[pve-devel] applied: [PATCH kernel 0/3] fix CVE-2017-6074, revert 4.4.44 update
Fabian Grünbichler
f.gruenbichler at proxmox.com
Thu Feb 23 18:53:15 CET 2017
seems like there is some yet-to-triage bug in the 4.4.40->4.4.44 kernel
commits which leads to failing windows live migrations.
revert the update for now, and instead roll out the CVE-2017-6074 fix on
top of the already publicly released 4.4.40 packages.
upgrade to 4.4.44 (or later) will wait until the live migration issue
is further narrowed down and fixed.
Fabian Grünbichler (3):
Revert broken 4.4.44 commits
fix CVE-2017-6074: local root in dccp module
bump version to 4.4.40-82
changelog.Debian | 12 +-
changelog.firmware | 6 -
proxmox-ve/changelog.Debian | 8 -
Makefile | 17 +-
...hrottle-on-IO-only-when-there-are-too-man.patch | 118 +++
0002-Revert-mm-oom-rework-oom-detection.patch | 255 +++++
...x86-fix-emulation-of-MOV-SS-null-selector.patch | 107 +++
...reeing-skb-too-early-for-IPV6_RECVPKTINFO.patch | 58 ++
drbd-9.0.5-1.tar.gz | Bin 0 -> 390720 bytes
drbd-9.0.6-1.tar.gz | Bin 394082 -> 0 bytes
fwlist-4.4.44-1-pve | 1016 --------------------
ubuntu-xenial.tgz | Bin 146076086 -> 145945176 bytes
12 files changed, 551 insertions(+), 1046 deletions(-)
create mode 100644 0001-Revert-mm-throttle-on-IO-only-when-there-are-too-man.patch
create mode 100644 0002-Revert-mm-oom-rework-oom-detection.patch
create mode 100644 CVE-2017-2583-KVM-x86-fix-emulation-of-MOV-SS-null-selector.patch
create mode 100644 CVE-2017-6074-dccp-fix-freeing-skb-too-early-for-IPV6_RECVPKTINFO.patch
create mode 100644 drbd-9.0.5-1.tar.gz
delete mode 100644 drbd-9.0.6-1.tar.gz
delete mode 100644 fwlist-4.4.44-1-pve
--
2.1.4
More information about the pve-devel
mailing list