Ben Hutchings
09f1166971
binfmt_elf: use ELF_ET_DYN_BASE only for PIE (CVE-2017-1000370, CVE-2017-1000371)
2017-07-16 21:24:08 +01:00
Ben Hutchings
292c881344
Update to 4.11.11
2017-07-16 21:22:27 +01:00
Salvatore Bonaccorso
e70c79cce5
Update to 4.11.9
2017-07-09 12:54:43 +02:00
Salvatore Bonaccorso
2125fc6614
Update to 4.11.8
2017-06-29 21:21:01 +02:00
Salvatore Bonaccorso
3aaf7fba55
rxrpc: Fix several cases where a padded len isn't checked in ticket decode (CVE-2017-7482)
2017-06-29 08:24:46 +02:00
Salvatore Bonaccorso
4bffab0d23
Update to 4.11.7
...
Drop upstream applied patch.
Refresh features/all/rt/sched-mmdrop-delayed.patch.
Ignore changes for module: drivers/iio/imu/inv_mpu6050/*.
2017-06-26 22:01:21 +02:00
Ben Hutchings
4d907dfd7a
Revert "Revert "ia64: move exports to definitions""
...
Can't remember why I ever applied this, as we don't have any support
for ia64 any more. In any case ia64 now has an <asm/asm-prototypes.h>.
2017-06-20 19:35:33 +01:00
Ben Hutchings
0f89be27d3
mm: larger stack guard gap, between vmas (CVE-2017-1000364)
2017-06-20 00:19:55 +01:00
Ben Hutchings
52978aae0c
USB: serial: option: add two Longcheer device ids ( Closes : #864604 )
2017-06-18 21:05:59 +01:00
Ben Hutchings
76ed7c5f09
Update to 4.11.6
2017-06-18 18:12:42 +01:00
Ben Hutchings
21159c097a
Release linux (4.9.30-2).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlk+1/UACgkQ57/I7JWG
EQnBDBAAyXVWuRSGT/qEyF/ML8KM8R9lQJDDm5eN/NRl5Tk1QEU+8vo0DnSC0SCb
hMvML/HFsyTXdgKALU3ygKfI+5MloLYTNVkWGmWFuMBUcBWHNcHJEinlvRmS3jfh
QJCsPYgaTi7qk+fLg7lidlDQZ0vXzQlXU7QXQJgtKx2YxQhwdUNx2qtNwjWxJSgU
hT5VRpU0CiaRdTxO8KQYCipDko7ohznjCCXzemgYBKCOqSWE7EwD5d2WqtcTinR0
Mpess7GR9LjEoUwoQ5cUksOPUSWP2BFsre8QpuGeoC7VoawhmKYJj91CvcheV7rs
jStLk5DjntoMKitAUSpETjHIefk+4HEVbv5av8clmYkVCXiSAUZGiywql5Gl0T6B
V6C9dwpUbSdevKvsEhmKi2Ei12kQ3kt/sL2WrPPHmqWUfT7KwPbUOR6MkrtyQoz+
6McaJlSIu+Ln3/naZEHh73yAwBc/D/Q+9bxpSYMngyFGZNL6JqJc2I6N9x+zg3xV
MSLTASQcdsGJENuoKE2+eqW7xqtQcdxBF416Pc9CC5Czifz+V7dELmShjvjX3lJm
YBBgZtfS7IOBg8kW6EIKhn8Xv8xRvMA1fyeonV1fjv48e8fPb7it24chy0GK7t0z
QNNVf06kHLPuDWHiCgWRm0ZDYWuyQLZdq90xKKoiGEIm2zeZnGU=
=7TPb
-----END PGP SIGNATURE-----
Merge tag 'debian/4.9.30-2' into sid
2017-06-12 19:09:18 +01:00
Ben Hutchings
29fbd594e5
NFSv4.x/callback: Create the callback service through svc_create_pooled ( Closes : #862357 )
2017-06-12 16:20:51 +01:00
Ben Hutchings
65dde6402d
Fix patch grouping
2017-06-12 16:09:22 +01:00
Ben Hutchings
6fdb07003d
Revert "uapi: fix linux/if.h userspace compilation errors"
...
This patch fixes a bug but it broke compilation of radvd (see
by reverting it for stretch.
2017-06-09 15:27:04 +01:00
Ben Hutchings
cb766cd661
Add follow-up fixes for CVE-2017-9074
2017-06-08 15:39:03 +01:00
Ben Hutchings
9bf3ee218c
Add follow-up fixes for CVE-2017-9074
2017-06-08 15:37:04 +01:00
Ben Hutchings
304a2920e5
Update to 4.11.4
2017-06-07 23:41:28 +01:00
Ben Hutchings
2da7c17a3d
ipv6: Check ip6_find_1stfragopt() return value properly.
...
Follow-up to the fix for CVE-2017-9074.
2017-06-07 23:34:55 +01:00
Ben Hutchings
5174845342
Release linux (4.9.30-1).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlkz7vwACgkQ57/I7JWG
EQmWdQ//ctWbgUQezu+yi96QR/algQVpsRH/x1oUVnPIYi96FYOabS9pKaK0aAz1
gvTzEBz+ej2lj+ju51UWGsWHXG9CuBO9i+lRqxf74YdpmDPVco+sDWULBJzEnXqC
rYJsvnwLneDdUOeLd+r9nS/a38PezOqXd0eQApzwzvj4GStrj23aSQeLH7pXqXrr
KI/dORIXEujHoNeWzSzW3XXzOYlg9yAJuLyFmS8FGg7fBaEpnlRA+z2gXtmX7Bdn
SBJxYNttrVbucpHsIwFQysaVU+G0EXnbwgsB/AQBycCrDDIYmhmWLdqlIG+q6lsm
AGLmmX47xxrDpBPhr8iHWJkcmTBBNsSADghLvTru5PSWWTd70P/f2XWGYrfJ5bvU
OrQaV4BFG+zw6RC7Jlzx+byaXyWq15aorRAJSXKaFdebHBZXFzsbKTq4HNTRKV06
3DpoH47C0Jr4YXSbcNvgZiDZnF7OmYw/vsbJk+X4IC+igpriz3dV93QTnL2vf4iO
LaS2KT1MkGInS329DRpjCy14+q1LZM2nti6/mPji2Uqwl6ACvGYgL5y0FJLfEThH
XN+a2So6+u8MvWxrUoNrHIj8aYok96oONpDDbPIueS/PT7TwHBbq2ui1zlE8Uahg
zR3+U/V5VoBEct5n/nm0c8SRhkqsfOk8l42Dj5ibkQAuDzzt39g=
=MA6Q
-----END PGP SIGNATURE-----
Merge tag 'debian/4.9.30-1'
Drop ABI reference files and ABI maintenance patch.
2017-06-05 14:12:31 +01:00
Ben Hutchings
7b53b52f6f
Update to 4.11.3
2017-06-05 14:04:06 +01:00
Ben Hutchings
4078eac467
[arm64] serial: pl011: add console matching function ( Closes : #861898 )
2017-06-04 02:40:54 +01:00
Ben Hutchings
0aead2461f
[x86] pinctrl: cherryview: Add a quirk to make Acer Chromebook keyboard work again
...
Closes : #862723
2017-06-04 02:30:55 +01:00
Ben Hutchings
ae4eed4ced
btrfs: warn about RAID5/6 being experimental at mount time ( Closes : #863290 )
2017-06-04 01:20:23 +01:00
Ben Hutchings
b9ea5ea2a4
uapi: fix linux/if.h userspace compilation errors (see #822393 , #824442 )
2017-06-01 17:50:12 +01:00
Ben Hutchings
a843bf5bb3
Merge remote-tracking branch 'alioth/sid' into sid
2017-06-01 14:10:48 +01:00
Salvatore Bonaccorso
2502943c58
ipv6: fix out of bound writes in __ip6_append_data() (CVE-2017-9242)
2017-06-01 08:38:02 +02:00
Salvatore Bonaccorso
cd87fb7a86
crypto: skcipher - Add missing API setkey checks (CVE-2017-9211)
2017-06-01 08:34:46 +02:00
Salvatore Bonaccorso
261dbebcde
ipv6/dccp: do not inherit ipv6_mc_list from parent (CVE-2017-9076 CVE-2017-9077)
2017-06-01 08:13:06 +02:00
Salvatore Bonaccorso
3253209d02
sctp: do not inherit ipv6_{mc|ac|fl}_list from parent (CVE-2017-9075)
2017-06-01 08:08:49 +02:00
Salvatore Bonaccorso
35c1e8ae8d
ipv6: Prevent overrun when parsing v6 header options (CVE-2017-9074)
2017-06-01 08:05:24 +02:00
Salvatore Bonaccorso
a68b36a505
dccp/tcp: do not inherit mc_list from parent (CVE-2017-8890)
2017-06-01 07:43:55 +02:00
Salvatore Bonaccorso
20b3d9876a
tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline() (CVE-2017-0605)
2017-06-01 07:36:02 +02:00
Ben Hutchings
ad62774819
Add various security fixes
2017-06-01 00:30:04 +01:00
Ben Hutchings
e9619f03d3
Update to 4.9.30
...
* Drop/refresh patches as necessary
* Ignore ABI changes in ccp and hid-sensors
* [mips*el/loongson-3] Revert "MIPS: Loongson-3: Select
MIPS_L1_CACHE_SHIFT_6" to avoid ABI change
2017-05-31 21:02:34 +01:00
Salvatore Bonaccorso
dd1408c66d
Update to 4.9.28
2017-05-27 17:12:34 +02:00
Salvatore Bonaccorso
3d18d55b64
Update to 4.9.26
...
Ignore changes to module:sound/firewire/snd-firewire-lib
Ignore changes to module:net/l2tp/l2tp_core
2017-05-13 16:07:07 +02:00
Ben Hutchings
2d982936e8
usbip: Fix potential format overflow in userspace tools
...
This fixes FTBFS on 64-bit architectures with gcc-7, which in
experimental means at least amd64, ppc64, sparc64.
2017-05-04 02:48:18 +01:00
Ben Hutchings
85b468262e
Remove unused liblockdep packaging
2017-05-03 21:02:49 +01:00
Ben Hutchings
a4e087d3b1
Release linux (4.9.25-1).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlkI0/kACgkQ57/I7JWG
EQkutQ/9EsYdnQXf4HaC1YTqQW0Nu5+swZzyosOcdtMfJrj+PWXQMgmY4WWav8I/
DipRGhfXXMnqlBg1vOR5cEdqPznRm/cwcuPqZpw7H0fA7LvyCibg/7yERJYv7i1U
BIy8s29NCpVVRhDhY9Nl5t0WLGQT4Rg9JW6iKNRDq2y91etahSxzOBxB2B3k04Ys
9vFPpuKq5QAskCBGEucinYYKTy7/ciIXsaSij2m/G7/ly/Qaqt0pIgjqi4QhuJs3
yWidIm1aBvE4MHXH8WQkg1aF20vfdGXz3CZNT6BWFn/6hNesS+tEQpF/nYLBqnfS
2GghqeWO1+xzxlXWNZU/SD0JhkB6gAeZ+4MP7eYz8BAtpUz7H/zZfZNsOBWb6YJY
Pc8AjqG6mBd/1B2O8yXUda/j/xazEtg0c7uxQjyOEqh2nPeHn9FVLuJsSP74wxdx
zjGmOjJzKUmhBGxLdJZAFL5N7YbLR+qNQfV2UGz4+zVIJge9R7HwWwR9+Um8AHq0
qrnjRf6iAla1phYlgHnPx4r6A9kactDuFsNMfUN8nsUrV+KX15k+dt02CpFSWw0B
lXGPf2MNXTEp+CsuAVBAWFP55JCOwD6yYoLfEfErXvchc7qqIKHgmIrLSyexro7O
F1+HBfu6t1M4tRz0xNu8sGL4uzsjockMW8RL1HFgboUluMgTFPQ=
=k/sj
-----END PGP SIGNATURE-----
Merge tag 'debian/4.9.25-1'
Drop the added patches, which are already in 4.11.
CONFIG_NFP_NETVF is replaced by CONFIG_NFP in 4.11.
2017-05-02 19:57:00 +01:00
Salvatore Bonaccorso
7ba1afb386
nfsd: stricter decoding of write-like NFSv2/v3 ops (CVE-2017-7895)
2017-04-29 22:02:50 +02:00
Salvatore Bonaccorso
7961205000
nfsd4: minor NFSv2/v3 write decoding cleanup
2017-04-29 21:59:48 +02:00
Salvatore Bonaccorso
0e77dea5fc
nfsd: check for oversized NFSv2/v3 arguments (CVE-2017-7645)
2017-04-29 21:52:43 +02:00
Salvatore Bonaccorso
4c666bd4da
Update to 4.9.25
2017-04-27 20:19:04 +02:00
Salvatore Bonaccorso
6771be1138
macsec: dynamically allocate space for sglist
2017-04-27 07:42:13 +02:00
Salvatore Bonaccorso
7b2acecada
macsec: avoid heap overflow in skb_to_sgvec (CVE-2017-7477)
2017-04-27 06:43:38 +02:00
Ben Hutchings
7bf90ad750
KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings (CVE-2017-7472)
2017-04-22 02:26:48 +01:00
Ben Hutchings
89402402c8
KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings (CVE-2016-9604)
2017-04-22 02:25:04 +01:00
Ben Hutchings
74fdfed494
Drop ABI maintenance patches
...
We're bumping ABI in the next upload so don't need these.
2017-04-22 02:22:38 +01:00
Ben Hutchings
9c5f88b1f6
Update to 4.9.24
...
Drop most of our bug fix patches, which were included in it.
Adjust context in a couple of rt patches that have textual conflicts.
2017-04-22 00:59:32 +01:00
Aurelien Jarno
f2b1e81469
[mips*/octeon] Drop obsolete patch adding support for the UBNT E200 board.
2017-04-21 11:31:33 +02:00