Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Changed-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
* fixed changelog user name
* adapt wording of nic driver change message to the one from
the release originally removing them
* removed duplicate 'Ubuntu' text
This reverts commit 7beee5f3eb.
While they repositories of those drivers state that the in kernel one
should be used, as they are newer, it seems they do not provide the
same functionallity. So revert to the out of tree drivers for now.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
CVE-2017-1000364 (rather bugfix for the original CVE fix):
* mm/mmap.c: expand_downwards: don't require the gap if !vm_prev
* mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack
CVE-2017-1000365: fs/exec.c: account for argv/envp pointers
CVE-2017-10810: drm/virtio: don't leak bo on drm_gem_object_init
failure
CVE-2017-7482: rxrpc: Fix several cases where a padded len isn't
checked in ticket decode
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
CVE-2014-9900: net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol()
CVE-2017-7346: drm/vmwgfx: limit the number of mip levels in vmw_gb_surface_define_ioctl()
CVE-2017-9605: drm/vmwgfx: Make sure backup_handle is always valid
CVE-2017-1000380:
* ALSA: timer: Fix race between read and ioctl
* ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
CVE-2017-8890: dccp/tcp: do not inherit mc_list from parent
CVE-2017-9074: ipv6: Prevent overrun when parsing v6 header options
CVE-2017-9075: sctp: do not inherit ipv6_{mc|ac|fl}_list from parent
CVE-2017-9076/CVE-2017-9077: ipv6/dccp: do not inherit ipv6_mc_list from parent
CVE-2017-9242: ipv6: fix out of bound writes in __ip6_append_data()
