-
Thu Feb 23 2017 Brian Maly <brian.maly@oracle.com> [4.1.12-61.1.28.el7uek]
- dccp: fix freeing skb too early for IPV6_RECVPKTINFO (Andrey Konovalov) [Orabug: 25598257] {CVE-2017-6074}
-
Fri Feb 03 2017 Brian Maly <brian.maly@oracle.com> [4.1.12-61.1.27.el7uek]
- vfio/pci: Fix integer overflows, bitmask check (Vlad Tsyrklevich) [Orabug: 25164094] {CVE-2016-9083} {CVE-2016-9084}
- Don't feed anything but regular iovec's to blk_rq_map_user_iov (Linus Torvalds) [Orabug: 25231931] {CVE-2016-9576}
- kvm: x86: Check memopp before dereference (CVE-2016-8630) (Owen Hofmann) [Orabug: 25417387] {CVE-2016-8630}
- crypto: algif_hash - Only export and import on sockets with data (Herbert Xu) [Orabug: 25417799] {CVE-2016-8646}
- USB: usbfs: fix potential infoleak in devio (Kangjie Lu) [Orabug: 25462755] {CVE-2016-4482}
- net: fix infoleak in llc (Kangjie Lu) [Orabug: 25462799] {CVE-2016-4485}
-
Fri Jan 27 2017 Chuck Anderson <chuck.anderson@oracle.com> [4.1.12-61.1.26.el7uek]
- xen-netback: fix extra_info handling in xenvif_tx_err() (Paul Durrant) [Orabug: 25445336]
- net: Documentation: Fix default value tcp_limit_output_bytes (Niklas Cassel) [Orabug: 25458076]
- tcp: double default TSQ output bytes limit (Wei Liu) [Orabug: 25458076]
- xenbus: fix deadlock on writes to /proc/xen/xenbus (David Vrabel) [Orabug: 25430143]
-
Wed Jan 11 2017 Brian Maly <brian.maly@oracle.com> [4.1.12-61.1.25.el7uek]
- KEYS: Fix short sprintf buffer in /proc/keys show function (David Howells) [Orabug: 25306361] {CVE-2016-7042}
- nvme: Limit command retries (Keith Busch) [Orabug: 25374751]
- fs/proc/task_mmu.c: fix mm_access() mode parameter in pagemap_read() (Kenny Keslar) [Orabug: 25374977]
- tcp: fix use after free in tcp_xmit_retransmit_queue() (Eric Dumazet) [Orabug: 25374364] {CVE-2016-6828}
- tunnels: Don't apply GRO to multiple layers of encapsulation. (Jesse Gross) [Orabug: 25036352] {CVE-2016-8666}
- i40e: Don't notify client(s) for DCB changes on all VSIs (Neerav Parikh) [Orabug: 25046290]
- packet: fix race condition in packet_set_ring (Philip Pettersson) [Orabug: 25231617] {CVE-2016-8655}
- netlink: Fix dump skb leak/double free (Herbert Xu) [Orabug: 25231692] {CVE-2016-9806}
- ALSA: pcm : Call kill_fasync() in stream lock (Takashi Iwai) [Orabug: 25231720] {CVE-2016-9794}
- net: avoid signed overflows for SO_{SND|RCV}BUFFORCE (Eric Dumazet) [Orabug: 25231751] {CVE-2016-9793}
-
Wed Jan 04 2017 Chuck Anderson <chuck.anderson@oracle.com> [4.1.12-61.1.24.el7uek]
- rebuild bumping release
-
Tue Dec 20 2016 Brian Maly <brian.maly@oracle.com> [4.1.12-61.1.23.el7uek]
- net: Fix use after free in the recvmmsg exit path (Arnaldo Carvalho de Melo) [Orabug: 25298601] {CVE-2016-7117}
-
Fri Dec 02 2016 Brian Maly <brian.maly@oracle.com> [4.1.12-61.1.22.el7uek]
- ocfs2: fix trans extend while free cached blocks (Junxiao Bi) [Orabug: 25136991]
- ocfs2: fix trans extend while flush truncate log (Junxiao Bi) [Orabug: 25136991]
- ocfs2: extend enough credits for freeing one truncate record while replaying truncate records (Xue jiufei) [Orabug: 25136991]
- mpi: Fix NULL ptr dereference in mpi_powm() [ver #3] (Andrey Ryabinin) [Orabug: 25154096] {CVE-2016-8650} {CVE-2016-8650}
- mlx4: avoid multiple free on id_map_ent (Wengang Wang) [Orabug: 25159035]
-
Wed Nov 23 2016 Brian Maly <brian.maly@oracle.com> [4.1.12-61.1.21.el7uek]
- NVMe: reduce queue depth as workaround for Samsung EPIC SQ errata (Ashok Vairavan) [Orabug: 25144380]
- sctp: validate chunk len before actually using it (Marcelo Ricardo Leitner) [Orabug: 25142868] {CVE-2016-9555}
-
Fri Nov 18 2016 Brian Maly <brian.maly@oracle.com> [4.1.12-61.1.20.el7uek]
- rebuild bumping release
-
Fri Nov 18 2016 Brian Maly <brian.maly@oracle.com> [4.1.12-61.1.19.el7uek]
- acpi: Disable ACPI table override if securelevel is set (Linn Crosetto) [Orabug: 25058966] {CVE-2016-3699}
- aacraid: Check size values after double-fetch from user (Dave Carroll) [Orabug: 25060060] {CVE-2016-6480} {CVE-2016-6480}
- audit: fix a double fetch in audit_log_single_execve_arg() (Paul Moore) [Orabug: 25059969] {CVE-2016-6136}
- ecryptfs: don't allow mmap when the lower fs doesn't support it (Jeff Mahoney) [Orabug: 25023269] {CVE-2016-1583} {CVE-2016-1583}
- Revert "ecryptfs: forbid opening files without mmap handler" (Chuck Anderson) [Orabug: 24971921] {CVE-2016-1583}
- percpu: fix synchronization between synchronous map extension and chunk destruction (Tejun Heo) [Orabug: 25060084] {CVE-2016-4794}
- percpu: fix synchronization between chunk->map_extend_work and chunk destruction (Tejun Heo) [Orabug: 25060084] {CVE-2016-4794}
- ALSA: timer: Fix leak in events via snd_timer_user_tinterrupt (Kangjie Lu) [Orabug: 25059898] {CVE-2016-4578}
- ALSA: timer: Fix leak in events via snd_timer_user_ccallback (Kangjie Lu) [Orabug: 25059898] {CVE-2016-4578}
- ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS (Kangjie Lu) [Orabug: 25059752] {CVE-2016-4569}
- Bluetooth: Fix potential NULL dereference in RFCOMM bind callback (Jaganath Kanakkassery) [Orabug: 25058894] {CVE-2015-8956}
- ASN.1: Fix non-match detection failure on data overrun (David Howells) [Orabug: 25059037] {CVE-2016-2053}
- mm: migrate dirty page without clear_page_dirty_for_io etc (Hugh Dickins) [Orabug: 25059188] {CVE-2016-3070}