Debian Stretch Openstack images changelog 9.0.1-20170620 Updates in 3 source package(s), 16 binary package(s): Source glibc, binaries: libc-bin:amd64 libc-l10n:amd64 libc6:amd64 locales:amd64 locales-all:amd64 multiarch-support:amd64 libc-bin:arm64 libc-l10n:arm64 libc6:arm64 locales:arm64 locales-all:arm64 multiarch-support:arm64 glibc (2.24-11+deb9u1) stretch-security; urgency=medium * debian/patches/any/local-CVE-2017-1000366-rtld-LD_AUDIT.diff, debian/patches/any/local-CVE-2017-1000366-rtld-LD_LIBRARY_PATH.diff, debian/patches/any/local-CVE-2017-1000366-rtld-LD_PRELOAD.diff: add patches to protect the dynamic linker against stack clashes (CVE-2017-1000366). * debian/patches/any/cvs-vectorized-strcspn-guards.diff: patch backported from upstream to allow usage of strcspn in ld.so. * debian/patches/any/cvs-hwcap-AT_SECURE.diff: patch backported from upstream to disable HWCAP for AT_SECURE programs. Source gnutls28, binaries: libgnutls30:amd64 libgnutls30:arm64 gnutls28 (3.5.8-5+deb9u1) stretch-security; urgency=high * 36_CVE-2017-7507_*.patch: Pulled from 3.5.13, fix crash upon receiving well-formed status_request extension. GNUTLS-SA-2017-4/CVE-2017-7507 Closes: #864560 * Upload is identical to 3.5.8-6 except for the version number. Source linux, binaries: linux-image-4.9.0-3-amd64:amd64 linux-image-4.9.0-3-arm64:arm64 linux (4.9.30-2+deb9u1) stretch-security; urgency=high * mm: enlarge stack guard gap (CVE-2017-1000364) * mm: allow to configure stack gap size * mm, proc: cap the stack gap for unpopulated growing vmas * mm, proc: drop priv parameter from is_stack * mm: do not collapse stack gap into THP * fold me "mm: allow to configure stack gap size" -- Steve McIntyre <93sam@debian.org> Tue, 20 Jun 2017 20:57:28 +0100 9.0.0-20170617 First build for 9.0.0 release -- Steve McIntyre <93sam@debian.org> Sun, 18 Jun 2017 00:34:02 +0100