Security fixes for 2.6.32-stable

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Willy, here are the security patches I've recently applied to Debian's
2.6.32 branch, aside from issues not yet fixed upstream.

These have already been released without reported regressions. The
mapping to CVE IDs is:

  * isdn_ppp: Add checks for allocation failure in isdn_ppp_open()
    (dependency of following fix)
  * ppp, slip: Validate VJ compression slot parameters completely
    (CVE-2015-7799)
  * RDS: fix race condition when sending a message on unbound socket
   
 (CVE-2015-7990)
  * unix: avoid use-after-free in ep_remove_wait_queue
(CVE-2013-7446)
  * ext4: Fix null dereference in ext4_fill_super()
(CVE-2015-8324)

Ben.

-- 
Ben Hutchings
Power corrupts.  Absolute power is kind of neat.
                           - John Lehman, Secretary of the US Navy 1981-1987

Attachment: security-2.6.32.mbox
Description: application/mbox

Attachment: signature.asc
Description: This is a digitally signed message part


[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]