Update to 3.11.2
svn path=/dists/trunk/linux/; revision=20689
This commit is contained in:
parent
1e08031323
commit
7ba571c00f
|
@ -1,4 +1,4 @@
|
|||
linux (3.11.1-1~exp1) UNRELEASED; urgency=low
|
||||
linux (3.11.2-1~exp1) UNRELEASED; urgency=low
|
||||
|
||||
* New upstream stable update:
|
||||
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.11.1
|
||||
|
@ -18,6 +18,54 @@ linux (3.11.1-1~exp1) UNRELEASED; urgency=low
|
|||
- crypto: xor - Check for osxsave as well as avx in crypto/xor
|
||||
- drivers/rtc/rtc-max77686.c: Fix wrong register
|
||||
- mwifiex: do not create AP and P2P interfaces upon driver loading
|
||||
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.11.2
|
||||
- firmware loader: fix pending_fw_head list corruption
|
||||
- zram: fix invalid memory access
|
||||
- UBI: Fix PEB leak in wear_leveling_worker()
|
||||
- SCSI: sd: Fix potential out-of-bounds access
|
||||
- crypto: api - Fix race condition in larval lookup
|
||||
- [s390] bpf,jit: fix address randomization
|
||||
- [powerpc] Handle unaligned ldbrx/stdbrx
|
||||
- xen-gnt: prevent adding duplicate gnt callbacks
|
||||
- cpuidle: coupled: abort idle if pokes are pending
|
||||
- cpuidle: coupled: fix race condition between pokes and safe state
|
||||
- [armel/versatile] PCI: Fix map_irq function to match hardware
|
||||
- cifs: ensure that srv_mutex is held when dealing with ssocket pointer
|
||||
- CIFS: Fix a memory leak when a lease break comes
|
||||
- CIFS: Fix missing lease break
|
||||
- USB: mos7720: fix big-endian control requests
|
||||
- USB: cdc-wdm: fix race between interrupt handler and tasklet
|
||||
- usb: config->desc.bLength may not exceed amount of data returned by the
|
||||
device
|
||||
- rculist: list_first_or_null_rcu() should use list_entry_rcu()
|
||||
- [x86] smap: Handle csum_partial_copy_*_user()
|
||||
- [x86] amd_nb: Clarify F15h, model 30h GART and L3 support
|
||||
- [x86] mce: Pay no attention to 'F' bit in MCACOD when parsing 'UC' errors
|
||||
- ext4: fix ext4_writepages() in presence of truncate
|
||||
- ext4: simplify truncation code in ext4_setattr()
|
||||
- brcmsmac: Fix WARNING caused by lack of calls to dma_mapping_error()
|
||||
- ath9k: fix rx descriptor related race condition
|
||||
- ath9k: avoid accessing MRC registers on single-chain devices
|
||||
- HID: battery: don't do DMA from stack
|
||||
- HID: hidraw: correctly deallocate memory on device disconnect
|
||||
- media: siano: fix divide error on 0 counters (Closes: #719623)
|
||||
- Btrfs: don't allow the replace procedure on read only filesystems
|
||||
- target: Fix >= v3.9+ regression in PR APTPL + ALUA metadata write-out
|
||||
- intel-iommu: Fix leaks in pagetable freeing
|
||||
- pidns: Fix hang in zap_pid_ns_processes by sending a potentially extra
|
||||
wakeup
|
||||
- pidns: fix vfork() after unshare(CLONE_NEWPID)
|
||||
- ocfs2: fix the end cluster offset of FIEMAP
|
||||
- mm/huge_memory.c: fix potential NULL pointer dereference
|
||||
- libceph: unregister request in __map_request failed and nofail == false
|
||||
- libceph: use pg_num_mask instead of pgp_num_mask for pg.seed calc
|
||||
- ceph: Don't forget the 'up_read(&osdc->map_sem)' if met error.
|
||||
- rbd: fix I/O error propagation for reads
|
||||
- of: Fix missing memory initialization on FDT unflattening
|
||||
- fuse: postpone end_page_writeback() in fuse_writepage_locked()
|
||||
- fuse: invalidate inode attributes on xattr modification
|
||||
- fuse: hotfix truncate_pagecache() issue
|
||||
- fuse: readdir: check for slash in names
|
||||
|
||||
[ Ben Hutchings ]
|
||||
* udeb: Update config to match previous kernel config changes:
|
||||
|
|
|
@ -1,30 +0,0 @@
|
|||
From: Kees Cook <keescook@chromium.org>
|
||||
Date: Wed, 28 Aug 2013 22:32:01 +0200
|
||||
Subject: [6/6] HID: check for NULL field when setting values
|
||||
Origin: https://git.kernel.org/linus/be67b68d52fa28b9b721c47bb42068f0c1214855
|
||||
|
||||
Defensively check that the field to be worked on is not NULL.
|
||||
|
||||
Signed-off-by: Kees Cook <keescook@chromium.org>
|
||||
Cc: stable@kernel.org
|
||||
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
|
||||
---
|
||||
drivers/hid/hid-core.c | 7 ++++++-
|
||||
1 file changed, 6 insertions(+), 1 deletion(-)
|
||||
|
||||
--- a/drivers/hid/hid-core.c
|
||||
+++ b/drivers/hid/hid-core.c
|
||||
@@ -1156,7 +1156,12 @@ EXPORT_SYMBOL_GPL(hid_output_report);
|
||||
|
||||
int hid_set_field(struct hid_field *field, unsigned offset, __s32 value)
|
||||
{
|
||||
- unsigned size = field->report_size;
|
||||
+ unsigned size;
|
||||
+
|
||||
+ if (!field)
|
||||
+ return -1;
|
||||
+
|
||||
+ size = field->report_size;
|
||||
|
||||
hid_dump_input(field->report->device, field->usage + offset, value);
|
||||
|
|
@ -1,37 +0,0 @@
|
|||
From: Kees Cook <keescook@chromium.org>
|
||||
Date: Wed, 28 Aug 2013 22:31:28 +0200
|
||||
Subject: [3/6] HID: ntrig: validate feature report details
|
||||
Origin: https://git.kernel.org/linus/875b4e3763dbc941f15143dd1a18d10bb0be303b
|
||||
|
||||
A HID device could send a malicious feature report that would cause the
|
||||
ntrig HID driver to trigger a NULL dereference during initialization:
|
||||
|
||||
[57383.031190] usb 3-1: New USB device found, idVendor=1b96, idProduct=0001
|
||||
...
|
||||
[57383.315193] BUG: unable to handle kernel NULL pointer dereference at 0000000000000030
|
||||
[57383.315308] IP: [<ffffffffa08102de>] ntrig_probe+0x25e/0x420 [hid_ntrig]
|
||||
|
||||
CVE-2013-2896
|
||||
|
||||
Signed-off-by: Kees Cook <keescook@chromium.org>
|
||||
Cc: stable@kernel.org
|
||||
Signed-off-by: Rafi Rubin <rafi@seas.upenn.edu>
|
||||
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
|
||||
---
|
||||
drivers/hid/hid-ntrig.c | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/drivers/hid/hid-ntrig.c b/drivers/hid/hid-ntrig.c
|
||||
index 98d1fdf..600f207 100644
|
||||
--- a/drivers/hid/hid-ntrig.c
|
||||
+++ b/drivers/hid/hid-ntrig.c
|
||||
@@ -115,7 +115,8 @@ static inline int ntrig_get_mode(struct hid_device *hdev)
|
||||
struct hid_report *report = hdev->report_enum[HID_FEATURE_REPORT].
|
||||
report_id_hash[0x0d];
|
||||
|
||||
- if (!report)
|
||||
+ if (!report || report->maxfield < 1 ||
|
||||
+ report->field[0]->report_count < 1)
|
||||
return -EINVAL;
|
||||
|
||||
hid_hw_request(hdev, report, HID_REQ_GET_REPORT);
|
|
@ -1,43 +0,0 @@
|
|||
From: Kees Cook <keescook@chromium.org>
|
||||
Date: Wed, 28 Aug 2013 22:30:49 +0200
|
||||
Subject: [2/6] HID: pantherlord: validate output report details
|
||||
Origin: https://git.kernel.org/linus/412f30105ec6735224535791eed5cdc02888ecb4
|
||||
|
||||
A HID device could send a malicious output report that would cause the
|
||||
pantherlord HID driver to write beyond the output report allocation
|
||||
during initialization, causing a heap overflow:
|
||||
|
||||
[ 310.939483] usb 1-1: New USB device found, idVendor=0e8f, idProduct=0003
|
||||
...
|
||||
[ 315.980774] BUG kmalloc-192 (Tainted: G W ): Redzone overwritten
|
||||
|
||||
CVE-2013-2892
|
||||
|
||||
Signed-off-by: Kees Cook <keescook@chromium.org>
|
||||
Cc: stable@kernel.org
|
||||
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
|
||||
---
|
||||
drivers/hid/hid-pl.c | 10 ++++++++--
|
||||
1 file changed, 8 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/drivers/hid/hid-pl.c b/drivers/hid/hid-pl.c
|
||||
index d29112f..2dcd7d9 100644
|
||||
--- a/drivers/hid/hid-pl.c
|
||||
+++ b/drivers/hid/hid-pl.c
|
||||
@@ -132,8 +132,14 @@ static int plff_init(struct hid_device *hid)
|
||||
strong = &report->field[0]->value[2];
|
||||
weak = &report->field[0]->value[3];
|
||||
debug("detected single-field device");
|
||||
- } else if (report->maxfield >= 4 && report->field[0]->maxusage == 1 &&
|
||||
- report->field[0]->usage[0].hid == (HID_UP_LED | 0x43)) {
|
||||
+ } else if (report->field[0]->maxusage == 1 &&
|
||||
+ report->field[0]->usage[0].hid ==
|
||||
+ (HID_UP_LED | 0x43) &&
|
||||
+ report->maxfield >= 4 &&
|
||||
+ report->field[0]->report_count >= 1 &&
|
||||
+ report->field[1]->report_count >= 1 &&
|
||||
+ report->field[2]->report_count >= 1 &&
|
||||
+ report->field[3]->report_count >= 1) {
|
||||
report->field[0]->value[0] = 0x00;
|
||||
report->field[1]->value[0] = 0x00;
|
||||
strong = &report->field[2]->value[0];
|
|
@ -1,45 +0,0 @@
|
|||
From: Kees Cook <keescook@chromium.org>
|
||||
Date: Wed, 28 Aug 2013 22:31:52 +0200
|
||||
Subject: [5/6] HID: picolcd_core: validate output report details
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
Origin: https://git.kernel.org/linus/1e87a2456b0227ca4ab881e19a11bb99d164e792
|
||||
|
||||
A HID device could send a malicious output report that would cause the
|
||||
picolcd HID driver to trigger a NULL dereference during attr file writing.
|
||||
|
||||
[jkosina@suse.cz: changed
|
||||
|
||||
report->maxfield < 1
|
||||
|
||||
to
|
||||
|
||||
report->maxfield != 1
|
||||
|
||||
as suggested by Bruno].
|
||||
|
||||
CVE-2013-2899
|
||||
|
||||
Signed-off-by: Kees Cook <keescook@chromium.org>
|
||||
Cc: stable@kernel.org
|
||||
Reviewed-by: Bruno Prémont <bonbons@linux-vserver.org>
|
||||
Acked-by: Bruno Prémont <bonbons@linux-vserver.org>
|
||||
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
|
||||
---
|
||||
drivers/hid/hid-picolcd_core.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/drivers/hid/hid-picolcd_core.c b/drivers/hid/hid-picolcd_core.c
|
||||
index b48092d..acbb0210 100644
|
||||
--- a/drivers/hid/hid-picolcd_core.c
|
||||
+++ b/drivers/hid/hid-picolcd_core.c
|
||||
@@ -290,7 +290,7 @@ static ssize_t picolcd_operation_mode_store(struct device *dev,
|
||||
buf += 10;
|
||||
cnt -= 10;
|
||||
}
|
||||
- if (!report)
|
||||
+ if (!report || report->maxfield != 1)
|
||||
return -EINVAL;
|
||||
|
||||
while (cnt > 0 && (buf[cnt-1] == '\n' || buf[cnt-1] == '\r'))
|
|
@ -1,33 +0,0 @@
|
|||
From: Kees Cook <keescook@chromium.org>
|
||||
Date: Wed, 28 Aug 2013 22:31:44 +0200
|
||||
Subject: [4/6] HID: sensor-hub: validate feature report details
|
||||
Origin: https://git.kernel.org/linus/9e8910257397372633e74b333ef891f20c800ee4
|
||||
|
||||
A HID device could send a malicious feature report that would cause the
|
||||
sensor-hub HID driver to read past the end of heap allocation, leaking
|
||||
kernel memory contents to the caller.
|
||||
|
||||
CVE-2013-2898
|
||||
|
||||
Signed-off-by: Kees Cook <keescook@chromium.org>
|
||||
Cc: stable@kernel.org
|
||||
Reviewed-by: Mika Westerberg <mika.westerberg@linux.intel.com>
|
||||
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
|
||||
---
|
||||
drivers/hid/hid-sensor-hub.c | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/drivers/hid/hid-sensor-hub.c b/drivers/hid/hid-sensor-hub.c
|
||||
index ffc80cf..6fca30e 100644
|
||||
--- a/drivers/hid/hid-sensor-hub.c
|
||||
+++ b/drivers/hid/hid-sensor-hub.c
|
||||
@@ -221,7 +221,8 @@ int sensor_hub_get_feature(struct hid_sensor_hub_device *hsdev, u32 report_id,
|
||||
|
||||
mutex_lock(&data->mutex);
|
||||
report = sensor_hub_report(report_id, hsdev->hdev, HID_FEATURE_REPORT);
|
||||
- if (!report || (field_index >= report->maxfield)) {
|
||||
+ if (!report || (field_index >= report->maxfield) ||
|
||||
+ report->field[field_index]->report_count < 1) {
|
||||
ret = -EINVAL;
|
||||
goto done_proc;
|
||||
}
|
|
@ -1,76 +0,0 @@
|
|||
From: Kees Cook <keescook@chromium.org>
|
||||
Date: Wed, 28 Aug 2013 22:29:55 +0200
|
||||
Subject: [1/6] HID: validate HID report id size
|
||||
Origin: https://git.kernel.org/linus/43622021d2e2b82ea03d883926605bdd0525e1d1
|
||||
|
||||
The "Report ID" field of a HID report is used to build indexes of
|
||||
reports. The kernel's index of these is limited to 256 entries, so any
|
||||
malicious device that sets a Report ID greater than 255 will trigger
|
||||
memory corruption on the host:
|
||||
|
||||
[ 1347.156239] BUG: unable to handle kernel paging request at ffff88094958a878
|
||||
[ 1347.156261] IP: [<ffffffff813e4da0>] hid_register_report+0x2a/0x8b
|
||||
|
||||
CVE-2013-2888
|
||||
|
||||
Signed-off-by: Kees Cook <keescook@chromium.org>
|
||||
Cc: stable@kernel.org
|
||||
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
|
||||
---
|
||||
drivers/hid/hid-core.c | 10 +++++++---
|
||||
include/linux/hid.h | 4 +++-
|
||||
2 files changed, 10 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/drivers/hid/hid-core.c b/drivers/hid/hid-core.c
|
||||
index 36668d1..5ea7d51 100644
|
||||
--- a/drivers/hid/hid-core.c
|
||||
+++ b/drivers/hid/hid-core.c
|
||||
@@ -63,6 +63,8 @@ struct hid_report *hid_register_report(struct hid_device *device, unsigned type,
|
||||
struct hid_report_enum *report_enum = device->report_enum + type;
|
||||
struct hid_report *report;
|
||||
|
||||
+ if (id >= HID_MAX_IDS)
|
||||
+ return NULL;
|
||||
if (report_enum->report_id_hash[id])
|
||||
return report_enum->report_id_hash[id];
|
||||
|
||||
@@ -404,8 +406,10 @@ static int hid_parser_global(struct hid_parser *parser, struct hid_item *item)
|
||||
|
||||
case HID_GLOBAL_ITEM_TAG_REPORT_ID:
|
||||
parser->global.report_id = item_udata(item);
|
||||
- if (parser->global.report_id == 0) {
|
||||
- hid_err(parser->device, "report_id 0 is invalid\n");
|
||||
+ if (parser->global.report_id == 0 ||
|
||||
+ parser->global.report_id >= HID_MAX_IDS) {
|
||||
+ hid_err(parser->device, "report_id %u is invalid\n",
|
||||
+ parser->global.report_id);
|
||||
return -1;
|
||||
}
|
||||
return 0;
|
||||
@@ -575,7 +579,7 @@ static void hid_close_report(struct hid_device *device)
|
||||
for (i = 0; i < HID_REPORT_TYPES; i++) {
|
||||
struct hid_report_enum *report_enum = device->report_enum + i;
|
||||
|
||||
- for (j = 0; j < 256; j++) {
|
||||
+ for (j = 0; j < HID_MAX_IDS; j++) {
|
||||
struct hid_report *report = report_enum->report_id_hash[j];
|
||||
if (report)
|
||||
hid_free_report(report);
|
||||
diff --git a/include/linux/hid.h b/include/linux/hid.h
|
||||
index 0c48991..ff545cc 100644
|
||||
--- a/include/linux/hid.h
|
||||
+++ b/include/linux/hid.h
|
||||
@@ -393,10 +393,12 @@ struct hid_report {
|
||||
struct hid_device *device; /* associated device */
|
||||
};
|
||||
|
||||
+#define HID_MAX_IDS 256
|
||||
+
|
||||
struct hid_report_enum {
|
||||
unsigned numbered;
|
||||
struct list_head report_list;
|
||||
- struct hid_report *report_id_hash[256];
|
||||
+ struct hid_report *report_id_hash[HID_MAX_IDS];
|
||||
};
|
||||
|
||||
#define HID_REPORT_TYPES 3
|
|
@ -57,7 +57,7 @@ removed in later patches.
|
|||
fw_load_abort(fw_priv);
|
||||
mutex_unlock(&fw_lock);
|
||||
}
|
||||
@@ -858,26 +870,29 @@ static int _request_firmware_load(struct
|
||||
@@ -858,13 +870,15 @@ static int _request_firmware_load(struct
|
||||
|
||||
retval = device_add(f_dev);
|
||||
if (retval) {
|
||||
|
@ -75,8 +75,10 @@ removed in later patches.
|
|||
goto err_del_dev;
|
||||
}
|
||||
|
||||
retval = device_create_file(f_dev, &dev_attr_loading);
|
||||
if (retval) {
|
||||
@@ -877,14 +891,15 @@ static int _request_firmware_load(struct
|
||||
mutex_lock(&fw_lock);
|
||||
list_del_init(&buf->pending_list);
|
||||
mutex_unlock(&fw_lock);
|
||||
- dev_err(f_dev, "%s: device_create_file failed\n", __func__);
|
||||
+ dev_err(f_dev->parent, "%s: device_create_file failed\n",
|
||||
+ __func__);
|
||||
|
@ -91,7 +93,7 @@ removed in later patches.
|
|||
if (timeout != MAX_SCHEDULE_TIMEOUT)
|
||||
schedule_delayed_work(&fw_priv->timeout_work, timeout);
|
||||
|
||||
@@ -990,7 +1005,8 @@ _request_firmware_prepare(struct firmwar
|
||||
@@ -993,7 +1008,8 @@ _request_firmware_prepare(struct firmwar
|
||||
}
|
||||
|
||||
if (fw_get_builtin_firmware(firmware, name)) {
|
||||
|
@ -101,7 +103,7 @@ removed in later patches.
|
|||
return 0; /* assigned */
|
||||
}
|
||||
|
||||
@@ -1021,9 +1037,16 @@ static int assign_firmware_buf(struct fi
|
||||
@@ -1024,9 +1040,16 @@ static int assign_firmware_buf(struct fi
|
||||
struct firmware_buf *buf = fw->priv;
|
||||
|
||||
mutex_lock(&fw_lock);
|
||||
|
@ -119,7 +121,7 @@ removed in later patches.
|
|||
}
|
||||
|
||||
/*
|
||||
@@ -1072,7 +1095,7 @@ _request_firmware(const struct firmware
|
||||
@@ -1075,7 +1098,7 @@ _request_firmware(const struct firmware
|
||||
if (nowait) {
|
||||
timeout = usermodehelper_read_lock_wait(timeout);
|
||||
if (!timeout) {
|
||||
|
@ -128,7 +130,7 @@ removed in later patches.
|
|||
name);
|
||||
ret = -EBUSY;
|
||||
goto out;
|
||||
@@ -1100,6 +1123,9 @@ _request_firmware(const struct firmware
|
||||
@@ -1103,6 +1126,9 @@ _request_firmware(const struct firmware
|
||||
if (ret < 0) {
|
||||
release_firmware(fw);
|
||||
fw = NULL;
|
||||
|
|
|
@ -1,46 +0,0 @@
|
|||
From: Borislav Petkov <bp@suse.de>
|
||||
Date: Tue, 23 Jul 2013 20:01:23 +0200
|
||||
Subject: amd64_edac: Fix single-channel setups
|
||||
Origin: https://git.kernel.org/linus/f0a56c480196a98479760862468cc95879df3de0
|
||||
Bug-Debian: http://bugs.debian.org/717473
|
||||
|
||||
It can happen that configurations are running in a single-channel mode
|
||||
even with a dual-channel memory controller, by, say, putting the DIMMs
|
||||
only on the one channel and leaving the other empty. This causes a
|
||||
problem in init_csrows which implicitly assumes that when the second
|
||||
channel is enabled, i.e. channel 1, the struct dimm hierarchy will be
|
||||
present. Which is not.
|
||||
|
||||
So always allocate two channels unconditionally.
|
||||
|
||||
This provides for the nice side effect that the data structures are
|
||||
initialized so some day, when memory hotplug is supported, it should
|
||||
just work out of the box when all of a sudden a second channel appears.
|
||||
|
||||
Reported-and-tested-by: Roger Leigh <rleigh@debian.org>
|
||||
Signed-off-by: Borislav Petkov <bp@suse.de>
|
||||
---
|
||||
drivers/edac/amd64_edac.c | 9 ++++++++-
|
||||
1 file changed, 8 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/drivers/edac/amd64_edac.c b/drivers/edac/amd64_edac.c
|
||||
index 8b6a034..8b3d901 100644
|
||||
--- a/drivers/edac/amd64_edac.c
|
||||
+++ b/drivers/edac/amd64_edac.c
|
||||
@@ -2470,8 +2470,15 @@ static int amd64_init_one_instance(struct pci_dev *F2)
|
||||
layers[0].size = pvt->csels[0].b_cnt;
|
||||
layers[0].is_virt_csrow = true;
|
||||
layers[1].type = EDAC_MC_LAYER_CHANNEL;
|
||||
- layers[1].size = pvt->channel_count;
|
||||
+
|
||||
+ /*
|
||||
+ * Always allocate two channels since we can have setups with DIMMs on
|
||||
+ * only one channel. Also, this simplifies handling later for the price
|
||||
+ * of a couple of KBs tops.
|
||||
+ */
|
||||
+ layers[1].size = 2;
|
||||
layers[1].is_virt_csrow = false;
|
||||
+
|
||||
mci = edac_mc_alloc(nid, ARRAY_SIZE(layers), layers, 0);
|
||||
if (!mci)
|
||||
goto err_siblings;
|
|
@ -80,10 +80,3 @@ bugfix/all/irq-Always-define-devm_-request_threaded-free-_irq.patch
|
|||
# m68k IRQ bugfix
|
||||
bugfix/m68k/atari-irqs.patch
|
||||
|
||||
bugfix/x86/amd64_edac-Fix-single-channel-setups.patch
|
||||
bugfix/all/HID-validate-HID-report-id-size.patch
|
||||
bugfix/all/HID-pantherlord-validate-output-report-details.patch
|
||||
bugfix/all/HID-ntrig-validate-feature-report-details.patch
|
||||
bugfix/all/HID-sensor-hub-validate-feature-report-details.patch
|
||||
bugfix/all/HID-picolcd_core-validate-output-report-details.patch
|
||||
bugfix/all/HID-check-for-NULL-field-when-setting-values.patch
|
||||
|
|
Loading…
Reference in New Issue