* [ANNOUNCE] Release v4.4.302-cip73
@ 2023-03-13 16:04 Ulrich Hecht
2023-03-24 6:10 ` [cip-dev] " nobuhiro1.iwamatsu
0 siblings, 1 reply; 2+ messages in thread
From: Ulrich Hecht @ 2023-03-13 16:04 UTC (permalink / raw)
To: cip-dev
Cc: pavel, jan.kiszka, masami.ichikawa, chris.paterson2, nobuhiro1.iwamatsu
[ANNOUNCE] Release v4.4.302-cip73
Hi,
the CIP kernel team has released Linux kernel v4.4.302-cip73. The linux-4.4.y-cip tree's base version has been updated to v4.4-st38.
You can get this release via the git tree at:
v4.4.302-cip73:
repository:
https://git.kernel.org/pub/scm/linux/kernel/git/cip/linux-cip.git
branch:
linux-4.4.y-cip
commit hash:
b58e18a67ac192c595acdaf67c2e666bf0433787
Fixed CVEs:
CVE-2022-47929: In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdisc_graft in net/sched/sch_api.c.
CVE-2023-0045: Bypassing Spectre-BTI User Space Mitigations
CVE-2023-0394: ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
CVE-2023-1073: HID: check empty report_list in hid_validate_values()
CVE-2023-1074: sctp: fail if no bound addresses can be used for a given scope
CVE-2023-23455: net: sched: atm: dont intepret cls results when asked to drop
CVE-2023-23559: rndis_wlan: Prevent buffer overflow in rndis_query_oid
CVE-2023-26545: net: mpls: fix stale pointer if allocation fails during device rename
Best regards,
Ulrich Hecht
^ permalink raw reply [flat|nested] 2+ messages in thread
* RE: [cip-dev] [ANNOUNCE] Release v4.4.302-cip73
2023-03-13 16:04 [ANNOUNCE] Release v4.4.302-cip73 Ulrich Hecht
@ 2023-03-24 6:10 ` nobuhiro1.iwamatsu
0 siblings, 0 replies; 2+ messages in thread
From: nobuhiro1.iwamatsu @ 2023-03-24 6:10 UTC (permalink / raw)
To: cip-dev; +Cc: pavel, jan.kiszka, masami.ichikawa, chris.paterson2
Hi Uli,
Could you update linux-4.4.y-cip-rebase tree?
https://git.kernel.org/pub/scm/linux/kernel/git/cip/linux-cip.git/log/?h=linux-4.4.y-cip-rebase
This tree manages the -cip tree source code rebased from v4.4.y. This time we need to rebase from v4.4-st38.
Best regards,
Nobuhiro
> -----Original Message-----
> From: cip-dev@lists.cip-project.org <cip-dev@lists.cip-project.org> On
> Behalf Of Ulrich Hecht
> Sent: Tuesday, March 14, 2023 1:05 AM
> To: cip-dev@lists.cip-project.org
> Cc: pavel@denx.de; jan.kiszka@siemens.com;
> masami.ichikawa@cybertrust.co.jp; chris.paterson2@renesas.com; iwamatsu
> nobuhiro(岩松 信洋 □SWC◯ACT)
> <nobuhiro1.iwamatsu@toshiba.co.jp>
> Subject: [cip-dev] [ANNOUNCE] Release v4.4.302-cip73
>
> [ANNOUNCE] Release v4.4.302-cip73
>
> Hi,
>
> the CIP kernel team has released Linux kernel v4.4.302-cip73. The
> linux-4.4.y-cip tree's base version has been updated to v4.4-st38.
>
> You can get this release via the git tree at:
>
> v4.4.302-cip73:
> repository:
> https://git.kernel.org/pub/scm/linux/kernel/git/cip/linux-cip.git
> branch:
> linux-4.4.y-cip
> commit hash:
> b58e18a67ac192c595acdaf67c2e666bf0433787
> Fixed CVEs:
> CVE-2022-47929: In the Linux kernel before 6.1.6, a NULL pointer
> dereference bug in the traffic control subsystem allows an unprivileged user to
> trigger a denial of service (system crash) via a crafted traffic control
> configuration that is set up with "tc qdisc" and "tc class" commands. This
> affects qdisc_graft in net/sched/sch_api.c.
> CVE-2023-0045: Bypassing Spectre-BTI User Space Mitigations
> CVE-2023-0394: ipv6: raw: Deduct extension header length in
> rawv6_push_pending_frames
> CVE-2023-1073: HID: check empty report_list in hid_validate_values()
> CVE-2023-1074: sctp: fail if no bound addresses can be used for a given
> scope
> CVE-2023-23455: net: sched: atm: dont intepret cls results when asked
> to drop
> CVE-2023-23559: rndis_wlan: Prevent buffer overflow in
> rndis_query_oid
> CVE-2023-26545: net: mpls: fix stale pointer if allocation fails during
> device rename
>
> Best regards,
> Ulrich Hecht
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-03-24 6:10 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-03-13 16:04 [ANNOUNCE] Release v4.4.302-cip73 Ulrich Hecht
2023-03-24 6:10 ` [cip-dev] " nobuhiro1.iwamatsu
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).