4e3802ddec
[rt] Refresh "genirq: Do not invoke the affinity callback via a workqueue on RT" for context changes in 4.19.114
2020-04-16 23:29:40 +02:00
81ec71f423
Update to 4.19.115
...
Add CVE id reference for CVE-2020-11565
Cleanup debian/changelog file
2020-04-13 14:46:04 +02:00
b3e52c87a5
Update to 4.19.114
...
Add CVE id reference for CVE-2020-11608
Add CVE id reference for CVE-2020-11609
Add CVE id reference for CVE-2020-11668
Cleanup debian/changelog file
2020-04-11 21:01:46 +02:00
3be8cdd484
Update to 4.19.113
...
Add Debian bug closer for #953017
Cleanup debian/changelog file
2020-04-10 11:38:19 +02:00
03bc2f300f
[rt] Refresh "signals: Allow rt tasks to cache one sigqueue struct" for context changes in 4.19.112
2020-04-09 21:55:44 +02:00
c65add4845
[rt] Refresh "workqueue: Use normal rcu" for context changes in 4.19.112
2020-04-09 21:50:20 +02:00
f3ef27b42b
[rt] Update to 4.19.106-rt46
2020-04-09 21:46:12 +02:00
5a1d3e0c9e
Update to 4.19.112
...
Drop "wimax: i2400: fix memory leak"
Drop "wimax: i2400: Fix memory leak in i2400m_op_rfkill_sw_toggle"
Cleanup debian/changelog file
2020-04-09 21:46:10 +02:00
1eda59f448
[rt] Refresh "workqueue: Use normal rcu" for context changes in 4.19.111
2020-03-28 17:29:01 +01:00
ac4eeb5f06
Update to 4.19.111
...
Cleanup debian/changelog file
2020-03-28 17:28:59 +01:00
1cb724886c
[rt] Update to 4.19.106-rt45
2020-03-28 14:01:17 +01:00
a045817180
Update to 4.19.110
...
Cleanup debian/changelog file
2020-03-25 09:15:48 +01:00
427b49e4e6
Update to 4.19.109
...
Add CVE id reference for CVE-2020-8647 and CVE-2020-8649
Add CVE id reference for CVE-2020-8648
Cleanup debian/changelog file
2020-03-25 09:15:48 +01:00
9eb65f991d
Refresh "net: ena: add MAX_QUEUES_EXT get feature admin command" for context changes in 4.19.108
2020-03-25 09:15:48 +01:00
bc6c13f105
Update to 4.19.108
...
Cleanup debian/changelog file
Add CVE id reference for CVE-2020-10942
2020-03-25 09:15:44 +01:00
8091970175
Update to 4.19.107
...
Add CVE id reference for CVE-2020-9383
Add CVE id reference for CVE-2020-2732
Cleanup debian/changelog file
Add CVE id reference for CVE-2020-0009
2020-03-21 09:18:29 +01:00
f815dc7c72
[rt] Update to 4.19.106-rt44
2020-03-21 09:18:29 +01:00
c9a94477f2
Drop "tools/lib/api/fs/fs.c: Fix misuse of strncpy()"
2020-03-21 09:18:29 +01:00
4eebdc341f
Update to 4.19.106
...
Cleanup debian/changelog file
2020-03-21 09:18:29 +01:00
7d7d28f268
[rt] Refresh "arm64: fpsimd: use preemp_disable in addition to local_bh_disable()" for context changes in 4.19.105.
2020-03-21 09:18:29 +01:00
c28b09c788
Update to 4.19.105
...
Cleanup debian/changelog file
Add CVE id reference for CVE-2020-8992
2020-03-21 09:18:29 +01:00
9e923c8434
[rt] Refresh "powerpc/pseries/iommu: Use a locallock instead local_irq_save()" for context changes in 4.19.104.
2020-03-21 09:18:29 +01:00
25fdae0539
Update to 4.19.104
...
Cleanup debian/changelog file
2020-03-21 09:18:29 +01:00
30aaabe6a8
[rt] Update to 4.19.103-rt42
2020-03-21 09:18:29 +01:00
ada12cc14b
Update to 4.19.103
...
Add CVE id reference for CVE-2019-3016
Cleanup debian/changelog file
2020-03-21 09:18:28 +01:00
ffc4ceb049
Update to 4.19.102
...
Drop "vfs: fix do_last() regression"
Cleanup debian/changelog file
2020-03-21 09:18:28 +01:00
f003f0dba9
Update to 4.19.101
...
Cleanup debian/changelog file
Drop "random: try to actively add entropy rather than passively wait for it"
2020-03-21 09:18:28 +01:00
c2975cd055
Update to 4.19.100
...
Add CVE id reference for CVE-2020-8428
Drop "libertas: Fix two buffer overflows at parsing bss descriptor"
Drop "do_last(): fetch directory ->i_mode and ->i_uid before it's too late"
Cleanup debian/changelog file
2020-03-21 09:18:28 +01:00
5454dfc211
Refresh "ARM: dts: bcm283x: Correct vchiq compatible string" for context changes in 4.19.99
2020-03-21 09:18:28 +01:00
ae4f977a53
Refresh "Revert "objtool: Fix CONFIG_STACK_VALIDATION=y warning for out-of-tree modules"" for context changes in 4.19.99
2020-03-21 09:18:28 +01:00
6465b7bcb4
Update to 4.19.99
...
Add CVE id reference for CVE-2019-19046
Drop "powerpc: vdso: Make vdso32 installation conditional in vdso_install"
Drop "net: ena: fix: Free napi resources when ena_up() fails"
Drop "net: ena: fix incorrect test of supported hash function"
Drop "net: ena: fix ena_com_fill_hash_function() implementation"
Drop "net: ena: fix swapped parameters when calling"
Cleanup debian/changelog file
2020-03-21 09:18:28 +01:00
c0f84a03f2
[x86] Drop "Add a SysRq option to lift kernel lockdown" ( Closes : #947021 )
...
- This patch allowed remotely disabling lockdown using usbip
- Lockdown can be disabled by running "mokutil --disable-validation",
rebooting, and confirming the change when prompted
2020-03-21 09:00:35 +01:00
0283619ccb
Adjust bracket for bug closer
...
Gbp-Dch: Ignore
2020-02-20 11:22:12 +01:00
383accaff8
Merge branch '93sam/linux-add-hibmc' into buster
...
Include the Hisilicon Hibmc drm driver in fb-modules for buster
See merge request kernel-team/linux!209
2020-02-16 23:45:22 +00:00
14665692cd
Merge branch 'syq/linux-buster-fp64' into buster
...
mips: enable O32_FP64 and MSA
See merge request kernel-team/linux!199
2020-02-16 16:29:58 +00:00
b3a8ebd202
Include the Hisilicon Hibmc drm driver in fb-modules
...
Closes : #951274
2020-02-13 16:24:08 +00:00
0e1bc339a1
vfs: fix do_last() regression
2020-02-01 21:15:56 +01:00
ff2a1c5362
do_last(): fetch directory ->i_mode and ->i_uid before it's too late (CVE-2020-8428)
2020-01-29 06:57:18 +01:00
1e4f1969ad
Prepare to release linux (4.19.98-1).
2020-01-26 21:01:13 +01:00
a51474749d
Revert "Prepare to release linux (4.19.98-1)."
...
This reverts commit 0f0b6cc326
2020-01-26 20:58:55 +01:00
0f0b6cc326
Prepare to release linux (4.19.98-1).
2020-01-26 20:54:10 +01:00
fed7048d67
[mips*/malta] Enable POWER_RESET_PIIX4_POWEROFF.
2020-01-25 13:49:01 +01:00
7b4f2d9864
Update to 4.19.98
...
Cleanup debian/changelog file
2020-01-24 06:57:36 +01:00
b9621ac966
[amd64/cloud-amd64] hwrandom: Enable HW_RANDOM_VIRTIO ( Closes : #914511 )
...
Instead of disabling HW_RANDOM, disable all the hwrandom drivers
except this one.
(cherry picked from commit 39bd3e2d43f3286235b0d269d05e7c9959bd8029)
2020-01-21 19:59:39 +00:00
428bd19863
random: try to actively add entropy rather than passively wait for it
...
Cherry pick 50ee7529ec45 from mainline. This addresses a lack of early entropy
in certain environments.
Closes : #948519
2020-01-20 12:44:37 -08:00
56dd5fa07e
Add various security fixes not yet in 4.19-stable
...
All of these are already fixed in jessie, and upgrades shouldn't
regress.
2020-01-20 18:26:58 +00:00
af539cd9db
Merge branch 'buster' into carnil/linux-carnil/4.19-stable-updates
...
Resolve the conflict in debian/changelog.
2020-01-19 04:46:49 +00:00
98e9dde708
Bump ABI to 8
2020-01-19 01:11:21 +00:00
b65774c8d3
aufs: Update support patchset to aufs4.19.63+ 20200113; no functional changes
...
This drops some exports, but we intend to bump the ABI number anyway.
2020-01-19 01:03:02 +00:00
ef8d371cad
[rt] Update to 4.19.94-rt38
...
Most of this is just resolving the same conflicts Salvatore already
handled locally.
"x86/ioapic: Don't let setaffinity unmask threaded EOI interrupt too
early" was refreshed instead of being dropped.
2020-01-19 00:54:59 +00:00
8a81df4df4
debian/changelog: Note a change in 4.19.90-rt35
2020-01-19 00:44:23 +00:00
c0c469a1c6
debian/changelog: Qualify one model-specific quirk as x86-only
2020-01-19 00:34:01 +00:00
f4e9452435
[rt] Refresh 0199-net-move-xmit_recursion-to-per-task-variable-on-RT.patch (Context changes in 4.19.97)
2020-01-18 00:12:10 +01:00
69b7fea362
Cleanup debian/changelog file
2020-01-18 00:12:10 +01:00
c5a2f98b24
Add CVE id reference for CVE-2019-9445
2020-01-18 00:12:10 +01:00
404a161757
Add CVE id reference for CVE-2019-5108
2020-01-18 00:12:10 +01:00
8c48c6e453
Add CVE id reference for CVE-2019-20096
2020-01-18 00:12:10 +01:00
59d80dc0bc
Add CVE id reference for CVE-2019-19927
2020-01-18 00:12:10 +01:00
1dc42110a2
Add CVE id reference for CVE-2019-19077
2020-01-18 00:12:10 +01:00
a6e91788f5
Add CVE id reference for CVE-2019-19059
2020-01-18 00:12:10 +01:00
665007de06
Add CVE id reference for CVE-2019-19058
2020-01-18 00:12:10 +01:00
c8123e56d0
Add CVE id reference for CVE-2019-15217
2020-01-18 00:12:10 +01:00
cfe78f7064
Update to 4.19.97
2020-01-17 22:55:38 +01:00
477e55f8cd
Cleanup debian/changelog file
2020-01-17 15:04:15 +01:00
aa9f65ee62
Add CVE id reference for CVE-2019-19078
2020-01-15 00:03:28 +01:00
6ea5b99739
Add CVE id reference for CVE-2019-19068
2020-01-15 00:02:59 +01:00
6ef11c971e
Add CVE id reference for CVE-2019-19066
2020-01-15 00:02:31 +01:00
c79d5ca882
Add CVE id reference for CVE-2019-19056
2020-01-15 00:02:03 +01:00
1f119ff788
Add CVE id reference for CVE-2019-14895
2020-01-15 00:01:27 +01:00
17a488f946
Add CVE id reference for CVE-2019-14615
2020-01-15 00:00:37 +01:00
8fec41528b
Update to 4.19.96
2020-01-14 23:59:05 +01:00
217a44f064
Cleanup debian/changelog file
2020-01-14 23:58:22 +01:00
1f1923e171
Add CVE id reference for CVE-2019-14901
2020-01-14 23:25:37 +01:00
e5cc95a17c
Update to 4.19.95
2020-01-14 23:23:37 +01:00
febedce575
Cleanup debian/changelog file
2020-01-14 21:01:16 +01:00
b8f39ed155
Add CVE id reference for CVE-2019-19965
2020-01-14 21:01:16 +01:00
a5bf767a34
Add CVE id reference for CVE-2019-18809
2020-01-14 21:01:16 +01:00
4a8ae7c9d5
Update to 4.19.94
2020-01-14 21:01:16 +01:00
5510778373
Drop changelog entries for "powerpc/vcpu: Assume dedicated processors as non-preempt"
...
Gbp-Dch: Ignore
2020-01-14 21:01:16 +01:00
8c12894795
Cleanup debian/changelog file
2020-01-14 21:01:16 +01:00
f96fb9cfd5
[rt] Refresh 0253-watchdog-prevent-deferral-of-watchdogd-wakeup-on-RT.patch (Context changes in 4.19.93)
2020-01-14 21:01:16 +01:00
be9871ff2f
Refresh 0013-scsi-hisi_sas-Relocate-some-codes-to-avoid-an-unused.patch for context changes in 4.19.93.
2020-01-14 21:01:16 +01:00
6ea3bab2b2
Add CVE id reference for CVE-2019-10220
2020-01-14 21:01:16 +01:00
df1b718c9a
Update to 4.19.93
2020-01-14 21:01:16 +01:00
5b421326ca
[rt] Drop 0245-Revert-arm64-preempt-Fix-big-endian-when-checking-pr.patch
2020-01-14 21:01:16 +01:00
414985d41e
[rt] Drop 0013-x86-ioapic-Don-t-let-setaffinity-unmask-threaded-EOI.patch
...
One part of the patch correspond to df4393424af3 ("x86/ioapic: Prevent
inconsistent state when moving an interrupt") in 5.5-rc1 and which got
backported to 4.19.92.
The other is corresponding to 2579a4eefc04 ("x86/ioapic: Rename misnamed
functions") in 5.5-rc1.
2020-01-14 21:01:16 +01:00
88a4ba5bd0
[rt] Update to 4.19.90-rt35
2020-01-14 21:01:16 +01:00
60f99617aa
Cleanup debian/changelog file
2020-01-14 21:01:16 +01:00
903ee592c4
Add CVE id reference for CVE-2019-19947
2020-01-14 21:01:15 +01:00
ab30739ce0
Add CVE id reference for CVE-2019-19063
2020-01-14 21:01:15 +01:00
476e9daab6
Add CVE id reference for CVE-2019-19057
2020-01-14 21:01:15 +01:00
8c66e4c662
Add CVE id reference for CVE-2019-19037
2020-01-14 21:01:15 +01:00
d862bf8e49
Add CVE id reference for CVE-2019-18786
2020-01-14 21:01:15 +01:00
3ecef40306
Update to 4.19.92
2020-01-14 21:01:15 +01:00
5cd34a2914
Add CVE id reference for CVE-2019-19447
2020-01-14 21:01:15 +01:00
02a0b3eb56
Update to 4.19.91
...
* Drop/refresh patches as appropriate
* Several ABI changes still need to be resolved
2019-12-28 01:36:27 +00:00
a13b44e33a
debian/changelog: Clean up changes in 4.19.88 some more
2019-12-27 23:24:36 +00:00
947fbc6618
mips: enable O32_FP64 and MSA
...
CONFIG_MIPS_O32_FP64_SUPPORT is required to support MSA for O32.
It requires CPU >= mips32r1. It is OK for us: currently our
baseline is mips32r2/mips64r2.
Malta can use different CPUs, some of them may support MSA.
Loongson 3A/B 4000 will support MSA.
The only CPU currently we support has no MSA is octeon.
Commit-ID in master: b1d08a0cffbe181cbb94e3fc72a91c2e8a8a38e7
2019-12-27 17:34:42 +08:00
79505b154a
Cleanup debian/changelog file
2019-12-17 17:21:27 +01:00
5d3c55e949
Add CVE id reference for CVE-2019-12614
2019-12-17 17:16:43 +01:00
b4817400ed
Add CVE id reference for CVE-2019-19767
2019-12-17 17:15:13 +01:00
96a8136906
[rt] Refresh 0199-net-move-xmit_recursion-to-per-task-variable-on-RT.patch (Context changes in 4.19.88)
2019-12-17 16:56:40 +01:00
60468edbdf
Drop 0028-RDMA-hns-Bugfix-for-the-scene-without-receiver-queue.patch
2019-12-17 16:56:40 +01:00
9d10b57769
Drop 0027-RDMA-hns-Fix-the-bug-with-updating-rq-head-pointer-w.patch
2019-12-17 16:56:40 +01:00
b9568ec214
Refresh powerpc-fix-mcpu-options-for-spe-only-compiler.patch (Context changes in 4.19.88)
2019-12-17 16:56:40 +01:00
f73fafb39e
Revert "arm64: preempt: Fix big-endian when checking preempt count in assembly"
2019-12-17 16:56:40 +01:00
278eae7330
Update to 4.19.88
2019-12-14 22:00:25 +01:00
873d71775d
[buster] [cloud-amd64] tpm: Enable TPM drivers for Cloud ( Closes : #946237 )
...
The bug has most of the context for this fix. Basically, the cloud image
disables TPM drives, and we want to reenable them.
I added the virt and hardware-agnostic drivers (TIS/CRB/XEN/VTPM), and
I explictly didn't add the hardware-specific drivers. I also didn't
bother with CONFIG_HW_RANDOM_TPM as we already set
CONFIG_RANDOM_TRUST_CPU=y which handles any early-boot RNG issues.
Signed-off-by: Joe Richey <joerichey@google.com>
2019-12-06 00:39:32 -08:00
80865194b5
Prepare to release linux (4.19.87-1).
2019-12-03 06:58:41 +01:00
f9c7775f72
Add CVE id reference for CVE-2019-18683
2019-12-01 17:23:58 +01:00
34cf1b0258
Add CVE id reference for CVE-2019-18660
2019-12-01 17:23:29 +01:00
1a33bc2ef8
Update to 4.19.87
...
Drop "net: ena: Fix Kconfig dependency on X86" applied upstream
Drop "scsi: hisi_sas: Feed back linkrate(max/min) when re-attached" applied upstream
Drop "scsi: hisi_sas: Fix the race between IO completion and timeout for SMP/internal IO" applied upstream
Drop "scsi: hisi_sas: Free slot later in slot_complete_vx_hw()" applied upstream
Drop "scsi: hisi_sas: Fix NULL pointer dereference" applied upstream
[rt] Refresh 0057-printk-Add-a-printk-kill-switch.patch (context changes in 4.19.87)
[rt] Refresh 0207-printk-Make-rt-aware.patch (context changes in 4.19.87)
Cleanup debian/changelog file
2019-12-01 17:19:47 +01:00
c5c04abfa4
Update to 4.19.86
...
[rt] Refresh 0025-NFSv4-replace-seqcount_t-with-a-seqlock_t.patch (context changes in 4.19.86)
[rt] Refresh 0202-net-Qdisc-use-a-seqlock-instead-seqcount.patch (context changes in 4.19.86)
Cleanup debian/changelog file
2019-12-01 15:02:01 +01:00
f78694b110
debian/changelog: wrap long 4.85 changelog entries
2019-12-01 13:43:12 +01:00
5ba5b367b7
Update to 4.19.85
...
Drop introduce is_pae_paging applied upstream
Cleanup debian/changelog file
2019-12-01 13:29:09 +01:00
b62aac68b4
[rt] Refresh 0011-sched-fair-Robustify-CFS-bandwidth-timer-locking.patch (context changes in 4.19.84)
2019-12-01 10:55:02 +01:00
ea17f6edde
Update to 4.19.84
...
Drop TAA patches applied upstream
Drop ITLB_MULTIHIT patches applied upstream
Drop Intel i915 CVE fixes applied upstream
Add CVE id reference for CVE-2019-18813
Add CVE id reference for CVE-2019-19045
Add CVE id reference for CVE-2019-19052
Cleanup debian/changelog file
2019-12-01 10:54:59 +01:00
b69b28370c
Update to 4.19.83
...
Add CVE id reference for CVE-2019-19049
Cleanup debian/changelog file
2019-11-30 17:30:31 +01:00
1867067696
Update to 4.19.82
...
Add CVE id reference for CVE-2019-15098
Add CVE id reference for CVE-2019-17666
Add CVE id reference for CVE-2019-19048
Add CVE id reference for CVE-2019-19060
Add CVE id reference for CVE-2019-19065
Cleanup debian/changelog file
2019-11-30 14:42:27 +01:00
a84ef0f6e4
[x86] KVM: x86: introduce is_pae_paging (Regression in 4.19.77)
...
Fixes a regression in 4.19.81 while including backport of 16cfacc80857
("KVM: x86: Manually calculate reserved bits when loading PDPTRS") but
not bf03d4f93347 ("KVM: x86: introduce is_pae_paging").
2019-11-25 17:52:40 +01:00
098172cdc1
debian/changelog: Clean up list of changes from stable
...
* Delete changes that are irrelevant, were previously cherry-picked by
us, or that cancel each other out
* Add architecture/flavour/featureset-qualifications
* Add CVE IDs
* Word-wrap
2019-11-25 03:26:11 +00:00
8c4ce65f70
Drop "MIPS: tlbex: Fix build_restore_pagemask KScratch restore"
...
This was included in 4.19.81.
2019-11-25 01:09:29 +00:00
beb8c412e8
Merge branch 'buster-4.19.81' into 'buster'
...
Buster 4.19.81
See merge request kernel-team/linux!183
2019-11-25 01:06:06 +00:00
baa617cd99
[rt] Update to 4.19.82-rt30
2019-11-25 00:15:05 +00:00
0965371222
debian/bin/genpatch-rt: Fix series generation from git
2019-11-24 23:58:14 +00:00
6f6f98f0d9
Bump ABI to 7
2019-11-24 23:50:30 +00:00
fc769a9bb3
Merge branch 'bpoirier-guest/linux-buster' into buster
...
tools/perf: Add python3 support to scripts
See merge request kernel-team/linux!184
2019-11-24 19:25:28 +00:00
9397b7ea0e
[mips*] tlbex: Fix build_restore_pagemask KScratch restore.
2019-11-23 22:23:57 +01:00
016066336b
tools/perf: Add python3 support to scripts
2019-11-20 15:04:24 +09:00
c064eca42f
New upstream version 4.19.81
2019-11-19 16:03:48 -08:00
3e9a6acd20
ipv4: Return -ENETUNREACH if we can't create route but saddr is valid
...
Closes : #945023
2019-11-19 08:00:10 +01:00
014f165375
Release linux (4.19.67-2+deb10u2).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAl3JkpgACgkQ57/I7JWG
EQkwVhAAwN5/oNLjJcrhJjGvLW36QIcli05GoNH1hqLNlppwFwzxFYms5f4Y0uAn
lu5wWo59jL2xqnZ0azNg7ukujVUyLuVEsBuShCBmkSWtt+3mXjKJay1lnwtEei1R
w2WnXIsAFdSocpnCq7BfQi0sGgUetPJANkkXe019x8H7DmzugisnArp4hX7e7eU5
JaRuugKTquYjPNN1mQaNS3/C6ODWRBZlTjafznZ3lTme9ku195oUAJWvyU6/AMDB
+QB9lnaWVNsWkKt3Hx0yquY6sFHYhDhxxKXdULWDwjTW4r1Ye5DKJT433gbKjhTZ
sILbbXMs2eEv9KM+NvMB96s32z+dc59q1KM3IeAKqQljsqngquqvBQtFRqJYtUCA
k4HY0wO/2EapWnYnO0z7XekjolZlK7Nj6aldysZ8f6V1q13apPraYKscQyMLTAfy
CXaUP3bsaxKZvEtlz4+x9OHIqKVrIzI8mLujcpgildz8E3bToXZCgK+CzIAFCdy+
vY1wUoP5S/DCdgvAIzyT9g2VoFae3DNRNv2DSC53FMHaD1PRwE2wf4XgXSAc4hC+
s3orsvA8PpHj7BpAa3D3JnrZbP/kAn+rFCqUha/6cs5npOUwpSs1SNdil60K130q
dS9KcnWY2Do7fp6xc0T4WCRcR6osDJp3WzTmuHpHivfuP26VwXY=
=aKic
-----END PGP SIGNATURE-----
Merge tag 'debian/4.19.67-2+deb10u2' into buster
Release linux (4.19.67-2+deb10u2).
2019-11-19 07:42:38 +01:00
c3649501d0
Prepare to release linux (4.19.67-2+deb10u2).
2019-11-11 00:30:56 +00:00
9a2df80e9d
Drop "x86/cpu: Add Tremont to the cpu vulnerability whitelist"
...
We don't have this CPU ID, and I don't see the point in adding it
right now.
2019-11-11 00:29:38 +00:00
6d8b0092bb
[x86] drm/i915/cmdparser: Fix jump whitelist clearing
...
Fix a flaw I found in the mitigation for CVE-2019-0155.
2019-11-10 22:41:41 +00:00
feec1caa94
[x86] i915: Add mitigations for two hardware security flaws
2019-11-10 02:53:32 +00:00
c2443a2e97
[x86] Update TAA and NX fixes to pending stable backports
2019-11-09 20:17:15 +00:00
be004c1b69
x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs
2019-11-08 00:14:38 +01:00
37baed7166
[x86] Update TAA (Borislav v2) and NX (v9) fixes
...
The upstream commits for these are now finalised, so we shouldn't need
to replace patches after this (but might need to add more).
2019-11-07 18:10:48 +00:00
cd92ab49c4
KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is active
2019-11-07 17:32:14 +01:00
87c48ee54f
drivers/net/ethernet/amazon: Backport ENA driver from Linux 5.4
2019-10-29 09:47:59 -07:00
02d8d0c5b0
Merge branch 'rpi3_a_plus' into 'buster'
...
[armhf, arm64] Add patches from 5.1 for enabling support for the Raspberry PI 3 A+
See merge request kernel-team/linux!134
2019-10-27 14:24:25 +00:00
dbb59eba34
[amd64/cloud-amd64] Re-enable RTC drivers
2019-10-25 23:30:18 +02:00
537ad2315a
[x86] Update TAA patch set to v7
2019-10-24 22:52:37 +01:00
96c0e74c50
[x86] Add mitigation for TSX Asynchronous Abort (CVE-2019-11135)
...
This is a backport of v6 of the TAA patch set, and will probably
require updates before release. The subject lines for these patches
didn't come through.
2019-10-20 14:51:55 +01:00
d9bd594144
[x86] KVM: Add mitigation for Machine Check Error on Page Size Change
...
(aka iTLB multi-hit, CVE-2018-12207)
This is a backport of v6 of the "NX" patch set, and will probably
require updates before release.
2019-10-20 14:46:13 +01:00
1df282987d
[armhf, arm64] Backport devicetree for enabling support for the Raspberry PI 3 A+
...
We already have everything we need inside the kernel 4.19.x for
supporting this board. backporting patches from upstream so we get
the support for buster.
2019-10-16 20:07:45 +02:00
530030f117
ixgbe: Fix secpath usage for IPsec TX offload
...
Closes : #930443
2019-10-15 22:57:58 +02:00
63680f3314
Release linux (4.19.67-2+deb10u1).
...
-----BEGIN PGP SIGNATURE-----
iQKmBAABCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl2EsyhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89ErG0QAKEp2inuWb4xyie24D6ZDbpTWi/37uWW
2E8bYiMguHGv3tJgqBKkz0YQ0BdPYcSk8Jxx9SrHNPvA6TQ8eUup17a9lrPucruj
TcLGyK+d5RG8YX+8ssyrGuC6uG+tO4oYUf4y/Tb+jYH1VOTBasUs3RF0l0bVq33e
BvGJZ4ITkkITmuPv+0/EJs5cbhxtshZ0g63Ojkq1KkcpJI9ZORhgYeOEzMca3qkN
3OkPvl2AcGE027aXQpigvPxfg0S2MpdGLf0aqmpifZbfB69G0f8QihmJ0PEaX72w
1cxFqePBV/noLq9acXOVtdWts2Ufldm8ytn7/BMu+s5utX/jQU/WVCorBWNCVN58
yYLBiLE6hatjhShKDvj20g4aiF8hHzErdlyrs+3jtkElvKvQhw/h8MDyNsvVD70H
UhQH8kdMf3VJ0y4J/PkWXKiBvQJAbUosGFz0LRJUuhoys7CQEP0CGB/iJsIbLMZ9
eRovrwxM2zJNtPFE0R80pZXsb0e2WJHsPY9Ta2OHZHaDEGP2wwnD/wvWo+zIFx9K
YJNYDsnChGwqWqIEvpf3nJVObUfQFOkpWuG3QeFRr3xAujIjOsHMjH8UGdRQMNen
8w0mGMcbnclAHZ7zk3GEHp83qsyH7tCFj37W0ZO8YHj2nMrFMc9D3RGPjvoZ//jM
gRJoAn5pdfE+
=QEEi
-----END PGP SIGNATURE-----
Merge tag 'debian/4.19.67-2+deb10u1' into buster
Release linux (4.19.67-2+deb10u1).
2019-10-15 22:48:01 +02:00
ae1a40e9a5
[armel/rpi] Enable CONFIG_BRCMFMAC_SDIO ( Closes : #940530 )
2019-09-30 16:55:52 +02:00
f13b3cd992
Prepare to release linux (4.19.67-2+deb10u1).
2019-09-20 12:51:56 +02:00
942d6ddd3f
KVM: coalesced_mmio: add bounds checking (CVE-2019-14821)
2019-09-19 17:16:06 +02:00
c0096a08f9
[x86] ptrace: fix up botched merge of spectrev1 fix (CVE-2019-15902)
2019-09-18 21:35:01 +02:00
78f0b2574a
vhost: make sure log_num < in_num (CVE-2019-14835)
2019-09-13 06:12:11 +02:00
782d6ea880
ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term
...
(CVE-2019-15118)
2019-09-12 22:40:43 +02:00
aa8fb19232
ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit
...
(CVE-2019-15117)
[carnil: Use 4.19.67-2+deb10u1 version for buster-security branch]
2019-09-12 22:40:21 +02:00
484d0b5f4b
ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term
...
(CVE-2019-15118)
2019-08-28 13:38:41 +02:00
80e547b069
ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit
...
(CVE-2019-15117)
2019-08-28 13:38:34 +02:00
ff672b98a7
Prepare to release linux (4.19.67-2).
2019-08-28 06:20:22 +02:00
e10bab8d2e
Reference assigned CVE id for CVE-2019-15538
...
Gbp-Dch: Ignore
2019-08-25 17:31:05 +02:00
a065e442e2
xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT
2019-08-24 20:51:54 +02:00
1b40f700ac
[arm64] Backport DTB support for Rasperry Pi Compute Module 3.
...
Tested-by: Charles Fendt <charles.fendt@me.com>
Signed-off-by: Cyril Brulebois <cyril@debamax.com>
(cherry picked from commit de7501857cae4892f52d8c56c2184be548709052)
2019-08-22 21:16:10 +02:00
10dd2b634c
[arm] Backport DTB support for Rasperry Pi Compute Module 3.
...
Signed-off-by: Cyril Brulebois <cyril@debamax.com>
(cherry picked from commit 64801af590540b4494f408b95a31fbe07963784d)
2019-08-22 21:16:10 +02:00
57f74f6573
netfilter: conntrack: Use consistent ct id hash calculation
...
This fixes a regression in 4.19.44.
2019-08-22 20:04:20 +01:00
00ee7f7173
[ppc64el] Avoid ABI change for disabling TM
...
Ignore removal of TM functions that are exported for use by KVM.
2019-08-22 20:03:54 +01:00
019113b013
[ppc64el] Disable PPC_TRANSACTIONAL_MEM ( Closes : #866122 )
2019-08-22 20:03:19 +01:00
7ee3696c10
KVM: Ignore ABI changes
...
We already ignored most of them, but missed some. Group together
all the KVM patterns in debian/config/defines.
2019-08-22 20:02:52 +01:00
eaab250914
Merge remote-tracking branch 'salsa/buster' into buster
...
Since I've already uploaded 4.19.67-1, open a new changelog entry for
Salvatore's change.
2019-08-21 23:39:23 +01:00
9bf2130b62
dm: disable DISCARD if the underlying storage no longer supports it
...
Closes : #934331
2019-08-21 21:41:04 +02:00
8d3b3b09b9
Add CVE id for CVE-2019-15215
2019-08-21 21:30:17 +02:00
2de12d5f21
Add CVE id for CVE-2019-15211
2019-08-21 21:29:45 +02:00
71253bf604
Add CVE id for CVE-2019-15220
2019-08-21 21:28:17 +02:00
d5720146ae
Add CVE id for CVE-2019-15221
2019-08-21 21:27:23 +02:00
37487d12f3
Add CVE id for CVE-2019-15223
2019-08-21 21:24:47 +02:00
0cde12d3b1
Add CVE id for CVE-2019-15219
2019-08-21 21:24:12 +02:00
92583c3bcb
Add CVE id for CVE-2019-15218
2019-08-21 21:23:39 +02:00
4d54b8bb16
Add CVE id for CVE-2019-15212
2019-08-21 21:22:59 +02:00
8e8dc21337
Add CVE id reference for CVE-2019-15216
2019-08-21 21:13:31 +02:00
889a9d1fb0
Prepare to release linux (4.19.67-1).
2019-08-21 17:44:57 +01:00
f79aedcfab
Bump ABI to 6
2019-08-20 01:51:35 +01:00
795d93f1ed
[rt] Update to 4.19.59-rt24
...
This mostly applied cleanly on 4.19.67. A few patches had 1 or 2
lines of fuzz which I've resolved.
2019-08-20 01:51:34 +01:00
0899b0f554
Update to 4.19.67
...
* Drop patches which have been applied to 4.19-stable
* Drop "Revert "net: stmmac: Send TSO packets always from Queue 0"" in
favour of upstream fix "net: stmmac: Re-work the queue selection for
TSO packets"
* Refresh patches that became fuzzy
2019-08-20 01:51:22 +01:00
64c3754b90
Merge branch 'buster-security' into buster
...
* Accept revert of "[sh4]: Check for kprobe trap number before trying
to handle a kprobe trap" and update debian/changelog accordingly, as
sh4 is not a release architecture
* Keep "[arm64] Improve support for the Huawei TaiShan server platform"
which was reverted on the buster-security branch
2019-08-18 19:29:59 +01:00
92fee68e15
Prepare to release linux (4.19.37-5+deb10u2).
2019-08-08 03:02:38 +01:00
95a59b0c5d
inet: Avoid ABI change for IP ID hash change
2019-08-08 03:01:19 +01:00
f02f2890aa
[x86] cpufeatures: Avoid ABI change for swapgs mitigations
...
- Move swapgs feature bits to existing scattered words
- Revert "x86/cpufeatures: Combine word 11 and 12 into a new scattered
features word"
2019-08-08 02:49:24 +01:00
07a6d57831
Add patchset for CVE-2019-1125
2019-08-07 08:34:30 +02:00
65c2005956
[powerpc/tm] Fix oops on sigreturn on systems without TM (CVE-2019-13648)
2019-08-05 19:04:21 +02:00
3b76691d24
Bluetooth: hci_uart: check for missing tty operations (CVE-2019-10207)
2019-08-05 18:57:05 +02:00
ec64cb4c87
floppy: fix div-by-zero in setup_format_params (CVE-2019-14284)
...
This retrieves the patch from the linux-4.19.y branch and refreshes the
previous one "floppy: fix out-of-bounds read in copy_buffer", because
this is firstly "floppy: fix div-by-zero in setup_format_params" that is
applied upstream, then the one regarding out-of-bounds read in copy_buffer.
The one for CVE-2019-14283 was previously refreshed because it was not
applicable directly. Now both patches are synchronized with upstream and
applied in the same order.
2019-08-05 17:56:29 +02:00
24c58d8c20
inet: switch IP ID generator to siphash (CVE-2019-10638)
2019-07-30 11:20:38 +02:00
4962cdb584
floppy: fix out-of-bounds read in copy_buffer (CVE-2019-14283)
2019-07-30 11:14:00 +02:00
b394039686
[arm64] compat: Provide definition for COMPAT_SIGMINSTKSZ ( Closes : #904385 ).
2019-07-29 22:36:47 +02:00
8da545ad5d
rtc-s35390a: backport fix to make hwclock able to read the time
2019-07-28 21:37:15 +02:00
ed5659c4e4
Merge branch 'imx6' of salsa.debian.org:ukleinek/linux into buster
2019-07-28 21:23:53 +02:00
8cb769111f
Input: gtco - bounds check collection indent level (CVE-2019-13631)
2019-07-27 13:15:59 +02:00
167ecd4ada
scsi: libsas: fix a race condition when smp task timeout (CVE-2018-20836)
2019-07-22 14:01:45 +02:00
84b1bd80aa
Revert unwanted changes for buster-security
...
We need to be based onto 4.19.37-5+deb10u1, and only include security
related topics. Things or improvements added to 4.19.37-6 (that is
already in sid) should be removed because they should not be uploaded
to buster-security accidentaly.
2019-07-22 11:44:02 +02:00
01d9fffd29
Release linux (4.19.37-5+deb10u1).
...
-----BEGIN PGP SIGNATURE-----
iQKmBAABCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl0xhh1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89E8nEP/iF7NUo1hvYNR/ueapgtpnMaHh/OeiGp
x5/4RQW9Lo+Y8djiJWr9Kh7DVT7zp2k6OOb6o2qypgpEpFGGZAf02E3kheTJMhJz
XxDHyGRflQpXDsEbPCcWCXvJjH/7puV/GWATPYo9qE/hs9rBAiFsOlOTqWSJf8Yd
rVxjRRXe9/qRcOV4OJyiuL2GbeL7eO3TqTEl1NVSNP4V1RjYFFy/CUelWAcGzUOI
tkk+NM7CEspQQhpIRkSGB+GyYMvOFNi2mkrz+mJbSUeb75uiZq3myJqHiQOKpwHe
OGJiVBD4Ce8pv3PvR9bFZwgOV2t1XTDOeyUcmh8C07SblwI6iM/vi/nWw7B9VUEH
X2EB/3/TuhKgJHtYpFZdi1mlRrt+6YYgDmbFVUyjojZhOONlVagwq2vaX0ep6yI4
FOQo4kpCG10yse4JxUS0Unv6hk7ShfLe/Kb9lOJvPSZM5dCutWTQrRO05gTyFaev
orMZou9lsXYDTzpFAICE2ZhCcySvYLqvPkkCoabiECMlJE2Ra/rsHiuQEcSNjG8E
A8EqJhElt+W8mvTkofG5yL3oguD6yg4Qf0luKOl0bEcZyBXDbK4nHtHAwcBNoR5X
zNfrikCyo7jPX3JGH3F8wYE9vc04SO+YEkvcyZcLTOUBiDIpZgC4r3IOyBDgzv1K
KDIBNpFCBL0Z
=794G
-----END PGP SIGNATURE-----
Merge tag 'debian/4.19.37-5+deb10u1' into buster
Release linux (4.19.37-5+deb10u1).
2019-07-20 23:07:45 +02:00
1e1ff4ce9c
binder: fix race between munmap() and direct reclaim (CVE-2019-1999)
2019-07-20 18:36:49 +02:00
Salvatore Bonaccorso
Ben Hutchings
Steve McIntyre
Aurelien Jarno
Noah Meyerhans
YunQiang Su
Joe Richey
Benjamin Poirier
Bastian Blank
Romain Perier
Romain Perier
Cyril Brulebois
Romain Perier
Uwe Kleine-König