debian-packaging
/
linux
8
0
Fork 0
Code Releases Activity
12,256 Commits 2 Branches 0 Tags 493 MiB
Commit Graph

7149 Commits

Author SHA1 Message Date
Ben Hutchings 1cf36ebc7c [x86] crypto: Enable CRYPTO_DEV_QAT_C3XXX, CRYPTO_DEV_QAT_C62X, CRYPTO_DEV_QAT_C3XXXVF, CRYPTO_DEV_QAT_C62XVF as modules 2017-05-02 04:53:13 +01:00
Ben Hutchings 52e8d9f36f [rt] tracing: Enable HWLAT_TRACER 
This is in mainline but not that useful without PREEMPT_RT.
HWLAT_DETECTOR no longer exists but I didn't notice because
kconfigeditor2 only looks at the mainline Kconfig files.
 2017-05-02 04:53:13 +01:00
Ben Hutchings a315c25499 [x86] hwtracing: Enable INTEL_TH, INTEL_TH_PCI, INTEL_TH_GTH, INTEL_TH_MSU, INTEL_TH_PTI as modules 2017-05-02 04:53:13 +01:00
Ben Hutchings 0f9f62ce3e [x86] platform: Enable INTEL_HID_EVENT as module 2017-05-02 04:26:32 +01:00
Ben Hutchings cf48795305 [x86] comedi: Enable COMEDI_ADV_PCI1720, COMEDI_ADV_PCI1760 as modules 2017-05-02 04:26:32 +01:00
Ben Hutchings f5c277c282 [amd64] EDAC: Enable EDAC_SKX as module 2017-05-02 04:26:32 +01:00
Ben Hutchings 9728988386 IB: Enable INFINIBAND_HFI1, INFINIBAND_I40IW, INFINIBAND_QEDR, RDMA_RXE as modules 2017-05-02 04:26:32 +01:00
Ben Hutchings fd24af5949 leds: Enable LEDS_TRIGGER_DISK, LEDS_TRIGGER_MTD, LEDS_TRIGGER_PANIC 2017-05-02 04:26:32 +01:00
Ben Hutchings f965312c8e USB/misc: Enable UCSI as module 2017-05-02 04:26:32 +01:00
Ben Hutchings 3f68b53e2c usbip: Enable USBIP_VUDC as module 2017-05-02 04:26:32 +01:00
Ben Hutchings 6dafde3362 leds,USB: Enable USB_LEDS_TRIGGER_USBPORT as module 2017-05-02 04:26:32 +01:00
Ben Hutchings f98a6c1701 HID: Enable HID_SENSOR_CUSTOM_SENSOR as module 2017-05-02 04:26:32 +01:00
Ben Hutchings bb3cdfe4f6 hda: Set SND_HDA_PREALLOC_SIZE=2048 as recommended for PulseAudio 2017-05-02 04:26:32 +01:00
Ben Hutchings 6b9daaf87e [x86] amdgpu,sound/soc: Enable DRM_AMD_ACP; enable SND_SOC_AMD_ACP as module 2017-05-02 04:26:32 +01:00
Ben Hutchings 5ed69967a2 media: Enable VIDEO_TW5864, VIDEO_TW686X as modules 2017-05-02 04:26:32 +01:00
Salvatore Bonaccorso 7ba1afb386 nfsd: stricter decoding of write-like NFSv2/v3 ops (CVE-2017-7895) 2017-04-29 22:02:50 +02:00
Salvatore Bonaccorso 7961205000 nfsd4: minor NFSv2/v3 write decoding cleanup 2017-04-29 21:59:48 +02:00
Salvatore Bonaccorso 0e77dea5fc nfsd: check for oversized NFSv2/v3 arguments (CVE-2017-7645) 2017-04-29 21:52:43 +02:00
Salvatore Bonaccorso 4c666bd4da Update to 4.9.25 2017-04-27 20:19:04 +02:00
John Paul Adrian Glaubitz d2be118d62 [m68k] udeb: Enable suffix for kernel-image (Closes: #859366) 2017-04-27 18:37:09 +01:00
Ben Hutchings f3c3de0f60 integrity: Enable IMA and related kconfig symbols (except on armel/marvell) 
Closes: #788290

Based on advice from Matthew Garrett.
 2017-04-27 18:37:09 +01:00
Salvatore Bonaccorso 6771be1138 macsec: dynamically allocate space for sglist 2017-04-27 07:42:13 +02:00
Salvatore Bonaccorso 7b2acecada macsec: avoid heap overflow in skb_to_sgvec (CVE-2017-7477) 2017-04-27 06:43:38 +02:00
Ben Hutchings e7b761c5fd [arm64] Add bug closure for raising NR_CPUS 2017-04-25 23:40:09 +01:00
Ben Hutchings 4e57833523 watchdog: Enable WATCHDOG_SYSFS 2017-04-25 23:16:40 +01:00
Ben Hutchings a1a96efe46 [x86] thermal: Enable INT3406_THERMAL as module 2017-04-25 23:13:32 +01:00
Ben Hutchings 8ab44aa518 [x86] gpio: Enable GPIO_AMDPT as module 2017-04-25 22:57:34 +01:00
Ben Hutchings fd23df3a24 serial/8250: Enable SERIAL_8250_MOXA as module 2017-04-25 22:50:51 +01:00
Ben Hutchings 25cf1aa652 [x86] input/touchscreen: Enable TOUCHSCREEN_SURFACE3_SPI as module 2017-04-25 22:49:04 +01:00
Ben Hutchings 79226c42bf input: Enable TABLET_USB_PEGASUS as module 2017-04-25 22:48:26 +01:00
Ben Hutchings e4f8eedb77 net/phy: Enable MICROSEMI_PHY as module 2017-04-25 22:42:23 +01:00
Ben Hutchings 9ee3fb1151 ethernet: Enable NFP_NETVF as module 2017-04-25 22:41:37 +01:00
Ben Hutchings 94b8328125 net/sched: Enable NET_ACT_SKBMOD as module 2017-04-25 22:23:51 +01:00
Ben Hutchings 45a93062df 6lowpan: Enable Generic Header Compression modules 2017-04-25 22:22:50 +01:00
Ben Hutchings f6ab826219 PCI: Enable PCIE_PTM (except on armel/marvell) 2017-04-25 22:20:09 +01:00
Salvatore Bonaccorso fe7d4b95a0 Add changelog entry for CVE-2017-8061 
Gbp-Dch: Ignore
 2017-04-23 12:15:25 +02:00
Salvatore Bonaccorso 1beb630d78 Add changelog entry to record CVE-2017-8063 
Gbp-Dch: Ignore
 2017-04-23 12:09:00 +02:00
Salvatore Bonaccorso dff836d7ec Add CVE-2017-8064 reference 
Gbp-Dch: Ignore
 2017-04-23 12:02:37 +02:00
Salvatore Bonaccorso 1ad0a79c0a Add changelog entry for CVE-2017-8067 
Gbp-Dch: Ignore
 2017-04-23 11:46:28 +02:00
Ben Hutchings 7bf90ad750 KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings (CVE-2017-7472) 2017-04-22 02:26:48 +01:00
Ben Hutchings 89402402c8 KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings (CVE-2016-9604) 2017-04-22 02:25:04 +01:00
Ben Hutchings 9c5f88b1f6 Update to 4.9.24 
Drop most of our bug fix patches, which were included in it.

Adjust context in a couple of rt patches that have textual conflicts.
 2017-04-22 00:59:32 +01:00
Aurelien Jarno d518bcf5f3 [mips*el/loongson-3] Disable PAGE_EXTENSION and PAGE_POISONING. 
This workaround a kernel crash, until the real issue is found. It is
currently being investigated.
 2017-04-22 01:16:49 +02:00
Aurelien Jarno f2b1e81469 [mips*/octeon] Drop obsolete patch adding support for the UBNT E200 board. 2017-04-21 11:31:33 +02:00
Ben Hutchings 8701ef58ba Replace "[media] dvb-usb: Don't use stack for reset either" with upstream fix 2017-04-18 01:16:50 +01:00
Ben Hutchings 3f62574711 crypto: ahash - Fix EINPROGRESS notification callback (CVE-2017-7618) 2017-04-16 23:25:12 +01:00
Ben Hutchings 4d042ae0ff [rt] Update to 4.9.20-rt16 2017-04-16 21:52:57 +01:00
Ben Hutchings 31945f628c Update to 4.9.22 
Drop patches applied upstream.
 2017-04-16 21:47:05 +01:00
Ben Hutchings 326a2052e2 linux-image: Disable signing until it's supported in dak 
Only code signing through dak is going to be acceptable for a stable
release, so disable the current arrangement.
 2017-04-16 18:53:52 +01:00
Ben Hutchings b4b1be4c52 Move debug symbols back to the main archive 
dak currently allows a binary upload to include debug symbol packages
that don't appear in the overrides file or the Binary field of the
changes file, so long as they have the appropriate
'Auto-Built-Package' field and their name matches another binary
package in the upload plus the '-dbgsym' suffix.

For architectures with code signing enabled, our binary uploads never
match this condition as the corresponding binary package has the
'-unsigned' suffix and the debug symbols package does not.  Since we
do list the debug symbol packages in the Binary field, they do get
added to the overrides file when accepted through the NEW queue, but
they are automatically pruned from there some time later.  Later
uploads then have to go through NEW even though they are not
introducing new binary packages.  This would be a big problem for
stable security updates.

For now, move debug symbols back to the main archive with the old
'-dbg' suffix.  Keep them enabled for all architectures.
 2017-04-16 18:53:35 +01:00