-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 17 Jun 2019 19:02:22 +0100 Binary: linux-doc-4.9 linux-headers-4.9.0-0.bpo.9-common linux-headers-4.9.0-0.bpo.9-common-rt linux-manual-4.9 linux-source-4.9 linux-support-4.9.0-0.bpo.9 Source: linux-4.9 Architecture: all source Version: 4.9.168-1+deb9u3~deb8u1 Distribution: jessie-security Urgency: high Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org> Changed-By: Ben Hutchings <ben@decadent.org.uk> Closes: 928989 Description: linux-doc-4.9 - Linux kernel specific documentation for version 4.9 linux-headers-4.9.0-0.bpo.9-common - Common header files for Linux 4.9.0-0.bpo.9 linux-headers-4.9.0-0.bpo.9-common-rt - Common header files for Linux 4.9.0-0.bpo.9-rt linux-manual-4.9 - Linux kernel API manual pages for version 4.9 linux-source-4.9 - Linux kernel source for version 4.9 with Debian patches linux-support-4.9.0-0.bpo.9 - Support files for Linux 4.9 Changes: linux-4.9 (4.9.168-1+deb9u3~deb8u1) jessie-security; urgency=medium . * Backport to jessie; no further changes required . linux (4.9.168-1+deb9u3) stretch-security; urgency=high . [ Salvatore Bonaccorso ] * tcp: limit payload size of sacked skbs (CVE-2019-11477) * tcp: tcp_fragment() should apply sane memory limits (CVE-2019-11478) * tcp: add tcp_min_snd_mss sysctl (CVE-2019-11479) * tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() * tcp: fix fack_count accounting on tcp_shift_skb_data() . [ Ben Hutchings ] * tcp: Avoid ABI change for DoS fixes * mm/mincore.c: make mincore() more conservative (CVE-2019-5489) * brcmfmac: add length checks in scheduled scan result handler * brcmfmac: assure SSID length from firmware is limited (CVE-2019-9500) * brcmfmac: add subtype check for event handling in data path (CVE-2019-9503) * tty: mark Siemens R3964 line discipline as BROKEN (CVE-2019-11486) * coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping (CVE-2019-11599) * net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock(). (CVE-2019-11815) (Closes: #928989) * ext4: zero out the unused memory region in the extent tree block (CVE-2019-11833) * Bluetooth: hidp: fix buffer overflow (CVE-2019-11884) * mwifiex: Fix possible buffer overflows at parsing bss descriptor (CVE-2019-3846) * mwifiex: Abort at too short BSS descriptor element * mwifiex: Don't abort on small, spec-compliant vendor IEs * mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (CVE-2019-10126) Checksums-Sha1: f80ca24526a67c2a9399c889d46500b83ad1dcb1 15581 linux-4.9_4.9.168-1+deb9u3~deb8u1.dsc a079c109ca9f81fa77c1547174e13af1b74989d1 2069000 linux-4.9_4.9.168-1+deb9u3~deb8u1.debian.tar.xz 25b9496f384c8855fed6dd7f242c2de74d440b4b 7683610 linux-headers-4.9.0-0.bpo.9-common_4.9.168-1+deb9u3~deb8u1_all.deb 9cd2cf6f7e92723a837ce0e7e589f286cac7f7b9 5742258 linux-headers-4.9.0-0.bpo.9-common-rt_4.9.168-1+deb9u3~deb8u1_all.deb 19511b7057315cd27c5bd23a762df9854ad1d712 11393516 linux-doc-4.9_4.9.168-1+deb9u3~deb8u1_all.deb 06dbf2d5808fc120372f068ffe14ef1f680ca08f 3237536 linux-manual-4.9_4.9.168-1+deb9u3~deb8u1_all.deb cd9ea559cd5a6062bcbbfd9da826f4abd0d7a1fe 684996 linux-support-4.9.0-0.bpo.9_4.9.168-1+deb9u3~deb8u1_all.deb af1677aa96bc90b67adc8729e3a717184fe4777e 96781578 linux-source-4.9_4.9.168-1+deb9u3~deb8u1_all.deb Checksums-Sha256: e68b439deb7530e8588edbdf7a1e73906723d3fe2b207cd2ad538f578a76cc01 15581 linux-4.9_4.9.168-1+deb9u3~deb8u1.dsc 0252d29694e827b92afbe19ee75a1125f1945c888323f0413d0a612024d050ea 2069000 linux-4.9_4.9.168-1+deb9u3~deb8u1.debian.tar.xz b7f7dc19bb3e811bc7daf1a5de4aec07e6113d9d93ed6318de4f2e3675894f59 7683610 linux-headers-4.9.0-0.bpo.9-common_4.9.168-1+deb9u3~deb8u1_all.deb 711f9243e736272790df81756657ce3160286a85b16ca8656fb6caa4cb272a22 5742258 linux-headers-4.9.0-0.bpo.9-common-rt_4.9.168-1+deb9u3~deb8u1_all.deb 19ade77521922fa411877198f19026493609a8c1fe30cf36b1fc2da9700e5c5d 11393516 linux-doc-4.9_4.9.168-1+deb9u3~deb8u1_all.deb 0048bb5339b09d3314c5c35bf1717d58531f90b46d37ba0abdd5640350488bde 3237536 linux-manual-4.9_4.9.168-1+deb9u3~deb8u1_all.deb 70ec575b1535173dfb8a6a231306964d316f25356e29386829160aa5b9d27a25 684996 linux-support-4.9.0-0.bpo.9_4.9.168-1+deb9u3~deb8u1_all.deb c8131b6b2bdb6505a2fb7dd83ea74b5217ec90a9f75693b3ef80892a6bfdc427 96781578 linux-source-4.9_4.9.168-1+deb9u3~deb8u1_all.deb Files: d62245af735e5542c562b7d4e1ab1dc4 15581 kernel optional linux-4.9_4.9.168-1+deb9u3~deb8u1.dsc 6cb15d5690fdf5e45bbae32f9ca00b3a 2069000 kernel optional linux-4.9_4.9.168-1+deb9u3~deb8u1.debian.tar.xz d5eb522d2ded4e395c7d7a0e3c4eda06 7683610 kernel optional linux-headers-4.9.0-0.bpo.9-common_4.9.168-1+deb9u3~deb8u1_all.deb f8919cfb604bc673b831c0af9ce9413d 5742258 kernel optional linux-headers-4.9.0-0.bpo.9-common-rt_4.9.168-1+deb9u3~deb8u1_all.deb 225f5e9a68617da767013924126e40ae 11393516 doc optional linux-doc-4.9_4.9.168-1+deb9u3~deb8u1_all.deb ecdf44c98133f2ed3ff4d4764f7e44bb 3237536 doc optional linux-manual-4.9_4.9.168-1+deb9u3~deb8u1_all.deb 648b548fd9f76edd508a35cd814b2a9e 684996 devel optional linux-support-4.9.0-0.bpo.9_4.9.168-1+deb9u3~deb8u1_all.deb 17a62fceaa666edd2b4c3ff9ade84d17 96781578 kernel optional linux-source-4.9_4.9.168-1+deb9u3~deb8u1_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAl0IL8AACgkQ57/I7JWG EQmPKQ//QUgTdTP9tKZAsNQIqSVDxtglKHLKbBeYM3sX5pd4dn76CPSaOMwwmEC0 ZIKo7FO2gNxPJc00bfQqof6yz9sDY/GPzqFw+OvlOL3W6aTYKZvUuEZlY31w6+T6 fGT0OSiFT9Q2/AQ+3M/JpN5dp9J2njSG4CFlisBYQMhLpmTBJG3g2REi48/7dgbU lcluRDe7FRErVOgOSI5RhpdmcQK1ntRs8+hkuqEBvi9PZLD5rUADIN9lFxAf1wiJ hEhL3o7QrIHGn3MGxlQxFE/+VEh+4uR+QmAn+5g+H4azwUbQTAl5p8+2ust9GOKO xnu1zkCvQo3TOJen2GegPFaSphEFLHSMY+uV95WnScnI0X3h3wtYGFgWkmHqL0m6 9XCXTyaQ5I6jHwQ2q/0NFH/JTeu9MivTTguxqyynEWPEymNQwl4q2UY3WAE5KDgY BqAxZGa95zbF/+H7LwQxXhaeDl5woIHhYebnheBIkMGRTaxoW45G/+e1YI/SLyFV ZNT8lYY/hfM0LD0Pn1fxAGAHyDQsSy0OYb3WUYSIqLGr32Z6S2DbO4k3sWdJb9EY qRgNeZA/6asfD8dtqoqWd/SJRqW4JjAUI3r8/i4m1BHh56D5BPjrUgdJuOY9+azH o9crUKrYM6xTQE0K1ms9Jo3kAW7tiQZcbn1akBDy5erCCV6B1Mo= =SFlJ -----END PGP SIGNATURE-----