Bug#639425: Changes from longterm 126.96.36.199
3291002 ASoC: Fix Blackfin I2S _pointer() implementation return in bounds values
No effect; architecture is not supported in Debian.
46905de v4l2-ioctl.c: prefill tuner type for g_frequency and g/s_tuner
f89e20d pvrusb2: fix g/s_tuner support
5c47b59 bttv: fix s_tuner for radio
Fixes radio/TV tuning for some V4L2 drivers and applications.
c3c239c gro: Only reset frag0 when skb can be pulled
Fixes remote denial of service (CVE-2011-2723); will be included in
809eb66 NFSv4.1: update nfs4_fattr_bitmap_maxsz
Fixes crash (BUG) in normal use; could also be remote denial of service.
a05061d SUNRPC: Fix a race between work-queue and rpc_killall_tasks
Reduces race condition that I think could lead to a crash or hang.
(I don't believe it completely fixes it, though.)
5bba1fc SUNRPC: Fix use of static variable in rpcb_getport_async
Actually fixes a race condition that can lead to a crash, data
corruption or other excitement.
abcd4aa si4713-i2c: avoid potential buffer overflow on si4713
Fixes trivial buffer overflow in this radio driver. We do build it, but
it isn't auto-loaded and it looks unlikely to be used on any supported
166d832 hwmon: (max1111) Fix race condition causing NULL pointer exception
Fixes crash (oops) in normal use; could also be local denial of service.
90d769e bridge: send proper message_age in config BPDU
Fixes bug that breaks STP and can lead to network instability through a
49d571c davinci: DM365 EVM: fix video input mux bits
No effect; platform is not supported in Debian.
3da5a14 libata: fix unexpectedly frozen port after ata_eh_reset()
Fixes bug which can prevent recognition of a hot-added SATA device.
9d8970f x86: Make Dell Latitude E5420 use reboot=pci
Fixes hang on reboot on this model.
741172e USB: pl2303: add AdLink ND-6530 USB IDs
99d7470 USB: pl2303.h: checkpatch cleanups
82b6e85 USB: serial: add IDs for WinChipHead USB->RS232 adapter
Adds hardware support. (Second patch is just whitespace changes,
cherry-picked to avoid a conflict.)
51faabb staging: comedi: fix infoleak to userspace
Trivial security fix.
6691c4c USB: OHCI: fix another regression for NVIDIA controllers
262e2d9 usb: musb: restore INDEX register in resume path
No effect; platforms are not supported in Debian.
b43906b USB: dummy-hcd needs the has_tt flag
Not built in Debian, and is only a driver development tool.
122c9c8 ARM: pxa/cm-x300: fix V3020 RTC functionality
No effect; platform is not supported in Debian.
3cd0374 jme: Fix unmap error (Causing system freeze)
Fixes resource leak in this network driver, in some configurations.
da22907 libsas: remove expander from dev list on error
Fixes crash (oops) following error in SAS device discovery.
eaf507e mac80211: Restart STA timers only on associated state
Fixes possible crash (panic) on resume for most wireless network
e766b12 Blacklist Traxdata CDR4120 and IOMEGA Zip drive to avoid lock ups.
Fixes SCSI bus lock-up if one of these devices is present.
2dee323 ses: requesting a fault indication
Fixes activation of fault indicator on SCSI enclosures that support
8d85804 pmcraid: reject negative request size
Fixes possible memory corruption or OOM when an invalid ioctl on this
driver. Not a major security vulnerability, as CAP_SYS_ADMIN is
1932c74 kexec, x86: Fix incorrect jump back address if not preserving context
Appears to fix likely crash when kexec is used on x86 and the new kernel
has KEXEC_JUMP enabled. This is not enabled in official kernels.
1b7fbaa powerpc/kdump: Fix timeout in crash_kexec_wait_realmode
Fixes possible hang in crash recovery in a powerpc kernel built with
CRASH_DUMP. This is not enabled in official kernels.
3300911 PCI: ARI is a PCIe v2 feature
Fixes misconfiguration of PCIe bridges for use with some devices, which
can lead to a hard hang, panic or other nastiness.
78a4ddf cciss: do not attempt to read from a write-only register
Fixes hang (?) when this RAID driver is used with some newer variants of
the RAID controllers it supports.
b259a3c xtensa: prevent arbitrary read in ptrace
No effect; Debian doesn't support this architecture.
98aea90 ext3: Fix oops in ext3_try_to_allocate_with_rsv()
Fixes race condition leading to memory corruption and/or crash. May be
exploitable as a local denial-of-service.
8a8b5c1 svcrpc: fix list-corrupting race on nfsd shutdown
108786a EHCI: only power off port if over-current is active
Fixes endless power-cycling loop with some implementations of this USB
38e6bb7 EHCI: fix direction handling for interrupt data toggles
Fixes compatibility with certain USB devices with strange behaviour.
cb81593 powerpc/pseries/hvconsole: Fix dropped console output
4534a8b x86: Hpet: Avoid the comparator readback penalty
Prerequisite for the next patch. Removes one MMIO read when setting the
436aa5f x86: HPET: Chose a paranoid safe value for the ETIME check
Fixes long pauses on some AMD systems.
0d5c452 Revert "block: rescan partitions on invalidated devices on -ENOMEDIA too"
Fixes regression in 188.8.131.52.
223c7f0 cifs: clean up cifs_find_smb_ses (try #2)
eda9d27 cifs: fix NULL pointer dereference in cifs_find_smb_ses
39371f2 cifs: check for NULL session password
Fix session reuse issue (CVE-2011-1585); already included in
7606088 gre: fix netns vs proto registration ordering
Fixes remote denial-of-service (CVE-2011-1767); already included in
0515423 netns xfrm: fixup xfrm6_tunnel error propagation
Fixes error return value from module init function. Doesn't seem
particularly important, but does seem safe.
35ed3d0 tunnels: fix netns vs proto registration ordering
Fixes remote denial-of-service (CVE-2011-1768); already included in
2beffeb alpha: fix several security issues
Fixes information leak and privilege escalation bugs on this
architecture. (CVE-2011-2208, CVE-2011-2209, CVE-2011-2210,
fc10e55 proc: restrict access to /proc/PID/io
Fixes information leak (CVE-2011-1020); will be included in
67b0a84 ALSA: sound/core/pcm_compat.c: adjust array index
Fixes local denial of service or possible privilege escalation in compat
ioctl handling (32-bit process on 64-bit kernel) for sound devices.
c72ff34 dm mpath: fix potential NULL pointer in feature arg processing
Fixes crash (oops) when this device driver is given an invalid
3d24761 dm: fix idr leak on module removal
Fixes memory leak, though I don't believe real users will remove this
bb30b19 perf: overflow/perf_count_sw_cpu_clock crashes recent kernels
Fixes potential deadlock; might be a local denial of service
58e6859 atm: [br2684] allow routed mode operation again
Fixes breakage of this feature in 2.6.30.