The following patches were skipped because they were already applied:
* bug #1678009 / CVE-2017-7308
- net/packet: fix overflow in check for tp_frame_nr
- net/packet: fix overflow in check for tp_reserve
The following patch was reverted and replaced by its upstream
counterpart to pick up the upstream commit SHA1:
* bug #1676786 [Zesty] mlx5_core Kernel oops with bonding mode
1 and 6
- UBUNTU: SAUCE: (no-up) net/mlx5: Avoid dereferencing uninitialized
pointer
+ net/mlx5: Avoid dereferencing uninitialized pointer
The following commit required manual context handling due to changes introduced
by
bug #1676388 [zesty] mlx5e OVS fixes.
* net/mlx5: E-Switch, Correctly deal with inline mode on ConnectX-5
** Description changed:
+ SRU Justification
- SRU Justification
+ Impact:
+ The upstream process for stable tree updates is quite similar
+ in scope to the Ubuntu SRU process, e.g., each patch has to
+ demonstrably fix a bug, and each patch is vetted by upstream
+ by originating either directly from a mainline/stable Linux tree or
+ a minimally backported form of that patch. The 4.10.14 upstream stable
+ patch set is now available. It should be included in the Ubuntu
+ kernel as well.
- Impact:
- The upstream process for stable tree updates is quite similar
- in scope to the Ubuntu SRU process, e.g., each patch has to
- demonstrably fix a bug, and each patch is vetted by upstream
- by originating either directly from a mainline/stable Linux tree or
- a minimally backported form of that patch. The 4.10.14 upstream stable
- patch set is now available. It should be included in the Ubuntu
- kernel as well.
+ git://git.kernel.org/
- git://git.kernel.org/
+ TEST CASE: TBD
- TEST CASE: TBD
-
- The following patches from the 4.10.14 stable release shall be
- applied:
+ The following patches from the 4.10.14 stable release shall be applied:
+ * ping: implement proper locking
+ * sparc64: kern_addr_valid regression
+ * sparc64: Fix kernel panic due to erroneous #ifdef surrounding pmd_write()
+ * net: neigh: guard against NULL solicit() method
+ * net: phy: handle state correctly in phy_stop_machine
+ * kcm: return immediately after copy_from_user() failure
+ * secure_seq: downgrade to per-host timestamp offsets
+ * bpf: improve verifier packet range checks
+ * Revert "UBUNTU: SAUCE: (no-up) net/mlx5: Avoid dereferencing uninitialized
+ pointer"
+ * net/mlx5: Avoid dereferencing uninitialized pointer
+ * l2tp: hold tunnel socket when handling control frames in l2tp_ip and
+ l2tp_ip6
+ * l2tp: purge socket queues in the .destruct() callback
+ * openvswitch: Fix ovs_flow_key_update()
+ * l2tp: take reference on sessions being dumped
+ * l2tp: fix PPP pseudo-wire auto-loading
+ * net: ipv4: fix multipath RTM_GETROUTE behavior when iif is given
+ * sctp: listen on the sock only when it's state is listening or closed
+ * tcp: clear saved_syn in tcp_disconnect()
+ * ipv6: Fix idev->addr_list corruption
+ * net-timestamp: avoid use-after-free in ip_recv_error
+ * net: vrf: Fix setting NLM_F_EXCL flag when adding l3mdev rule
+ * sh_eth: unmap DMA buffers when freeing rings
+ * ipv6: sr: fix out-of-bounds access in SRH validation
+ * dp83640: don't recieve time stamps twice
+ * ipv6: sr: fix double free of skb after handling invalid SRH
+ * ipv6: fix source routing
+ * gso: Validate assumption of frag_list segementation
+ * net: ipv6: RTF_PCPU should not be settable from userspace
+ * netpoll: Check for skb->queue_mapping
+ * ip6mr: fix notification device destruction
+ * net/mlx5: Fix driver load bad flow when having fw initializing timeout
+ * net/mlx5: E-Switch, Correctly deal with inline mode on ConnectX-5
+ * net/mlx5e: Fix small packet threshold
+ * net/mlx5e: Fix ETHTOOL_GRXCLSRLALL handling
+ * tcp: fix SCM_TIMESTAMPING_OPT_STATS for normal skbs
+ * tcp: mark skbs with SCM_TIMESTAMPING_OPT_STATS
+ * macvlan: Fix device ref leak when purging bc_queue
+ * net: ipv6: regenerate host route if moved to gc list
+ * net: phy: fix auto-negotiation stall due to unavailable interrupt
+ * ipv6: check skb->protocol before lookup for nexthop
+ * tcp: memset ca_priv data to 0 properly
+ * ipv6: check raw payload size correctly in ioctl
+ * ALSA: oxfw: fix regression to handle Stanton SCS.1m/1d
+ * ALSA: firewire-lib: fix inappropriate assignment between signed/unsigned
+ type
+ * ALSA: seq: Don't break snd_use_lock_sync() loop by timeout
+ * scsi: return correct blkprep status code in case scsi_init_io() fails.
+ * ARC: [plat-eznps] Fix build error
+ * MIPS: KGDB: Use kernel context for sleeping threads
+ * MIPS: cevt-r4k: Fix out-of-bounds array access
+ * MIPS: Avoid BUG warning in arch_check_elf
+ * p9_client_readdir() fix
+ * ASoC: intel: Fix PM and non-atomic crash in bytcr drivers
+ * Input: i8042 - add Clevo P650RS to the i8042 reset list
+ * nfsd: check for oversized NFSv2/v3 arguments
+ * nfsd4: minor NFSv2/v3 write decoding cleanup
+ * nfsd: stricter decoding of write-like NFSv2/v3 ops
+ * ceph: fix recursion between ceph_set_acl() and __ceph_setattr()
+ * macsec: avoid heap overflow in skb_to_sgvec
+ * net: can: usb: gs_usb: Fix buffer on stack
+ * cpu/hotplug: Serialize callback invocations proper
+ * ftrace/x86: Fix triple fault with graph tracing and suspend-to-ram
+ * Linux 4.10.14
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-7308
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1688499
Title:
Zesty update to 4.10.14 stable release
Status in linux package in Ubuntu:
New
Status in linux source package in Zesty:
In Progress
Bug description:
SRU Justification
Impact:
The upstream process for stable tree updates is quite similar
in scope to the Ubuntu SRU process, e.g., each patch has to
demonstrably fix a bug, and each patch is vetted by upstream
by originating either directly from a mainline/stable Linux tree or
a minimally backported form of that patch. The 4.10.14 upstream stable
patch set is now available. It should be included in the Ubuntu
kernel as well.
git://git.kernel.org/
TEST CASE: TBD
The following patches from the 4.10.14 stable release shall be applied:
* ping: implement proper locking
* sparc64: kern_addr_valid regression
* sparc64: Fix kernel panic due to erroneous #ifdef surrounding pmd_write()
* net: neigh: guard against NULL solicit() method
* net: phy: handle state correctly in phy_stop_machine
* kcm: return immediately after copy_from_user() failure
* secure_seq: downgrade to per-host timestamp offsets
* bpf: improve verifier packet range checks
* Revert "UBUNTU: SAUCE: (no-up) net/mlx5: Avoid dereferencing uninitialized
pointer"
* net/mlx5: Avoid dereferencing uninitialized pointer
* l2tp: hold tunnel socket when handling control frames in l2tp_ip and
l2tp_ip6
* l2tp: purge socket queues in the .destruct() callback
* openvswitch: Fix ovs_flow_key_update()
* l2tp: take reference on sessions being dumped
* l2tp: fix PPP pseudo-wire auto-loading
* net: ipv4: fix multipath RTM_GETROUTE behavior when iif is given
* sctp: listen on the sock only when it's state is listening or closed
* tcp: clear saved_syn in tcp_disconnect()
* ipv6: Fix idev->addr_list corruption
* net-timestamp: avoid use-after-free in ip_recv_error
* net: vrf: Fix setting NLM_F_EXCL flag when adding l3mdev rule
* sh_eth: unmap DMA buffers when freeing rings
* ipv6: sr: fix out-of-bounds access in SRH validation
* dp83640: don't recieve time stamps twice
* ipv6: sr: fix double free of skb after handling invalid SRH
* ipv6: fix source routing
* gso: Validate assumption of frag_list segementation
* net: ipv6: RTF_PCPU should not be settable from userspace
* netpoll: Check for skb->queue_mapping
* ip6mr: fix notification device destruction
* net/mlx5: Fix driver load bad flow when having fw initializing timeout
* net/mlx5: E-Switch, Correctly deal with inline mode on ConnectX-5
* net/mlx5e: Fix small packet threshold
* net/mlx5e: Fix ETHTOOL_GRXCLSRLALL handling
* tcp: fix SCM_TIMESTAMPING_OPT_STATS for normal skbs
* tcp: mark skbs with SCM_TIMESTAMPING_OPT_STATS
* macvlan: Fix device ref leak when purging bc_queue
* net: ipv6: regenerate host route if moved to gc list
* net: phy: fix auto-negotiation stall due to unavailable interrupt
* ipv6: check skb->protocol before lookup for nexthop
* tcp: memset ca_priv data to 0 properly
* ipv6: check raw payload size correctly in ioctl
* ALSA: oxfw: fix regression to handle Stanton SCS.1m/1d
* ALSA: firewire-lib: fix inappropriate assignment between signed/unsigned
type
* ALSA: seq: Don't break snd_use_lock_sync() loop by timeout
* scsi: return correct blkprep status code in case scsi_init_io() fails.
* ARC: [plat-eznps] Fix build error
* MIPS: KGDB: Use kernel context for sleeping threads
* MIPS: cevt-r4k: Fix out-of-bounds array access
* MIPS: Avoid BUG warning in arch_check_elf
* p9_client_readdir() fix
* ASoC: intel: Fix PM and non-atomic crash in bytcr drivers
* Input: i8042 - add Clevo P650RS to the i8042 reset list
* nfsd: check for oversized NFSv2/v3 arguments
* nfsd4: minor NFSv2/v3 write decoding cleanup
* nfsd: stricter decoding of write-like NFSv2/v3 ops
* ceph: fix recursion between ceph_set_acl() and __ceph_setattr()
* macsec: avoid heap overflow in skb_to_sgvec
* net: can: usb: gs_usb: Fix buffer on stack
* cpu/hotplug: Serialize callback invocations proper
* ftrace/x86: Fix triple fault with graph tracing and suspend-to-ram
* Linux 4.10.14
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1688499/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
