I have candidate fixes for this regression which are available at: https://people.debian.org/~benh/packages/CVE-2017-1000364/
The changes files there are signed with my GPG key so you can verify them. (The sources for these are at https://anonscm.debian.org/cgit/kernel/linux.git on branches benh/{wheezy,jessie,stretch}-security.) I have tested these using Charles Leclerc's sample jsvc service and my own stack clash test program, but would appreciate other testing results. Ben. -- Ben Hutchings Sturgeon's Law: Ninety percent of everything is crap.
signature.asc
Description: This is a digitally signed message part
