This series fixes the following CVEs: 1/5: CVE-2016-8658 2/5: CVE-2016-7097 4/5: CVE-2016-8666 3-5 is a patch series that also fixes a performance issue with GRO encapsulation. Arend Van Spriel (1): brcmfmac: avoid potential stack overflow in brcmf_cfg80211_start_ap() Jan Kara (1): posix_acl: Clear SGID bit when setting file permissions Jesse Gross (3): ipip: Properly mark ipip GRO packets as encapsulated. tunnels: Don't apply GRO to multiple layers of encapsulation. tunnels: Remove encapsulation offloads on decap. drivers/net/wireless/brcm80211/brcmfmac/cfg80211.c | 2 +- fs/9p/acl.c | 40 +++++++++------------- fs/btrfs/acl.c | 6 ++-- fs/ceph/acl.c | 6 ++-- fs/ext2/acl.c | 12 +++---- fs/ext4/acl.c | 12 +++---- fs/f2fs/acl.c | 6 ++-- fs/gfs2/acl.c | 12 ++----- fs/hfsplus/posix_acl.c | 4 +-- fs/jffs2/acl.c | 9 +++-- fs/jfs/acl.c | 6 ++-- fs/ocfs2/acl.c | 10 +++--- fs/posix_acl.c | 31 +++++++++++++++++ fs/reiserfs/xattr_acl.c | 8 ++--- fs/xfs/xfs_acl.c | 13 +++---- include/linux/netdevice.h | 4 +-- include/linux/posix_acl.h | 1 + include/net/ip_tunnels.h | 16 +++++++++ net/core/dev.c | 2 +- net/ipv4/af_inet.c | 24 +++++++++++-- net/ipv4/fou.c | 13 +++++-- net/ipv4/gre_offload.c | 5 +++ net/ipv4/ip_tunnel_core.c | 3 +- net/ipv4/udp_offload.c | 6 ++-- net/ipv6/ip6_offload.c | 15 +++++++- net/ipv6/sit.c | 5 +-- 26 files changed, 164 insertions(+), 107 deletions(-) -- 2.9.3 -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html