The Linux kernel was updated to fix various bugs and security issues:
- mm/page-writeback.c: do not count anon pages as dirtyable memory
(reclaim stalls).
- mm/page-writeback.c: fix dirty_balance_reserve subtraction
from dirtyable memory (reclaim stalls).
- compat_sys_recvmmsg X32 fix (bnc#860993 CVE-2014-0038).
- hwmon: (coretemp) Fix truncated name of alarm attributes
- net: fib: fib6_add: fix potential NULL pointer dereference
(bnc#854173 CVE-2013-6431).
- keys: fix race with concurrent install_user_keyrings()
(bnc#808358)(CVE-2013-1792).
- KVM: x86: Convert vapic synchronization to _cached functions
(CVE-2013-6368) (bnc#853052 CVE-2013-6368).
- wireless: radiotap: fix parsing buffer overrun (bnc#854634
CVE-2013-7027).
- KVM: x86: fix guest-initiated crash with x2apic (CVE-2013-6376)
(bnc#853053 CVE-2013-6376).
- KVM: x86: Fix potential divide by 0 in lapic (CVE-2013-6367)
(bnc#853051 CVE-2013-6367).
- KVM: Improve create VCPU parameter (CVE-2013-4587) (bnc#853050
CVE-2013-4587).
- staging: ozwpan: prevent overflow in oz_cdev_write() (bnc#849023
CVE-2013-4513).
- perf/x86: Fix offcore_rsp valid mask for SNB/IVB (bnc#825006).
- perf/x86: Add Intel IvyBridge event scheduling constraints
(bnc#825006).
- libertas: potential oops in debugfs (bnc#852559 CVE-2013-6378).
- aacraid: prevent invalid pointer dereference (bnc#852373
CVE-2013-6380).
- staging: wlags49_h2: buffer overflow setting station name
(bnc#849029 CVE-2013-4514).
- net: flow_dissector: fail on evil iph->ihl (bnc#848079
CVE-2013-4348).
- Staging: bcm: info leak in ioctl (bnc#849034 CVE-2013-4515).
- Refresh
patches.fixes/net-rework-recvmsg-handler-msg_name-and-msg_namelen-logic.patch.
- ipv6: remove max_addresses check from ipv6_create_tempaddr
(bnc#805226, CVE-2013-0343).
- net: rework recvmsg handler msg_name and msg_namelen logic
(bnc#854722).
- crypto: ansi_cprng - Fix off by one error in non-block size
request (bnc#840226).
- x6: Fix reserve_initrd so that acpi_initrd_override is reached
(bnc#831836).
- Refresh other Xen patches.
- aacraid: missing capable() check in compat ioctl (bnc#852558).
- patches.fixes/gpio-ich-fix-ichx_gpio_check_available-return.patch: Update upstream reference
- perf/ftrace: Fix paranoid level for enabling function tracer
(bnc#849362).
- xhci: fix null pointer dereference on
ring_doorbell_for_active_rings (bnc#848255).
- xhci: Fix oops happening after address device timeout
(bnc#848255).
- xhci: Ensure a command structure points to the correct trb on
the command ring (bnc#848255).
- patches.arch/iommu-vt-d-remove-stack-trace-from-broken-irq-remapping-warning.patch:
Update upstream reference.
- Allow NFSv4 username mapping to work properly (bnc#838024).
- Refresh btrfs attribute publishing patchset to match openSUSE-13.1
No user-visible changes, but uses kobj_sysfs_ops and better kobject
lifetime management.
- Fix a few incorrectly checked [io_]remap_pfn_range() calls
(bnc#849021, CVE-2013-4511).
- drm/radeon: don't set hpd, afmt interrupts when interrupts
are disabled.
- patches.fixes/cifs-fill-TRANS2_QUERY_FILE_INFO-ByteCount-fields.patch:
Fix TRANS2_QUERY_FILE_INFO ByteCount fields (bnc#804950).
- iommu: Remove stack trace from broken irq remapping warning
(bnc#844513).
- Disable patches related to bnc#840656
patches.suse/btrfs-cleanup-don-t-check-the-same-thing-twice
patches.suse/btrfs-0220-fix-for-patch-cleanup-don-t-check-the-same-thi.patch
- btrfs: use feature attribute names to print better error
messages.
- btrfs: add ability to change features via sysfs.
- btrfs: add publishing of unknown features in sysfs.
- btrfs: publish per-super features to sysfs.
- btrfs: add per-super attributes to sysfs.
- btrfs: export supported featured to sysfs.
- kobject: introduce kobj_completion.
- btrfs: add ioctls to query/change feature bits online.
- btrfs: use btrfs_commit_transaction when setting fslabel.
- x86/iommu/vt-d: Expand interrupt remapping quirk to cover x58
chipset (bnc#844513).
- NFSv4: Fix issues in nfs4_discover_server_trunking (bnc#811746).
- iommu/vt-d: add quirk for broken interrupt remapping on 55XX
chipsets (bnc#844513).
- Submitted by Marcus Meissner (msmeissn)
- Reboot is suggested