[meta-freescale] Updates of meta-fsl-ppc master branch on 2015-03-11

Wed Mar 11 05:29:20 PDT 2015

Hello all,

The following updates are merged in master branch of meta-fsl-ppc, thanks.

commit 7e2b2203ce7569e5721f4621edca1d17375a78b4
Author: Sona Sarmadi <sona.sarmadi at enea.com>
Date:   Mon Mar 2 11:44:00 2015 +0100

    security-keys: CVE-2014-9529

    Fixes memory corruption or panic during key garbage collection

    Reference:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9529

    Signed-off-by: Sona Sarmadi <sona.sarmadi at enea.com>

commit 19a183db9d8ac539b2640204ef01afa0b7d9a13e
Author: Sona Sarmadi <sona.sarmadi at enea.com>
Date:   Mon Mar 2 11:43:59 2015 +0100

    kernel: CVE-2014-7825, CVE-2014-7826

    Insufficient syscall number validation in perf and ftrace subsystems

    CVE-2014-7825
    Fixes an out-of-bounds memory access flaw, in the syscall tracing
    functionality of the Linux kernel's perf subsystem.

    CVE-2014-7826
    Fixes an out-of-bounds memory access flaw, in the syscall
    tracing functionality of the Linux kernel's ftrace subsystem.

    References:
    http://www.openwall.com/lists/oss-security/2014/11/06/11
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7825
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7826

    Signed-off-by: Sona Sarmadi <sona.sarmadi at enea.com>

commit 91cc1736ead3b2808fc0868eeada9df5e754d446
Author: Sona Sarmadi <sona.sarmadi at enea.com>
Date:   Tue Feb 17 12:38:45 2015 +0100

    fs-userns: CVE-2014-4014

    Fixes a potential privilege escalation flaw when the Linux
    kernel is built with the user namespaces(CONFIG_USER_NS)

    References:
    http://www.openwall.com/lists/oss-security/2014/06/10/4
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4014

    Signed-off-by: Sona Sarmadi <sona.sarmadi at enea.com>

commit 960cf177f385512036e14d21e845900949e39e8b
Author: Sona Sarmadi <sona.sarmadi at enea.com>
Date:   Tue Feb 17 12:38:44 2015 +0100

    mm/shmem: CVE-2014-4171

    Fixes a denial of service flaw in the Linux kernel
    built with the shared memory suppor

    Reference:
    http://www.openwall.com/lists/oss-security/2014/06/18/11
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4171

    Signed-off-by: Sona Sarmadi <sona.sarmadi at enea.com>

commit 252c07db20a389027565ae7558b4ecdc4f9d74e9
Author: Sona Sarmadi <sona.sarmadi at enea.com>
Date:   Fri Feb 13 10:38:23 2015 +0100

    mm: CVE-2014-3122

    try_to_unmap_cluster() should lock_page() before mlocking

    Reference:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3122

    Signed-off-by: Sona Sarmadi <sona.sarmadi at enea.com>

commit d2c73b2d98a0b23987922a7396030ddbb57b93b3
Author: Sona Sarmadi <sona.sarmadi at enea.com>
Date:   Mon Feb 9 07:54:02 2015 +0100

    target: CVE-2014-4027

    Explicitly clear ramdisk_mcp backend pages

    References:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4027
    http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618

    Signed-off-by: Sona Sarmadi <sona.sarmadi at enea.com>

commit 7b19fbc072bda2fba8e6fa4a95c64cbb634a0d1e
Author: Sona Sarmadi <sona.sarmadi at enea.com>
Date:   Mon Feb 9 07:54:01 2015 +0100

    ALSA: CVE-2014-4656

    Handle numid overflow
    Make sure that id->index does not overflow

    References:
    http://www.openwall.com/lists/oss-security/2014/06/26/6
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4656

    Signed-off-by: Sona Sarmadi <sona.sarmadi at enea.com>

Best Regards,

Zhenhua
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.yoctoproject.org/pipermail/meta-freescale/attachments/20150311/eb14f287/attachment.html>