* debian/changelog: Update version to 3.2.7-1.

* debian/patches: Remove merged patches.

svn path=/dists/sid/linux-2.6/; revision=18729

debian/changelog

@@ -1,4 +1,4 @@
-linux-2.6 (3.2.6-2) UNRELEASED; urgency=low
+linux-2.6 (3.2.7-1) UNRELEASED; urgency=low
 
   [ Ben Hutchings ]
   * Add Turkish debconf template translations (Mert Dirik) (Closes: #660117)

debian/patches/bugfix/all/ath9k-fix-a-wep-crypto-related-regression.patch

@@ -1,43 +0,0 @@
-From f88373fa47f3ce6590fdfaa742d0ddacc2ae017f Mon Sep 17 00:00:00 2001
-From: Felix Fietkau <nbd@openwrt.org>
-Date: Sun, 5 Feb 2012 21:15:17 +0100
-Subject: ath9k: fix a WEP crypto related regression
-
-From: Felix Fietkau <nbd@openwrt.org>
-
-commit f88373fa47f3ce6590fdfaa742d0ddacc2ae017f upstream.
-
-commit b4a82a0 "ath9k_hw: fix interpretation of the rx KeyMiss flag"
-fixed the interpretation of the KeyMiss flag for keycache based lookups,
-however WEP encryption uses a static index, so KeyMiss is always asserted
-for it, even though frames are decrypted properly.
-Fix this by clearing the ATH9K_RXERR_KEYMISS flag if no keycache based
-lookup was performed.
-
-Signed-off-by: Felix Fietkau <nbd@openwrt.org>
-Reported-by: Laurent Bonnans <bonnans.l@gmail.com>
-Reported-by: Jurica Vukadin <u.ra604@googlemail.com>
-Signed-off-by: John W. Linville <linville@tuxdriver.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-
----
- drivers/net/wireless/ath/ath9k/recv.c |    8 ++++++++
- 1 file changed, 8 insertions(+)
-
---- a/drivers/net/wireless/ath/ath9k/recv.c
-+++ b/drivers/net/wireless/ath/ath9k/recv.c
-@@ -824,6 +824,14 @@ static bool ath9k_rx_accept(struct ath_c
- 		(ATH9K_RXERR_DECRYPT | ATH9K_RXERR_CRC | ATH9K_RXERR_MIC |
- 		 ATH9K_RXERR_KEYMISS));
- 
-+	/*
-+	 * Key miss events are only relevant for pairwise keys where the
-+	 * descriptor does contain a valid key index. This has been observed
-+	 * mostly with CCMP encryption.
-+	 */
-+	if (rx_stats->rs_keyix == ATH9K_RXKEYIX_INVALID)
-+		rx_stats->rs_status &= ~ATH9K_RXERR_KEYMISS;
-+
- 	if (!rx_stats->rs_datalen)
- 		return false;
-         /*

debian/patches/bugfix/all/relay-prevent-integer-overflow-in-relay_open.patch

@@ -1,48 +0,0 @@
-From f6302f1bcd75a042df69866d98b8d775a668f8f1 Mon Sep 17 00:00:00 2001
-From: Dan Carpenter <dan.carpenter@oracle.com>
-Date: Fri, 10 Feb 2012 09:03:58 +0100
-Subject: relay: prevent integer overflow in relay_open()
-
-From: Dan Carpenter <dan.carpenter@oracle.com>
-
-commit f6302f1bcd75a042df69866d98b8d775a668f8f1 upstream.
-
-"subbuf_size" and "n_subbufs" come from the user and they need to be
-capped to prevent an integer overflow.
-
-Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
-Signed-off-by: Jens Axboe <axboe@kernel.dk>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-
----
- kernel/relay.c |   10 ++++++++--
- 1 file changed, 8 insertions(+), 2 deletions(-)
-
---- a/kernel/relay.c
-+++ b/kernel/relay.c
-@@ -164,10 +164,14 @@ depopulate:
-  */
- static struct rchan_buf *relay_create_buf(struct rchan *chan)
- {
--	struct rchan_buf *buf = kzalloc(sizeof(struct rchan_buf), GFP_KERNEL);
--	if (!buf)
-+	struct rchan_buf *buf;
-+
-+	if (chan->n_subbufs > UINT_MAX / sizeof(size_t *))
- 		return NULL;
- 
-+	buf = kzalloc(sizeof(struct rchan_buf), GFP_KERNEL);
-+	if (!buf)
-+		return NULL;
- 	buf->padding = kmalloc(chan->n_subbufs * sizeof(size_t *), GFP_KERNEL);
- 	if (!buf->padding)
- 		goto free_buf;
-@@ -574,6 +578,8 @@ struct rchan *relay_open(const char *bas
- 
- 	if (!(subbuf_size && n_subbufs))
- 		return NULL;
-+	if (subbuf_size > UINT_MAX / n_subbufs)
-+		return NULL;
- 
- 	chan = kzalloc(sizeof(struct rchan), GFP_KERNEL);
- 	if (!chan)

debian/patches/series/base

@@ -77,6 +77,4 @@
 + features/all/hwmon-it87-Add-IT8728F-support.patch
 + bugfix/arm/ARM-ixp4xx-mtd-oops.patch
 
-+ bugfix/all/relay-prevent-integer-overflow-in-relay_open.patch
 + bugfix/all/builddeb-Don-t-create-files-in-tmp-with-predictable-.patch
-+ bugfix/all/ath9k-fix-a-wep-crypto-related-regression.patch