Salvatore Bonaccorso
62bab38998
Add CVE-2017-6345 identifier
2017-02-27 06:38:46 +01:00
Ben Hutchings
49c2b92937
time: Disable TIMER_STATS (CVE-2017-5967)
...
The upstream "fix" for this is to remove the feature, as it is
redundant with tracing. I'd be quite happy to do that, but it
introduces several conflicts with the PREEMPT_RT patch series.
Unless and until those are resolved in 4.9-stable and 4.9-rt, disable
it in our kconfig and add a dependency on BROKEN to ensure it's
disabled in custom kernels too.
2017-02-26 21:05:05 +00:00
Ben Hutchings
f32a03523e
ipc/shm: Fix shmat mmap nil-page protection (CVE-2017-5669)
2017-02-26 20:51:00 +00:00
Ben Hutchings
003300166a
[x86] kvm: fix page struct leak in handle_vmon (CVE-2017-2596)
2017-02-26 20:29:29 +00:00
Ben Hutchings
93819d25f0
Update to 4.9.13
2017-02-26 20:10:47 +00:00
Ben Hutchings
5d326c4855
udeb: Add more USB host and dual-role drivers to usb-modules ( Closes : #856111 )
...
This mostly affects armhf, but it should be safe to list all the
directories in the common usb-modules. The module list should now
match initramfs-tools.
Remove the redundant list of specific modules for armhf-armmp.
2017-02-25 21:40:03 +00:00
Ben Hutchings
a5fbe7bcef
Update to 4.9.12
2017-02-25 21:36:31 +00:00
Salvatore Bonaccorso
fe42826053
Wrap two long changelog entries
2017-02-23 19:18:07 +01:00
Salvatore Bonaccorso
4746877ba5
Add CVE id for CVE-2017-6214
2017-02-23 19:17:24 +01:00
Salvatore Bonaccorso
e88bad2d33
Add CVE-2017-5897 CVE id to changelog entry
2017-02-20 15:10:28 +01:00
Salvatore Bonaccorso
8db6ed9e89
dccp: fix freeing skb too early for IPV6_RECVPKTINFO (CVE-2017-6074)
2017-02-19 10:46:20 +01:00
Ben Hutchings
4fe7cfed42
Update to 4.9.11
...
Ignore/avoid a few ABI changes in net.
2017-02-18 21:54:07 +00:00
Ben Hutchings
7b50304bda
Update to 4.9.11
2017-02-18 20:53:41 +00:00
Ben Hutchings
5e5afa386a
[armhf] Enable DRM_OMAP_PANEL_TPO_TD028TTEC1, PWM_OMAP_DMTIMER as modules ( Closes : #855472 )
2017-02-18 20:29:32 +00:00
Ben Hutchings
5d590456c4
[armel] dts: kirkwood: Fix SATA pinmux-ing for TS419 ( Closes : #855017 )
2017-02-18 00:38:36 +00:00
Ben Hutchings
ad25780220
Prepare to release linux (4.9.10-1).
2017-02-17 13:18:17 +00:00
Ben Hutchings
92d269eac2
media: dvb-usb-dibusb-mc-common: Add MODULE_LICENSE ( Closes : #853110 )
2017-02-17 02:56:32 +00:00
Ben Hutchings
4e1df53c24
[x86] xen: Fix APIC id mismatch warning on Intel ( Closes : #853193 )
2017-02-17 02:42:17 +00:00
Ben Hutchings
31532f0851
[x86] platform: acer-wmi: setup accelerometer when machine has appropriate notify event ( Closes : #853067 )
2017-02-17 02:37:50 +00:00
Ben Hutchings
fdd44fecba
udeb: Add bcache to md-modules ( Closes : #718548 )
2017-02-17 02:26:47 +00:00
Ben Hutchings
d7a4c15c51
[m68k] Change MAC8390, MAC_SCSI from built-in to modules ( Closes : #826614 )
...
udeb: Add mac8390 to nic-shared-modules
2017-02-17 02:21:21 +00:00
Ben Hutchings
df90250caf
[armel/marvell] hwmon: Enable SENSORS_G762 as module ( Closes : #854662 )
2017-02-17 02:14:35 +00:00
Ben Hutchings
daef7b18db
[arm64] drm: Enable DRM_AST as module ( Closes : #820168 )
...
udeb: Add ast to fb-modules
2017-02-17 02:05:03 +00:00
Ben Hutchings
c69737eaf8
Note that 4.9.9 closes #853073 , #855055
2017-02-17 01:58:58 +00:00
Ben Hutchings
e035177b13
net: ipv6: check route protocol when deleting routes ( Closes : #855153 )
2017-02-17 00:58:21 +00:00
Ben Hutchings
8cf3230524
dccp: Disable auto-loading as mitigation against local exploits
2017-02-16 19:11:26 +00:00
Ben Hutchings
10f2dad569
Update to 4.9.10
2017-02-16 19:06:43 +00:00
Salvatore Bonaccorso
452d9f1e7d
Add CVE-2017-6001 CVE id to changelog for 4.9.9-1
2017-02-16 05:14:56 +01:00
Salvatore Bonaccorso
58fbff3df5
sctp: avoid BUG_ON on sctp_wait_for_sndbuf (CVE-2017-5986)
2017-02-15 11:54:59 +01:00
Salvatore Bonaccorso
9e381d5c13
ipv4: keep skb->dst around in presence of IP options (CVE-2017-5970)
2017-02-15 11:50:22 +01:00
Salvatore Bonaccorso
4e5e705c5f
selinux: fix off-by-one in setprocattr (CVE-2017-2618)
2017-02-15 11:44:55 +01:00
Salvatore Bonaccorso
4a1042f1a0
IB/rxe: Fix mem_check_range integer overflow (CVE-2016-8636)
2017-02-15 11:41:25 +01:00
Salvatore Bonaccorso
848ab3cd4d
CVE-2016-10208 pending for 4.9.9-1
2017-02-14 20:48:26 +01:00
Ben Hutchings
82f952c50f
[rt] Update to 4.9.9-rt6
2017-02-11 14:49:54 +00:00
Ben Hutchings
9ee6dbd395
Update to 4.9.9
...
Drop revert-patch which is superseded by upstream fix in 4.9.9.
Delete log line for commit that went into 4.9.7 and has now been
reverted.
2017-02-10 00:04:25 +00:00
Roger Shimizu
4b402f4b97
[armel] ARM: orion5x: fix Makefile for linkstation-lschl.dtb
...
Note the patch in changelog and add Origin to the patch
2017-02-09 23:18:25 +09:00
Ben Hutchings
fc4d14f63f
test-patches: Set default number of jobs to number of available processors
...
With the current default of 1, most users are going to be kept waiting
unncessarily.
2017-02-08 02:05:30 +00:00
Ben Hutchings
bd4315df9c
test-patches: Use the pkg.linux.notools build profile
...
test-patches never builds tools, and this greatly reduces the
build-dependencies.
2017-02-07 23:47:20 +00:00
Ben Hutchings
fb27baab98
pegasus: Use heap buffers for all register access ( Closes : #852556 )
2017-02-07 01:44:24 +00:00
Ben Hutchings
abd788f1da
cpumask: use nr_cpumask_bits for parsing functions ( Closes : #848682 )
2017-02-07 01:40:13 +00:00
Ben Hutchings
a6f6ce057f
[rt] Update to 4.9.6-rt4
2017-02-07 00:55:55 +00:00
Ben Hutchings
bfd586db54
aufs: Update support patchset to aufs4.9-20170206
2017-02-07 00:48:26 +00:00
Ben Hutchings
6dfab36dd8
Update to 4.9.8
2017-02-06 15:59:29 +00:00
Ben Hutchings
7eec246dc0
Update to 4.9.7
...
Drop patches applied upstream.
2017-02-03 13:51:44 +00:00
Riku Voipio
701bf4b244
Revert efistub changes, Closes : #853170
...
[benh: Update changelog]
2017-02-03 03:51:48 +00:00
Ben Hutchings
aca7f25415
[ppc64el] Disable IBMEBUS; this bus does not exist on POWER8 systems
...
In 4.10 its dependencies are changed accordingly. We might as well
disable it here as well.
Also explicitly disable EHEA, which depends on IBMEBUS, and exclude
ehea from nic-modules.
2017-02-02 00:53:44 +00:00
Roger Shimizu
28002f99bf
[armel] ARM: dts: orion5x-linkstation-lschl
...
- Fix model name
- More consistent naming on linkstation series
2017-01-31 02:11:17 +09:00
Ben Hutchings
855efa4b7b
Merge remote-tracking branch 'alioth/sid' into sid
...
Bump the changelog version (again) for the unreleased changes.
2017-01-28 22:48:16 +00:00
Ben Hutchings
e09f27e767
btree,musb,st_sensors: Ignore ABI changes (fixes FTBFS on armel,armhf)
2017-01-28 16:11:50 +00:00
Ben Hutchings
21820614f6
Merge remote-tracking branch 'alioth/sid' into sid
...
Bump the changelog version for the unreleased changes.
2017-01-27 23:58:22 +00:00
Ben Hutchings
ceaee3f154
linux-cpupower: Use dh-exec architecture filtering for x86-specific files
...
Listing usr/sbin in linux-cpupower.install caused FTBFS on !x86 as
cpupower itself doesn't install anything there. Do the architecture
filtering in the debhelper lists instead of complicating
debian/rules.real further.
2017-01-27 22:10:56 +00:00
Riku Voipio
bb91742cb9
[arm64,armhf,x86] usb: gadget: Enable configfs and mot useful legacy functions
...
If CONFIG_USB_GADGET is selected, enable all configfs functions as
modules and most popular legacy modules (ethernet and serial).
g_nokia left as armhf specific (Nokia N900 tradition)
[benh: Changed subject line]
2017-01-27 21:10:08 +00:00
Ben Hutchings
079c50f68a
[arm64] Enable KEXEC ( Closes : #852747 )
2017-01-27 18:21:33 +00:00
Ben Hutchings
840d5e6afd
[or1k] Remove configuration, as the port has been abandoned
2017-01-27 18:20:49 +00:00
Ben Hutchings
79253df3bb
Bump ABI to 2
2017-01-27 18:14:37 +00:00
Ben Hutchings
8c4510fb2e
Prepare to release linux (4.9.6-1).
2017-01-27 07:44:54 +00:00
Ben Hutchings
d24fc81c52
Move CVE-2016-10153 note next to the correct upstream commit subject
2017-01-27 07:43:54 +00:00
Ben Hutchings
eb850b980b
[arm64] Enable ARCH_THUNDER and many additional drivers requested by Riku Voipio
2017-01-27 06:16:36 +00:00
Ben Hutchings
73363a0bd3
bq27xxx_battery: Ignore ABI change
2017-01-27 06:16:19 +00:00
Ben Hutchings
6f6fc512f3
[arm64] ptrace: Avoid ABI change in 4.9.6
2017-01-27 06:16:18 +00:00
Ben Hutchings
e345ccbabe
[armhf,arm64] Add security fixes for vc4 driver
2017-01-26 21:27:04 +00:00
Ben Hutchings
810b36a1d3
fbdev: color map copying bounds checking (CVE-2016-8405)
2017-01-26 21:15:56 +00:00
Ben Hutchings
222ff09d3e
Note that 4.9.6 includes the fix for CVE-2016-10153
2017-01-26 21:09:34 +00:00
Ben Hutchings
b2ae9cd710
libceph: Ignore ABI change in 4.9.6
2017-01-26 21:05:36 +00:00
Ben Hutchings
a873a1d79d
Update to 4.9.6
...
Drop patches which are included in it.
2017-01-26 19:24:36 +00:00
Ben Hutchings
b5cdf98158
[rt] genpatch.py: Verify tag and tarball signatures
2017-01-25 04:30:46 +00:00
Ben Hutchings
6dea280bae
fs: Disable LOGFS, as it is unmaintained and will be removed in 4.10
2017-01-24 20:49:30 +00:00
Ben Hutchings
5707fdcfe2
Wrap over-long lines in the current changelog entry
2017-01-24 14:27:37 +00:00
Roger Shimizu
7a613e23af
nbd: fix 64-bit division
2017-01-24 21:35:14 +09:00
Ben Hutchings
3ed01076a0
[arm64,armhf] video/fbdev: Enable FB_EFI ( Closes : #851778 )
2017-01-24 05:22:41 +00:00
Ben Hutchings
b30786ada7
[arm64] video: Change FB from module to built-in
...
Currently we don't explicitly set CONFIG_FB for arm64, and the only
reason it's enabled as a module is that the DRM drivers (which are
built as modules) select it. We *do* explicitly set CONFIG_FB=y on
almost all other architectures and flavours.
Simplify this by setting CONFIG_FB=y at the top level and overriding
where needed (not arm64).
2017-01-24 05:22:28 +00:00
Ben Hutchings
a90b078bc7
[x86] sound/soc/intel: Enable SND_SOC_INTEL_BDW_RT5677_MACH as module
...
Closes : #851916
2017-01-24 04:43:45 +00:00
Ben Hutchings
a2704d736e
[x86] ASoC: Intel: select DW_DMAC_CORE since it's mandatory
...
This also allows enabling SND_SOC_INTEL_BDW_RT5677_MACH without
DW_DMAC_CORE built-in.
2017-01-24 04:43:02 +00:00
Ben Hutchings
cf9d2d33be
[arm64] dts: meson-gx: Add firmware reserved memory zones
...
An important bug fix for this newly enabled hardware, requested in #852132 .
2017-01-24 04:42:22 +00:00
Ben Hutchings
f1d6a10e4d
[arm64] Enable ARCH_MESON and related drivers ( Closes : #852132 )
2017-01-24 04:04:56 +00:00
Ben Hutchings
1b1a09ae42
[x86] linux-cpupower: Add turbostat and x86_energy_perf_policy commands
...
Closes : #778249
2017-01-24 03:55:26 +00:00
Ben Hutchings
faed0c04c6
linux-image: Increase minimum version of initramfs-tools
...
This pulls in various fixes wanted for newer kernel versions:
- more HID drivers will be included if MODULES=most
- early microcode is supported
- ehci-orion, ohci-pci will be included if MODULES=most
- virtio-mmio will be included as appropriate
- crc32c will be included if needed for btrfs
- PHY, clk, gpio, pinctrl and regulator drivers will be included as
appropriate
- the nvme module will be included if MODULES=most
It is also satisfiable in stable.
2017-01-24 03:12:59 +00:00
Salvatore Bonaccorso
3c00650618
ieee802154: atusb: do not use the stack for buffers to make them DMA able (CVE-2017-5548)
2017-01-23 20:59:51 +01:00
Salvatore Bonaccorso
c74f7d65fe
HID: corsair: fix DMA buffers on stack (CVE-2017-5547)
2017-01-23 20:57:07 +01:00
Ben Hutchings
ef0901f1ca
Fix/ignore ABI changes in 4.9.3-4.9.5 as appropriate
2017-01-23 15:37:01 +00:00
Roger Shimizu
8e8857bdc8
debian/changelog: Add bug closure of #851928
2017-01-22 10:52:41 +09:00
Salvatore Bonaccorso
4686b122fc
Update to 4.9.5
2017-01-21 15:52:44 +01:00
Roger Shimizu
e888ec46f1
[mips/octeon] hwmon: Enable SENSORS_ADM1031 as module
...
Thanks to James Cowgill.
Closes : #851963
2017-01-21 19:36:13 +09:00
Roger Shimizu
6e04c10615
drivers/input: Enable TOUCHSCREEN_GOODIX as module
...
Closes : #851821
2017-01-21 16:56:44 +09:00
Roger Shimizu
40c7208b1e
Merge branch 'master' (only 1 commit)
2017-01-21 16:55:42 +09:00
Salvatore Bonaccorso
8a1cf72b51
Add CVE reference for CVE-2017-5551
2017-01-21 08:18:06 +01:00
Salvatore Bonaccorso
f18792b8fa
[x86] KVM: fix emulation of "MOV SS, null selector" (CVE-2017-2583)
2017-01-19 13:13:14 +01:00
Salvatore Bonaccorso
5745d97d88
[x86] KVM: Introduce segmented_write_std (CVE-2017-2584)
2017-01-19 13:09:22 +01:00
Roger Shimizu
6f47d53476
[armel] Add DT support of Buffalo Linkstation Live v3 (LS-CHL)
2017-01-19 01:12:36 +09:00
Ben Hutchings
c6b1f1b2b1
ath9k: fix NULL pointer dereference ( Closes : #851621 )
2017-01-17 03:51:38 +00:00
Salvatore Bonaccorso
d264d7d524
tmpfs: clear S_ISGID when setting posix ACLs
2017-01-16 09:31:01 +01:00
Salvatore Bonaccorso
a126d0bd27
sysctl: Drop reference added by grab_header in proc_sys_readdir (CVE-2016-9191)
2017-01-16 09:26:36 +01:00
Ben Hutchings
a7f877c1f1
nbd: use loff_t for blocksize and nbd_set_size args ( Closes : #851533 )
2017-01-16 02:36:18 +00:00
Salvatore Bonaccorso
e7895080f2
Update to 4.9.4
2017-01-15 19:45:16 +01:00
Ben Hutchings
cfe4a19c0d
[armel,armhf,s390x,x86] linux-headers: Fix regression of multilib compiler support
...
Closes : #851481
I missed the linux-headers dependency overrides when updating to gcc-6.
2017-01-15 17:23:59 +00:00
Salvatore Bonaccorso
9f6f469d8d
Update to 4.9.3
2017-01-15 16:52:40 +01:00
Ben Hutchings
2811d70e3f
Prepare to release linux (4.9.2-2).
2017-01-12 15:52:37 +00:00
Ben Hutchings
97dc926bb7
Revert "Remove debug symbol packages from debian/control to work around dak bug"
...
This reverts commit 99d37f9b16
, which
caused most binary uploads to be rejected. dak's allows upload of
debug symbol packages not listed in the Binary field only if there is
a corresponding binary package without the -dbgsym suffix, which is
not the case on architectures where we use a -unsigned suffix.
2017-01-12 15:44:11 +00:00
Ben Hutchings
39fa6fb0e9
[sparc64] Export memcpy and memset to modules again (fixes FTBFS)
2017-01-12 02:09:42 +00:00
Ben Hutchings
5b0131c972
Prepare to release linux (4.9.2-1).
2017-01-11 04:42:36 +00:00