update to 4.19.14
This commit is contained in:
Yves-Alexis Perez
parent
c2ac4cd321
commit
bfc928ff1a
|
|
@ -1,4 +1,79 @@
|
|||
linux (4.19.13-2) UNRELEASED; urgency=medium
|
||||
linux (4.19.14-1) UNRELEASED; urgency=medium
|
||||
|
||||
* New upstream stable update:
|
||||
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.14
|
||||
- ax25: fix a use-after-free in ax25_fillin_cb()
|
||||
- gro_cell: add napi_disable in gro_cells_destroy
|
||||
- ip6mr: Fix potential Spectre v1 vulnerability
|
||||
- ipv4: Fix potential Spectre v1 vulnerability
|
||||
- ipv6: explicitly initialize udp6_addr in udp_sock_create6()
|
||||
- ipv6: tunnels: fix two use-after-free
|
||||
- ip: validate header length on virtual device xmit
|
||||
- isdn: fix kernel-infoleak in capi_unlocked_ioctl
|
||||
- net/wan: fix a double free in x25_asy_open_tty()
|
||||
- packet: validate address length
|
||||
- packet: validate address length if non-zero
|
||||
- ptr_ring: wrap back ->producer in __ptr_ring_swap_queue()
|
||||
- sctp: initialize sin6_flowinfo for ipv6 addrs in sctp_inet6addr_event
|
||||
- tipc: compare remote and local protocols in tipc_udp_enable()
|
||||
- tipc: fix a double free in tipc_enable_bearer()
|
||||
- tipc: fix a double kfree_skb()
|
||||
- ipv6: frags: Fix bogus skb->sk in reassembled packets
|
||||
- ipv6: route: Fix return value of ip6_neigh_lookup() on neigh_create()
|
||||
error
|
||||
- ALSA: rme9652: Fix potential Spectre v1 vulnerability
|
||||
- ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities
|
||||
- ALSA: pcm: Fix potential Spectre v1 vulnerability
|
||||
- ALSA: emux: Fix potential Spectre v1 vulnerabilities
|
||||
- powerpc/fsl: Fix spectre_v2 mitigations reporting
|
||||
- usb: r8a66597: Fix a possible concurrency use-after-free bug in
|
||||
r8a66597_endpoint_disable()
|
||||
- [s390x] s390/pci: fix sleeping in atomic during hotplug
|
||||
- [x86] x86/speculation/l1tf: Drop the swap storage limit restriction when
|
||||
l1tf=off
|
||||
- [x86] x86/mm: Drop usage of __flush_tlb_all() in
|
||||
kernel_physical_mapping_init()
|
||||
- [x86] KVM: x86: Use jmp to invoke kvm_spurious_fault() from .fixup
|
||||
- [arm64] arm64: KVM: Make VHE Stage-2 TLB invalidation operations
|
||||
non-interruptible
|
||||
- perf pmu: Suppress potential format-truncation warning
|
||||
- perf env: Also consider env->arch == NULL as local operation
|
||||
- ext4: fix possible use after free in ext4_quota_enable
|
||||
- ext4: missing unlock/put_page() in ext4_try_to_write_inline_data()
|
||||
- ext4: include terminating u32 in size of xattr entries when expanding
|
||||
inodes
|
||||
- ext4: force inode writes when nfsd calls commit_metadata()
|
||||
- ext4: check for shutdown and r/o file system in ext4_write_inode()
|
||||
- [armhf,arm64] spi: bcm2835: Fix race on DMA termination
|
||||
- [armhf,arm64] spi: bcm2835: Fix book-keeping of DMA termination
|
||||
- [armhf,arm64] spi: bcm2835: Avoid finishing transfer prematurely in IRQ
|
||||
mode
|
||||
- btrfs: dev-replace: go back to suspended state if target device is missing
|
||||
- btrfs: dev-replace: go back to suspend state if another EXCL_OP is running
|
||||
- btrfs: skip file_extent generation check for free_space_inode in
|
||||
run_delalloc_nocow
|
||||
- Btrfs: fix fsync of files with multiple hard links in new directories
|
||||
- btrfs: run delayed items before dropping the snapshot
|
||||
- Btrfs: send, fix race with transaction commits that create snapshots
|
||||
- brcmfmac: Fix out of bounds memory access during fw load
|
||||
- dax: Don't access a freed inode
|
||||
- f2fs: read page index before freeing
|
||||
- f2fs: sanity check of xattr entry size
|
||||
- media: imx274: fix stack corruption in imx274_read_reg
|
||||
- media: v4l2-tpg: array index could become negative
|
||||
- tools lib traceevent: Fix processing of dereferenced args in bprintk
|
||||
events
|
||||
- [mips*] MIPS: math-emu: Write-protect delay slot emulation pages
|
||||
- [mips*] MIPS: Ensure pmd_present() returns false after pmd_mknotpresent()
|
||||
- [mips*] MIPS: Align kernel load address to 64KB
|
||||
- [mips*] MIPS: Expand MIPS32 ASIDs to 64 bits
|
||||
- CIFS: Fix error mapping for SMB2_LOCK command which caused OFD lock
|
||||
problem
|
||||
- smb3: fix large reads on encrypted connections
|
||||
- [arm*] KVM: arm/arm64: vgic: Cap SPIs to the VM-defined maximum
|
||||
- [arm*] KVM: arm/arm64: vgic-v2: Set active_source to 0 when restoring
|
||||
state
|
||||
- [arm*] KVM: arm/arm64: vgic: Fix off-by-one bug in vgic_get_irq()
|
||||
|
||||
[ John Paul Adrian Glaubitz ]
|
||||
* [m68k] Add patch to build with -ffreestanding to fix FTBFS
|
||||
|
|
@ -10,7 +85,7 @@ linux (4.19.13-2) UNRELEASED; urgency=medium
|
|||
packages
|
||||
|
||||
[ Yves-Alexis Perez ]
|
||||
* smb3: fix large reads on encrypted connections
|
||||
* Bump ABI to 2 because of changes in struct sock_common from 60f05dddf1eb
|
||||
|
||||
[ Salvatore Bonaccorso ]
|
||||
* ipv6: Consider sk_bound_dev_if when binding a socket to an address
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
[abi]
|
||||
abiname: 1
|
||||
abiname: 2
|
||||
ignore-changes:
|
||||
__cpuhp_*
|
||||
__xive_vm_h_*
|
||||
|
|
|
|||
|
|
@ -1,41 +0,0 @@
|
|||
From: Paul Aurich <paul@darkrain42.org>
|
||||
Date: Mon, 31 Dec 2018 14:13:34 -0800
|
||||
Subject: smb3: fix large reads on encrypted connections
|
||||
Origin: https://git.samba.org/?p=sfrench/cifs-2.6.git;a=commit;h=1f4b6df1eaa55d2dcedd7a3351568c7a2aa42d2d
|
||||
|
||||
When passing a large read to receive_encrypted_read(), ensure that the
|
||||
demultiplex_thread knows that a MID was processed. Without this, those
|
||||
operations never complete.
|
||||
|
||||
This is a similar issue/fix to lease break handling:
|
||||
commit 7af929d6d05ba5564139718e30d5bc96bdbc716a
|
||||
("smb3: fix lease break problem introduced by compounding")
|
||||
|
||||
CC: Stable <stable@vger.kernel.org> # 4.19+
|
||||
Fixes: b24df3e30cbf ("cifs: update receive_encrypted_standard to handle compounded responses")
|
||||
Signed-off-by: Paul Aurich <paul@darkrain42.org>
|
||||
Tested-by: Yves-Alexis Perez <corsac@corsac.net>
|
||||
Signed-off-by: Steve French <stfrench@microsoft.com>
|
||||
---
|
||||
fs/cifs/smb2ops.c | 4 +++-
|
||||
1 file changed, 3 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c
|
||||
index 33100ef74d7f..cf7eb891804f 100644
|
||||
--- a/fs/cifs/smb2ops.c
|
||||
+++ b/fs/cifs/smb2ops.c
|
||||
@@ -3472,8 +3472,10 @@ smb3_receive_transform(struct TCP_Server_Info *server,
|
||||
}
|
||||
|
||||
/* TODO: add support for compounds containing READ. */
|
||||
- if (pdu_length > CIFSMaxBufSize + MAX_HEADER_SIZE(server))
|
||||
+ if (pdu_length > CIFSMaxBufSize + MAX_HEADER_SIZE(server)) {
|
||||
+ *num_mids = 1;
|
||||
return receive_encrypted_read(server, &mids[0]);
|
||||
+ }
|
||||
|
||||
return receive_encrypted_standard(server, mids, bufs, num_mids);
|
||||
}
|
||||
--
|
||||
2.20.1
|
||||
|
||||
|
|
@ -100,7 +100,6 @@ bugfix/all/fs-add-module_softdep-declarations-for-hard-coded-cr.patch
|
|||
bugfix/all/partially-revert-usb-kconfig-using-select-for-usb_co.patch
|
||||
bugfix/all/kbuild-include-addtree-remove-quotes-before-matching-path.patch
|
||||
debian/revert-objtool-fix-config_stack_validation-y-warning.patch
|
||||
bugfix/all/smb3-fix-large-reads-on-encrypted-connections.patch
|
||||
bugfix/all/ipv6-Consider-sk_bound_dev_if-when-binding-a-socket-.patch
|
||||
bugfix/all/posix-cpu-timers-Unbreak-timer-rearming.patch
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue