Salvatore Bonaccorso
5bd62d6357
ALSA: seq: Fix racy pool initializations (CVE-2018-7566)
2018-03-09 11:54:59 +01:00
Salvatore Bonaccorso
fc2cf56edb
Update to 4.15.4
...
Drop media-dvb-usb-v2-lmedm04-Improve-logic-checking-of-w.patch
Drop media-dvb-usb-v2-lmedm04-move-ts2020-attach-to-dm04_.patch
Drop media-hdpvr-fix-an-error-handling-path-in-hdpvr_prob.patch
Cleanup Debian changelog for 4.15.4
2018-02-16 22:46:54 +01:00
Salvatore Bonaccorso
0ec05d8c81
Release linux (4.14.17-1).
...
-----BEGIN PGP SIGNATURE-----
iQKmBAABCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlqFl5pfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EQDoP/iuiGnJomZlwYf+UtxmTxZM0B1jutQ2V
vg2/JLaocNP/QLJTRKKQnUnEbawuUvGF/vtq5kDV0XcaY3QZSbeQKkpyEpZoI5K3
dJ8WG+EXDd/a2KVoJ/layX2JqtSVsgBOtJJkSSrhWk2tfZkhB1+9BJ54UXoTCT0A
pWor5ycO0PUw6crlMsNz62lBwvdwoHgIhKkjpfnXOCTZQi6n6RVFvaT2uLyijZod
0KTuWFnyMLgh1gpKKR/tqGs25ByOQH43TmtrVAYfjqua5P5CvzJaKp3UMHsDPIbN
Uw3HB0QQ3iEg8pQJhCkrNk1LT/1Je9xb3rdoKSQ+OitTfyQnhs/eVXs3KzD3DPOc
IJZjG/kno8d7bNWW8+ce12MPVVkAop1ZMGushyz1c3149HCtinQcymcWahD4Gyzg
YA9w3V7ir+bvJWunKy12845XoXpxhaBVV7CbnXI02exGwbN1gBPfI6nxzf84lVcG
Bnwy523jmAjB8h8a9HjmtwqecbnJRf+NkgQAJItniGR06B7XVSLaOnnD0dXLdOMj
VADirfbRRU60gqBrjrMxUwMO1ArKowNzQM91pTR+jAa2mS4KzEpMmwmWMAPSTL2n
9ODByDGf6oi9vQxxoMd1gic7cZwyzO3n/SnHSpA5IYDSeurWE1ZF3xWqPBlxIpUp
EXiBvAThcuDs
=jSDv
-----END PGP SIGNATURE-----
Merge tag 'debian/4.14.17-1'
Release linux (4.14.17-1).
2018-02-16 00:20:10 +01:00
Bastian Blank
0ce4bbe790
Fix building of liblockdep
2018-02-11 09:51:44 +01:00
Salvatore Bonaccorso
0a69e0b046
Update to 4.14.17
...
Refresh cpupower-fix-checks-for-cpu-existence.patch patch
2018-02-04 15:14:12 +01:00
Salvatore Bonaccorso
a870b2741a
crypto: ecc - Fix NULL pointer deref. on no default_rng
...
Closes : #886556
2018-02-02 20:43:54 +01:00
Salvatore Bonaccorso
edfb7d0f0e
Update to 4.14.16
2018-02-02 14:39:34 +01:00
Ben Hutchings
aacdec9702
Update to 4.15
2018-01-29 23:46:40 +00:00
Ben Hutchings
623cfd4d39
Merge branch 'sid'
...
- Drop ABI maintenance patches
- Apply usbip config change in debian/config/config
2018-01-28 19:02:08 +00:00
Salvatore Bonaccorso
4fae92a1d5
nfsd: auth: Fix gid sorting when rootsquash enabled (CVE-2018-1000028)
2018-01-28 19:38:02 +01:00
Salvatore Bonaccorso
e5ce9cb87e
Revert "module: Add retpoline tag to VERMAGIC"
2018-01-28 15:50:32 +01:00
Salvatore Bonaccorso
3a81855475
Update to 4.14.15
2018-01-28 15:50:32 +01:00
Salvatore Bonaccorso
e30f878e1d
ALSA: seq: Make ioctls race-free (CVE-2018-1000004)
2018-01-18 14:30:46 +01:00
Ben Hutchings
6f43038466
Update to 4.14.14
...
Mostly done by Salvatore Bonaccorso.
2018-01-18 06:10:01 +00:00
Salvatore Bonaccorso
0bb5e7cccb
loop: fix concurrent lo_open/lo_release (CVE-2018-5344)
2018-01-16 20:57:59 +01:00
Salvatore Bonaccorso
6c0d6a6239
RDS: null pointer dereference in rds_atomic_free_op (CVE-2018-5333)
2018-01-16 20:53:46 +01:00
Salvatore Bonaccorso
24cdd62c17
RDS: Heap OOB write in rds_message_alloc_sgs() (CVE-2018-5332)
2018-01-16 20:50:50 +01:00
Ben Hutchings
6e7610453d
Release linux (4.14.13-1).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlpb7AUACgkQ57/I7JWG
EQmfjhAArIzynB9B8lG9U8OlC7bp+HTjk9BgOKo5VZ6ABlIePxveUgkc44kYK1ET
YGiqpi1BbMPoDiu32QyuCzYwxNjUl6dXCOKnUgsTR0jyKSXoc19idWLb/U5akXxF
Q1LWUaBWB/SbR52inAE8nX2s1tdgFjKDHgebAOdbPApt8eTnI4pSL1YvehDQtqG1
olz3L1PjlRhT2XCdtWIPrLioIxUiOacYGV7sMZHL2jsJS+mmf20BiUMsfusafL2r
Q8LSVGCQRgWutbTZW2YmFtx0FybxYc8wRj/9d7nYMaOv+UeFbx6ffYrkZUqXlK4j
TkVsFULVoEfgnu9GkWnd+kdJP8PwbDkrjk1JsXg55A0LCrfFcorbMQc8GCJ6ICpu
mFqw5NQaxQZszP6W0dYWHWJTLENOVxjYyoMjmLuQIMudzHP4bGTXjJ/PCBebT5fR
6XOPdqcWoOT5f8NloMFqzPQQeFQMY+DycYiz2tdYxH4AnvGsgdOLFiHHYxxIsOa1
Bzxb4bWxF2m3hKiyY5am/5U6MAxLrBwsvLZVklyfxYSRlvnPldKVHohzHTZafPSo
M7KU4R1e6wywwjg9Qtk4YJBX5w0jT3b9vbVQVNT47WzvLwXA/TY+Il6BIAVuzL57
MJAosU9SDAf28XUVzcaXbsHm9l2gcnUS6kCVVWTEvmehkW1rR3o=
=M11J
-----END PGP SIGNATURE-----
Merge tag 'debian/4.14.13-1'
Release linux (4.14.13-1).
- Drop ABI reference
- Drop/refresh patches as necessary
- linux-headers: Drop versioned dependency on linux-kbuild, as there has not
been any version of linux-kbuild-4.15 without objtool
2018-01-15 04:35:41 +00:00
Ben Hutchings
13eb990095
Update to 4.15-rc8
2018-01-15 04:31:31 +00:00
Ben Hutchings
d9fe539b06
Revert "objtool: Fix CONFIG_STACK_VALIDATION=y warning for out-of-tree modules"
...
This removes the bogus check for libelf-dev.
2018-01-14 19:44:14 +00:00
Salvatore Bonaccorso
da2cd8b85c
drm/nouveau/disp/gf119: add missing drive vfunc ptr
...
Closes : #880660
2018-01-13 11:54:57 +01:00
Salvatore Bonaccorso
aac0e5380a
Properly name patch according to subject
...
Gbp-Dch: Ignore
2018-01-10 22:46:07 +01:00
Salvatore Bonaccorso
d42878a1e5
Disable asynchronous aborts for SATA devices
2018-01-10 13:23:46 +01:00
Salvatore Bonaccorso
9a41499923
Update to 4.14.13
2018-01-10 10:49:59 +01:00
Salvatore Bonaccorso
8996784cdc
Release linux (4.14.12-2).
...
-----BEGIN PGP SIGNATURE-----
iQKmBAABCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlpQhNxfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EKmgP/3D1CAm0F0v9d2AfQAPv8wVQIFpWqZGM
D1jjtinIyCGJVM0jjXKne1nwQZotVTN/SDHeGTmJVvluLsF7MBCiGTBYMThqYD/I
DCaOwGS9go8J771dR261c1D0nnnsqTvAJIMQDcVmRoVT/KRA/ZqdwJHygX8cZ2hb
MmSWH5szCt4n55SkJDQi4nJ0dWkj5ZiKf4i6+o5+NrY2PJRTYlIthnCvHDuTsY+r
Nade3ITAX82xRjFUmeM6JUc1xScLoXxvQhfuIRyIk2atQBCZEvTXvwC8cuyJWBo+
TUdWqRdxEslqCTJ7/boH9nsWO4Hm+UiVHFwUbFR+xpPqgdDvkHAZII5tk9pzNSxU
CWAWtKhRJxl8Ne452bCWtRi8TlvXNi4F7wbM9/AygT6dJoTidKYkAi+WcRco800G
Yx5uuLfj88tBm4VFZJot9W1FKOtml0w+25I4uuua2lSwIS6/25+OZ1qMOkEXbE+v
nIZHX2UTZYda8PNzZlMClfwiHYKKd+2LnGpdc0oEexwRxLtm/YFKHkavV396E7o1
FzlogUJqsofgJOEYczBcjiuEW9EKXbeRCx/TPm/MVHz2Qn0hCWGWSnR5h/8T7KZ9
GuOTk8+5c0puYK35+NC5M9/0XboP+hOEccuaJS4abu4tHok8jU72SX3KF+8j4dl8
OxVql0ToPmdI
=wQ4Q
-----END PGP SIGNATURE-----
Merge tag 'debian/4.14.12-2'
Release linux (4.14.12-2).
2018-01-06 14:30:49 +01:00
Salvatore Bonaccorso
9a96b9c27a
x86/tlb: Drop the _GPL from the cpu_tlbstate export
2018-01-05 21:17:13 +01:00
Salvatore Bonaccorso
b64a1989ae
Revert "scsi: libsas: allow async aborts"
...
Fixes "Oops: NULL pointer dereference - RIP:
isci_task_abort_task+0x30/0x3e0 [isci]"
Closes : #882414
2018-01-05 14:23:11 +01:00
Salvatore Bonaccorso
96dad8ed7e
Update to 4.14.11
2018-01-05 14:22:34 +01:00
Salvatore Bonaccorso
a7b364e44f
Update to 4.14.9
2018-01-05 14:19:40 +01:00
Salvatore Bonaccorso
f5474829b9
Update to 4.14.8
2018-01-05 10:59:15 +01:00
Vagrant Cascadian
f65d850bba
Backport patch from linux-next (next-20180103) to support SMP on
...
tegra210 systems.
2018-01-04 10:50:15 -08:00
Ben Hutchings
6a221d27b1
e1000e: Fix e1000_check_for_copper_link_ich8lan return value.
...
Closes : #885348
2017-12-28 01:24:56 +00:00
Ben Hutchings
7dd9b58675
Update to 4.15-rc5
...
Also update the aufs and lockdown patchsets.
2017-12-26 18:54:17 +00:00
Ben Hutchings
8423f81c55
Merge remote-tracking branch 'alioth/sid' into sid
2017-12-22 14:10:04 +00:00
Salvatore Bonaccorso
196596c560
crypto: hmac - require that the underlying hash algorithm is unkeyed (CVE-2017-17806)
2017-12-22 09:13:19 +01:00
Salvatore Bonaccorso
4f056ca2c6
crypto: salsa20 - fix blkcipher_walk API usage (CVE-2017-17805)
2017-12-22 09:00:33 +01:00
Ben Hutchings
cf1f6e2019
bpf/verifier: Fix multiple security issues ( Closes : #883558 )
2017-12-22 03:54:44 +00:00
Ben Hutchings
fc7f6fafd8
Add security fixes
2017-12-20 19:27:18 +00:00
Ben Hutchings
9e0441b20a
Update to 4.14.7
...
Drop patches applied upstream, and fix a few conflicts.
2017-12-20 18:40:37 +00:00
Vagrant Cascadian
a865f2fdb7
[armhf, arm64] Backport patches from 4.15.x to support dwmac-sun8i.
2017-12-11 13:15:45 -08:00
Salvatore Bonaccorso
2f634be5d8
xen/time: do not decrease steal time after live migration on xen
...
Closes : #871608
2017-12-03 10:53:37 +01:00
Ben Hutchings
3f937de450
[x86] mmap: Add an exception to the stack gap for Hotspot JVM compatibility
...
Closes : #865303
2017-11-30 12:07:11 +00:00
Salvatore Bonaccorso
71832be11b
mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d() (CVE-2017-1000405)
2017-11-30 08:16:06 +01:00
Ben Hutchings
a633085eb6
apparmor: fix oops in audit_signal_cb hook (regression in 4.14)
2017-11-24 13:25:03 +00:00
Ben Hutchings
d769bf7e2b
Update to 4.14.1
2017-11-22 03:13:35 +00:00
Ben Hutchings
bf3c5027e0
i40e: Build for 32-bit targets again
...
Apply the upstream patches that removed the use of cmpxchg64().
2017-11-21 16:14:37 +00:00
Ben Hutchings
1a1f0ef065
Release linux (4.13.13-1).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAloODhAACgkQ57/I7JWG
EQkFAg//Zb5RqwypcEFRZs6Oyi4jF6EekQW+UVXjAE8gAw3ae8+1uvkg3TyMY7uT
C//3H1DGY/A3imqHsxku9NG5T9KhJL9cKn2EDRz8c/+lU949wXjzSFCQk+p9mwcb
RSyuqES+FwtrMJoN0iXpVIiTSjImuu4IIpTmc6IsZo1frn5oHKmeC4mvsKuflL/S
usdauRUkQewtTvi/Z8wDA5fJIDN2ff0DcSN8Km/QPlB2zUoGaQRM36ApZVeHDX3X
190bDAuBfJp9Pht3eFPUq6HwEht9hbiqSaSpMKB/jyPE8lWZ7AL8CM2qiOuZCXil
ncELxkx+8Cqp4jAWc3wqGZ5mkeVHeHxZcmFv0b4hQaaifW5GtmlMo/XHhMeFIoCc
tbcC55No2c3ZUhUH0kAQyf26zZ3f7hBAYT8EI5BNngPpZB4W7NJL8A2c09QYxAVB
/uXNnCdd7LZ9Dnhgc0K1FjIEckd1XHVQgVZ6Seo4Pv2adMfLckla3Xvqj888515a
akTL9LFAKySOqalakMl34G2FT1S0CR9+7I45KFcKjiGW5pF1RgDeLZy1W+nQq3Vd
oH2KmWGovmouMEnrh8RgKJNwLkelVkLKl0AFhJ29PGeDrGAklz0Sy5egB8iqoxRh
fiKph8IGdD8akqlI4d8mTWs01FmALkkSHUkLAxbME8HC3lpb7Ic=
=TJmK
-----END PGP SIGNATURE-----
Merge tag 'debian/4.13.13-1'
Release linux (4.13.13-1).
2017-11-16 22:18:14 +00:00
Ben Hutchings
617046eb45
netfilter: nat: Avoid ABI change in 4.13.13
2017-11-16 21:04:07 +00:00
Ben Hutchings
7cb3e39661
ALSA: timer: Avoid ABI change in 4.13.13
2017-11-16 20:52:13 +00:00
Ben Hutchings
4c3b3b1dec
dvb_frontend: don't use-after-free the frontend struct (CVE-2017-16648)
...
Plus another fix it seems to depend on.
2017-11-16 20:04:01 +00:00
Ben Hutchings
58e12683e1
net: qmi_wwan: fix divide by 0 on bad descriptors (CVE-2017-16650)
2017-11-16 18:13:46 +00:00
Ben Hutchings
91a7ba9320
net: cdc_ether: fix divide by 0 on bad descriptors (CVE-2017-16649)
2017-11-16 18:12:24 +00:00
Ben Hutchings
4ee0c56703
net: usb: asix: fill null-ptr-deref in asix_suspend (CVE-2017-16647)
2017-11-16 18:11:00 +00:00
Ben Hutchings
ed4bdea861
media: dib0700: fix invalid dvb_detach argument (CVE-2017-16646)
2017-11-16 18:10:19 +00:00
Ben Hutchings
c718be9d81
media: imon: Fix null-ptr-deref in imon_probe (CVE-2017-16537)
2017-11-16 18:04:43 +00:00
Ben Hutchings
a06739ccd2
media: cx231xx-cards: fix NULL-deref on missing association descriptor (CVE-2017-16536)
2017-11-16 18:03:20 +00:00
Ben Hutchings
c08c3b8b25
usb: usbtest: fix NULL pointer dereference (CVE-2017-16532)
2017-11-16 17:40:00 +00:00
Ben Hutchings
1549b29ea0
Add follow-up fixes relatd to CVE-2017-13080
2017-11-16 17:35:46 +00:00
Ben Hutchings
f4e45ee455
Update to 4.13.13
2017-11-16 17:32:44 +00:00
Salvatore Bonaccorso
6ff07bd9a5
sctp: do not peel off an assoc from one netns to another one (CVE-2017-15115)
2017-11-16 15:22:47 +01:00
Salvatore Bonaccorso
5d9e74ced8
mac80211: accept key reinstall without changing anything (CVE-2017-13080)
2017-11-16 15:18:54 +01:00
Ben Hutchings
a2708107ce
swap: Avoid ABI change in 4.13.12
2017-11-12 01:09:18 +00:00
Salvatore Bonaccorso
95757c39a8
Update to 4.13.12
2017-11-11 09:29:31 +01:00
Salvatore Bonaccorso
e7fd57b49f
netfilter: nft_set_hash: disable fast_ops for 2-len keys
...
Closes : #880145
2017-11-04 15:43:57 +01:00
Salvatore Bonaccorso
4b0df3bed7
cifs: check MaxPathNameComponentLength != 0 before using it
...
Thanks: Andrew Chadwick
Closes : #880504
2017-11-04 09:55:14 +01:00
Ben Hutchings
e59d862868
Release linux (4.13.10-1).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAln3apoACgkQ57/I7JWG
EQllsQ//fyZFkoGOLpHjkS3sNtMxfh1J9+f+JJI33WF9vA/w7SnRfg/Rdbjx+rY8
LRCnviTyh5tuxKSPKHerpUqjNbYi7Hcr0LXxxOPL1Rr+BTFKQuaSDYNzt10bT2mJ
9B0ZYI+Q8n7rAq1/MeSKygV6zh+5MxywN8LZlqg0Au8/7/c7H0nR3MOEFz29imL0
jBMOhy7a+Gby3Qs5ZdKGf0i4RZT9Y/9Ozu9sFpVGqrTyY+FlEd0y1KUvIipbdLTH
S/oRFF1m4IeS7tF6AIprCPMIMPt8tcQrSLvB01REpbvSJvDg+laEgmHnb0PKlOpW
RAeQn2r1NCEjjZcKll8dCMp+sTiLhx+us4L3Jumwb2Yno+219zuScFg2MR0zu5U/
XCB5zG2U5XENH+fRdDnWROkXJ/o1Dtk+Ix1aPySa8I9IdlP45n+Q4LCLw3eg5h3I
CdITwTJxWlnLJVI852wh1qorBuUs5lac9HZ8u0s5MDFXNQkWOVQKRPZN0sA3hwwp
wjudMsGgq6kkoknnEcwTKV4JFWJdfJ0SieaWBv1LSQwAmVy3/QvOTvDBLzRxmtUX
tygPktH53HLp4z6qPOcKD+hGLcdlD5oTWYb2O5MqVlSI8MjONOcjpRGAP2fhIf2t
3INpM9sJPHILXqpEMH6co4VzxnQq1OElMjcA5nqD2A7HLOSDhZg=
=x3uW
-----END PGP SIGNATURE-----
Merge tag 'debian/4.13.10-1'
Release linux (4.13.10-1).
2017-10-30 18:31:31 +00:00
Ben Hutchings
15c6a89208
Update to 4.13.10
...
Limit the ABI change in keys.
2017-10-29 12:13:18 +00:00
Ben Hutchings
ec3cd54d45
Avoid/ignore more ABI changes in 4.13.y
2017-10-28 20:50:11 +01:00
Ben Hutchings
48bb38a3f7
Update to 4.13.9
...
Drop many patches which are now upstream.
Avoid/ignore ABI changes as appropriate.
2017-10-26 22:41:11 +02:00
Ben Hutchings
4206eefe13
Update to 4.14-rc5
2017-10-17 23:34:01 +01:00
Ben Hutchings
146583d59c
Release linux (4.13.4-2).
...
-----BEGIN PGP SIGNATURE-----
iQKmBAABCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlnjY8RfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89E05EP/2gI2pOyeOjGAzSiu/SRd5mHcLfRJkqE
osob+C8dJsWQdgWLtO1SQkRYybBuBoujSVAo9X6pezI6OBmcKbJc8eAejWYVPtL8
pSI7OomkTyx6AP7EKfe89kpgf4Qe8QOYrXukW050RcE78fCm3icznACeubY9ET9T
s7+DAGWWkJpHO3rIErNxgJFMEibpKsIIcrUOIZrSsZwpQTlh7KV8tozIBiE8l135
ocZKaGGqBQcTIWX7gVjcdpBNacxcFghRHodFCwrrv9wFvAg/s+0TN1YQXSucitQH
Cp9iO4McDeQxDvcSQyBhQmlCxcL/+JxnfosJmabBvwn7L45dGm+pbsGviIG86tyM
O7fNs82xdMxCFc9CIXKrE3hAk+mjXuMiUc7mha3/1+cS/Di444N5djXmvj8D84pu
i/pp6D8zWNe/imid9sFH/txst3sgsSvlf77W3HXxZqJ5GOLzluApSX2eptpDRI1Q
E/RU2R2T/NPTChroHsZr5QZ6iV/YS2F9E0YYAQcDuWNXS9Ey7nK+gjKqa7/5B6n1
STtT0HMD0fcAfvWN1rk9mudm6ZNYgLpjYKtFsaFf/K4I5f4fIhvnCbnnFgKMA3Qx
rcLh201dG1fGwQ2EpiD5S0pqn7iYEP2d9vHzo363l20FyfQ8jgGt7dNfceEuiCSs
O+EKuTohhEJH
=juOG
-----END PGP SIGNATURE-----
Merge tag 'debian/4.13.4-2'
Release linux (4.13.4-2).
2017-10-16 00:09:19 +01:00
Salvatore Bonaccorso
ccefd718c8
[x86] KVM: MMU: always terminate page walks at level 1 (CVE-2017-12188)
2017-10-13 18:09:37 +02:00
Salvatore Bonaccorso
02033a7a17
[x86] KVM: nVMX: update last_nonleaf_level when initializing nested EPT (CVE-2017-12188)
2017-10-13 18:07:54 +02:00
Salvatore Bonaccorso
52c8b81bca
ALSA: seq: Fix use-after-free at creating a port (CVE-2017-15265)
2017-10-13 06:52:33 +02:00
Salvatore Bonaccorso
35125947a2
waitid(): Add missing access_ok() checks (CVE-2017-5123)
2017-10-12 21:16:37 +02:00
Salvatore Bonaccorso
6f55d3e571
KEYS: prevent KEYCTL_READ on negative key (CVE-2017-12192)
2017-10-12 07:55:47 +02:00
Salvatore Bonaccorso
7c8172804e
mac80211: fix deadlock in driver-managed RX BA session start
...
Thanks: Eric Côté
Closes : #878092
2017-10-11 21:23:02 +02:00
Salvatore Bonaccorso
fba37066c7
[powerpc*] Fix illegal TM state in signal handler
2017-10-11 07:57:06 +02:00
Salvatore Bonaccorso
6c3a386d04
[powerpc*] Use emergency stack for kernel TM Bad Thing program (CVE-2017-1000255)
2017-10-11 07:55:16 +02:00
Salvatore Bonaccorso
c68c0840bc
brcmfmac: add length check in brcmf_cfg80211_escan_handler() (CVE-2017-0786)
2017-10-09 21:45:15 +02:00
Ben Hutchings
4d6306b792
i40e: Build for 64-bit targets only (fixes FTBFS on hppa)
2017-10-04 03:50:08 +01:00
Ben Hutchings
335613b4d6
Update to 4.14-rc3
2017-10-01 23:23:22 +01:00
Ben Hutchings
6c9c816966
Update to 4.14-rc2
...
aufs: Update support patchset to aufs4.x-rcN-20171002
2017-10-01 20:26:01 +01:00
Ben Hutchings
884aedc0b4
liblockdep: Define pr_cont()
2017-10-01 15:44:25 +01:00
Ben Hutchings
e2431bcb2f
[armhf] dts: exynos: Add dwc3 SUSPHY quirk ( Closes : #843448 )
2017-10-01 15:23:55 +01:00
Salvatore Bonaccorso
2678c31e68
fix infoleak in waitid(2) (CVE-2017-14954)
2017-10-01 12:02:28 +02:00
Ben Hutchings
f3152ccaad
Update to 4.13.4
2017-09-29 16:29:45 +02:00
Ben Hutchings
b80b24d3e0
Release linux (4.12.13-1).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlnBUMkACgkQ57/I7JWG
EQkU2hAAo/L20PPbaPfnnCTppx1+UD9UHNfoGhY7eoy+GYt36YjNTeqcbDUcnmGS
oqILWJq8Qwb4r2zBgnrLL+Ek3spErVtmcIi7HoCKK9pRdqDCIQUkkHQQjQob1o5f
fMAr+qTcGAm9/yEIclCrAJmrYPtS1e4ryBmwu4ZGzeeGS0PG/WFsGOLq9Tiq2cIh
pmszRX59ZqpMcTHuBs2Fi6xz7YWXqGUXxJiax5fqwF6j/9CpbReFhv2ZFH2HcPA5
4sTtGLsGTwz7lzXLljp0IN7aFkW830FGE4WuTRe2fOkFKgXlj+8wtor7D2vFB7Ou
FHhyVrMc6y32+K9LG955ECXgwN2wGioKEMyEi67ci9qxvCGf/EA9vtEj3ytzm8+j
fiJ1gRjk0Ec2D5Aewl2L0i2bYYf4RqTriRHmEQa14kk70U8oK4AmOilyU+d1t3WC
xwo6ZdThvBGJGlHzrkjWxutWz3aQiL7AC2Ora51BhrR83chmxWeRa4mvo6yH6yfs
kmSHfqIgHklwLBVpF1/9tam8E5W6KkHgW3tTX9Duz6dM+mrVxKTJz1iKbnt1213t
xco667k4txs5k+K2JkJfUUEMlH+lCicAqEHB2EZIV0R7FCf+n4dENJ/FwXUF7XE+
41h3BqWbxZDYcuBxBYmmoF7B3QgeFylSbbYb1W4E6Erd6j7AHj0=
=Thw/
-----END PGP SIGNATURE-----
Merge tag 'debian/4.12.13-1'
Release linux (4.12.13-1).
Drop ABI reference files.
2017-09-19 18:34:53 +01:00
Ben Hutchings
a18f05bb5b
Add various security fixes
2017-09-19 00:49:12 +01:00
Ben Hutchings
cb5ce6ce3b
Update to 4.12.13
2017-09-19 00:33:58 +01:00
Salvatore Bonaccorso
acfbd0bece
Bluetooth: Properly check L2CAP config option output buffer length (CVE-2017-1000251)
2017-09-14 06:51:56 +02:00
Salvatore Bonaccorso
8f075a9a83
xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present (CVE-2017-14340)
2017-09-14 06:51:56 +02:00
Salvatore Bonaccorso
bcc9a01d8e
scsi: qla2xxx: Fix an integer overflow in sysfs code (CVE-2017-14051)
2017-09-14 06:51:56 +02:00
Salvatore Bonaccorso
2ed545523f
sctp: Avoid out-of-bounds reads from address storage (CVE-2017-7558)
2017-09-14 06:51:56 +02:00
Ben Hutchings
5897597d01
Update to 4.13.1
2017-09-11 01:16:41 +01:00
Salvatore Bonaccorso
41ff7a03ca
Update to 4.12.12
2017-09-10 12:07:09 +02:00
Salvatore Bonaccorso
68b6e32819
Update to 4.12.11
2017-09-09 15:06:49 +02:00
Ben Hutchings
b066a269e0
Update to 4.13
2017-09-04 01:19:41 +01:00
Ben Hutchings
922a5d78d1
Bump ABI to 2
2017-09-03 01:47:43 +01:00
Ben Hutchings
c755b1fcfd
pids: Avoid ABI change in 4.12.9
2017-09-02 21:02:35 +01:00
Uwe Kleine-König
4a53c826d6
mtd: nandsim: remove debugfs entries in error path
2017-08-29 22:31:30 +02:00
Uwe Kleine-König
a2dde14ec6
Update to 4.12.9
2017-08-29 22:20:12 +02:00
Uwe Kleine-König
df8a5bf53a
Update to 4.13-rc7
2017-08-29 22:07:26 +02:00
Salvatore Bonaccorso
8e44fd873c
Update to 4.12.7
2017-08-25 21:47:57 +02:00
Ben Hutchings
a129c1c207
Update to 4.13-rc6
2017-08-21 03:09:19 +01:00
Ben Hutchings
0697a35c1d
[sh4] Do not use hyphen in exported variable names (fixes FTBFS)
2017-08-19 22:37:50 +01:00
Ben Hutchings
31202be148
Update to 4.13-rc5
2017-08-14 23:18:47 +01:00
Ben Hutchings
d545b4e4d0
Update to 4.13-rc4
...
Drop and refresh patchs as appropriate.
2017-08-13 14:45:14 +01:00
Ben Hutchings
0134b5c8b9
[amd64,arm64] mm: Revert x86_64 and arm64 ELF_ET_DYN_BASE base ( Closes : #869090 )
2017-08-12 23:08:23 +01:00
Ben Hutchings
aa404ad63b
bfq: Enable auto-loading when built as a module
2017-08-12 22:36:27 +01:00
Ben Hutchings
831ae89c56
rtlwifi: Fix firmware loading bugs ( Closes : #869084 )
2017-08-12 21:54:36 +01:00
Ben Hutchings
3b32a0551f
xfrm: policy: check policy direction value (CVE-2017-11600)
2017-08-12 21:36:28 +01:00
Salvatore Bonaccorso
e58e3e6be9
Update to 4.12.6
2017-08-12 16:54:34 +02:00
Salvatore Bonaccorso
0442142ae4
udp: consistently apply ufo or fragmentation (CVE-2017-1000112)
2017-08-11 09:12:58 +02:00
Salvatore Bonaccorso
3b6247dba4
packet: fix tp_reserve race in packet_set_ring (CVE-2017-1000111)
2017-08-11 09:09:51 +02:00
Uwe Kleine-König
d977cbc209
[arm64] Add sdhci device for Espressobin
...
This completes the fix for #871049
2017-08-09 09:26:46 +02:00
Uwe Kleine-König
bc29a1558a
Update to 4.12.5
2017-08-08 09:54:35 +02:00
Salvatore Bonaccorso
693284da5b
media: saa7164: fix double fetch PCIe access condition (CVE-2017-8831)
2017-08-03 20:36:47 +02:00
Salvatore Bonaccorso
9f89bea8ab
ipv6: avoid overflow of offset in ip6_find_1stfragopt (CVE-2017-7542)
2017-08-03 20:32:16 +02:00
Salvatore Bonaccorso
b5081c50bc
dentry name snapshots (CVE-2017-7533)
2017-08-03 20:27:55 +02:00
Ben Hutchings
db815c4a3b
Update to 4.12.3
2017-07-22 18:26:23 +01:00
Ben Hutchings
192ee88a05
[i386] perf tools: Fix unwind build (fixes FTBFS)
2017-07-22 17:41:53 +01:00
Ben Hutchings
4e4f504451
[armhf] Revert "gpu: host1x: Add IOMMU support" (fixes FTBFS)
2017-07-22 11:26:42 +01:00
Ben Hutchings
e6acb1f3d5
[mips*/octeon] Fix broken EDAC driver (fixes FTBFS)
2017-07-22 00:38:10 +01:00
Ben Hutchings
45a06e2c0f
Clean up symbol version fixes for symbols exported from asm
...
We can't keep reverting these changes, so instead move forward. Most
architectures now have <asm/asm-protoypes.h> and only 3 were left:
- alpha: Added <asm/asm-protoypes.h> and submitted patch upstream
- m68k: Did same, but realised it's only needed for Coldfire configs
so we don't need any patches
- sparc: Cherry-picked changes from upstream
2017-07-19 19:36:04 +01:00
Ben Hutchings
50381a0ca2
Update to 4.12.2
...
Refresh aufs4 patches by hand, as there is no release for 4.12 yet.
Refresh lockdown patches with genpatch.py and then by hand, as the
branch is a little out of date and many patches went upstream.
[rt] Disable until it is updated for 4.12 or later
2017-07-18 01:06:31 +01:00
Ben Hutchings
e9698def40
firmware: dmi: Add DMI_PRODUCT_FAMILY identification string
...
Dependency of "pinctrl: cherryview: Extend the Chromebook DMI quirk to
Intel_Strago systems".
2017-07-17 03:00:56 +01:00
Ben Hutchings
4e322430ec
[armhf] Add ARM Mali Midgard device tree bindings and gpu node for rk3288
...
Thanks: Guillaume Tucker
Closes : #865646
2017-07-17 01:09:51 +01:00
Ben Hutchings
0de513746f
[x86] pinctrl: cherryview: Extend the Chromebook DMI quirk to Intel_Strago systems
...
Closes : #862723
2017-07-17 00:38:29 +01:00
Ben Hutchings
769a37d5bd
[x86] ideapad-laptop: Add various IdeaPad models to no_hw_rfkill list
...
Closes : #866706
2017-07-17 00:04:31 +01:00
Ben Hutchings
09f1166971
binfmt_elf: use ELF_ET_DYN_BASE only for PIE (CVE-2017-1000370, CVE-2017-1000371)
2017-07-16 21:24:08 +01:00
Ben Hutchings
292c881344
Update to 4.11.11
2017-07-16 21:22:27 +01:00
Salvatore Bonaccorso
e70c79cce5
Update to 4.11.9
2017-07-09 12:54:43 +02:00
Salvatore Bonaccorso
2125fc6614
Update to 4.11.8
2017-06-29 21:21:01 +02:00
Salvatore Bonaccorso
3aaf7fba55
rxrpc: Fix several cases where a padded len isn't checked in ticket decode (CVE-2017-7482)
2017-06-29 08:24:46 +02:00
Salvatore Bonaccorso
4bffab0d23
Update to 4.11.7
...
Drop upstream applied patch.
Refresh features/all/rt/sched-mmdrop-delayed.patch.
Ignore changes for module: drivers/iio/imu/inv_mpu6050/*.
2017-06-26 22:01:21 +02:00
Ben Hutchings
4d907dfd7a
Revert "Revert "ia64: move exports to definitions""
...
Can't remember why I ever applied this, as we don't have any support
for ia64 any more. In any case ia64 now has an <asm/asm-prototypes.h>.
2017-06-20 19:35:33 +01:00
Ben Hutchings
0f89be27d3
mm: larger stack guard gap, between vmas (CVE-2017-1000364)
2017-06-20 00:19:55 +01:00
Ben Hutchings
52978aae0c
USB: serial: option: add two Longcheer device ids ( Closes : #864604 )
2017-06-18 21:05:59 +01:00
Ben Hutchings
76ed7c5f09
Update to 4.11.6
2017-06-18 18:12:42 +01:00
Ben Hutchings
21159c097a
Release linux (4.9.30-2).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlk+1/UACgkQ57/I7JWG
EQnBDBAAyXVWuRSGT/qEyF/ML8KM8R9lQJDDm5eN/NRl5Tk1QEU+8vo0DnSC0SCb
hMvML/HFsyTXdgKALU3ygKfI+5MloLYTNVkWGmWFuMBUcBWHNcHJEinlvRmS3jfh
QJCsPYgaTi7qk+fLg7lidlDQZ0vXzQlXU7QXQJgtKx2YxQhwdUNx2qtNwjWxJSgU
hT5VRpU0CiaRdTxO8KQYCipDko7ohznjCCXzemgYBKCOqSWE7EwD5d2WqtcTinR0
Mpess7GR9LjEoUwoQ5cUksOPUSWP2BFsre8QpuGeoC7VoawhmKYJj91CvcheV7rs
jStLk5DjntoMKitAUSpETjHIefk+4HEVbv5av8clmYkVCXiSAUZGiywql5Gl0T6B
V6C9dwpUbSdevKvsEhmKi2Ei12kQ3kt/sL2WrPPHmqWUfT7KwPbUOR6MkrtyQoz+
6McaJlSIu+Ln3/naZEHh73yAwBc/D/Q+9bxpSYMngyFGZNL6JqJc2I6N9x+zg3xV
MSLTASQcdsGJENuoKE2+eqW7xqtQcdxBF416Pc9CC5Czifz+V7dELmShjvjX3lJm
YBBgZtfS7IOBg8kW6EIKhn8Xv8xRvMA1fyeonV1fjv48e8fPb7it24chy0GK7t0z
QNNVf06kHLPuDWHiCgWRm0ZDYWuyQLZdq90xKKoiGEIm2zeZnGU=
=7TPb
-----END PGP SIGNATURE-----
Merge tag 'debian/4.9.30-2' into sid
2017-06-12 19:09:18 +01:00
Ben Hutchings
29fbd594e5
NFSv4.x/callback: Create the callback service through svc_create_pooled ( Closes : #862357 )
2017-06-12 16:20:51 +01:00
Ben Hutchings
65dde6402d
Fix patch grouping
2017-06-12 16:09:22 +01:00
Ben Hutchings
6fdb07003d
Revert "uapi: fix linux/if.h userspace compilation errors"
...
This patch fixes a bug but it broke compilation of radvd (see
by reverting it for stretch.
2017-06-09 15:27:04 +01:00
Ben Hutchings
cb766cd661
Add follow-up fixes for CVE-2017-9074
2017-06-08 15:39:03 +01:00
Ben Hutchings
9bf3ee218c
Add follow-up fixes for CVE-2017-9074
2017-06-08 15:37:04 +01:00
Ben Hutchings
304a2920e5
Update to 4.11.4
2017-06-07 23:41:28 +01:00
Ben Hutchings
2da7c17a3d
ipv6: Check ip6_find_1stfragopt() return value properly.
...
Follow-up to the fix for CVE-2017-9074.
2017-06-07 23:34:55 +01:00
Ben Hutchings
5174845342
Release linux (4.9.30-1).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlkz7vwACgkQ57/I7JWG
EQmWdQ//ctWbgUQezu+yi96QR/algQVpsRH/x1oUVnPIYi96FYOabS9pKaK0aAz1
gvTzEBz+ej2lj+ju51UWGsWHXG9CuBO9i+lRqxf74YdpmDPVco+sDWULBJzEnXqC
rYJsvnwLneDdUOeLd+r9nS/a38PezOqXd0eQApzwzvj4GStrj23aSQeLH7pXqXrr
KI/dORIXEujHoNeWzSzW3XXzOYlg9yAJuLyFmS8FGg7fBaEpnlRA+z2gXtmX7Bdn
SBJxYNttrVbucpHsIwFQysaVU+G0EXnbwgsB/AQBycCrDDIYmhmWLdqlIG+q6lsm
AGLmmX47xxrDpBPhr8iHWJkcmTBBNsSADghLvTru5PSWWTd70P/f2XWGYrfJ5bvU
OrQaV4BFG+zw6RC7Jlzx+byaXyWq15aorRAJSXKaFdebHBZXFzsbKTq4HNTRKV06
3DpoH47C0Jr4YXSbcNvgZiDZnF7OmYw/vsbJk+X4IC+igpriz3dV93QTnL2vf4iO
LaS2KT1MkGInS329DRpjCy14+q1LZM2nti6/mPji2Uqwl6ACvGYgL5y0FJLfEThH
XN+a2So6+u8MvWxrUoNrHIj8aYok96oONpDDbPIueS/PT7TwHBbq2ui1zlE8Uahg
zR3+U/V5VoBEct5n/nm0c8SRhkqsfOk8l42Dj5ibkQAuDzzt39g=
=MA6Q
-----END PGP SIGNATURE-----
Merge tag 'debian/4.9.30-1'
Drop ABI reference files and ABI maintenance patch.
2017-06-05 14:12:31 +01:00
Ben Hutchings
7b53b52f6f
Update to 4.11.3
2017-06-05 14:04:06 +01:00
Ben Hutchings
4078eac467
[arm64] serial: pl011: add console matching function ( Closes : #861898 )
2017-06-04 02:40:54 +01:00
Ben Hutchings
0aead2461f
[x86] pinctrl: cherryview: Add a quirk to make Acer Chromebook keyboard work again
...
Closes : #862723
2017-06-04 02:30:55 +01:00
Ben Hutchings
ae4eed4ced
btrfs: warn about RAID5/6 being experimental at mount time ( Closes : #863290 )
2017-06-04 01:20:23 +01:00
Ben Hutchings
b9ea5ea2a4
uapi: fix linux/if.h userspace compilation errors (see #822393 , #824442 )
2017-06-01 17:50:12 +01:00
Ben Hutchings
a843bf5bb3
Merge remote-tracking branch 'alioth/sid' into sid
2017-06-01 14:10:48 +01:00
Salvatore Bonaccorso
2502943c58
ipv6: fix out of bound writes in __ip6_append_data() (CVE-2017-9242)
2017-06-01 08:38:02 +02:00
Salvatore Bonaccorso
cd87fb7a86
crypto: skcipher - Add missing API setkey checks (CVE-2017-9211)
2017-06-01 08:34:46 +02:00
Salvatore Bonaccorso
261dbebcde
ipv6/dccp: do not inherit ipv6_mc_list from parent (CVE-2017-9076 CVE-2017-9077)
2017-06-01 08:13:06 +02:00
Salvatore Bonaccorso
3253209d02
sctp: do not inherit ipv6_{mc|ac|fl}_list from parent (CVE-2017-9075)
2017-06-01 08:08:49 +02:00
Salvatore Bonaccorso
35c1e8ae8d
ipv6: Prevent overrun when parsing v6 header options (CVE-2017-9074)
2017-06-01 08:05:24 +02:00
Salvatore Bonaccorso
a68b36a505
dccp/tcp: do not inherit mc_list from parent (CVE-2017-8890)
2017-06-01 07:43:55 +02:00
Salvatore Bonaccorso
20b3d9876a
tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline() (CVE-2017-0605)
2017-06-01 07:36:02 +02:00
Ben Hutchings
ad62774819
Add various security fixes
2017-06-01 00:30:04 +01:00
Ben Hutchings
e9619f03d3
Update to 4.9.30
...
* Drop/refresh patches as necessary
* Ignore ABI changes in ccp and hid-sensors
* [mips*el/loongson-3] Revert "MIPS: Loongson-3: Select
MIPS_L1_CACHE_SHIFT_6" to avoid ABI change
2017-05-31 21:02:34 +01:00
Salvatore Bonaccorso
dd1408c66d
Update to 4.9.28
2017-05-27 17:12:34 +02:00
Salvatore Bonaccorso
3d18d55b64
Update to 4.9.26
...
Ignore changes to module:sound/firewire/snd-firewire-lib
Ignore changes to module:net/l2tp/l2tp_core
2017-05-13 16:07:07 +02:00
Ben Hutchings
2d982936e8
usbip: Fix potential format overflow in userspace tools
...
This fixes FTBFS on 64-bit architectures with gcc-7, which in
experimental means at least amd64, ppc64, sparc64.
2017-05-04 02:48:18 +01:00
Ben Hutchings
85b468262e
Remove unused liblockdep packaging
2017-05-03 21:02:49 +01:00
Ben Hutchings
a4e087d3b1
Release linux (4.9.25-1).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlkI0/kACgkQ57/I7JWG
EQkutQ/9EsYdnQXf4HaC1YTqQW0Nu5+swZzyosOcdtMfJrj+PWXQMgmY4WWav8I/
DipRGhfXXMnqlBg1vOR5cEdqPznRm/cwcuPqZpw7H0fA7LvyCibg/7yERJYv7i1U
BIy8s29NCpVVRhDhY9Nl5t0WLGQT4Rg9JW6iKNRDq2y91etahSxzOBxB2B3k04Ys
9vFPpuKq5QAskCBGEucinYYKTy7/ciIXsaSij2m/G7/ly/Qaqt0pIgjqi4QhuJs3
yWidIm1aBvE4MHXH8WQkg1aF20vfdGXz3CZNT6BWFn/6hNesS+tEQpF/nYLBqnfS
2GghqeWO1+xzxlXWNZU/SD0JhkB6gAeZ+4MP7eYz8BAtpUz7H/zZfZNsOBWb6YJY
Pc8AjqG6mBd/1B2O8yXUda/j/xazEtg0c7uxQjyOEqh2nPeHn9FVLuJsSP74wxdx
zjGmOjJzKUmhBGxLdJZAFL5N7YbLR+qNQfV2UGz4+zVIJge9R7HwWwR9+Um8AHq0
qrnjRf6iAla1phYlgHnPx4r6A9kactDuFsNMfUN8nsUrV+KX15k+dt02CpFSWw0B
lXGPf2MNXTEp+CsuAVBAWFP55JCOwD6yYoLfEfErXvchc7qqIKHgmIrLSyexro7O
F1+HBfu6t1M4tRz0xNu8sGL4uzsjockMW8RL1HFgboUluMgTFPQ=
=k/sj
-----END PGP SIGNATURE-----
Merge tag 'debian/4.9.25-1'
Drop the added patches, which are already in 4.11.
CONFIG_NFP_NETVF is replaced by CONFIG_NFP in 4.11.
2017-05-02 19:57:00 +01:00
Salvatore Bonaccorso
7ba1afb386
nfsd: stricter decoding of write-like NFSv2/v3 ops (CVE-2017-7895)
2017-04-29 22:02:50 +02:00
Salvatore Bonaccorso
7961205000
nfsd4: minor NFSv2/v3 write decoding cleanup
2017-04-29 21:59:48 +02:00
Salvatore Bonaccorso
0e77dea5fc
nfsd: check for oversized NFSv2/v3 arguments (CVE-2017-7645)
2017-04-29 21:52:43 +02:00
Salvatore Bonaccorso
4c666bd4da
Update to 4.9.25
2017-04-27 20:19:04 +02:00
Salvatore Bonaccorso
6771be1138
macsec: dynamically allocate space for sglist
2017-04-27 07:42:13 +02:00
Salvatore Bonaccorso
7b2acecada
macsec: avoid heap overflow in skb_to_sgvec (CVE-2017-7477)
2017-04-27 06:43:38 +02:00
Ben Hutchings
7bf90ad750
KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings (CVE-2017-7472)
2017-04-22 02:26:48 +01:00
Ben Hutchings
89402402c8
KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings (CVE-2016-9604)
2017-04-22 02:25:04 +01:00
Ben Hutchings
74fdfed494
Drop ABI maintenance patches
...
We're bumping ABI in the next upload so don't need these.
2017-04-22 02:22:38 +01:00
Ben Hutchings
9c5f88b1f6
Update to 4.9.24
...
Drop most of our bug fix patches, which were included in it.
Adjust context in a couple of rt patches that have textual conflicts.
2017-04-22 00:59:32 +01:00
Aurelien Jarno
f2b1e81469
[mips*/octeon] Drop obsolete patch adding support for the UBNT E200 board.
2017-04-21 11:31:33 +02:00
Ben Hutchings
0e0b29ad5a
[arm64,x86] Replace securelevel patch set with lockdown patch set
...
Matthew stopped maintaining the securelevel patch set, and David
Howells has taken it up under the new name 'lockdown'. This is
taken from:
https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git#efi-lock-down
commits ddb99e118e37f324a4be65a411bb60ae62795cf9..0240fa7c7c948b19d57c0163d57e55296277ff3c
Rebase the three patches not included there (cold boot mitigation,
arm64 SB integration, MTD RAM restrictions).
Update our kconfig for the renaming.
2017-04-20 02:38:34 +01:00
Ben Hutchings
40f397ca1a
Drop another patch redundant with upstream changes
2017-04-20 00:16:12 +01:00
Lukas Wunner
f26f2a520d
Update to 4.11-rc6
...
Remove merged patches and rebase remaining patches.
A portion of the secureboot patches have been upstreamed, but were
changed substantially during review, primarily to avoid code
duplication among arches. I've stripped the patches of the merged
bits and rebased the remainder.
Signed-off-by: Lukas Wunner <lukas@wunner.de>
[bwh: Undo some incorrect context changes in
bugfix/all/firmware-remove-redundant-log-messages-from-drivers.patch]
2017-04-20 00:15:17 +01:00
Ben Hutchings
3f62574711
crypto: ahash - Fix EINPROGRESS notification callback (CVE-2017-7618)
2017-04-16 23:25:12 +01:00
Ben Hutchings
31945f628c
Update to 4.9.22
...
Drop patches applied upstream.
2017-04-16 21:47:05 +01:00
Salvatore Bonaccorso
1d5fde10d8
mm/mempolicy.c: fix error handling in set_mempolicy and mbind (CVE-2017-7616)
2017-04-16 07:59:50 +02:00
Ben Hutchings
263f51b136
cpupower: Fix turbo frequency reporting for pre-Sandy Bridge cores ( Closes : #859978 )
2017-04-11 02:57:43 +01:00
Salvatore Bonaccorso
5547db97a6
fscrypt: remove broken support for detecting keyring key revocation (CVE-2017-7374)
2017-04-08 09:36:53 +02:00
Salvatore Bonaccorso
43f7156d3a
ping: implement proper locking (CVE-2017-2671)
2017-04-08 09:18:35 +02:00
Ben Hutchings
20a0659e24
drm/nouveau/disp/mcp7x: disable dptmds workaround ( Closes : #850219 )
2017-04-07 20:42:59 +01:00
Ben Hutchings
459f0a48e4
Release linux (4.9.18-1).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAljcf5EACgkQ57/I7JWG
EQmFcQ/8DoBxenUbNW5cY+YbwBKsjuBb8Q6gnqQLOX/JtOJ8MtpQ1t2QQPvMYdXJ
PTcNZAKm8mrsWJxos9WsUHjkdrfuLAsMTisC5FvDkE6myBt++GH3gRtKCT0A2nep
ZU17YeHYfcqv6UK90Jg0p+xAKQEEqKZrryP7fvb8oX5wOORwlLMxBScErftbB/vV
hBvwybq7gfA/4KxDTnWgadpidg16/67ZgKd0EoSsbCpFAJble/hRroMwzKUSzFW+
2yFxrmUNFoIXddoDtORNNdK0nM6b2MKeWKjmndknz4QehlayZWCg1+mEjp7A7Wqp
9naONqhQWMibARGkDl5Y7SZ9/XJXjPmDFXi3EIbhrWMN2TUkzUN14A1YHw+M9p5Q
9UbnpI6eDxjvlezcPjqucIM0ywFwljBrDsQXfGsR6ogQbYvA7nJ0dK63/EXzvl1U
UGUBwHtDhLHxtv85/JsUqq9/UVGbZjcHvyEfmE1mvbMcNxkSLSewt+jd78h7xIyL
tOZP24ARPKqcQ1detou47o8cMmwTqVl6xu08w83xin2Xux+UlYFTtI/LVws3oYNb
F3uEzIgtJbu7ENxCkY5RmIJG9qRJZJ2f6dnpLLld6D52paD5OYNrk1NShtf/Dp+r
zjJoiIRTcO9fPatjl07Y2eDeFeo2SKoD+Xd/5nGDoytE6JiDEXg=
=ONVb
-----END PGP SIGNATURE-----
Merge tag 'debian/4.9.18-1'
Drop ABI reference files.
Refresh/drop patches as needed.
2017-03-30 14:16:47 +01:00
Ben Hutchings
f294506bfa
netfilter: nft_ct: add notrack support ( Closes : #845500 )
2017-03-30 01:40:57 +01:00
Ben Hutchings
42ea80c71c
[arm64] rtc: tegra: Implement clock handling ( Closes : #858514 )
2017-03-29 23:42:54 +01:00
Ben Hutchings
8a7210aeea
net/packet: Fix integer overflow in various range checks (CVE-2017-7308)
2017-03-29 22:50:53 +01:00
Ben Hutchings
8703214f24
[x86] drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl() (CVE-2017-7294)
2017-03-29 22:42:53 +01:00
Ben Hutchings
de3e9af4dc
[x86] vmwgfx: NULL pointer dereference in vmw_surface_define_ioctl() (CVE-2017-7261)
2017-03-29 22:36:16 +01:00
Ben Hutchings
2dd2d226ca
scsi: sg: check length passed to SG_NEXT_CMD_LEN (CVE-2017-7187)
2017-03-29 22:31:24 +01:00
Ben Hutchings
3e739d51e3
xfrm_user: Apply fixes for CVE-2017-7184
2017-03-29 22:28:20 +01:00
Ben Hutchings
b303c03f3b
Update to 4.9.16
...
Drop one patch included in it
2017-03-20 00:12:10 +00:00
Salvatore Bonaccorso
f271c6453d
Update to 4.9.15
...
Drop one patch included in 4.9.15
Ignore ABI changes for
module:drivers/nvdimm/libnvdimm
module:drivers/target/**
debugfs_create_automount
2017-03-19 21:41:18 +01:00