debian-packaging
/
linux
8
0
Fork 0
Code Releases Activity
13,944 Commits 2 Branches 0 Tags 493 MiB
Commit Graph

8571 Commits

Author SHA1 Message Date
Romain Perier 65c2005956 [powerpc/tm] Fix oops on sigreturn on systems without TM (CVE-2019-13648) 2019-08-05 19:04:21 +02:00
Romain Perier 3b76691d24 Bluetooth: hci_uart: check for missing tty operations (CVE-2019-10207) 2019-08-05 18:57:05 +02:00
Romain Perier ec64cb4c87 floppy: fix div-by-zero in setup_format_params (CVE-2019-14284) 
This retrieves the patch from the linux-4.19.y branch and refreshes the
previous one "floppy: fix out-of-bounds read in copy_buffer", because
this is firstly "floppy: fix div-by-zero in setup_format_params" that is
applied upstream, then the one regarding out-of-bounds read in copy_buffer.
The one for CVE-2019-14283 was previously refreshed because it was not
applicable directly. Now both patches are synchronized with upstream and
applied in the same order.
 2019-08-05 17:56:29 +02:00
Romain Perier 24c58d8c20 inet: switch IP ID generator to siphash (CVE-2019-10638) 2019-07-30 11:20:38 +02:00
Romain Perier 4962cdb584 floppy: fix out-of-bounds read in copy_buffer (CVE-2019-14283) 2019-07-30 11:14:00 +02:00
Romain Perier 8cb769111f Input: gtco - bounds check collection indent level (CVE-2019-13631) 2019-07-27 13:15:59 +02:00
Romain Perier 167ecd4ada scsi: libsas: fix a race condition when smp task timeout (CVE-2018-20836) 2019-07-22 14:01:45 +02:00
Romain Perier 84b1bd80aa Revert unwanted changes for buster-security 
We need to be based onto 4.19.37-5+deb10u1, and only include security
related topics. Things or improvements added to 4.19.37-6 (that is
already in sid) should be removed because they should not be uploaded
to buster-security accidentaly.
 2019-07-22 11:44:02 +02:00
Romain Perier 1e1ff4ce9c binder: fix race between munmap() and direct reclaim (CVE-2019-1999) 2019-07-20 18:36:49 +02:00
Romain Perier 091f76e86d nfc: Ensure presence of required attributes in the deactivate_target handler (CVE-2019-12984) 2019-07-20 18:21:14 +02:00
Romain Perier fbe4322901 [powerpc*] mm/64s/hash: Reallocate context ids on fork (CVE-2019-12817) 2019-07-20 17:17:59 +02:00
Romain Perier 7e902dbcd3 [x86] x86/insn-eval: Fix use-after-free access to LDT entry (CVE-2019-13233) 2019-07-20 17:17:43 +02:00
Salvatore Bonaccorso aa3c23fe0e Release linux (4.19.37-5+deb10u1). 
-----BEGIN PGP SIGNATURE-----
 
 iQKmBAABCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl0xhh1fFIAAAAAALgAo
 aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
 ZWJpYW4ub3JnAAoJEAVMuPMTQ89E8nEP/iF7NUo1hvYNR/ueapgtpnMaHh/OeiGp
 x5/4RQW9Lo+Y8djiJWr9Kh7DVT7zp2k6OOb6o2qypgpEpFGGZAf02E3kheTJMhJz
 XxDHyGRflQpXDsEbPCcWCXvJjH/7puV/GWATPYo9qE/hs9rBAiFsOlOTqWSJf8Yd
 rVxjRRXe9/qRcOV4OJyiuL2GbeL7eO3TqTEl1NVSNP4V1RjYFFy/CUelWAcGzUOI
 tkk+NM7CEspQQhpIRkSGB+GyYMvOFNi2mkrz+mJbSUeb75uiZq3myJqHiQOKpwHe
 OGJiVBD4Ce8pv3PvR9bFZwgOV2t1XTDOeyUcmh8C07SblwI6iM/vi/nWw7B9VUEH
 X2EB/3/TuhKgJHtYpFZdi1mlRrt+6YYgDmbFVUyjojZhOONlVagwq2vaX0ep6yI4
 FOQo4kpCG10yse4JxUS0Unv6hk7ShfLe/Kb9lOJvPSZM5dCutWTQrRO05gTyFaev
 orMZou9lsXYDTzpFAICE2ZhCcySvYLqvPkkCoabiECMlJE2Ra/rsHiuQEcSNjG8E
 A8EqJhElt+W8mvTkofG5yL3oguD6yg4Qf0luKOl0bEcZyBXDbK4nHtHAwcBNoR5X
 zNfrikCyo7jPX3JGH3F8wYE9vc04SO+YEkvcyZcLTOUBiDIpZgC4r3IOyBDgzv1K
 KDIBNpFCBL0Z
 =794G
 -----END PGP SIGNATURE-----

Merge tag 'debian/4.19.37-5+deb10u1' into buster-security

Release linux (4.19.37-5+deb10u1).
 2019-07-19 11:15:23 +02:00
Salvatore Bonaccorso 786d73da80 Prepare to release linux (4.19.37-5+deb10u1). 2019-07-19 10:46:02 +02:00
Salvatore Bonaccorso c6f3814dc4 ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME (CVE-2019-13272) 2019-07-19 10:45:11 +02:00
John Paul Adrian Glaubitz c342a968c4 [sh4]: Check for kprobe trap number before trying to handle a kprobe trap 2019-06-23 18:59:55 +02:00
Ben Hutchings e2cc6dfed3 debian/changelog: Clean up entry for Huawei TaiShan support 2019-06-23 17:27:59 +01:00
Ben Hutchings c01ce3da12 Merge branch '93sam/linux-huawei-taishan-support' into sid 
[arm64] Improve support for the Huawei TaiShan server platform

See merge request kernel-team/linux!151
 2019-06-23 17:19:03 +01:00
Salvatore Bonaccorso eb5241a213 tcp: refine memory limit test in tcp_fragment() 
Closes: #930904
 2019-06-23 16:15:34 +02:00
Steve McIntyre 2c3b28ea8f [arm64] Improve support for the Huawei TaiShan server platform 
Closes: #930554

Enable the HNS/ROCE Infiniband driver

Backport fixes from 4.20 and 4.21 for HNS3 networking, hisi_sas SAS
and HNS/ROCE Infiniband

Signed-off-by: Steve McIntyre <93sam@debian.org>
 2019-06-23 10:58:07 +01:00
Ben Hutchings 8fb3f0b24d Prepare to release linux (4.19.37-5). 2019-06-19 23:16:58 +01:00
Ben Hutchings e60e81ccd9 debian/changelog: Wrap a >80-character line 2019-06-19 23:16:33 +01:00
Ben Hutchings 0a8cb2b316 Add ABI reference for 4.19.0-5 
This is based on version 4.19.37-1 and 4.19.37-3, which are
consistent except for the addition of two symbols related to the
MDS mitigation on x86.
 2019-06-19 23:16:32 +01:00
Ben Hutchings ac648cc5be debian/changelog: Record ABI fix that did *not* make it into 4.19.37-4 
Thought I'd built with the ABI fix, but didn't.   And there was
no ABI reference to catch this. :-(
 2019-06-19 23:16:25 +01:00
Romain Perier d2962338d6 [sparc64] Fix device naming inconsistency between sunhv_console and sunhv_reg (Closes: #926539) 2019-06-19 16:30:43 +02:00
Ben Hutchings 2536e21256 Prepare to release linux (4.19.37-4). 2019-06-17 20:00:30 +01:00
Ben Hutchings afceeb64fe debian/changelog: List changes in 4.19.37-rt20 2019-06-17 20:00:14 +01:00
Ben Hutchings 1e253edaa7 Add TCP DoS fixes 2019-06-17 19:46:08 +01:00
Ben Hutchings 4ea468554d mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (CVE-2019-10126) 2019-06-17 19:32:38 +01:00
Ben Hutchings e5664e23f5 mm/mincore.c: make mincore() more conservative (CVE-2019-5489) 2019-06-17 19:29:35 +01:00
Ben Hutchings 1894e89399 mwifiex: Don't abort on small, spec-compliant vendor IEs 2019-06-17 19:29:14 +01:00
Ben Hutchings 70b1e1a8fa mwifiex: Abort at too short BSS descriptor element 2019-06-17 19:25:01 +01:00
Ben Hutchings 54fa813858 mwifiex: Fix possible buffer overflows at parsing bss descriptor (CVE-2019-3846) 2019-06-17 19:24:10 +01:00
Alper Nebi Yasak cc59373e08 [arm64] udeb: fb-modules: Include rockchipdrm, panel-simple, pwm_bl, pwm-cros-ec 
Some ChromeOS devices need these for the display.

Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
 2019-06-10 18:50:46 +03:00
Alper Nebi Yasak c8cdb80b66 [arm64] udeb: mmc-modules: Include phy-rockchip-emmc 
Needed for internal storage on some ChromeOS devices.

Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
 2019-06-10 18:50:46 +03:00
Alper Nebi Yasak cb05f8d52a [arm64] udeb: usb-modules: Include phy-rockchip-typec, extcon-usbc-cros-ec 
On Samsung Chromebook Plus (v1) trying to boot from a rootfs on a USB
storage device without these modules in the initramfs, it drops to an
initramfs shell with a non-working display. For the d-i netboot image,
the screen doesn't turn on, but the installer menu works.

A recent change to initramfs-tools includes extcon-usbc-cros-ec, so
include that and a relevant PHY module here as well.

Relevant:
  https://salsa.debian.org/kernel-team/initramfs-tools/commit/994d698a

Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
 2019-06-10 18:50:45 +03:00
Alper Nebi Yasak 3c9e2d8dee [arm64] udeb: kernel-image: Include phy-rockchip-pcie 
On some ChromeOS devices, this is required to connect to a wireless
network via mwifiex_pcie.

Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
 2019-06-10 18:50:45 +03:00
Alper Nebi Yasak b68c83d156 [arm64] udeb: kernel-image: Include cros_ec_spi and SPI drivers 
The cros_ec multifunction device provides the keyboard services on some
ChromeOS devices, but requires a bus to be enabled to communicate with
it. On Samsung Chromebook Plus (v1), including spi-rockchip and
cros_ec_spi are enough. A recent change in initramfs-tools included all
SPI drivers, so include them here as well.

Relevant:
  https://salsa.debian.org/kernel-team/initramfs-tools/commit/797e5fed

Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
 2019-06-10 18:50:45 +03:00
Alper Nebi Yasak 0114d125ba udeb: input-modules: Include all keyboard driver modules 
Some important modules like cros_ec_keyb are in input/keyboard. A recent
change in initramfs-tools also includes them, so include them here too.

Relevant:
  https://salsa.debian.org/kernel-team/initramfs-tools/commit/40f66474

Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
 2019-06-10 18:50:45 +03:00
Ben Hutchings d7374fce1e Merge branch 'sparc64-sid' into 'sid' 
[sparc64] udeb: Disable suffix for kernel-image

See merge request kernel-team/linux!147
 2019-06-09 23:28:08 +00:00
Aurelien Jarno cbcfb20ce0 [mips] Correctly bounds check virt_addr_valid (Closes: #929366) 2019-06-09 00:06:52 +02:00
Salvatore Bonaccorso 3b44df1499 Bluetooth: hidp: fix buffer overflow (CVE-2019-11884) 2019-06-07 15:25:30 +02:00
Salvatore Bonaccorso 8910626bca ext4: zero out the unused memory region in the extent tree block (CVE-2019-11833) 2019-06-07 14:53:07 +02:00
Salvatore Bonaccorso 23527ae20b brcmfmac: add subtype check for event handling in data path (CVE-2019-9503) 2019-06-07 14:49:05 +02:00
Salvatore Bonaccorso 8970aaa563 brcmfmac: assure SSID length from firmware is limited (CVE-2019-9500) 2019-06-07 14:43:58 +02:00
Romain Perier c11ba60cce [rt] Update to 4.19.37-rt20 2019-05-29 21:49:30 +02:00
Ben Hutchings 92a96d298e [x86] lockdown,sysrq: Enable ALLOW_LOCKDOWN_LIFT_BY_SYSRQ (Closes: #929583) 2019-05-26 18:13:59 +01:00
John Paul Adrian Glaubitz db249f2b52 [sparc64] udeb: Disable suffix for kernel-image 2019-05-21 14:29:31 +02:00
Ben Hutchings a8c3d89c71 README.source: Document the various makefiles and use of out-of-tree builds 2019-05-19 15:05:10 +01:00
Ben Hutchings a96bd61a2e libbpf: Build out-of-tree 2019-05-19 14:49:48 +01:00