Salvatore Bonaccorso
014f165375
Release linux (4.19.67-2+deb10u2).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAl3JkpgACgkQ57/I7JWG
EQkwVhAAwN5/oNLjJcrhJjGvLW36QIcli05GoNH1hqLNlppwFwzxFYms5f4Y0uAn
lu5wWo59jL2xqnZ0azNg7ukujVUyLuVEsBuShCBmkSWtt+3mXjKJay1lnwtEei1R
w2WnXIsAFdSocpnCq7BfQi0sGgUetPJANkkXe019x8H7DmzugisnArp4hX7e7eU5
JaRuugKTquYjPNN1mQaNS3/C6ODWRBZlTjafznZ3lTme9ku195oUAJWvyU6/AMDB
+QB9lnaWVNsWkKt3Hx0yquY6sFHYhDhxxKXdULWDwjTW4r1Ye5DKJT433gbKjhTZ
sILbbXMs2eEv9KM+NvMB96s32z+dc59q1KM3IeAKqQljsqngquqvBQtFRqJYtUCA
k4HY0wO/2EapWnYnO0z7XekjolZlK7Nj6aldysZ8f6V1q13apPraYKscQyMLTAfy
CXaUP3bsaxKZvEtlz4+x9OHIqKVrIzI8mLujcpgildz8E3bToXZCgK+CzIAFCdy+
vY1wUoP5S/DCdgvAIzyT9g2VoFae3DNRNv2DSC53FMHaD1PRwE2wf4XgXSAc4hC+
s3orsvA8PpHj7BpAa3D3JnrZbP/kAn+rFCqUha/6cs5npOUwpSs1SNdil60K130q
dS9KcnWY2Do7fp6xc0T4WCRcR6osDJp3WzTmuHpHivfuP26VwXY=
=aKic
-----END PGP SIGNATURE-----
Merge tag 'debian/4.19.67-2+deb10u2' into buster
Release linux (4.19.67-2+deb10u2).
2019-11-19 07:42:38 +01:00
Ben Hutchings
9a2df80e9d
Drop "x86/cpu: Add Tremont to the cpu vulnerability whitelist"
...
We don't have this CPU ID, and I don't see the point in adding it
right now.
2019-11-11 00:29:38 +00:00
Ben Hutchings
6d8b0092bb
[x86] drm/i915/cmdparser: Fix jump whitelist clearing
...
Fix a flaw I found in the mitigation for CVE-2019-0155.
2019-11-10 22:41:41 +00:00
Ben Hutchings
feec1caa94
[x86] i915: Add mitigations for two hardware security flaws
2019-11-10 02:53:32 +00:00
Ben Hutchings
c2443a2e97
[x86] Update TAA and NX fixes to pending stable backports
2019-11-09 20:17:15 +00:00
Salvatore Bonaccorso
be004c1b69
x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs
2019-11-08 00:14:38 +01:00
Ben Hutchings
37baed7166
[x86] Update TAA (Borislav v2) and NX (v9) fixes
...
The upstream commits for these are now finalised, so we shouldn't need
to replace patches after this (but might need to add more).
2019-11-07 18:10:48 +00:00
Salvatore Bonaccorso
cd92ab49c4
KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is active
2019-11-07 17:32:14 +01:00
Ben Hutchings
537ad2315a
[x86] Update TAA patch set to v7
2019-10-24 22:52:37 +01:00
Ben Hutchings
b2cc5e7f74
[x86] Update NX patch set to v7
2019-10-24 22:48:50 +01:00
Ben Hutchings
96c0e74c50
[x86] Add mitigation for TSX Asynchronous Abort (CVE-2019-11135)
...
This is a backport of v6 of the TAA patch set, and will probably
require updates before release. The subject lines for these patches
didn't come through.
2019-10-20 14:51:55 +01:00
Ben Hutchings
d9bd594144
[x86] KVM: Add mitigation for Machine Check Error on Page Size Change
...
(aka iTLB multi-hit, CVE-2018-12207)
This is a backport of v6 of the "NX" patch set, and will probably
require updates before release.
2019-10-20 14:46:13 +01:00
Salvatore Bonaccorso
530030f117
ixgbe: Fix secpath usage for IPsec TX offload
...
Closes : #930443
2019-10-15 22:57:58 +02:00
Salvatore Bonaccorso
942d6ddd3f
KVM: coalesced_mmio: add bounds checking (CVE-2019-14821)
2019-09-19 17:16:06 +02:00
Salvatore Bonaccorso
c0096a08f9
[x86] ptrace: fix up botched merge of spectrev1 fix (CVE-2019-15902)
2019-09-18 21:35:01 +02:00
Salvatore Bonaccorso
78f0b2574a
vhost: make sure log_num < in_num (CVE-2019-14835)
2019-09-13 06:12:11 +02:00
Romain Perier
782d6ea880
ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term
...
(CVE-2019-15118)
2019-09-12 22:40:43 +02:00
Romain Perier
aa8fb19232
ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit
...
(CVE-2019-15117)
[carnil: Use 4.19.67-2+deb10u1 version for buster-security branch]
2019-09-12 22:40:21 +02:00
Salvatore Bonaccorso
e10bab8d2e
Reference assigned CVE id for CVE-2019-15538
...
Gbp-Dch: Ignore
2019-08-25 17:31:05 +02:00
Salvatore Bonaccorso
a065e442e2
xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT
2019-08-24 20:51:54 +02:00
Ben Hutchings
57f74f6573
netfilter: conntrack: Use consistent ct id hash calculation
...
This fixes a regression in 4.19.44.
2019-08-22 20:04:20 +01:00
Salvatore Bonaccorso
9bf2130b62
dm: disable DISCARD if the underlying storage no longer supports it
...
Closes : #934331
2019-08-21 21:41:04 +02:00
Ben Hutchings
0899b0f554
Update to 4.19.67
...
* Drop patches which have been applied to 4.19-stable
* Drop "Revert "net: stmmac: Send TSO packets always from Queue 0"" in
favour of upstream fix "net: stmmac: Re-work the queue selection for
TSO packets"
* Refresh patches that became fuzzy
2019-08-20 01:51:22 +01:00
Ben Hutchings
64c3754b90
Merge branch 'buster-security' into buster
...
* Accept revert of "[sh4]: Check for kprobe trap number before trying
to handle a kprobe trap" and update debian/changelog accordingly, as
sh4 is not a release architecture
* Keep "[arm64] Improve support for the Huawei TaiShan server platform"
which was reverted on the buster-security branch
2019-08-18 19:29:59 +01:00
Salvatore Bonaccorso
07a6d57831
Add patchset for CVE-2019-1125
2019-08-07 08:34:30 +02:00
Salvatore Bonaccorso
fc21f10317
Adjust Origin header in CVE-2019-13648 patch
...
Gbp-Dch: Ignore
2019-08-05 19:17:17 +02:00
Romain Perier
65c2005956
[powerpc/tm] Fix oops on sigreturn on systems without TM (CVE-2019-13648)
2019-08-05 19:04:21 +02:00
Romain Perier
3b76691d24
Bluetooth: hci_uart: check for missing tty operations (CVE-2019-10207)
2019-08-05 18:57:05 +02:00
Romain Perier
ec64cb4c87
floppy: fix div-by-zero in setup_format_params (CVE-2019-14284)
...
This retrieves the patch from the linux-4.19.y branch and refreshes the
previous one "floppy: fix out-of-bounds read in copy_buffer", because
this is firstly "floppy: fix div-by-zero in setup_format_params" that is
applied upstream, then the one regarding out-of-bounds read in copy_buffer.
The one for CVE-2019-14283 was previously refreshed because it was not
applicable directly. Now both patches are synchronized with upstream and
applied in the same order.
2019-08-05 17:56:29 +02:00
Romain Perier
24c58d8c20
inet: switch IP ID generator to siphash (CVE-2019-10638)
2019-07-30 11:20:38 +02:00
Romain Perier
4962cdb584
floppy: fix out-of-bounds read in copy_buffer (CVE-2019-14283)
2019-07-30 11:14:00 +02:00
Aurelien Jarno
b394039686
[arm64] compat: Provide definition for COMPAT_SIGMINSTKSZ ( Closes : #904385 ).
2019-07-29 22:36:47 +02:00
Uwe Kleine-König
8da545ad5d
rtc-s35390a: backport fix to make hwclock able to read the time
2019-07-28 21:37:15 +02:00
Salvatore Bonaccorso
e890639fa7
Replace Origin reference with reachable reference
...
Gbp-Dch: Ignore
2019-07-27 14:24:32 +02:00
Romain Perier
8cb769111f
Input: gtco - bounds check collection indent level (CVE-2019-13631)
2019-07-27 13:15:59 +02:00
Romain Perier
167ecd4ada
scsi: libsas: fix a race condition when smp task timeout (CVE-2018-20836)
2019-07-22 14:01:45 +02:00
Romain Perier
84b1bd80aa
Revert unwanted changes for buster-security
...
We need to be based onto 4.19.37-5+deb10u1, and only include security
related topics. Things or improvements added to 4.19.37-6 (that is
already in sid) should be removed because they should not be uploaded
to buster-security accidentaly.
2019-07-22 11:44:02 +02:00
Salvatore Bonaccorso
01d9fffd29
Release linux (4.19.37-5+deb10u1).
...
-----BEGIN PGP SIGNATURE-----
iQKmBAABCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl0xhh1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89E8nEP/iF7NUo1hvYNR/ueapgtpnMaHh/OeiGp
x5/4RQW9Lo+Y8djiJWr9Kh7DVT7zp2k6OOb6o2qypgpEpFGGZAf02E3kheTJMhJz
XxDHyGRflQpXDsEbPCcWCXvJjH/7puV/GWATPYo9qE/hs9rBAiFsOlOTqWSJf8Yd
rVxjRRXe9/qRcOV4OJyiuL2GbeL7eO3TqTEl1NVSNP4V1RjYFFy/CUelWAcGzUOI
tkk+NM7CEspQQhpIRkSGB+GyYMvOFNi2mkrz+mJbSUeb75uiZq3myJqHiQOKpwHe
OGJiVBD4Ce8pv3PvR9bFZwgOV2t1XTDOeyUcmh8C07SblwI6iM/vi/nWw7B9VUEH
X2EB/3/TuhKgJHtYpFZdi1mlRrt+6YYgDmbFVUyjojZhOONlVagwq2vaX0ep6yI4
FOQo4kpCG10yse4JxUS0Unv6hk7ShfLe/Kb9lOJvPSZM5dCutWTQrRO05gTyFaev
orMZou9lsXYDTzpFAICE2ZhCcySvYLqvPkkCoabiECMlJE2Ra/rsHiuQEcSNjG8E
A8EqJhElt+W8mvTkofG5yL3oguD6yg4Qf0luKOl0bEcZyBXDbK4nHtHAwcBNoR5X
zNfrikCyo7jPX3JGH3F8wYE9vc04SO+YEkvcyZcLTOUBiDIpZgC4r3IOyBDgzv1K
KDIBNpFCBL0Z
=794G
-----END PGP SIGNATURE-----
Merge tag 'debian/4.19.37-5+deb10u1' into buster
Release linux (4.19.37-5+deb10u1).
2019-07-20 23:07:45 +02:00
Salvatore Bonaccorso
869c89cb6d
Use patch headers as generated by git format-patch-for-debian
2019-07-20 21:14:38 +02:00
Romain Perier
1e1ff4ce9c
binder: fix race between munmap() and direct reclaim (CVE-2019-1999)
2019-07-20 18:36:49 +02:00
Romain Perier
091f76e86d
nfc: Ensure presence of required attributes in the deactivate_target handler (CVE-2019-12984)
2019-07-20 18:21:14 +02:00
Romain Perier
fbe4322901
[powerpc*] mm/64s/hash: Reallocate context ids on fork (CVE-2019-12817)
2019-07-20 17:17:59 +02:00
Romain Perier
7e902dbcd3
[x86] x86/insn-eval: Fix use-after-free access to LDT entry (CVE-2019-13233)
2019-07-20 17:17:43 +02:00
Salvatore Bonaccorso
aa3c23fe0e
Release linux (4.19.37-5+deb10u1).
...
-----BEGIN PGP SIGNATURE-----
iQKmBAABCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl0xhh1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89E8nEP/iF7NUo1hvYNR/ueapgtpnMaHh/OeiGp
x5/4RQW9Lo+Y8djiJWr9Kh7DVT7zp2k6OOb6o2qypgpEpFGGZAf02E3kheTJMhJz
XxDHyGRflQpXDsEbPCcWCXvJjH/7puV/GWATPYo9qE/hs9rBAiFsOlOTqWSJf8Yd
rVxjRRXe9/qRcOV4OJyiuL2GbeL7eO3TqTEl1NVSNP4V1RjYFFy/CUelWAcGzUOI
tkk+NM7CEspQQhpIRkSGB+GyYMvOFNi2mkrz+mJbSUeb75uiZq3myJqHiQOKpwHe
OGJiVBD4Ce8pv3PvR9bFZwgOV2t1XTDOeyUcmh8C07SblwI6iM/vi/nWw7B9VUEH
X2EB/3/TuhKgJHtYpFZdi1mlRrt+6YYgDmbFVUyjojZhOONlVagwq2vaX0ep6yI4
FOQo4kpCG10yse4JxUS0Unv6hk7ShfLe/Kb9lOJvPSZM5dCutWTQrRO05gTyFaev
orMZou9lsXYDTzpFAICE2ZhCcySvYLqvPkkCoabiECMlJE2Ra/rsHiuQEcSNjG8E
A8EqJhElt+W8mvTkofG5yL3oguD6yg4Qf0luKOl0bEcZyBXDbK4nHtHAwcBNoR5X
zNfrikCyo7jPX3JGH3F8wYE9vc04SO+YEkvcyZcLTOUBiDIpZgC4r3IOyBDgzv1K
KDIBNpFCBL0Z
=794G
-----END PGP SIGNATURE-----
Merge tag 'debian/4.19.37-5+deb10u1' into buster-security
Release linux (4.19.37-5+deb10u1).
2019-07-19 11:15:23 +02:00
Salvatore Bonaccorso
c6f3814dc4
ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME (CVE-2019-13272)
2019-07-19 10:45:11 +02:00
John Paul Adrian Glaubitz
c342a968c4
[sh4]: Check for kprobe trap number before trying to handle a kprobe trap
2019-06-23 18:59:55 +02:00
Ben Hutchings
c01ce3da12
Merge branch '93sam/linux-huawei-taishan-support' into sid
...
[arm64] Improve support for the Huawei TaiShan server platform
See merge request kernel-team/linux!151
2019-06-23 17:19:03 +01:00
Salvatore Bonaccorso
eb5241a213
tcp: refine memory limit test in tcp_fragment()
...
Closes : #930904
2019-06-23 16:15:34 +02:00
Steve McIntyre
2c3b28ea8f
[arm64] Improve support for the Huawei TaiShan server platform
...
Closes : #930554
Enable the HNS/ROCE Infiniband driver
Backport fixes from 4.20 and 4.21 for HNS3 networking, hisi_sas SAS
and HNS/ROCE Infiniband
Signed-off-by: Steve McIntyre <93sam@debian.org>
2019-06-23 10:58:07 +01:00
Romain Perier
d2962338d6
[sparc64] Fix device naming inconsistency between sunhv_console and sunhv_reg ( Closes : #926539 )
2019-06-19 16:30:43 +02:00
Ben Hutchings
1e253edaa7
Add TCP DoS fixes
2019-06-17 19:46:08 +01:00
Ben Hutchings
4ea468554d
mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (CVE-2019-10126)
2019-06-17 19:32:38 +01:00
Ben Hutchings
e5664e23f5
mm/mincore.c: make mincore() more conservative (CVE-2019-5489)
2019-06-17 19:29:35 +01:00
Ben Hutchings
1894e89399
mwifiex: Don't abort on small, spec-compliant vendor IEs
2019-06-17 19:29:14 +01:00
Ben Hutchings
70b1e1a8fa
mwifiex: Abort at too short BSS descriptor element
2019-06-17 19:25:01 +01:00
Ben Hutchings
54fa813858
mwifiex: Fix possible buffer overflows at parsing bss descriptor (CVE-2019-3846)
2019-06-17 19:24:10 +01:00
Aurelien Jarno
cbcfb20ce0
[mips] Correctly bounds check virt_addr_valid ( Closes : #929366 )
2019-06-09 00:06:52 +02:00
Salvatore Bonaccorso
3b44df1499
Bluetooth: hidp: fix buffer overflow (CVE-2019-11884)
2019-06-07 15:25:30 +02:00
Salvatore Bonaccorso
8910626bca
ext4: zero out the unused memory region in the extent tree block (CVE-2019-11833)
2019-06-07 14:53:07 +02:00
Salvatore Bonaccorso
23527ae20b
brcmfmac: add subtype check for event handling in data path (CVE-2019-9503)
2019-06-07 14:49:05 +02:00
Salvatore Bonaccorso
8970aaa563
brcmfmac: assure SSID length from firmware is limited (CVE-2019-9500)
2019-06-07 14:43:58 +02:00
Ben Hutchings
9b28931859
libbpf: Use only 2 components in soversion, matching package name
...
Debian policy says the package name must change when the soname
changes. We don't expect the ABI to change in a stable update,
so use only 2 components in both.
2019-05-19 14:48:13 +01:00
Ben Hutchings
a6879552b5
Drop unnecessary changes from "libbpf: add SONAME to shared object"
...
It's not necessary to delete the definitions of the variables that
become unused. Nor is it necessary to move the definition of
LIBBPF_VERSION before LIB_FILES, because the latter is defined
as recursively expanded (i.e. its variable references are not
immediately expanded).
This makes the actual change we're making clearer, and should
reduce the future work to maintain this patch.
2019-05-19 14:36:25 +01:00
Ben Hutchings
9329ccdf87
[powerpc*] 64s: Include cpu header (fixes FTBFS)
2019-05-15 23:07:44 +01:00
Ben Hutchings
1565dc00f4
[x86] Mitigate Microarchitectural Data Sampling (MDS) vulnerabilities
...
Together with a microcode update, this mitigates CVE-2018-12126,
CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091.
2019-05-10 12:03:12 +01:00
Ben Hutchings
ece5b4e4cd
mm,fs: Prevent page refcount overflow (CVE-2019-11487)
2019-05-05 15:44:05 +01:00
Ben Hutchings
83f5e0f1ef
tracing: Fix buffer_ref pipe ops
...
This is preparation for fixing CVE-2019-11487.
2019-05-05 15:42:32 +01:00
Ben Hutchings
4f3fa1e296
aio: Apply fixes from 4.19.38 (CVE-2019-10125)
2019-05-05 15:41:31 +01:00
Salvatore Bonaccorso
55a23e404a
[amd64,arm64] vfio/type1: Limit DMA mappings per container (CVE-2019-3882)
2019-05-05 16:06:15 +02:00
Ben Hutchings
7ebc9f9504
Update to 4.19.37
...
* Refresh/drop patches as appropriate
2019-04-28 18:55:53 +01:00
Salvatore Bonaccorso
ad494c2131
tty: mark Siemens R3964 line discipline as BROKEN (CVE-2019-11486)
2019-04-26 16:11:56 +02:00
Salvatore Bonaccorso
1c6240e692
inotify: Fix fsnotify_mark refcount leak in inotify_update_existing_watch() (CVE-2019-9857)
2019-04-26 14:54:14 +02:00
Aurelien Jarno
223d2f61ad
[mips] Fix indirect syscall tracing & seccomp filtering for big endian MIPS64 kernels with 32-bit userland.
2019-04-23 19:35:04 +02:00
Salvatore Bonaccorso
2dff862341
ACPICA: Namespace: remove address node from global list after method termination
2019-04-19 21:06:18 +02:00
Salvatore Bonaccorso
4eef18f8b7
xen/pciback: Don't disable PCI_COMMAND on PCI device reset. (CVE-2015-8553)
2019-04-14 22:39:31 +02:00
Luca Boccassi
5a39ad2910
Generate and install libbpf.pc
...
Backport patch from bpf-next and install libbpf.pc in libbpf-dev
2019-04-11 23:15:22 +01:00
Ben Hutchings
502148bb02
[armhf,arm64[ Revert "net: stmmac: Send TSO packets always from Queue 0"
2019-04-09 01:05:01 +01:00
Ben Hutchings
821ec1b181
Update to 4.19.34
...
* Drop/refresh patches as appropriate
2019-04-09 00:27:06 +01:00
Ben Hutchings
6039118f59
[powerpc*] vdso: Make vdso32 installation conditional in vdso_install
...
Closes : #785065
This finally removes the need for the ppc64el compiler to support
32-bit code generation, and removes a useless file from debug
packages on ppc64el.
2019-03-22 04:28:49 +00:00
Ben Hutchings
20351317dd
[x86] Drop fix for #865303 , which no longer affects Debian's OpenJDK
...
This workaround is no longer needed for Debian's OpenJDK packages:
* OpenJDK 7 is unfixed (bug #876068 ) but is not present in stretch or
later suites
* OpenJDK 8 was fixed in unstable (bug #876051 ) and the fix was then
included in a stretch security update
* OpenJDK 9 and later were fixed (bug #876069 )
The workaround was never applied upstream and it also doesn't seem
like a good idea to have a Debian-specific VM quirk that weakens the
defence against Stack Clash. Therefore drop it now rather than
including it in another release.
2019-03-13 18:37:35 +00:00
Ben Hutchings
515c2c91cf
Add Origin fields and update headers for patches that are applied upstream
2019-03-10 22:08:58 +00:00
Ben Hutchings
d96f9fae1b
Refresh and fix header of "MIPS: Loongson: Introduce and use loongson_llsc_mb()"
2019-03-10 22:01:18 +00:00
YunQiang Su
2357044444
[mipsel/mips64el] Backport loongson workarounds
...
MIPS: Loongson: Introduce and use loongson_llsc_mb()
2019-03-06 21:15:23 +08:00
Marcin Juszkiewicz
37e6c11924
update to 4.19.24
2019-03-05 14:28:55 +01:00
Marcin Juszkiewicz
4a0b4cb79e
update to 4.19.21
2019-03-05 14:28:55 +01:00
Salvatore Bonaccorso
76a21e66e3
Btrfs: fix corruption reading shared and compressed extents after hole punching
...
Closes : #922306
2019-02-26 21:06:35 +01:00
Vagrant Cascadian
357888c75c
[arm64] Add patch from next-20190215 working around A64 timer issues.
2019-02-16 23:43:14 -08:00
Vagrant Cascadian
3f699085ff
[armhf] Add patch from upstream fixing cpufreq on Orange Pi Plus.
2019-02-16 19:54:39 -08:00
Ben Hutchings
1d80b19d87
mt76: Use the correct hweight8() function (fixes FTBFS on ia64)
2019-02-12 15:39:34 +00:00
Salvatore Bonaccorso
5019a8394c
HID: debug: fix the ring buffer implementation (CVE-2019-3819)
2019-02-09 15:14:06 +01:00
Salvatore Bonaccorso
00224672bb
[x86] KVM: nVMX: unconditionally cancel preemption timer in free_nested (CVE-2019-7221)
2019-02-08 10:32:39 +01:00
Salvatore Bonaccorso
fb1b32a316
[x86] KVM: work around leak of uninitialized stack contents (CVE-2019-7222)
2019-02-08 10:18:28 +01:00
Salvatore Bonaccorso
71aa687bf8
kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)
2019-02-08 10:01:58 +01:00
Ben Hutchings
f6cfd5f990
Merge branch 'hrw-guest/linux-sid' into sid
...
Update to 4.19.20
See merge request kernel-team/linux!116
2019-02-07 21:00:43 +00:00
Ben Hutchings
886c02b804
percpu: convert spin_lock_irq to spin_lock_irqsave
...
This fixes boot failure with the alpha-generic flavour, discussed in
https://lists.debian.org/debian-alpha/2018/12/msg00001.html and
https://salsa.debian.org/kernel-team/linux/merge_requests/79
2019-02-06 23:41:18 +00:00
Marcin Juszkiewicz
8f73ffdafe
Update to 4.19.20
2019-02-06 19:57:01 +00:00
Marcin Juszkiewicz
954102fe6b
Update to 4.19.19
2019-02-06 19:57:01 +00:00
Salvatore Bonaccorso
86ff06cd73
[x86] kvmclock: set offset for kvm unstable clock
...
Closes : #918036
2019-01-30 17:14:36 +01:00
Yves-Alexis Perez
fceb8a1734
update to 4.19.15
2019-01-16 11:09:49 +01:00
Yves-Alexis Perez
bfc928ff1a
update to 4.19.14
2019-01-16 11:09:26 +01:00