The yakkety master-next tree tagged Ubuntu-4.8.0-31.33 contains git commit 13119e8d911cd268a57012717874f8ab0f42c252 (upstream commit http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5d41ce29e3b91ef305f88d23f72b3359de329cec ). This is considered to have introduced CVE-2016-9919 (see http://www.openwall.com/lists/oss-security/2016/12/08/16 ), a remote denial of service for hosts that use ipv6.
Upstream commit http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79dc7e3f1cd323be4c81aa1a94faa1b3ed987fb2 addresses the issue.
Since the issue only affects the yakkety-proposed kernel, we should not release this kernel with this vulnerability intact.
The yakkety master-next tree tagged Ubuntu-4.8.0-31.33 contains git commit 13119e8d911cd26 8a57012717874f8 ab0f42c252 (upstream commit http:// git.kernel. org/cgit/ linux/kernel/ git/torvalds/ linux.git/ commit/ ?id=5d41ce29e3b 91ef305f88d23f7 2b3359de329cec ). This is considered to have introduced CVE-2016-9919 (see http:// www.openwall. com/lists/ oss-security/ 2016/12/ 08/16 ), a remote denial of service for hosts that use ipv6.
Upstream commit http:// git.kernel. org/cgit/ linux/kernel/ git/torvalds/ linux.git/ commit/ ?id=79dc7e3f1cd 323be4c81aa1a94 faa1b3ed987fb2 addresses the issue.
Since the issue only affects the yakkety-proposed kernel, we should not release this kernel with this vulnerability intact.