← Back to team overview

kernel-packages team mailing list archive

[Bug 1380025] Re: linux could use CONFIG_CC_STACKPROTECTOR_STRONG instead of CONFIG_CC_STACKPROTECTOR_REGULAR

 

This bug was fixed in the package linux - 4.2.0-15.18

---------------
linux (4.2.0-15.18) wily; urgency=low

  [ Tim Gardner ]

  * Release Tracking Bug
    - LP: #1503692

  [ Andy Whitcroft ]

  * Revert "SAUCE: aufs3: mmap: Fix races in madvise_remove() and sys_msync()"
    Was incorrectly backported.

  [ Ben Hutchings ]

  * SAUCE: aufs3: mmap: Fix races in madvise_remove() and sys_msync()
    - CVE-2015-7312

  [ Tim Gardner ]

  * [Debian] config-check and prepare using ${DEBIAN}/config/annotations
    Makes the LTS update script work better.

linux (4.2.0-15.17) wily; urgency=low

  [ Tim Gardner ]

  * Release Tracking Bug
    - LP: #1503016
  * rebase to v4.2.3

  [ Andrew Donnellan ]

  * SAUCE: cxl: fix leak of IRQ names in cxl_free_afu_irqs()
  * SAUCE: cxl: fix leak of ctx->irq_bitmap when releasing context via
    kernel API
  * SAUCE: cxl: fix leak of ctx->mapping when releasing kernel API contexts

  [ Ben Hutchings ]

  * SAUCE: aufs3: mmap: Fix races in madvise_remove() and sys_msync()
    - CVE-2015-7312

  [ Dan Carpenter ]

  * SAUCE: (noup) cxlflash: a couple off by one bugs
    - LP: #1499849

  [ John Johansen ]

  * SAUCE: (no-up) apparmor: fix mount not handling disconnected paths
    - LP: #1496430

  [ Manoj Kumar ]

  * SAUCE: (noup) cxlflash: Fix to avoid invalid port_sel value
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Replace magic numbers with literals
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix read capacity timeout
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix to double the delay each time
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix to escalate to LINK_RESET on login timeout
    - LP: #1499849

  [ Matthew R. Ochs ]

  * SAUCE: (noup) cxlflash: Fix potential oops following LUN removal
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix data corruption when vLUN used over
    multiple cards
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix to avoid sizeof(bool)
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix context encode mask width
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix to avoid CXL services during EEH
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Correct naming of limbo state and waitq
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Make functions static
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Refine host/device attributes
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix to avoid spamming the kernel log
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix to avoid stall while waiting on TMF
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix location of setting resid
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix host link up event handling
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix async interrupt bypass logic
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Remove dual port online dependency
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix AFU version access/storage and add check
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Correct usage of scsi_host_put()
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix to prevent workq from accessing freed
    memory
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Correct behavior in device reset handler
    following EEH
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Remove unnecessary scsi_block_requests
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix function prolog parameters and return codes
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix MMIO and endianness errors
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix to prevent EEH recovery failure
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Correct spelling, grammar, and alignment
    mistakes
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix to prevent stale AFU RRQ
    - LP: #1499849
  * SAUCE: (noup) MAINTAINERS: Add cxlflash driver
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix to avoid corrupting adapter fops
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Correct trace string
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix to avoid potential deadlock on EEH
    - LP: #1499849
  * SAUCE: (noup) cxlflash: Fix to avoid leaving dangling interrupt
    resources
    - LP: #1499849

  [ Philippe Bergheaud ]

  * SAUCE: cxl: Workaround malformed pcie packets on some cards

  [ Tim Gardner ]

  * [Config] CONFIG_CC_STACKPROTECTOR_STRONG=y
    - LP: #1380025
  * [Config] Add MMC modules sufficient for net booting
    - LP: #1502772

  [ Upstream Kernel Changes ]

  * Initialize msg/shm IPC objects before doing ipc_addid()
  * RDS: verify the underlying transport exists before creating a
    connection
  * cxl: abort cxl_pci_enable_device_hook() if PCI channel is offline
  * cxl: Fix build failure due to -Wunused-variable behaviour change
  * cxl: Fix lockdep warning while creating afu_err_buff attribute
  * USB: whiteheat: fix potential null-deref at probe
    - LP: #1478826
    - CVE-2015-5257
  * dcache: Handle escaped paths in prepend_path
    - CVE-2015-2925
  * vfs: Test for and handle paths that are unreachable from their mnt_root
    - CVE-2015-2925
  * hv_netvsc: Add support to set MTU reservation from guest side
    - LP: #1494431
  * hv_netvsc: Add close of RNDIS filter into change mtu call
    - LP: #1494431

 -- Tim Gardner <tim.gardner@xxxxxxxxxxxxx>  Wed, 07 Oct 2015 07:28:10
-0600

** Changed in: linux (Ubuntu Wily)
       Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-2925

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-5257

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-7312

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1380025

Title:
  linux could use CONFIG_CC_STACKPROTECTOR_STRONG instead of
  CONFIG_CC_STACKPROTECTOR_REGULAR

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Wily:
  Fix Released

Bug description:
  Here is the relevant kernel config:

  $ grep STACKPROTECTOR /boot/config-3.16.0-22-generic 
  CONFIG_HAVE_CC_STACKPROTECTOR=y
  CONFIG_CC_STACKPROTECTOR=y
  # CONFIG_CC_STACKPROTECTOR_NONE is not set
  CONFIG_CC_STACKPROTECTOR_REGULAR=y
  # CONFIG_CC_STACKPROTECTOR_STRONG is not set

  Since linux is built with gcc 4.9 in Ubuntu 14.10, it could use
  CONFIG_CC_STACKPROTECTOR_STRONG instead of
  CONFIG_CC_STACKPROTECTOR_REGULAR.

  ProblemType: Bug
  DistroRelease: Ubuntu 14.10
  Package: linux-image-3.16.0-22-generic 3.16.0-22.29
  ProcVersionSignature: Ubuntu 3.16.0-22.29-generic 3.16.4
  Uname: Linux 3.16.0-22-generic x86_64
  ApportVersion: 2.14.7-0ubuntu5
  Architecture: amd64
  AudioDevicesInUse:
   USER        PID ACCESS COMMAND
   /dev/snd/controlC0:  bonnaudl   3741 F.... pulseaudio
  CurrentDesktop: KDE
  Date: Sat Oct 11 10:03:30 2014
  EcryptfsInUse: Yes
  HibernationDevice: RESUME=UUID=cf81afe7-8427-45fa-9149-c11d060a5a26
  IwConfig:
   eth1      no wireless extensions.
   
   lo        no wireless extensions.
  MachineType: Dell Inc. Latitude E6520
  ProcFB: 0 inteldrmfb
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.16.0-22-generic root=UUID=749a9901-bdd3-4b5f-b80e-69414667e058 ro quiet splash vt.handoff=7
  RelatedPackageVersions:
   linux-restricted-modules-3.16.0-22-generic N/A
   linux-backports-modules-3.16.0-22-generic  N/A
   linux-firmware                             1.135
  RfKill:
   
  SourcePackage: linux
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 11/14/2013
  dmi.bios.vendor: Dell Inc.
  dmi.bios.version: A19
  dmi.board.name: 0NVF5K
  dmi.board.vendor: Dell Inc.
  dmi.board.version: A01
  dmi.chassis.type: 9
  dmi.chassis.vendor: Dell Inc.
  dmi.modalias: dmi:bvnDellInc.:bvrA19:bd11/14/2013:svnDellInc.:pnLatitudeE6520:pvr01:rvnDellInc.:rn0NVF5K:rvrA01:cvnDellInc.:ct9:cvr:
  dmi.product.name: Latitude E6520
  dmi.product.version: 01
  dmi.sys.vendor: Dell Inc.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1380025/+subscriptions


References