debian-packaging
/
linux
8
0
Fork 0
Code Releases Activity
13,997 Commits 2 Branches 0 Tags 493 MiB
Commit Graph

8618 Commits

Author SHA1 Message Date
Ben Hutchings c2443a2e97 [x86] Update TAA and NX fixes to pending stable backports 2019-11-09 20:17:15 +00:00
Salvatore Bonaccorso be004c1b69 x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs 2019-11-08 00:14:38 +01:00
Ben Hutchings 37baed7166 [x86] Update TAA (Borislav v2) and NX (v9) fixes 
The upstream commits for these are now finalised, so we shouldn't need
to replace patches after this (but might need to add more).
 2019-11-07 18:10:48 +00:00
Salvatore Bonaccorso cd92ab49c4 KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is active 2019-11-07 17:32:14 +01:00
Ben Hutchings 537ad2315a [x86] Update TAA patch set to v7 2019-10-24 22:52:37 +01:00
Ben Hutchings 96c0e74c50 [x86] Add mitigation for TSX Asynchronous Abort (CVE-2019-11135) 
This is a backport of v6 of the TAA patch set, and will probably
require updates before release.  The subject lines for these patches
didn't come through.
 2019-10-20 14:51:55 +01:00
Ben Hutchings d9bd594144 [x86] KVM: Add mitigation for Machine Check Error on Page Size Change 
(aka iTLB multi-hit, CVE-2018-12207)

This is a backport of v6 of the "NX" patch set, and will probably
require updates before release.
 2019-10-20 14:46:13 +01:00
Salvatore Bonaccorso f13b3cd992 Prepare to release linux (4.19.67-2+deb10u1). 2019-09-20 12:51:56 +02:00
Salvatore Bonaccorso 942d6ddd3f KVM: coalesced_mmio: add bounds checking (CVE-2019-14821) 2019-09-19 17:16:06 +02:00
Salvatore Bonaccorso c0096a08f9 [x86] ptrace: fix up botched merge of spectrev1 fix (CVE-2019-15902) 2019-09-18 21:35:01 +02:00
Salvatore Bonaccorso 78f0b2574a vhost: make sure log_num < in_num (CVE-2019-14835) 2019-09-13 06:12:11 +02:00
Romain Perier 782d6ea880 ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term 
(CVE-2019-15118)
 2019-09-12 22:40:43 +02:00
Romain Perier aa8fb19232 ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit 
(CVE-2019-15117)

[carnil: Use 4.19.67-2+deb10u1 version for buster-security branch]
 2019-09-12 22:40:21 +02:00
Salvatore Bonaccorso ff672b98a7 Prepare to release linux (4.19.67-2). 2019-08-28 06:20:22 +02:00
Salvatore Bonaccorso e10bab8d2e Reference assigned CVE id for CVE-2019-15538 
Gbp-Dch: Ignore
 2019-08-25 17:31:05 +02:00
Salvatore Bonaccorso a065e442e2 xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT 2019-08-24 20:51:54 +02:00
Cyril Brulebois 1b40f700ac [arm64] Backport DTB support for Rasperry Pi Compute Module 3. 
Tested-by: Charles Fendt <charles.fendt@me.com>
Signed-off-by: Cyril Brulebois <cyril@debamax.com>
(cherry picked from commit de7501857cae4892f52d8c56c2184be548709052)
 2019-08-22 21:16:10 +02:00
Cyril Brulebois 10dd2b634c [arm] Backport DTB support for Rasperry Pi Compute Module 3. 
Signed-off-by: Cyril Brulebois <cyril@debamax.com>
(cherry picked from commit 64801af590540b4494f408b95a31fbe07963784d)
 2019-08-22 21:16:10 +02:00
Ben Hutchings 57f74f6573 netfilter: conntrack: Use consistent ct id hash calculation 
This fixes a regression in 4.19.44.
 2019-08-22 20:04:20 +01:00
Ben Hutchings 00ee7f7173 [ppc64el] Avoid ABI change for disabling TM 
Ignore removal of TM functions that are exported for use by KVM.
 2019-08-22 20:03:54 +01:00
Ben Hutchings 019113b013 [ppc64el] Disable PPC_TRANSACTIONAL_MEM (Closes: #866122) 2019-08-22 20:03:19 +01:00
Ben Hutchings 7ee3696c10 KVM: Ignore ABI changes 
We already ignored most of them, but missed some.  Group together
all the KVM patterns in debian/config/defines.
 2019-08-22 20:02:52 +01:00
Ben Hutchings eaab250914 Merge remote-tracking branch 'salsa/buster' into buster 
Since I've already uploaded 4.19.67-1, open a new changelog entry for
Salvatore's change.
 2019-08-21 23:39:23 +01:00
Salvatore Bonaccorso 9bf2130b62 dm: disable DISCARD if the underlying storage no longer supports it 
Closes: #934331
 2019-08-21 21:41:04 +02:00
Salvatore Bonaccorso 8d3b3b09b9 Add CVE id for CVE-2019-15215 2019-08-21 21:30:17 +02:00
Salvatore Bonaccorso 2de12d5f21 Add CVE id for CVE-2019-15211 2019-08-21 21:29:45 +02:00
Salvatore Bonaccorso 71253bf604 Add CVE id for CVE-2019-15220 2019-08-21 21:28:17 +02:00
Salvatore Bonaccorso d5720146ae Add CVE id for CVE-2019-15221 2019-08-21 21:27:23 +02:00
Salvatore Bonaccorso 37487d12f3 Add CVE id for CVE-2019-15223 2019-08-21 21:24:47 +02:00
Salvatore Bonaccorso 0cde12d3b1 Add CVE id for CVE-2019-15219 2019-08-21 21:24:12 +02:00
Salvatore Bonaccorso 92583c3bcb Add CVE id for CVE-2019-15218 2019-08-21 21:23:39 +02:00
Salvatore Bonaccorso 4d54b8bb16 Add CVE id for CVE-2019-15212 2019-08-21 21:22:59 +02:00
Salvatore Bonaccorso 8e8dc21337 Add CVE id reference for CVE-2019-15216 2019-08-21 21:13:31 +02:00
Ben Hutchings 889a9d1fb0 Prepare to release linux (4.19.67-1). 2019-08-21 17:44:57 +01:00
Ben Hutchings f79aedcfab Bump ABI to 6 2019-08-20 01:51:35 +01:00
Ben Hutchings 795d93f1ed [rt] Update to 4.19.59-rt24 
This mostly applied cleanly on 4.19.67.  A few patches had 1 or 2
lines of fuzz which I've resolved.
 2019-08-20 01:51:34 +01:00
Ben Hutchings 0899b0f554 Update to 4.19.67 
* Drop patches which have been applied to 4.19-stable
* Drop "Revert "net: stmmac: Send TSO packets always from Queue 0"" in
  favour of upstream fix "net: stmmac: Re-work the queue selection for
  TSO packets"
* Refresh patches that became fuzzy
 2019-08-20 01:51:22 +01:00
Ben Hutchings 64c3754b90 Merge branch 'buster-security' into buster 
* Accept revert of "[sh4]: Check for kprobe trap number before trying
  to handle a kprobe trap" and update debian/changelog accordingly, as
  sh4 is not a release architecture
* Keep "[arm64] Improve support for the Huawei TaiShan server platform"
  which was reverted on the buster-security branch
 2019-08-18 19:29:59 +01:00
Ben Hutchings 92fee68e15 Prepare to release linux (4.19.37-5+deb10u2). 2019-08-08 03:02:38 +01:00
Ben Hutchings 95a59b0c5d inet: Avoid ABI change for IP ID hash change 2019-08-08 03:01:19 +01:00
Ben Hutchings f02f2890aa [x86] cpufeatures: Avoid ABI change for swapgs mitigations 
- Move swapgs feature bits to existing scattered words
- Revert "x86/cpufeatures: Combine word 11 and 12 into a new scattered
  features word"
 2019-08-08 02:49:24 +01:00
Salvatore Bonaccorso 07a6d57831 Add patchset for CVE-2019-1125 2019-08-07 08:34:30 +02:00
Romain Perier 65c2005956 [powerpc/tm] Fix oops on sigreturn on systems without TM (CVE-2019-13648) 2019-08-05 19:04:21 +02:00
Romain Perier 3b76691d24 Bluetooth: hci_uart: check for missing tty operations (CVE-2019-10207) 2019-08-05 18:57:05 +02:00
Romain Perier ec64cb4c87 floppy: fix div-by-zero in setup_format_params (CVE-2019-14284) 
This retrieves the patch from the linux-4.19.y branch and refreshes the
previous one "floppy: fix out-of-bounds read in copy_buffer", because
this is firstly "floppy: fix div-by-zero in setup_format_params" that is
applied upstream, then the one regarding out-of-bounds read in copy_buffer.
The one for CVE-2019-14283 was previously refreshed because it was not
applicable directly. Now both patches are synchronized with upstream and
applied in the same order.
 2019-08-05 17:56:29 +02:00
Romain Perier 24c58d8c20 inet: switch IP ID generator to siphash (CVE-2019-10638) 2019-07-30 11:20:38 +02:00
Romain Perier 4962cdb584 floppy: fix out-of-bounds read in copy_buffer (CVE-2019-14283) 2019-07-30 11:14:00 +02:00
Aurelien Jarno b394039686 [arm64] compat: Provide definition for COMPAT_SIGMINSTKSZ (Closes: #904385). 2019-07-29 22:36:47 +02:00
Uwe Kleine-König 8da545ad5d rtc-s35390a: backport fix to make hwclock able to read the time 2019-07-28 21:37:15 +02:00
Uwe Kleine-König ed5659c4e4 Merge branch 'imx6' of salsa.debian.org:ukleinek/linux into buster 2019-07-28 21:23:53 +02:00