Message ID | 1494340968-17152-1-git-send-email-amit.pundir@linaro.org |
---|---|
Headers | show |
Series | Security fixes from 2015 and 2016 android security bulletins | expand |
On 9 May 2017 at 20:12, Amit Pundir <amit.pundir@linaro.org> wrote: > Hi Greg, > > Please consider following security fixes for linux-3.18.y. This > is a follow up on my previous submission of similar security fixes, > https://www.spinics.net/lists/stable/msg169868.html, picked up from > android security bulletins published in year 2017 so far. > > Following are the fixes published in 2015 and 2016 monthly Android > Security Bulletins https://source.android.com/security/bulletin/, > and/or related follow-up fixes from upstream. Cherry-picked and build > tested on v3.18.52 for ARCH=arm/arm64/x86/x86_64/mips + allmodconfig. > Also, for the record following are the upstream fixes listed in security bulletins but they didn't apply on linux-3.18.y cleanly and seem to have non-trivial conflicts. So I skipped them. In one case it is explicitly targeted for 3.19, so I skipped that one as well though it applied and built fine on 3.18.y. f2b2c582e824 ("tcp: mitigate ACK loops for connections as tcp_sock") 083ae308280d ("tcp: enable per-socket rate limiting of all 'challenge acks'") 4de930efc23b ("net: validate the range we feed to iov_iter_init() in sys_sendto/sys_recvfrom") 1c90308e7a77 ("pagemap: hide physical addresses from non-privileged users") c58d6c93680f ("netfilter: nfnetlink: correctly validate length of batch messages") 8b8addf891de ("x86/mm/32: Enable full randomization on i386 and X86_32") 38740a5b87d5 ("usb: gadget: f_fs: Fix use-after-free") Regards, Amit Pundir
On Tue, May 09, 2017 at 08:12:24PM +0530, Amit Pundir wrote: > Hi Greg, > > Please consider following security fixes for linux-3.18.y. This > is a follow up on my previous submission of similar security fixes, > https://www.spinics.net/lists/stable/msg169868.html, picked up from > android security bulletins published in year 2017 so far. > > Following are the fixes published in 2015 and 2016 monthly Android > Security Bulletins https://source.android.com/security/bulletin/, > and/or related follow-up fixes from upstream. Cherry-picked and build > tested on v3.18.52 for ARCH=arm/arm64/x86/x86_64/mips + allmodconfig. Thanks for these, I've applied all but 3, and will wait for those for the next round of stable kernel releases (because they are needed in other trees as well...) greg k-h
On Thu, May 18, 2017 at 02:22:41PM +0200, Greg KH wrote: > On Tue, May 09, 2017 at 08:12:24PM +0530, Amit Pundir wrote: > > Hi Greg, > > > > Please consider following security fixes for linux-3.18.y. This > > is a follow up on my previous submission of similar security fixes, > > https://www.spinics.net/lists/stable/msg169868.html, picked up from > > android security bulletins published in year 2017 so far. > > > > Following are the fixes published in 2015 and 2016 monthly Android > > Security Bulletins https://source.android.com/security/bulletin/, > > and/or related follow-up fixes from upstream. Cherry-picked and build > > tested on v3.18.52 for ARCH=arm/arm64/x86/x86_64/mips + allmodconfig. > > Thanks for these, I've applied all but 3, and will wait for those for > the next round of stable kernel releases (because they are needed in > other trees as well...) These other 3 now applied, thanks! greg k-h