Changelog
linux-2.6 (2.6.32-30) unstable; urgency=high
[ Ben Hutchings ] * mpt2sas: Fix incorrect scsi_dma_map error checking (Closes: #606968) * Update Spanish debconf template translation (Omar Campagne, Javier Fernández-Sanguino) (Really closes: #600694) * intel-iommu: Force-disable IOMMU for iGFX on broken Cantiga revisions (Closes: #607095) * [powerpc] linux-base: Run ybin after updating yaboot.conf (Closes: #607284) * tehuti: Firmware filename is tehuti/bdx.bin * iwlwifi: Reduce a failure-prone memory allocation (Closes: #599345) * linux-base: Look for GRUB 1 configuration in both /boot/grub and /boot/boot/grub (Closes: #607863) * rt28x0: Add ieee80211_regdom module parameter mimicking cfg80211 as a workaround for incorrect region code in NVRAM (Closes: #594561) * btrfs: Require CAP_SYS_ADMIN for filesystem rebalance (Closes: #608185) * [x86] dell-laptop: Enable for some newer Dell models * r8169: Change RTL8111D/RTL8168D initialisation and firmware loading to match upstream version (Closes: #596390 with firmware-realtek 0.28) * Add stable 2.6.32.28: - NFS: Fix panic after nfs_umount() - usb-storage/libusual: Add support for Samsung YP-CP3 MP4 Player, thanks to Vitaly Kuznetsov (Closes: #555835) - bfa: Fix system crash when reading sysfs fc_host statistics (CVE-2010-4343) - IB/uverbs: Handle large number of entries in poll CQ (CVE-2010-4649) - orinoco: Fix TKIP countermeasure behaviour (CVE-2010-4648) - mm: Add security_file_mmap check to install_special_mapping (CVE-2010-4346) - sctp: Fix a race between ICMP protocol unreachable and connect() (CVE-2010-4526) - hvc_console: Fix race between hvc_close and hvc_remove (CVE-2010-2653) (previously applied as an isolated fix in 2.6.32-25) - fuse/cuse: Verify ioctl retries (CVE-2010-4650) * [powerpc] Restore device tree source files to linux-image packages (Closes: #609155) [ maximilian attems ] * [openvz] Reenable NF_CONNTRACK_IPV6. (closes: #580507) * cifs: fix another memleak, in cifs_root_iget. * b43: Fix warning at drivers/mmc/core/core.c:237 in mmc_wait_for_cmd. * drm/radeon/kms: MC vram map needs to be >= pci aperture size. * drm/radeon/kms: make sure blit addr masks are 64 bit. * drm/radeon/kms: fix handling of tex lookup disable in cs checker on r2xx. * drm/i915: Free hardware status page on unload when physically mapped. * drm/i915/overlay: Ensure that the reg_bo is in the GTT prior to writing. * drm/radeon/kms/atom: set sane defaults in atombios_get_encoder_mode(). * drm/radeon/kms: fix typos in disabled vbios code. * drm/radeon/kms: add workaround for dce3 ddc line vbios bug. * drm/radeon/kms: fix interlaced and doublescan handling. * drm/i915/sdvo: Always add a 30ms delay to make SDVO TV detection reliable. * wireless: b43: fix error path in SDIO. * drm/radeon/kms: don't apply 7xx HDP flush workaround on AGP. [ Ian Campbell ] * xen: backport TTM patches to use PCI API. Fixes PCIe GPU (specifically Radeon and Nouveau) on Xen (Closes: #601341). * xen: netback: drop SKBs which are GSO but do not have a partial checksum set (Closes: #608144). [ dann frazier ] * exec: make argv/envp memory visible to oom-killer (CVE-2010-4243) * irda: Fix information leak in IRLMP_ENUMDEVICES (CVE-2010-4529) * af_unix: limit unix_tot_inflight (CVE-2010-4249) [ Moritz Muehlenhoff ] * net: ax25: fix information leak to userland (CVE-2010-3875) * net: packet: fix information leak to userland (CVE-2010-3876) * net: tipc: fix information leak to userland (CVE-2010-3877) * inet_diag: Make sure we actually run the same bytecode we audited (CVE-2010-3880) * econet: Fix crash in aun_incoming() (CVE-2010-4342) -- Ben Hutchings <email address hidden> Tue, 11 Jan 2011 05:42:11 +0000