Ben Hutchings
fcd5547ba0
[i386/686-pae] mm: Fix types used in pgprot cacheability flags translations
2016-02-16 02:04:23 +00:00
Ben Hutchings
5b76884dc2
[amd64] efi: Build our own page table structure
...
This avoids adding W+X pages to the default page table, which is not
only bad for security but also now triggers a warning on boot.
2016-02-16 02:03:55 +00:00
Ben Hutchings
b84086545e
ALSA: usb-audio: avoid freeing umidi object twice (CVE-2016-XXXX)
2016-02-14 04:55:59 +00:00
Ben Hutchings
29ef5032ac
bpf: fix branch offset adjustment on backjumps after patching ctx expansion
...
CVE ID to be assigned.
2016-02-14 04:54:45 +00:00
Ben Hutchings
3c25ed439a
af_unix: Don't set err in unix_stream_read_generic unless there was an error
...
This fixes a regression in 4.4, also introduced in 4.3.4 and various
other stable updates.
2016-02-13 00:56:13 +00:00
Ben Hutchings
2d5f78b62a
Revert "workqueue: make sure delayed work run in local cpu"
...
This caused a regression in 4.3
2016-02-13 00:30:07 +00:00
Ben Hutchings
83fd76229d
af_unix: Guard against other == sk in unix_dgram_sendmsg (regression in 4.2.6-2)
2016-02-13 00:23:18 +00:00
Ben Hutchings
1c28b9c3ed
fs/hugetlbfs/inode.c: fix bugs in hugetlb_vmtruncate_list() (CVE-2016-0617)
...
Fixes a regression in 4.3.
2016-02-12 23:43:07 +00:00
Ben Hutchings
95ece6ebc6
iw_cxgb3: Fix incorrectly returning error on success (CVE-2015-8812)
2016-02-12 23:34:37 +00:00
Ben Hutchings
7f810117b9
[armel] Replace kirkwood and orion5x flavours with a 'marvell' flavour
...
Apply upstream patches from 4.5-rc1 to enable inclusion of orion5x in a
multiplatform build.
Merge configurations as well as possible.
2016-02-07 18:14:32 +00:00
Ben Hutchings
43671fd62b
Re-group fixes in the patch series
2016-02-07 18:08:27 +00:00
Ben Hutchings
536da2762d
Drop ABI fix, not needed in experimental
2016-02-07 18:05:13 +00:00
Ben Hutchings
6c26fa513e
Release linux (4.3.5-1).
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAVrbUcee/yOyVhhEJAQqY7RAAvLy0Z5eKYP7/Re1jHCuYqGFwhgIig+uo
yscoEqKlSWUwC7Tio5ar+oydqdvRyUOYB+ABXvpnQb+ImsPF5xNwYDLO5OIVGIuh
yc7RgHROYzDMYSqO8ToDAJbhPfd/UVUp25gJQqdbmozXr9lMPL1zH3/d5FUQgrcz
2AmCFDa6nvcCg6SxuT8IFl2lsDsPA7WI3AYUnFKVwxpwSGwZQmhH4G6SDBOTGd4n
Zx8ySfHle+Jz4aIYyD6jAFV4RVCsucwswwD78PYDZlfqxr29IzdwOx4MJNuLzxGp
A6/FVRg6V7b+/1E1BKS7wUAoN2F7JyXgrro7QsZEyq+ckQY/9CyfLopC0shx3+xv
2nQLGLb3rFySKkYXFBPJdQacr0zGRtEa5QdRWRVYPCUvXc2ju5pv8DTINzb7aW+6
tkec0Wks5LeDa+zVzbAJHpVgnE3PBSTJHpRWaqZv1C5avp92MmnphXxpjj5ifB2b
/eu6PzF4zAwM0Sr8aBY2riELQXMbFmtAE60+weMUjYHiL4MHc/yDNHtpjiz3zgrQ
qptf26uuHClC/FmMq+9jhTlbsXb9X30XWG94Dif0A46iAHAyRrO200DUlMYqx3KF
tDtHKHsJ2rqso6WQhuLOgd37qTKlt93rA6Se4bbDASQKdQealbY3COsYS1eulyJI
HXXB8qbopJI=
=cqNy
-----END PGP SIGNATURE-----
Merge tag 'debian/4.3.5-1'
2016-02-07 05:28:43 +00:00
Ben Hutchings
af8b80ce07
Fix yet another ABI change due to CVE-2013-4312 mitigation
2016-02-06 23:25:11 +00:00
Ben Hutchings
0df8f2e3e7
hwrng: n2 - Attach on T5/M5, T7/M7 SPARC CPUs ( Closes : #809815 )
2016-02-06 21:25:49 +00:00
Ben Hutchings
ef736f8440
pipe: limit the per-user amount of pages allocated in pipes (CVE-2013-4312)
2016-02-04 20:34:11 +00:00
Ben Hutchings
3180443250
rt2x00: fix monitor mode regression (regression in 4.2)
2016-02-01 17:16:15 +00:00
Ben Hutchings
1ba618c3d3
Update to 4.4.1
2016-02-01 10:59:35 +00:00
Ben Hutchings
ba1393105a
Update to 4.3.5
...
Drop several patches that are included in it.
Fix/ignore various ABI changes.
2016-02-01 10:27:12 +00:00
Ben Hutchings
20ed8bdbac
x86/mm: Add barriers and document switch_mm()-vs-flush synchronization (CVE-2016-2069)
...
Plus a follow-up fix to the comments.
2016-01-29 03:42:16 +00:00
Aurelien Jarno
237b83662e
[mips*] Backport math emulation fix from 4.5.
2016-01-27 22:33:18 +01:00
Salvatore Bonaccorso
b1fa3fac88
netfilter: nf_nat_redirect: add missing NULL pointer check (CVE-2015-8787)
2016-01-27 19:25:20 +01:00
Ben Hutchings
76c256b5b8
SCSI: fix crashes in sd and sr runtime PM ( Closes : #801925 )
2016-01-27 01:32:15 +00:00
Salvatore Bonaccorso
cdfc3b2f30
tcp: fix zero cwnd in tcp_cwnd_reduction (CVE-2016-2070)
2016-01-26 09:00:04 +01:00
Ben Hutchings
024851fa3a
fuse: break infinite loop in fuse_fill_write_pages()
...
This doesn't have a CVE ID yet.
2016-01-23 22:57:21 +00:00
Ben Hutchings
9b355e6846
Update to 4.3.4
2016-01-23 12:11:55 +00:00
Ben Hutchings
72a63706a0
Re-group fixes in the patch series
2016-01-19 13:50:23 +00:00
Ben Hutchings
7aef5117c3
Release linux (4.3.3-6).
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAVp48e+e/yOyVhhEJAQovuQ//Qqsr1OgRXNSxEZ9x6Szj+4wlhcHwnCB/
hgAU+Lhkic44oGuNy9Hu9gnsiEqgWtDAXF1ZKFa+6iNsHEunommB84qc6a9qrtJ7
TGzKaqyXQmvrQj9j9u5/09nw3Bx+LqZqRtGGN6kBwyTUhP0ndg6xfHtSZXP6JAAf
8AKb5hvef25x9E4ZA9d2VzsgMwgtg9utxlZj/5WGhC4BwbkV96RrZu+hqO1akqsp
bPKmKER0HDGvIqOfJQYTqjLAY4LjTGMLZAfcPeLn7gzT5Io+cujqy1K3JnqxRaWM
5/bauyFnMaTiaN+oeozTtjs2wkdr+4EljGu0+WJAsvK8rQ6/mVJsqEcx8ESwuYx7
lch8NBERfG0mGCEcpn+J5hsye7w9LQHugT1eKdrxx8JA1aiamnfofYE6XGYhURkx
j0p2A5wZnB0T1j52mEwwa7HtNY0mgCfvFy1z45zVeQDyGH/09a/ZDCJf7ildOOLu
cPDjyw3dGAi7HpeM2EkMCzZa342PaNYR//vfBRLb6kgQjMLgVev9jdf/mv2mqsB8
qIDC1AtI1Tl9b3CTRGZ9RIdGZ93UpiiKKSoLpRyowuZYLej0Zk8zSfsbPDhwPq0c
F+JiMqIQDZh/ggC9rzGCDbntqNv9oYk3r2WuLalGZQhP7lPig5J5Dz2i221RGCyu
MjbiTh1PG1I=
=vF8G
-----END PGP SIGNATURE-----
Merge tag 'debian/4.3.3-6'
2016-01-19 13:44:04 +00:00
Ben Hutchings
e9490659aa
KEYS: Fix keyring ref leak in join_session_keyring() (CVE-2016-0728)
2016-01-19 00:41:25 +00:00
Ben Hutchings
e90dec2a0e
bcache: Add upstream fixes marked for stable
...
- fix a livelock when we cause a huge number of cache misses
- Add a cond_resched() call to gc
- clear BCACHE_DEV_UNLINK_DONE flag when attaching a backing device
- fix a leak in bch_cached_dev_run()
- unregister reboot notifier if bcache fails to unregister device
- allows use of register in udev to avoid "device_busy" error.
- prevent crash on changing writeback_running
- Change refill_dirty() to always scan entire disk if necessary
As requested in
https://lists.debian.org/debian-backports/2016/01/msg00067.html
2016-01-17 21:59:33 +00:00
Ben Hutchings
a9736a8ea4
Revert "block/sd: Fix device-imposed transfer length limits"
...
This introduces an ABI change and it's not obvious how to work around that.
2016-01-17 16:40:35 +00:00
Ben Hutchings
18b52b0baa
unix: Fix ABI change for CVE-2013-4312
2016-01-17 16:39:58 +00:00
Salvatore Bonaccorso
f335c0cfcc
unix: properly account for FDs passed over unix sockets (CVE-2013-4312)
2016-01-17 09:27:47 +01:00
Ben Hutchings
10211ef4c3
[x86] drm/vmwgfx: Fix a width / pitch mismatch on framebuffer updates
2016-01-16 04:04:53 +00:00
Ben Hutchings
74cadf39f7
block/sd: Fix device-imposed transfer length limits ( Closes : #805252 )
2016-01-16 03:50:08 +00:00
Ben Hutchings
18e70e2c53
Add some security fixes
2016-01-14 23:39:40 +00:00
Ben Hutchings
d2547e3561
xen/gntdev: Grant maps should not be subject to NUMA balancing ( Closes : #810472 )
2016-01-08 19:32:35 +00:00
Ben Hutchings
0f11ea7f19
Update to 4.4-rc8
2016-01-04 01:57:00 +00:00
Ben Hutchings
4689e6426d
Regroup patches in series
2016-01-02 19:20:40 +00:00
Ben Hutchings
e2abaa403e
Merge tag 'debian/4.3.3-3'
...
Drop the ABI reference and ignored symbols.
Drop most of the patches, as they're already upstream.
2016-01-02 19:18:54 +00:00
Ben Hutchings
e148000b24
ptrace: Fix ABI change for priv-esc fix
2016-01-02 16:27:28 +00:00
Ben Hutchings
eafb4c30fd
Revert "xhci: don't finish a TD if we get a short transfer event mid TD"
...
Closes : #808602 , #808953 , regression in 4.3-rc7
2016-01-02 03:09:56 +00:00
Ben Hutchings
50c5af2358
[armhf] crypto: sun4i-ss - add missing statesize ( Closes : #808625 )
2016-01-01 19:46:24 +00:00
Ben Hutchings
50263628e4
[x86] drm/i915: Don't compare has_drrs strictly in pipe config ( Closes : #808720 )
2016-01-01 19:24:50 +00:00
Ben Hutchings
45e2ecad07
drm/nouveau/pmu: do not assume a PMU is present ( Closes : #809481 )
2016-01-01 18:41:43 +00:00
Salvatore Bonaccorso
abab5c2745
[x86] kvm: Reload pit counters for all channels when restoring state (CVE-2015-7513)
2015-12-31 15:49:59 +01:00
Ben Hutchings
e57c91d886
KEYS: Fix race between read and revoke (CVE-2015-7550)
2015-12-31 02:53:31 +00:00
Ben Hutchings
6642f73533
[armhf] Add support for BCM2836 and Raspberry Pi 2
...
- Patches for BCM283x drivers taken from linux-next
- A few more changes requested for 4.5:
http://thread.gmane.org/gmane.linux.kernel/2115942
- Enable all the drivers
- Add SD and USB controller drivers to udebs
2015-12-30 04:18:26 +00:00
Ben Hutchings
a52be96b10
Regroup patches in series
2015-12-27 14:11:18 +00:00
Ben Hutchings
3fac5cf03c
ptrace: being capable wrt a process requires mapped uids/gids
2015-12-27 06:19:08 +00:00