Salvatore Bonaccorso
789f116fbc
mm: Fix mremap not considering huge pmd devmap (CVE-2020-10757)
2020-06-05 12:34:34 +02:00
Salvatore Bonaccorso
50bf5b3b3d
kernel/relay.c: handle alloc_percpu returning NULL in relay_open (CVE-2019-19462)
2020-06-05 12:30:40 +02:00
Salvatore Bonaccorso
7fc7c96d6e
fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() (CVE-2020-10732)
2020-06-03 07:42:07 +02:00
Salvatore Bonaccorso
2222852cc1
netlabel: cope with NULL catmap (CVE-2020-10711)
2020-06-02 20:27:49 +02:00
Salvatore Bonaccorso
888eb1f799
USB: gadget: fix illegal array access in binding with UDC (CVE-2020-13143)
2020-05-29 21:35:13 +02:00
Salvatore Bonaccorso
aefd886eef
scsi: sg: add sg_remove_request in sg_write (CVE-2020-12770)
2020-05-29 21:23:18 +02:00
Salvatore Bonaccorso
92ed2f689a
[x86] KVM: SVM: Fix potential memory leak in svm_cpu_init() (CVE-2020-12768)
2020-05-29 14:03:17 +02:00
Salvatore Bonaccorso
2fe68e87e7
USB: core: Fix free-while-in-use bug in the USB S-Glibrary (CVE-2020-12464)
2020-05-29 13:49:18 +02:00
Salvatore Bonaccorso
34284455a6
fs/namespace.c: fix mountpoint reference counter race (CVE-2020-12114)
2020-05-28 23:34:11 +02:00
Salvatore Bonaccorso
b3b40efebd
selinux: properly handle multiple messages in selinux_netlink_send() (CVE-2020-10751)
2020-05-28 23:02:50 +02:00
Salvatore Bonaccorso
a4fb2a7b76
include/uapi/linux/swab.h: fix userspace breakage, use __BITS_PER_LONG for swap
...
Closes : #960271
2020-05-13 17:45:56 +02:00
Ben Hutchings
195b1745c4
Avoid an ABI change for SRBDS
...
Adding the x86_cpu_id::steppings field is an ABI change. It doesn't
seem worth the trouble of another ABI bump just to be able to report
some potential future CPU steppings as invulnerable. Until we have
other change that require an ABI bump, we'll match the affected models
regardless of stepping.
Keep the reverted patch in the queue so that the reverting patch will
continue to be applied when we rebase onto a new stable update.
2020-05-05 02:21:33 +01:00
Ben Hutchings
0f2a83859c
[x86] Add support for mitigation of SRBDS (CVE-2020-0543)
...
Apply the current version of the backport to 4.19.
2020-05-05 02:07:33 +01:00
Salvatore Bonaccorso
c977ce99a1
Release linux (4.19.98-1+deb10u1).
...
-----BEGIN PGP SIGNATURE-----
iQKmBAABCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl6maCdfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EBtYP/1W8Y1dU9kCrJyK3Nz+HFwEKoe/ha1+t
vcjf4E1TOSUh30eaKaD6GVBp7iCK/tGDBxyfUerDltmilVRDt7f9mE/4CFt3e26y
S4DtsI5paoL1O/1uqbpG+53E5TPDw7CCJNkZ22/vjK++YzToaOjJIsTtZnHNNYwd
nMYtGqhn95NiZ//nNsV4wgSF9vXIgWuWvAEY80KdmfBYUVicUz8HyZB9Q5ErH1e7
/Fi9n7U/0F+PgcZSyLhS9vwlMY36HuuemYYMBzN48J2xL/73ttwoe0MU4Aieu1yX
iVMsrVc/X5JWjHiSpsrExCYvHrRXG9v4kWMOs+piD1yFi7oxD/fNy+043jJqmyOV
hu+3RX6BkNrw1jhLzDRYbOTz8Z09BXrUnXhyWLD5Z1ZgM1K5tQV0vCsiZBqyBHTK
owSVaOSDxHWTa9zSmIDTMPN6ljaQML2G1lF6F+AUKg4hqqjydlikgpJGSmjfs3Pd
YN2I9rfCpSuovYIUQXl38g4yLZC5onhEzLqFBBfxHJClND/nf27HARs6c0f72RlU
6aHrPgZpj2JPE/r1PoUej4lyhIbFzdJIOf2b26ZUvQC+sMUsxE0SonpFQqjDZggJ
cAqM5p80gbR8zGtBStwGGo0QljHdHbrzbnYfNQC/uGph0uYTvL+6BscUzO+RnYmx
9hKy2cqOWLez
=akKy
-----END PGP SIGNATURE-----
Merge tag 'debian/4.19.98-1+deb10u1' into buster
Release linux (4.19.98-1+deb10u1).
2020-04-28 23:07:38 +02:00
Salvatore Bonaccorso
a8fc50657f
[s390x] mm: fix page table upgrade vs 2ndary address mode accesses (CVE-2020-11884)
2020-04-26 21:03:38 +02:00
Salvatore Bonaccorso
3e765ace82
mm: mempolicy: require at least one nodeid for MPOL_PREFERRED (CVE-2020-11565)
2020-04-26 20:58:02 +02:00
Salvatore Bonaccorso
2c376b16e6
vhost: Check docket sk_family instead of call getname (CVE-2020-10942)
2020-04-26 20:53:46 +02:00
Salvatore Bonaccorso
241912ed84
vfs: fix do_last() regression
2020-04-26 20:53:45 +02:00
Salvatore Bonaccorso
d3e1b6996d
do_last(): fetch directory ->i_mode and ->i_uid before it's too late (CVE-2020-8428)
2020-04-26 20:53:45 +02:00
Salvatore Bonaccorso
a688ee48fb
KVM: nVMX: Don't emulate instructions in guest mode (CVE-2020-2732)
2020-04-26 20:53:45 +02:00
Salvatore Bonaccorso
65ba05e78d
blktrace: fix dereference after null check
2020-04-26 11:28:32 +02:00
Salvatore Bonaccorso
a5acdf855d
blktrace: Protect q->blk_trace with RCU (CVE-2019-19768)
2020-04-26 11:25:38 +02:00
Salvatore Bonaccorso
6fe845e460
net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup (CVE-2020-1749)
2020-04-26 11:20:05 +02:00
Salvatore Bonaccorso
79c0009334
net: ipv6: add net argument to ip6_dst_lookup_flow
2020-04-26 11:14:36 +02:00
Salvatore Bonaccorso
cfa7bd0b02
f2fs: fix to avoid memory leakage in f2fs_listxattr (CVE-2020-0067)
2020-04-26 11:06:23 +02:00
Salvatore Bonaccorso
5a1d3e0c9e
Update to 4.19.112
...
Drop "wimax: i2400: fix memory leak"
Drop "wimax: i2400: Fix memory leak in i2400m_op_rfkill_sw_toggle"
Cleanup debian/changelog file
2020-04-09 21:46:10 +02:00
Salvatore Bonaccorso
c9a94477f2
Drop "tools/lib/api/fs/fs.c: Fix misuse of strncpy()"
2020-03-21 09:18:29 +01:00
Salvatore Bonaccorso
ffc4ceb049
Update to 4.19.102
...
Drop "vfs: fix do_last() regression"
Cleanup debian/changelog file
2020-03-21 09:18:28 +01:00
Salvatore Bonaccorso
f003f0dba9
Update to 4.19.101
...
Cleanup debian/changelog file
Drop "random: try to actively add entropy rather than passively wait for it"
2020-03-21 09:18:28 +01:00
Salvatore Bonaccorso
c2975cd055
Update to 4.19.100
...
Add CVE id reference for CVE-2020-8428
Drop "libertas: Fix two buffer overflows at parsing bss descriptor"
Drop "do_last(): fetch directory ->i_mode and ->i_uid before it's too late"
Cleanup debian/changelog file
2020-03-21 09:18:28 +01:00
Salvatore Bonaccorso
6465b7bcb4
Update to 4.19.99
...
Add CVE id reference for CVE-2019-19046
Drop "powerpc: vdso: Make vdso32 installation conditional in vdso_install"
Drop "net: ena: fix: Free napi resources when ena_up() fails"
Drop "net: ena: fix incorrect test of supported hash function"
Drop "net: ena: fix ena_com_fill_hash_function() implementation"
Drop "net: ena: fix swapped parameters when calling"
Cleanup debian/changelog file
2020-03-21 09:18:28 +01:00
Ben Hutchings
c0f84a03f2
[x86] Drop "Add a SysRq option to lift kernel lockdown" ( Closes : #947021 )
...
- This patch allowed remotely disabling lockdown using usbip
- Lockdown can be disabled by running "mokutil --disable-validation",
rebooting, and confirming the change when prompted
2020-03-21 09:00:35 +01:00
Salvatore Bonaccorso
0e1bc339a1
vfs: fix do_last() regression
2020-02-01 21:15:56 +01:00
Salvatore Bonaccorso
ff2a1c5362
do_last(): fetch directory ->i_mode and ->i_uid before it's too late (CVE-2020-8428)
2020-01-29 06:57:18 +01:00
Noah Meyerhans
428bd19863
random: try to actively add entropy rather than passively wait for it
...
Cherry pick 50ee7529ec45 from mainline. This addresses a lack of early entropy
in certain environments.
Closes : #948519
2020-01-20 12:44:37 -08:00
Ben Hutchings
56dd5fa07e
Add various security fixes not yet in 4.19-stable
...
All of these are already fixed in jessie, and upgrades shouldn't
regress.
2020-01-20 18:26:58 +00:00
Ben Hutchings
02a0b3eb56
Update to 4.19.91
...
* Drop/refresh patches as appropriate
* Several ABI changes still need to be resolved
2019-12-28 01:36:27 +00:00
Salvatore Bonaccorso
60468edbdf
Drop 0028-RDMA-hns-Bugfix-for-the-scene-without-receiver-queue.patch
2019-12-17 16:56:40 +01:00
Salvatore Bonaccorso
9d10b57769
Drop 0027-RDMA-hns-Fix-the-bug-with-updating-rq-head-pointer-w.patch
2019-12-17 16:56:40 +01:00
Salvatore Bonaccorso
f73fafb39e
Revert "arm64: preempt: Fix big-endian when checking preempt count in assembly"
2019-12-17 16:56:40 +01:00
Aurelien Jarno
1a33bc2ef8
Update to 4.19.87
...
Drop "net: ena: Fix Kconfig dependency on X86" applied upstream
Drop "scsi: hisi_sas: Feed back linkrate(max/min) when re-attached" applied upstream
Drop "scsi: hisi_sas: Fix the race between IO completion and timeout for SMP/internal IO" applied upstream
Drop "scsi: hisi_sas: Free slot later in slot_complete_vx_hw()" applied upstream
Drop "scsi: hisi_sas: Fix NULL pointer dereference" applied upstream
[rt] Refresh 0057-printk-Add-a-printk-kill-switch.patch (context changes in 4.19.87)
[rt] Refresh 0207-printk-Make-rt-aware.patch (context changes in 4.19.87)
Cleanup debian/changelog file
2019-12-01 17:19:47 +01:00
Aurelien Jarno
5ba5b367b7
Update to 4.19.85
...
Drop introduce is_pae_paging applied upstream
Cleanup debian/changelog file
2019-12-01 13:29:09 +01:00
Salvatore Bonaccorso
ea17f6edde
Update to 4.19.84
...
Drop TAA patches applied upstream
Drop ITLB_MULTIHIT patches applied upstream
Drop Intel i915 CVE fixes applied upstream
Add CVE id reference for CVE-2019-18813
Add CVE id reference for CVE-2019-19045
Add CVE id reference for CVE-2019-19052
Cleanup debian/changelog file
2019-12-01 10:54:59 +01:00
Salvatore Bonaccorso
a84ef0f6e4
[x86] KVM: x86: introduce is_pae_paging (Regression in 4.19.77)
...
Fixes a regression in 4.19.81 while including backport of 16cfacc80857
("KVM: x86: Manually calculate reserved bits when loading PDPTRS") but
not bf03d4f93347 ("KVM: x86: introduce is_pae_paging").
2019-11-25 17:52:40 +01:00
Ben Hutchings
8c4ce65f70
Drop "MIPS: tlbex: Fix build_restore_pagemask KScratch restore"
...
This was included in 4.19.81.
2019-11-25 01:09:29 +00:00
Ben Hutchings
beb8c412e8
Merge branch 'buster-4.19.81' into 'buster'
...
Buster 4.19.81
See merge request kernel-team/linux!183
2019-11-25 01:06:06 +00:00
Noah Meyerhans
43eae8169a
Remove obsolete patch
...
debian/abi/powerpc-avoid-abi-change-for-disabling-tm.patch let us postpone an
ABI bump. But with the 4.19.81 upstream release, we can no longer avoid it.
2019-11-24 23:50:30 +00:00
Ben Hutchings
fc769a9bb3
Merge branch 'bpoirier-guest/linux-buster' into buster
...
tools/perf: Add python3 support to scripts
See merge request kernel-team/linux!184
2019-11-24 19:25:28 +00:00
Aurelien Jarno
9397b7ea0e
[mips*] tlbex: Fix build_restore_pagemask KScratch restore.
2019-11-23 22:23:57 +01:00
Noah Meyerhans
62e5e3199d
Remove obsolete patches
2019-11-20 16:24:37 -08:00
Benjamin Poirier
016066336b
tools/perf: Add python3 support to scripts
2019-11-20 15:04:24 +09:00
Salvatore Bonaccorso
3e9a6acd20
ipv4: Return -ENETUNREACH if we can't create route but saddr is valid
...
Closes : #945023
2019-11-19 08:00:10 +01:00
Salvatore Bonaccorso
014f165375
Release linux (4.19.67-2+deb10u2).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAl3JkpgACgkQ57/I7JWG
EQkwVhAAwN5/oNLjJcrhJjGvLW36QIcli05GoNH1hqLNlppwFwzxFYms5f4Y0uAn
lu5wWo59jL2xqnZ0azNg7ukujVUyLuVEsBuShCBmkSWtt+3mXjKJay1lnwtEei1R
w2WnXIsAFdSocpnCq7BfQi0sGgUetPJANkkXe019x8H7DmzugisnArp4hX7e7eU5
JaRuugKTquYjPNN1mQaNS3/C6ODWRBZlTjafznZ3lTme9ku195oUAJWvyU6/AMDB
+QB9lnaWVNsWkKt3Hx0yquY6sFHYhDhxxKXdULWDwjTW4r1Ye5DKJT433gbKjhTZ
sILbbXMs2eEv9KM+NvMB96s32z+dc59q1KM3IeAKqQljsqngquqvBQtFRqJYtUCA
k4HY0wO/2EapWnYnO0z7XekjolZlK7Nj6aldysZ8f6V1q13apPraYKscQyMLTAfy
CXaUP3bsaxKZvEtlz4+x9OHIqKVrIzI8mLujcpgildz8E3bToXZCgK+CzIAFCdy+
vY1wUoP5S/DCdgvAIzyT9g2VoFae3DNRNv2DSC53FMHaD1PRwE2wf4XgXSAc4hC+
s3orsvA8PpHj7BpAa3D3JnrZbP/kAn+rFCqUha/6cs5npOUwpSs1SNdil60K130q
dS9KcnWY2Do7fp6xc0T4WCRcR6osDJp3WzTmuHpHivfuP26VwXY=
=aKic
-----END PGP SIGNATURE-----
Merge tag 'debian/4.19.67-2+deb10u2' into buster
Release linux (4.19.67-2+deb10u2).
2019-11-19 07:42:38 +01:00
Ben Hutchings
9a2df80e9d
Drop "x86/cpu: Add Tremont to the cpu vulnerability whitelist"
...
We don't have this CPU ID, and I don't see the point in adding it
right now.
2019-11-11 00:29:38 +00:00
Ben Hutchings
6d8b0092bb
[x86] drm/i915/cmdparser: Fix jump whitelist clearing
...
Fix a flaw I found in the mitigation for CVE-2019-0155.
2019-11-10 22:41:41 +00:00
Ben Hutchings
feec1caa94
[x86] i915: Add mitigations for two hardware security flaws
2019-11-10 02:53:32 +00:00
Ben Hutchings
c2443a2e97
[x86] Update TAA and NX fixes to pending stable backports
2019-11-09 20:17:15 +00:00
Salvatore Bonaccorso
be004c1b69
x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs
2019-11-08 00:14:38 +01:00
Ben Hutchings
37baed7166
[x86] Update TAA (Borislav v2) and NX (v9) fixes
...
The upstream commits for these are now finalised, so we shouldn't need
to replace patches after this (but might need to add more).
2019-11-07 18:10:48 +00:00
Salvatore Bonaccorso
cd92ab49c4
KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is active
2019-11-07 17:32:14 +01:00
Noah Meyerhans
87c48ee54f
drivers/net/ethernet/amazon: Backport ENA driver from Linux 5.4
2019-10-29 09:47:59 -07:00
Ben Hutchings
537ad2315a
[x86] Update TAA patch set to v7
2019-10-24 22:52:37 +01:00
Ben Hutchings
b2cc5e7f74
[x86] Update NX patch set to v7
2019-10-24 22:48:50 +01:00
Ben Hutchings
96c0e74c50
[x86] Add mitigation for TSX Asynchronous Abort (CVE-2019-11135)
...
This is a backport of v6 of the TAA patch set, and will probably
require updates before release. The subject lines for these patches
didn't come through.
2019-10-20 14:51:55 +01:00
Ben Hutchings
d9bd594144
[x86] KVM: Add mitigation for Machine Check Error on Page Size Change
...
(aka iTLB multi-hit, CVE-2018-12207)
This is a backport of v6 of the "NX" patch set, and will probably
require updates before release.
2019-10-20 14:46:13 +01:00
Ben Hutchings
9aee5ae400
debian/patches/series: Apply security fixes last (except ABI maintenance)
...
The security fixes are where we have the greatest churn, so it's
convenient if they can be pushed/popped without having to go through
other patches.
2019-10-20 14:37:29 +01:00
Romain Perier
1df282987d
[armhf, arm64] Backport devicetree for enabling support for the Raspberry PI 3 A+
...
We already have everything we need inside the kernel 4.19.x for
supporting this board. backporting patches from upstream so we get
the support for buster.
2019-10-16 20:07:45 +02:00
Salvatore Bonaccorso
530030f117
ixgbe: Fix secpath usage for IPsec TX offload
...
Closes : #930443
2019-10-15 22:57:58 +02:00
Salvatore Bonaccorso
942d6ddd3f
KVM: coalesced_mmio: add bounds checking (CVE-2019-14821)
2019-09-19 17:16:06 +02:00
Salvatore Bonaccorso
c0096a08f9
[x86] ptrace: fix up botched merge of spectrev1 fix (CVE-2019-15902)
2019-09-18 21:35:01 +02:00
Salvatore Bonaccorso
78f0b2574a
vhost: make sure log_num < in_num (CVE-2019-14835)
2019-09-13 06:12:11 +02:00
Romain Perier
782d6ea880
ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term
...
(CVE-2019-15118)
2019-09-12 22:40:43 +02:00
Romain Perier
aa8fb19232
ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit
...
(CVE-2019-15117)
[carnil: Use 4.19.67-2+deb10u1 version for buster-security branch]
2019-09-12 22:40:21 +02:00
Salvatore Bonaccorso
a065e442e2
xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT
2019-08-24 20:51:54 +02:00
Cyril Brulebois
1b40f700ac
[arm64] Backport DTB support for Rasperry Pi Compute Module 3.
...
Tested-by: Charles Fendt <charles.fendt@me.com>
Signed-off-by: Cyril Brulebois <cyril@debamax.com>
(cherry picked from commit de7501857cae4892f52d8c56c2184be548709052)
2019-08-22 21:16:10 +02:00
Cyril Brulebois
10dd2b634c
[arm] Backport DTB support for Rasperry Pi Compute Module 3.
...
Signed-off-by: Cyril Brulebois <cyril@debamax.com>
(cherry picked from commit 64801af590540b4494f408b95a31fbe07963784d)
2019-08-22 21:16:10 +02:00
Ben Hutchings
57f74f6573
netfilter: conntrack: Use consistent ct id hash calculation
...
This fixes a regression in 4.19.44.
2019-08-22 20:04:20 +01:00
Ben Hutchings
00ee7f7173
[ppc64el] Avoid ABI change for disabling TM
...
Ignore removal of TM functions that are exported for use by KVM.
2019-08-22 20:03:54 +01:00
Salvatore Bonaccorso
9bf2130b62
dm: disable DISCARD if the underlying storage no longer supports it
...
Closes : #934331
2019-08-21 21:41:04 +02:00
Ben Hutchings
f79aedcfab
Bump ABI to 6
2019-08-20 01:51:35 +01:00
Ben Hutchings
0899b0f554
Update to 4.19.67
...
* Drop patches which have been applied to 4.19-stable
* Drop "Revert "net: stmmac: Send TSO packets always from Queue 0"" in
favour of upstream fix "net: stmmac: Re-work the queue selection for
TSO packets"
* Refresh patches that became fuzzy
2019-08-20 01:51:22 +01:00
Ben Hutchings
64c3754b90
Merge branch 'buster-security' into buster
...
* Accept revert of "[sh4]: Check for kprobe trap number before trying
to handle a kprobe trap" and update debian/changelog accordingly, as
sh4 is not a release architecture
* Keep "[arm64] Improve support for the Huawei TaiShan server platform"
which was reverted on the buster-security branch
2019-08-18 19:29:59 +01:00
Ben Hutchings
95a59b0c5d
inet: Avoid ABI change for IP ID hash change
2019-08-08 03:01:19 +01:00
Ben Hutchings
f02f2890aa
[x86] cpufeatures: Avoid ABI change for swapgs mitigations
...
- Move swapgs feature bits to existing scattered words
- Revert "x86/cpufeatures: Combine word 11 and 12 into a new scattered
features word"
2019-08-08 02:49:24 +01:00
Salvatore Bonaccorso
07a6d57831
Add patchset for CVE-2019-1125
2019-08-07 08:34:30 +02:00
Romain Perier
65c2005956
[powerpc/tm] Fix oops on sigreturn on systems without TM (CVE-2019-13648)
2019-08-05 19:04:21 +02:00
Romain Perier
3b76691d24
Bluetooth: hci_uart: check for missing tty operations (CVE-2019-10207)
2019-08-05 18:57:05 +02:00
Romain Perier
ec64cb4c87
floppy: fix div-by-zero in setup_format_params (CVE-2019-14284)
...
This retrieves the patch from the linux-4.19.y branch and refreshes the
previous one "floppy: fix out-of-bounds read in copy_buffer", because
this is firstly "floppy: fix div-by-zero in setup_format_params" that is
applied upstream, then the one regarding out-of-bounds read in copy_buffer.
The one for CVE-2019-14283 was previously refreshed because it was not
applicable directly. Now both patches are synchronized with upstream and
applied in the same order.
2019-08-05 17:56:29 +02:00
Romain Perier
24c58d8c20
inet: switch IP ID generator to siphash (CVE-2019-10638)
2019-07-30 11:20:38 +02:00
Romain Perier
4962cdb584
floppy: fix out-of-bounds read in copy_buffer (CVE-2019-14283)
2019-07-30 11:14:00 +02:00
Aurelien Jarno
b394039686
[arm64] compat: Provide definition for COMPAT_SIGMINSTKSZ ( Closes : #904385 ).
2019-07-29 22:36:47 +02:00
Uwe Kleine-König
8da545ad5d
rtc-s35390a: backport fix to make hwclock able to read the time
2019-07-28 21:37:15 +02:00
Romain Perier
8cb769111f
Input: gtco - bounds check collection indent level (CVE-2019-13631)
2019-07-27 13:15:59 +02:00
Romain Perier
167ecd4ada
scsi: libsas: fix a race condition when smp task timeout (CVE-2018-20836)
2019-07-22 14:01:45 +02:00
Romain Perier
84b1bd80aa
Revert unwanted changes for buster-security
...
We need to be based onto 4.19.37-5+deb10u1, and only include security
related topics. Things or improvements added to 4.19.37-6 (that is
already in sid) should be removed because they should not be uploaded
to buster-security accidentaly.
2019-07-22 11:44:02 +02:00
Salvatore Bonaccorso
01d9fffd29
Release linux (4.19.37-5+deb10u1).
...
-----BEGIN PGP SIGNATURE-----
iQKmBAABCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl0xhh1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89E8nEP/iF7NUo1hvYNR/ueapgtpnMaHh/OeiGp
x5/4RQW9Lo+Y8djiJWr9Kh7DVT7zp2k6OOb6o2qypgpEpFGGZAf02E3kheTJMhJz
XxDHyGRflQpXDsEbPCcWCXvJjH/7puV/GWATPYo9qE/hs9rBAiFsOlOTqWSJf8Yd
rVxjRRXe9/qRcOV4OJyiuL2GbeL7eO3TqTEl1NVSNP4V1RjYFFy/CUelWAcGzUOI
tkk+NM7CEspQQhpIRkSGB+GyYMvOFNi2mkrz+mJbSUeb75uiZq3myJqHiQOKpwHe
OGJiVBD4Ce8pv3PvR9bFZwgOV2t1XTDOeyUcmh8C07SblwI6iM/vi/nWw7B9VUEH
X2EB/3/TuhKgJHtYpFZdi1mlRrt+6YYgDmbFVUyjojZhOONlVagwq2vaX0ep6yI4
FOQo4kpCG10yse4JxUS0Unv6hk7ShfLe/Kb9lOJvPSZM5dCutWTQrRO05gTyFaev
orMZou9lsXYDTzpFAICE2ZhCcySvYLqvPkkCoabiECMlJE2Ra/rsHiuQEcSNjG8E
A8EqJhElt+W8mvTkofG5yL3oguD6yg4Qf0luKOl0bEcZyBXDbK4nHtHAwcBNoR5X
zNfrikCyo7jPX3JGH3F8wYE9vc04SO+YEkvcyZcLTOUBiDIpZgC4r3IOyBDgzv1K
KDIBNpFCBL0Z
=794G
-----END PGP SIGNATURE-----
Merge tag 'debian/4.19.37-5+deb10u1' into buster
Release linux (4.19.37-5+deb10u1).
2019-07-20 23:07:45 +02:00
Romain Perier
1e1ff4ce9c
binder: fix race between munmap() and direct reclaim (CVE-2019-1999)
2019-07-20 18:36:49 +02:00
Romain Perier
091f76e86d
nfc: Ensure presence of required attributes in the deactivate_target handler (CVE-2019-12984)
2019-07-20 18:21:14 +02:00
Romain Perier
fbe4322901
[powerpc*] mm/64s/hash: Reallocate context ids on fork (CVE-2019-12817)
2019-07-20 17:17:59 +02:00
Romain Perier
7e902dbcd3
[x86] x86/insn-eval: Fix use-after-free access to LDT entry (CVE-2019-13233)
2019-07-20 17:17:43 +02:00