo2. * Add patches from git.marvell.com: - alternative copy_to_user: more precise fallback threshold - lower overhead with alternative copy_to_user for small copies - Kirkwood: Add CPU idle driver - Kirkwood: clock gating for unused peripherals [ Aurelien Jarno ] * [mips(el)/sb1-bcm91250a] Set CONFIG_SCSI_AIC7XXX=y, it is needed on the build daemons. * topconfig set CONFIG_RD_GZIP, CONFIG_RD_BZIP2, CONFIG_RD_LZMA. [ Bastian Blank ] * [i386] Disable PentiumPro errata workaround. * [i386] Enable support for big SMP systems. * Disable OSS. * [s390] Use Sparse Memory layout. * [amd64, i386, powerpc, sparc] Make IPv6 support built-in. * Centralize Sound core options. * Centralize Power Management options. * Centralize CPU Frequency scaling options. * [sparc] Enable CPU Frequency scaling. * Enable Network console logging support. * [s390/s390x-tape] Add image. * [s390/s390, s390/s390-tape] Remove images. * [i386/486] Enable High Memory Support. * [i386] Allocate pagetables from High Memory. * [amd64, i386] Write protect kernel read-only data structures. * [amd64, i386] Make kernel relocatable. * Move images and headers into kernel section. [ dann frazier ] * Enable bnx2x, using firmware-split patches from net-next and mirroring the per-subarch config settings used for bnx2 -- Bastian Blank Sun, 14 Jun 2009 11:45:08 +0200 linux-2.6 (2.6.29-5) unstable; urgency=low [ dann frazier ] * [ia64] Backport rtc-efi driver from mainline [ maximilian attems ] * qla1280: Fix off-by-some error in firmware loading. (closes: #527265) [ Martin Michlmayr ] * Broadcom SB: fix locking in set_irq_affinity. * mmc: load mvsdio automatically when it's a platform device. * mmc: mvsdio: ignore high speed timing requests from the core * USB: ftdi_sio: add vendor/product id for the Marvell SheevaPlug. [ Bastian Blank ] * Add stable release 2.6.29.3: - ath9k: Fix FIF_BCN_PRBRESP_PROMISC handling - tracing: x86, mmiotrace: fix range test - sched: account system time properly - rndis_wlan: fix initialization order for workqueue&workers - mm: fix Committed_AS underflow on large NR_CPUS environment - Ignore madvise(MADV_WILLNEED) for hugetlbfs-backed regions - clockevents: prevent endless loop in tick_handle_periodic() - intel-iommu: Avoid panic() for DRHD at address zero. - intel-iommu: Fix oops in device_to_iommu() when devices not found. - intel-iommu: Fix device-to-iommu mapping for PCI-PCI bridges. - cs5536: define dma_sff_read_status() method - proc: avoid information leaks to non-privileged processes - ath5k: fix buffer overrun in rate debug code - mv643xx_eth: OOM handling fixes - mv643xx_eth: 64bit mib counter read fix - check_unsafe_exec: s/lock_task_sighand/rcu_read_lock/ - do_execve() must not clear fs->in_exec if it was set by another thread - check_unsafe_exec() doesn't care about signal handlers sharing - New locking/refcounting for fs_struct - Take fs_struct handling to new file (fs/fs_struct.c) - Get rid of bumping fs_struct refcount in pivot_root(2) - Kill unsharing fs_struct in __set_personality() - Annotate struct fs_struct's usage count restriction - fix setuid sometimes wouldn't - fix setuid sometimes doesn't - compat_do_execve should unshare_files - powerpc: Sanitize stack pointer in signal handling code - ACPI: Revert conflicting workaround for BIOS w/ mangled PRT entries - USB: serial: fix lifetime and locking problems - ptrace: ptrace_attach: fix the usage of ->cred_exec_mutex - kbuild: fix Module.markers permission error under cygwin - pagemap: require aligned-length, non-null reads of /proc/pid/pagemap - drm/i915: allow tiled front buffers on 965+ - bio: fix memcpy corruption in bio_copy_user_iov() - PCI quirk: disable MSI on VIA VT3364 chipsets - ASoC: Fix offset of freqmode in WM8580 PLL configuration - x86/PCI: don't call e820_all_mapped with -1 in the mmconfig case - x86-64: fix FPU corruption with signals and preemption - drm/i915: add support for G41 chipset - unreached code in selinux_ip_postroute_iptables_compat() (CVE-2009-1184) - PCI: fix incorrect mask of PM No_Soft_Reset bit - exit_notify: kill the wrong capable(CAP_KILL) check (CVE-2009-1337) - crypto: ixp4xx - Fix handling of chained sg buffers - block: include empty disks in /proc/diskstats - b44: Use kernel DMA addresses for the kernel DMA API - virtio-rng: Remove false BUG for spurious callbacks - USB: Unusual Device support for Gold MP3 Player Energy - KVM: x86: release time_page on vcpu destruction - KVM: Fix overlapping check for memory slots - KVM: MMU: disable global page optimization - KVM: MMU: Fix off-by-one calculating large page count - mac80211: fix basic rate bitmap calculation - ALSA: us122l: add snd_us122l_free() - thinkpad-acpi: fix LED blinking through timer trigger - b43: Refresh RX poison on buffer recycling - b43: Poison RX buffers - mac80211: Fix bug in getting rx status for frames pending in reorder buffer - forcedeth: Fix resume from hibernation regression. * Ignore ABI change. [ Jurij Smakov ] * [sparc] Fix build -- Bastian Blank Sun, 17 May 2009 12:45:13 +0200 linux-2.6 (2.6.29-4) unstable; urgency=low [ maximilian attems ] * drm/i915: allow tiled front buffers on 965+. [ Martin Michlmayr ] * Extend erase timeout in M25P80 SPI Flash driver (Peter Horton). * Add driver for GMT G760A fan speed PWM controller chip. * [arm/orion5x] Enable SENSORS_G760A. * Add patches from git.marvell.com: - allow for alternative __copy_to_user/__clear_user implementations - alternative copy_to_user/clear_user implementation copy_user * [arm/orion5x, armel/kirkwood] Enable UACCESS_WITH_MEMCPY. * [MMC] give Sandisk/Kingston SDHC cards some slack before the SWITCH command. [ dann frazier ] * [parisc] Fix macro expansion in atomic.h fixing PHONET compilation issue * [parisc] reenable PHONET * Btrfs: fix __ucmpdi2 compile bug on 32 bit builds [ Stephen R. Marenka ] * [m68k] Add 2.6.29 patches. * [m68k] Enable RTC for aranym (2.6.29 solution). [ Bastian Blank ] * Add stable release 2.6.29.2: - Bonding: fix zero address hole bug in arp_ip_target list - skge: fix occasional BUG during MTU change - scsi: mpt: suppress debugobjects warning - hugetlbfs: return negative error code for bad mount option - NFS: Fix the XDR iovec calculation in nfs3_xdr_setaclargs - gso: Fix support for linear packets - agp: zero pages before sending to userspace - virtio: fix suspend when using virtio_balloon - Revert "console ASCII glyph 1:1 mapping" - Input: gameport - fix attach driver code - x86, PAT: Remove page granularity tracking for vm_insert_pfn maps - KVM: is_long_mode() should check for EFER.LMA - KVM: VMX: Update necessary state when guest enters long mode - KVM: fix kvm_vm_ioctl_deassign_device - KVM: MMU: handle compound pages in kvm_is_mmio_pfn - KVM: Reset PIT irq injection logic when the PIT IRQ is unmasked - KVM: Interrupt mask notifiers for ioapic - KVM: Add CONFIG_HAVE_KVM_IRQCHIP - KVM: Fix missing smp tlb flush in invlpg - USB: usb-storage: augment unusual_devs entry for Simple Tech/Datafab - USB: fix oops in cdc-wdm in case of malformed descriptors - USB: ftdi_sio: add vendor/project id for JETI specbos 1201 spectrometer - usb gadget: fix ethernet link reports to ethtool - x86: disable X86_PTRACE_BTS for now - SCSI: sg: fix q->queue_lock on scsi_error_handler path - SCSI: sg: avoid blk_put_request/blk_rq_unmap_user in interrupt - SCSI: sg: fix races with ioctl(SG_IO) - SCSI: sg: fix races during device removal - mm: pass correct mm when growing stack - pata_hpt37x: fix HPT370 DMA timeouts - hpt366: fix HPT370 DMA timeouts - powerpc: Fix data-corrupting bug in __futex_atomic_op - ALSA: hda - Fix the cmd cache keys for amp verbs - sfc: Match calls to netif_napi_add() and netif_napi_del() - tty: Fix leak in ti-usb - spi: spi_write_then_read() bugfixes - add some long-missing capabilities to fs_mask - hrtimer: fix rq->lock inversion (again) - x86: fix broken irq migration logic while cleaning up multiple vectors - sched: do not count frozen tasks toward load - dm kcopyd: fix callback race - dm kcopyd: prepare for callback race fix - posix-timers: fix RLIMIT_CPU && setitimer(CPUCLOCK_PROF) - posix-timers: fix RLIMIT_CPU && fork() - posixtimers, sched: Fix posix clock monotonicity - cap_prctl: don't set error to 0 at 'no_change' - SCSI: libiscsi: fix iscsi pool error path - SCSI: libiscsi: fix iscsi pool error path - sparc64: Fix bug in ("sparc64: Flush TLB before releasing pages.") - ALSA: hda - add missing comma in ad1884_slave_vols - splice: fix deadlock in splicing to file - netfilter: {ip, ip6, arp}_tables: fix incorrect loop detection - kprobes: Fix locking imbalance in kretprobes - acer-wmi: Blacklist Acer Aspire One - crypto: shash - Fix unaligned calculation with short length - net/netrom: Fix socket locking - af_rose/x25: Sanity check the maximum user frame size - dm table: fix upgrade mode race - dm: path selector use module refcount directly - dm target: use module refcount directly - dm snapshot: avoid having two exceptions for the same chunk - dm snapshot: avoid dropping lock in __find_pending_exception - dm snapshot: refactor __find_pending_exception - dm io: make sync_io uninterruptible - dm raid1: switch read_record from kmalloc to slab to save memory - vfs: skip I_CLEAR state inodes - dm: preserve bi_io_vec when resubmitting bios - ixgbe: Fix potential memory leak/driver panic issue while setting up Tx & Rx ring parameters - mm: do_xip_mapping_read: fix length calculation - mm: define a UNIQUE value for AS_UNEVICTABLE flag - sysctl: fix suid_dumpable and lease-break-time sysctls - cpumask: fix slab corruption caused by alloc_cpumask_var_node() - ide-atapi: start DMA after issuing a packet command - ide: drivers/ide/ide-atapi.c needs - V4L/DVB (10943): cx88: Prevent general protection fault on rmmod - r8169: Reset IntrStatus after chip reset - md/raid1 - don't assume newly allocated bvecs are initialised. - SCSI: sg: fix iovec bugs introduced by the block layer conversion - drm/i915: fix TV mode setting in property change - drm/i915: only set TV mode when any property changed - drm: Use pgprot_writecombine in GEM GTT mapping to get the right bits for !PAT. - drm/i915: check for -EINVAL from vm_insert_pfn - drm/i915: Check for dev->primary->master before dereference. - drm/i915: Sync crt hotplug detection with intel video driver - drm/i915: Read the right SDVO register when detecting SVDO/HDMI. - drm/i915: Change DCC tiling detection case to cover only mobile parts. - dock: fix dereference after kfree() - ACPI: cap off P-state transition latency from buggy BIOSes - x86, setup: mark %esi as clobbered in E820 BIOS call - tracing/core: fix early free of cpumasks - rt2x00: Fix SLAB corruption during rmmod - ext4: fix locking typo in mballoc which could cause soft lockup hangs - ext4: fix typo which causes a memory leak on error path - MIPS: Compat: Zero upper 32-bit of offset_high and offset_low. - PCI/x86: detect host bridge config space size w/o using quirks - ide: Fix code dealing with sleeping devices in do_ide_request() - fbdev: fix info->lock deadlock in fbcon_event_notify() - fbmem: fix fb_info->lock and mm->mmap_sem circular locking dependency - security/smack: fix oops when setting a size 0 SMACK64 xattr * Bump ABI to 2. * [sparc] Make the kernels again 64bit. (closes: #525926) -- Bastian Blank Sun, 03 May 2009 09:38:42 +0200 linux-2.6 (2.6.29-3) unstable; urgency=low [ maximilian attems ] * [powerpc] Pipe mkimage postinst call to stderr for debconf. Thanks Jordi Mallach for the patch. (closes: #518231) * [parisc] Disable PHONET. * [sparc] Disable BTRFS. [ Bastian Blank ] * [alpha] Fix location of kernel image. * Add source link to headers packages. (closes: #523726) [ Martin Michlmayr ] * Add some sata_mv fixes for Kirkwood from Marvell: - use new sata phy register settings for new devices - increate the IORDY timeout for the soc controllers -- maximilian attems Fri, 17 Apr 2009 10:36:03 +0200 linux-2.6 (2.6.29-2) unstable; urgency=low [ Martin Michlmayr ] * [arm/ixp4xx] Build in LEDS_TRIGGER_TIMER (closes: #521141). * [mips*/4kc-malta, mips*/5kc-malta] Build in RTC_DRV_CMOS. [ maximilian attems ] * linux-libc-dev: Bump versioned replaces libdrm-dev. * parisc: hardcode gcc-4.3 usage. * Postrm cleanup new module-init-tools 3.7 files. [ Bastian Blank ] * Install all needed Makefiles into common headers package. (closes: #521472) * Add stable release 2.6.29.1: - V4L: v4l2-common: remove incorrect MODULE test - sparc64: Fix reset hangs on Niagara systems. - sparc64: Flush TLB before releasing pages. - sparc64: Fix MM refcount check in smp_flush_tlb_pending(). - KVM: MMU: Fix another largepage memory leak - cfg80211: fix incorrect assumption on last_request for 11d - lguest: fix spurious BUG_ON() on invalid guest stack. - lguest: wire up pte_update/pte_update_defer - VM, x86, PAT: Change is_linear_pfn_mapping to not use vm_pgoff - x86: mtrr: don't modify RdDram/WrDram bits of fixed MTRRs - x86: ptrace, bts: fix an unreachable statement - x86: fix 64k corruption-check - x86, uv: fix cpumask iterator in uv_bau_init() - x86, PAT, PCI: Change vma prot in pci_mmap to reflect inherited prot - Add a missing unlock_kernel() in raw_open() - fuse: fix fuse_file_lseek returning with lock held - ARM: 5435/1: fix compile warning in sanity_check_meminfo() - ARM: twl4030 - leak fix - ARM: fix leak in iop13xx/pci - ARM: cumana: Fix a long standing bogon - ARM: 5428/1: Module relocation update for R_ARM_V4BX - ARM: pxa: fix overlay being un-necessarily initialized on pxa25x - DVB: firedtv: FireDTV S2 problems with tuning solved - cfg80211: force last_request to be set for OLD_REG if regdom is EU - CIFS: Fix memory overwrite when saving nativeFileSystem field during mount - ath5k: warn and correct rate for unknown hw rate indexes - ath5k: disable MIB interrupts - b43: fix b43_plcp_get_bitrate_idx_ofdm return type - ath9k: fix dma mapping leak of rx buffer upon rmmod - ath5k: use spin_lock_irqsave for beacon lock - cifs: fix buffer format byte on NT Rename/hardlink - ath9k: downgrade xmit queue full message to xmit debug - KVM: SVM: set accessed bit for VMCB segment selectors - KVM: VMX: Don't allow uninhibited access to EFER on i386 - USB: add quirk to avoid config and interface strings - USB: gadget: fix rndis regression - USB: usb-storage: increase max_sectors for tape drives - USB: fix USB_STORAGE_CYPRESS_ATACB - USB: EHCI: add software retry for transaction errors - xfrm: spin_lock() should be spin_unlock() in xfrm_state.c - ipv6: Plug sk_buff leak in ipv6_rcv (net/ipv6/ip6_input.c) - GRO: Disable GRO on legacy netif_rx path (closes: #521691) - bridge: bad error handling when adding invalid ether address - dnet: drivers/net/dnet.c needs - udp: Wrong locking code in udp seq_file infrastructure - netfilter: nf_conntrack_tcp: fix unaligned memory access in tcp_sack [ dann frazier ] * bnx2: correct firmware revisions (closes: #522049) * [mips] Zero upper 32-bits of compat llseek (closes: #521016) -- Bastian Blank Sat, 04 Apr 2009 15:13:33 +0200 linux-kbuild-2.6 (2.6.29-1) unstable; urgency=low * New upstream version. * Autogenerate list of supported options in modpost. (closes: #518961) - Build-depend against python. * Use debhelper compat level 7. -- Bastian Blank Thu, 26 Mar 2009 12:54:47 +0100 linux-2.6 (2.6.29-1) unstable; urgency=low * New upstream release - tg3 use request_firmware and firmware nuked. - acenic use request_firmware and firmware nuked. - e100 use request_firmware and firmware nuked. (closes: #494308) - cassini use request_firmware and firmware nuked. - starfire use request_firmware and firmware nuked. (closes: #501152) - cxgb3 use request_firmware and firmware nuked. - NR_CPUS setting no longer affects size of modules. (closes: #516709) - orinoco: use KERN_DEBUG for link status messages. (closes: #447549) - [CIFS] Fix oops in cifs_strfromUCS_le mounting to servers which do not specify their OS. (closes: #463402) - fixes conflict between and on mips (closes: #519761) [ maximilian attems ] * topconfig set new NET_NS, NET_SCH_DRR, NET_CLS_CGROUP, LIB80211, SCSI_CXGB3_ISCSI, NATIONAL_PHY, STE10XP, LSI_ET1011C_PHY, BTRFS_FS, SQUASHFS, PCI_STUB, WIMAX, MTD_LPDDR, EEPROM_AT24, EEPROM_AT25, EEPROM_LEGACY, BLK_DEV_IT8172, SMSC9420, WIMAX_I2400M_USB, WIMAX_I2400M_SDIO, MISDN_HFCUSB, SENSORS_ADT7475, SENSORS_LTC4245, RADIO_TEA5764, SND_HDA_CODEC_INTELHDMI, RT2860, RT2870, RTL8187SE, LIBFC, FCOE, ATL1C, JOYSTICK_WALKERA0701, TOUCHSCREEN_WACOM_W8001, TOUCHSCREEN_TSC2007, W1_SLAVE_DS2431, WM8350_POWER, SOC_CAMERA_MT9T031, SOC_CAMERA_TW9910, SOC_CAMERA_OV772X, USB_STV06XX, USB_GSPCA_OV534, DVB_LGDT3304, WM8350_WATCHDOG, SMSC_SCH311X_WDT, SND_HRTIMER, SND_HDA_RECONFIG, GREENASIA_FF, USB_SERIAL_SIEMENS_MPI, USB_SERIAL_OPTICON, LEDS_ALIX2, LEDS_WM8350, OCFS2_FS_POSIX_ACL, BTRFS_FS_POSIX_ACL, ATM_SOLOS, MFD_PCF50633, PCF50633_ADC, PCF50633_GPIO, REGULATOR_PCF50633, DVB_S921, EDAC_I5400, RTC_DRV_PCF50633, INPUT_PCF50633_PMU, CHARGER_PCF50633, DEVPTS_MULTIPLE_INSTANCES, SCHED_OMIT_FRAME_POINTER, DCB, IXGBE_DCB, SFC_MTD, BE2NET, DNET. * topconfig enable SND_HDA_HWDEP for sound debugging purpose. * topconfig enable USB_HIDDEV (closes: #517771) * [x86] set DELL_LAPTOP, COMEDI, X86_PTRACE_BTS, XENFS, XEN_COMPAT_XENFS, X86_REROUTE_FOR_BROKEN_BOOT_IRQS, OPTIMIZE_INLINING. * [x86] unset DRM_I915_KMS due to upgrade path from Lenny override with modeset module param. * temp.image.plain/preinst: Consistent output. * [x86_64] set SPARSE_IRQ, NUMA_MIGRATE_IRQ_DESC, TREE_RCU. * [x86_32] set BLK_DEV_CS5536. * [powerpc] set PHANTOM, HP_ILO, MV643XX_ETH, MOUSE_BCM5974, VIRTUALIZATION. * topconfig unset legacy SCSI_PROC_FS, PCMCIA_IOCTL, ACPI_PROCFS_POWER, ACPI_PROC_EVENT. [ Bastian Blank ] * Use external source directory for all builds. * Use external source directory for all header packages. * Use dh_prep. * Update copyright file. * [s390/s390] Disable BTRFS. * [sparc] Use sparc as kernel architecture. * Update kconfig report changes patch. * [s390] Enable KVM. * Use debhelper compat level 7. [ Martin Michlmayr ] * [mips/r4k-ip22] Build in RTC_DRV_DS1286. * [mips/r5k-ip32] Build in RTC_DRV_CMOS (Closes: #516775). * [arm/versatile, arm/iop32x, arm/ixp4xx] Make LLC2 modular. * [arm, mips, mipsel] Make MII modular. * [arm/ixp4xx] Make IXP4XX_WATCHDOG modular. * topconfig: Disable NET_DSA since this hardware is special purpose and the option cannot be made modular at the moment and bloats the kernel image too much. * [arm, armel] Enable various V4L USB devices. (Closes: #518582) * [arm/orion5x] Build the SENSORS_LM75 module since it's needed on the D-Link DNS-323. * [arm/iop32x, arm/ixp4xx, arm/orion5x] Enable INPUT_TOUCHSCREEN. * [arm/iop32x, arm/ixp4xx, arm/orion5x] Enable INPUT_JOYDEV, GAMEPORT and INPUT_JOYSTICK (Closes: #520433). * [arm/iop32x, arm/ixp4xx, arm/orion5x] Add a size check to ensure that the kernel will fit in flash. * Add patches from git.marvell.com to improve Kirkwood support: - make gpio /input/output validation separate - MPP initialization code - SDIO driver for Marvell SoCs - SDIO driver registration for DB6281 and RD6281 - register internal devices in a common place - Marvell SheevaPlug support - SheevaPlug USB Power Enable setup - SheevaPlug LED support - Hook up I2C on Kirkwood - Add support for QNAP TS-119/TS-219 Turbo NAS * [armel/kirkwood] Add an image for Marvell's Kirkwood platform. [ Ben Hutchings ] * Remove firmware from drivers and make them use request_firmware(): - mga (closes: #502666) - qla1280 (closes: #502667) - r128 (closes: #494007) - radeon (closes: #494009) - tehuti (closes: #501153) - typhoon (closes: #502669) -- Bastian Blank Tue, 24 Mar 2009 14:32:11 +0100 linux-kbuild-2.6 (2.6.28-1) unstable; urgency=low * New upstream version. -- Bastian Blank Sun, 22 Feb 2009 13:45:39 +0100 linux-2.6 (2.6.28-1) unstable; urgency=low * New upstream release - new btusb. (closes: #505184) - iwlagn driver for Intel Wifi Link 5100 and 5300. (closes: #501157) - drm git branch vblank-rework merged. (closes: #456219) - netfilter.h got in.h include. (closes: #487103) - netlink errno propageted. (closes: #489340) - agp g41 support (closes: #513228) - Includes atl2 driver (Closes: #500065) - Fixes loading of video module on Samsung systems (Closes: #475319, #495697) - Fix rf_kill handling of iwl3945 driver (Closes: #503688) - Fix adjtimex frequency offset (Closes: #432877) - Fix oopses with Canon PIXMA MP150 (Closes: #487725) - Fix excessive interrrupts with compiz (Closes: #456219) - dsp56k: use request_firmware and firmware nuked (closes: #494010) - dabusb: use request_firmware and firmware nuked (closes: #502663) - kaweth: use request_firmware and firmware nuked (closes: #502665) [ maximilian attems ] * Reenable new Juju firewire stack. * topconfig set ATH9K, IWL5000, IP_NF_SECURITY, IP6_NF_SECURITY, BRIDGE_EBT_IP6, BT_HCIBTUSB, TOUCHSCREEN_INEXIO, TOUCHSCREEN_TOUCHIT213, VIRTIO_CONSOLE, VIDEO_ZORAN_ZR36060, USB_VIDEO_CLASS_INPUT_EVDEV, USB_GSPCA, USB_S2255, OCFS2_FS_STATS, OMFS_FS, CRYPTO_RMD128, CRYPTO_RMD160, CRYPTO_RMD256, CRYPTO_RMD320, VLAN_8021Q_GVRP, HP_WMI, COMPAL_LAPTOP, SCSI_DH, SCSI_DH_RDAC, SCSI_DH_HP_SW, SCSI_DH_EMC, SCSI_DH_ALUA, MAC80211_HWSIM, USB_HSO, BLK_DEV_INTEGRITY, SGI_XP, SGI_GRU, TLAN, ATM_IA, ATM_FORE200E, MISDN, I2C_HELPER_AUTO, I2C_ISCH, I2C_NFORCE2_S4985, AT24, SENSORS_AD7414, SENSORS_ADCXX, SOC_CAMERA_PLATFORM, VIDEO_SH_MOBILE_CEU, DVB_USB_DW2102, DVB_USB_ANYSEE, DVB_SIANO_SMS1XXX, DVB_DRX397XD, MMC_SDHCI_PCI (closes: #507150), MMC_SDRICOH_CS (closes: #509979), EDAC_I5100, RTC_DRV_M41T94, RTC_DRV_DS1305, UBIFS, EXT4 (closes: #512266), CGROUP_FREEZER, NETFILTER_TPROXY, NETFILTER_XT_TARGET_TPROXY, NETFILTER_XT_MATCH_RECENT, NETFILTER_XT_MATCH_SOCKET, NET_ACT_SKBEDIT, PHONET, NET_9P_RDMA, ATL2, JME, ENIC, MLX4_EN, USB_NET_SMSC95XX, I7300_IDLE, NET_SCH_MULTIQ, ICS932S401, PANASONIC_LAPTOP, QLGE, LIBERTAS_THINFIRM, LIBERTAS_THINFIRM_USB, INPUT_CM109, W1_SLAVE_BQ27000, SENSORS_ADT7462, SENSORS_MAX1111, SENSORS_LIS3LV02D, MFD_WM8400, MFD_WM8350_I2C, SOC_CAMERA_MT9M111, USB_M5602, USB_GSPCA_CONEX, USB_GSPCA_ETOMS, USB_GSPCA_FINEPIX, USB_GSPCA_MARS, USB_GSPCA_OV519, USB_GSPCA_PAC207, USB_GSPCA_PAC7311, USB_GSPCA_SONIXB, USB_GSPCA_SONIXJ, USB_GSPCA_SPCA500, USB_GSPCA_SPCA501, USB_GSPCA_SPCA505, USB_GSPCA_SPCA506, USB_GSPCA_SPCA508, USB_GSPCA_SPCA561, USB_GSPCA_STK014, USB_GSPCA_SUNPLUS, USB_GSPCA_T613, USB_GSPCA_TV8532, USB_GSPCA_VC032X, USB_GSPCA_ZC3XX, C2PORT, C2PORT_DURAMAR_2150, W83697UG_WDT, USB_MR800, DVB_USB_CINERGY_T2, DVB_USB_DTV5100, DVB_USB_AF9015, DVB_DM1105, DVB_LGS8GL5, DVB_DUMMY_FE, SND_HDA_CODEC_NVHDMI, SND_USB_US122L, USB_VST, LEDS_PCA9532, LEDS_HP_DISK, LEDS_PCA955X, LEDS_TRIGGER_BACKLIGHT, EDAC_X38, RTC_DRV_RX8581, RTC_DRV_DS1390, RTC_DRV_DS3234, RTC_DRV_DS1286, RTC_DRV_M48T35, RTC_DRV_BQ4802, RTC_DRV_WM8350, UNEVICTABLE_LRU, MAC80211_RC_MINSTREL, BATTERY_BQ27x00, REGULATOR, REGULATOR_BQ24022, REGULATOR_WM8350, REGULATOR_WM8400, FB_VIA, FB_METRONOME, FB_MB862XX, UIO_SERCOS3, CORE_DUMP_DEFAULT_ELF_HEADERS, NET_DSA, NET_DSA_MV88E6060, NET_DSA_MV88E6131, NET_DSA_MV88E6123_61_65, IT87_WDT, BACKLIGHT_MBP_NVIDIA, SND_HDA_INPUT_BEEP, USB_WUSB, USB_TMC, IDE_GD, IDE_GD_ATA, IDE_GD_ATAPI, PCMCIA_IBMTR, USB_EMI62, USB_EMI26, USB_SEVSEG, UWB, UWB_WLP, UWB_I1480U, UWB_I1480U_WLP, CRYPTO_FIPS, ANSI_CPRNG, CRC_T10DIF, STAGING, ET131X, CRYPTO_ANSI_CPRNG, PRISM2_USB, HID_COMPAT, SYSCTL_SYSCALL_CHECK, BOOT_TRACER. * [x86] set MOUSE_BCM5974, X86_RESERVE_LOW_64K, OPROFILE_IBS, MICROCODE_INTEL, MICROCODE_AMD, X86_VERBOSE_BOOTUP, MTRR_SANITIZER, CRYPTO_CRC32C_INTEL, STRICT_DEVMEM. * [x86_64] set AMD_IOMMU, INTR_REMAP. * [x86_32] set TOUCHSCREEN_HTCPEN, MOUSE_PS2_OLPC. * Add stable releases 2.6.28.1-6. * Turn off SYSFS_DEPRECATED* for newer udev and proper /sys/. * linux-libc-dev: Add versioned replaces libdrm-dev. (closes: #513604) * topconfig: Enable MACVLAN. (closes: #504611) * [ppc] BAYCOM_PAR, BAYCOM_EPP. * [x86_64] set NR_CPUS to 512. (closes: #491309) * [686-bigmem] set modular XEN_FBDEV_FRONTEND. * Newer Standards-Version 3.8.0 without changes. * Use update-initramfs for initramfs-tools. * Fix preinst and postinst call to not use deprecated mkinitramfs-kpkg interfaces. [ Martin Michlmayr ] * [mips/r4k-ip22, mips/sb1-bcm91250a] Don't build in ISO9660. * [mipsel/r5k-cobalt] Enable INPUT_COBALT_BTNS. * [mipsel/r5k-cobalt] Enable the new Cobalt LCD driver (FB_COBALT). * [mips/r4k-ip22] Enable the new ALSA sound driver (SND_SGI_HAL2). * [arm/iop32x, arm/ixp4xx] Don't build in KEYBOARD_ATKBD, MOUSE_PS2, SERIO, JFFS2_FS, and CRAMFS. * [arm/iop32x, arm/ixp4xx] Unset DEBUG_KERNEL so the kernel will fit in flash. * [arm/orion5x] Unset FIXED_PHY to work around a clash with fixed mdio bus and mv643xx_eth. * Migrate arm, armel, mips and mipsel away from kernel-package. [ Ian Campbell ] * [x86]: Enable Xen guest support in amd64 flavour. (closes: #495590) [ dann frazier ] * [x86, ia64] Enable ACPI_PCI_SLOT [ Bastian Blank ] * Make gcc-4.3 the default compiler. (closes: #463295) * Add optional image size check. * debian/rules.real: Setup image installation rules for alpha, hppa, ia64 and sparc. * Remove support to build images using kernel-package. -- maximilian attems Wed, 18 Feb 2009 16:36:04 +0100 linux-2.6 (2.6.26-12) unstable; urgency=high [ Ian Campbell ] * xen: fix ACPI processor throttling for when processor id is -1. (closes: #502849) [ dann frazier ] * Make sendmsg() block during UNIX garbage collection (CVE-2008-5300) * Fix race conditions between inotify removal and umount (CVE-2008-5182) * Fix DoS when calling svc_listen twice on the same socket while reading /proc/net/atm/*vc (CVE-2008-5079) [ Bastian Blank ] * [openvz, vserver] Fix descriptions. * [sparc] Enable Sun Logical Domains support. (closes: #501684) * Fix coexistence of pata_marvell and ahci. (closes: #507432) * [sparc] Support Intergraph graphics chips. (closes: #508108) -- Bastian Blank Mon, 15 Dec 2008 12:57:18 +0100 linux-2.6 (2.6.26-11) unstable; urgency=low [ Bastian Blank ] * [sparc] Reintroduce dummy PCI host controller to workaround broken X.org. * [sparc] Fix size checks in PCI maps. * Add stable release 2.6.26.8: - netfilter: restore lost ifdef guarding defrag exception - netfilter: snmp nat leaks memory in case of failure - netfilter: xt_iprange: fix range inversion match - ACPI: dock: avoid check _STA method - ACPI: video: fix brightness allocation - sparc64: Fix race in arch/sparc64/kernel/trampoline.S - math-emu: Fix signalling of underflow and inexact while packing result. - tcpv6: fix option space offsets with md5 - net: Fix netdev_run_todo dead-lock - scx200_i2c: Add missing class parameter - DVB: s5h1411: Power down s5h1411 when not in use - DVB: s5h1411: Perform s5h1411 soft reset after tuning - DVB: s5h1411: bugfix: Setting serial or parallel mode could destroy bits - V4L: pvrusb2: Keep MPEG PTSs from drifting away - ACPI: Always report a sync event after a lid state change - ALSA: use correct lock in snd_ctl_dev_disconnect() - file caps: always start with clear bprm->caps_* - libertas: fix buffer overrun - net: Fix recursive descent in __scm_destroy(). - SCSI: qla2xxx: Skip FDMI registration on ISP21xx/22xx parts. (Closes: #502552) - edac cell: fix incorrect edac_mode - ext[234]: Avoid printk floods in the face of directory corruption (CVE-2008-3528) - gpiolib: fix oops in gpio_get_value_cansleep() * Override ABI changes. * [xen] Update description. (closes: #505961) * Revert parts of 2.6.26.6 to fix resume breakage. (closes: #504167) - clockevents: prevent multiple init/shutdown - clockevents: broadcast fixup possible waiters [ dann frazier ] * Fix buffer overflow in hfsplus (CVE-2008-4933) * Fix BUG() in hfsplus (CVE-2008-4934) * Fix stack corruption in hfs (CVE-2008-5025) * Fix oops in tvaudio when controlling bass/treble (CVE-2008-5033) [ Martin Michlmayr ] * [arm/iop32x, arm/ixp4xx, arm/orion5x] Enable support for more partition tables, including MAC_PARTITION (requested by Benoît Knecht). * leds-pca9532: Fix memory leak and properly handle errors (Sven Wegener) * leds-pca9532: Move i2c work to a workqueque (Riku Voipio). (closes: #506116) -- Bastian Blank Wed, 26 Nov 2008 11:43:48 +0100 linux-2.6 (2.6.26-10) unstable; urgency=low [ dann frazier ] * sctp: Fix possible kernel panic in sctp_sf_abort_violation (CVE-2008-4618) [ Martin Michlmayr ] * DNS-323: add support for revision B1 machines (Matthew Palmer). * ext3/ext4: Add support for non-native signed/unsigned htree hash algorithms (Theodore Ts'o). (closes: #493957) * [arm/ixp4xx] Enable USB_ACM (closes: #504723). [ Bastian Blank ] * agp: Fix stolen memory counting on Intel G4X. (closes: #502606) * Add stable release 2.6.26.7: - security: avoid calling a NULL function pointer in drivers/video/tvaudio.c - DVB: au0828: add support for another USB id for Hauppauge HVR950Q - drm/i915: fix ioremap of a user address for non-root (CVE-2008-3831) - ACPI: Ignore _BQC object when registering backlight device - hwmon: (it87) Prevent power-off on Shuttle SN68PT - Check mapped ranges on sysfs resource files - x86: avoid dereferencing beyond stack + THREAD_SIZE - PCI: disable ASPM on pre-1.1 PCIe devices - PCI: disable ASPM per ACPI FADT setting - V4L/DVB (9053): fix buffer overflow in uvc-video - V4L/DVB (8617): uvcvideo: don't use stack-based buffers for USB transfers. - V4L/DVB (8498): uvcvideo: Return sensible min and max values when querying a boolean control. - V4L: zr36067: Fix RGBR pixel format - V4L: bttv: Prevent NULL pointer dereference in radio_open - libata: fix EH action overwriting in ata_eh_reset() - libata: always do follow-up SRST if hardreset returned -EAGAIN - fbcon_set_all_vcs: fix kernel crash when switching the rotated consoles - modules: fix module "notes" kobject leak - b43legacy: Fix failure in rate-adjustment mechanism - CIFS: make sure we have the right resume info before calling CIFSFindNext - sched_rt.c: resch needed in rt_rq_enqueue() for the root rt_rq - tty: Termios locking - sort out real_tty confusions and lock reads - x86, early_ioremap: fix fencepost error - x86: improve UP kernel when CPU-hotplug and SMP is enabled - x86: Reserve FIRST_DEVICE_VECTOR in used_vectors bitmap. * [xen] Remove pte file workaround. [ Ian Campbell ] * [xen] Disable usage of PAT. (closes: #503821) -- Bastian Blank Sat, 08 Nov 2008 10:50:58 +0100 linux-2.6 (2.6.26-9) unstable; urgency=low [ Bastian Blank ] * Add stable release 2.6.26.6: - mm owner: fix race between swapoff and exit - rtc: fix kernel panic on second use of SIGIO nofitication - fbcon: fix monochrome color value calculation - ALSA: snd-powermac: HP detection for 1st iMac G3 SL - ALSA: snd-powermac: mixers for PowerMac G4 AGP - sparc64: Fix missing devices due to PCI bridge test in of_create_pci_dev(). - sparc64: Fix disappearing PCI devices on e3500. - sparc64: Fix OOPS in psycho_pcierr_intr_other(). - sparc64: Fix interrupt register calculations on Psycho and Sabre. - sparc64: Fix PCI error interrupt registry on PSYCHO. - udp: Fix rcv socket locking - sctp: Fix oops when INIT-ACK indicates that peer doesn't support AUTH (CVE-2008-4576) - sctp: do not enable peer features if we can't do them. - ipsec: Fix pskb_expand_head corruption in xfrm_state_check_space - netlink: fix overrun in attribute iteration - niu: panic on reset - ipv6: Fix OOPS in ip6_dst_lookup_tail(). - XFRM,IPv6: initialize ip6_dst_blackhole_ops.kmem_cachep - af_key: Free dumping state on socket close - pcmcia: Fix broken abuse of dev->driver_data - clockevents: remove WARN_ON which was used to gather information - ntp: fix calculation of the next jiffie to trigger RTC sync - x86: HPET: read back compare register before reading counter - x86: HPET fix moronic 32/64bit thinko - clockevents: broadcast fixup possible waiters - HPET: make minimum reprogramming delta useful - clockevents: prevent endless loop lockup - clockevents: prevent multiple init/shutdown - clockevents: enforce reprogram in oneshot setup - clockevents: prevent endless loop in periodic broadcast handler - clockevents: prevent clockevent event_handler ending up handler_noop - x86: fix memmap=exactmap boot argument - x86: add io delay quirk for Presario F700 - ACPI: Avoid bogus EC timeout when EC is in Polling mode - x86: fix SMP alternatives: use mutex instead of spinlock, text_poke is sleepable - rtc: fix deadlock - mm: dirty page tracking race fix - x86-64: fix overlap of modules and fixmap areas - x86: PAT proper tracking of set_memory_uc and friends - x86: fix oprofile + hibernation badness - x86: fdiv bug detection fix - rt2x00: Use ieee80211_hw->workqueue again - x86: Fix 27-rc crash on vsmp due to paravirt during module load - sg: disable interrupts inside sg_copy_buffer - ocfs2: Increment the reference count of an already-active stack. - APIC routing fix - sched: fix process time monotonicity - block: submit_bh() inadvertently discards barrier flag on a sync write - x64, fpu: fix possible FPU leakage in error conditions - x86-64: Clean up save/restore_i387() usage - KVM: SVM: fix guest global tlb flushes with NPT - KVM: SVM: fix random segfaults with NPT enabled - ALSA: remove unneeded power_mutex lock in snd_pcm_drop - ALSA: fix locking in snd_pcm_open*() and snd_rawmidi_open*() - ALSA: oxygen: fix distorted output on AK4396-based cards - ALSA: hda - Fix model for Dell Inspiron 1525 - SCSI: qla2xxx: Defer enablement of RISC interrupts until ISP initialization completes. - USB: fix hcd interrupt disabling - smb.h: do not include linux/time.h in userspace - pxa2xx_spi: fix build breakage - pxa2xx_spi: chipselect bugfixes - pxa2xx_spi: dma bugfixes - mm: mark the correct zone as full when scanning zonelists - async_tx: fix the bug in async_tx_run_dependencies - drivers/mmc/card/block.c: fix refcount leak in mmc_block_open() - ixgbe: initialize interrupt throttle rate - i2c-dev: Return correct error code on class_create() failure - x86-32: AMD c1e force timer broadcast late * [x86] Update patch to detect not properly announced cmos RTC devices. * [xen] Overtake hvc console by default. [ maximilian attems ] * [openvz] ip: NULL pointer dereferrence in tcp_v(4|6)_send_ack (closes: #500472) * [openvz] unset NF_CONNTRACK_IPV6 for now until abi bump. [ Stephen R. Marenka ] * [m68k] add patches to fix atari ethernec per Michael Schmitz: atari-ethernec-IRQF_SHARED.diff and atari-ethernec-fixes.diff. * [m68k] add mac-esp-fix-for-quadras-with-two-esp-chips.diff to fix macs with dual scsi busses and a problem with xorg, per Finn Thain. * [m68k] add atari-atari_keyb_init-operator-precedence.diff per Michael Schmitz. * [m68k] more mac patches, per Finn Thain. [ Martin Michlmayr ] * [arm/ixp4xx] Enable USB_ATM and USB_SPEEDTOUCH (closes: #502182). * [arm/iop32x, arm/orion5x] Likewise. * DNS-323: read MAC address from flash (Matthew Palmer). [ dann frazier ] * Restrict access to the DRM_I915_HWS_ADDR ioctl (CVE-2008-3831) * Don't allow splicing to files opened with O_APPEND (CVE-2008-4554) -- Bastian Blank Sat, 18 Oct 2008 12:14:22 +0200 linux-2.6 (2.6.26-8) unstable; urgency=medium [ dann frazier ] * [x86] Fix broken LDT access in VMI (CVE-2008-4410) * ata: Fix off-by-one-error that causes errors when reading a block on the LBA28-LBA48 boundary * [s390] prevent ptrace padding area read/write in 31-bit mode (CVE-2008-1514) [ Bastian Blank ] * Fix generation of i386 Xen image information. * [i386] Restrict the usage of long NOPs. (closes: #464962) * Fix access to uninitialized user keyring. (closes: #500279) * [x86] Fix detection of non-PNP RTC devices. (closes: #499230) -- Bastian Blank Thu, 09 Oct 2008 12:07:21 +0200 linux-2.6 (2.6.26-7) unstable; urgency=low [ Bastian Blank ] * [xen] Add SuSE Xen patch. (closes: #495895) * Only register notifiers in braille console if used, fixes Insert key. (closes: #494374) * Fix ACPI EC GPE storm detection. (closes: #494546) * Disable useless support for ISP1760 USB host controller. (closes: #498304) * rt61pci: Add a sleep after firmware upload. (closes: #498828) [ Stephen R. Marenka ] * [m68k] Set CONFIG_ATARI_ETHERNEC=m for atari, since it only works in modular form. * [m68k] Enable CONFIG_ADB_PMU68K=y for mac. * [m68k] Add atari-aranym-nf-wrappers.diff patch to fix atari LBD problems, set CONFIG_LBD=y for atari. [ Martin Michlmayr ] * [arm/orion5x] Enable CONFIG_ATALK (requested by Ben Schwarz). * [arm/versatile] Enable CONFIG_VFP. (closes: #499463) * ath5k: Fix bad udelay calls on AR5210 code (Nick Kossifidis). * [arm] No longer disable ATH5K. [ dann frazier ] * Add missing capability checks in sbni_ioctl (CVE-2008-3525) -- Bastian Blank Wed, 01 Oct 2008 09:02:30 +0200 linux-2.6 (2.6.26-6) unstable; urgency=low [ maximilian attems ] * [openvz] Enable checkpointing. (closes: #497292) [ Bastian Blank ] * Allow forced module loading again. (closes: #494144) * Set IEEE 802.11 (wireless) regulatory domain default to EU. (closes: #497971) * [i386] Enable IDE ACPI support. Override ABI changes. (closes: #470528) * [i386/686-bigmem] Promote to generic subarch. (closes: #476120) [ Martin Michlmayr ] * Fix dead 21041 ethernet after ifconfig down (Thomas Bogendoerfer). [ dann frazier ] * [hppa] Enable the FPU before using it, fixes booting on A500s with our CONFIG_PRINTK_TIME=y setting. (closes: #499458) -- Bastian Blank Wed, 24 Sep 2008 12:06:47 +0200 linux-2.6 (2.6.26-5) unstable; urgency=low [ Martin Michlmayr ] * Backport power-off method for Kurobox Pro. * [arm/versatile] Really enable CONFIG_RTC_DRV_PL031 (closes: #484432). [ Stephen R. Marenka ] * [m68k] Set CONFIG_LBD=n for atari, since it conflicts with nfblock. [ Bastian Blank ] * Reenable SiS SATA support. (closes: #496603) * [amd64,i386] Disable new-style SiS PATA support. * Add stable release 2.6.26.4: - sata_mv: don't issue two DMA commands concurrently - KVM: MMU: Fix torn shadow pte - x86: work around MTRR mask setting, v2 - nfsd: fix buffer overrun decoding NFSv4 acl (CVE-2008-3915) - sunrpc: fix possible overrun on read of /proc/sys/sunrpc/transports (CVE-2008-3911) - r8169: balance pci_map / pci_unmap pair - tg3: Fix firmware event timeouts - crypto: authenc - Avoid using clobbered request pointer - sparc64: Fix cmdline_memory_size handling bugs. - sparc64: Fix overshoot in nid_range(). - ipsec: Fix deadlock in xfrm_state management. (closes: #497796) - sctp: fix random memory dereference with SCTP_HMAC_IDENT option. - sctp: correct bounds check in sctp_setsockopt_auth_key - sch_prio: Fix nla_parse_nested_compat() regression - sctp: add verification checks to SCTP_AUTH_KEY option - sctp: fix potential panics in the SCTP-AUTH API. - udp: Drop socket lock for encapsulated packets - pkt_sched: Fix actions referencing - pkt_sched: Fix return value corruption in HTB and TBF. - netns: Add network namespace argument to rt6_fill_node() and ipv6_dev_get_saddr() - ipv6: Fix OOPS, ip -f inet6 route get fec0::1, linux-2.6.26, ip6_route_output, rt6_fill_node+0x175 (CVE-2008-3686) - AX.25: Fix sysctl registration if !CONFIG_AX25_DAMA_SLAVE - mm: make setup_zone_migrate_reserve() aware of overlapping nodes - 8250: improve workaround for UARTs that don't re-assert THRE correctly - rtc_time_to_tm: fix signed/unsigned arithmetic - drivers/char/random.c: fix a race which can lead to a bogus BUG() - cifs: fix O_APPEND on directio mounts - atl1: disable TSO by default - forcedeth: fix checksum flag - bio: fix bio_copy_kern() handling of bio->bv_len - bio: fix __bio_copy_iov() handling of bio->bv_len - ALSA: oxygen: prevent muting of nonexistent AC97 controls - S390 dasd: fix data size for PSF/PRSSD command - x86: fix "kernel won't boot on a Cyrix MediaGXm (Geode)" - x86: work around MTRR mask setting - USB: cdc-acm: don't unlock acm->mutex on error path - binfmt_misc: fix false -ENOEXEC when coupled with other binary handlers - fbdefio: add set_page_dirty handler to deferred IO FB - eeepc-laptop: fix use after free - PCI: fix reference leak in pci_get_dev_by_id() - cramfs: fix named-pipe handling * Override ABI changes. * [hppa] Disable new-style RTC support. Override ABI changes. [ maximilian attems ] * openvz: Add upstream fixes up to 24cebf40278cb071ff8b. (closes: #497528) -- Bastian Blank Wed, 10 Sep 2008 12:55:16 +0200 linux-2.6 (2.6.26-4) unstable; urgency=low [ maximilian attems ] * x86: Reset ACPI_PROCFS_POWER for Lenny as buggy apps depend on it. (closes: #495541) * x86: ACPI: Fix thermal shutdowns * openvz: Add upstream fixes up to 0f14912e3d2251aff. (closes: #494384) * Add stable release 2.6.26.3: - USB: fix interface unregistration logic - usb-storage: unusual_devs entries for iRiver T10 and Datafab CF+SM reader - usb-serial: don't release unregistered minors - usb-storage: revert DMA-alignment change for Wireless USB - usb-storage: automatically recognize bad residues - USB: ftdi_sio: Add USB Product Id for ELV HS485 - qla2xxx: Set an rport's dev_loss_tmo value in a consistent manner. - dccp: change L/R must have at least one byte in the dccpsf_val field (CVE-2008-3276) - KVM: Avoid instruction emulation when event delivery is pending - cs5520: add enablebits checking - acer-wmi: Fix wireless and bluetooth on early AMW0 v2 laptops - USB: usb-storage: quirk around v1.11 firmware on Nikon D4 - radeonfb: fix accel engine hangs - radeon: misc corrections - sparc64: Fix global reg snapshotting on self-cpu. - sparc64: Do not clobber %g7 in setcontext() trap. - sparc64: Fix end-of-stack checking in save_stack_trace(). - sparc64: Fix recursion in stack overflow detection handling. - sparc64: Make global reg dumping even more useful. - sparc64: Implement IRQ stacks. - sparc64: Handle stack trace attempts before irqstacks are setup. - PCI: Limit VPD length for Broadcom 5708S - ide: it821x in pass-through mode segfaults in 2.6.26-stable - syncookies: Make sure ECN is disabled - USB: ftdi_sio: add support for Luminance Stellaris Evaluation/Development Kits - i2c: Fix NULL pointer dereference in i2c_new_probed_device - SCSI: hptiop: add more PCI device IDs - SCSI: ses: fix VPD inquiry overrun - SCSI: scsi_transport_spi: fix oops in revalidate - CIFS: Fix compiler warning on 64-bit - x86: fix spin_is_contended() - matrox maven: fix a broken error path - i2c: Let users select algorithm drivers manually again - CIFS: properly account for new user= field in SPNEGO upcall string allocation - x86: fix setup code crashes on my old 486 box - KVM: ia64: Fix irq disabling leak in error handling code - mlock() fix return values - rtl8187: Fix lockups due to concurrent access to config routine - KVM: task switch: segment base is linear address - KVM: task switch: use seg regs provided by subarch instead of reading from GDT - KVM: task switch: translate guest segment limit to virt-extension byte granular field - r8169: avoid thrashing PCI conf space above RTL_GIGA_MAC_VER_06 - sparc64: FUTEX_OP_ANDN fix - posix-timers: do_schedule_next_timer: fix the setting of ->si_overrun - posix-timers: fix posix_timer_event() vs dequeue_signal() race - vt8623fb: fix kernel oops - ide-cd: fix endianity for the error message in cdrom_read_capacity - qla2xxx: Add dev_loss_tmo_callbk/terminate_rport_io callback support. - random32: seeding improvement - CIFS: mount of IPC$ breaks with iget patch - CIFS: if get root inode fails during mount, cleanup tree connection - crypto: padlock - fix VIA PadLock instruction usage with irq_ts_save/restore() - ipvs: Fix possible deadlock in estimator code - SCSI: block: Fix miscalculation of sg_io timeout in CDROM_SEND_PACKET handler. - ALSA: asoc: restrict sample rate and size in Freescale MPC8610 sound drivers - ALSA: ASoC: fix SNDCTL_DSP_SYNC support in Freescale 8610 sound drivers - USB: pl2023: Remove USB id (4348:5523) handled by ch341 - relay: fix "full buffer with exactly full last subbuffer" accounting problem - ipv6: Fix ip6_xmit to send fragments if ipfragok is true - x86: amd opteron TOM2 mask val fix [ dann frazier ] * [ia64] Fix boot-time hang w/ PRINTK_TIME by ensuring that cpu0 can access per-cpu vars in early boot * delay calls to sched_clock() until after sched_clock_init() to prevent inaccurate printk timings on ia64 and presumably other architectures [ Ian Campbell ] * [xen] import upstream fix to fb-defio driver used by Xen framebuffer. [ Bastian Blank ] * [powerpc] Enable proper RTC support. (closes: #484693) [ Martin Michlmayr ] * Add Marvell Orion fixes: - sata_mv: add the Gen IIE flag to the SoC devices. - sata_mv: don't avoid clearing interrupt status on SoC host adapters [ dann frazier ] * Fix overflow condition in sctp_setsockopt_auth_key (CVE-2008-3526) * Fix panics that may occur if SCTP AUTH is disabled (CVE-2008-3792) * [x86] Fix memory leak in the copy_user routine (CVE-2008-0598, closes: #490910) -- Bastian Blank Thu, 28 Aug 2008 08:46:42 +0200 linux-2.6 (2.6.26-3) unstable; urgency=low [ Bastian Blank ] * Disable Emagic Audiowerk 2 soundcard support. The PCI IDs clashes with many DVB cards. * Update VServer patch to 2.3.0.35. * [armel/versatile] Override ABI changes. * [i386/686-bigmem] Add VServer image. [ Aurelien Jarno ] * [armel/versatile] Disable CONFIG_NO_HZ, CONFIG_HIGH_RES_TIMERS for dynticks. (closes: #494842) [ Martin Michlmayr ] * Fix PCIe on the Kurobox Pro (Lennert Buytenhek). * Fix regressions caused by the "use software GSO for SG+CSUM capable netdevices" patch: - loopback: Enable TSO (Herbert Xu) - net: Preserve netfilter attributes in skb_gso_segment using __copy_skb_header (Herbert Xu) [ dann frazier ] * [amd64] Fix typo in TOM2 mask value, preventing a hang on some opteron systems. (closes: #494365) -- Bastian Blank Mon, 18 Aug 2008 15:34:38 +0200 linux-kbuild-2.6 (2.6.26-3) unstable; urgency=low * Fix recursive installation. (closes: #494435) -- Bastian Blank Sun, 10 Aug 2008 13:01:41 +0200 linux-kbuild-2.6 (2.6.26-2) unstable; urgency=low * Include new scripts. (closes: #494435) -- Bastian Blank Sat, 09 Aug 2008 20:45:12 +0200 linux-2.6 (2.6.26-2) unstable; urgency=low [ Bastian Blank ] * [powerpc] Install arch/powerpc/lib/crtsavres.o into the headers, it is used during module linking. * Add stable release 2.6.26.1: - Fix off-by-one error in iov_iter_advance() - ath5k: don't enable MSI, we cannot handle it yet - b43legacy: Release mutex in error handling code - cpufreq acpi: only call _PPC after cpufreq ACPI init funcs got called already - VFS: increase pseudo-filesystem block size to PAGE_SIZE - markers: fix markers read barrier for multiple probes - tmpfs: fix kernel BUG in shmem_delete_inode - mpc52xx_psc_spi: fix block transfer - ixgbe: remove device ID for unsupported device - UML - Fix boot crash - eCryptfs: use page_alloc not kmalloc to get a page of memory - x86: fix kernel_physical_mapping_init() for large x86 systems - DVB: cx23885: SRAM changes for the 885 and 887 silicon parts - DVB: cx23885: Reallocated the sram to avoid concurrent VIDB/C issues - DVB: cx23885: DVB Transport cards using DVB port VIDB/TS1 did not stream - DVB: cx23885: Ensure PAD_CTRL is always reset to a sensible default - V4L: cx23885: Bugfix for concurrent use of /dev/video0 and /dev/video1 - V4L: saa7134: Copy tuner data earlier to avoid overwriting manual tuner type - V4L: uvcvideo: Add support for Medion Akoya Mini E1210 integrated webcam - V4L: uvcvideo: Make input device support optional - V4L: uvcvideo: Don't free URB buffers on suspend - V4L: uvcvideo: Use GFP_NOIO when allocating memory during resume - V4L: uvcvideo: Fix a buffer overflow in format descriptor parsing - DVB: dib0700: add support for Hauppauge Nova-TD Stick 52009 - V4L: cx18: Upgrade to newer firmware & update documentation - ALSA: trident - pause s/pdif output - myri10ge: do not use mgp->max_intr_slots before loading the firmware - myri10ge: do not forget to setup the single slice pointers - iop-adma: fix platform driver hotplug/coldplug - sparc64: Do not define BIO_VMERGE_BOUNDARY. - sparc64: Fix cpufreq notifier registry. - sparc64: Fix lockdep issues in LDC protocol layer. - tcp: Clear probes_out more aggressively in tcp_ack(). - ARM: fix fls() for 64-bit arguments - vmlinux.lds: move __attribute__((__cold__)) functions back into final .text section - rtc-at91rm9200: avoid spurious irqs - ide-cd: fix oops when using growisofs - x86: fix crash due to missing debugctlmsr on AMD K6-3 - cpusets: fix wrong domain attr updates - proc: fix /proc/*/pagemap some more - Fix build on COMPAT platforms when CONFIG_EPOLL is disabled - markers: fix duplicate modpost entry - x86, suspend, acpi: enter Big Real Mode - USB: fix usb serial pm counter decrement for disconnected interfaces - x86 reboot quirks: add Dell Precision WorkStation T5400 - Fix typos from signal_32/64.h merge - rcu: fix rcu_try_flip_waitack_needed() to prevent grace-period stall - Patch Upstream: x86 ptrace: fix PTRACE_GETFPXREGS error - KVM: MMU: Fix potential race setting upper shadow ptes on nonpae hosts - KVM: MMU: nuke shadowed pgtable pages and ptes on memslot destruction - KVM: x86 emulator: Fix HLT instruction - KVM: VMX: Add ept_sync_context in flush_tlb - KVM: mmu_shrink: kvm_mmu_zap_page requires slots_lock to be held - KVM: SVM: fix suspend/resume support - KVM: VMX: Fix a wrong usage of vmcs_config - isofs: fix minor filesystem corruption - quota: fix possible infinite loop in quota code - hdlcdrv: Fix CRC calculation. - ipv6: __KERNEL__ ifdef struct ipv6_devconf - ipv6: use timer pending - udplite: Protection against coverage value wrap-around - pxamci: trivial fix of DMA alignment register bit clearing * [sparc] Install asm-sparc headers again. * Force RTC on by default and set clock on startup. Override ABI changes. * [i386, amd64] Make the CMOS RTC support builtin. (closes: #493567) * Add stable release 2.6.26.2: - sound: ensure device number is valid in snd_seq_oss_synth_make_info - Ath5k: kill tasklets on shutdown - Ath5k: fix memory corruption - vfs: fix lookup on deleted directory - ALSA: emu10k1 - Fix inverted Analog/Digital mixer switch on Audigy2 - ALSA: hda - Add missing Thinkpad Z60m support - ALSA: hda - Fix DMA position inaccuracy - ALSA: hda - Fix wrong volumes in AD1988 auto-probe mode - Add compat handler for PTRACE_GETSIGINFO - Bluetooth: Signal user-space for HIDP and BNEP socket errors - Input: i8042 - add Acer Aspire 1360 to nomux blacklist - Input: i8042 - add Gericom Bellagio to nomux blacklist - Input: i8042 - add Intel D845PESV to nopnp list - jbd: fix race between free buffer and commit transaction - NFS: Ensure we zap only the access and acl caches when setting new acls - SCSI: ch: fix ch_remove oops - linear: correct disk numbering error check - netfilter: xt_time: fix time's time_mt()'s use of do_div() - Kprobe smoke test lockdep warning - Close race in md_probe - x86: io delay - add checking for NULL early param - x86: idle process - add checking for NULL early param - SCSI: bsg: fix bsg_mutex hang with device removal - netfilter: nf_nat_sip: c= is optional for session - romfs_readpage: don't report errors for pages beyond i_size - ftrace: remove unneeded documentation [ Martin Michlmayr ] * METH: fix MAC address setup (Thomas Bogendoerfer) * Export the reset button of the QNAP TS-409. * net: use software GSO for SG+CSUM capable netdevices (Lennert Buytenhek) [ dann frazier ] * device_create interface changed between 2.6.26 and 2.6.27; adjust hpilo backport appropriately. Fixes a NULL pointer dereference in ilo_probe(). -- Bastian Blank Fri, 08 Aug 2008 08:09:00 +0200 linux-kbuild-2.6 (2.6.26-1) unstable; urgency=low * New upstream version. * modpost: Support new parameters. -- Bastian Blank Sat, 02 Aug 2008 13:09:54 +0200 linux-2.6 (2.6.26-1) unstable; urgency=low * New upstream release see http://kernelnewbies.org/Linux_2_6_26 - UDF 2.50 support. (closes: #480910) - mmc: increase power up delay (closes: #481190) - snd-hda-intel suspend troubles fixed. (closes: #469727, #481613, #480034) - cifs QueryUnixPathInfo fix (closes: #480995) - r8169 oops in r8169_get_mac_version (closes: #471892) - netfilter headers cleanup (closes: #482331) - iwlwifi led support (closes: #469095) - ath5k associates on AR5213A (closes: #463785) - T42 suspend fix (closes: #485873) - cpuidle acpi driver: fix oops on AC<->DC (closes: #477201) - opti621 ide fixes (closes: #475561) - ssh connection hangs with mac80211 (closes: #486089) - ocfs2: Allow uid/gid/perm changes of symlinks (closes: #479475) - xircom_tulip_cb: oboslete driver removed (closes: #416900) - r8169 properly detect link status (closes: #487586) - iwl3945 connection + support fixes (closes: #481436, #482196) - longrun cpufreq min freq fix (closes: #468149) - emux midi synthesizer SOFT_PEDAL-release event (closes: #474312) - vmemmap fixes to use smaller pages (closes: #483489) - x86 freeze fixes (closes: #482100, #482074) - xen boot failure fix (closes: #488284) - gdb read floating-point and SSE registers (closes: #485375) - USB_PERSIST is default on (closes: #489963) - alsa snd-hda Dell Inspiron fix (closes: #490649) - ipw2200: queue direct scans (closes: #487721) - better gcc-4.3 support (closes: #492301) - iwl3945 monitor mode. (closes: #482387) [ maximilian attems ] * topconfig set CRYPTO_CTS, SND_PCSP, SND_AW2, IWL4965_LEDS, IWL3945_LEDS, RT2400PCI_LEDS, RT2500PCI_LEDS, RT61PCI_LEDS, RT2500USB_LEDS, RT73USB_LEDS, NF_CT_PROTO_DCCP, BRIDGE_EBT_NFLOG, IWLWIFI_RFKILL, USB_SERIAL_SPCP8X5, USB_STORAGE_CYPRESS_ATACB, DVB_ISL6405, DVB_AU8522, VIDEO_EM28XX_DVB, VIDEO_CX18, VIDEO_AU0828, SOC_CAMERA_MT9M001, SOC_CAMERA_MT9V022, DVB_TUNER_ITD1000, VIDEO_PVRUSB2_DVB, USB_C67X00_HCD, USB_ISP1760_HCD, HTC_PASIC3, I2C_PCA_PLATFORM, TOUCHSCREEN_WM97XX, JOYSTICK_ZHENHUA, SFC, ACCESSIBILITY, UIO_SMX, LOGIRUMBLEPAD2_FF, A11Y_BRAILLE_CONSOLE, EDS_TRIGGER_DEFAULT_ON, VIDEO_ALLOW_V4L1, ATA_ACPI, SATA_PMP, ATA_SFF, USB_SERIAL_MOTOROLA, USB_WDM, MAC80211_MESH, IPV6_MROUTE, IPV6_PIMSM_V2, MTD_AR7_PARTS, SENSORS_IBMAEM, PATA_SCH, CGROUP_DEVICE, USB_ISIGHTFW, HW_RANDOM_VIRTIO, RTC_DRV_FM3130, USB_VIDEO_CLASS, CIFS_DFS_UPCALL. * [amd64, i386]: KVM_CLOCK, KVM_GUEST, ISCSI_IBFT_FIND, ISCSI_IBFT, THERMAL, EEEPC_LAPTOP, FB_N411, THERMAL_HWMON. * [amd64]: Enable SCSI_DPT_I2O as 64 bit now. * Reenable USB_SERIAL_EDGEPORT, USB_SERIAL_EDGEPORT_TI. (closes: #480195) * Enable TCP_MD5SIG for BGP sessions. (closes: #443742) * Add recognised alsa cards to bug report. * topconfig: Enable HYSDN, no longer broken on smp. * Add request_firmware patch for keyspan. (closes: #448900) * [x86]: Enable dma engine. (closes: #473331) * [ppc64]: Enable IBMEBUS and EHEA. (closes: #484888) * topconfig: Enable PROFILING across all flavours. (closes: #484885) * 486: enable OLPC support thanks Andres Salomon for merge. Kconfig variable patch by Robert Millan (closes: #485063). * Add request_firmware patch for ip2. * Add request_firmware patch for acenic. (closes: #284221) * [x86, ia64]: Set HPET_RTC_IRQ. (closes: #479709, #476970) * [ppc]: Set SND_VIRMIDI. (closes: #290090) * Fallback for userspace compatibility to old IEEE 1394 FireWire stack. (closes: #451367, #475295, #478419) * [x86]: Enable modular FB_UVESA. (closes: #473180) * JFFS2 enable summary and compressor support. (closes: #488242) * Add OLPC sdhci quirks. Thanks Andres Salomon (closes: #485192) * [ppc]: Enable RTC_DRV_PPC. (closes: #484693) Thanks for the patch to Geoff Levand . * Enable BLK_DEV_BSG for SG v4 support. * [amd64] Enable default disabled memtest boot param. * topconfig: Enable PATA_SIS instead of SATA_SIS. (closes: #485609) * Add OpenVZ countainer flavour for amd64, i386. (closes: #392015) * atl1e driver for Atheros(R) L1e Fast Ethernet. (closes: #492029) * [ALSA] hda - Add ICH9 controller support (8086:2911) * [ALSA] hda - support intel DG33 motherboards * HP iLO driver * Input: i8042 - add Arima-Rioworks HDAMB board to noloop list (closes: #489190) thanks Guillaume Morin [ Martin Michlmayr ] * [arm/orion5x] Update the config to reflect upstream renaming this subarch. * [arm/orion5x] Add some patches from Marvell's Orion tree: - Feroceon: speed up flushing of the entire cache - support for 5281 D0 stepping - cache align destination pointer when copying memory for some processors - cache align memset and memzero - DMA engine driver for Marvell XOR engine - Orion hardware watchdog support * [arm/orion5x] Enable NETCONSOLE. * [arm/orion5x] Disable more SCSI drivers. * [arm/ixp4xx] Disable most ATA and more SCSI and network drivers. * [arm/versatile] Enable CONFIG_RTC_DRV_PL031 (closes: #484432). * [arm/iop32x, arm/ixp4xx, arm/versatile] Enable ARM_THUMB (closes: #484524). * [arm/iop32x] Add LED driver for Thecus N2100 (Riku Voipio). * [mips/r5k-ip32] Enable USB. * [arm/orion5x, arm/iop32x, arm/ixp4xx, mipsel/r5k-cobalt] Enable HAMRADIO on the request of Heinz Janssen. * [arm/orion5x] Add support for QNAP TS-409 and HP mv2120; thanks Sylver Bruneau. * [mips] Add patches from Thomas Bogendoerfer: - gbefb: fix cmap FIFO timeout (closes: #487257) - IP32: Enable FAST-20 for onboard scsi - IP32: SGI O2 sound driver * [arm/ixp4xx] Add support for Freecom FSG-3 (Rod Whitby). * [arm/ixp4xx] Enable CONFIG_MACH_DSMG600. * [arm/iop32x] Unset NET_DMA since it actually leads to worse network performance. * [arm/orion5x] Fix a boot crash on the Kurobox Pro. * [arm/orion5x] use better key codes for the TS-209/TS-409 buttons * [arm/orion5x] export red SATA lights on TS-409, fix SATA presence/activity * [arm] Enable KEXEC (closes: #492268). * [arm/orion5x] Enable USB_PRINTER, requested by Mike Arthur. * [arm/orion5x] Enable binfmt aout, x25, wireless and ATM. * [arm/iop32x, arm/orion5x] Enable USB_SISUSBVGA. * [arm] xfs: pack some shortform dir2 structures for the ARM old ABI architecture (closes: #414932). [ Ian Campbell ] * Readme.build updated on how to generate orig tarballs. * Forward port vmlinuz-target.patch. * Enable Xen save/restore and memory ballooning for Xen enabled kernels. [ Bastian Blank ] * [powerpc/powerpc-miboot] Disable. (closes: #481358) * [powerpc/powerpc64] Support IBM Cell based plattforms and PS3. (closes: #462529) * [s390] Synchronize block device, network bridge, network scheduler and CRC support. * [s390] Enable support for PCI-attached cryptographic adapters. * Use control group as base for group CPU scheduler. This reenabled traditional nice behaviour. (closes: #489223) * Bump yaird dependencies to at least 0.0.13. * Reenable SECCOMP. There is no longer additional overhead. (closes: #474648) * Export symbol required for MOL again. (closes: #460667) * [powerpc/powerpc64] Fix console selection in LPAR environment. (closes: #492703) * Fix several userspace compatibility problems. [ Christian T. Steigies ] * [m68k] enable SERIAL_CONSOLE for amiga and atari [ Thiemo Seufer ] * [mips] Fix logic bug in atomic_sub_if_positive. [ Stephen R. Marenka ] * [m68k] Update pending m68k patches. * [m68k] Enable nfcon and nfblock for atari. * [m68k] Change compiler to default. [ Aurelien Jarno ] * [arm/versatile] Switch scsi/ext3/smc91x to modules now that we have proper d-i support. Remove options defined in toplevel config file. -- Bastian Blank Wed, 30 Jul 2008 10:17:29 +0200 linux-2.6 (2.6.25-7) unstable; urgency=high * Add stable release 2.6.25.10: - TTY: fix for tty operations bugs (CVE-2008-2812) - sched: fix cpu hotplug - IB/mthca: Clear ICM pages before handing to FW - DRM: enable bus mastering on i915 at resume time - x86: shift bits the right way in native_read_tscp - x86_64 ptrace: fix sys32_ptrace task_struct leak (CVE-2008-3077) - ptrace GET/SET FPXREGS broken - futexes: fix fault handling in futex_lock_pi - x86: fix cpu hotplug crash * Add stable release 2.6.25.11: - x86: fix ldt limit for 64 bit -- maximilian attems Mon, 14 Jul 2008 10:58:14 +0200 linux-2.6 (2.6.25-6) unstable; urgency=high [ maximilian attems ] * Add stable release 2.6.25.7: - double-free of inode on alloc_file() failure exit in create_write_pipe() - m68k: Add ext2_find_{first,next}_bit() for ext4 - bluetooth: fix locking bug in the rfcomm socket cleanup handling - serial: fix enable_irq_wake/disable_irq_wake imbalance in serial_core.c - bttv: Fix a deadlock in the bttv driver (closes: #487594) - forcedeth: msi interrupts - CPUFREQ: Fix format string bug. - mmc: wbsd: initialize tasklets before requesting interrupt - ecryptfs: fix missed mutex_unlock - mac80211: send association event on IBSS create - bluetooth: rfcomm_dev_state_change deadlock fix - sunhv: Fix locking in non-paged I/O case. - cassini: Only use chip checksum for ipv4 packets. - ipwireless: Fix blocked sending - net: Fix call to ->change_rx_flags(dev, IFF_MULTICAST) in dev_change_flags() - fbdev: export symbol fb_mode_option - ipsec: Use the correct ip_local_out function - tcp: fix skb vs fack_count out-of-sync condition - tcp FRTO: Fix fallback to conventional recovery - tcp FRTO: SACK variant is errorneously used with NewReno - tcp FRTO: work-around inorder receivers - tcp: Fix inconsistency source (CA_Open only when !tcp_left_out(tp)) - l2tp: avoid skb truesize bug if headroom is increased - l2tp: Fix possible WARN_ON from socket code when UDP socket is closed - l2tp: Fix possible oops if transmitting or receiving when tunnel goes down - ax25: Fix NULL pointer dereference and lockup. - sound: emu10k1 - fix system hang with Audigy2 ZS Notebook PCMCIA card - tcp: Allow send-limited cwnd to grow up to max_burst when gso disabled - tcp: Limit cwnd growth when deferring for GSO - af_key: Fix selector family initialization. - hgafb: resource management fix - cifs: fix oops on mount when CONFIG_CIFS_DFS_UPCALL is enabled - b43: Fix controller restart crash - ssb: Fix context assertion in ssb_pcicore_dev_irqvecs_enable - eCryptfs: protect crypt_stat->flags in ecryptfs_open() - cciss: add new hardware support - ecryptfs: add missing lock around notify_change - ecryptfs: clean up (un)lock_parent - Add 'rd' alias to new brd ramdisk driver - net_sched: cls_api: fix return value for non-existant classifiers - vlan: Correctly handle device notifications for layered VLAN devices - IB/umem: Avoid sign problems when demoting npages to integer - x86: fix recursive dependencies - can: Fix copy_from_user() results interpretation - Kconfig: introduce ARCH_DEFCONFIG to DEFCONFIG_LIST - tcp: TCP connection times out if ICMP frag needed is delayed - ALSA: hda - Fix resume of auto-config mode with Realtek codecs - netlink: Fix nla_parse_nested_compat() to call nla_parse() directly * Add stable release 2.6.25.9: - Add return value to reserve_bootmem_node() - x86: use BOOTMEM_EXCLUSIVE on 32-bit - sctp: Make sure N * sizeof(union sctp_addr) does not overflow. - hwmon: (lm85) Fix function RANGE_TO_REG() - hwmon: (adt7473) Initialize max_duty_at_overheat before use - x86: set PAE PHYSICAL_MASK_SHIFT to 44 bits. - Reinstate ZERO_PAGE optimization in 'get_user_pages()' and fix XIP - watchdog: hpwdt: fix use of inline assembly - Fix ZERO_PAGE breakage with vmware - atl1: relax eeprom mac address error check [ Martin Michlmayr] * [arm/orion5x] Enable INPUT_EVDEV and KEYBOARD_GPIO. [ Steve Langasek ] * Enable CONFIG_CIFS_EXPERIMENTAL and CONFIG_CIFS_UPCALL, required for CIFS mounts to be able to use Kerberos authentication. Closes: #480663. [ Bastian Blank ] * Add stable release 2.6.25.8: - x86: disable mwait for AMD family 10H/11H CPUs - x86: remove mwait capability C-state check - nf_conntrack_h323: fix memory leak in module initialization error path - nf_conntrack_h323: fix module unload crash - nf_conntrack: fix ctnetlink related crash in nf_nat_setup_info() - SCSI: sr: fix corrupt CD data after media change and delay - ACPICA: Ignore ACPI table signature for Load() operator - scsi_host regression: fix scsi host leak - b43: Fix possible NULL pointer dereference in DMA code - b43: Fix noise calculation WARN_ON - virtio_net: Fix skb->csum_start computation - opti621: remove DMA support - opti621: disable read prefetch - Fix tty speed handling on 8250 - x86-64: Fix "bytes left to copy" return value for copy_from_user() * Fix alpha build due too inconsistent kallsyms data. -- maximilian attems Fri, 27 Jun 2008 00:33:53 +0200 linux-2.6 (2.6.25-5) unstable; urgency=low [ maximilian attems ] [ Bastian Blank ] * Reenable VServer images. [ maximilian attems ] * Add stable release 2.6.25.5: - asn1: additional sanity checking during BER decoding (CVE-2008-1673) * Add stable release 2.6.25.6: - atl1: fix 4G memory corruption bug - capabilities: remain source compatible with 32-bit raw legacy capability support. - usb-serial: Use ftdi_sio driver for RATOC REX-USB60F - cpufreq: fix null object access on Transmeta CPU - Smack: fuse mount hang fix - cgroups: remove node_ prefix_from ns subsystem - XFS: Fix memory corruption with small buffer reads - x86: don't read maxlvt before checking if APIC is mapped - USB: option: add new Dell 5520 HSDPA variant - md: do not compute parity unless it is on a failed drive - md: fix uninitialized use of mddev->recovery_wait - md: fix prexor vs sync_request race - HID: split Numlock emulation quirk from HID_QUIRK_APPLE_HAS_FN. - USB: do not handle device 1410:5010 in 'option' driver - USB: unusual_devs: Add support for GI 0401 SD-Card interface - USB: add Telstra NextG CDMA id to option driver - USB: fix build errors in ohci-omap.c and ohci-sm501.c - USB: add TELIT HDSPA UC864-E modem to option driver - memory_hotplug: always initialize pageblock bitmap - x86: fix bad pmd ffff810000207xxx(9090909090909090) - USB: add Zoom Telephonics Model 3095F V.92 USB Mini External modem to cdc-acm - x86: prevent PGE flush from interruption/preemption - IPoIB: Test for NULL broadcast object in ipiob_mcast_join_finish() - i386: fix asm constraint in do_IRQ() - i2c-nforce2: Disable the second SMBus channel on the DFI Lanparty NF4 Expert - i2c/max6875: Really prevent 24RF08 corruption - brk: make sys_brk() honor COMPAT_BRK when computing lower bound - Revert "PCI: remove default PCI expansion ROM memory allocation" - PS3: gelic: fix memory leak - eCryptfs: remove unnecessary page decrypt call - netfilter: nf_conntrack_expect: fix error path unwind in nf_conntrack_expect_init() - netfilter: xt_connlimit: fix accouning when receive RST packet in ESTABLISHED state - netfilter: nf_conntrack_ipv6: fix inconsistent lock state in nf_ct_frag6_gather() - POWERPC Bolt in SLB entry for kernel stack on secondary cpus - netfilter: xt_iprange: module aliases for xt_iprange - x86: user_regset_view table fix for ia32 on 64-bit - x86: if we cannot calibrate the TSC, we panic. - CIFS: Fix UNC path prefix on QueryUnixPathInfo to have correct slash - x86, fpu: fix CONFIG_PREEMPT=y corruption of application's FPU stack - libata: force hardreset if link is in powersave mode - x86: fix setup of cyc2ns in tsc_64.c - x86: distangle user disabled TSC from unstable - x86: disable TSC for sched_clock() when calibration failed - pagemap: fix bug in add_to_pagemap, require aligned-length reads of /proc/pid/pagemap - ext3/4: fix uninitialized bs in ext3/4_xattr_set_handle() - proc: calculate the correct /proc/ link count - CPUFREQ: Make acpi-cpufreq more robust against BIOS freq changes behind our back. - USB: remove PICDEM FS USB demo (04d8:000c) device from ldusb - types.h: don't expose struct ustat to userspace [ Bastian Blank ] * Ignore ABI change in internal XFS symbol. -- Bastian Blank Thu, 12 Jun 2008 08:47:11 +0200 linux-2.6 (2.6.25-4) unstable; urgency=low [ maximilian attems ] * Fix arm Kconfig logic disabling random drivers. (closes: #481410) * Add stable release 2.6.25.4: - OHCI: fix regression upon awakening from hibernation - V4L/DVB (7473): PATCH for various Dibcom based devices - {nfnetlink, ip, ip6}_queue: fix skb_over_panic when enlarging packets - dccp: return -EINVAL on invalid feature length - md: fix raid5 'repair' operations - sparc: Fix SA_ONSTACK signal handling. - sparc: Fix fork/clone/vfork system call restart. - sparc64: Stop creating dummy root PCI host controller devices. - sparc64: Fix wedged irq regression. - SPARC64: Fix args to 64-bit sys_semctl() via sys_ipc(). - serial: Fix sparc driver name strings. - sparc: Fix ptrace() detach. - sparc: Fix mremap address range validation. - sparc: Fix debugger syscall restart interactions. - sparc32: Don't twiddle PT_DTRACE in exec. - r8169: fix oops in r8169_get_mac_version - SCSI: aha152x: Fix oops on module removal - SCSI: aha152x: fix init suspiciously returned 1, it should follow 0/-E convention - sch_htb: remove from event queue in htb_parent_to_leaf() - i2c-piix4: Blacklist two mainboards - SCSI: qla1280: Fix queue depth problem - ipvs: fix oops in backup for fwmark conn templates - USB: airprime: unlock mutex instead of trying to lock it again - rtc: rtc_time_to_tm: use unsigned arithmetic - SCSI: libiscsi regression in 2.6.25: fix nop timer handling - SCSI: libiscsi regression in 2.6.25: fix setting of recv timer - can: Fix can_send() handling on dev_queue_xmit() failures - macvlan: Fix memleak on device removal/crash on module removal - nf_conntrack: padding breaks conntrack hash on ARM - sparc: sunzilog uart order - r8169: fix past rtl_chip_info array size for unknown chipsets - x86: use defconfigs from x86/configs/* - vt: fix canonical input in UTF-8 mode - ata_piix: verify SIDPR access before enabling it - serial: access after NULL check in uart_flush_buffer() - x86: sysfs cpu?/topology is empty in 2.6.25 (32-bit Intel system) - XFRM: AUDIT: Fix flowlabel text format ambibuity. * Update userspace merged HZ alpha fixed version. * Backport netfilter: Move linux/types.h inclusions outside of #ifdef __KERNEL__. (closes: #479899) * types.h: don't expose struct ustat to userspace. (closes: #429064) [ Bastian Blank ] * Fix ABI changes from: ipvs: fix oops in backup for fwmark conn templates -- maximilian attems Tue, 27 May 2008 11:46:11 +0200 linux-2.6 (2.6.25-3) unstable; urgency=low [ Bastian Blank ] * Add stable release 2.6.25.3: - sit: Add missing kfree_skb() on pskb_may_pull() failure. - sparc: Fix mmap VA span checking. - CRYPTO: eseqiv: Fix off-by-one encryption - CRYPTO: authenc: Fix async crypto crash in crypto_authenc_genicv() - CRYPTO: cryptd: Correct kzalloc error test - CRYPTO: api: Fix scatterwalk_sg_chain - x86 PCI: call dmi_check_pciprobe() - b43: Fix some TX/RX locking issues - kprobes/arm: fix decoding of arithmetic immediate instructions - kprobes/arm: fix cache flush address for instruction stub - b43: Fix dual-PHY devices - POWERPC: mpc5200: Fix unterminated of_device_id table - reiserfs: Unpack tails on quota files - sched: fix hrtick_start_fair and CPU-Hotplug - vfs: fix permission checking in sys_utimensat - md: fix use after free when removing rdev via sysfs - mm: fix usemap initialization - 2.6.25 regression: powertop says 120K wakeups/sec [ maximilian attems ] * Redisable old dup prism54 driver. * Reenable accidentaly disabled SIS190. (closes: #478773) * Add lmkl patch to unbreak HZ userspace aka perl5.10 build fix. (closes: #480130) [ Martin Michlmayr ] * [armel] Disable some SCSI drives (that are disabled on arm) so the ramdisk will fit in flash on NSLU2 (closes: #480310). -- maximilian attems Wed, 14 May 2008 11:16:56 +0200 linux-2.6 (2.6.25-2) unstable; urgency=low [ maximilian attems ] * Add stable release 2.6.25.1: - Fix dnotify/close race (CVE-2008-1375) - V4L: Fix VIDIOCGAP corruption in ivtv - USB: log an error message when USB enumeration fails - USB: OHCI: fix bug in controller resume - SCSI: qla2xxx: Correct regression in relogin code. - rose: Socket lock was not released before returning to user space - x86, pci: fix off-by-one errors in some pirq warnings - hrtimer: timeout too long when using HRTIMER_CB_SOFTIRQ - RDMA/nes: Fix adapter reset after PXE boot - rtc-pcf8583 build fix - JFFS2: Fix free space leak with in-band cleanmarkers - SELinux: no BUG_ON(!ss_initialized) in selinux_clone_mnt_opts - tehuti: check register size (CVE-2008-1675) - IPSEC: Fix catch-22 with algorithm IDs above 31 - alpha: unbreak OSF/1 (a.out) binaries - tehuti: move ioctl perm check closer to function start (CVE-2008-1675) - aio: io_getevents() should return if io_destroy() is invoked - mm: fix possible off-by-one in walk_pte_range() - TCP: Increase the max_burst threshold from 3 to tp->reordering. - ssb: Fix all-ones boardflags - cgroup: fix a race condition in manipulating tsk->cg_list - drivers/net/tehuti: use proper capability check for raw IO access - tg3: 5701 DMA corruption fix - V4L: tea5761: bugzilla #10462: tea5761 autodetection code were broken - b43: Workaround invalid bluetooth settings - b43: Add more btcoexist workarounds - b43: Workaround DMA quirks - dm snapshot: fix chunksize sector conversion - x86: Fix 32-bit x86 MSI-X allocation leakage - RTNETLINK: Fix bogus ASSERT_RTNL warning - net: Fix wrong interpretation of some copy_to_user() results. - dz: test after postfix decrement fails in dz_console_putchar() - RDMA/nes: Free IRQ before killing tasklet - S2io: Fix memory leak during free_tx_buffers - S2io: Version update for memory leak fix during free_tx_buffers - USB: Add HP hs2300 Broadband Wireless Module to sierra.c - V4L: cx88: enable radio GPIO correctly - hrtimer: raise softirq unlocked to avoid circular lock dependency - tcp: tcp_probe buffer overflow and incorrect return value * [ide] Add upstream piix patch for asus eee pc. (closes: #479217) [ Christian T. Steigies ] * [m68k] Add patches for 2.6.25. * [m68k] Disable EXT4DEV_FS for now. * [m68k] Enable SCSI_MAC_ESP for mac. [ Ian Campbell ] * [x86]: Enable Xen guest support in all i386 flavours. [ Bastian Blank ] * Add stable release 2.6.25.2: - fix SMP ordering hole in fcntl_setlk() (CVE-2008-1669) -- Bastian Blank Thu, 08 May 2008 14:46:48 +0200 linux-kbuild-2.6 (2.6.25-2) unstable; urgency=low * modpost: Support new parameters. (closes: #479271) -- Bastian Blank Mon, 05 May 2008 19:58:40 +0200 linux-kbuild-2.6 (2.6.25-1) unstable; urgency=low * New upstream version. -- Bastian Blank Fri, 02 May 2008 10:32:13 +0200 linux-2.6 (2.6.25-1) unstable; urgency=low * New upstream release (closes: #456799, #468440, #475161, #475134, #475441) - Add oabi shim for fstatat64 (closes: #462677) [ maximilian attems ] * topconfig set NOZOMI, CRYPTO_SEQIV, CRYPTO_CTR, CRYPTO_GCM, CRYPTO_CCM, CRYPTO_SALSA20, CRYPTO_LZO, CRYPTO_DEV_HIFN_795X, USB_SI470X, USB_STKWEBCAM, VIDEO_PVRUSB2_ONAIR_USB2, VIDEO_PVRUSB2_ONAIR_CREATOR, VIDEO_EM28XX_ALSA, CRYPTO_DEV_HIFN_795X_RNG, PCF8575, TPS65010, RTL8180, ENC28J60, R6040, CAN, NETFILTER_XT_MATCH_OWNER, MAC80211_RC_DEFAULT_PI, NETFILTER_XT_TARGET_RATEEST, NETFILTER_XT_TARGET_TCPOPTSTRIP, NETFILTER_XT_MATCH_IPRANGE, NETFILTER_XT_MATCH_RATEEST, SND_OXYGEN, SND_HIFIER, SND_VIRTUOSO, USB_NET_RNDIS_WLAN, USB_ANNOUNCE_NEW_DEVICES, USB_SERIAL_IUU, NET_CLS_FLOW, INFINIBAND_NES, RTC_DRV_R9701, RTC_DRV_DS1511, MEMSTICK, SENSORS_W83L786NG, SENSORS_ADS7828, IPWIRELESS, RISCOM8, IGB, UTS_NS, IPC_NS, IPV6_ROUTE_INFO, ENCLOSURE_SERVICES, SCSI_ENCLOSURE, SENSORS_ADT7473, SCSI_MVSAS, REALTEK_PHY, RTC_DRV_S35390A, MEMSTICK_JMICRON_38X, IWL4965_HT. * [amd64] Enable CRYPTO_SALSA20_X86_64, EDAC_I3000, EFI, EFI_VARS, I8K, PARAVIRT_GUEST, PARAVIRT, VIRTIO_PCI, VIRTIO_BALLOON, SPARSEMEM_VMEMMAP. * [amd64, i386]: Enable LEDS_CLEVO_MAIL, INPUT_APANEL, ACER_WMI, THINKPAD_ACPI_HOTKEY_POLL, HP_WATCHDOG, THINKPAD_ACPI_VIDEO, VIRTION_CONSOLE, ACPI_WMI, IO_DELAY_0X80. * topconfig disable PARPORT_PC_FIFO due to instabilities. (closes: #366165, #388309, #406056, #407816, #453911) * [amd64, i386]: Enable SONYPI_COMPAT for better sony laptop support. * topconfig: Enable HID_FF for some HID devices. (closes: #441348) * topconfig: Enable IPV6_ROUTER_PREF for multi-homed net. (closes: #449247) * topconfig: Set UTF8 as default encoding. (closes: #417324) * Tighten yaird dependency. (closes: #403171) * Configs general cleanup, centralize USB_NET, disable IRDA_DEBUG. * postinst: Nuke confusing postinst message. (closes: #465512) * [sparc]: Enable SCSI_SCAN_ASYNC. * [i386]: Enable TC1100_WMI, SND_SIS7019, CRYPTO_SALSA20_586. * topconfig: Centralize old IEEE80211 stack options. (closes: #470558) * control.source.in: Newer standard version without changes. * copyright: adapt to latest lintian recommendation. * input: Add 4 additional exports for modular speakup and braille support. * firewire: Add firewire-git.patch for latest firewire tree features. * 686: Set USB_PERSIST for eee pc suspend support. (closes: #468213) * topconfig disable PATA_SIS as sis5513 enabled. (closes: #475525) * [xen]: Support direct load of bzImage under Xen. (closes: #474509) Thanks Ian Campbell for patches. * [xen]: Module autoprobing support for frontend drivers. * [arm]: Don't ovverride topconfig SENSORS_W83792D setting. (closes: #477745) [ Martin Michlmayr ] * [arm/armel] Add a kernel for Orion based devices, such as the QNAP TS-109/TS-209. * [mips(el)/sb1*] Enable SB1250_MAC (thanks Thomas Bogendoerfer). * [mipsel/r5k-cobalt] Enable DUMMY_CONSOLE since this might fix the debian-installer startup hang on Qube 2700. * [arm/footbridge] Disable KEYS and SECURITY for smaller d-i image. * [arm/footbridge] Build NFS as a module to make the image smaller. * [mips/r5k-ip32] Don't build in NFS. * [mips/r5k-ip32] Use the generic config options for NFS, which will enable NFSv4. (closes: #471007) * [mips/r5k-ip32] Enable R8169, requested by Giuseppe Sacco. * [arm/iop32x] Enable MACH_EM7210. (closes: #473136) * [arm/orion] Add patch to set the MAC address on QNAP TS-109/TS-209 (Lennert Buytenhek). * [arm/orion] Add support for Buffalo Linkstation Pro/Live (Byron Bradley). * [arm/orion] Fix hang when Write Allocate is enabled (Lennert Buytenhek). * [arm/orion] Add support for QNAP TS-409 (Sylver Bruneau). * [arm/orion] Add preliminary support for HP mv2120. [ Daniel Baumann ] * Added patch from unionfs upstream to export release_open_intent symbol. [ Gordon Farquharson ] * [arm/ixp4xx] Use GPIO LED driver as opposed to ixp4xx LED driver. * [arm/ixp4xx] Fix ixp4xx-beeper module so that udev loads it automatically. * [arm/iop32x] Enable support for the GLAN Tank flash chip (M29W400DB). * [arm/iop32x] Do not build the ARTOP PATA driver (PATA_ARTOP). * [arm/iop32x] Register the F75375 device in the GLAN Tank platform code. * Prevent physmap from calling request_module() too early. * [arm/ixp4xx] Fix used_sram_bitmap corruption in qmgr_release_queue(). [ Aurelien Jarno ] * [mips/mipsel] Enable CONFIG_NO_HZ, CONFIG_HIGH_RES_TIMERS for dynticks and true high-resolution timers on 4kc-malta and 5kc-malta flavours. * [i386, amd64] Set modular VIRTIO, VIRTIO_RING, VIRTIO_BLK, VIRTIO_NET. [ Bastian Blank ] * Remove binary only firmwares for: - Broadcom NetXtremeII 10Gb support * Disable now broken drivers: - Broadcom NetXtremeII 10Gb support * Fix broken drivers: - Broadcom NetXtremeII support * [powerpc] Use new wrapper install support. * [s390] Enable DM_MULTIPATH_EMC. * Enable AF_RXRPC, RXKAD, PRINTK_TIME, DEBUG_KERNEL, SCHED_DEBUG, TIMER_STATS, DEBUG_FS. * Disable R3964, USB_GADGET. * [hppa] Enable several filesystems. * Make NLS modular. * [i386/486] Make ext2 modular. * [alpha,amd64,i386] Make ATM modular. * [powerpc/powerpc64] Support PA Semi based plattforms. (closes: #463200) * Follow upstream change for default TCP congestion control. (closes: #477589) [ Steve Langasek ] * topconfig: Enable CONFIG_CIFS_WEAK_PW_HASH, required for compatibility with legacy (pre-NTLM) fileservers. [ Christian Perrier ] * Debconf template rewrite + mark them as translatable. Thanks to Justin B Rye for review. -- Bastian Blank Fri, 25 Apr 2008 16:27:23 +0200 linux-2.6 (2.6.24-6) unstable; urgency=high [ Martin Michlmayr ] * [armel] Fix FTBFS on armel by enabling CONFIG_USB_USBNET=m in armel/config, as it was done for arm/config already. * [armel] Add oabi shim for fstatat64 (Riku Voipio) [ Gordon Farquharson ] * [arm/iop32x] Do not build the ARTOP PATA driver (PATA_ARTOP). * [arm/iop32x] Enable MTD_CMDLINE_PARTS. [ Kyle McMartin ] * [hppa] fix pdc_console panic at boot (closes: #476292). * [hppa] properly flush user signal tramps * [hppa] special case futex cmpxchg on kernel space NULL (closes: 476285). -- Bastian Blank Fri, 18 Apr 2008 19:41:30 +0200 linux-2.6 (2.6.24-5) unstable; urgency=low [ Gordon Farquharson ] * [arm] Enable asix driver (USB_NET_AX8817X). * [arm] Enable CONFIG_USB_CATC, CONFIG_USB_KAWETH, CONFIG_USB_PEGASUS, and CONFIG_USB_RTL8150. * [arm/ixp4xx] Update Ethernet driver (closes: #471062). * [arm/ixp4xx] Add HSS driver. [ Bastian Blank ] * [s390/s390-tape]: Override localversion correctly. * Add stable release 2.6.24.3: - x86_64: CPA, fix cache attribute inconsistency bug - bonding: fix NULL pointer deref in startup processing - POWERPC: Revert chrp_pci_fixup_vt8231_ata devinit to fix libata on pegasos - PCMCIA: Fix station address detection in smc - SCSI: gdth: scan for scsi devices - USB: fix pm counter leak in usblp - S390: Fix futex_atomic_cmpxchg_std inline assembly. - genirq: do not leave interupts enabled on free_irq - hrtimer: catch expired CLOCK_REALTIME timers early - hrtimer: check relative timeouts for overflow - SLUB: Deal with annoying gcc warning on kfree() - hrtimer: fix *rmtp/restarts handling in compat_sys_nanosleep() - hrtimer: fix *rmtp handling in hrtimer_nanosleep() - Disable G5 NAP mode during SMU commands on U3 - Be more robust about bad arguments in get_user_pages() - AUDIT: Increase skb->truesize in audit_expand - BLUETOOTH: Add conn add/del workqueues to avoid connection fail. - INET: Prevent out-of-sync truesize on ip_fragment slow path - INET_DIAG: Fix inet_diag_lock_handler error path. - IPCOMP: Fetch nexthdr before ipch is destroyed - IPCOMP: Fix reception of incompressible packets - IPV4: fib: fix route replacement, fib_info is shared - IPV4: fib_trie: apply fixes from fib_hash - PKT_SCHED: ematch: oops from uninitialized variable (resend) - SELinux: Fix double free in selinux_netlbl_sock_setsid() - TC: oops in em_meta - TCP: Fix a bug in strategy_allowed_congestion_control - SCSI: sd: handle bad lba in sense information - Fix dl2k constants - XFS: Fix oops in xfs_file_readdir() - hugetlb: add locking for overcommit sysctl - inotify: fix check for one-shot watches before destroying them - NFS: Fix a potential file corruption issue when writing - NETFILTER: nf_conntrack_tcp: conntrack reopening fix - SPARC/SPARC64: Fix usage of .section .sched.text in assembler code. * Add stable release 2.6.24.4: - S390 futex: let futex_atomic_cmpxchg_pt survive early functional tests. - slab: NUMA slab allocator migration bugfix - relay: fix subbuf_splice_actor() adding too many pages - BLUETOOTH: Fix bugs in previous conn add/del workqueue changes. - SCSI advansys: Fix bug in AdvLoadMicrocode - async_tx: avoid the async xor_zero_sum path when src_cnt > device->max_xor - aio: bad AIO race in aio_complete() leads to process hang - jbd: correctly unescape journal data blocks - jbd2: correctly unescape journal data blocks - zisofs: fix readpage() outside i_size - NETFILTER: nfnetlink_log: fix computation of netlink skb size - NETFILTER: nfnetlink_queue: fix computation of allocated size for netlink skb - NETFILTER: xt_time: fix failure to match on Sundays - sched_nr_migrate wrong mode bits - nfsd: fix oops on access from high-numbered ports - sched: fix race in schedule() - SCSI: mpt fusion: don't oops if NumPhys==0 - SCSI: gdth: fix to internal commands execution - SCSI: gdth: bugfix for the at-exit problems - Fix default compose table initialization - x86: don't use P6_NOPs if compiling with CONFIG_X86_GENERIC - SCSI: fix BUG when sum(scatterlist) > bufflen - USB: ehci: handle large bulk URBs correctly (again) - USB: ftdi_sio - really enable EM1010PC - USB: ftdi_sio: Workaround for broken Matrix Orbital serial port - VT notifier fix for VT switch - eCryptfs: make ecryptfs_prepare_write decrypt the page - ioat: fix 'ack' handling, driver must ensure that 'ack' is zero - macb: Fix speed setting - x86: move out tick_nohz_stop_sched_tick() call from the loop - atmel_spi: fix clock polarity - b43: Backport bcm4311 fix - arcmsr: fix IRQs disabled warning spew - e1000e: Fix CRC stripping in hardware context bug - PCI x86: always use conf1 to access config space below 256 bytes - moduleparam: fix alpha, ia64 and ppc64 compile failures - pata_hpt*, pata_serverworks: fix UDMA masking - SCSI advansys: fix overrun_buf aligned bug - NETFILTER: fix ebtable targets return - NETFILTER: Fix incorrect use of skb_make_writable - NETFILTER: nfnetlink_queue: fix SKB_LINEAR_ASSERT when mangling packet data - spi: pxa2xx_spi clock polarity fix - ufs: fix parenthesisation in ufs_set_fs_state() - hugetlb: ensure we do not reference a surplus page after handing it to buddy - file capabilities: simplify signal check - futex: runtime enable pi and robust functionality - futex: fix init order - ARM pxa: fix clock lookup to find specific device clocks - x86: replace LOCK_PREFIX in futex.h - SCSI aic94xx: fix REQ_TASK_ABORT and REQ_DEVICE_RESET - SCSI gdth: don't call pci_free_consistent under spinlock - SCSI ips: fix data buffer accessors conversion bug - usb-storage: don't access beyond the end of the sg buffer - fuse: fix permission checking - CRYPTO xts: Use proper alignment - CRYPTO xcbc: Fix crash with IPsec - SCSI ips: handle scsi_add_host() failure, and other err cleanups - x86: adjust enable_NMI_through_LVT0() - drivers: fix dma_get_required_mask - iov_iter_advance() fix - x86: Clear DF before calling signal handler (closes: #469058) - ub: fix up the conversion to sg_init_table() - MIPS: Mark all but i8259 interrupts as no-probe. - IRQ_NOPROBE helper functions - IPCOMP: Disable BH on output when using shared tfm - IPCONFIG: The kernel gets no IP from some DHCP servers - IPV4: Remove IP_TOS setting privilege checks. - IPV6: dst_entry leak in ip4ip6_err. - IPV6: Fix IPsec datagram fragmentation - NET: Fix race in dev_close(). (Bug 9750) - NET: Messed multicast lists after dev_mc_sync/unsync (closes: #466719) - NIU: Bump driver version and release date. - NIU: Fix BMAC alternate MAC address indexing. - NIU: More BMAC alt MAC address fixes. - TCP: Improve ipv4 established hash function. - SPARC: Fix link errors with gcc-4.3 - SPARC64: Loosen checks in exception table handling. [ Martin Michlmayr ] * [mips/r4k-ip22] Enable BLK_DEV_LOOP and BLK_DEV_CRYPTOLOOP. * [mips/r5k-ip32] Enable BLK_DEV_LOOP and BLK_DEV_CRYPTOLOOP. * [mips/r4k-ip22] Enable PPP, PPPOE and SLIP. * [mips/r5k-ip32] Enable PPP, PPPOE and SLIP. * Don't check the section size when we're cross compiling. [ dann frazier ] * Remove cap_task_kill (closes: #463669) -- Bastian Blank Thu, 27 Mar 2008 12:40:16 +0100 linux-2.6 (2.6.24-4) unstable; urgency=low * Add stable release 2.6.24.1: - splice: missing user pointer access verification (CVE-2008-0009/10) - drm: the drm really should call pci_set_master.. - Driver core: Revert "Fix Firmware class name collision" - fix writev regression: pan hanging unkillable and un-straceable - sched: fix high wake up latencies with FAIR_USER_SCHED - sched: let +nice tasks have smaller impact - b43: Reject new firmware early - selinux: fix labeling of /proc/net inodes - b43legacy: fix DMA slot resource leakage - b43legacy: drop packets we are not able to encrypt - b43legacy: fix suspend/resume - b43legacy: fix PIO crash - b43: Fix dma-slot resource leakage - b43: Drop packets we are not able to encrypt - b43: Fix suspend/resume - sky2: fix for WOL on some devices - sky2: restore multicast addresses after recovery - x86: restore correct module name for apm - ACPI: update ACPI blacklist - PCI: Fix fakephp deadlock - sys_remap_file_pages: fix ->vm_file accounting - lockdep: annotate epoll - forcedeth: mac address mcp77/79 - USB: Fix usb_serial_driver structure for Kobil cardreader driver. - USB: handle idVendor of 0x0000 - USB: fix usbtest halt check on big endian systems - USB: storage: Add unusual_dev for HP r707 - USB: Variant of the Dell Wireless 5520 driver - USB: use GFP_NOIO in reset path - USB: ftdi driver - add support for optical probe device - USB: pl2303: add support for RATOC REX-USB60F - USB: remove duplicate entry in Option driver and Pl2303 driver for Huawei modem - USB: sierra: add support for Onda H600/Zte MF330 datacard to USB Driver for Sierra Wireless - USB: ftdi-sio: Patch to add vendor/device id for ATK_16IC CCD - USB: ftdi_sio - enabling multiple ELV devices, adding EM1010PC - USB: sierra driver - add devices - USB: Adding YC Cable USB Serial device to pl2303 - USB: Sierra - Add support for Aircard 881U - USB: add support for 4348:5523 WinChipHead USB->RS 232 adapter - USB: CP2101 New Device IDs - usb gadget: fix fsl_usb2_udc potential OOPS - USB: keyspan: Fix oops - vm audit: add VM_DONTEXPAND to mmap for drivers that need it (CVE-2008-0007) - slab: fix bootstrap on memoryless node - DVB: cx23885: add missing subsystem ID for Hauppauge HVR1800 Retail [ Martin Michlmayr ] * [arm/ixp4xx] Enble ATA_OVER_ETH, requested by Nicola Fankhauser. * [arm/iop32x] Enble ATA_OVER_ETH. [ Bastian Blank ] * Add stable release 2.6.24.2: - splice: fix user pointer access in get_iovec_page_array() (CVE-2008-0600, closes: #464945) -- Bastian Blank Mon, 11 Feb 2008 12:29:23 +0100 linux-2.6 (2.6.24-3) unstable; urgency=low [ maximilian attems ] * [scsi]: hptiop: add more adapter models and fixes. * [amd64, i386]: Reenable ACPI_PROCFS_POWER. (closes: #463253) [ Gordon Farquharson ] * [arm/ixp4xx] Update Ethernet driver so that it can be loaded by udev automatically. [ Martin Michlmayr ] * [mips/r5k-ip32] Enable R8169, requested by Giuseppe Sacco. (Closes: #463705) -- Bastian Blank Wed, 06 Feb 2008 13:05:18 +0100 linux-2.6 (2.6.24-2) unstable; urgency=low [ Bastian Blank ] * Fix broken merge of flavour specific settings. - [i386]: Recommends are fixed. - [s390/s390-tape]: Built as small image again. [ maximilian attems ] * Disable old dup prism54 driver. * Stable queue: slab: fix bootstrap on memoryless node. [ Aurelien Jarno ] * [arm]: Remove options that are present in topconfig from config.versatile. * [arm]: Turn off B44 since it fails to compile on armel. -- Bastian Blank Thu, 31 Jan 2008 17:37:00 +0100 linux-kbuild-2.6 (2.6.24-1) unstable; urgency=low * New upstream version. -- Bastian Blank Tue, 29 Jan 2008 14:03:06 +0100 linux-2.6 (2.6.24-1) unstable; urgency=low * New upstream release (closes: #461639) [ Martin Michlmayr ] * Don't build the AdvanSys driver on ARM since it fails to compile. * Disable ATH5K on ARM since it fails to compile. * [arm/iop32x] Activate DMADEVICES. * [mips/mipsel] Turn off CONFIG_NIU since it fails to compile. [ maximilian attems ] * [amd64, i386]: Enable ACPI_SYSFS_POWER and disable ACPI_PROCFS_POWER. * [fw] Sync with latest git-ieee1394 for sbp2 fixes. [ Bastian Blank ] * Kill reboot warning from old templates. * Fix strange default value for link_in_boot. (closes: #425056) * [powerpc/powerpc]: Enable Efika support. * [powerpc]: Lower mkvmlinuz to the state of a bootloader. * [powerpc]: Remove ppc and m68k include dirs from headers. * Remove versions from relations fullfilled in stable. [ Aurelien Jarno ] * [arm]: Update versatile config. [ Gordon Farquharson ] * [arm/ixp4xx] Change the ixp4xx network driver from the driver written by Christian Hohnstaedt to the driver written by Krzysztof Hasala which has partially been accepted upstream. -- Bastian Blank Sat, 26 Jan 2008 11:35:11 +0100 linux-2.6 (2.6.24~rc8-1~experimental.1) experimental; urgency=low * New upstream release (closes: #454776, #458142, #457992, #458899, #426124, #459732, #455566). [ maximilian attems ] * New upstream release, rebase dfsg stuff plus drivers-atm.patch, scripts-kconfig-reportoldconfig.patch. * [amd64, powerpc] Set HIGH_RES_TIMERS and NO_HZ (closes: #458312). * topconfig set NETFILTER_XT_MATCH_TIME, NET_ACT_NAT, KSDAZZLE_DONGLE, KS959_DONGLE, NET_9P_FD, IP1000, VETH, IXGBE, NIU, TEHUTI, LIBERTAS_CS, LIBERTAS_SDIO, RT2X00, SENSORS_ADT7470, SENSORS_I5K_AMB, SENSORS_F71882FG, SENSORS_FSCHMD, SENSORS_IBMPEX, CRYPTO_XTS, CRYPTO_SEED, CRYPTO_AUTHENC, DVB_S5H1409, DVB_TUNER_MT2131, INET_LRO, MMC_RICOH_MMC, MMC_SPI, RTC_DRV_DS1374, VIDEO_CX23885, VIDEO_FB_IVTV, USB_SERIAL_CH341, SCSI_SRP_TGT_ATTRS, ADM8211, MTD_INTEL_VR_NOR, MTD_ALAUDA, MTD_ONENAND_2X_PROGRAM, MTD_ONENAND_SIM, DM_MULTIPATH_HP, FUJITSU_LAPTOP, QUOTA_NETLINK_INTERFACE, DM_UEVENT, SCSI_FC_TGT_ATTRS, SSB, BT_HCIUART_LL, BT_HCIBTSDIO, MTD_OOPS, CGROUPS, MDIO_BITBANG, HIDRAW, P54, SDIO_UART, NETCONSOLE_DYNAMIC, SECURITY_FILE_CAPABILITIES. * Disable smbfs in topconfig, not supported upstream, use cifs. * Disable bcm43xx, deprecated by upstream. Enable B43 (needs v4 firmware) and B43LEGACY (needs v3 firmware). * [i386]: Set SND_SC6000, EDAC_I3000, EDAC_I5000, SBC7240_WDT, NET_9P_VIRTIO, FB_GEODE_LX, VIRTIO_NET, VIRTIO_BLK. * Set USB_EHCI_TT_NEWSCHED fills USB 2.0 bandwith better. (closes: #454797) * postrm: Nuke initramfs sha1sum on linux-image removal. (closes: #420245) * Unifiy BSD_PROCESS_ACCT settings across configs. (closes: #455892) * Reenable DABUSB as firmware is BSD licensed. * [hppa]: Disable OCFS2, due build trouble. * topconfig: Enable delay accounting TASKSTATS. (closes: #433204) * Add git-ieee1394.patch for latest firewire fixes. * [i386] Enable PARAVIRT_GUEST. (closes: #457562) * [amd64, i386] Enable CPU_IDLE for software-controlled idle pm. * [amd64, i386] Enable IT8712F_WDT, FB_EFI. * Add and enable at76.patch wireless driver for Atmel USB cards. * Add and enable ath5k.patch wireless driver for Atheros 5xxx cards. * Unify VLAN_8021Q setting, needed also on r5k-cobalt. * Double max SERIAL_8250_NR_UARTS to 32. (closes: #440807) * topconfig: Enable AUDITSYSCALL for better SELinux support. [ Bastian Blank ] * [amd64, i386]: Set kernel architecture to x86. * [i386]: Remove linux-libc-dev arch override. [ Martin Michlmayr ] * [mipsel/r5k-cobalt] Enable the new LEDs driver for Cobalt RaQ. * [arm/iop32x] Re-enable USB_NET and PPP, thanks Daniel Hess (closes: #456416). * [arm/iop32x] Enable BSD_PROCESS_ACCT and POSIX_MQUEUE (closes: #455892). * [mips] Disable AdvanSys SCSI since it doesn't compile. * [arm/ixp4xx] Enable IP_ADVANCED_ROUTER, requested by Oliver Urbann. * [arm/iop32x] Enable IP_ADVANCED_ROUTER. [ dann frazier ] * [ia64]: Enable BLK_CPQ_DA [ Frederik Schüler ] * Add GFS2 locking symbols export patch. [ Aurelien Jarno ] * [mips/mipsel] Remove QEMU flavour, as the Malta platform is now correctly emulated in QEMU. [ Christian T. Steigies ] * [m68k]: Update patches from linux-m68k CVS * [m68k]: Enable building for bvme6000, mvme147, and mvme16x again -- Bastian Blank Fri, 18 Jan 2008 12:23:26 +0100 linux-2.6 (2.6.23-2) unstable; urgency=low [ dann frazier ] * [ia64]: Enable BLK_CPQ_DA [ Gordon Farquharson ] * [arm/iop32x] Use the new i2c framework to load rtc-rs5c372 for the GLAN Tank. [ Frederik Schüler ] * Export gfs2 locking symbols required to build gfs1 module. [ maximilian attems ] * [ppc] Reenable PMAC_BACKLIGHT. * [sparc] Add davem get_cpu() SunFire boot patch. (closes: #440720) * Add stable release 2.6.23.10: - IPV4: Remove bogus ifdef mess in arp_process - KVM: x86 emulator: Use emulator_write_emulated and not emulator_write_std - KVM: SVM: Fix FPU leak while emulating clts - revert "dpt_i2o: convert to SCSI hotplug model" - KVM: x86 emulator: fix access registers for instructions with ModR/M byte and Mod = 3 - KVM: x86 emulator: invd instruction - KVM: SVM: Intercept the 'invd' and 'wbinvd' instructions - KVM: Skip pio instruction when it is emulated, not executed - KVM: VMX: Force vm86 mode if setting flags during real mode - forcedeth: new mcp79 pci ids - forcedeth boot delay fix - PFKEY: Sending an SADB_GET responds with an SADB_GET - rd: fix data corruption on memory pressure. - create /sys/.../power when CONFIG_PM is set - USB: fix up EHCI startup synchronization - RXRPC: Add missing select on CRYPTO - KVM: VMX: Reset mmu context when entering real mode - NET: random : secure_tcp_sequence_number should not assume CONFIG_KTIME_SCALAR - NET: Corrects a bug in ip_rt_acct_read() - NETFILTER: Fix NULL pointer dereference in nf_nat_move_storage() - netfilter: Fix kernel panic with REDIRECT target. - IPV6: Restore IPv6 when MTU is big enough - UNIX: EOF on non-blocking SOCK_SEQPACKET - x86 setup: add a near jump to serialize %cr0 on 386/486 - Fix synchronize_irq races with IRQ handler - CRYPTO api: Fix potential race in crypto_remove_spawn - TCP: Fix TCP header misalignment - tmpfs: restore missing clear_highpage (CVE-2007-6417) - TCP: MTUprobe: fix potential sk_send_head corruption - NETFILTER: fix forgotten module release in xt_CONNMARK and xt_CONNSECMARK - fb_ddc: fix DDC lines quirk - VLAN: Fix nested VLAN transmit bug - I4L: fix isdn_ioctl memory overrun vulnerability (CVE-2007-6151) - isdn: avoid copying overly-long strings - nf_nat: fix memset error - esp_scsi: fix reset cleanup spinlock recursion - libertas: properly account for queue commands - KVM: Fix hang on uniprocessor - USB: make the microtek driver and HAL cooperate - TEXTSEARCH: Do not allow zero length patterns in the textsearch infrastructure - XFRM: Fix leak of expired xfrm_states - NETFILTER: xt_TCPMSS: remove network triggerable WARN_ON - BRIDGE: Lost call to br_fdb_fini() in br_init() error path - DECNET: dn_nl_deladdr() almost always returns no error - BRIDGE: Properly dereference the br_should_route_hook - PKT_SCHED: Check subqueue status before calling hard_start_xmit - Freezer: Fix APM emulation breakage - XFS: Make xfsbufd threads freezable - TCP: Problem bug with sysctl_tcp_congestion_control function - wait_task_stopped(): pass correct exit_code to wait_noreap_copyout() - KVM: x86 emulator: implement 'movnti mem, reg' - TCP: illinois: Incorrect beta usage - futex: fix for futex_wait signal stack corruption - libata: kill spurious NCQ completion detection - hrtimers: avoid overflow for large relative timeouts (CVE-2007-5966) - Input: ALPS - add support for model found in Dell Vostro 1400 (closes: #448818) - PNP: increase the maximum number of resources - sched: some proc entries are missed in sched_domain sys_ctl debug code - ATM: [he] initialize lock and tasklet earlier * Add stable release 2.6.23.11: - BRIDGE: Section fix. - Revert "Freezer: Fix APM emulation breakage" * Backport fix for CVE-2007-5938 - iwlwifi: fix possible NULL dereference in iwl_set_rate() * Add stable release 2.6.23.12: - Revert "PNP: increase the maximum number of resources" * VM/Security: add security hook to do_brk (CVE-2007-6434) * security: protect from stack expantion into low vm addresses * [hppa]: Disable OCFS2, due build trouble. [ Aurelien Jarno ] * [arm/versatile] Disable ACENIC and MYRI10GE as they are useless on this platform. * Add em28xx-dv100.patch to add support for Pinnacle Dazzle DVC 100. [ Bastian Blank ] * Fix abi change in 2.6.23.10. -- maximilian attems Fri, 21 Dec 2007 11:47:55 +0100 linux-kbuild-2.6 (2.6.23-1) unstable; urgency=low * New upstream version. * modpost: Support -s. -- Bastian Blank Wed, 05 Dec 2007 08:23:28 +0100 linux-2.6 (2.6.23-1) unstable; urgency=low * New upstream release (closes: #447682). - r8169: fix confusion between hardware and IP header alignment (closes: #452069). [ maximilian attems ] * [ppc] Enable for powerpc config the ams (Apple Motion Sensor). (closes: #426210) * Add to linux-doc the missing toplevel text files. (closes: #360876, #438697) * Set CONFIG_BLK_DEV_IO_TRACE for blktrace(8) support. (closes: #418442) * ipw2200: Enable IPW2200_RADIOTAP and IPW2200_PROMISCUOUS for optional rtap interface. (closes: #432555) * Enable in topconfig NF_CT_PROTO_UDPLITE, NETFILTER_XT_TARGET_TRACE, NETFILTER_XT_MATCH_CONNLIMIT, NETFILTER_XT_MATCH_U32, SENSORS_ABITUGURU3, SENSORS_LM93, SENSORS_DME1737, SENSORS_THMC50, DVB_USB_AF9005, DVB_USB_AF9005_REMOTE, CRC7, I2C_TAOS_EVM, DS1682, SENSORS_TSL2550, SPI_LM70_LLP, SPI_TLE62X0, W1_SLAVE_DS2760, TUNER_TEA5761, NET_9P, DM_MULTIPATH_RDAC, NET_SCH_RR, EEPROM_93CX6, PPPOL2TP, CRYPTO_HW, UIO, UIO_CIF, SND_CS5530, RTL8187, PC300TOO, TCG_TIS, SCSI_SAS_ATA, PATA_MARVELL. * [i386] Enable lguest. * [amd64, i386] Enable VIDEO_OUTPUT_CONTROL, NETDEVICES_MULTIQUEUE. * linux-image bugscript add cmdline. * [amd64, i386, ia64]: Enable DMIID, ACPI_PROC_EVENT. * Enable TCG_TPM various userspace accesses it. (closes: #439020) * Add and enable IWLWIFI. * Add git-ieee1394.patch for latest firewire fixes. * [ipv6] Enable IPV6_MULTIPLE_TABLES, IPV6_SUBTREES. (closes: #441226) * Add and enable E1000E. * Add stable release 2.6.23.1: - libata: sata_mv: more S/G fixes [ Martin Michlmayr ] * [mips] Add a bcm1480 PCI build fix. * Update Riku Voipio's Fintek F75375/SP driver to the latest version. * [arm/iop32x] Set the fan on Thecus N2100 to full speed (Riku Voipio). * [arm/iop32x] Remove the IPv6 and filesystem info from the config file so we will get the values from the main config file. This should enable NFSv4 and ip6tables support requested by Wouter Verhelst. * [arm/iop32x] Remove even more options to receive the default options. * [arm/ixp4xx] Remove a lot of options to receive the default options. * [mips/r4k-ip22] Remove a lot of options to receive the default options. This will enable ISCSI requested by Martin Zobel-Helas. * [mips/r5k-ip32] Remove a lot of options to receive the default options. This will enable PCI Ethernet devices requested by Giuseppe Sacco. * [mipsel/r5k-cobalt] Remove a lot of options to receive the default options. * [mipsel/r5k-cobalt] Enable the modern Cobalt LEDs driver. * [arm/iop32x] Enable Intel IOP ADMA support. * [arm] Mark BCM43XX as broken on ARM. * [mips/r4k-ip22] Disable EARLY PRINTK because it breaks serial console. * [mips] Add some IP22 fixes from Thomas Bogendoerfer: - Fix broken EISA interrupt setup by switching to generic i8259 - Fix broken eeprom access by using __raw_readl/__raw_writel [ Bastian Blank ] * Add unpriviledged only Xen support. * [i386] Drop k7 images. * Drop maybe IETF document. (closes: #423040) * Drop drivers because of binary only firmwares: - DABUSB driver - COPS LocalTalk PC support - Digi Intl. RightSwitch SE-X support - 3Com 3C359 Token Link Velocity XL adapter support - SMC ISA/MCA adapter support - EMI 6|2m USB Audio interface support - EMI 2|6 USB Audio interface support - Computone IntelliPort Plus serial support * Remove binary only firmwares for: - Alteon AceNIC/3Com 3C985/NetGear GA620 Gigabit support - Broadcom Tigon3 support - USB Keyspan USA-xxx Serial Driver - Korg 1212 IO - ESS Allegro/Maestro3 - Yamaha YMF724/740/744/754 - Technotrend/Hauppauge Nova-USB devices - YAM driver for AX.25 - MyriCOM Gigabit Ethernet support - PTI Qlogic, ISP Driver - Cirrus Logic (Sound Fusion) CS4280/CS461x/CS462x/CS463x - Madge Ambassador (Collage PCI 155 Server) - PCA-200E support - SBA-200E support - Broadcom NetXtremeII support * Disable now broken drivers: - Alteon AceNIC/3Com 3C985/NetGear GA620 Gigabit support - USB Keyspan USA-xxx Serial Driver - Technotrend/Hauppauge Nova-USB devices - YAM driver for AX.25 - MyriCOM Gigabit Ethernet support - PTI Qlogic, ISP Driver - Cirrus Logic (Sound Fusion) CS4280/CS461x/CS462x/CS463x - Madge Ambassador (Collage PCI 155 Server) - PCA-200E support - SBA-200E support - Broadcom NetXtremeII support * Add -common to common header package names. * Drop provides from common header packages. * Update plain image type. * Put only a config dump into linux-support. [ Aurelien Jarno ] * [mips, mipsel] Add a 64-bit image (5kc-malta) for the MIPS Malta board. (closes: #435677) [sparc] Enable r8169 module on sparc64 and sparc64-smp flavours (closes: #431977) [ Frederik Schüler ] * Move all PATA options into the global config file, exept PATA_ARTOP (arm/ixp4xx) and PATA_MPC52xx (powerpc). * Move new global options into the global config file * Clean up new amd64 options [ dann frazier ] * [ia64] Re-enable various unintentionally disabled config options * Enable hugetlbfs on i386, amd64, sparc64 and powerpc64. Closes: #450939 [ Bastian Blank ] * Add stable release 2.6.23.2: - BLOCK: Fix bad sharing of tag busy list on queues with shared tag maps - fix tmpfs BUG and AOP_WRITEPAGE_ACTIVATE - Fix compat futex hangs. (closes: #433187) - sched: keep utime/stime monotonic - fix the softlockup watchdog to actually work - splice: fix double kunmap() in vmsplice copy path - writeback: don't propagate AOP_WRITEPAGE_ACTIVATE - SLUB: Fix memory leak by not reusing cpu_slab - HOWTO: update ja_JP/HOWTO with latest changes - fix param_sysfs_builtin name length check - param_sysfs_builtin memchr argument fix - Remove broken ptrace() special-case code from file mapping - locks: fix possible infinite loop in posix deadlock detection - lockdep: fix mismatched lockdep_depth/curr_chain_hash * Add stable release 2.6.23.3: - revert "x86_64: allocate sparsemem memmap above 4G" - x86: fix TSC clock source calibration error - x86 setup: sizeof() is unsigned, unbreak comparisons - x86 setup: handle boot loaders which set up the stack incorrectly - x86: fix global_flush_tlb() bug - xfs: eagerly remove vmap mappings to avoid upsetting Xen - xen: fix incorrect vcpu_register_vcpu_info hypercall argument - xen: deal with stale cr3 values when unpinning pagetables - xen: add batch completion callbacks - UML - kill subprocesses on exit - UML - stop using libc asm/user.h - UML - Fix kernel vs libc symbols clash - UML - Stop using libc asm/page.h - POWERPC: Make sure to of_node_get() the result of pci_device_to_OF_node() - POWERPC: Fix handling of stfiwx math emulation - MIPS: R1: Fix hazard barriers to make kernels work on R2 also. - MIPS: MT: Fix bug in multithreaded kernels. - Fix sparc64 MAP_FIXED handling of framebuffer mmaps - Fix sparc64 niagara optimized RAID xor asm * Add stable release 2.6.23.4: - mac80211: make ieee802_11_parse_elems return void - mac80211: only honor IW_SCAN_THIS_ESSID in STA, IBSS, and AP modes - mac80211: honor IW_SCAN_THIS_ESSID in siwscan ioctl - mac80211: store SSID in sta_bss_list - mac80211: store channel info in sta_bss_list - mac80211: reorder association debug output - ieee80211: fix TKIP QoS bug - NETFILTER: nf_conntrack_tcp: fix connection reopening - Fix netlink timeouts. - Fix crypto_alloc_comp() error checking. - Fix SET_VLAN_INGRESS_PRIORITY_CMD error return. - Fix VLAN address syncing. - Fix endianness bug in U32 classifier. - Fix TEQL oops. - Fix error returns in sys_socketpair() - softmac: fix wext MLME request reason code endianness - Fix kernel_accept() return handling. - TCP: Fix size calculation in sk_stream_alloc_pskb - Fix SKB_WITH_OVERHEAD calculations. - Fix 9P protocol build - Fix advertised packet scheduler timer resolution - Add get_unaligned to ieee80211_get_radiotap_len - mac80211: Improve sanity checks on injected packets - mac80211: filter locally-originated multicast frames * Add stable release 2.6.23.5: - zd1211rw, fix oops when ejecting install media - rtl8187: Fix more frag bit checking, rts duration calc - ipw2100: send WEXT scan events - zd1201: avoid null ptr access of skb->dev - sky2: fix power settings on Yukon XL - sky2: ethtool register reserved area blackout - sky2: status ring race fix - skge: XM PHY handling fixes - Fix L2TP oopses. - TG3: Fix performance regression on 5705. - forcedeth: add MCP77 device IDs - forcedeth msi bugfix - ehea: 64K page kernel support fix - libertas: fix endianness breakage - libertas: more endianness breakage * Add stable release 2.6.23.6: - ACPI: suspend: Wrong order of GPE restore. - ACPI: sleep: Fix GPE suspend cleanup - libata: backport ATA_FLAG_NO_SRST and ATA_FLAG_ASSUME_ATA, part 2 - libata: backport ATA_FLAG_NO_SRST and ATA_FLAG_ASSUME_ATA - libata: add HTS542525K9SA00 to NCQ blacklist - radeon: set the address to access the GART table on the CPU side correctly - Char: moxa, fix and optimise empty timer - Char: rocket, fix dynamic_dev tty - hptiop: avoid buffer overflow when returning sense data - ide: Fix cs5535 driver accessing beyond array boundary - ide: Fix siimage driver accessing beyond array boundary - ide: Add ide_get_paired_drive() helper - ide: fix serverworks.c UDMA regression - i4l: fix random freezes with AVM B1 drivers - i4l: Fix random hard freeze with AVM c4 card - ALSA: hda-codec - Add array terminator for dmic in STAC codec - USB: usbserial - fix potential deadlock between write() and IRQ - USB: add URB_FREE_BUFFER to permissible flags - USB: mutual exclusion for EHCI init and port resets - usb-gadget-ether: prevent oops caused by error interrupt race - USB: remove USB_QUIRK_NO_AUTOSUSPEND - MSI: Use correct data offset for 32-bit MSI in read_msi_msg() - md: raid5: fix clearing of biofill operations - md: fix an unsigned compare to allow creation of bitmaps with v1.0 metadata - dm: fix thaw_bdev - dm delay: fix status - libata: sync NCQ blacklist with upstream - ALSA: hdsp - Fix zero division - ALSA: emu10k1 - Fix memory corruption - ALSA: Fix build error without CONFIG_HAS_DMA - ALSA: fix selector unit bug affecting some USB speakerphones - ALSA: hda-codec - Avoid zero NID in line_out_pins[] of STAC codecs - IB/mthca: Use mmiowb() to avoid firmware commands getting jumbled up - IB/uverbs: Fix checking of userspace object ownership - hwmon/lm87: Disable VID when it should be - hwmon/lm87: Fix a division by zero - hwmon/w83627hf: Don't assume bank 0 - hwmon/w83627hf: Fix setting fan min right after driver load - i915: fix vbl swap allocation size. - POWERPC: Fix platinumfb framebuffer * Add stable release 2.6.23.7: - NFS: Fix a writeback race... - ocfs2: fix write() performance regression - minixfs: limit minixfs printks on corrupted dir i_size (CVE-2006-6058) * Add stable release 2.6.23.8: - wait_task_stopped: Check p->exit_state instead of TASK_TRACED (CVE-2007-5500) - TCP: Make sure write_queue_from does not begin with NULL ptr (CVE-2007-5501) * Add stable release 2.6.23.9: - ipw2200: batch non-user-requested scan result notifications - USB: Nikon D40X unusual_devs entry - USB: unusual_devs modification for Nikon D200 - softlockup: use cpu_clock() instead of sched_clock() - softlockup watchdog fixes and cleanups - x86: fix freeze in x86_64 RTC update code in time_64.c - ntp: fix typo that makes sync_cmos_clock erratic - x86: return correct error code from child_rip in x86_64 entry.S - x86: NX bit handling in change_page_attr() - x86: mark read_crX() asm code as volatile - x86: fix off-by-one in find_next_zero_string - i386: avoid temporarily inconsistent pte-s - libcrc32c: keep intermediate crc state in cpu order - geode: Fix not inplace encryption - Fix divide-by-zero in the 2.6.23 scheduler code - ACPI: VIDEO: Adjust current level to closest available one. - libata: sata_sis: use correct S/G table size - sata_sis: fix SCR read breakage - reiserfs: don't drop PG_dirty when releasing sub-page-sized dirty file - x86: disable preemption in delay_tsc() - dmaengine: fix broken device refcounting - nfsd4: recheck for secure ports in fh_verify - knfsd: fix spurious EINVAL errors on first access of new filesystem - raid5: fix unending write sequence - oProfile: oops when profile_pc() returns ~0LU - drivers/video/ps3fb: fix memset size error - i2c/eeprom: Hide Sony Vaio serial numbers - i2c/eeprom: Recognize VGN as a valid Sony Vaio name prefix - i2c-pasemi: Fix NACK detection -- maximilian attems Fri, 30 Nov 2007 11:40:09 +0100 linux-2.6 (2.6.22-6) unstable; urgency=low [ Martin Michlmayr ] * [mips] Add IP22 (SGI Indy) patches from Thomas Bogendoerfer: - Disable EARLY PRINTK because it breaks serial. - fix wrong argument order. - wrong check for second HPC. Closes: #448488 [ maximilian attems ] * Add stable release 2.6.22.11 - minus ipv6 abi breaker: - libertas: fix endianness breakage - libertas: more endianness breakage - Fix ROSE module unload oops. - Add get_unaligned to ieee80211_get_radiotap_len - Fix ipv6 redirect processing, leads to TAHI failures. - i915: fix vbl swap allocation size. - Fix ESP host instance numbering. - Fix TCP MD5 on big-endian. - Fix zero length socket write() semantics. - Fix sys_ipc() SEMCTL on sparc64. - Fix TCP initial sequence number selection. - lockdep: fix mismatched lockdep_depth/curr_chain_hash - V4L: ivtv: fix udma yuv bug - Fix TCP's ->fastpath_cnt_hit handling. - hwmon/lm87: Fix a division by zero - hwmon/lm87: Disable VID when it should be - hwmon/w83627hf: Fix setting fan min right after driver load - hwmon/w83627hf: Don't assume bank 0 - netdrvr: natsemi: Fix device removal bug - Fix ieee80211 handling of bogus hdrlength field - mac80211: filter locally-originated multicast frames - POWERPC: Fix handling of stfiwx math emulation - dm9601: Fix receive MTU - firewire: fix unloading of fw-ohci while devices are attached - Fix cls_u32 error return handling. - ACPI: disable lower idle C-states across suspend/resume * Add stable release 2.6.22.12-rc1: - genirq: cleanup mismerge artifact - genirq: suppress resend of level interrupts - genirq: mark io_apic level interrupts to avoid resend - IB/uverbs: Fix checking of userspace object ownership - minixfs: limit minixfs printks on corrupted dir i_size (CVE-2006-6058) - param_sysfs_builtin memchr argument fix - x86: fix global_flush_tlb() bug - dm snapshot: fix invalidation deadlock - Revert "x86_64: allocate sparsemem memmap above 4G" [ Bastian Blank ] * Update vserver patch to 2.2.0.5. - Ignore symbols from never to be merged patch. -- maximilian attems Sun, 4 Nov 2007 17:35:51 +0100 linux-2.6 (2.6.22-5) unstable; urgency=low [ maximilian attems ] * Add stable release 2.6.22.6: - USB: allow retry on descriptor fetch errors - PCI: lets kill the 'PCI hidden behind bridge' message - Netfilter: Missing Kbuild entry for netfilter - Fix soft-fp underflow handling. - SPARC64: Fix sparc64 task stack traces. - TCP: Do not autobind ports for TCP sockets - DCCP: Fix DCCP GFP_KERNEL allocation in atomic context - NET: Share correct feature code between bridging and bonding - SNAP: Fix SNAP protocol header accesses. - NET: Fix missing rcu unlock in __sock_create() - IPv6: Invalid semicolon after if statement - TCP: Fix TCP rate-halving on bidirectional flows. - TCP: Fix TCP handling of SACK in bidirectional flows. - uml: fix previous request size limit fix - usb: add PRODUCT, TYPE to usb-interface events - PPP: Fix PPP buffer sizing. - ocfs2: Fix bad source start calculation during kernel writes - signalfd: fix interaction with posix-timers - signalfd: make it group-wide, fix posix-timers scheduling - USB: fix DoS in pwc USB video driver - sky2: don't clear phy power bits - PCI: disable MSI on RS690 - PCI: disable MSI on RD580 - PCI: disable MSI on RX790 - IPV6: Fix kernel panic while send SCTP data with IP fragments - i386: fix lazy mode vmalloc synchronization for paravirt * Set abi to 3. * Add stable release 2.6.22.7: (CVE-2007-4573) - x86_64: Zero extend all registers after ptrace in 32bit entry path. * Add stable release 2.6.22.8: (CVE-2007-4571) - Convert snd-page-alloc proc file to use seq_file * Add stable release 2.6.22.9: - 3w-9xxx: Fix dma mask setting - Fix pktgen src_mac handling. - nfs: fix oops re sysctls and V4 support - DVB: get_dvb_firmware: update script for new location of tda10046 firmware - afs: mntput called before dput - disable sys_timerfd() - Fix "Fix DAC960 driver on machines which don't support 64-bit DMA" - futex_compat: fix list traversal bugs - MTD: Initialise s_flags in get_sb_mtd_aux() - Fix sparc64 v100 platform booting. - Fix IPV6 DAD handling - ext34: ensure do_split leaves enough free space in both blocks - dir_index: error out instead of BUG on corrupt dx dirs - Fix oops in vlan and bridging code - V4L: ivtv: fix VIDIOC_S_FBUF: new OSD values were never set - crypto: blkcipher_get_spot() handling of buffer at end of page - Fix datagram recvmsg NULL iov handling regression. - Handle snd_una in tcp_cwnd_down() - Fix TCP DSACK cwnd handling - JFFS2: fix write deadlock regression - hwmon: End of I/O region off-by-one - Fix debug regression in video/pwc - splice: fix direct splice error handling - Fix race with shared tag queue maps - Fix ipv6 source address handling. - POWERPC: Flush registers to proper task context - bcm43xx: Fix cancellation of work queue crashes - Fix DAC960 driver on machines which don't support 64-bit DMA - DVB: get_dvb_firmware: update script for new location of sp8870 firmware - USB: fix linked list insertion bugfix for usb core - Correctly close old nfsd/lockd sockets. - Fix IPSEC AH4 options handling - setpgid(child) fails if the child was forked by sub-thread - sigqueue_free: fix the race with collect_signal() - Fix decnet device address listing. - Fix inet_diag OOPS. - Leases can be hidden by flocks - kconfig: oldconfig shall not set symbols if it does not need to - MTD: Makefile fix for mtdsuper - firewire: fw-ohci: ignore failure of pci_set_power_state (fix suspend regression) - ieee1394: ohci1394: fix initialization if built non-modular - Fix device address listing for ipv4. - Fix tc_ematch kbuild - V4L: cx88: Avoid a NULL pointer dereference during mpeg_open() - DVB: b2c2-flexcop: fix Airstar HD5000 tuning regression - fix realtek phy id in forcedeth - rpc: fix garbage in printk in svc_tcp_accept() - Fix IPV6 append OOPS. - Fix ipv6 double-sock-release with MSG_CONFIRM - ACPI: Validate XSDT, use RSDT if XSDT fails * Update vserver patch to 2.2.0.4. * Add stable release 2.6.22.10: - i386: Use global flag to disable broken local apic timer on AMD CPUs. - Fix timer_stats printout of events/sec - libata: update drive blacklists - i2c-algo-bit: Read block data bugfix - scsi_transport_spi: fix domain validation failure from incorrect width setting - Fix SMP poweroff hangs - Fix ppp_mppe kernel stack usage. - sky2: reduce impact of watchdog timer - sky2: fix VLAN receive processing - sky2: fix transmit state on resume - SELinux: clear parent death signal on SID transitions - NLM: Fix a circular lock dependency in lockd - NLM: Fix a memory leak in nlmsvc_testlock [ Martin Michlmayr ] * [mips] Add a fix so qemu NE2000 will work again. * [mipsel/r5k-cobalt] Enable MTD. * [mips] Backport "Fix CONFIG_BUILD_ELF64 kernels with symbols in CKSEG0" to fix crash on boot on IP32 (SGI O2). Closes: #444104. [ Steve Langasek ] * Set CONFIG_MATHEMU=y on alpha, which is required for proper fp math on at least ev4-ev56 systems. Closes: #411813. * linux-image packages need to depend on a newer version of coreutils, because of the use of readlink -q -m inherited from kernel-package. Closes: #413311. [ Bastian Blank ] * Fix tainted check in bug scripts. [ dann frazier ] * [ia64] Re-enable various unintentionally disabled config options -- Maximilian Attems Thu, 11 Oct 2007 13:31:38 +0000 linux-2.6 (2.6.22-4) unstable; urgency=low [ dann frazier ] * [hppa] Use generic compat_sys_getdents (closes: #431773) [ Martin Michlmayr ] * [powerpc] Fix PS/2 keyboard detection on Pegasos (closes: #435378). [ Emanuele Rocca ] * [sparc] Add patch to fix PCI config space accesses on sun4u. * [sparc] Disable CONFIG_SCSI_SCAN_ASYNC. [ maximilian attems ] * Add stable release 2.6.22.2: - usb-serial: Fix edgeport regression on non-EPiC devices - Missing header include in ipt_iprange.h - drivers/video/macmodes.c:mac_find_mode() mustn't be __devinit - Fix ipv6 tunnel endianness bug. - aacraid: fix security hole - USB: cdc-acm: fix sysfs attribute registration bug - USB: fix warning caused by autosuspend counter going negative - Fix sparc32 memset() - Fix leak on /proc/lockdep_stats - Fix leaks on /proc/{*/sched, sched_debug, timer_list, timer_stats} - futex: pass nr_wake2 to futex_wake_op - md: handle writes to broken raid10 arrays gracefully - forcedeth bug fix: cicada phy - forcedeth bug fix: vitesse phy - forcedeth bug fix: realtek phy - ACPI: dock: fix opps after dock driver fails to initialize - pcmcia: give socket time to power down - drm/i915: Fix i965 secured batchbuffer usage (CVE-2007-3851) - Fix console write locking in sparc drivers. - Sparc64 bootup assembler bug - IPV6: /proc/net/anycast6 unbalanced inet6_dev refcnt - make timerfd return a u64 and fix the __put_user - Fix error queue socket lookup in ipv6 - Input: lifebook - fix an oops on Panasonic CF-18 - readahead: MIN_RA_PAGES/MAX_RA_PAGES macros - V4L: Add check for valid control ID to v4l2_ctrl_next - V4L: ivtv: fix broken VBI output support - V4L: ivtv: fix DMA timeout when capturing VBI + another stream - V4L: ivtv: Add locking to ensure stream setup is atomic - V4L: wm8775/wm8739: Fix memory leak when unloading module - do not limit locked memory when RLIMIT_MEMLOCK is RLIM_INFINITY - Include serial_reg.h with userspace headers (closes: #433755) - TCP FRTO retransmit bug fix - Fix rfkill IRQ flags. - nfsd: fix possible read-ahead cache and export table corruption - nfsd: fix possible oops on re-insertion of rpcsec_gss modules - jbd commit: fix transaction dropping - jbd2 commit: fix transaction dropping - softmac: Fix ESSID problem - uml: limit request size on COWed devices - UML: exports for hostfs - splice: fix double page unlock - cfq-iosched: fix async queue behaviour - cr_backlight_probe() allocates too little storage for struct cr_panel - sx: switch subven and subid values - hugetlb: fix race in alloc_fresh_huge_page() - KVM: SVM: Reliably detect if SVM was disabled by BIOS - dm io: fix another panic on large request - md: raid10: fix use-after-free of bio - fs: 9p/conv.c error path fix - Fix sparc32 udelay() rounding errors. - sony-laptop: fix bug in event handling - eCryptfs: ecryptfs_setattr() bugfix - Hangup TTY before releasing rfcomm_dev - dm io: fix panic on large request - dm raid1: fix status - dm snapshot: permit invalid activation - "ext4_ext_put_in_cache" uses __u32 to receive physical block number - destroy_workqueue() can livelock - USB: fix for ftdi_sio quirk handling - Fix TC deadlock. - Fix IPCOMP crashes. - gen estimator timer unload race - Netfilter: Fix logging regression - Fix user struct leakage with locked IPC shem segment - Fix reported task file values in sense data - gen estimator deadlock fix - Netpoll leak - dm: disable barriers - firewire: fw-sbp2: set correct maximum payload (fixes CardBus adapters) - fw-ohci: fix "scheduling while atomic" - firewire: fix memory leak of fw_request instances - ieee1394: revert "sbp2: enforce 32bit DMA mapping" - libata: add FUJITSU MHV2080BH to NCQ blacklist - i386: HPET, check if the counter works - CPU online file permission - acpi-cpufreq: Proper ReadModifyWrite of PERF_CTL MSR - Keep rfcomm_dev on the list until it is freed - SCTP scope_id handling fix - Fix ipv6 link down handling. - Fix TCP IPV6 MD5 bug. - sysfs: release mutex when kmalloc() failed in sysfs_open_file(). - nf_conntrack: don't track locally generated special ICMP error * Bump abi due to firewire, ivtv and xrfm changes. * Add stable release 2.6.22.3: - fix oops in __audit_signal_info() - direct-io: fix error-path crashes - powerpc: Fix size check for hugetlbfs - stifb: detect cards in double buffer mode more reliably - pata_atiixp: add SB700 PCI ID - PPC: Revert "[POWERPC] Add 'mdio' to bus scan id list for platforms with QE UEC" - random: fix bound check ordering (CVE-2007-3105) - softmac: Fix deadlock of wx_set_essid with assoc work - PPC: Revert "[POWERPC] Don't complain if size-cells == 0 in prom_parse()" - ata_piix: update map 10b for ich8m - CPUFREQ: ondemand: fix tickless accounting and software coordination bug - CPUFREQ: ondemand: add a check to avoid negative load calculation * Add stable release 2.6.22.4: - Reset current->pdeath_signal on SUID binary execution (CVE-2007-3848) * Add stable release 2.6.22.5: - x86_64: Check for .cfi_rel_offset in CFI probe - x86_64: Change PMDS invocation to single macro - i386: Handle P6s without performance counters in nmi watchdog - revert "x86, serial: convert legacy COM ports to platform devices" - ACPICA: Fixed possible corruption of global GPE list - ACPICA: Clear reserved fields for incoming ACPI 1.0 FADTs - i386: Fix double fault handler - JFFS2 locking regression fix. - r8169: avoid needless NAPI poll scheduling - Linux 2.6.22.5 - AVR32: Fix atomic_add_unless() and atomic_sub_unless() - i386: allow debuggers to access the vsyscall page with compat vDSO - hwmon: (smsc47m1) restore missing name attribute - hwmon: fix w83781d temp sensor type setting - Hibernation: do not try to mark invalid PFNs as nosave - sky2: restore workarounds for lost interrupts - sky2: carrier management - sky2: check for more work before leaving NAPI - sky2: check drop truncated packets - forcedeth: fix random hang in forcedeth driver when using netconsole - libata: add ATI SB700 device IDs to AHCI driver [ dann frazier ] * [ia64] Restore config cleanup now that its safe to break the ABI [ Bastian Blank ] * Update vserver patch to 2.2.0.3. -- Bastian Blank Thu, 30 Aug 2007 20:19:44 +0200 linux-2.6 (2.6.22-3) unstable; urgency=low [ dann frazier ] * [ia64] Config cleanup in 2.6.22-2 broke the ABI; revert most of it for now (everything but the efivars and sym53c8xx modules) [ Martin Michlmayr ] * [mipsel/r5k-cobalt] Fix a typo in the config file. * [mipsel/4kc-malta] Update the config file, thanks Aurelien Jarno. * [mipsel] Add patch from Yoichi Yuasa to fix IDE on Cobalt. -- Bastian Blank Sun, 29 Jul 2007 13:47:38 +0200 linux-2.6 (2.6.22-2) unstable; urgency=low [ Steve Langasek ] * [alpha] request_irq-retval.patch: capture the return value of all request_irq() calls in sys_titan.c to suppress the warning (and build failure with -Werror); failures still aren't being handled, but there's nothing that needs to be done -- or nothing that can be done -- if these requests fail anyway. [ Christian T. Steigies ] * Add module.lds to kernel headers (closes: #396220) * Enable INPUT_UINPUT on mac * Add 2.6.22 patches from linux-m68k CVS [ maximilian attems ] * Add stable release 2.6.22.1: - nf_conntrack_h323: add checking of out-of-range on choices' index values (CVE-2007-3642) [ dann frazier ] * [ia64] Re-enable various config options which were unintentionally disabled somewhere between 2.6.21 and 2.6.22 * [ia64] Re-enable vserver flavour - this was somehow lost when 2.6.22 was merged from trunk to the sid branch [ Bastian Blank ] * Update vserver patch to 2.2.0.3-rc1. -- Bastian Blank Mon, 23 Jul 2007 09:38:01 +0200 linux-kbuild-2.6 (2.6.22-1) unstable; urgency=low * New upstream version. * Don't fail if no module is specified. -- Bastian Blank Tue, 17 Jul 2007 23:14:23 +0200 linux-2.6 (2.6.22-1) unstable; urgency=low [ Bastian Blank ] * Drop asfs options. * Drop linux-libc-headers references. * Update vserver patch to 2.2.0-rc5. [ maximilian attems ] * Fullfils policy 3.7.2.2. * Add Sempron to the k7 image description (closes: #384737) Thanks Robert Millan . * [powerpc] Enable CONFIG_ADB_PMU_LED. * [hppa] Disable a bunch of topconfig enabled fb devices. Thanks Frank Lichtenheld for build fix. [ Christian T. Steigies ] * Add module.lds to kernel headers * Enable INPUT_UINPUT on mac * Add 2.6.22 patches from linux-m68k CVS [ dann frazier ] * Enable vserver flavour for ia64 (closes: #423232) -- Bastian Blank Sun, 15 Jul 2007 15:03:40 +0200 linux-2.6 (2.6.22~rc5-1~experimental.1) experimental; urgency=low [ Bastian Blank ] * [powerpc]: Disable prep. * [powerpc]: Disable apm emulation. * Drop inactive members from Uploaders. [ maximilian attems ] * Cleanup configs of old unused variables. * Enable TCP_CONG_YEAH, TCP_CONG_ILLINOIS, NF_CONNTRACK_SANE, DM_DELAY, GIGASET_M101, SATA_INIC162X, VIDEO_IVTV, USB_ZR364XX, INFINIBAND_CXGB3, MLX4_INFINIBAND, SPI_AT25, MFD_SM501, DVB_USB_M920X, DVB_USB_GL861, DVB_USB_AU6610, DVB_USB_OPERA1, SENSORS_AD7418, SENSORS_ADM1029, SENSORS_F75375S, SENSORS_CORETEMP, SENSORS_MAX6650, SENSORS_APPLESMC, I2C_SIMTEC, I2C_TINY_USB, SC92031, LIBERTAS_USB, RFKILL, RFKILL_INPUT, MTD_UBI, SND_USB_CAIAQ, SND_USB_CAIAQ_INPUT, USB_BERRY_CHARGE, RTC_DRV_MAX6900, SUNRPC_BIND34, SND_PORTMAN2X4, FB_VT8623, FUSION_LAN, DISPLAY_SUPPORT, FB_ARK, FB_SM501 and disable SCSI_ESP_CORE, SPI_SPIDEV, CRYPT_CRYPTD, SYSV68_PARTITION, MOUSE_PS2_TOUCHKIT, INPUT_POLLDEV in topconfig. * [amd64, i386]: Take care of the renaming acpi-ibm to thinkpad-acpi. Enable KINGSUN_DONGLE, AF_RXRPC, RXKAD, MTD_NAND_PLATFORM, BLINK, PHANTOM, BACKLIGHT_PROGEAR, FB_HECUBA, FB_LE80578, FB_CARILLO_RANCH. Disable OSS_OBSOLETE. * Enable WLAN_PRE80211 and WLAN_80211 on all archs with NET_RADIO enabled. * Fix RTC_INTF_{DEV,SYSFS,PROC}=y where enabled modular. * Enable new wirless stack mac80211 and improved wireless conf api. * Enable new USB Touchscreen Driver on all configs with touchscreens. * Enable the newly added crypto algorythm: fcrypt, pcbc and camellia. * Unify CONFIG_TR to toplevel config, also enable new drivers 3C359 and SMCTR. * Enable the moved USB tablets config options where wacom is enabled. * [i386] Enable driver for Crystalfontz 128x64 2-color LCD. * [amd64] Enable KS0108 LCD controller. * Enable the new firewire stack labeled to be more simple and robust. * [i386] Enable VMI paravirtualized interface. * [powerpc] Enable fb for IBM GXT4500P adaptor. * [amd64] Enable timerstats too. [ Martin Michlmayr ] * mipsel/r5k-cobalt: Use the new RTC system. [ dann frazier ] * Add Xen licensing info to the copyright file. (closes: #368912) [ Gordon Farquharson ] * arm: Mark CHELSIO_T3, NETXEN_NIC, BCM43XX, VIDEO_BT848, DVB_B2C2_FLEXCOP, and DVB_BUDGET as broken on ARM. * arm/ixp4xx: Add support for the new generic I2C GPIO driver on the NSLU2 and the NAS100D. Thanks to Michael-Luke Jones and Rod Whitby. * arm/ixp4xx: Update Artop PATA support patch for the NAS 100d. [ Christian T. Steigies ] * m68k: Disable already included patches (611, 618, 630) -- Bastian Blank Tue, 19 Jun 2007 17:49:52 +0200 linux-2.6 (2.6.21-6) unstable; urgency=low * Add stable release 2.6.21.6: - nf_conntrack_h323: add checking of out-of-range on choices' index values (CVE-2007-3642) * Update vserver patch to 2.2.0. -- Bastian Blank Tue, 10 Jul 2007 18:36:17 +0200 linux-2.6 (2.6.21-5) unstable; urgency=low [ Christian T. Steigies ] * [m68k] Add atari isa and scsi fixes [ maximilian attems ] * Add stable release 2.6.21.4: - cpuset: prevent information leak in cpuset_tasks_read (CVE-2007-2875) - random: fix error in entropy extraction (CVE-2007-2453 1 of 2) - random: fix seeding with zero entropy (CVE-2007-2453 2 of 2) - NETFILTER: {ip, nf}_conntrack_sctp: fix remotely triggerable NULL ptr dereference (CVE-2007-2876) * Add stable release 2.6.21.5: - acpi: fix potential call to a freed memory section. - USB: set the correct Interrupt interval in usb_bulk_msg - i386: Fix K8/core2 oprofile on multiple CPUs - ntfs_init_locked_inode(): fix array indexing - ALSA: wm8750 typo fix - neofb: Fix pseudo_palette array overrun in neofb_setcolreg - e1000: disable polling before registering netdevice - timer statistics: fix race - x86: fix oprofile double free - ALSA: usb-audio: explicitly match Logitech QuickCam - zd1211rw: Add AL2230S RF support - IPV4: Correct rp_filter help text. - Fix AF_UNIX OOPS - ICMP: Fix icmp_errors_use_inbound_ifaddr sysctl - NET: Fix BMSR_100{HALF,FULL}2 defines in linux/mii.h - SPARC64: Fix _PAGE_EXEC_4U check in sun4u I-TLB miss handler. - SPARC64: Don't be picky about virtual-dma values on sun4v. - SPARC64: Fix two bugs wrt. kernel 4MB TSB. - cciss: fix pci_driver.shutdown while device is still active - fix compat console unimap regression - timer stats: speedups - SPARC: Linux always started with 9600 8N1 - pci_ids: update patch for Intel ICH9M - PCI: quirk disable MSI on via vt3351 - UML - Improve host PTRACE_SYSEMU check - NET: parse ip:port strings correctly in in4_pton - Char: cyclades, fix deadlock - IPSEC: Fix panic when using inter address familiy IPsec on loopback. - TCP: Use default 32768-61000 outgoing port range in all cases. - TG3: Fix link problem on Dell's onboard 5906. - fuse: fix mknod of regular file - md: Avoid overflow in raid0 calculation with large components. - md: Don't write more than is required of the last page of a bitmap - make freezeable workqueues singlethread - tty: fix leakage of -ERESTARTSYS to userland - V4L/DVB (5593): Budget-ci: Fix tuning for TDM 1316 (160..200 MHz) - Input: i8042 - fix AUX port detection with some chips - SCSI: aacraid: Correct sa platform support. (Was: [Bug 8469] Bad EIP value on pentium3 SMP kernel-2.6.21.1) - BLUETOOTH: Fix locking in hci_sock_dev_event(). - hpt366: don't check enablebits for HPT36x - ieee1394: eth1394: bring back a parent device - NET: Fix race condition about network device name allocation. - ALSA: hda-intel - Probe additional slots only if necessary - ALSA: hda-intel - Fix detection of audio codec on Toshiba A100 - ahci: disable 64bit dma on sb600 - i386: HPET, check if the counter works - Ignore bogus ACPI info for offline CPUs - NOHZ: Rate limit the local softirq pending warning output - Prevent going idle with softirq pending - Work around Dell E520 BIOS reboot bug - NET: "wrong timeout value" in sk_wait_data() v2 - IPV6 ROUTE: No longer handle ::/0 specially. - x86_64: allocate sparsemem memmap above 4G * Bump ABI to 2. [ Bastian Blank ] * Back out ABI fixing changes. * Update vserver patch to 2.2.0-rc3. -- Bastian Blank Fri, 22 Jun 2007 12:39:47 +0200 linux-2.6 (2.6.21-4) unstable; urgency=low * [powerpc] Fix mkvmlinuz support. * [s390] Add exception handler for diagnose 224. -- Bastian Blank Sat, 26 May 2007 14:08:44 +0200 linux-2.6 (2.6.21-3) unstable; urgency=low [ Gordon Farquharson ] * arm/ixp4xx: Add patch to set NSLU2 timer frequency. [ maximilian attems ] * sparc64: enable USB_SERIAL. (closes: #412740) * Apply stable 2.6.21.1. * Add stable release 2.6.21.2: - slob: fix page order calculation on not 4KB page - libata-sff: Undo bug introduced with pci_iomap changes - kbuild: fixdep segfault on pathological string-o-death - IPMI: fix SI address space settings - IPV6: Reverse sense of promisc tests in ip6_mc_input - iop: fix iop_getttimeoffset - iop13xx: fix i/o address translation - arm: fix handling of svc mode undefined instructions - CPUFREQ: powernow-k7: fix MHz rounding issue with perflib - CPUFREQ: Support rev H AMD64s in powernow-k8 - CPUFREQ: Correct revision mask for powernow-k8 - JFS: Fix race waking up jfsIO kernel thread - IPV6: Send ICMPv6 error on scope violations. - SPARC64: Add missing cpus_empty() check in hypervisor xcall handling. - SPARC64: Fix recursion in PROM tree building. - SERIAL SUNHV: Add an ID string. - SPARC64: Bump PROMINTR_MAX to 32. - SPARC64: Be more resiliant with PCI I/O space regs. - oom: fix constraint deadlock - fix for bugzilla 8426: massive slowdown on SCSI CD/DVD drive connected to mptspi driver - x86_64 : Fix vgettimeofday() - IPV6: Fix slab corruption running ip6sic - IPSEC: Check validity of direction in xfrm_policy_byid - CRYPTO: api: Read module pointer before freeing algorithm - NET_SCHED: prio qdisc boundary condition - reiserfs: suppress lockdep warning - USB HID: hiddev - fix race between hiddev_send_event() and hiddev_release() - NETFILTER: {ip,nf}_nat_proto_gre: do not modify/corrupt GREv0 packets through NAT - fix leaky resv_huge_pages when cpuset is in use - ACPI: Fix 2.6.21 boot regression on P4/HT - TG3: Fix TSO bugs. - TG3: Remove reset during MAC address changes. - TG3: Update version and reldate. - BNX2: Fix TSO problem with small MSS. - BNX2: Block MII access when ifdown. - BNX2: Save PCI state during suspend. - BNX2: Update version and reldate. - sis900: Allocate rx replacement buffer before rx operation - knfsd: Avoid use of unitialised variables on error path when nfs exports. - knfsd: rpc: fix server-side wrapping of krb5i replies - md: Avoid a possibility that a read error can wrongly propagate through - md/raid1 to a filesystem. - fat: fix VFAT compat ioctls on 64-bit systems - NETFILTER: {ip,nf}_conntrack: fix use-after-free in helper destroy callback invocation - ppp: Fix ppp_deflate issues with recent zlib_inflate changes - NETPOLL: Fix TX queue overflow in trapped mode. - NETPOLL: Remove CONFIG_NETPOLL_RX - cxacru: Fix infinite loop when trying to cancel polling task - TCP: zero out rx_opt in tcp_disconnect() - ipv6: track device renames in snmp6 - skge: default WOL should be magic only (rev2) - skge: allow WOL except for known broken chips - sky2: allow 88E8056 - sky2: 88e8071 support not ready - skge: crash on shutdown/suspend - sky2: fix oops on shutdown - udf: decrement correct link count in udf_rmdir - ALSA: hda-codec - Fix resume of STAC92xx codecs - sata_via: add missing PM hooks - driver-core: don't free devt_attr till the device is released - pci-quirks: disable MSI on RS400-200 and RS480 - highres/dyntick: prevent xtime lock contention - clocksource: fix resume logic - smc911x: fix compilation breakage wjen debug is on - SCTP: Fix sctp_getsockopt_local_addrs_old() to use local storage. - SCTP: Correctly copy addresses in sctp_copy_laddrs - SCTP: Prevent OOPS if hmac modules didn't load - IPV6: Do no rely on skb->dst before it is assigned. - IPV6 ROUTE: Assign rt6i_idev for ip6_{prohibit,blk_hole}_entry. [ Christian T. Steigies ] * m68k: enable ATARI_SCSI and ATARI_ROM_ISA [ Bastian Blank ] * Fix linux/version.h in linux-libc-dev. * Make it possible to specifiy special CFLAGS. * [hppa] Reenable. * [hppa] Workaround hppa64 failure. * [hppa] Fix debugging in lws syscalls. * Fix abi change. * Add stable release 2.6.21.3: - [PATCH] GEODE-AES: Allow in-place operations [CVE-2007-2451] -- Bastian Blank Fri, 25 May 2007 10:57:48 +0200 linux-kbuild-2.6 (2.6.21-1) unstable; urgency=low * New upstream version. -- Bastian Blank Fri, 18 May 2007 23:45:14 +0200 linux-2.6 (2.6.21-2) unstable; urgency=low [ Christian T. Steigies ] * m68k: fix atari scc patch * m68k: install compressed vmlinuz images so the post-inst script can find it [ Steve Langasek ] * [alpha] isa-mapping-support.patch: add isa_page_to_bus and isa_bus_to_virt defines to complement the existing isa_virt_to_bus define; untested, but these should all be straightforward on alpha and defining them is certainly a better option for getting user feedback than disabling the affected drivers. [ Bastian Blank ] * [powerpc] Readd mkvmlinuz support. (closes: #419033) * [sparc]: Disable sparc32 image. * [hppa]: Temporary disable all images. -- Bastian Blank Fri, 18 May 2007 19:52:36 +0200 linux-2.6 (2.6.21-1) unstable; urgency=low [ maximilian attems ] * New upstream release see http://kernelnewbies.org/Linux_2_6_21 (closes: #423874) * Disable CONFIG_IP_ROUTE_MULTIPATH_CACHED in topconfig. * Enable CONFIG_IP6_NF_MATCH_MH, CONFIG_CHELSIO_T3, CONFIG_USB_NET_DM9601, CONFIG_NETFILTER_XT_TARGET_TCPMSS, CONFIG_RTC_DRV_CMOS, CONFIG_ASUS_LAPTOP, CONFIG_SONY_LAPTOP, CONFIG_DVB_TUNER_QT1010, CONFIG_USB_IOWARRIOR, CONFIG_ATL1 in topconfig. * [i386] Enable CONFIG_ACPI_BAY, CONFIG_X86_LONGHAUL, CONFIG_BLK_DEV_DELKIN, CONFIG_BLK_DEV_IT8213, CONFIG_BLK_DEV_TC86C001, CONFIG_INPUT_ATLAS_BTNS, CONFIG_SENSORS_ADM1029, CONFIG_FB_SVGALIB, CONFIG_FB_S3, CONFIG_USB_KC2190, CONFIG_KS0108. * Add stable release 2.6.21.1: - IPV4: Fix OOPS'er added to netlink fib. - IPV6: Fix for RT0 header ipv6 change. * [i386] Enable CONFIG_NO_HZ, CONFIG_HIGH_RES_TIMERS for dynticks and true high-resolution timers. * [i386] Enable CONFIG_TIMER_STATS to collect stats about kernel/userspace timer aka power usage (see powertop). (closes: #423694) * [i386] Disable obsolete CONFIG_IRQBALANCE due to bad timer behaviour. [ Martin Michlmayr ] * Add armel (arm with EABI) support. Thanks, Lennert Buytenhek and Joey Hess. (closes: #410853) * Mark CHELSIO_T3 as broken on ARM. * Take arch/arm/tools/mach-types from current git to fix build failure because MACH_TYPE_EP80219 is not defined. * mips/sb1: Don't build CONFIG_ATA into the kernel. * mips/sb1: Unset CONFIG_USB_{KBD,MOUSE} since the generic HID is used. * arm/iop32x: Don't build CONFIG_ATA into the kernel. * arm/ixp4xx: Enable more SATA drivers. * arm/ixp4xx: Enable PATA_ARTOP which is needed by the nas100d. * arm/ixp4xx: Set CONFIG_USB_EHCI_TT_NEWSCHED. * mips/4kc-malta: Add an image for the MIPS Malta board. Thanks, Aurelien Jarno. (closes: #421377) [ Emanuele Rocca ] * sparc: Enable CONFIG_SCSI_QLOGIC_1280. (closes: #423177) [ Christian T. Steigies ] * Add m68k patches for 2.6.21 * Add type: plain to [image] in arch/m68k/defines to fix missing Modules.symvers problem [ Steve Langasek ] * Revert change to disable image building on alpha. [ Bastian Blank ] * Update vserver patch to 2.2.0-rc1. -- Bastian Blank Wed, 16 May 2007 13:46:38 +0200 linux-2.6 (2.6.20-3) unstable; urgency=low [ Gordon Farquharson ] * arm: Mark CONFIG_MTD_NAND_CAFE and CONFIG_NETXEN_NIC as broken to fix FTBFS. [ Bastian Blank ] * Disable new pata drivers. (closes: #419458) * Disable pata in ata_piix. -- Bastian Blank Tue, 24 Apr 2007 09:54:44 +0200 linux-2.6 (2.6.20-2) unstable; urgency=low [ Bastian Blank ] * Rename linux-libc-headers into linux-libc-dev. * [mips] Drop sb1250 uart support. * [alpha] Temporary disable alpha images. * Add stable release 2.6.20.7: - Linux 2.6.20.7 - Update libata drive blacklist to the latest from 2.6.21 - fix page leak during core dump - revert "retries in ext4_prepare_write() violate ordering requirements" - revert "retries in ext3_prepare_write() violate ordering requirements" - libata: Clear tf before doing request sense (take 3) - fix lba48 bug in libata fill_result_tf() - ahci.c: walkaround for SB600 SATA internal error issue - libata bugfix: preserve LBA bit for HDIO_DRIVE_TASK - softmac: avoid assert in ieee80211softmac_wx_get_rate - knfsd: allow nfsd READDIR to return 64bit cookies - Fix TCP slow_start_after_idle sysctl - Fix tcindex classifier ABI borkage... - Fix IPSEC replay window handling - Fix TCP receiver side SWS handling. - Fix scsi sense handling - Fix length validation in rawv6_sendmsg() - NETFILTER: ipt_CLUSTERIP: fix oops in checkentry function - 8139too: RTNL and flush_scheduled_work deadlock - Fix calculation for size of filemap_attr array in md/bitmap. - HID: Do not discard truncated input reports - DVB: pluto2: fix incorrect TSCR register setting - DVB: tda10086: fix DiSEqC message length - sky2: phy workarounds for Yukon EC-U A1 - sky2: turn on clocks when doing resume - sky2: turn carrier off when down - skge: turn carrier off when down - sky2: reliable recovery - i386: fix file_read_actor() and pipe_read() for original i386 systems - kbuild: fix dependency generation [ dann frazier ] * [hppa] Add parisc arch patch from Kyle McMartin * [hppa] Enable CONFIG_TULIP_MMIO (closes: #332962) * [hppa] Disable ni52 driver, it doesn't build (and wouldn't work if it did) -- Bastian Blank Sun, 15 Apr 2007 16:04:16 +0200 linux-kbuild-2.6 (2.6.20-1) unstable; urgency=low * New upstream version. * modpost: Support -w. -- Bastian Blank Thu, 12 Apr 2007 06:53:00 +0200 linux-2.6 (2.6.20-1) unstable; urgency=low [ Martin Michlmayr ] * mipsel: Drop DECstation support (both r3k-kn02 and r4k-kn04). * arm: Drop RiscPC (rpc) support. * arm: Update configs for 2.6.19-rc6. * arm: source drivers/ata/Kconfig so SATA can be enabled on ARM. * arm/footbridge: Unset SATA. * arm/s3c2410: Drop this flavour since no such device is supported in debian-installer and the ARM build resources are limited. [ Sven Luther ] * [powerpc] Added Genesi Efika support patch [ Bastian Blank ] * Remove legacy pty support. (closes: #338404) * Enable new scsi parts. * powerpc: Enable ibmvscsis. * Add stable release 2.6.20.1: - Linux 2.6.20.1 - [PATCH] Fix a free-wrong-pointer bug in nfs/acl server (CVE-2007-0772) * Add stable release 2.6.20.2: - Linux 2.6.20.2 - IPV6: Handle np->opt being NULL in ipv6_getsockopt_sticky() [CVE-2007-1000] - x86-64: survive having no irq mapping for a vector - Fix buffer overflow in Omnikey CardMan 4040 driver (CVE-2007-0005) - TCP: Fix minisock tcp_create_openreq_child() typo. - gfs2: fix locking mistake - ATA: convert GSI to irq on ia64 - pktcdvd: Correctly set cmd_len field in pkt_generic_packet - video/aty/mach64_ct.c: fix bogus delay loop - revert "drivers/net/tulip/dmfe: support basic carrier detection" - throttle_vm_writeout(): don't loop on GFP_NOFS and GFP_NOIO allocations - fix section mismatch warning in lockdep - ueagle-atm.c needs sched.h - kvm: Fix asm constraint for lldt instruction - lockdep: forward declare struct task_struct - Char: specialix, isr have 2 params - buffer: memorder fix - kernel/time/clocksource.c needs struct task_struct on m68k - m32r: build fix for processors without ISA_DSP_LEVEL2 - hugetlb: preserve hugetlb pte dirty state - enable mouse button 2+3 emulation for x86 macs - v9fs_vfs_mkdir(): fix a double free - ufs: restore back support of openstep - Fix MTRR compat ioctl - kexec: Fix CONFIG_SMP=n compilation V2 (ia64) - NLM: Fix double free in __nlm_async_call - RPM: fix double free in portmapper code - Revert "[PATCH] LOG2: Alter get_order() so that it can make use of ilog2() on a constant" - Backport of psmouse suspend/shutdown cleanups - USB: usbnet driver bugfix - sched: fix SMT scheduler bug - tty_io: fix race in master pty close/slave pty close path - forcedeth: disable msix - export blk_recount_segments - Fix reference counting (memory leak) problem in __nfulnl_send() and callers related to packet queueing. - Fix anycast procfs device leak - Don't add anycast reference to device multiple times - Fix TCP MD5 locking. - Fix %100 cpu spinning on sparc64 - Fix skb data reallocation handling in IPSEC - Fix xfrm_add_sa_expire() return value - Fix interrupt probing on E450 sparc64 systems - HID: fix possible double-free on error path in hid parser - POWERPC: Fix performance monitor exception - libata: add missing CONFIG_PM in LLDs - libata: add missing PM callbacks - bcm43xx: Fix assertion failures in interrupt handler - mmc: Power quirk for ENE controllers - UML - Fix 2.6.20 hang - fix umask when noACL kernel meets extN tuned for ACLs - sata_sil: ignore and clear spurious IRQs while executing commands by polling - swsusp: Fix possible oops in userland interface - Fix posix-cpu-timer breakage caused by stale p->last_ran value - V4L: cx88-blackbird: allow usage of 376836 and 262144 sized firmware images - V4L: fix cx25840 firmware loading - DVB: digitv: open nxt6000 i2c_gate for TDED4 tuner handling - DVB: cxusb: fix firmware patch for big endian systems - V4L: pvrusb2: Handle larger cx2341x firmware images - V4L: pvrusb2: Fix video corruption on stream start - dvbdev: fix illegal re-usage of fileoperations struct - md: Fix raid10 recovery problem. - bcm43xx: fix for 4309 - i386: Fix broken CONFIG_COMPAT_VDSO on i386 - x86: Don't require the vDSO for handling a.out signals - x86_64: Fix wrong gcc check in bitops.h - sky2: transmit timeout deadlock - sky2: dont flush good pause frames - Fix oops in xfrm_audit_log() - Prevent pseudo garbage in SYN's advertized window - Fix IPX module unload - Clear TCP segmentation offload state in ipt_REJECT - Fix atmarp.h for userspace - UHCI: fix port resume problem - Fix recently introduced problem with shutting down a busy NFS server. - Avoid using nfsd process pools on SMP machines. - EHCI: turn off remote wakeup during shutdown - IPV6: HASHTABLES: Use appropriate seed for caluculating ehash index. - MTD: Fatal regression in drivers/mtd/redboot.c in 2.6.20 - Kconfig: FAULT_INJECTION can be selected only if LOCKDEP is enabled. - USB HID: Fix USB vendor and product IDs endianness for USB HID devices - Fix null pointer dereference in appledisplay driver - ieee1394: fix host device registering when nodemgr disabled - ieee1394: video1394: DMA fix - Fix compile error for e500 core based processors - md: Avoid possible BUG_ON in md bitmap handling. - Fix allocation failure handling in multicast - Fix TCP FIN handling - Fix ATM initcall ordering. - Fix various bugs with aligned reads in RAID5. - hda-intel - Don't try to probe invalid codecs - usbaudio - Fix Oops with unconventional sample rates - usbaudio - Fix Oops with broken usb descriptors - USB: fix concurrent buffer access in the hub driver - Missing critical phys_to_virt in lib/swiotlb.c - AGP: intel-agp bugfix - bcm43xx: Fix for oops on ampdu status - bcm43xx: Fix for oops on resume - ide: fix drive side 80c cable check - Keys: Fix key serial number collision handling - knfsd: Fix a race in closing NFSd connections. - pata_amd: fix an obvious bug in cable detection - prism54: correct assignment of DOT1XENABLE in WE-19 codepaths - rtc-pcf8563: detect polarity of century bit automatically - x86_64: fix 2.6.18 regression - PTRACE_OLDSETOPTIONS should be accepted - ocfs2: ocfs2_link() journal credits update * Update xen patch to changeset 48670 from fedora 2.6.20 branch. * Support xen versions 3.0.4-1 and 3.0.3-1. [ Rod Whitby ] * arm/ixp4xx: Enable PATA_ARTOP for the nas100d and dsmg600. * arm/ixp4xx: Enable RTC for the nas100d * Add nas100d Ethernet MAC setup support. * Add temporary hack to get Artop PATA support going on the nas100d. [ maximilian attems ] * i386: Enable kvm. * Add stable release 2.6.20.3: - Fix sparc64 device register probing - Fix bug 7994 sleeping function called from invalid context - Fix timewait jiffies - Fix UDP header pointer after pskb_trim_rcsum() - Fix compat_getsockopt - bcm43xx: Fix problem with >1 GB RAM - nfnetlink_log: fix NULL pointer dereference - nfnetlink_log: fix possible NULL pointer dereference - conntrack: fix {nf, ip}_ct_iterate_cleanup endless loops - nf_conntrack/nf_nat: fix incorrect config ifdefs - tcp conntrack: accept SYN|URG as valid - nfnetlink_log: fix reference leak - nfnetlink_log: fix use after free - nf_conntrack: fix incorrect classification of IPv6 fragments as ESTABLISHED - nfnetlink_log: zero-terminate prefix - nfnetlink_log: fix crash on bridged packet - Fix callback bug in connector - fix for bugzilla #7544 (keyspan USB-to-serial converter) - ip6_route_me_harder should take into account mark * Add myself to uploaders field, entry got lost after 2.6.16-2 * Add stable release 2.6.20.4: - fix deadlock in audit_log_task_context() - EHCI: add delay to bus_resume before accessing ports - Copy over mac_len when cloning an skb - fix read past end of array in md/linear.c - oom fix: prevent oom from killing a process with children/sibling unkillable - Fix sparc64 hugepage bugs - Fix page allocation debugging on sparc64 - Fix niagara memory corruption - Input: i8042 - really suppress ACK/NAK during panic blink - Input: i8042 - fix AUX IRQ delivery check - Input: i8042 - another attempt to fix AUX delivery checks - Fix rtm_to_ifaddr() error return. - r8169: fix a race between PCI probe and dev_open - futex: PI state locking fix - adjust legacy IDE resource setting (v2) - UML - arch_prctl should set thread fs - gdth: fix oops in gdth_copy_cmd() - Fix extraneous IPSEC larval SA creation - IA64: fix NULL pointer in ia64/irq_chip-mask/unmask function - st: fix Tape dies if wrong block size used, bug 7919 - Fix ipv6 flow label inheritance - NETFILTER: nfnetlink_log: fix reference counting - mm: fix madvise infinine loop - Fix another NULL pointer deref in ipv6_sockglue.c - NetLabel: Verify sensitivity level has a valid CIPSO mapping - Fix GFP_KERNEL with preemption disabled in fib_trie - IrDA: irttp_dup spin_lock initialisation - hda-intel - Fix codec probe with ATI controllers - hrtimer: prevent overrun DoS in hrtimer_forward() - fix MTIME_SEC_MAX on 32-bit - nfs: nfs_getattr() can't call nfs_sync_mapping_range() for non-regular files - dio: invalidate clean pages before dio write - initialise pi_lock if CONFIG_RT_MUTEXES=N * Add stable release 2.6.20.5: - FRA_{DST,SRC} are le16 for decnet - CIFS: reset mode when client notices that ATTR_READONLY is no longer set - ide: clear bmdma status in ide_intr() for ICHx controllers (revised #4) - ide: remove clearing bmdma status from cdrom_decode_status() (rev #4) - NET: Fix sock_attach_fd() failure in sys_accept() - DCCP: Fix exploitable hole in DCCP socket options - ide: revert "ide: fix drive side 80c cable check, take 2" for now - generic_serial: fix decoding of baud rate - IPV6: Fix ipv6 round-robin locking. - VIDEO: Fix FFB DAC revision probing - PPP: Fix PPP skb leak - V4L: msp_attach must return 0 if no msp3400 was found. - CRYPTO: api: scatterwalk_copychunks() fails to advance through scatterlist - APPLETALK: Fix a remotely triggerable crash (CVE-2007-1357) - UML - fix epoll - UML - host VDSO fix - UML - Fix static linking - UML - use correct register file size everywhere - libata: sata_mv: don't touch reserved bits in EDMA config register - libata: sata_mv: Fix 50xx irq mask - libata bugfix: HDIO_DRIVE_TASK - V4L: Fix SECAM handling on saa7115 - DVB: fix nxt200x rf input switching - SPARC: Fix sparc builds with gcc-4.2.x - V4L: saa7146: Fix allocation of clipping memory - uml: fix unreasonably long udelay - NET: Fix packet classidier NULL pointer OOPS - NET_SCHED: Fix ingress qdisc locking. - sata_nv: delay on switching between NCQ and non-NCQ commands - dvb-core: fix several locking related problems - ieee1394: dv1394: fix CardBus card ejection - CIFS: Allow reset of file to ATTR_NORMAL when archive bit not set - jmicron: make ide jmicron driver play nice with libata ones - libata: clear TF before IDENTIFYing - NET: Fix FIB rules compatability - DVB: isl6421: don't reference freed memory - V4L: radio: Fix error in Kbuild file - i2o: block IO errors on i2o disk * Add stable release 2.6.20.6: - CRYPTO api: Use the right value when advancing scatterwalk_copychunks - uml: fix static linking for real [ Gordon Farquharson ] * Disable broken config options on ARM. [ Frederik Schüler ] * Disable NAPI on forcedeth, it is broken. [ dann frazier ] * Hardcode the output of the scripts under arch/ia64/scripts as executed in an etch environment so that we can build out of tree modules correctly (re-add; patch seems to have been dropped during a merge.) See: #392592 * Allow '.' and '+' in the target dist field of the changelog. dpkg has supported this since 1.13.20, see #361171. -- Bastian Blank Mon, 09 Apr 2007 19:21:52 +0200 linux-2.6 (2.6.18.dfsg.1-10) unstable; urgency=low [ maximilian attems ] * Add patches out of stable queue 2.6.18 - [amd64] Don't leak NT bit into next task (CVE-2006-5755) - IB/srp: Fix FMR mapping for 32-bit kernels and addresses above 4G - SCSI: add missing cdb clearing in scsi_execute() * Xen postinst: Use takeover for update-initramfs. Makes postinst idempotent. On creation it should always overwrite. (closes: #401183) * Hand-picked from stable release 2.6.16.38: - i2c-viapro: Add support for the VT8237A and VT8251 - PCI: irq: irq and pci_ids patch for Intel ICH9 - i2c-i801: SMBus patch for Intel ICH9 - fix the UML compilation - drm: allow detection of new VIA chipsets - drm: Add the P4VM800PRO PCI ID. - rio: typo in bitwise AND expression. - i2c-mv64xxx: Fix random oops at boot - i2c: fix broken ds1337 initialization - [SUNKBD]: Fix sunkbd_enable(sunkbd, 0); obvious. - Call init_timer() for ISDN PPP CCP reset state timer (CVE-2006-5749) - V4L: cx88: Fix leadtek_eeprom tagging - SPI/MTD: mtd_dataflash oops prevention - grow_buffers() infinite loop fix (CVE-2006-5757/CVE-2006-6060) - corrupted cramfs filesystems cause kernel oops (CVE-2006-5823) - ext2: skip pages past number of blocks in ext2_find_entry (CVE-2006-6054) - handle ext3 directory corruption better (CVE-2006-6053) - hfs_fill_super returns success even if no root inode (CVE-2006-6056) backout previous fix, was not complete. - Fix for shmem_truncate_range() BUG_ON() - ebtables: check struct type before computing gap - [IPV4/IPV6]: Fix inet{,6} device initialization order. - [IPV6] Fix joining all-node multicast group. - [SOUND] Sparc CS4231: Use 64 for period_bytes_min * [PKTGEN]: Convert to kthread API. Thanks David Miller for patch. * [IDE] Add driver for Jmicron JMB36x devices by Alan Cox. Enable jmicron on i386 and amd64 archs. * Hand-picked from stable release 2.6.16.39: - atiixp: hang fix - V4L/DVB: Flexcop-usb: fix debug printk - V4L/DVB: Fix uninitialised variable in dvb_frontend_swzigzag - read_zero_pagealigned() locking fix - adfs: fix filename handling - sparc32: add offset in pci_map_sg() - cdrom: set default timeout to 7 seconds - [SCSI] qla1280 command timeout - [SCSI] qla1280 bus reset typo - [Bluetooth] Check if DLC is still attached to the TTY - [Bluetooth] Fix uninitialized return value for RFCOMM sendmsg() - [Bluetooth] Return EINPROGRESS for non-blocking socket calls - [Bluetooth] Handle command complete event for exit periodic inquiry - [Bluetooth] Fix compat ioctl for BNEP, CMTP and HIDP - [Bluetooth] Add locking for bt_proto array manipulation - i386: fix CPU hotplug with 2GB VMSPLIT [ dann frazier ] * Fix raid1 recovery (closes: #406181) [ Jurij Smakov ] * Add dtlb-prot-bug-niagara.patch by David Miller, fixing the bug in the Niagara's DTLB-PROT trap. [ Bastian Blank ] * i386: Add amd64 image. (closes: #379090) -- Bastian Blank Fri, 2 Feb 2007 12:50:35 +0100 linux-2.6 (2.6.18.dfsg.1-9) unstable; urgency=low [ Martin Michlmayr ] * arm/iop32x: Enable CONFIG_IP_NF_CONNTRACK_EVENTS and _NETLINK. * arm/ixp4xx: Enable some more I2C sensor modules. * arm/ixp4xx: Enable CONFIG_USB_NET_RNDIS_HOST. * arm/footbridge: Enable CONFIG_NATSEMI. * Revert mm/msync patches because they cause filesystem corruption (closes: #401006, #401980, #402707) ... * ... and add an alternative msync patch from Hugh Dickins that doesn't depend on the mm changes (closes: #394392). * mips: provide pci_get_legacy_ide_irq needed by some IDE drivers (see #404950). * arm: Implement flush_anon_page(), which is needed for FUSE (closes: #402876) and possibly dm-crypt/LUKS (see #403426). * arm: Turn off PCI burst on the Cyber2010, otherwise X11 on Netwinder will crash. * arm/iop32x: Enable CONFIG_IEEE80211_SOFTMAC and drivers based on it. * arm/ixp4xx: Upgrade to version 0.3.1 of the IXP4xx NPE Ethernet driver. This version fixes stuck connections, e.g. with scp and NFS (closes: #404447). * arm/ixp4xx: Enable CONFIG_VIDEO_CPIA_USB. * arm/ixp4xx: Enable CONFIG_ISCSI_TCP. * arm/iop32x: Likewise. [ Bastian Blank ] * Bump ABI to 4. * Update vserver patch to 2.0.2.2-rc9. (closes: #402743, #403790) * Update xen patch to changeset 36186 from Fedora 2.6.18 branch. * i386/xen: Build only the pae version. (closes: #390862) * hppa: Override host type when necessary. * Fix tg3 reset. (closes: #405085) [ dann frazier ] * Fix potential fragmentation attacks in ip6_tables (CVE-2006-4572) * Backport a number of fixes for the cciss driver - Fix a bug with 1TB disks caused by converting total_size to an int - Claim devices that are of the HP RAID class and have a valid cciss sig - Make NR_CMDS a per-controller define - most can do 1024 commands, but the E200 family can only support 128 - Change the SSID on the E500 as a workaround for a firmware bug - Disable prefetch on the P600 controller. An ASIC bug may result in prefetching beyond the end of physical memory - Increase blk_queue_max_sectors from 512 to 2048 to increase performance - Map out more memor for the PCI config table, required to reach offset 0x214 to disable DMA on the P600 - Set a default raid level on a volume that either does not support reading the geometry or reports an invalid geometry for whatever reason to avoid problems with buggy firmware - Revert change that replaed XFER_READ/XFER_WRITE macros with h->cciss_read/h->cciss_write that caused command timeouts on older controllers on ia32 (closes: #402787) * Fix mincore hang (CVE-2006-4814) * ia64: turn on IOC4 modules for SGI Altix systems. Thanks to Stephane Larose for suggesting this. * Add versioned build dep on findutils to make sure the system find command supports the -execdir action (closes: #405150) * Hardcode the output of the scripts under arch/ia64/scripts as executed in an etch environment so that we can build out of tree modules correctly (closes: #392592) * Update unusual_devs entry for ipod to fix an eject issue (closes: #406124) * Re-add verify_pmtmr_rate, resolving problems seen on older K6 ASUS boards where the ACPI PM timer runs too fast (closes: #394753) * Avoid condition where /proc/swaps header may not be printed (closes: #292318) * [hppa] disable XFS until it works (closes: #350482) [ Norbert Tretkowski ] * libata: handle 0xff status properly. (closes: #391867) * alpha: enabled CONFIG_SCSI_ARCMSR. (closes: #401187) * removed BROKEN_ON_SMP dependency from I2C_ELEKTOR. (closes: #402253) [ Christian T. Steigies ] * m68k/atari: enable keyboard, mouse and fb drivers * m68k/atari: fixes for ethernec and video driver by Michael Schmitz * m68k/atari: fixes for scsi driver by Michael Schmitz * m68k/mac: fixes for mace and cuda driver by Finn Thain * m68k/atari: fixes for ide driver by Michael Schmitz * m68k/atari: fixes for ide driver by Michael Schmitz * m68k/atari: fixes for ethernec and atakeyb driver by Michael Schmitz, build ethernec as module * m68k/mac: fixes for mace and adb driver by Finn Thain [ maximilian attems ] * Add stable release 2.6.18.6: - EBTABLES: Fix wraparounds in ebt_entries verification. - EBTABLES: Verify that ebt_entries have zero ->distinguisher. - EBTABLES: Deal with the worst-case behaviour in loop checks. - EBTABLES: Prevent wraparounds in checks for entry components' sizes. - skip data conversion in compat_sys_mount when data_page is NULL - bonding: incorrect bonding state reported via ioctl - x86-64: Mark rdtsc as sync only for netburst, not for core2 (closes: #406767) - dm crypt: Fix data corruption with dm-crypt over RAID5 (closes: #402812) - forcedeth: Disable INTx when enabling MSI in forcedeth - PKT_SCHED act_gact: division by zero - XFRM: Use output device disable_xfrm for forwarded packets - IPSEC: Fix inetpeer leak in ipv4 xfrm dst entries. - V4L: Fix broken TUNER_LG_NTSC_TAPE radio support - m32r: make userspace headers platform-independent - IrDA: Incorrect TTP header reservation - SUNHME: Fix for sunhme failures on x86 - Bluetooth: Add packet size checks for CAPI messages (CVE-2006-6106) - softmac: remove netif_tx_disable when scanning - DVB: lgdt330x: fix signal / lock status detection bug - dm snapshot: fix freeing pending exception - NET_SCHED: policer: restore compatibility with old iproute binaries - NETFILTER: ip_tables: revision support for compat code - ARM: Add sys_*at syscalls - ieee1394: ohci1394: add PPC_PMAC platform code to driver probe - softirq: remove BUG_ONs which can incorrectly trigger * Hand-picked from stable release 2.6.16.30: - [PPPOE]: Advertise PPPoE MTU * Hand-picked from stable release 2.6.16.31: - [NETFILTER]: Fix ip6_tables extension header bypass bug (CVE-2006-4572) - fix RARP ic_servaddr breakage * Hand-picked from stable release 2.6.16.32: - drivers/telephony/ixj: fix an array overrun - flush D-cache in failure path * Hand-picked from stable release 2.6.16.33: - Add new PHY to sis900 supported list - ipmi_si_intf.c: fix "&& 0xff" typos - drivers/scsi/psi240i.c: fix an array overrun * Hand-picked from stable release 2.6.16.34: - [IPX]: Annotate and fix IPX checksum - [IGMP]: Fix IGMPV3_EXP() normalization bit shift value. * Hand-picked from stable release 2.6.16.35: - sgiioc4: Disable module unload - Fix a masking bug in the 6pack driver. - drivers/usb/input/ati_remote.c: fix cut'n'paste error - proper flags type of spin_lock_irqsave() * Hand-picked from stable release 2.6.16.37: - [CRYPTO] sha512: Fix sha384 block size - [SCSI] gdth: Fix && typos - Fix SUNRPC wakeup/execute race condition * Enable DEBUG_FS for usbmon in generic config. Don't disable it on alpha, amd64, hppa and ia64. (closes: 378542) * Backport a number of upstream fixes for the r8169 driver, needed for network performance (closes: 388870, 400524) - r8169: more alignment for the 0x8168 - r8169: phy program update - r8169: more magic during initialization of the hardware - r8169: perform a PHY reset before any other operation at boot time - r8169: Fix iteration variable sign - r8169: remove extraneous Cmd{Tx/Rx}Enb write * sound: hda: detect ALC883 on MSI K9A Platinum motherboards (MS-7280) patch from Leonard Norrgard * tulip: Add i386 specific patch to remove duplicate pci ids. Thanks Jurij Smakov (closes: #334104, #405203) * amd64, i386: Disable SK98LIN as SKGE is the modern capable driver. (closes: 405196) * Backout net-bcm43xx_netdev_watchdog.patch and push 2.6.18.2 fix. (closes: 402475) [ Jurij Smakov ] * Add bugfix/sparc/isa-dev-no-reg.patch to make sure that isa_dev_get_resource() can deal with devices which do not have a 'reg' PROM property. Failure to handle such devices properly resulted in an oops during boot on Netra X1. Thanks to Richard Mortimer for debugging and patch. (closes: #404216) * Add bugfix/sparc/ehci-hub-contol-alignment.patch to prevent unaligned memory accesses in ehci-hub-control() by adding an alignment attribute to the tbuf array declaration. Thanks to David Miller for the patch. [ Sven Luther ] * [powerpc] Enable CONFIG_PMAC_BACKLIGHT_LEGACY (Closes: #407671). -- Bastian Blank Wed, 24 Jan 2007 13:21:51 +0100 linux-2.6 (2.6.18-8) unstable; urgency=low * Fix relations in the generated control file. (closes: #400544) * Add stable release 2.6.18.4: - bridge: fix possible overflow in get_fdb_entries (CVE-2006-5751) * Add stable release 2.6.18.5: - pcmcia: fix 'rmmod pcmcia' with unbound devices - BLUETOOTH: Fix unaligned access in hci_send_to_sock. - alpha: Fix ALPHA_EV56 dependencies typo - TG3: Add missing unlock in tg3_open() error path. - softmac: fix a slab corruption in WEP restricted key association - AGP: Allocate AGP pages with GFP_DMA32 by default - V4L: Do not enable VIDEO_V4L2 unconditionally - bcm43xx: Drain TX status before starting IRQs - fuse: fix Oops in lookup - UDP: Make udp_encap_rcv use pskb_may_pull - NETFILTER: Missing check for CAP_NET_ADMIN in iptables compat layer - NETFILTER: ip_tables: compat error way cleanup - NETFILTER: ip_tables: fix module refcount leaks in compat error paths - NETFILTER: Missed and reordered checks in {arp,ip,ip6}_tables - NETFILTER: arp_tables: missing unregistration on module unload - NETFILTER: Kconfig: fix xt_physdev dependencies - NETFILTER: xt_CONNSECMARK: fix Kconfig dependencies - NETFILTER: H.323 conntrack: fix crash with CONFIG_IP_NF_CT_ACCT - IA64: bte_unaligned_copy() transfers one extra cache line. - x86 microcode: don't check the size - scsi: clear garbage after CDBs on SG_IO - IPV6: Fix address/interface handling in UDP and DCCP, according to the scoping architecture. * Revert abi changing patch from 2.6.18.5. -- Bastian Blank Sun, 10 Dec 2006 17:51:53 +0100 linux-2.6 (2.6.18-7) unstable; urgency=low [ Bastian Blank ] * Emit conflict lines for initramfs generators. (closes: #400305) * Update vserver patch to 2.0.2.2-rc8. * s390: Add patch to fix posix types. [ Martin Michlmayr ] * r8169: Add an option to ignore parity errors. * r8169: Ignore parity errors on the Thecus N2100. * rtc: Add patch from Riku Voipio to get RS5C372 going on the N2100. * arm/iop32x: Build RS5C372 support into the kernel. [ maximilian attems ] * hfs: Fix up error handling in HFS. (MOKB-14-11-2006) * sata: Avoid null pointer dereference in SATA Promise. * cifs: Set CIFS preferred IO size. [ Jurij Smakov ] * Add bugfix/sunhme-pci-enable.patch, fixing the failure of sunhme driver on x86/PCI hosts due to missing pci_enable_device() and pci_set_master() calls, lost during code refactoring upstream. (closes: #397460) -- Bastian Blank Mon, 4 Dec 2006 15:20:30 +0100 linux-2.6 (2.6.18-6) unstable; urgency=low [ maximilian attems ] * Enable the new ACT modules globally. They were already set for amd64, hppa and mips/mipsel - needed by newer iproute2. (closes: #395882, #398172) * Fix msync() for LSB 3.1 compliance, backport fedora patches from 2.6.19 - mm: tracking shared dirty pages - mm: balance dirty pages - mm: optimize the new mprotect() code a bit - mm: small cleanup of install_page() - mm: fixup do_wp_page() - mm: msync() cleanup (closes: #394392) * [amd64,i386] Enable CONFIG_USB_APPLETOUCH=m (closes: #382298) * Add stable release 2.6.18.3: - x86_64: Fix FPU corruption - e1000: Fix regression: garbled stats and irq allocation during swsusp - POWERPC: Make alignment exception always check exception table - usbtouchscreen: use endpoint address from endpoint descriptor - fix via586 irq routing for pirq 5 - init_reap_node() initialization fix - CPUFREQ: Make acpi-cpufreq unsticky again. - SPARC64: Fix futex_atomic_cmpxchg_inatomic implementation. - SPARC: Fix missed bump of NR_SYSCALLS. - NET: __alloc_pages() failures reported due to fragmentation - pci: don't try to remove sysfs files before they are setup. - fix UFS superblock alignment issues - NET: Set truesize in pskb_copy - block: Fix bad data direction in SG_IO (closes: #394690) - cpqarray: fix iostat - cciss: fix iostat - Char: isicom, fix close bug - TCP: Don't use highmem in tcp hash size calculation. - S390: user readable uninitialised kernel memory, take 2. - correct keymapping on Powerbook built-in USB ISO keyboards - USB: failure in usblp's error path - Input: psmouse - fix attribute access on 64-bit systems - Fix sys_move_pages when a NULL node list is passed. - CIFS: report rename failure when target file is locked by Windows - CIFS: New POSIX locking code not setting rc properly to zero on successful - Patch for nvidia divide by zero error for 7600 pci-express card (maybe fixes 398258) - ipmi_si_intf.c sets bad class_mask with PCI_DEVICE_CLASS [ Steve Langasek ] * [alpha] new titan-video patch, for compatibility with TITAN and similar systems with non-standard VGA hose configs * [alpha] bugfix for srm_env module from upstream (Jan-Benedict Glaw), makes the module compatible with the current /proc interface so that reads no longer return EFAULT. (closes: #353079) * Bump ABI to 3 for the msync fixes above. [ Martin Michlmayr ] * arm: Set CONFIG_BINFMT_MISC=m * arm/ixp4xx: Set CONFIG_ATM=m (and related modules) so CONFIG_USB_ATM has an effect. * arm/iop32x: Likewise. * arm/s3c2410: Unset CONFIG_PM_LEGACY. * arm/versatile: Fix Versatile PCI config byte accesses * arm/ixp4xx: Swap the disk 1 and disk 2 LED definitions so they're right. * mipsel/r5k-cobalt: Unset CONFIG_SCSI_SYM53C8XX_2 because the timeout is just too long. * arm/ixp4xx: Enable more V4L USB devices. [ dann frazier ] * Backport various SCTP changesets from 2.6.19, recommended by Vlad Yasevich (closes: #397946) * Add a "Scope of security support" section to README.Debian, recommended by Moritz Muehlenhoff [ Thiemo Seufer ] * Enable raid456 for mips/mipsel qemu kernel. [ dann frazier ] * The scope of the USR-61S2B unusual_dev entry was tightened, but too strictly. Loosen it to apply to additional devices with a smaller bcd. (closes: #396375) [ Sven Luther ] * Added support for TI ez430 development tool ID in ti_usb. Thanks to Oleg Verych for providing the patch. [ Christian T. Steigies ] * Added support for Atari EtherNEC, Aranym, video, keyboard, mouse, and serial by Michael Schmitz [ Bastian Blank ] * [i386] Reenable AVM isdn card modules. (closes: #386872) -- Bastian Blank Tue, 21 Nov 2006 11:28:09 +0100 linux-2.6 (2.6.18-5) unstable; urgency=low [ maximilian attems ] * [s390] readd the fix for "S390: user readable uninitialised kernel memory (CVE-2006-5174)" * [s390] temporarily add patch queued for 2.6.18.3 fixing 32 bit opcodes and instructions. [ Thiemo Seufer ] * Fix build failure of hugetlbfs (closes: #397139). * Add kernel configuration for qemu's mips/mipsel emulation, thanks to Aurelien Jarno. [ Bastian Blank ] * Update vserver patch to 2.0.2.2-rc6. * Update xen parts for vserver. (closes: #397281) [ dann frazier ] * [ia64] Move to upstream version of sal-flush-fix patch, which is slightly different than the early version added in 2.6.18-3. [ Frederik Schüler ] * [i386] Acticate CONFIG_SX for all flavours. (closes: #391275) [ Steve Langasek ] * [alpha] new asm-subarchs patch: tell the compiler that we're deliberately emitting ev56 or ev6 instructions, so that this code will still compile without having to cripple gcc-4.1's checking of whether the correct instruction set is used. Closes: #397139. [ Martin Michlmayr ] * arm/ixp4xx: Enable CONFIG_USB_ATM. * arm/iop32x: Enable CONFIG_PPPOE. * arm/iop32x: Enable CONFIG_USB_ATM. -- Bastian Blank Wed, 8 Nov 2006 17:15:55 +0100 linux-2.6 (2.6.18-4) unstable; urgency=low [ Norbert Tretkowski ] * [alpha] Switched to gcc-4.1. [ Jurij Smakov ] * [sparc] Remove sparc64-atyfb-xl-gr.patch, it does more harm than good in 2.6.18. * [sparc] Add bugfix/sparc/compat-alloc-user-space-alignment.patch (thanks to David Miller) to make sure that compat_alloc_user_space() always returns memory aligned on a 8-byte boundary on sparc. This prevents a number of unaligned memory accesses, like the ones in sys_msgrcv() and compat_sys_msgrcv(), triggered every 5 seconds whenever fakeroot is running. * [sparc] Add bugfix/sparc/bus-id-size.patch (thanks to David Miller) to ensure that the size of the strings stored in the bus_id field of struct device never exceeds the amount of memory allocated for them (20 bytes). It fixes the situations in which storing longer device names in this field would cause corruption of adjacent memory regions. (closes: #394697). * [sparc] Add bugfix/sparc/sunblade1k-boot-fix.patch (thanks to David Miller) to fix a boottime crash on SunBlade1000. * [sparc] Add bugfix/sparc/t1k-cpu-lockup.patch (thanks to David Miller) to prevent soft CPU lockup on T1000 servers, which can be triggered from userspace, resulting in denial of service. [ Martin Michlmayr ] * arm/iop32x: Fix the interrupt of the 2nd Ethernet slot on N2100. * arm/iop32x: Allow USB and serial to co-exist on N2100. * arm/ixp4xx: Add clocksource for Intel IXP4xx platforms. * arm: Enable CONFIG_AUDIT=y again. * arm/ixp4xx: Add the IXP4xx Ethernet driver. * arm/ixp4xx: Build LED support into the kernel. * Add a driver for Fintek F75375S/SP and F75373. * arm/iop32x: Build F75375S/SP support in. * arm/iop32x: Fix the size of the RedBoot config partition. [ maximilian attems ] * Add netpoll leak fix. * Add upstream forcedeth swsusp support. * r8169: PCI ID for Corega Gigabit network card. * r8169: the MMIO region of the 8167 stands behin BAR#1. * r8169: Add upstream fix for infinite loop during hotplug. * Bump build-dependency on kernel-package to 10.063. * r8169: pull revert mac address change support. * bcm43xx: Add full netdev watchout timeout patch. (closes: 392065) Thanks Sjoerd Simons for the testing. * Add stable release 2.6.18.2: - Remove not yet released, revert the included patches. - Keep aboves bcm43xx fix, it's more complete. - Watchdog: sc1200wdt - fix missing pnp_unregister_driver() - fix missing ifdefs in syscall classes hookup for generic targets - JMB 368 PATA detection - usbfs: private mutex for open, release, and remove - sound/pci/au88x0/au88x0.c: ioremap balanced with iounmap - x86-64: Fix C3 timer test - Reintroduce NODES_SPAN_OTHER_NODES for powerpc - ALSA: emu10k1: Fix outl() in snd_emu10k1_resume_regs() - IB/mthca: Use mmiowb after doorbell ring - SCSI: DAC960: PCI id table fixup - ALSA: snd_rtctimer: handle RTC interrupts with a tasklet - JFS: pageno needs to be long - SPARC64: Fix central/FHC bus handling on Ex000 systems. - SPARC64: Fix memory corruption in pci_4u_free_consistent(). - SPARC64: Fix PCI memory space root resource on Hummingbird. (closes: #392078) - Fix uninitialised spinlock in via-pmu-backlight code. - SCSI: aic7xxx: pause sequencer before touching SBLKCTL - IPoIB: Rejoin all multicast groups after a port event - ALSA: Dereference after free in snd_hwdep_release() - rtc-max6902: month conversion fix - NET: Fix skb_segment() handling of fully linear SKBs - SCTP: Always linearise packet on input - SCSI: aic7xxx: avoid checking SBLKCTL register for certain cards - IPV6: fix lockup via /proc/net/ip6_flowlabel [CVE-2006-5619] - fix Intel RNG detection - ISDN: check for userspace copy faults - ISDN: fix drivers, by handling errors thrown by ->readstat() - splice: fix pipe_to_file() ->prepare_write() error path - ALSA: Fix bug in snd-usb-usx2y's usX2Y_pcms_lock_check() - ALSA: Repair snd-usb-usx2y for usb 2.6.18 - PCI: Remove quirk_via_abnormal_poweroff - Bluetooth: Check if DLC is still attached to the TTY - vmscan: Fix temp_priority race - Use min of two prio settings in calculating distress for reclaim - __div64_32 for 31 bit. Fixes funny clock speed on hercules emulator. (closes: 395247) - DVB: fix dvb_pll_attach for mt352/zl10353 in cx88-dvb, and nxt200x - fuse: fix hang on SMP - md: Fix bug where spares don't always get rebuilt properly when they become live. - md: Fix calculation of ->degraded for multipath and raid10 - knfsd: Fix race that can disable NFS server. - md: check bio address after mapping through partitions. - fill_tgid: fix task_struct leak and possible oops - uml: fix processor selection to exclude unsupported processors and features - uml: remove warnings added by previous -stable patch - Fix sfuzz hanging on 2.6.18 - SERIAL: Fix resume handling bug - SERIAL: Fix oops when removing suspended serial port - sky2: MSI test race and message - sky2: pause parameter adjustment - sky2: turn off PHY IRQ on shutdown - sky2: accept multicast pause frames - sky2: GMAC pause frame - sky2: 88E803X transmit lockup (2.6.18) - tcp: cubic scaling error - mm: fix a race condition under SMC + COW - ALSA: powermac - Fix Oops when conflicting with aoa driver - ALSA: Fix re-use of va_list - posix-cpu-timers: prevent signal delivery starvation - NFS: nfs_lookup - don't hash dentry when optimising away the lookup - uml: make Uml compile on FC6 kernel headers - Fix potential interrupts during alternative patching * Backport atkbd - supress "too many keys" error message. * [s390] Revert temporarly 2.6.18.1 "S390: user readable uninitialised kernel memory (CVE-2006-5174)" fix as it causes ftfbs [ Sven Luther ] * [powerpc] Added exception alignement patch from Benjamin Herrenschmidt. [ Frederik Schüler ] * Bump ABI to 2. * Update vserver patch to 2.0.2.2-rc4. [ Thiemo Seufer ] * Add patches from linux-mips.org's 2.6.18-stable branch: - bugfix/copy-user-highpage.patch, needed for cache alias handling on mips/mipsel/hppa. - bugfix/mips/syscall-wiring.patch, fixes TLS register access, and n32 rt_sigqueueinfo. - bugfix/mips/sb1-flush-cache-data-page.patch, missing cache flush on SB-1. - bugfix/mips/trylock.patch, fix trylock implementation for R1x000 and R3xxx. - bugfix/mips/smp-cpu-bringup.patch, correct initialization of non-contiguous CPU topology. - bugfix/mips/header-exports.patch, clean up userland exports of kernel headers. - bugfix/mips/sb1-interrupt-handler.patch, fix broken interrupt routing on SB-1. - bugfix/mips/cache-alias.patch, fixes #387498 for mips/mipsel. - bugfix/mips/ip22-zilog-console.patch, fix long delays seen with SGI ip22 serial console. - bugfix/mips/signal-handling.patch, fixes a signal handling race condition shown with gdb. - bugfix/mips/sb1-duart-tts.patch, replaces mips-sb1-duart-tts.patch, use standard Linux names for SB-1 consoles. - bugfix/mips/wait-race.patch, correct behaviour of the idle loop. - bugfix/mips/sgi-ioc3.patch, checksumming fix for IOC3 network driver. - features/mips/qemu-kernel.patch, support for the mips/mipsel machine emulated by Qemu. - features/mips/backtrace.patch, reimplementation of stack analysis and backtrace printing, useful for in-kernel debugging. - bugfix/mips/dec-scsi.patch, replaces mips-dec-scsi.patch, fixes DSP SCSI driver for DECstations. - bugfix/mips/dec-serial.patch, replaces mips-dec-serial.patch, fix serial console handling on DECstations. -- Frederik Schüler Sat, 4 Nov 2006 18:45:02 +0100 linux-2.6 (2.6.18-3) unstable; urgency=low [ Bastian Blank ] * Fix home of patch apply script. * Unify CPUSET option. (closes: #391931) * Support xen version 3.0.3-1. * Add AHCI suspend support. * Add patch to support bindmount without nodev on vserver. * Update fedora xen patch to changeset 36252. [ Steve Langasek ] * [alpha] restore alpha-prctl.patch, which keeps disappearing every time there's a kernel upgrade :/ [ Frederik Schüler ] * Activate CONFIG_NET_CLS_* globaly. (Closes: #389918) * Make CONFIG_EFI_VARS modular on i386. (Closes: #381951) * Activate CONFIG_SCSI_ARCMSR on amd64, powerpc, sparc too. * [vserver] Activate HARDCPU and HARDCPU_IDLE. * [vserver] Upgrade to vs2.0.2.2-rc2. [ maximilian attems ] * [mipsel] Disable CONFIG_SECURITY_SECLVL on DECstations too. * Add stable release 2.6.18.1: - add utsrelease.h to the dontdiff file - V4L: copy-paste bug in videodev.c - block layer: elv_iosched_show should get elv_list_lock - NETFILTER: NAT: fix NOTRACK checksum handling - bcm43xx: fix regressions in 2.6.18 (Closes: #392065) - x86-64: Calgary IOMMU: Fix off by one when calculating register space location - ide-generic: jmicron fix - scx200_hrt: fix precedence bug manifesting as 27x clock in 1 MHz mode - invalidate_inode_pages2(): ignore page refcounts - rtc driver rtc-pcf8563 century bit inversed - fbdev: correct buffer size limit in fbmem_read_proc() - mm: bug in set_page_dirty_buffers - TCP: Fix and simplify microsecond rtt sampling - MD: Fix problem where hot-added drives are not resynced. - IPV6: Disable SG for GSO unless we have checksum - PKT_SCHED: cls_basic: Use unsigned int when generating handle - sata_mv: fix oops - [SPARC64]: Kill bogus check from bootmem_init(). - IPV6: bh_lock_sock_nested on tcp_v6_rcv - [CPUFREQ] Fix some more CPU hotplug locking. - SPARC64: Fix serious bug in sched_clock() on sparc64 - Fix VIDIOC_ENUMSTD bug - load_module: no BUG if module_subsys uninitialized - i386: fix flat mode numa on a real numa system - cpu to node relationship fixup: map cpu to node - cpu to node relationship fixup: acpi_map_cpu2node - backlight: fix oops in __mutex_lock_slowpath during head /sys/class/graphics/fb0/* - do not free non slab allocated per_cpu_pageset - rtc: lockdep fix/workaround - powerpc: Fix ohare IDE irq workaround on old powermacs - sysfs: remove duplicated dput in sysfs_update_file - powerpc: fix building gdb against asm/ptrace.h - Remove offsetof() from user-visible - Clean up exported headers on CRIS - Fix v850 exported headers - Don't advertise (or allow) headers_{install,check} where inappropriate. - Remove UML header export - Remove ARM26 header export. - Fix H8300 exported headers. - Fix m68knommu exported headers - Fix exported headers for SPARC, SPARC64 - Fix 'make headers_check' on m32r - Fix 'make headers_check' on sh64 - Fix 'make headers_check' on sh - Fix ARM 'make headers_check' - One line per header in Kbuild files to reduce conflicts - sky2 network driver device ids - sky2: tx pause bug fix - netdrvr: lp486e: fix typo - mv643xx_eth: fix obvious typo, which caused build breakage - zone_reclaim: dynamic slab reclaim - Fix longstanding load balancing bug in the scheduler - jbd: fix commit of ordered data buffers - ALSA: Fix initiailization of user-space controls - USB: Allow compile in g_ether, fix typo - IB/mthca: Fix lid used for sending traps - S390: user readable uninitialised kernel memory (CVE-2006-5174) - zd1211rw: ZD1211B ASIC/FWT, not jointly decoder - V4L: pvrusb2: Limit hor res for 24xxx devices - V4L: pvrusb2: Suppress compiler warning - V4L: pvrusb2: improve 24XXX config option description - V4L: pvrusb2: Solve mutex deadlock - DVB: cx24123: fix PLL divisor setup - V4L: Fix msp343xG handling regression - UML: Fix UML build failure - uml: use DEFCONFIG_LIST to avoid reading host's config - uml: allow using again x86/x86_64 crypto code - NET_SCHED: Fix fallout from dev->qdisc RCU change * Add backported git patch remving BSD secure level - request by the Debian Security Team. (closes: 389282) * [powerpc] Add DAC960-ipr PCI id table fixup. * [powerpc] Fix uninitialised spinlock in via-pmu-backlight code. * Fix serial_cs resume handling. * Fix oops when removing suspended serial port. * Check if DLC is still attached to the TTY. * Add fedora backport of i965 DRM support. [ Martin Michlmayr ] * [mips] Apply some patches from linux-mips' linux-2.6.18-stable GIT tree: - The o32 fstatat syscall behaves differently on 32 and 64 bit kernels - fstatat syscall names - BCM1480: Mask pending interrupts against c0_status.im. - Cobalt: Time runs too quickly - Show actual CPU information in /proc/cpuinfo - Workaround for bug in gcc -EB / -EL options - Do not use -msym32 option for modules - Fix O32 personality(2) call with 0xffffffff argument - Use compat_sys_mount [ dann frazier ] * [ia64]: Fix booting on HP cell systems, thanks to Troy Heber - Enable CONFIG_HUGETLBFS - bugfix/ia64/sal-flush-fix.patch: delay sal cache flush * bugfix/sky2-receive-FIFO-fix.patch: fix sky2 hangs on some chips Thanks to Stephen Hemminger for the patch. (Closes: #391382) * features/all/drivers/cciss-support-for-gt-2TB-volumes.patch: Add support for > 2TB volumes * bugfix/sym2-dont-claim-raid-devs.patch: Prevent cpqarray/sym2 conflict by telling sym2 not to claim raid devices. (Closes: #391384) [ Sven Luther ] * [powerpc] Added AMD74xx driver module to the powerpc64 flavour (Closes: #391861). [ Kyle McMartin ] * [hppa] Force CROSS_COMPILE=hppa64-linux-gnu- (closes: #389296) -- Bastian Blank Sat, 21 Oct 2006 15:59:43 +0200 linux-2.6 (2.6.18-2) unstable; urgency=low [ Bastian Blank ] * hppa: Fix compiler dependencies. (closes: #389296) * Make cfq the default io scheduler. * Add arcmsr (Areca) driver. * powerpc/prep: Fix compatibility asm symlink. * m68k: Disable initramfs support. [ Kyle McMartin ] * hppa: Add parisc patchset. [ Norbert Tretkowski ] * [alpha] Workaround undefined symbols by setting CONFIG_SCSI=y for smp flavour. (closes: #369517) [ Christian T. Steiges ] * m68k: Update patches for 2.6.18. * m68k: Re-Add m68k-as and m68k-macro patch which allow building with current binutils. * m68k: disable CONFIG_AUDIT for m68k. * m68k/mac: add m68k-no-backlight and m68k-fbcon patch. * m68k/mac: enable SONIC, disable all ADB but CUDA. [ Jurij Smakov ] * Add bugfix/proc-fb-reading.patch to fix the inconsistent behaviour of /proc/fb. (Closes: #388815) * sparc: Enable vserver flavour for sparc64. (Closes: #386656) -- Bastian Blank Fri, 29 Sep 2006 14:12:19 +0200 linux-kbuild-2.6 (2.6.18-1) unstable; urgency=low * New upstream version. * Use included headers. (closes: #382286, #384211) -- Bastian Blank Mon, 25 Sep 2006 21:45:50 +0200 linux-2.6 (2.6.18-1) unstable; urgency=low The unpruned release [ Martin Michlmayr ] * Bump build-dependency on kernel-package to 10.054. * arm/iop32x: Build ext2/3 as modules. * arm/iop32x: Disable CONFIG_EMBEDDED. * mipsel/r5k-cobalt: Enable ISDN. * arm/footbridge: Enable the CIFS module (closes: #274808). * arm/nslu2: Drop flavour since this machine is supported by arm/ixp4xx. * arm: Make get_unaligned() work with const pointers and GCC 4.1. * mipsel/r5k-cobalt: Enable CONFIG_BONDING as a module. * arm/iop32x: Likewise. * arm/ixp4xx: Likewise. * arm: Disable CONFIG_AUDIT for now since it's broken. [ Sven Luther ] * [powerpc] Enabled the -prep flavour. (Closes: #359025) * [powerpc] The sisfb framebuffer device is now builtin. * [powerpc] Updated the powerpc serial patch. This fixes the XServe serial port, but at the cost powermac pcmcia serial cards support. Thanks go to Mark Hymers for providing the patch. (Closes: #364637, #375194) * [powerpc] Added patch to fix oldworld/quik booting. Thanks fo to Christian Aichinger for investigating to Benjamin Herrenschmidt for providing the patch. (Closes: #366620, #375035). * [powerpc] Fixes hvc_console caused suspsend-to-disk breakage. Thanks to Andrew Morton for providing the patch. (Closes: #387178) * [powerpc] Disabled mv643xx_eth on powerpc64 flavours, as there never was a Marvell Discovery northbrige for 64bit powerpc cpus. [ Frederik Schüler ] * Remove obsolete options from amd64 and i386 configs. * Deactivate EVBUG. * Make PARPORT options global. * [i386] Add class definition for 486 flavour. [ maximilian attems ] * Enable CONFIG_PRINTER=m for all powerpc flavours. * Enable the new alsa CONFIG_SND_AOA framework for powerpc. * Add the merged advansys pci table patch. [ Bastian Blank ] * hppa: Use gcc-4.1. * Only provide 16 legacy ptys. [ Norbert Tretkowski ] * [alpha] Updated configs. * [alpha] Disabled CONFIG_AUDIT, broken. * [alpha] Added vserver flavour. -- Bastian Blank Sun, 24 Sep 2006 15:55:37 +0200 linux-2.6 (2.6.17-9) unstable; urgency=medium [ Bastian Blank ] * Update vserver patch to 2.0.2. - Fix possible priviledge escalation in remount code. (CVE-2006-4243) [ Frederik Schüler ] * Add stable release 2.5.17.12: - sky2: version 1.6.1 - sky2: fix fiber support - sky2: MSI test timing - sky2: use dev_alloc_skb for receive buffers - sky2: clear status IRQ after empty - sky2: accept flow control - dm: Fix deadlock under high i/o load in raid1 setup. - Remove redundant up() in stop_machine() - Missing PCI id update for VIA IDE - PKTGEN: Fix oops when used with balance-tlb bonding - PKTGEN: Make sure skb->{nh,h} are initialized in fill_packet_ipv6() too. - Silent data corruption caused by XPC - uhci-hcd: fix list access bug - binfmt_elf: fix checks for bad address - [s390] bug in futex unqueue_me - fcntl(F_SETSIG) fix - IPV6 OOPS'er triggerable by any user - SCTP: Fix sctp_primitive_ABORT() call in sctp_close(). - SPARC64: Fix X server crashes on sparc64 - TG3: Disable TSO by default - dm: mirror sector offset fix - dm: fix block device initialisation - dm: add module ref counting - dm: fix mapped device ref counting - dm: add DMF_FREEING - dm: change minor_lock to spinlock - dm: move idr_pre_get - dm: fix idr minor allocation - dm snapshot: unify chunk_size - Have ext2 reject file handles with bad inode numbers early. - Allow per-route window scale limiting - bridge-netfilter: don't overwrite memory outside of skb - fix compilation error on IA64 - Fix output framentation of paged-skbs - spectrum_cs: Fix firmware uploading errors - TEXTSEARCH: Fix Boyer Moore initialization bug * Add stable release 2.6.17.13: - lib: add idr_replace - pci_ids.h: add some VIA IDE identifiers * Remove patches merged upstream: - s390-kernel-futex-barrier.patch * Unpatch ia64-mman.h-fix.patch -- Bastian Blank Wed, 13 Sep 2006 14:54:14 +0200 linux-2.6 (2.6.17-8) unstable; urgency=low [ Martin Michlmayr ] * arm/ixp4xx: Enable CONFIG_W1. [ dann frazier ] * sound-pci-hda-mac-mini-quirks.diff, sound-pci-hda-intel-d965.diff sound-pci-hda-mac-mini-intel945.diff: Updates to patch_sigmatel.c to add x86 mac-mini sound support Thanks to Matt Kraai. (closes: #384972) [ Kyle McMartin ] * hppa: Re-enable pa8800 fixing patches from James Bottomley. Pulled fresh from parisc-linux git tree. * ia64: Pull in compile-failure fix from Christian Cotte-Barrot. Pulled from linux-ia64 mailing list. Fix is correct. * hppa/alpha/mips: Fix compile-failure due to missing arch_mmap_check. Patch sent upstream to stable@kernel.org. [ dann frazier ] * sym2: only claim "Storage" class devices - the cpqarray driver should be used for 5c1510 devices in RAID mode. (closes: #380272) [ Bastian Blank ] * Backport change to allow all hypercalls for xen. -- Bastian Blank Thu, 31 Aug 2006 12:12:51 +0200 linux-2.6 (2.6.17-7) unstable; urgency=low [ Martin Michlmayr ] * arm/iop32x: Enable CONFIG_BLK_DEV_OFFBOARD. * arm/iop32x: Unset CONFIG_BLK_DEV_AMD74XX since it fails on ARM with "Unknown symbol pci_get_legacy_ide_irq". * arm/iop32x: Enable a number of MD and DM modules. * arm/iop32x: Enable some more USB network modules. * mipsel/r5k-cobalt: Increase 8250 NR_UARTS and RUNTIME_UARTS to 4. * mipsel/r5k-cobalt: Fix MAC detection problem on Qube 2700. [ Bastian Blank ] * Update vserver patch to 2.0.2-rc29. * Add stable release 2.6.17.10: - Fix possible UDF deadlock and memory corruption (CVE-2006-4145) - elv_unregister: fix possible crash on module unload - Fix sctp privilege elevation (CVE-2006-3745) [ maximilian attems ] * Add RAM range to longclass for -bigmem. (closes: 382799) * Add stable release 2.6.17.9: - powerpc: Clear HID0 attention enable on PPC970 at boot time (CVE-2006-4093) * Add stable release 2.6.17.11: - Fix ipv4 routing locking bug - disable debugging version of write_lock() - PCI: fix ICH6 quirks - 1394: fix for recently added firewire patch that breaks things on ppc - Fix IFLA_ADDRESS handling - Fix BeFS slab corruption - Fix timer race in dst GC code - Have ext3 reject file handles with bad inode numbers early - Kill HASH_HIGHMEM from route cache hash sizing - sys_getppid oopses on debug kernel - IA64: local DoS with corrupted ELFs - tpm: interrupt clear fix - ulog: fix panic on SMP kernels - dm: BUG/OOPS fix - MD: Fix a potential NULL dereference in md/raid1 - ip_tables: fix table locking in ipt_do_table - swsusp: Fix swap_type_of - sky2: phy power problem on 88e805x - ipx: header length validation needed [ Frederik Schüler ] * Activate CONFIG_R8169_VLAN on amd64. (closes: #383707) * Activate EFI boot support on i386. (closes: #381951) [ dann frazier ] * Include module.lds in headers package if it exists. (closes: #342246) * Add Apple MacBook product IDs to usbhid and set CONFIG_USB_HIDINPUT_POWERBOOK=y on i386 and amd64. (closes: #383620) -- Bastian Blank Thu, 24 Aug 2006 15:54:51 +0000 linux-2.6 (2.6.17-6) unstable; urgency=low [ maximilian attems ] * debian/arch/i386/defines: Activate 686-bigmem flavour for enterprise usage. * Add ubuntu pci table patch for scsi drivers advansys and fdomain. [ Martin Michlmayr ] * arm/armeb: Use gcc-4.1. * mips/mipsel: Use gcc-4.1. * arm/ixp4xx: Update config based on the NSLU2 config. * arm/s3c2410: Unset CONFIG_DEBUG_INFO. * arm/iop32x: xscale: don't mis-report 80219 as an iop32x * arm/iop32x: Add an MTD map for IOP3xx boards * arm/iop32x: Add support for the Thecus N2100. * arm/iop32x: Add support for the GLAN Tank. * arm/iop32x: Add a flavour for IOP32x based machines. [ Bastian Blank ] * Shrink short descriptions. * Make gcc-4.1 the default compiler. * [powerpc]: Use gcc-4.1. * Move latest and transitional packages to linux-latest-2.6. [ Frederik Schüler ] * [amd64] Add smp-alternatives backport. * [amd64] Drop smp flavours. * [amd64] Merge k8 and p4 flavours into a generic one, following upstreams advice. * Activate BSD_PROCESS_ACCT_V3. * Add stable release 2.6.17.8: - ALSA: Don't reject O_RDWR at opening PCM OSS - Add stable branch to maintainers file - tty serialize flush_to_ldisc - S390: fix futex_atomic_cmpxchg_inatomic - Fix budget-av compile failure - cond_resched() fix - e1000: add forgotten PCI ID for supported device - ext3: avoid triggering ext3_error on bad NFS file handle - ext3 -nobh option causes oops - Fix race related problem when adding items to and svcrpc auth cache. - ieee1394: sbp2: enable auto spin-up for Maxtor disks - invalidate_bdev() speedup - Sparc64 quad-float emulation fix - VLAN state handling fix - Update frag_list in pskb_trim - UHCI: Fix handling of short last packet - sky2: NAPI bug - i2c: Fix 'ignore' module parameter handling in i2c-core - scx200_acb: Fix the block transactions - scx200_acb: Fix the state machine - H.323 helper: fix possible NULL-ptr dereference - Don't allow chmod() on the /proc// files - PCI: fix issues with extended conf space when MMCONFIG disabled because of e820 [ Sven Luther ] * [powerpc] Added console=hvsi0 too to CMDLINE to the powerpc64 flavour, for non-virtualized IBM power machines serial console. -- Bastian Blank Fri, 11 Aug 2006 19:58:06 +0200 linux-kbuild-2.6 (2.6.17-3) unstable; urgency=low * Replace own modpost with original one. -- Bastian Blank Tue, 1 Aug 2006 11:01:18 +0200 linux-2.6 (2.6.17-5) unstable; urgency=low [ Martin Michlmayr ] * [arm/nslu2] Enable CONFIG_USB_EHCI_SPLIT_ISO. Closes: #378554 [ maximilian attems ] * Add stable release 2.6.17.7: - BLOCK: Fix bounce limit address check - v4l/dvb: Fix budget-av frontend detection - v4l/dvb: Fix CI on old KNC1 DVBC cards - v4l/dvb: Fix CI interface on PRO KNC1 cards - v4l/dvb: Backport fix to artec USB DVB devices - v4l/dvb: Backport the DISEQC regression fix to 2.6.17.x - v4l/dvb: stradis: dont export MODULE_DEVICE_TABLE - pnp: suppress request_irq() warning - generic_file_buffered_write(): handle zero-length iovec segments - serial 8250: sysrq deadlock fix - Reduce ACPI verbosity on null handle condition - ieee80211: TKIP requires CRC32 - Make powernow-k7 work on SMP kernels. - via-velocity: the link is not correctly detected when the device starts - Add missing UFO initialisations - USB serial ftdi_sio: Prevent userspace DoS (CVE-2006-2936) - cdrom: fix bad cgc.buflen assignment - splice: fix problems with sys_tee() - fix fdset leakage - struct file leakage - XFS: corruption fix - v4l/dvb: Kconfig: fix description and dependencies for saa7115 module - dvb-bt8xx: fix frontend detection for DViCO FusionHDTV DVB-T Lite rev 1.2 - IB/mthca: restore missing PCI registers after reset - v4l/dvb: Backport the budget driver DISEQC instability fix - Fix IPv4/DECnet routing rule dumping - pdflush: handle resume wakeups - x86_64: Fix modular pc speaker - Fix powernow-k8 SMP kernel on UP hardware bug. - ALSA: RME HDSP - fixed proc interface (missing {}) - ALSA: au88x0 - Fix 64bit address of MPU401 MMIO port - ALSA: Fix a deadlock in snd-rtctimer - ALSA: Fix missing array terminators in AD1988 codec support - ALSA: Fix model for HP dc7600 - ALSA: Fix mute switch on VAIO laptops with STAC7661 - ALSA: fix the SND_FM801_TEA575X dependencies - ALSA: Fix undefined (missing) references in ISA MIRO sound driver - ALSA: Fix workaround for AD1988A rev2 codec - ALSA: hda-intel - Fix race in remove - Suppress irq handler mismatch messages in ALSA ISA drivers - PKT_SCHED: Fix illegal memory dereferences when dumping actions - PKT_SCHED: Return ENOENT if action module is unavailable - PKT_SCHED: Fix error handling while dumping actions - generic_file_buffered_write(): deadlock on vectored write - ethtool: oops in ethtool_set_pauseparam() - memory hotplug: solve config broken: undefined reference to `online_page' * Add budget-av-compile-fix.patch stable compile fix. * Enable in all configs setting SND_FM801_TEA575X SND_FM801_TEA575X_BOOL=y. -- Bastian Blank Sat, 29 Jul 2006 13:30:06 +0200 linux-2.6 (2.6.17-4) unstable; urgency=low [ Bastian Blank ] * Add stable release 2.6.17.5: - Fix nasty /proc vulnerability (CVE-2006-3626) * Add stable release 2.6.17.6: - Relax /proc fix a bit * Set section of images to admin. [ dann frazier ] * [ia64] Drop the non-SMP flavours; they are not well maintained upstream. Note that the non-SMP flavours have been identical to the SMP builds since 2.6.13-1; this was to avoid having to drop then re-add these flavours if upstream resolved the issue - but that never happened. Note that this is a measurable performance penalty on non-SMP systems. -- Bastian Blank Mon, 17 Jul 2006 11:08:41 +0200 linux-2.6 (2.6.17-3) unstable; urgency=low [ maximilian attems ] * Add stable release 2.6.17.2: - ide-io: increase timeout value to allow for slave wakeup - NTFS: Critical bug fix (affects MIPS and possibly others) - Link error when futexes are disabled on 64bit architectures - SCTP: Reset rtt_in_progress for the chunk when processing its sack. - SPARC32: Fix iommu_flush_iotlb end address - ETHTOOL: Fix UFO typo - UML: fix uptime - x86: compile fix for asm-i386/alternatives.h - bcm43xx: init fix for possible Machine Check - SCTP: Fix persistent slowdown in sctp when a gap ack consumes rx buffer. - kbuild: bugfix with initramfs - Input: return correct size when reading modalias attribute - ohci1394: Fix broken suspend/resume in ohci1394 - idr: fix race in idr code - USB: Whiteheat: fix firmware spurious errors - libata: minor patch for ATA_DFLAG_PIO - SCTP: Send only 1 window update SACK per message. - PFKEYV2: Fix inconsistent typing in struct sadb_x_kmprivate. - SCTP: Limit association max_retrans setting in setsockopt. - SCTP: Reject sctp packets with broadcast addresses. - IPV6: Sum real space for RTAs. - IPV6 ADDRCONF: Fix default source address selection without CONFIG_IPV6_PRIVACY - IPV6: Fix source address selection. * Add stable release 2.6.17.3: - NETFILTER: SCTP conntrack: fix crash triggered by packet without chunks [CVE-2006-2934] * Deapply merged sparc32-iotlb.patch. * Fix README.Debian: Correct svn location, remove old boot param bswap reference, the asfs patch is in the Debian kernel. Remove reference to AMD 768 erratum 10, it was solved in 2.6.12. Add wording corrections. * Set CONFIG_SERIAL_8250_RN_UARTS=16 for all archs beside mips/m68k unless explicitly set on a specific value. (closes: 377151) * Add stable release 2.6.17.4: - fix prctl privilege escalation and suid_dumpable (CVE-2006-2451) [ Sven Luther ] * Re-enabled fs-asfs patch. [ Thiemo Seufer ] * [mips,mipsel] Fix sb1 interrupt handlers. * [mips,mipsel] Fix devfs-induced build failure in sb1250 serial driver. * [mips] SGI ip22 RTC was broken, fixed thanks to Julien Blache. * [mips] Fix SGI ip22 serial console, thanks to Julien Blache. [ Martin Michlmayr ] * [arm/nslu2] Enable HFS and some other filesystems. * [arm/nslu2] Unset CONFIG_USB_STORAGE_DEBUG. Closes: #377853. -- Bastian Blank Thu, 13 Jul 2006 13:14:53 +0200 linux-kbuild-2.6 (2.6.17-2) unstable; urgency=low * Fix uninitialied variable. (closes: #377656) -- Bastian Blank Tue, 11 Jul 2006 10:10:24 +0200 linux-kbuild-2.6 (2.6.17-1) unstable; urgency=low * Initial release. (closes: #368544) -- Bastian Blank Sat, 1 Jul 2006 19:10:07 +0200 linux-2.6 (2.6.17-2) unstable; urgency=low [ Jurij Smakov ] * [sparc] Switch to gcc-4.1 as it produces a working kernel, while gcc-4.0 does not. No ABI bump neccessary, because 2.6.17-1 sparc binaries never made it to the archive. * [sparc32] Add sparc32-iotlb.patch to fix DMA errors on sparc32. [ Sven Luther ] * [powerpc] Added console=hvc0 default commandline option to powerpc64 flavour. * [powerpc] Fixed mkvmlinuz support, which was missing from -1. (Closes: #375645) * [powerpc] Added PowerBook HID support for last-gen PowerBook keyboards. (Closes: #307327) [ Martin Michlmayr ] * [mipsel] Fix compilation error in dz serial driver. * [mipsel] Update configs. * [mipsel] Add a build fix for the Cobalt early console support. * [arm/nslu2] Disable SE Linux support for now so the kernel fits into flash. [ Christian T. Steigies ] * [m68k] Update patches for 2.6.17. * [m68k] Add m68k-as and m68k-macro patch which allow building with current binutils. * [m68k] Disable all subarches but amiga and mac for official linux-images. [ Kyle McMartin ] * [hppa] Update patchset (2.6.17-pa6) from parisc-linux.org. Which fixes relocation errors in modules with 64-bit kernels, and a softlockup on non-SMP flavours with gettimeofday. -- Bastian Blank Thu, 29 Jun 2006 18:49:35 +0200 linux-2.6 (2.6.17-1) unstable; urgency=low [ Frederik Schüler ] * New upstream release. * [amd64] Use gcc 4.1. * [amd64] Drop amd64-generic flavor. We will use amd64-k8 for the installer. [ Martin Michlmayr ] * [mips] Update patches for 2.6.17. * [arm] Update configs. * [armeb] Update configs. [ Thiemo Seufer ] * [mips] Fix SWARM FPU detection. * [mips] Update configurations. [ Kyle McMartin ] * [hppa] Set PDC_CHASSIS_WARN to y. * [hppa] Update patchset (2.6.17-pa2) from parisc-linux.org. * [hppa] Change NR_CPUS to 8 from 32 on both SMP flavours. * [hppa] Set PARISC_PAGE_SIZE to 4K on all platforms. [ Bastian Blank ] * [s390] Use gcc 4.1. * [i386] Enable REGPARM. * [i386] Use gcc 4.1. * [powerpc] Disable prep. [ dann frazier ] * [ia64] Update configs * [ia64] Use gcc 4.1. [ maximilian attems ] * Add stable release 2.6.17.1: - xt_sctp: fix endless loop caused by 0 chunk length (CVE-2006-3085) -- Bastian Blank Thu, 22 Jun 2006 12:13:15 +0200 linux-2.6 (2.6.16+2.6.17-rc3-0experimental.1) experimental; urgency=low [ Frederik Schüler ] * New upstream release candidate. * Switch HZ from 1000 to 250, following upstreams default. * Activate CONFIG_BCM43XX_DEBUG. [ maximilian attems ] * Disable broken and known unsecure LSM modules: CONFIG_SECURITY_SECLVL, CONFIG_SECURITY_ROOTPLUG. Upstream plans to remove them for 2.6.18 -- Frederik Schüler Sun, 7 May 2006 17:06:29 +0200 linux-2.6.16 (2.6.16-18) unstable; urgency=high [ Sven Luther ] * [powerpc] Added console=hvsi0 too to CMDLINE to the powerpc64 flavour, for non-virtualized IBM power machines serial console. [ dann frazier ] * fs-ext3-bad-nfs-handle.patch: avoid triggering ext3_error on bad NFS file handle (CVE-2006-3468) * cdrom-bad-cgc.buflen-assign.patch: fix buffer overflow in dvd_read_bca * usb-serial-ftdi_sio-dos.patch: fix userspace DoS in ftdi_sio driver [ Bastian Blank ] * Update xen patch to changeset 9762. -- Frederik Schüler Fri, 18 Aug 2006 20:29:17 +0200 linux-2.6.16 (2.6.16-17) unstable; urgency=high [ Martin Michlmayr ] * Add stable release 2.6.16.22: - powernow-k8 crash workaround - NTFS: Critical bug fix (affects MIPS and possibly others) - JFS: Fix multiple errors in metapage_releasepage - SPARC64: Fix D-cache corruption in mremap - SPARC64: Respect gfp_t argument to dma_alloc_coherent(). - SPARC64: Fix missing fold at end of checksums. - scsi_lib.c: properly count the number of pages in scsi_req_map_sg() - I2O: Bugfixes to get I2O working again - Missed error checking for intent's filp in open_namei(). - tmpfs: time granularity fix for [acm]time going backwards - USB: Whiteheat: fix firmware spurious errors - fs/namei.c: Call to file_permission() under a spinlock in do_lookup_path() * Add stable release 2.6.16.23: - revert PARPORT_SERIAL should depend on SERIAL_8250_PCI patch - NETFILTER: SCTP conntrack: fix crash triggered by packet without chunks (CVE-2006-2934) * Add stable release 2.6.16.24: - fix prctl privilege escalation and suid_dumpable (CVE-2006-2451) * Add stable release 2.6.16.25: - Fix nasty /proc vulnerability (CVE-2006-3626) * Relax /proc fix a bit (Linus Torvalds) * [arm/nslu2] Unset CONFIG_USB_STORAGE_DEBUG. Closes: #377853. * [mips] SGI ip22 RTC was broken, fixed thanks to Julien Blache. * [mips] Fix SGI ip22 serial console, thanks to Julien Blache. [ Bastian Blank ] * Fix vserver patch. -- Bastian Blank Sat, 15 Jul 2006 17:18:49 +0200 linux-2.6.16 (2.6.16-16) unstable; urgency=low [ Sven Luther ] * [powerpc] Added console=hvc0 default commandline option to powerpc64 flavour. * [powerpc] Now THERM_PM72 and all WINDFARMs are builtin, for better fan control. [ Martin Michlmayr ] * [arm/nslu2] Disable SE Linux support for now so the kernel fits into flash. Closes: #376926. [ Bastian Blank ] * [powerpc,powerpc-miboot] Enable OpenFirmware device tree support. (closes: #376012) -- Bastian Blank Sat, 8 Jul 2006 17:57:57 +0200 linux-2.6.16 (2.6.16-15) unstable; urgency=low [ maximilian attems ] * Add stable release 2.6.16.18: - NETFILTER: SNMP NAT: fix memory corruption (CVE-2006-2444) * Add stable release 2.6.16.19: - NETFILTER: Fix small information leak in SO_ORIGINAL_DST (CVE-2006-1343) * Add stable release 2.6.16.20: - x86_64: Don't do syscall exit tracing twice - Altix: correct ioc4 port order - Input: psmouse - fix new device detection logic - PowerMac: force only suspend-to-disk to be valid - the latest consensus libata resume fix - Altix: correct ioc3 port order - Cpuset: might sleep checking zones allowed fix - ohci1394, sbp2: fix "scsi_add_device failed" with PL-3507 based devices - sbp2: backport read_capacity workaround for iPod - sbp2: fix check of return value of hpsb_allocate_and_register_addrspace - x86_64: x86_64 add crashdump trigger points - ipw2200: Filter unsupported channels out in ad-hoc mode * Add stable release 2.6.16.21: - check_process_timers: fix possible lockup - run_posix_cpu_timers: remove a bogus BUG_ON() (CVE-2006-2445) - xt_sctp: fix endless loop caused by 0 chunk length (CVE-2006-3085) - powerpc: Fix machine check problem on 32-bit kernels (CVE-2006-2448) [ Christian T. Steigies ] * [m68k] Add mac via patch from Finn Thain. * [m68k] Enable INPUT_EVDEV. [ Martin Michlmayr ] * [mips/b1-bcm91250a] Enable SMP. * [mips] Add a compile fix for the Maxine fb. * [mipsel] Add a patch that let's you enable serial console on DECstation. * [mipsel] Add a patch to get SCSI working on DECstation. * [mipsel] Handle memory-mapped RTC chips properly. * [mipsel] Add configs for r3k-kn02 and r4k-kn04 DECstation. * [arm] Allow RiscPC machines to boot an initrd (tagged list fix). * [arm/nslu2] Enable many modules. * [arm] Build loop support as a module. * [arm] Use the generic netfilter configuration. * [arm/footbridge] Enable sound. [ Kyle McMartin ] * [hppa] Pulled patch from cvs to fix build of kernel/ptrace.c which needs {read,write}_can_lock. * [hppa] Disable CONFIG_DETECT_SOFTLOCKUP to fix boot on pa8800 machines. [ Sven Luther ] * [powerpc,prep] Added a new ARCH=ppc PReP flavour, currently mostly a copy of the -powerpc one. * Upgraded mkvmlinuz dependency to mkvmlinuz 21. [ Bastian Blank ] * Update vserver patch to 2.0.2-rc21. * Bump build-dependency on kernel-package to 10.049. [ Jurij Smakov ] * Add dcache-memory-corruption.patch to fix the mremap(), occasionally triggered on sparc in the form of dpkg database corruption. Affects sparc64, mips and generic includes. Thanks to David Miller, original patch is included in 2.6.17. Ref: http://marc.theaimsgroup.com/?l=linux-sparc&m=114920963824047&w=2 * Add sparc32-iotlb.patch to fix the DMA errors encountered with latest kernels on sparc32, in particularly HyperSparcs. Thanks to Bob Breuer. Ref: http://marc.theaimsgroup.com/?l=linux-sparc&m=115077649707675&w=2 -- Bastian Blank Wed, 21 Jun 2006 14:09:11 +0200 linux-2.6 (2.6.16-14) unstable; urgency=low [ Bastian Blank ] * Add stable release 2.6.16.16: - fs/locks.c: Fix lease_init (CVE-2006-1860) * Make i386 xen images recommend libc6-xen. * Update vserver patch to 2.0.2-rc20. * Update xen patch to changeset 9687. [ Christian T. Steigies ] * [m68k] Add generic m68k ide fix. * [m68k] Add cross-compile instructions. * [m68k] Enable INPUT_EVDEV for yaird. * [m68k] sun3 general compile and scsi fixes, enable sun3 SCSI again. [ dann frazier ] * cs4281 - Fix the check of timeout in probe to deal with variable HZ. (closes: #361197) [ Norbert Tretkowski ] * [alpha] Readded patch to support prctl syscall, got lost when upgrading to 2.6.16. [ Frederik Schüler ] * Add stable release 2.6.16.17: - SCTP: Validate the parameter length in HB-ACK chunk (CVE-2006-1857) - SCTP: Respect the real chunk length when walking parameters (CVE-2006-1858) - ptrace_attach: fix possible deadlock schenario with irqs - Fix ptrace_attach()/ptrace_traceme()/de_thread() race - page migration: Fix fallback behavior for dirty pages - add migratepage address space op to shmem - Remove cond_resched in gather_stats() - VIA quirk fixup, additional PCI IDs - PCI quirk: VIA IRQ fixup should only run for VIA southbridges - Fix udev device creation - limit request_fn recursion - PCI: correctly allocate return buffers for osc calls - selinux: check for failed kmalloc in security_sid_to_context() - TG3: ethtool always report port is TP. - Netfilter: do_add_counters race, possible oops or info leak (CVE-2006-0039) - scx200_acb: Fix resource name use after free - smbus unhiding kills thermal management - fs/compat.c: fix 'if (a |= b )' typo - smbfs: Fix slab corruption in samba error path - fs/locks.c: Fix sys_flock() race - USB: ub oops in block_uevent - via-rhine: zero pad short packets on Rhine I ethernet cards - md: Avoid oops when attempting to fix read errors on raid10 -- Bastian Blank Mon, 22 May 2006 14:56:11 +0200 linux-2.6 (2.6.16-13) unstable; urgency=low [ Frederik Schüler ] * Add stable release 2.6.16.14: - smbfs chroot issue (CVE-2006-1864) [ Bastian Blank ] * Don't make headers packages depend on images. * Bump abiname to 2. (closes: #366291) * Update vserver patch to 2.0.2-rc19. * Update xen patch to changeset 9668. * Remove abi fixes. * Add stable release 2.6.16.15: - SCTP: Allow spillover of receive buffer to avoid deadlock. (CVE-2006-2275) - SCTP: Fix panic's when receiving fragmented SCTP control chunks. (CVE-2006-2272) - SCTP: Fix state table entries for chunks received in CLOSED state. (CVE-2006-2271) - SCTP: Prevent possible infinite recursion with multiple bundled DATA. (CVE-2006-2274) * Switch HZ from 1000 to 250. [ Christian T. Steigies ] * [m68k] Add patches that allow building images for atari * [m68k] Enable atyfb driver for atari -- Bastian Blank Wed, 10 May 2006 18:58:44 +0200 linux-2.6 (2.6.16-12) unstable; urgency=low [ Bastian Blank ] * Add stable release 2.6.16.12: - dm snapshot: fix kcopyd destructor - x86_64: Pass -32 to the assembler when compiling the 32bit vsyscall pages - for_each_possible_cpu - Simplify proc/devices and fix early termination regression - sonypi: correct detection of new ICH7-based laptops - MIPS: Fix tx49_blast_icache32_page_indexed. - NET: e1000: Update truesize with the length of the packet for packet split - i386: fix broken FP exception handling - tipar oops fix - USB: fix array overrun in drivers/usb/serial/option.c - Altix snsc: duplicate kobject fix - Alpha: strncpy() fix - LSM: add missing hook to do_compat_readv_writev() - Fix reiserfs deadlock - make vm86 call audit_syscall_exit - fix saa7129 support in saa7127 module for pvr350 tv out - dm flush queue EINTR - get_dvb_firmware: download nxt2002 firmware from new driver location - cxusb-bluebird: bug-fix: power down corrupts frontend - x86_64: Fix a race in the free_iommu path. - MIPS: Use "R" constraint for cache_op. - MIPS: R2 build fixes for gcc < 3.4. - cs5535_gpio.c: call cdev_del() during module_exit to unmap kobject references and other cleanups - MIPS: Fix branch emulation for floating-point exceptions. - x86/PAE: Fix pte_clear for the >4GB RAM case * Add stable release 2.6.16.13: - NETFILTER: SCTP conntrack: fix infinite loop (CVE-2006-1527) * Remove merged patches. * Rediff xen patch. * Bump build-dependency on kernel-package to 10.047. [ Martin Michlmayr ] * [arm] Enable cramfs for ixp4xx and rpc. -- Bastian Blank Thu, 4 May 2006 11:37:26 +0200 linux-2.6 (2.6.16-11) unstable; urgency=low * Update vserver patch to 2.0.2-rc18. - Limit ccaps to root inside a guest (CVE-2006-2110) * Conflict with known broken grub versions. (closes: #361308) * Enable s390 vserver image. * Enable xen and xen-vserver images. * Use localversion for kernel-package images. (closes: #365505) -- Bastian Blank Mon, 1 May 2006 16:38:45 +0200 linux-2.6 (2.6.16-10) unstable; urgency=low [ Norbert Tretkowski ] * [alpha] Added backport of for_each_possible_cpu() to fix alpha build. (closes: #364206) * Add stable release 2.6.16.10: - IPC: access to unmapped vmalloc area in grow_ary() - Add more prevent_tail_call() - alim15x3: ULI M-1573 south Bridge support - apm: fix Armada laptops again - fbdev: Fix return error of fb_write - Fix file lookup without ref - m41t00: fix bitmasks when writing to chip - Open IPMI BT overflow - x86: be careful about tailcall breakage for sys_open[at] too - x86: don't allow tail-calls in sys_ftruncate[64]() - IPV6: XFRM: Fix decoding session with preceding extension header(s). - IPV6: XFRM: Don't use old copy of pointer after pskb_may_pull(). - IPV6: Ensure to have hop-by-hop options in our header of &sk_buff. - selinux: Fix MLS compatibility off-by-one bug - PPC: fix oops in alsa powermac driver - MTD_NAND_SHARPSL and MTD_NAND_NANDSIM should be tristate's - i2c-i801: Fix resume when PEC is used - Fix hotplug race during device registration - Fix truesize underflow - efficeon-agp: Add missing memory mask - 3ware 9000 disable local irqs during kmap_atomic - 3ware: kmap_atomic() fix [ maximilian attems ] * Add stable release 2.6.16.11: - Don't allow a backslash in a path component (CVE-2006-1863) -- Bastian Blank Tue, 25 Apr 2006 13:56:19 +0200 linux-2.6 (2.6.16-9) unstable; urgency=low [ maximilian attems ] * Add stable release 2.6.16.8: - ip_route_input panic fix (CVE-2006-1525) * Add stable release 2.6.16.9: - i386/x86-64: Fix x87 information leak between processes (CVE-2006-1056) [ Bastian Blank ] * Update vserver patch to 2.0.2-rc17. -- Bastian Blank Thu, 20 Apr 2006 15:37:28 +0200 linux-2.6 (2.6.16-8) unstable; urgency=low * Fix ABI-breakage introduced in -7. (closes: #363032) * Add stable release 2.6.16.6: - ext3: Fix missed mutex unlock - RLIMIT_CPU: fix handling of a zero limit - alpha: SMP boot fixes - m32r: security fix of {get, put}_user macros - m32r: Fix cpu_possible_map and cpu_present_map initialization for SMP kernel - shmat: stop mprotect from giving write permission to a readonly attachment (CVE-2006-1524) - powerpc: fix incorrect SA_ONSTACK behaviour for 64-bit processes - MPBL0010 driver sysfs permissions wide open - cciss: bug fix for crash when running hpacucli - fuse: fix oops in fuse_send_readpages() - Fix utime(2) in the case that no times parameter was passed in. - Fix buddy list race that could lead to page lru list corruptions - NETFILTER: Fix fragmentation issues with bridge netfilter - USB: remove __init from usb_console_setup - Fix suspend with traced tasks - isd200: limit to BLK_DEV_IDE - edac_752x needs CONFIG_HOTPLUG - fix non-leader exec under ptrace - sky2: bad memory reference on dual port cards - atm: clip causes unregister hang - powerpc: iSeries needs slb_initialize to be called - Fix block device symlink name - Incorrect signature sent on SMB Read * Add stable release 2.6.16.7: - fix MADV_REMOVE vulnerability (CVE-2006-1524 for real this time) -- Bastian Blank Tue, 18 Apr 2006 16:22:31 +0200 linux-2.6 (2.6.16-7) unstable; urgency=low [ Frederik Schüler ] * Add stable release 2.6.16.3: - Keys: Fix oops when adding key to non-keyring (CVE-2006-1522) [ Bastian Blank ] * Add stable release 2.6.16.4: - RCU signal handling (CVE-2006-1523) [ Sven Luther ] * [powerpc] Transitioned mkvmlinuz support patch to the 2.6.16 ARCH=powerpc tree. PReP is broken in 2.6.16 though. [ maximilian attems ] * Add stable release 2.6.16.5: - x86_64: Clean up execve - x86_64: When user could have changed RIP always force IRET (CVE-2006-0744) * Disable CONFIG_SECCOMP (adds useless overhead on context-switch) - thanks to fs for checking abi. [ Christian T. Steigies ] * [m68k] update m68k patch and config to 2.6.16, temporarily disable atari -- Bastian Blank Sat, 15 Apr 2006 13:56:05 +0200 linux-2.6 (2.6.16-6) unstable; urgency=medium [ Bastian Blank ] * Provide version infos in support package and don't longer rely on the changelog. * [amd64/i386] Enable cpu hotplug support. [ maximilian attems ] * Add stable release 2.6.16.2: - PCMCIA_SPECTRUM must select FW_LOADER - drivers/net/wireless/ipw2200.c: fix an array overun - AIRO{,_CS} <-> CRYPTO fixes - tlclk: fix handling of device major - fbcon: Fix big-endian bogosity in slow_imageblit() - Fix NULL pointer dereference in node_read_numastat() - USB: EHCI full speed ISO bugfixes - Mark longhaul driver as broken. - fib_trie.c node freeing fix - USB: Fix irda-usb use after use - sysfs: zero terminate sysfs write buffers (CVE-2006-1055) - USB: usbcore: usb_set_configuration oops (NULL ptr dereference) - pcmcia: permit single-character-identifiers - hostap: Fix EAPOL frame encryption - wrong error path in dup_fd() leading to oopses in RCU - {ip, nf}_conntrack_netlink: fix expectation notifier unregistration - isicom must select FW_LOADER - knfsd: Correct reserved reply space for read requests. - Fix module refcount leak in __set_personality() - sbp2: fix spinlock recursion - powerpc: make ISA floppies work again - opti9x - Fix compile without CONFIG_PNP - Add default entry for CTL Travel Master U553W - Fix the p4-clockmod N60 errata workaround. - kdump proc vmcore size oveflow fix -- Bastian Blank Mon, 10 Apr 2006 16:09:51 +0200 linux-2.6 (2.6.16-5) unstable; urgency=low [ Bastian Blank ] * Provide real dependency packages for module building. - Add linux-headers-$version-$abiname-all and linux-headers-$version-$abiname-all-$arch. * Rename support package to linux-support-$version-$abiname. * Fix module package output. * Include .kernelrelease in headers packages. (closes: #359813) * Disable Cumana partition support completely. (closes: #359207) * Update vserver patch to 2.0.2-rc15. [ dann frazier ] * [ia64] initramfs-tools works now, no longer restrict initramfs-generators -- Bastian Blank Mon, 3 Apr 2006 14:00:08 +0200 linux-2.6 (2.6.16-4) unstable; urgency=medium [ Martin Michlmayr ] * [arm/armeb] Update nslu2 config. * Add stable release 2.6.16.1: - Fix speedstep-smi assembly bug in speedstep_smi_ownership - DMI: fix DMI onboard device discovery - cciss: fix use-after-free in cciss_init_one - DM: Fix bug: BIO_RW_BARRIER requests to md/raid1 hang. - fix scheduler deadlock - proc: fix duplicate line in /proc/devices - rtc.h broke strace(1) builds - dm: bio split bvec fix - v9fs: assign dentry ops to negative dentries - i810fb_cursor(): use GFP_ATOMIC - NET: Ensure device name passed to SO_BINDTODEVICE is NULL terminated. - XFS writeout fix - sysfs: fix a kobject leak in sysfs_add_link on the error path - get_cpu_sysdev() signedness fix - firmware: fix BUG: in fw_realloc_buffer - sysfs: sysfs_remove_dir() needs to invalidate the dentry - TCP: Do not use inet->id of global tcp_socket when sending RST (CVE-2006-1242) - 2.6.xx: sata_mv: another critical fix - Kconfig: VIDEO_DECODER must select FW_LOADER - V4L/DVB (3324): Fix Samsung tuner frequency ranges - sata_mv: fix irq port status usage -- Bastian Blank Tue, 28 Mar 2006 17:19:10 +0200 linux-2.6 (2.6.16-3) unstable; urgency=low [ Frederik Schüler ] * [amd64] Add asm-i386 to the linux-headers packages. [ Jonas Smedegaard ] * Tighten yaird dependency to at least 0.0.12-8 (supporting Linux 2.6.16 uppercase hex in Kconfig and new IDE sysfs naming, and VIA IDE on powerpc). [ Martin Michlmayr ] * [arm/armeb] Enable CONFIG_NFSD on NSLU2 again. Closes: #358709. * [arm/footbridge] CONFIG_NE2K_PCI should be a module, not built-in. * [arm/footbridge] Enable CONFIG_BLK_DEV_IDECD=m since the CATS can have a CD-ROM drive. * [mips/sb1*] Use ttyS rather than duart as the name for the serial console since the latter causes problems with debian-installer. [ Bastian Blank ] * Update vserver patch to 2.0.2-rc14. - Fix sendfile. (closes: #358391, #358752) -- Bastian Blank Mon, 27 Mar 2006 16:08:20 +0200 linux-2.6 (2.6.16-2) unstable; urgency=low [ dann frazier ] * [ia64] Set unconfigured options: CONFIG_PNP_DEBUG=n and CONFIG_NET_SB1000=m * [hppa] Update config for 2.6.16 [ Martin Michlmayr ] * [mips/mipsel] Put something in the generic config file because diff will otherwise remove the empty file, causing the build to fail. * [mipsel/r5k-cobalt] Set CONFIG_PACKET=y. * [arm] Set CONFIG_MACLIST=y for ixp4xx because nas100d needs it. [ Frederik Schüler ] * Add Maximilian Attems to uploaders list. -- Martin Michlmayr Wed, 22 Mar 2006 15:15:14 +0000 linux-2.6 (2.6.16-1) unstable; urgency=low [ Bastian Blank ] * New upstream release. * Default to initramfs-tools 0.55 or higher on s390. [ maximilian attems ] * Default to initramfs-tools on arm and armeb. [ Martin Michlmayr ] * [mips/mipsel] Add an image for the Broadcom BCM91480B evaluation board (aka "BigSur"). * [arm, armeb] Enable the netconsole module. * [mipsel/cobalt] Enable the netconsole module. * [mips] SB1: Fix interrupt disable hazard (Ralf Baechle). * [mips] SB1: Support for 1480 ethernet (Broadcom). * [mips] SB1: Support for NAPI (Tom Rix). * [mips] SB1: DUART support (Broadcom). * [mips] Work around bad code generation for (Ralf Baechle). * [mips] Fix VINO drivers when using a 64-bit kernel (Mikael Nousiainen). * [arm/armeb] Update configs for 2.6.16. * [mips/mipsel] Update configs for 2.6.16. * [arm/armeb] Enable the SMB module on NSLU2. * [mipsel] Enable parallel port modules for Cobalt since there are PCI cards that can be used in a Qube. * [mipsel] Enable the JFS module on Cobalt. [ dann frazier ] * [ia64] use yaird on ia64 until #357414 is fixed * [ia64] Update configs for 2.6.16 -- Bastian Blank Tue, 21 Mar 2006 16:12:16 +0100 linux-2.6 (2.6.15+2.6.16-rc5-0experimental.1) experimental; urgency=low [ Frederik Schüler ] * New upstream release candidate. [ Martin Michlmayr ] * Add initial mips/mipsel 2.6 kernels. * Important changes compared to the 2.4 kernels: - Drop the XXS1500 flavour since there's little interest in it. - Drop the LASAT flavour since these machines never went into production. - Drop the IP22 R5K (Indy, Indigo2) flavour since the IP22 R4K image now also works on machines with a R5K CPU. - Add an image for SGI IP32 (O2). - Rename the sb1-swarm-bn flavour to sb1-bcm91250a. - Enable PCI network (and other) modules on Cobalt. Closes: #315895. * Add various MIPS related patches: - Fix iomap compilation on machines without COW. - Improve gettimeofday on MIPS. - Fix an oops on IP22 zerilog (serial console). - Improve IDE probing so it won't take so long on Cobalt. - Probe for IDE disks on SWARM. - Test whether there's a scache (fixes Cobalt crash). - Add Tulip fixes for Cobalt. * Fix a typo in the description of the linux-doc-* package, thanks Justin Pryzby. Closes: #343424. * [arm] Enable nfs and nfsd modules. * [arm/footbride] Suggest nwutil (Netwinder utilities). -- Frederik Schüler Thu, 9 Mar 2006 14:13:17 +0000 linux-2.6 (2.6.15+2.6.16-rc4-0experimental.1) experimental; urgency=low [ Frederik Schüler ] * New upstream release. * Activate CONFIG_DVB_AV7110_OSD on alpha amd64 and ia64. Closes: #353292 * Globally enable NAPI on all network card drivers which support it. [ maximilian attems ] * Drop fdutils from i386 and amd64 Suggests. * Swap lilo and grub Suggests for i386 and amd64. [ Jurij Smakov ] * Make sure that LOCALVERSION environment variable is not passed to a shell while invoking make-kpkg, since it appends it to the version string, breaking the build. Closes: #349472 * [sparc32] Re-enable the building of sparc32 images. * [sparc64] Re-add (partial) sparc64-atyf-xl-gr.patch, since it was only partially applied upstream, so the problem (garbled screen output on SunBlade 100) is still present. Thanks to Luis Ortiz for pointing it out. * Bump the build-dep on kernel-package to 10.035, which fixes the problem with building documentation packages. [ Martin Michlmayr ] * [sparc] Add sys_newfstatat -> sys_fstatat64 fix from git. * [arm] Update configs for 2.6.16-rc3. * [armeb] Update configs for 2.6.16-rc3. * [arm/armeb] Fix compilation error on NSLU2 due to recent flash changes. * [arm/armeb] Fix a compilation error in the IXP4xx beeper support (Alessandro Zummo). [ Norbert Tretkowski ] * [alpha] Update arch/alpha/config* for 2.6.16-rc3. -- Bastian Blank Fri, 24 Feb 2006 16:02:11 +0000 linux-2.6 (2.6.15-8) unstable; urgency=high [ maximilian attems ] * Add stable Release 2.6.15.5: - Fix deadlock in br_stp_disable_bridge - Fix a severe bug - i386: Move phys_proc_id/early intel workaround to correct function - ramfs: update dir mtime and ctime - sys_mbind sanity checking - Fix s390 build failure. - Revert skb_copy_datagram_iovec() recursion elimination. - s390: add #ifdef __KERNEL__ to asm-s390/setup.h - netfilter missing symbol has_bridge_parent - hugetlbfs mmap ENOMEM failure - IB/mthca: max_inline_data handling tweaks - it87: Fix oops on removal - hwmon it87: Probe i2c 0x2d only - reiserfs: disable automatic enabling of reiserfs inode attributes - Fix snd-usb-audio in 32-bit compat environment - dm: missing bdput/thaw_bdev at removal - dm: free minor after unlink gendisk - gbefb: IP32 gbefb depth change fix - shmdt cannot detach not-alined shm segment cleanly. - Address autoconfiguration does not work after device down/up cycle - gbefb: Set default of FB_GBE_MEM to 4 MB - XFS ftruncate() bug could expose stale data (CVE-2006-0554) - sys_signal: initialize ->sa_mask - do_sigaction: cleanup ->sa_mask manipulation - fix zap_thread's ptrace related problems - fix deadlock in ext2 - cfi: init wait queue in chip struct - sd: fix memory corruption with broken mode page headers - sbp2: fix another deadlock after disconnection - skge: speed setting - skge: fix NAPI/irq race - skge: genesis phy initialization fix - skge: fix SMP race - x86_64: Check for bad elf entry address (CVE-2006-0741) - alsa: fix bogus snd_device_free() in opl3-oss.c - ppc32: Put cache flush routines back into .relocate_code section - sys32_signal() forgets to initialize ->sa_mask - Normal user can panic NFS client with direct I/O (CVE-2006-0555) * Deactivate merged duplicates: s390-klibc-buildfix.patch, powerpc-relocate_code.patch. * Add stable Release 2.6.15.6: - Don't reset rskq_defer_accept in reqsk_queue_alloc - fs/nfs/direct.c compile fix - mempolicy.c compile fix, make sure BITS_PER_BYTE is defined - [IA64] die_if_kernel() can return (CVE-2006-0742) [ Sven Luther ] * [powerpc] Disabled CONFIG_IEEE1394_SBP2_PHYS_DMA, which was broken on powerpc64, as it used the long deprecated bus_to_virt symbol. (Closes: #330225) * [powerpc] Fixed gettimeofday breakage causing clock drift. -- Bastian Blank Mon, 6 Mar 2006 11:06:28 +0100 linux-2.6 (2.6.15-7) unstable; urgency=low [ Norbert Tretkowski ] * [alpha] Disabled CONFIG_ALPHA_LEGACY_START_ADDRESS for -alpha-generic and -alpha-smp flavours, and introduced a new -alpha-legacy flavour for MILO based machines, which has CONFIG_ALPHA_LEGACY_START_ADDRESS enabled. (closes: #352186) * [alpha] Added new patch to support prctl syscall. (closes: #349765) * [i386] Renamed kernel-image-2.6-486 to kernel-image-2.6-386, it's meant for transition only, and kernel-image-2.6-386 is the package name in sarge. [ Jurij Smakov ] * Bump build-dependency on kernel-package to 10.035, which is fixed to build the documentation packages again. Closes: #352000, #348332 [ Frederik Schüler ] * Activate CONFIG_DVB_AV7110_OSD on alpha amd64 and ia64. Closes: #353292 * Deactivate CONFIG_FB_ATY_XL_INIT on all architectures: it is broken and already removed in 2.6.16-rc. Closes: #353310 [ Christian T. Steigies ] * [m68k] build in cirrusfb driver -- Bastian Blank Tue, 21 Feb 2006 17:35:21 +0000 linux-2.6 (2.6.15-6) unstable; urgency=low [ Bastian Blank ] * Moved the mkvmlinuz support patch modification to a -1 version of the patch. [ maximilian attems ] * Add stable treee 2.6.15.4 - PCMCIA=m, HOSTAP_CS=y is not a legal configuration - Input: iforce - do not return ENOMEM upon successful allocation - x86_64: Let impossible CPUs point to reference per cpu data - x86_64: Clear more state when ignoring empty node in SRAT parsing - x86_64: Dont record local apic ids when they are disabled in MADT - Fix keyctl usage of strnlen_user() - Kill compat_sys_clock_settime sign extension stub. - Input: grip - fix crash when accessing device - Input: db9 - fix possible crash with Saturn gamepads - Input: iforce - fix detection of USB devices - Fixed hardware RX checksum handling - SCSI: turn off ordered flush barriers - Input: mousedev - fix memory leak - seclvl settime fix - fix regression in xfs_buf_rele - md: remove slashes from disk names when creation dev names in sysfs - d_instantiate_unique / NFS inode leakage - dm-crypt: zero key before freeing it - bridge: netfilter races on device removal - bridge: fix RCU race on device removal - SELinux: fix size-128 slab leak - __cmpxchg() must really always be inlined - emu10k1 - Fix the confliction of 'Front' control - Input: sidewinder - fix an oops * Deactivate merged alpha-cmpxchg-inline.patch, sparc64-clock-settime.patch. [ Christian T. Steigies ] * [m68k] Add fix for m68k/buddha IDE and m68k/mac SCSI driver * [m68k] Patch by Peter Krummrich to stop flickering pixels with PicassoII * [m68k] make Amiga keyboard usable again, patch by Roman Zippel * [m68k] prevent wd33c93 SCSI driver from crashing the kernel, patch by Roman Zippel * [m68k] remove SBCs from VME descriptions (closes: #351924) -- Frederik Schüler Fri, 10 Feb 2006 15:33:21 +0000 linux-2.6 (2.6.15-5) unstable; urgency=low [ Martin Michlmayr ] * Add a fix for the input support for the ixp4xx beeper driver from 2.6.16-rc2. * Add stable tree 2.6.15.3: - Fix extra dst release when ip_options_echo fails (CVE-2006-0454) [ Sven Luther ] * [powerpc] Removed -o root -g root option to mkvmlinuz support patch. (Closes: #351412) -- Sven Luther Tue, 7 Feb 2006 19:23:14 +0000 linux-2.6 (2.6.15-4) unstable; urgency=low [ Jurij Smakov ] * [sparc64] Add sparc64-clock-settime.patch to fix the incorrect handling of the clock_settime syscall arguments, which resulted in a hang when trying to set the date using 'date -s'. Patch by David Miller is applied upstream. Thanks to Ludovic Courtes and Frans Pop for reporting and testing. Ref: http://marc.theaimsgroup.com/?t=113861017400002&r=1&w=2 [ Christian T. Steigies ] * [m68k] update m68k patch and config to 2.6.15 * [m68k] SCSI drivers need to be built in until ramdisk generator tools supports loading scsi modules * [m68k] ISCSI and IDE-TAPE don't compile, disabled * [m68k] set CC_OPTIMIZE_FOR_SIZE=n * [m68k] added vmeints patch which fixes building for vme [ maximilian attems ] * Use initramfs-tools for ia64 - fixed klibc. * Add stable tree 2.6.15.2: - Fix double decrement of mqueue_mnt->mnt_count in sys_mq_open - (CVE-2005-3356) - Mask off GFP flags before swiotlb_alloc_coherent - usb-audio: don't use empty packets at start of playback - Make second arg to skb_reserved() signed. - Input: HID - fix an oops in PID initialization code - Fix oops in ufs_fill_super at mount time - Kill blk_attempt_remerge() - Fix i2o_scsi oops on abort - Fix mkiss locking bug - Fix timekeeping on sparc64 ultra-IIe machines - Someone broke reiserfs v3 mount options and this fixes it * Deactivate sparc64-jumping-time.patch, amd64-pppd-fix.patch incl in aboves. * Add s390-klibc-buildfix.patch, regression due to header file changes. [ Steve Langasek ] * [alpha] set __attribute__((always_inline)) on __cmpxchg(), to avoid wrong optimizations with -Os (Closes: #347556). [ Martin Michlmayr ] * Add input support for the ixp4xx beeper driver (Alessandro Zummo). * [arm] Add NSLU2 specific portion of ixp4xx beeper driver (Alessandro Zummo). * [arm/nslu2] Build PPP as a module. * [arm/nslu2] Enable wireless. * [arm/nslu2] Enable most USB modules. * [arm/nslu2] Enable ALSA and USB sound modules. * [arm/nslu2] Set 4 MB as the size of the initrd in the kernel cmd line. * [arm/footbridge] Set CONFIG_BLK_DEV_RAM_SIZE to 8192. * [armeb] Add support for big-endian ARM. * [armeb/nslu2] Use the nslu2 config from arm. [ Frederik Schüler ] * [amd64] Add amd64-pppd-fix.patch to fix kernel panic when using pppd. (Closes: #347711) * Add 64bit-vidiocswin-ioctl-fix.patch to fix VIDIOCSWIN ioctl on 64bit kernel 32bit userland setups. (Closes: #349338) [ Sven Luther ] * [powerpc] Adapted apus config file to be more modular and in sync with the other powerpc configs. Scsi drivers are disabled as they don't build cleanly though (need some esp stuff). * [powerpc] Default to initramfs-tools as initramfs generator, as klibc build is fixed now. [ Bastian Blank ] * [powerpc] Fix dependencies of image packages. -- maximilian attems Wed, 1 Feb 2006 11:34:20 +0100 linux-2.6 (2.6.15-3) unstable; urgency=low [ Martin Michlmayr ] * [arm] Update configs for 2.6.15; closes: #347998. * [arm] Activate tmpfs. * [arm] Allow modules to be unloaded. * [arm] Enable CONFIG_INPUT_EVDEV since yaird needs this module in order to generate initrds. * [arm/footbridge] Activate IDEPCI so SL82C105 will really be compiled in. * [arm/footbridge] Activate the right network drivers (Tulip and NE2K). * [arm/footbridge] Enable more framebuffer drivers. * debian/patches/arm-fix-dc21285.patch: Fix compilation of DC21285 flash driver. * [arm/footbridge] Enable MTD and the DC21285 flash driver. * [arm/footbridge] Enable RAID and LVM modules. * [arm/footbridge] Enable USB modules. * [arm/nslu2] Add an image for Network Storage Link for USB 2.0 Disk Drives. * debian/patches/arm-memory-h-page-shift.patch: Fix error "PAGE_SHIFT undeclared" (Rod Whitby). * debian/patches/mtdpart-redboot-fis-byteswap.patch: recognise a foreign endian RedBoot partition table (John Bowler). * debian/patches/maclist.patch: Add support for the maclist interface (John Bowler). * debian/patches/arm-nslu2-maclist.patch: Add NSLU2 maclist support (John Bowler). * [arm/nslu2] Activate maclist. [ maximilian attems ] * Add stable tree 2.6.15.1: - arch/sparc64/Kconfig: fix HUGETLB_PAGE_SIZE_64K dependencies - moxa serial: add proper capability check - fix /sys/class/net//wireless without dev->get_wireless_stats - Don't match tcp/udp source/destination port for IP fragments - Fix sys_fstat64() entry in 64-bit syscall table. - UFS: inode->i_sem is not released in error path - netlink oops fix due to incorrect error code - Fix onboard video on SPARC Blade 100 for 2.6.{13,14,15} - Fix DoS in netlink_rcv_skb() (CVE-2006-0035) - fix workqueue oops during cpu offline - Fix crash in ip_nat_pptp (CVE-2006-0036) - Fix another crash in ip_nat_pptp (CVE-2006-0037) - ppc32: Re-add embed_config.c to ml300/ep405 - Fix ptrace/strace - vgacon: fix doublescan mode - BRIDGE: Fix faulty check in br_stp_recalculate_bridge_id() - skge: handle out of memory on ring changes * Drop merged patch: - sparc64-atyfb-xl-gr-final.patch [ Simon Horman ] * Fix booting on PReP machines (Closes: #348040) powerpc-relocate_code.patch -- Simon Horman Tue, 17 Jan 2006 18:01:17 +0900 linux-2.6 (2.6.15-2) unstable; urgency=low [ maximilian attems ] * Default to initramfs-tools as initramfs generator for amd64, hppa, i386, alpha and sparc. More archs will be added once klibc matures. (Closes: #346141, #343147, #341524, #346305) * Backport alsa patch for opl3 - Fix the unreleased resources. (Closes: #346273) * Readd buslogic-pci-id-table.patch. [ dann frazier ] * [ia64] Update config for 2.6.15. [ Frederik Schüler ] * Make CONFIG_IPW2100 a per-architecture option and deactivate it on all architectures but i386. (Closes: #344515) [ Sven Luther ] * Removed spurious file from powerpc-apus patch. (Closes: #346159) [ Norbert Tretkowski ] * Backport the generic irq framework for alpha. (closes: #339080) [ Bastian Blank ] * Remove pre-sarge conflict with hotplug. * Fix hppa diff to apply. * Make the latest packages depend on the corect version of the real images. (closes: #346366) -- Bastian Blank Tue, 10 Jan 2006 16:54:21 +0100 linux-2.6 (2.6.15-1) unstable; urgency=low [ Sven Luther ] * New upstream release. * [powerpc] Now use ARCH=powerpc for 64bit powerpc flavours, 32bit still stays with ARCH=ppc for now. * [powerpc] Readded PReP Motorola PowerStack II Utah IDE interrupt (Closes: #345424) * [powerpc] Fixed apus patch. * Added make-kpkg --arch option support to gencontrol.py. * Added debian/bin/kconfig.ml to process config file snipplet, so we can preserve the pre 2.6.15 ordering of config file snipplets. Upto 2.6.15 the kernel Kconfig magic apparently kept the later occuring config options, but it seems that this is no more the case. Instead of catting the config files together, not use the kconfig.ml script to read in the files from more generic to more specific, and keep only the more specific. [ Bastian Blank ] * [s390] Update configs. [ Kyle McMartin ] * [hppa] Snag latest hppa.diff from cvs.parisc-linux.org. * [hppa] Update configs for 2.6.15. * [hppa] Change parisc kernel names to something less ambiguous. [ dann frazier ] * [ia64] Update ia64 configs [ maximilian attems ] * Drop modular-ide.patch, nacked by ide upstream. Prevents udev to load ide-generic and those successfull boots with initramfs-tools. * Disable CONFIG_USB_BANDWIDTH, causes major trouble for alsa usb cards. [ Norbert Tretkowski ] * [alpha] Removed conflict with initramfs-tools, thanks vorlon for finding the klibc bug! [ Jonas Smedegaard ] * Adjust short description of transitional package kernel-image-2.6- 486 to mention 2.6 (not 2.6.12). * Clean duplicate Kconfig options. [ Frederik Schüler ] * Add updated version of drivers-scsi-megaraid_splitup.patch. * Deactivate CONFIG_IDE_TASK_IOCTL on alpha and ia64 and make it a global option. * Make CONFIG_VIDEO_SAA7134 a global option. * New option CONFIG_CC_OPTIMIZE_FOR_SIZE set per-arch. * Rename i386 368 flavour to 486. * Add myself to uploaders. * Readdition of qla2xxx drivers, as firmware license has been fixed. * Make CONFIG_PACKET, PACKET_MM and UNIX builtin on all architectures: statically linked has better performance then modules due to TLB issue. * clean up debian-patches dir: remove all obsolete patches: - alpha-compile-fix.patch: obsolete - amd64-int3-fix.patch: fixed since 2.6.12 - net-ipconntrack-nat-fix.patch: merged upstream after 2.6.14 release - net-nf_queue-oops.patch: merged upstream after 2.6.14 release - qla2xxx-removed.patch: obsolete * Drop M386 support remains from the i386 386 flavour: built with M486 from now on. [ Martin Michlmayr ] * [arm] Don't define "compiler" since GCC 4.x is the default now anyway. * [arm] Add descriptions for "class" and "longclass". * [arm] Compile CONFIG_BLK_DEV_SL82C105 support into the kernel on Footbridge. * [arm] Compile ext3 support into the kernel on Footbridge. * [arm] Turn on CONFIG_SERIAL_8250 support on Footbridge. [ Jurij Smakov ] * [sparc] Correct the patch for the atyfb framebuffer driver (sparc64-atyfb-xl-gr.patch) to finally fix the console and X image defects on Blade 100/150. The new patch is named sparc64-atyfb-xl-gr-final.patch to avoid the confusion. Thanks to Luis F. Ortiz for fixing the patch and Luigi Gangitano for testing it out. * Drop tty-locking-fixes9.patch, which was preventing the oops during shutdown on some sparc machines with serial console. Proper fix has been incorporated upstream. [ Simon Horman ] * Enable MKISS globally (closes: #340215) * Add recommends libc6-i686 to 686 and k7 image packages (closes: #278729) * Enable OBSOLETE_OSS_USB_DRIVER and USB_AUDIO as alsa snd-usb-audio still isn't quite there. I expect this to be re-disabled at some stage, possibly soon if it proves to be a source of bugs. (closes: #340388) -- Sven Luther Tue, 3 Jan 2006 06:48:07 +0000 linux-2.6 (2.6.14-7) unstable; urgency=low [ maximilian attems ] * Add stable tree 2.6.14.5 fixes: - setting ACLs on readonly mounted NFS filesystems (CVE-2005-3623) - Fix bridge-nf ipv6 length check - Perform SA switchover immediately. - Input: fix an OOPS in HID driver - Fix hardware checksum modification - kernel/params.c: fix sysfs access with CONFIG_MODULES=n - Fix RTNLGRP definitions in rtnetlink.h - Fix CTA_PROTO_NUM attribute size in ctnetlink - Fix unbalanced read_unlock_bh in ctnetlink - Fix NAT init order - Fix incorrect dependency for IP6_NF_TARGET_NFQUEUE - dpt_i2o fix for deadlock condition - SCSI: fix transfer direction in sd (kernel panic when ejecting iPod) - SCSI: fix transfer direction in scsi_lib and st - Fix hardware rx csum errors - Fix route lifetime. - apci: fix NULL deref in video/lcd/brightness * Disable CONFIG_USB_BANDWIDTH, causes major trouble on alsa usb cards. (Closes: #344939) -- maximilian attems Tue, 27 Dec 2005 20:50:28 +0100 linux-2.6 (2.6.14-6) unstable; urgency=low [ Kyle McMartin ] * Change parisc kernel names to something less ambiguous. [ maximilian attems ] * Drop modular-ide.patch, nacked by ide upstream. Prevents udev to load ide-generic and those successfull boots with initramfs-tools. * Add stable tree 2.6.14.4 with the following fixes: - drivers/scsi/dpt_i2o.c: fix a user-after-free - drivers/message/i2o/pci.c: fix a use-after-free - drivers/infiniband/core/mad.c: fix a use-after-free - DVB: BUDGET CI card depends on STV0297 demodulator - setkeys needs root - Fix listxattr() for generic security attributes - AGPGART: Fix serverworks TLB flush. - Fix crash when ptrace poking hugepage areas - I8K: fix /proc reporting of blank service tags - i82365: release all resources if no devices are found - bonding: fix feature consolidation - libata: locking rewrite (== fix) - cciss: bug fix for BIG_PASS_THRU - ALSA: nm256: reset workaround for Latitude CSx - cciss: bug fix for hpacucli - V4L/DVB: Fix analog NTSC for Thomson DTT 761X hybrid tuner - BRIDGE: recompute features when adding a new device - 32bit integer overflow in invalidate_inode_pages2() - USB: Adapt microtek driver to new scsi features - ide-floppy: software eject not working with LS-120 drive - Add try_to_freeze to kauditd - V4L/DVB (3135) Fix tuner init for Pinnacle PCTV Stereo - NETLINK: Fix processing of fib_lookup netlink messages - ACPI: fix HP nx8220 boot hang regression [ Norbert Tretkowski ] * [alpha] Removed conflict with initramfs-tools, thanks vorlon for finding the klibc bug! [ Frederik Schüler ] * Add updated drivers-scsi-megaraid_splitup.patch. (Closes: #317258) * Add ppc64-thermal-overtemp.patch to fix a thermal control bug in G5 machines. (Closes: #343980) * Unpatch the following patches which are included in 2.6.14.4: - setkeys-needs-root-1.patch - setkeys-needs-root-2.patch - mm-invalidate_inode_pages2-overflow.patch - net-bonding-consolidation-fix.patch -- Frederik Schüler Tue, 20 Dec 2005 18:50:41 +0000 linux-2.6 (2.6.14-5) unstable; urgency=low [ dann frazier ] * ia64-new-assembler-fix.patch Fix ia64 builds with newer assembler (Closes: #341257) [ Sven Luther ] * [powerpc] incremented ramdisk size to 24576 from 8192, needed by the graphical installer, maybe we can bring this to 16384 later. [ Simon Horman ] * Add recommends libc6-i686 to 686 and k7 image packages (closes: #278729) * Enable OBSOLETE_OSS_USB_DRIVER and USB_AUDIO as alsa snd-usb-audio still isn't quite there. I expect this to be re-disabled at some stage, possibly soon if it proves to be a source of bugs. (closes: #340388) [ dann frazier ] * buslogic-pci-id-table.patch add a pci device id table to fix initramfs-tools discovery. (closes #342057) * fix feature consolidation in bonding driver. (closes #340068) -- dann frazier Thu, 8 Dec 2005 10:59:31 -0700 linux-2.6 (2.6.14-4) unstable; urgency=low [ dann frazier ] * setkeys-needs-root-1.patch, setkeys-needs-root-2.patch: [SECURITY] Require root privilege to write the current function key string entry of other user's terminals. See CVE-2005-3257 (Closes: #334113) [ Simon Horman ] * Enable MKISS globally (closes: #340215) * mm-invalidate_inode_pages2-overflow.patch [SECURITY] 32bit integer overflow in invalidate_inode_pages2() (local DoS) * ctnetlink-check-if-protoinfo-is-present.patch [SECURITY] ctnetlink: check if protoinfo is present (local DoS) * ctnetlink-fix-oops-when-no-icmp-id-info-in-message.patch [SECURITY] ctnetlink: Fix oops when no ICMP ID info in message (local DoS) [ Sven Luther ] * Re-added powerpc/apus patch, now that Roman Zippel merged it in. * Let's create asm-(ppc|ppc64) -> asm-powerpc symlink farm. (Closes: #340571) [ maximilian attems ] * Add 2.6.14.3 patch - features changelog: - isdn/hardware/eicon/os_4bri.c: correct the xdiLoadFile() signature - x86_64/i386: Compute correct MTRR mask on early Noconas - PPTP helper: Fix endianness bug in GRE key / CallID NAT - nf_queue: Fix Ooops when no queue handler registered - ctnetlink: check if protoinfo is present - ip_conntrack: fix ftp/irc/tftp helpers on ports >= 32768 - VFS: Fix memory leak with file leases - hwmon: Fix lm78 VID conversion - hwmon: Fix missing it87 fan div init - ppc64 memory model depends on NUMA - Generic HDLC WAN drivers - disable netif_carrier_off() - ctnetlink: Fix oops when no ICMP ID info in message - Don't auto-reap traced children - packet writing oops fix - PPTP helper: fix PNS-PAC expectation call id - NAT: Fix module refcount dropping too far - Fix soft lockup with ALSA rtc-timer - Fix calculation of AH length during filling ancillary data. - ip_conntrack TCP: Accept SYN+PUSH like SYN - refcount leak of proto when ctnetlink dumping tuple - Fix memory management error during setting up new advapi sockopts. - Fix sending extension headers before and including routing header. - hwmon: Fix missing boundary check when setting W83627THF in0 limits * Remove ctnetlink-check-if-protoinfo-is-present.patch, net-nf_queue-oops.patch - already included in 2.6.14.3. [ Frederik Schüler ] * Make CONFIG_PACKET, PACKET_MM and UNIX builtin on all architectures: statically linked has better performance then modules due to TLB issue. * Add myself to uploaders. -- Frederik Schüler Sat, 26 Nov 2005 13:18:41 +0100 linux-2.6 (2.6.14-3) unstable; urgency=low [ Norbert Tretkowski ] * [alpha] Switch to gcc 4.0. * [alpha] Conflict with initramfs-tools, klibc is broken on alpha. * [alpha] Enabled CONFIG_KOBJECT_UEVENT in arch/alphaconfig to fix trouble with latest udev, thanks to Uwe Schindler for reporting. (closes: #338911) * Bumped ABI revision: + ABI changes on sparc and alpha because of compiler switch. + 2.6.14.1 changes ABI of procfs. [ Sven Luther ] * Set default TCP congestion algorithm to NewReno + BIC (Closes: #337089) [ maximilian attems ] * Reenable CONFIG_SOFTWARE_SUSPEND on i386 and ppc, resume=/dev/ must be set by boot loader. (Closes: #267600) * Set CONFIG_USB_SUSPEND on i386. Usefull for suspend to ram and apm suspend. * Add 2.6.14.1 patch: - Al Viro: CVE-2005-2709 sysctl unregistration oops * Add 2.6.14.2 patch: - airo.c/airo_cs.c: correct prototypes - fix XFS_QUOTA for modular XFS (closes: #337072) - USB: always export interface information for modalias - NET: Fix zero-size datagram reception - fix alpha breakage - Oops on suspend after on-the-fly switch to anticipatory i/o scheduler - ipvs: fix connection leak if expire_nodest_conn=1 - Fix ptrace self-attach rule - fix signal->live leak in copy_process() - fix de_thread() vs send_group_sigqueue() race - prism54 : Fix frame length - tcp: BIC max increment too large * Remove alpha compile fix as contained in 2.6.14.2 * Readd CONFIG_XFS_QUOTA=y. * Disable ACPI cutoff year on i386, was set to 2001. No need for acpi=force on boot. [ Jurij Smakov ] * Fix the install-image script to correctly include all the necessary stuff in scripts. (Closes: #336424) * Enable CONFIG_SND_ALI5451 on sparc. * Switch sparc to gcc-4.0. Thanks to Norbert for making sure it successfully builds a working kernel now. * Apply patch to fix ATI framebuffer output corruption on SunBlade 100 (sparc64-atyfb-xl-gr.patch). Thanks to Luigi Gangitano. (Closes: #321200) * Disable CONFIG_PARPORT_PC_FIFO on sparc, since it causes a hang whenever something is sent to the parallel port device. Thanks to Attilla (boera at rdslink.ro) for pointing that out. [ Simon Horman ] * [386, AMD64] Set CONFIG_FRAMEBUFFER_CONSOLE=y instead of m. As vesadb now built into the kernel, after finally dropping the debian-specific patch to make it modular, make fbcons builtin too, else all sorts of weird stuff happens which is hard for the inird builders to automatically compenste for. (Closes: #336450) * Redisable CONFIG_SOFTWARE_SUSPEND on ppc/miboot as it required CONFIG_PM to compile. * [NETFILTER] nf_queue: Fix Ooops when no queue handler registered This is a regression introduced in 2.6.14. net-nf_queue-oops.patch. (Closes: #337713) * Make manuals with defconfig, as is required for kernel-package 10.008 [ dann frazier ] * net-ipconntrack-nat-fix.patch - fix compilation of ip_conntrack_helper_pptp.c when NAT is disabled. (Closes: #336431) [ Christian T. Steigies ] * update m68k.diff to 2.6.14 * add m68k-*vme* patches * disable macsonic driver until the dma patch is fixed * disable IEEE80211 drivers for all of m68k [ Frederik Schüler ] * activate CONFIG_SECURITY_NETWORK to fix SElinux operation. (Closes: #338543) -- Norbert Tretkowski Mon, 14 Nov 2005 10:23:05 +0100 linux-2.6 (2.6.14-2) unstable; urgency=low [ Simon Horman ] * [SECURITY] Avoid 'names_cache' memory leak with CONFIG_AUDITSYSCALL This fix, included as part of the 2.6.13.4 patch in 2.6.13+2.6.14-rc4-0experimental.1 is CVE-2005-3181 * Fix genearation of .extraversion, again (closes: #333842) * Add missing kernel-arch and kernel-header-dirs to defines so headers get included. (closes: #336521) N.B: I only filled in arches where other's hadn't done so alread. Please fix if its wrong. * Allow powerpc64 to compile with AUDIT enabled but AUDITSYSCALL disabled. powerpc64-audit_sysctl-build.patch [ dann frazier ] * Update hppa.diff to 2.6.14-pa0 [ Norbert Tretkowski ] * [alpha] New patch to include compiler.h in barrier.h, barrier() is used in non-SMP case. * [alpha] Added kernel-header-dirs and kernel-arch to debian/arch/alpha/defines to include asm-alpha in linux-headers package. * Added myself to Uploaders. [ Frederik Schüler ] * [amd64] use DISCONTIGMEM instead of SPARSEMEM on amd64-k8-smp flavour to fix bootup kernel panic. * [amd64] include asm-x86_64 in linux-headers package. * Deactivate AUDITSYSCALL globally, it slows down the kernel and is not needed for selinux at all. -- Simon Horman Tue, 1 Nov 2005 15:27:40 +0900 linux-2.6 (2.6.14-1) unstable; urgency=low [ Sven Luther ] * New upstream release. [ Norbert Tretkowski ] * [alpha] Update arch/alpha/config* for 2.6.14. [ Simon Horman ] * Fix misformatting of long description of linux-patch-debian-linux-patch-debian-X.Y.Z. templates/control.main.in (closes: #335088) * Make sure version is seeded in apply and unapply scripts. Actually changed in some earlier, post 2.6.12, release, but the changelog seems to be missing. (closes: #324583) [ dann frazier ] * [ia64] Disable the CONFIG_IA64_SGI_SN_XP module. This forces CONFIG_GENERIC_ALLOCATOR and CONFIG_IA64_UNCACHED_ALLOCATOR to y, which appears to break on zx1 systems. -- Simon Horman Fri, 28 Oct 2005 16:26:03 +0900 linux-2.6 (2.6.13+2.6.14-rc5-0experimental.1) experimental; urgency=low [ Sven Luther ] * Upgraded to 2.6.14-rc5. [ Jonas Smedegaard ] * Quote variables in debian/rules.real and postinstall (making it safer to run with weird characters in path of build environment). [ Bastian Blank ] * Add some missing files from scripts to headers packages. * Add new patch powerpc-build-links.patch: Emit relative symlinks in arch/ppc{,64}/include. * Include arch/*/include into headers package. -- Sven Luther Tue, 25 Oct 2005 03:56:11 +0000 linux-2.6 (2.6.13+2.6.14-rc4-0experimental.1) experimental; urgency=low [ Sven Luther ] * Upgraded to 2.6.14-rc4. [ Simon Horman ] * Fix genearation of .extraversion (closes: #333842) [ dann frazier ] * Enhance the linux-source description to explain the types of patches Debian adds to it. (closes: #258043) * Correct linux-patch-debian description. It replaces the kernel-patch-debian packages, not the kernel-source packages. [ Jonas Smedegaard ] * Fix building from within a very long dir (all patches was applied at once - exhausting shell commandline, now applied one by one). * Add Simon Horman, Sven Luther and myself as Uploaders. [ Bastian Blank ] * Use list of revisions in patch scripts. * Use correct names for tarball and scripts. [ Jurij Smakov ] * [i386] Set the CONFIG_HPET_EMULATE_RTC option to make the clock work properly on certain Dell machines. This required setting the CONFIG_RTC option to 'y' instead of 'm'. (closes: #309909) [i386] Enable VIDEO_CX88 and VIDEO_CX88_DVB (both set to 'm') by popular demand. (closes: #330916) [ Norbert Tretkowski ] * [alpha] Update arch/alpha/config for 2.6.13. [ Kyle McMartin ] * [hppa] Oops. Fix linux-headers not including asm-parisc by adding headers_dirs = parisc to Makefile.inc. [ maximilian attems ] * Set CONFIG_FB_VESA=y for i386 and amd64 configs. (closes: #333003) [ Sven Luther ] * [powerpc] Fixed apus build, now use mkvmlinuz too to generate the vmlinuz kernel. * Fixed control.image.in to depend on : initramfs-tools | yaird | linux-ramdisk-tool where linux-ramdisk-tools is the virtual package provided by all initrd/initramfs generating tools. [ Frederik Schüler ] * deactivate FB_RIVA on all architectures. * deactivate BLK_DEV_IDESCSI on all architectures. * Added patch-2.6.13.4: - [SECURITY] key: plug request_key_auth memleak See CAN-2005-3119 - [SECURITY] Fix drm 'debug' sysfs permissions See CAN-2005-3179 - [SECURITY] Avoid 'names_cache' memory leak with CONFIG_AUDITSYSCALL - [SPARC64] Fix userland FPU state corruption. - BIC coding bug in Linux 2.6.13 - [SECURITY] orinoco: Information leakage due to incorrect padding See CAN-2005-3180 - ieee1394/sbp2: fixes for hot-unplug and module unloading [ Christian T. Steigies ] * disable CONFIG_EXT2_FS_XIP for m68k like on all(?) other arches * deactivate OKTAGON_SCSI for amiga/m68k until it can be compiled again * deactivate CONFIG_KEYBOARD_HIL_OLD, CONFIG_KEYBOARD_HIL, CONFIG_MOUSE_HIL, CONFIG_HIL_MLC, and CONFIG_HP_SDC for hp/m68k * update m68k.diff for 2.6.13 * split out patches that do not intefere with other arches to patches-debian/m68k-* -- Bastian Blank Fri, 21 Oct 2005 12:17:47 +0000 linux-2.6 (2.6.13-1) experimental; urgency=low * New upstream release "git booost": - new arch xtensa - kexec/kdump - execute-in-place - inotify (closes: #304387) - time-sharing cfq I/O scheduler - manual driver binding - voluntary preemption - user-space I/O initiation for InfiniBand - new speedy DES (crypto) implementation - uml "almost-skas" mode support - 250 HZ default (closes: #320366) - fixes all over (alsa, archs, ide, input, ntfs, scsi, swsusp, usb, ..) - orinoco driver updates (closes: #291684) - md, dm updates (closes: #317787) [ Frederik Schüler ] * [amd64] Added class and longclass descriptions for amd64 flavours. * [amd64] add amd64-tlb-flush-sigsegv-fix.patch: disable tlb flush filtering on smp systems to workaround processor errata. * backport kernel-api-documentation-generation-fix.diff from git to fix documentation build. * Added patch-2.6.13.1: - raw_sendmsg DoS (CAN-2005-2492) - 32bit sendmsg() flaw (CAN-2005-2490) - Reassembly trim not clearing CHECKSUM_HW - Use SA_SHIRQ in sparc specific code. - Fix boundary check in standard multi-block cipher processors - 2.6.13 breaks libpcap (and tcpdump) - x86: pci_assign_unassigned_resources() update - Fix PCI ROM mapping - aacraid: 2.6.13 aacraid bad BUG_ON fix - Kconfig: saa7134-dvb must select tda1004x [ Simon Horman ] * Disable BSDv3 accounting on hppa and alpha, it was already disabled on all other architectures. Also unify BSD accounting config into top level config, rather than per flavour configs. * [SECURITY] The seq_file memory leak fix included in 2.6.12-6 as part of upstream's 2.6.12.6 patchset is now CAN-2005-2800. [ Jurij Smakov, Simon Horman ] * Ensure that only one kernel-manual/linux-manual package can be installed at a time to avoid file conflicts. (closes: #320042) [ Bastian Blank ] * Move audit, preempt and security settings to core config file. * Fix powerpc configuration. * Add debian version information to kernel version string. * Drop coreutils | fileutils dependencies. * Drop modular-vesafb patch. (closes: #222374, #289810) [ Christian T. Steigies ] * update m68k.diff for linux-2.6.13 * add m68k-42_dma.patch and m68k-sonic.patch that will be in upstream 2.6.14 (which makes sun3 build fail, needs fixing) [ maximilian attems ] * Drop drivers-add-scsi_changer.patch (merged) * Drop drivers-ide-dma-blacklist-toshiba.patch (merged) * Drop drivers-ide-__devinit.patch (merged) * Added patch-2.6.13.2: - USB: ftdi_sio: custom baud rate fix - Fix up more strange byte writes to the PCI_ROM_ADDRESS config word - Fix MPOL_F_VERIFY - jfs: jfs_delete_inode must call clear_inode - Fix DHCP + MASQUERADE problem - Sun HME: enable and map PCI ROM properly - Sun GEM ethernet: enable and map PCI ROM properly - hpt366: write the full 4 bytes of ROM address, not just low 1 byte - forcedeth: Initialize link settings in every nv_open() - Lost sockfd_put() in routing_ioctl() - lost fput in 32bit ioctl on x86-64 * Added patch-2.6.13.3: - Fix fs/exec.c:788 (de_thread()) BUG_ON - Don't over-clamp window in tcp_clamp_window() - fix IPv6 per-socket multicast filtering in exact-match case - yenta oops fix - ipvs: ip_vs_ftp breaks connections using persistence - uml - Fix x86_64 page leak - skge: set mac address oops with bonding - tcp: set default congestion control correctly for incoming connections [ Sven Luther ] * [powerpc] Added hotplug support to the mv643xx_eth driver : powerpc-mv643xx-hotplug-support.patch thanks go to Nicolas Det for providing the patch. * [powerpc] Modified a couple of configuration options for the powerpc64 flavour, fixes and enhances Apple G5 support (Closes: #323724, #328324) * [powerpc] Added powerpc-miboot flavour to use exclusively with oldworld powermac miboot floppies for debian-installer. * [powerpc] Checked upgraded version of the apus patches, separated them in a part which is safe to apply, and one which needs checking, and is thus not applied yet. [ Kyle McMartin ] * [hppa] Update hppa.diff to 2.6.13-pa4. * [hppa] Add space register fix to pacache.S to hppa.diff. [ dann frazier ] * Add a note to README.Debian that explains where users can find the .config files used to generate the linux-image packages. Closes: #316809 * [ia64] Workaround #325070 until upstream works out an acceptable solution. This bug breaks module loading on non-SMP ia64 kernels. The workaround is to temporarily use an SMP config for the non-SMP kernels. (Note that John Wright is running benchmarks to determine the overhead of running an SMP kernel on UP systems to help decide if this should be a permanent change). * [ia64] Update arch/ia64/config for 2.6.13 -- Simon Horman Thu, 6 Oct 2005 15:45:21 +0900 linux-2.6 (2.6.12-6) unstable; urgency=high [ Andres Salomon, Bastian Blank ] * Change ATM and Classical-IP-over-ATM to be modular, instead of being statically included. (closes: #323143) [ Sven Luther ] * [powerpc] powerpc-pmac-sound-check.patch: Added pmac-sound sanity check. * [powerpc] powerpc-apus.patch: Added preliminary apus patch to package, not applied to kernel tree yet. [ Simon Horman ] * Unset CC_OPTIMIZE_FOR_SIZE in i386 config, it breaks iproute's (and other netlink users) ability to set routes. (closes: #322723) * Added 2.6.12.6 - [SECURITY: CAN-2005-2555] Restrict socket policy loading to CAP_NET_ADMIN. - [SECURITY] Fix DST leak in icmp_push_reply(). Possible remote DoS? - [SECURITY] NPTL signal delivery deadlock fix; possible local DoS. - fix gl_skb/skb type error in genelink driver in usbnet - [SECURITY] fix a memory leak in devices seq_file implementation; local DoS. - [SECURITY] Fix SKB leak in ip6_input_finish(); local DoS. [ Andres Salomon ] * [hppa] enable discontiguous memory support for 32bit hppa images, so they build. -- Andres Salomon Tue, 06 Sep 2005 10:14:35 -0400 linux-2.6 (2.6.12-5) unstable; urgency=low * Change ARM to use GCC 3.3 to avoid FTBFS errors with GCC 4 (dann frazier) * Remove spurious double quote character from ia64 package descriptions. (dann frazier) * Add transitional meta packages (kernel-image-2.6-*) for ia64. (dann frazier) * Change fuzz factor to 1, stricter patch appliance. (Maximilian Attems) * Enabled CONFIG_THERM_PM72 on powerpc64 flavour. (Sven Luther) -- Bastian Blank Tue, 16 Aug 2005 21:43:31 +0200 linux-2.6 (2.6.12-4) unstable; urgency=low * Supply correct subarch values for the powerpc images. -- Bastian Blank Mon, 15 Aug 2005 21:06:18 +0200 linux-2.6 (2.6.12-3) unstable; urgency=low * Added reference to old kernel-* package names to make transition a little more obvious to end users. A Dan Jacobson special. (Simon Horman) Closes: #321167 * By the time this makes it into the archive, it will be handling kernel-image-2.6-* packages. (Simon Horman) Closes: #321867 * Link palinfo statically on ia64. (dann frazier) (Closes: #321885) * [hppa] : - Add hppa arch specific patch. - Build-Depend on binutils-hppa64 and gcc-4.0-hppa64. (Kyle McMartin) * Fix permissions in source tarball. (Bastian Blank) (Closes: #322409) * Enable the CONFIG_IP_ADVANCED_ROUTER and related options on sparc64 to sync with other architectures. (Jurij Smakov) Closes: #321236 * Include all executables as well as *.sh and *.pl files found in scripts directory in the headers package. (Bastian Blank) Closes: #322612, #322680, #322765 * Include m68k headers into the arch-common headers package on powerpc and make sure that all the directories are linked to properly from the flavour-specific headers packages. (Jurij Smakov) Closes: #322610 * [powerpc] Enabled the powerpc64 flavour, now that we have a real biarch toolchain in sid. Many thanks go to GOTO Masanori and Matthias Klose as well as any other who worked on the biarch toolchain to make this happen. * Added 2.6.12.5 (Simon Horman) - Fix BUG() is triggered by a call to set_mempolicy() with a negativ first argument. - [amd64] Fix a SRAT handling on systems with dual cores. - [amd64] SMP timing problem - [security] Zlib fixes See CAN-2005-2458, CAN-2005-2459 http://sources.redhat.com/ml/bug-gnu-utils/1999-06/msg00183.html http://bugs.gentoo.org/show_bug.cgi - Add zlib deflateBound() - [security] Fix error during session join. See CAN-2005-2098 - [security] Fix keyring destructor. See CAN-2005-2099 - Module per-cpu alignment cannot always be met http://www.ussg.iu.edu/hypermail/linux/kernel/0409.0/0768.html Closes: #323039 -- Bastian Blank Mon, 15 Aug 2005 16:42:05 +0200 linux-2.6 (2.6.12-2) unstable; urgency=low * The Kernel Team offers its condolences to the family of Jens Schmalzing (jensen@debian), who died Saturday, July 30, 2005 in a tragic accident in Munich. Jens was a member of the Kernel Team, and was instrumental in taking the powerpc kernel package to 2.6, as well as maintaining MOL and its kernel modules. * Add @longclass@ variable to control file autogeneration. (Andres Salomon) * Bump build-depends on kernel-package to a fixed version (>= 9.005). (Jurij Smakov, Sven Luther) (closes: #319657, #320422, #321625) * Change default ramdisk size for sparc to 16,384K to accomodate a fatter d-i initrd for netboot installs. (Joshua Kwan) * Don't build-depend on console-tools on s390. (Bastian Blank) * Add ARM support. (Vincent Sanders) * Add ia64 descriptions. (dann frazier) * Strip down the scripts dir in the headers packages. (Bastian Blank) * Add m68k support. (Christian T. Steigies) * Added 2.6.12.4 (Frederik Schüler) - Fix powernow oops on dual-core athlon - Fix early vlan adding leads to not functional device - sys_get_thread_area does not clear the returned argument - bio_clone fix - Fix possible overflow of sock->sk_policy (CAN-2005-2456) (closes: #321401) - Wait until all references to ip_conntrack_untracked are dropped on unload - Fix potential memory corruption in NAT code (aka memory NAT) - Fix deadlock in ip6_queue - Fix signedness issues in net/core/filter.c - x86_64 memleak from malicious 32bit elf program - rocket.c: Fix ldisc ref count handling - kbuild: build TAGS problem with O= * Enable CONFIG_6PACK=m for all archs (Andres Salomon) (closes: #319646) * Overhaul the generation of the control file. Now it is handled by debian/bin/gencontrol.py. The debian/control target in rules also fails now, since we don't want the control file generated during build. Arch-specific Depends and suggests are now generated correctly. (Bastian Blank) (Closes: #319896) * [powerpc] Fixed typo which made asm-ppc and asm-ppc64 not being included in the header package. (Sven Luther) (Closes: #320817) * Added list of flavours built to common header package. (Sven Luther) -- Bastian Blank Tue, 09 Aug 2005 11:12:40 +0200 linux-2.6 (2.6.12-1) unstable; urgency=low * New upstream release: - "git rocks" - address space randomization - conversion of ide driver code to the device model - restored Philips webcam driver - new Broadcom bcm5706 gigabit driver - new resource limits for the audio community - Multipath device mapper - Intel HD Audio alsa driver - fixes + arch updates.. - readdition of tg3 driver, as firmware license has been fixed * Dropped the following patches: - patch-2.6.11.*.patch (merged) - powerpc-ppc64-ibmvscsi.patch (Christoph didn't like it, and it failed to build anyways) (Sven Luther) - doc-post_halloween.patch (unless someone can come up w/ a valid reason for carrying around rapidly bitrotting documentation...) (Andres Salomon) - sparc32-hypersparc-srmmu.patch (dropped until sparc32 is working again, and we can figure out whether it's necessary) - fix-alpha-ext3-oops.patch (no longer needed, fixed by compiler) - x86-i486_emu.patch (buggy and insecure 80486 instruction emulation for 80386; we're no longer supporting this) (closes: #250468) - amd64-outs.patch (according to http://www.ussg.iu.edu/hypermail/linux/kernel/0502.3/1095.html, this is unnecessary for us) (Andres Salomon) - sparc64-rtc-mostek.patch (merged) - sparc64-compat-nanoseconds.patch (merged) - sparc64-sunsu-init-2.6.11.patch (merged) - sunsab-uart-update-timeout.patch (merged) - alpha-read-trylock.patch (different version got merged) - powerpc-prep-motorola-irq-fix.patch (merged) - drivers-media-video-saa7134-update.patch (merged) - drivers-media-video-saa7134-update-2.patch (merged) - drivers-media-video-pll-lib.patch (merged) - drivers-media-video-pll-lib-2.patch (merged) - drivers-media-video-tuner-update-1.patch (merged) - drivers-media-video-tuner-update-2.patch (merged) - drivers-media-video-v4l-mpeg-support.patch (merged) - drivers-media-video-mt352-update.patch (merged) - arch-ppc64-hugepage-aio-panic.patch (merged) - drivers-input-serio-nmouse.patch (merged) - sparc64-sb1500-clock-2.6.patch (merged) - docbook-allow-preprocessor-directives-... (merged) - docbook-fix-function-parameter-descriptin-in-fbmem.patch (merged) - docbook-move-kernel-doc-comment-next-to-function.patch (merged) - powerpc-therm-adt746x-new-i2c-fix.patch (merged) - powerpc-mv643xx-enet.patch (merged) - powerpc-mv643xx-eth-pegasos.patch (merged) - powerpc-pmac-agp-sleep.patch (merged) - drivers-input-serio-8042-resume.patch (merged) * Premiere of the common-source kernel package (Jurij Smakov, Andres Salomon) - build all architectures out of kernel source package - rename source and binary packages - create a common config for different architectures, and management tools to allow for easier modification of config options - drop default configs, autogenerate them instead; requires kernel-package >= 9.002. * Add 2.6.12.1 (Maximilian Attems) - Clean up subthread exec (CAN-2005-1913) - ia64 ptrace + sigrestore_context (CAN-2005-1761) * Add 2.6.12.2 (Frederik Schüler) - Fix two socket hashing bugs. - ACPI: Make sure we call acpi_register_gsi() even for default PCI interrupt assignment - Add "memory" clobbers to the x86 inline asm of strncmp and friends - e1000: fix spinlock bug - fix remap_pte_range BUG - Fix typo in drivers/pci/pci-driver.c * Add 2.6.12.3 (Joshua Kwan) - Fix semaphore handling in __unregister_chrdev - Fix TT mode in UML. - Check for a null return in tty_ldisc_ref. - v4l: cx88 hue offset fix - Fix 8139cp breakage that occurs with tpm driver. - Fix the 6pack driver in SMP environments. - Switch to spinlocks in the shaper driver. - ppc32: stop misusing NTP's time_offset value - netfilter: go back to dropping conntrack references manually - ACPI: don't accept 0 as a PCI IRQ. * Enable CONFIG_SCSI_INITIO. (Maximilian Attems) (closes: #318121) * [powerpc] : - Added powerpc-mkvmlinuz-support patch which allows, together with kernel-package 9.0002 to add mkvmlinuz support to hand built packages. - Removed powerpc-ppc64-ibmvscsi.patch, FTBFS, and Christoph doesn't like it and thinks it is not needed. - Disabled swim3 on powerpc-smp, FTBFS. - Disabled software-suspend on powerpc-smp, FTBFS, amd64/i386 only smp code. - Rediffed and readded the G4 L2 hardware flush assist patch from Jacob Pan. (Sven Luther) * [sparc] - Drop sparc32 flavour for now. sparc32 kernel is currently in the category "too buggy for us to support". In spite of numerous efforts I still see occasional random filesystem corruptions in my tests. That does NOT mean that we are dropping sparc32 support, we will work with upstream trying to solve these problems for the next kernel release. Those interested in helping/testing are encouraged to subscribe to debian-sparc mailing list. (Jurij Smakov) * [alpha] - Renamed resulting binary packages for alpha, kernel-image-x.y.z-generic wasn't a generic kernel, it was a generic kernel for alpha machines, so we're now using linux-image-x.y.z-alpha-generic (and of course, the same change for the smp kernel-image). This change was postponed after the sarge release. (closes: #260003) (Norbert Tretkowski) * [amd64] - Now using the default compiler (gcc-4.0), thus we get rid of the annoying MAKEFLAGS="CC=gcc-3.4" make-kpkg... invocation for third-party modules. This release lacks 64bit kernels for i386 userland; support will be added in a later release as soon as the toolchain has stabilized again. (Frederik Schüler) -- Andres Salomon Wed, 20 Jul 2005 17:16:04 -0400