debian-packaging
/
linux
8
0
Fork 0
Code Releases Activity
13,992 Commits 2 Branches 0 Tags 493 MiB
Commit Graph

276 Commits

Author SHA1 Message Date
Salvatore Bonaccorso c0096a08f9 [x86] ptrace: fix up botched merge of spectrev1 fix (CVE-2019-15902) 2019-09-18 21:35:01 +02:00
Ben Hutchings 0899b0f554 Update to 4.19.67 
* Drop patches which have been applied to 4.19-stable
* Drop "Revert "net: stmmac: Send TSO packets always from Queue 0"" in
  favour of upstream fix "net: stmmac: Re-work the queue selection for
  TSO packets"
* Refresh patches that became fuzzy
 2019-08-20 01:51:22 +01:00
Salvatore Bonaccorso 07a6d57831 Add patchset for CVE-2019-1125 2019-08-07 08:34:30 +02:00
Salvatore Bonaccorso 869c89cb6d Use patch headers as generated by git format-patch-for-debian 2019-07-20 21:14:38 +02:00
Romain Perier 7e902dbcd3 [x86] x86/insn-eval: Fix use-after-free access to LDT entry (CVE-2019-13233) 2019-07-20 17:17:43 +02:00
Ben Hutchings 20351317dd [x86] Drop fix for #865303, which no longer affects Debian's OpenJDK 
This workaround is no longer needed for Debian's OpenJDK packages:

* OpenJDK 7 is unfixed (bug #876068) but is not present in stretch or
  later suites
* OpenJDK 8 was fixed in unstable (bug #876051) and the fix was then
  included in a stretch security update
* OpenJDK 9 and later were fixed (bug #876069)

The workaround was never applied upstream and it also doesn't seem
like a good idea to have a Debian-specific VM quirk that weakens the
defence against Stack Clash.  Therefore drop it now rather than
including it in another release.
 2019-03-13 18:37:35 +00:00
Marcin Juszkiewicz 4a0b4cb79e update to 4.19.21 2019-03-05 14:28:55 +01:00
Salvatore Bonaccorso 00224672bb [x86] KVM: nVMX: unconditionally cancel preemption timer in free_nested (CVE-2019-7221) 2019-02-08 10:32:39 +01:00
Salvatore Bonaccorso fb1b32a316 [x86] KVM: work around leak of uninitialized stack contents (CVE-2019-7222) 2019-02-08 10:18:28 +01:00
Salvatore Bonaccorso 86ff06cd73 [x86] kvmclock: set offset for kvm unstable clock 
Closes: #918036
 2019-01-30 17:14:36 +01:00
Yves-Alexis Perez fceb8a1734 update to 4.19.15 2019-01-16 11:09:49 +01:00
Hans van Kranenburg edc7c6ee64 [x86] Fix booting as Xen dom0 
This patch is from the tip repo, and will show up in 4.19 later.
 2018-12-12 15:57:21 +01:00
Romain Perier 5222653db6 Update to 4.19.7 2018-12-05 19:59:32 +01:00
Salvatore Bonaccorso 37094dbb55 [x86] KVM: LAPIC: Fix pv ipis use-before-initialization (CVE-2018-19406) 2018-12-03 21:11:24 +01:00
Romain Perier 8008ae41de Update to 4.19.2 2018-11-16 21:22:52 +01:00
Ben Hutchings 79ecbb0832 Release linux (4.18.10-1). 
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAluyLtYACgkQ57/I7JWG
 EQkvcBAAl2AxUxQKDRyS4mgohOa881NpHGdwfcxIXyEVIsPVVtUE+Dg5dzGku/J2
 C1iA6R8tbOZuxOWQbNkGTFZml3JjfcikH21EGD1aqq5z1PmRudA/XBXdl2aItMUi
 lV6HMQcG4GWTjMC/cwrxW5D7rrIqGfp+CCAiACheGbK7mrwAwpioCP3u4JUQm0+F
 kGU4znfQbCScXtoegAwRBHB5nUWRbKZMHMe4vNgVl4Na5wTy4dL4Eh3qWulwOzGx
 94OiJPsV9thctA6vusqrub5DpABjQveDPJyHt2EgvAt2W8MrE/NUiU+4ol2tTNcT
 Ev4P66Jz2bmr3pisx5Cz+3fUXcesrllvWJx5RxPV8f4gCj4/A3zNNz0UdcqcIR/h
 ptTMM9fDC8srz6bnKSYWSii3cmnxMVx5OjNztaoeJMFY6M7rn58rW9e53pkVWeJf
 eKZ27T7RvNMoGDr99u10ca+zb8qBygxQBQea1rKL49T2Jl/5ROkkPvoQ0SNT5kIe
 DL9Z7MDwBI5H5kQW7e9jCiOH65PG/DeVwddko3FeHQy9INxgd6toKiiU0HM4U+8Y
 lsUbuAHRHeVsuLQ1U5YTFHrG56CjqYeU10A7UnxRbqvIOd2MTfp/4fAcM4X+15yZ
 2Q1MRd/fCXIlRBMGfGRnNMX9327/I+XQ8kamktE5H55JWF+KyeI=
 =eMi7
 -----END PGP SIGNATURE-----

Merge tag 'debian/4.18.10-1'

Release linux (4.18.10-1).

- Drop new patches that are already included upstream
- Keep ABI number set to "trunk"
- Refresh arm64 APEI workaround patch for 4.19
 2018-10-01 15:37:28 +01:00
Romain Perier 14d9845760 Update to 4.18.10 
This updates the debian changelog for listing changes of this stable
update. It also removes patches applied upstream and refreshes a patch
that is part of 4.18.7-rt5.
 2018-09-30 16:01:44 +02:00
Romain Perier 1353758acf Update to 4.19-rc5 
This updates the changelogs and removes patches that have been applied
upstream.
 2018-09-26 12:17:37 +02:00
Ben Hutchings 5a77952e41 [i386/686] Enable MGEODE_LX instead of M686 (regression in 4.16) 
- x86-32: Disable 3D-Now in generic config
 2018-09-25 21:55:43 +01:00
Ben Hutchings 337682dc35 Release linux (4.18.8-1). 
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAluhDZUACgkQ57/I7JWG
 EQkLvQ//QqqAfJXjwZt3Iy+dcYieLqmhy4/KtjVvFP8EKSyfdeWl0awb3szbmMs5
 cy2p5q17mafVZTx9MCppp4y1modMBZrMC6hmB9UAoU0j1GnKHNbtddzA3+uo1dmw
 i2LudGseb8LSL5z6g95P4SozSNNeFPIOLSYxkGVnlG3sUdlhlRYCvYf9k8BKUEbx
 sU0yDXQOhf0kBLsRXW8QfJEBHv5ivr9/Q+s9e71NUpVWaEOZwgfJacM/QWcY8+J4
 2o0XlHtS9+r0Ik0RK5Zyt8eun1sH1cb4Lta9LZjvRLWpCqXNpPSus6V8qENngcyw
 X9ZGWi3nMiR4OOuEMGMxbzXXzWreg9MNPyM5/kVfJKlsLi1xP7ufhnstR+j2/tTJ
 guVLDw73B4RyOwH2p4Kh1Pk0hACagI9AeKfjSBTMMlv2rD6FDfuJlSgEYUIK/NLl
 lsefkkKu2EZVdhIBEGDnu80+V2AuoTYXpEknvbnvlYZ1wLNXb73GIFptWu18dfOy
 fZ4cEWDxuKd52nbsjKlQmaxlFGSfjmmWliorhrU84FZsRjvFARGWWPwnjk8fwcpD
 +D0GASqx37iw1gQK8yNQER3dxHzVh1blIKhADgEWJXsaeHcfyDHziShX7FZ8n6G5
 HQBaynaG0Qc9fWd8O6xmX6wsP/vGRFJchbWwa5Gd7L2cCmur1Vk=
 =lopf
 -----END PGP SIGNATURE-----

Merge tag 'debian/4.18.8-1'

Release linux (4.18.8-1).

- Drop ABI reference files and ABI maintenance patch
- Replace ccp driver patch with upstream version that applies to 4.19
 2018-09-18 15:49:53 +01:00
Ben Hutchings cdba06ffc2 debian/patches: Add Forwarded fields to several patches 2018-09-16 16:27:59 +01:00
Romain Perier 2943a959c9 [x86] crypto: ccp: add timeout support in the SEV command (Closes: #908248) 2018-09-16 01:58:12 +01:00
Ben Hutchings 824debfd2e tools: turbostat: Add checks for failure of fgets() and fscanf() 2018-09-11 04:17:46 +01:00
Ben Hutchings 605745f58f tools: x86_energy_perf_policy: Fix "uninitialized variable" warnings at -O2 2018-09-11 04:17:45 +01:00
Ben Hutchings c74e5d6fe7 [x86] boot: Fix EFI stub alignment 2018-09-05 17:55:25 +01:00
Ben Hutchings c3b8d670c3 Update to 4.19-rc2 2018-09-03 21:34:30 +01:00
Ben Hutchings 5ad4d97be9 [x86] Allow generating user-space headers without a compiler 2018-08-30 16:06:25 +01:00
Ben Hutchings 6143dfd1bd Update to 4.18-rc2 
Drop/refresh patches as appropriate.

Disable the aufs support patchset since aufs hasn't yet been updated.
 2018-06-26 03:08:29 +01:00
Ben Hutchings 4eabac8481 [x86] virt: vbox: Only copy_from_user the request-header once (CVE-2018-12633) 2018-06-26 00:26:41 +01:00
Ben Hutchings 7dd9b58675 Update to 4.15-rc5 
Also update the aufs and lockdown patchsets.
 2017-12-26 18:54:17 +00:00
Ben Hutchings 3f937de450 [x86] mmap: Add an exception to the stack gap for Hotspot JVM compatibility 
Closes: #865303
 2017-11-30 12:07:11 +00:00
Ben Hutchings 4206eefe13 Update to 4.14-rc5 2017-10-17 23:34:01 +01:00
Ben Hutchings 146583d59c Release linux (4.13.4-2). 
-----BEGIN PGP SIGNATURE-----
 
 iQKmBAABCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlnjY8RfFIAAAAAALgAo
 aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
 ZWJpYW4ub3JnAAoJEAVMuPMTQ89E05EP/2gI2pOyeOjGAzSiu/SRd5mHcLfRJkqE
 osob+C8dJsWQdgWLtO1SQkRYybBuBoujSVAo9X6pezI6OBmcKbJc8eAejWYVPtL8
 pSI7OomkTyx6AP7EKfe89kpgf4Qe8QOYrXukW050RcE78fCm3icznACeubY9ET9T
 s7+DAGWWkJpHO3rIErNxgJFMEibpKsIIcrUOIZrSsZwpQTlh7KV8tozIBiE8l135
 ocZKaGGqBQcTIWX7gVjcdpBNacxcFghRHodFCwrrv9wFvAg/s+0TN1YQXSucitQH
 Cp9iO4McDeQxDvcSQyBhQmlCxcL/+JxnfosJmabBvwn7L45dGm+pbsGviIG86tyM
 O7fNs82xdMxCFc9CIXKrE3hAk+mjXuMiUc7mha3/1+cS/Di444N5djXmvj8D84pu
 i/pp6D8zWNe/imid9sFH/txst3sgsSvlf77W3HXxZqJ5GOLzluApSX2eptpDRI1Q
 E/RU2R2T/NPTChroHsZr5QZ6iV/YS2F9E0YYAQcDuWNXS9Ey7nK+gjKqa7/5B6n1
 STtT0HMD0fcAfvWN1rk9mudm6ZNYgLpjYKtFsaFf/K4I5f4fIhvnCbnnFgKMA3Qx
 rcLh201dG1fGwQ2EpiD5S0pqn7iYEP2d9vHzo363l20FyfQ8jgGt7dNfceEuiCSs
 O+EKuTohhEJH
 =juOG
 -----END PGP SIGNATURE-----

Merge tag 'debian/4.13.4-2'

Release linux (4.13.4-2).
 2017-10-16 00:09:19 +01:00
Salvatore Bonaccorso ccefd718c8 [x86] KVM: MMU: always terminate page walks at level 1 (CVE-2017-12188) 2017-10-13 18:09:37 +02:00
Salvatore Bonaccorso 02033a7a17 [x86] KVM: nVMX: update last_nonleaf_level when initializing nested EPT (CVE-2017-12188) 2017-10-13 18:07:54 +02:00
Ben Hutchings 6c9c816966 Update to 4.14-rc2 
aufs: Update support patchset to aufs4.x-rcN-20171002
 2017-10-01 20:26:01 +01:00
Ben Hutchings a18f05bb5b Add various security fixes 2017-09-19 00:49:12 +01:00
Ben Hutchings 192ee88a05 [i386] perf tools: Fix unwind build (fixes FTBFS) 2017-07-22 17:41:53 +01:00
Ben Hutchings 50381a0ca2 Update to 4.12.2 
Refresh aufs4 patches by hand, as there is no release for 4.12 yet.

Refresh lockdown patches with genpatch.py and then by hand, as the
branch is a little out of date and many patches went upstream.

[rt] Disable until it is updated for 4.12 or later
 2017-07-18 01:06:31 +01:00
Ben Hutchings 0de513746f [x86] pinctrl: cherryview: Extend the Chromebook DMI quirk to Intel_Strago systems 
Closes: #862723
 2017-07-17 00:38:29 +01:00
Ben Hutchings 769a37d5bd [x86] ideapad-laptop: Add various IdeaPad models to no_hw_rfkill list 
Closes: #866706
 2017-07-17 00:04:31 +01:00
Lukas Wunner f26f2a520d Update to 4.11-rc6 
Remove merged patches and rebase remaining patches.

A portion of the secureboot patches have been upstreamed, but were
changed substantially during review, primarily to avoid code
duplication among arches.  I've stripped the patches of the merged
bits and rebased the remainder.

Signed-off-by: Lukas Wunner <lukas@wunner.de>
[bwh: Undo some incorrect context changes in
 bugfix/all/firmware-remove-redundant-log-messages-from-drivers.patch]
 2017-04-20 00:15:17 +01:00
Ben Hutchings 459f0a48e4 Release linux (4.9.18-1). 
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAljcf5EACgkQ57/I7JWG
 EQmFcQ/8DoBxenUbNW5cY+YbwBKsjuBb8Q6gnqQLOX/JtOJ8MtpQ1t2QQPvMYdXJ
 PTcNZAKm8mrsWJxos9WsUHjkdrfuLAsMTisC5FvDkE6myBt++GH3gRtKCT0A2nep
 ZU17YeHYfcqv6UK90Jg0p+xAKQEEqKZrryP7fvb8oX5wOORwlLMxBScErftbB/vV
 hBvwybq7gfA/4KxDTnWgadpidg16/67ZgKd0EoSsbCpFAJble/hRroMwzKUSzFW+
 2yFxrmUNFoIXddoDtORNNdK0nM6b2MKeWKjmndknz4QehlayZWCg1+mEjp7A7Wqp
 9naONqhQWMibARGkDl5Y7SZ9/XJXjPmDFXi3EIbhrWMN2TUkzUN14A1YHw+M9p5Q
 9UbnpI6eDxjvlezcPjqucIM0ywFwljBrDsQXfGsR6ogQbYvA7nJ0dK63/EXzvl1U
 UGUBwHtDhLHxtv85/JsUqq9/UVGbZjcHvyEfmE1mvbMcNxkSLSewt+jd78h7xIyL
 tOZP24ARPKqcQ1detou47o8cMmwTqVl6xu08w83xin2Xux+UlYFTtI/LVws3oYNb
 F3uEzIgtJbu7ENxCkY5RmIJG9qRJZJ2f6dnpLLld6D52paD5OYNrk1NShtf/Dp+r
 zjJoiIRTcO9fPatjl07Y2eDeFeo2SKoD+Xd/5nGDoytE6JiDEXg=
 =ONVb
 -----END PGP SIGNATURE-----

Merge tag 'debian/4.9.18-1'

Drop ABI reference files.

Refresh/drop patches as needed.
 2017-03-30 14:16:47 +01:00
Ben Hutchings 8703214f24 [x86] drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl() (CVE-2017-7294) 2017-03-29 22:42:53 +01:00
Ben Hutchings de3e9af4dc [x86] vmwgfx: NULL pointer dereference in vmw_surface_define_ioctl() (CVE-2017-7261) 2017-03-29 22:36:16 +01:00
Ben Hutchings 003300166a [x86] kvm: fix page struct leak in handle_vmon (CVE-2017-2596) 2017-02-26 20:29:29 +00:00
Ben Hutchings 8c94f719fa Release linux (4.9.10-1). 
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlinNOsACgkQ57/I7JWG
 EQntWg//RuNSbOQeyML971UnFUtZjY3yAUYqhPJdpJimjY3WHjmZlJQrLlSz9IYQ
 48Pkt/64P0+iAr9zJ+3uJv1fOagKePd5RaS/iChJdvq0fCGZstFlti5NwXEQtGSv
 Yzp0LStZr+pEPZo+8Bo+TVSP25FNXdZBvhUXE2sbxaV8+W9Vx+qFkfrWEiW7hpFv
 nCQJic7kmzllS4Aol9e/jj2MqcdWIhviufAImNnfrbpK61Ud6Gznw9gTODw9+OIT
 ny6F/k7O6MFPuHp3aAxVC5TCowh16PcC+VqJF9MTnnvHQmD3jYqdeA8zKLnW/tJk
 Dl9A6whZ3n4fFRlGjgxjmTP/CgAIeQVqgTgYCApuQQTVG3svIkznoXJLraj5UE90
 rzeB30x3ikUWcVggN7xfSkW3e6/v+XSbRfu73sFA81mWyWoddT/NYhw+Y18ym4UJ
 Vk8iuAakpjdVj73FSyYOcNGRzOEp2SAV72EsJEMw1/IlIkmRkMmJkkg4T/HYj11P
 jK/TjZtSsVbje4zx9/U6g8Rj4Wi40EHZu6kuh2jUhCk91zsAr+7EC45gZC+uohxL
 jxKxv2R5p9AR7uN6JzQR4OuOL1bTCrt02MrWdsiPlUi0RBKlJ7O5sGMMsHrVMinn
 4zFNeYq2U3Fyaejb32x3DOKtgCjoMRQ5iHyrjgljhzxJcf3fWKk=
 =rRkU
 -----END PGP SIGNATURE-----

Merge tag 'debian/4.9.10-1'

Drop changes to aufs.
 2017-02-22 20:57:36 +00:00
Ben Hutchings 4e1df53c24 [x86] xen: Fix APIC id mismatch warning on Intel (Closes: #853193) 2017-02-17 02:42:17 +00:00
Ben Hutchings 31532f0851 [x86] platform: acer-wmi: setup accelerometer when machine has appropriate notify event (Closes: #853067) 2017-02-17 02:37:50 +00:00
Ben Hutchings 6adadc8ec6 Release linux (4.9.6-2). 
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAliL3k0ACgkQ57/I7JWG
 EQlmog/8D/DowVsxEjNdiHAewH7HUyqdADkCRkeqsmKgCtZEmvEaYE0RijZzGDhm
 Ge4PxOzhLE/DRxJF2gN8y0hIVOnigje9qYN5OBdgB/FNNKThL6ARwiu2LD6DYcwU
 +Lu6g8iHqsKHZ+NllHEiiwJ4rR39qf3Tkzz5cgm4jEi+5IjnoefOhaFhyPzBkz8i
 p6fWklEhev8+lQ1sW9gF94p3t0dOp/31TWACagRQronrTtT2xAzdrR5ESPTo6FFg
 gtcfqoB7AYA4LTuzoKIQRgGLsgKk73iLPF874ZuK9g/+4Z2lF9NBbwve3O0qYKCy
 NERddjjx9QEf4cjToqAii10AzAfuBFDG/b77ZscREwysUwMhkz47ADefu5v1P2kJ
 XdL/sJ/nXyhItV/VK8ym9lg4jAA8K5UOjn+8RtWBTE8091N7y7kyNHTQ4SppySIZ
 Ow+NsWkMd+WYxkdGPSYc7nHthhVRvfC9C4cxamn9en+MNmakMgJcOZTxS4/gcTvx
 DMCWGmEJrD5Bu3m9GrJzwfaXteWxMYihsq9ofjXeaeYqxgXZ62GuxMeRq3kBOhSw
 H9MUITkqfsjcg7eAz8elFhRvrurlVUWFsSCGr4Fd1Tv9zrFw8OXNRrApy4UQOQ4x
 Uw5AcA/3ZA3QCPsOuU8ENES57vJb+D3E/LZZJdTktVLUcoxA0tA=
 =C8FJ
 -----END PGP SIGNATURE-----

Merge tag 'debian/4.9.6-2'
 2017-01-28 01:19:31 +00:00