Comment 1 Quality Assurance 2018-10-04 16:00:47 CEST

--- mirror/ftp/4.2/unmaintained/4.2-5/source/linux-4.9_4.9.110-3+deb9u4~deb8u1.dsc
+++ apt/ucs_4.2-0-errata4.2-5/source/linux-4.9_4.9.110-3+deb9u5~deb8u1.dsc
@@ -1,3 +1,41 @@
+4.9.110-3+deb9u5~deb8u1 [Wed, 03 Oct 2018 05:27:59 +0100] Ben Hutchings <ben@decadent.org.uk>:
+
+  * Backport to jessie; no further changes required
+
+4.9.110-3+deb9u5 [Sun, 30 Sep 2018 17:37:51 +0100] Ben Hutchings <ben@decadent.org.uk>:
+
+  [ Salvatore Bonaccorso ]
+  * irda: Fix memory leak caused by repeated binds of irda socket
+    (CVE-2018-6554)
+  * irda: Only insert new objects into the global database via setsockopt
+    (CVE-2018-6555)
+  * mm: get rid of vmacache_flush_all() entirely (CVE-2018-17182)
+  * floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl
+    (CVE-2018-7755)
+  * Bluetooth: hidp: buffer overflow in hidp_process_report (CVE-2018-9363)
+  * ALSA: rawmidi: Change resized buffers atomically (CVE-2018-10902)
+  * scsi: target: iscsi: Use hex2bin instead of a re-implementation
+    (CVE-2018-14633)
+  * [x86] entry/64: Remove %ebx handling from error_entry/exit
+    (CVE-2018-14678)
+  * infiniband: fix a possible use-after-free bug (CVE-2018-14734)
+  * [x86] speculation: Protect against userspace-userspace spectreRSB
+    (CVE-2018-15572)
+  * [x86] paravirt: Fix spectre-v2 mitigations for paravirt guests
+    (CVE-2018-15594)
+
+  [ Ben Hutchings ]
+  * mm: Avoid ABI change for CVE-2018-17182 fix
+  * HID: debug: check length before copy_to_user() (CVE-2018-9516)
+  * Cipso: cipso_v4_optptr enter infinite loop (CVE-2018-10938)
+  * f2fs: fix to do sanity check with reserved blkaddr of inline inode
+    (CVE-2018-13099)
+  * btrfs: relocation: Only remove reloc rb_trees if reloc control has been
+    initialized (CVE-2018-14609)
+  * hfsplus: fix NULL dereference in hfsplus_lookup() (CVE-2018-14617)
+  * USB: yurex: fix out-of-bounds uaccess in read handler (CVE-2018-16276)
+  * cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (CVE-2018-16658)
+
 4.9.110-3+deb9u4~deb8u1 [Fri, 24 Aug 2018 05:35:55 +0100] Ben Hutchings <ben@decadent.org.uk>:
 
   * Backport to jessie:

<http://10.200.17.11/4.2-5/#4892036252960162822>

Comment 2 Philipp Hahn 2019-01-10 16:28:07 CET

r18396 | Bug #47905: linux-4.9.110+148
r18397 | Bug #47905: linux-4.9.110+148
r18403 | Bug #47905: linux-4.9.110+149

Package: linux-4.9
Version: 4.9.110-3+deb9u5~deb8u1A~4.2.0.201901100845
Branch: ucs_4.2-0
Scope: errata4.2-5

Comment 3 Philipp Hahn 2019-01-14 10:37:50 CET

r18405 | Bug #47905: linux-4.9.110+150

Comment 4 Philipp Hahn 2019-01-14 17:30:13 CET

v4.9.122 - v4.9.150:
    fork: record start_time late (CVE-2019-6133)
    use-after-free detected in ext4_xattr_set_entry with a crafted file (CVE-2018-10879)
    Use-after-free in the vmacache_flush_all function resulting in a possible privilege escalation (CVE-2018-17182)
    Information exposure in fd_locked_ioctl function in drivers/block/floppy.c (CVE-2018-7755)
    use-after-free Read in vhost_transport_send_pkt (CVE-2018-14625)
    filesystem corruption due to an unchecked error condition during an xfs attribute change (CVE-2018-18690)
    irda: use-after-free vulnerability in the hashbin list (CVE-2018-6555)
    infinite loop in net/ipv4/cipso_ipv4.c:cipso_v4_optptr() allows for DoS (CVE-2018-10938)
    stack-based buffer overflow in chap_server_compute_md5() in iscsi target (CVE-2018-14633)
    Uninitialized state in x86 PV failsafe callback path (XSA-274, CVE-2018-14678)
    stack-out-of-bounds write in jbd2_journal_dirty_metadata function (CVE-2018-10883)
    Use-after-free in drivers/android/binder.c (CVE-2018-9465)
    net: xen: Linux netback driver OOB access in hash handling (XSA-270, CVE-2018-15471)
    Mishandled size checks during the reading of an extra descriptor (CVE-2018-20169)
    Stack-based buffer overflow in drivers/scsi/sr_ioctl.c allows denial of service or other unspecified impact (CVE-2018-11506)
    cephx protocol is vulnerable to replay attack (CVE-2018-1128)
    cleancache: Infoleak of deleted files after reuse of old inodes (CVE-2018-16862)
    Unprivileged users able to inspect kernel stacks of arbitrary tasks (CVE-2018-17972)
    stack-out-of-bounds write in ext4_update_inline_data function (CVE-2018-10880)
    Privilege escalation on arm64 via KVM hypervisor (CVE-2018-18021)
    Null pointer dereference in fs/f2fs/segment.c via mounting fs with noflush_merge option allows local denial of service (CVE-2017-18241)
    a bug in ip_frag_reasm() can cause a crash in ip_do_fragment() (CVE-2018-14641)
    cephx uses weak signatures (CVE-2018-1129)
    TLB flush happens too late on mremap (CVE-2018-18281)
    Information leak in cdrom_ioctl_drive_status (CVE-2018-16658)
    Information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c (CVE-2018-18710)
    Race condition in fs/f2fs/node.c:add_free_nid() function allows local users to cause denial of service (CVE-2017-18249)
    buffer overflow in drivers/net/wireless/ath/wil6210/wmi.c:wmi_set_ie() may lead to memory corruption (CVE-2018-5848)
    irda: Memory leak caused by repeated binds of irda socket (CVE-2018-6554)
FYI: I tried to match the git commits from 4.9 to the upstream git commits to a list of CVE entries. After that I removed all those entries already fixed by previous UCS errata releases. The list might miss some CVEs.

[4.2-5] cf2c910f37 Bug #47905: Update to linux-4.9.110-3+deb9u5~deb8u1A~4.2.0.2019011410370-ucs110
 .../debian/changelog                               |   6 ++++++
 .../vmlinuz-4.9.0-ucs110-amd64.efi.signed          | Bin 4099056 -> 4106320 bytes
 2 files changed, 6 insertions(+)

Package: univention-kernel-image-signed
Version: 3.0.2-33A~4.2.0.201901141603
Branch: ucs_4.2-0
Scope: errata4.2-5

[4.2-5] 8f9e2e84f7 Bug #47905: linux-4.9 4.9.110-3+deb9u5~deb8u1A~4.2.0.201901141037
 doc/errata/staging/linux-4.9.yaml                  |  69 +++++++++++--
 .../staging/univention-kernel-image-signed.yaml    | 109 +++++++++++++++++++++
 2 files changed, 172 insertions(+), 6 deletions(-)

OK: amd64 @ kvm + OVMF+SB
OK: amd64 @ kvm + SeaBIOS
OK: uname -a # Linux master42 4.9.0-ucs110-amd64 #1 SMP Debian 4.9.110-3+deb9u5~deb8u1A~4.2.0.201901141037 (2019- x86_64 GNU/Linux
OK: i386 @ kvm + SeaBIOS
OK: Linux qa31-ucs42 4.9.0-ucs110-686-pae #1 SMP Debian 4.9.110-3+deb9u5~deb8u1A~4.2.0.201901141037 (2019- i686 GNU/Linux

Comment 5 Philipp Hahn 2019-01-30 18:29:15 CET

r18411 | Bug #47905: linux-4.9.110+152
 CVE-2019-3701
r18418 | Bug #47905: linux-4.9.110+153

Package: linux-4.9
Version: 4.9.110-3+deb9u5~deb8u1A~4.2.0.201901280853
Branch: ucs_4.2-0
Scope: errata4.2-5

Comment 6 Philipp Hahn 2019-02-15 16:11:57 CET

r18411 | Bug #47905: linux-4.9.110+152
r18418 | Bug #47905: linux-4.9.110+153
r18440 | Bug #47905: linux-4.9.110+156
r18472 | Bug #47905: linux-4.9.110+158

Package: linux-4.9
Version: 4.9.110-3+deb9u5~deb8u1A~4.2.0.201902151158
Branch: ucs_4.2-0
Scope: errata4.2-5

CVE-2019-3819 4.9.157
CVE-2019-7222 4.9.156
CVE-2019-7221 4.9.156
CVE-2019-6974 4.9.156
CVE-2019-3701 4.9.152
CVE-2018-16884 4.9.151

[4.2-5] ce58c18639 Bug #47905: Update to linux-4.9.110-3+deb9u5~deb8u1A~4.2.0.201902151158-ucs110
 .../debian/changelog                               |   7 +++++++
 .../vmlinuz-4.9.0-ucs110-amd64.efi.signed          | Bin 4106320 -> 4113552 bytes
 2 files changed, 7 insertions(+)

Package: univention-kernel-image-signed
Version: 3.0.2-34A~4.2.0.201902151531
Branch: ucs_4.2-0
Scope: errata4.2-5

[4.2-5] 598d3b5a35 Bug #47905: univention-kernel-image-signed 3.0.2-34A~4.2.0.201902151531 Bug #47905: linux-4.9 4.9.110-3+deb9u5~deb8u1A~4.2.0.201902151158
 doc/errata/staging/linux-4.9.yaml                      | 17 ++++++++++++++++-
 doc/errata/staging/univention-kernel-image-signed.yaml | 17 ++++++++++++++++-
 2 files changed, 32 insertions(+), 2 deletions(-)

OK: uname -rv
  OLD: 4.9.0-ucs110-amd64 #1 SMP Debian 4.9.110-3+deb9u5~deb8u1A~4.2.0.201901141037 (2019-
  NEW: 4.9.0-ucs110-amd64 #1 SMP Debian 4.9.110-3+deb9u5~deb8u1A~4.2.0.201902151158 (2019-
OK: sed -ne 3p /boot/config-`uname -r` # Linux/x86 4.9.158 Kernel Configuration
OK: cat /sys/kernel/security/securelevel
OK: amd64 @ kvm + OVMF+SB
OK: amd64 @ kvm + SeaBIOS
OK: i386 @ kvm + SeaBIOS

Comment 7 Philipp Hahn 2019-02-21 10:59:36 CET

r18491 | Bug #47905: linux-4.9.110+159
r18492 | Bug #47905: linux-4.9.110+159

Package: linux-4.9
Version: 4.9.110-3+deb9u5~deb8u1A~4.2.0.201902201318
Branch: ucs_4.2-0-errata4.2-5
Scope: errata4.2-5

[4.2-5] daf0f8694f Bug #47905: Update to linux-4.9.110-3+deb9u5~deb8u1A~4.2.0.201902201318-ucs110
 .../debian/changelog                               |   7 +++++++
 .../vmlinuz-4.9.0-ucs110-amd64.efi.signed          | Bin 4113552 -> 4113232 bytes
 2 files changed, 7 insertions(+)

Package: univention-kernel-image-signed
Version: 3.0.2-35A~4.2.0.201902210903
Branch: ucs_4.2-0
Scope: errata4.2-5

[4.2-5] ffead1ec3e Bug #47905: univention-kernel-image-signed 3.0.2-35A~4.2.0.201902210903 Bug #47905: linux-4.9 4.9.110-3+deb9u5~deb8u1A~4.2.0.201902201318
 doc/errata/staging/linux-4.9.yaml                      | 5 ++++-
 doc/errata/staging/univention-kernel-image-signed.yaml | 5 ++++-
 2 files changed, 8 insertions(+), 2 deletions(-)

OK: diff <(./linux-dmesg-norm 4.9.158) <(./linux-dmesg-norm 4.9.159)
OK: cat /sys/kernel/security/securelevel
OK: amd64 @ kvm + OVMF+SB
OK: amd64 @ kvm + SeaBIOS
OK: i386 @ kvm + SeaBIOS

Comment 8 Philipp Hahn 2019-02-21 15:12:06 CET

Several issues were already fixed by <http://errata.software-univention.de/ucs/4.2/494.html> (Bug #47063, 4.9.89→122) but were not attributed correctly in that erratum. Debian now performs 4.9.40→110 plus selected fixes including
CVE-2018-9363  v4.9.121~3
CVE-2018-9516  v4.9.112~14
CVE-2018-10902 v4.9.115~24
CVE-2018-15572 v4.9.120~90
CVE-2018-15594 v4.9.120~91
CVE-2018-16276 v4.9.113~19
so they are listed in comment #1 as being fixed now, but our previous 122 already fixed them. I include them here anyway so those issues are documented as fixed and are searchable by web-crawlers.

The following issues were missing in the YAML file:
CVE-2018-3639  v4.9.144~43
CVE-2018-5391  v4.9.134~29..v4.9.134~3
CVE-2018-7740  v4.9.144~39
CVE-2018-12896 v4.9.136~1
CVE-2018-13053 v4.9.131~70
CVE-2018-13096 v4.9.144~8
CVE-2018-13097 v4.9.144~10
CVE-2018-13099 v4.9.128~21
CVE-2018-13100 v4.9.144~11
CVE-2018-14610 v4.9.144~23
CVE-2018-14611 v4.9.144~38
CVE-2018-14612 v4.9.144~24
CVE-2018-14613 v4.9.144~25
CVE-2018-14614 v4.9.144~3
CVE-2018-14616 v4.9.144~5
CVE-2018-19407 v4.9.143~30
CVE-2018-19824 v4.9.145~28
CVE-2018-19985 v4.9.148~19
CVE-2018-20511 v4.9.130~24

[4.2-5] ef01e375ea Bug #47905: univention-kernel-image-signed 3.0.2-35A~4.2.0.201902210903 Bug #47905: linux-4.9 4.9.110-3+deb9u5~deb8u1A~4.2.0.201902201318
 doc/errata/staging/linux-4.9.yaml                  | 51 +++++++++++++++++++++-
 .../staging/univention-kernel-image-signed.yaml    | 51 +++++++++++++++++++++-
 2 files changed, 100 insertions(+), 2 deletions(-)

Comment 9 Philipp Hahn 2019-02-25 11:07:33 CET

r18493 | Bug #47905: linux-4.9.110+160

Package: linux-4.9
Version: 4.9.110-3+deb9u5~deb8u1A~4.2.0.201902251106
Branch: ucs_4.2-0
Scope: errata4.2-5

Comment 10 Philipp Hahn 2019-02-25 15:29:04 CET

[4.2-5] 2e6f39f8aa Bug #47905: Update to linux-4.9.110-3+deb9u5~deb8u1A~4.2.0.201902251106-ucs110
 .../debian/changelog                               |   7 +++++++
 .../vmlinuz-4.9.0-ucs110-amd64.efi.signed          | Bin 4113232 -> 4104464 bytes
 2 files changed, 7 insertions(+)

Package: univention-kernel-image-signed
Version: 3.0.2-36A~4.2.0.201902251428
Branch: ucs_4.2-0
Scope: errata4.2-5

OK: diff <(./linux-dmesg-norm 4.9.159) <(./linux-dmesg-norm 4.9.160)
OK: cat /sys/kernel/security/securelevel
OK: amd64 @ kvm + OVMF+SB
OK: amd64 @ kvm + SeaBIOS
OK: i386 @ kvm + SeaBIOS
OK: amd64 @ lynx

Comment 11 Philipp Hahn 2019-03-01 13:08:12 CET

r18497 | Bug #47905: linux-4.9.110+161

Package: linux-4.9
Version: 4.9.110-3+deb9u5~deb8u1A~4.2.0.201902281323
Branch: ucs_4.2-0-errata4.2-5
Scope: errata4.2-5

[4.2-5] 9acd60d979 Bug #47905: Update to linux-4.9.110-3+deb9u5~deb8u1A~4.2.0.201902281323-ucs110
 .../debian/changelog                               |   7 +++++++
 .../vmlinuz-4.9.0-ucs110-amd64.efi.signed          | Bin 4104464 -> 4109904 bytes
 2 files changed, 7 insertions(+)

Package: univention-kernel-image-signed
Version: 3.0.2-37A~4.2.0.201903011021
Branch: ucs_4.2-0
Scope: errata4.2-5

[4.2-5] 494df430f2 Bug #47905: linux-4.9 4.9.161
 doc/errata/staging/linux-4.9.yaml                      | 4 ++--
 doc/errata/staging/univention-kernel-image-signed.yaml | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

Comment 12 Philipp Hahn 2019-03-06 21:44:18 CET

r18500 | Bug #47905: linux-4.9.110+162
r18501 | Bug #47905: linux-4.9.110+162 fixup

Comment 13 Philipp Hahn 2019-03-15 19:28:20 CET

(In reply to Philipp Hahn from comment #12)
> r18501 | Bug #47905: linux-4.9.110+162 fixup

master had the following patches:
 v4.13-rc1~62^2~61: mm/mmap.c: expand_downwards: don't require the gap if !vm_prev
 v5.0~14: mm: enforce min addr even if capable() in expand_downwards()

4.9 only has the 2nd patches:
 v4.9.162~2: mm: enforce min addr even if capable() in expand_downwards()
The 1st patch is only carried by Debian as a backport:
 debian/patches/bugfix/all/mm-mmap.c-expand_downwards-don-t-require-the-gap-if-.patch

r18503 | Bug #47905: linux-4.9.163
r18504 | Bug #47905: linux-4.9.110+163 2

Package: linux-4.9
Version: 4.9.110-3+deb9u5~deb8u1A~4.2.0.201903151513
Branch: ucs_4.2-0
Scope: errata4.2-5

[4.2-5] 67bdf71ac9 Bug #47905: Update to linux-4.9.110-3+deb9u5~deb8u1A~4.2.0.201903151513-ucs110
 .../debian/changelog                               |   7 +++++++
 .../vmlinuz-4.9.0-ucs110-amd64.efi.signed          | Bin 4109904 -> 4109008 bytes
 2 files changed, 7 insertions(+)

Package: univention-kernel-image-signed
Version: 3.0.2-38A~4.2.0.201903151901
Branch: ucs_4.2-0
Scope: errata4.2-5

OK: diff <(./linux-dmesg-norm 4.9.161) <(./linux-dmesg-norm 4.9.163)
OK: cat /sys/kernel/security/securelevel
OK: amd64 @ kvm + OVMF+SB
OK: amd64 @ kvm + SeaBIOS
OK: i386 @ kvm + SeaBIOS
SKIPPED: amd64 @ lynx

Comment 14 Philipp Hahn 2019-03-19 07:57:50 CET

r18507 | Bug #47905: linux-4.9.163
r18508 | Bug #47905: linux-4.9.163

Package: linux-4.9
Version: 4.9.144-3.1~deb8u1A~4.2.0.201903190757
Branch: ucs_4.2-0
Scope: errata4.2-5

Comment 15 Philipp Hahn 2019-03-19 07:58:39 CET

*** Bug 49020 has been marked as a duplicate of this bug. ***

Comment 16 Philipp Hahn 2019-03-19 11:04:01 CET

r18509 | Bug #47905: linux-4.9.163
r18510 | Bug #47905: linux-4.9.163

Package: linux-4.9
Version: 4.9.144-3.1~deb8u1A~4.2.0.201903191037
Branch: ucs_4.2-0
Scope: errata4.2-5

4.9.164 is scheduled for tomorrow

Comment 17 Philipp Hahn 2019-03-20 17:27:41 CET

r18511 | Bug #47905: linux-4.9.164

Package: linux-4.9
Version: 4.9.144-3.1~deb8u1A~4.2.0.201903191858
Branch: ucs_4.2-0
Scope: errata4.2-5

[4.2-5] f5fe26d7b4 Bug #47905: Update to linux-4.9.144-3.1~deb8u1A~4.2.0.201903191858-ucs111
 .../univention-kernel-image-signed/debian/changelog   |   7 +++++++
 kernel/univention-kernel-image-signed/debian/control  |  10 +++++-----
 .../vmlinuz-4.9.0-ucs110-amd64.efi.signed             | Bin 4109008 -> 0 bytes
 .../vmlinuz-4.9.0-ucs111-amd64.efi.signed             | Bin 0 -> 4107312 bytes
 4 files changed, 12 insertions(+), 5 deletions(-)

Package: univention-kernel-image-signed
Version: 3.0.2-39A~4.2.0.201903201657
Branch: ucs_4.2-0
Scope: errata4.2-5

[4.2-5] b0cefeb8ba Bug #47905: Update to linux-4.9.144-ucs111
 kernel/univention-kernel-image/debian/changelog                     | 6 ++++++
 kernel/univention-kernel-image/debian/copyright                     | 2 +-
 kernel/univention-kernel-image/debian/rules                         | 4 ++--
 .../univention-kernel-image/debian/univention-kernel-image.postinst | 2 +-
 4 files changed, 10 insertions(+), 4 deletions(-)

Package: univention-kernel-image
Version: 10.0.0-14A~4.2.0.201903201704
Branch: ucs_4.2-0
Scope: errata4.2-5

OK: errata-announce -V --only *.yaml
OK: apt install univention-kernel-image=10.0.0-14A~4.2.0.201903201704
OK: diff <(./linux-dmesg-norm 4.9.163) <(./linux-dmesg-norm 4.9.164)
OK: cat /sys/kernel/security/securelevel
OK: amd64 @ kvm + OVMF+SB
OK: amd64 @ kvm + SeaBIOS
OK: i386 @ kvm + SeaBIOS
SKIPPED: amd64 @ lynx

Comment 18 Philipp Hahn 2019-03-26 09:00:27 CET

r18529 | Bug #47905: linux-4.9.165

Comment 19 Philipp Hahn 2019-03-26 09:01:02 CET

Package: linux-4.9
Version: 4.9.144-3.1~deb8u1A~4.2.0.201903260900
Branch: ucs_4.2-0
Scope: errata4.2-5

Comment 20 Philipp Hahn 2019-03-26 12:24:26 CET

stable review cycle 4.9.166: 30 patches -> Thu Mar 28 04:25:51 UTC 2019

[4.2-5] 75d62f0ebf Bug #47905: Update to linux-4.9.144-3.1~deb8u1A~4.2.0.201903260900-ucs111
 .../debian/changelog                               |   7 +++++++
 .../vmlinuz-4.9.0-ucs111-amd64.efi.signed          | Bin 4107312 -> 4106416 bytes
 2 files changed, 7 insertions(+)

Package: univention-kernel-image-signed
Version: 3.0.2-40A~4.2.0.201903261206
Branch: ucs_4.2-0
Scope: errata4.2-5

[4.2-5] ba754b58d2 Bug #47905: linux-4.9 4.9.144-3.1~deb8u1A~4.2.0.201903260900
 doc/errata/staging/linux-4.9.yaml                      | 4 ++--
 doc/errata/staging/univention-kernel-image-signed.yaml | 4 ++--
 doc/errata/staging/univention-kernel-image.yaml        | 2 +-
 3 files changed, 5 insertions(+), 5 deletions(-)

OK: errata-announce -V --only *.yaml
OK: apt install univention-kernel-image=10.0.0-14A~4.2.0.201903201704
OK: diff <(./linux-dmesg-norm 4.9.164) <(./linux-dmesg-norm 4.9.165)
OK: cat /sys/kernel/security/securelevel
OK: amd64 @ kvm + OVMF+SB
OK: amd64 @ kvm + SeaBIOS
OK: i386 @ kvm + SeaBIOS
OK: amd64 @ lynx2

Comment 21 Arvid Requate 2019-03-26 20:04:40 CET

Verified:

* New upstream source package: linux-4.9

* Patches merged from linux/4.2-0-0-ucs/4.9.30-2-errata4.2-4  to   linux-4.9/4.2-0-0-ucs/4.9.144-3.1~deb8u1-errata4.2-5

* 10_backport.patch - OK
** New source package uses gcc-4.9 by default, so that has been removed from 10_backport
** New source package has Build-Depends on dh-systemd by default

* abiname_part adjusted in 14_ucs_version.patch

* 

* New patches same as https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/incr/

* 61_patch-4.9.155_fixup.patch - OK, fixes patch context

* r18501 : 61_patch-4.9.162_fixup.patch - OK, fixes patch context

* 60_debian-patches-reverts.quilt and 60_debian-patches-reverts.patch  - OK

* Packages installation: OK
* Boot on amd64 hardware: OK
* Advisories: OK

442afc0cba | Sort CVE list

Comment 22 Arvid Requate 2019-03-27 16:44:45 CET

<http://errata.software-univention.de/ucs/4.2/628.html>
<http://errata.software-univention.de/ucs/4.2/629.html>
<http://errata.software-univention.de/ucs/4.2/630.html>