Since 3.2.39-2 went into testing, it's about time for another upload. There are many important bug fixes pending (still more bugs to fix, though; in particular some more DRM regressions showed up).
I'm intending to release 3.2.41 in a few minutes, and will try to
integrate this with the wheezy branch after that.
Current pending changes:
* New upstream stable update:
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.40
- ext4: return ENOMEM if sb_getblk() fails
- ext4: fix possible use-after-free with AIO
- s390/kvm: Fix store status for ACRS/FPRS
- staging: comedi: disallow COMEDI_DEVCONFIG on non-board minors
- ext4: fix race in ext4_mb_add_n_trim()
- UBIFS: fix double free of ubifs_orphan objects
- hrtimer: Prevent hrtimer_enqueue_reprogram race
- nfsd: Fix memleak
- x86: Do not leak kernel page mapping locations
- USB: usb-storage: unusual_devs update for Super TOP SATA bridge
- posix-cpu-timers: Fix nanosleep task_struct leak
- NFSv4.1: Don't decode skipped layoutgets
- cgroup: fix exit() vs rmdir() race
- cpuset: fix cpuset_print_task_mems_allowed() vs rename() race
- ext4: fix xattr block allocation/release with bigalloc
- mm: fix pageblock bitmap allocation
- target: Add missing mapped_lun bounds checking during make_mappedlun
setup
- b43: Increase number of RX DMA slots
- posix-timer: Don't call idr_find() with out-of-range ID
- fs: Fix possible use-after-free with AIO
- powerpc/kexec: Disable hard IRQ before kexec
- mmu_notifier_unregister NULL Pointer deref and multiple ->release()
callouts
- tmpfs: fix use-after-free of mempolicy object (CVE-2013-1767)
- ocfs2: fix possible use-after-free with AIO
- ocfs2: fix ocfs2_init_security_and_acl() to initialize acl correctly
- ocfs2: ac->ac_allow_chain_relink=0 won't disable group relink
- idr: fix a subtle bug in idr_get_next()
- idr: make idr_get_next() good for rcu_read_lock()
- idr: fix top layer handling
- sysctl: fix null checking in bin_dn_node_address()
- nbd: fsync and kill block device on shutdown
- s390/timer: avoid overflow when programming clock comparator
(regression in 3.2.38)
- xen-pciback: rate limit error messages from xen_pcibk_enable_msi{,x}()
(CVE-2013-0231)
- xen-netback: correctly return errors from netbk_count_requests()
- xen-netback: cancel the credit timer when taking the vif down
- ipv6: use a stronger hash for tcp
- staging: comedi: ni_labpc: correct differential channel sequence for
AI commands
- staging: comedi: ni_labpc: set up command4 register *after* command3
- vhost: fix length for cross region descriptor (CVE-2013-0311)
[ Aurelien Jarno]
* [mips,mipsel] Disable VGA_CONSOLE and ignore the corresponding ABI
change. It is completely broken on MIPS.
* headers: Include Kbuild.platforms and Platform files in -common to
fix out-of-tree building on mips and mipsel.
* [{mips,mipsel}/{4,5}kc-malta] Enable HW_RANDOM as module so that both
flavours have a consistent configuration.
[ Ben Hutchings ]
* [x86] ata_piix: reenable MS Virtual PC guests (fixes regression in
3.2.19-1)
* test-patches: Clean up all previous test patches, whether or not they
were applied
* test-patches: Add --fuzz option to allow testing patches that have fuzz
* [x86] efi: Fix processor-specific memcpy() build error (Closes: #698581)
* udeb: Add hid-topseed to input-modules (Closes: #702611)
* [x86] drm/i915: Unconditionally initialise the interrupt workers,
thanks to Bjørn Mork (Closes: #692607)
* efi: Ensure efivars is loaded on EFI systems (Closes: #703363)
- [x86] Use a platform device to trigger loading of efivars
- [ia64] Change EFI_VARS from module to built-in
* kmsg_dump: Only dump kernel log in error cases (Closes: #703386)
- kexec: remove KMSG_DUMP_KEXEC
- kmsg_dump: don't run on non-error paths by default
* [x86] i915: initialize CADL in opregion (Closes: #703271)
Security fixes in 3.2.41 cover at least:
CVE-2013-0914
(CVE-2013-1773 - fix was already backported for other reasons)
CVE-2013-1792
CVE-2013-1848
CVE-2013-1860
CVE-2012-5517
CVE-2013-2546/CVE-2013-2547/CVE-2013-2548
Ben.
--
Ben Hutchings
The generation of random numbers is too important to be left to chance.
- Robert Coveyou
signature.asc
Description: This is a digitally signed message part
