[meta-freescale] Updates of meta-fsl-ppc dizzy branch on 2016-01-06

Zhenhua Luo zhenhua.luo at nxp.com
Wed Jan 6 07:06:01 PST 2016


Hello all,


The following updates are merged in dizzy branch of meta-fsl-ppc, thanks.

commit 3a48365291e52ea967980bb1b69e99fd1a8f57dd
Author: Sona Sarmadi <sona.sarmadi at enea.com>
Date:   Wed Dec 30 10:58:49 2015 +0100

    kernel-mnt: CVE-2015-4177

    Fixes race conditions in collect_mounts

    References:
    http://seclists.org/oss-sec/2015/q2/640
    https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-4177

    Upstream patch:
    https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
    patch/?id=6ab282fe6d43027b3b1ef820b3798aae8fdb432b

    Signen-off-by: Sona Sarmadi <sona.sarmadi at enea.com>
    Signed-off-by: Sona Sarmadi <sona.sarmadi at enea.com>

commit c953e8eca79bbb5de090a0c400854464568156df
Author: Sona Sarmadi <sona.sarmadi at enea.com>
Date:   Wed Dec 30 10:58:48 2015 +0100

    kernel/fs-userns: CVE-2014-4014

    Change inode_capable to capable_wrt_inode_uidgid

    Fixes privileges escalation in Linux kernel built
    with the user namespaces(CONFIG_USER_NS).

    References:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4014
    http://www.openwall.com/lists/oss-security/2014/06/10/4

    Upstream patch:
    https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
    patch/?id= 2246a472bce19c0d373fb5488a0e612e3328ce0a

    Signed-off-by: Sona Sarmadi <sona.sarmadi at enea.com>

commit 13f7c40cb465409c5a16434d6f522527a16d6b44
Author: Sona Sarmadi <sona.sarmadi at enea.com>
Date:   Wed Dec 30 10:58:47 2015 +0100

    drivers-media: CVE-2014-1739

    Fixes an information leakage in Linux kernel built with
    the Multimedia support(CONFIG_MEDIA_SUPPORT).

    References:
    http://www.openwall.com/lists/oss-security/2014/06/15/1
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1739

    Upstream patch:
    https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
    patch/?id=2f1831612c94ee7b1819c4a6d21b9d5efac5297c

    Signed-off-by: Sona Sarmadi <sona.sarmadi at enea.com>


Best Regards,

Zhenhua
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.yoctoproject.org/pipermail/meta-freescale/attachments/20160106/8ccef39e/attachment.html>


More information about the meta-freescale mailing list