1 files changed, 18 insertions, 0 deletions

diff --git a/debian/changelog b/debian/changelog
index 9757f9d97726..b8f1305fd12e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -89,6 +89,24 @@ linux (4.17.3-1) UNRELEASED; urgency=medium
   * dm: Enable DM_INTEGRITY as module (except on armel) (Closes: #896649)
   * debian/lib/python/debian_linux/debian.py: Accept arbitrary revision
     suffixes (Closes: #898087)
+  * ext4: add corruption check in ext4_xattr_set_entry() (CVE-2018-10879)
+  * ext4: always verify the magic number in xattr blocks (CVE-2018-10879)
+  * ext4: always check block group bounds in ext4_init_block_bitmap()
+    (CVE-2018-10878)
+  * ext4: make sure bitmaps and the inode table don't overlap with bg
+    descriptors (CVE-2018-10878)
+  * ext4: only look at the bg_flags field if it is valid (CVE-2018-10876)
+  * ext4: verify the depth of extent tree in ext4_find_extent()
+    (CVE-2018-10877)
+  * ext4: clear i_data in ext4_inode_info when removing inline data
+    (CVE-2018-10881)
+  * ext4: never move the system.data xattr out of the inode body
+    (CVE-2018-10880)
+  * jbd2: don't mark block as modified if the handle is out of credits
+    (CVE-2018-10883)
+  * ext4: avoid running out of journal credits when appending to an inline file
+    (CVE-2018-10883)
+  * ext4: add more inode number paranoia checks (CVE-2018-10882)
 
   [ Romain Perier ]
   * [x86] amdgpu: Enable DCN 1.0 Raven family (Closes: #901349)