Salvatore Bonaccorso
2a7ca94d22
Add CVE reference for CVE-2016-4580 fix
2016-05-24 08:11:03 +02:00
Ben Hutchings
5bec7a0097
[x86] kvm:vmx: more complete state update on APICv on/off (CVE-2016-4440)
2016-05-23 02:35:36 +01:00
Ben Hutchings
327c921aa7
Update to 4.5.5
...
Drop changes that were applied upstream.
Fix/ignore ABI changes.
2016-05-23 02:34:41 +01:00
Ben Hutchings
b88823f96b
Revert "stmmac: Fix 'eth0: No PHY found' regression" ( Closes : #823493 )
2016-05-23 00:59:46 +01:00
Ben Hutchings
3cbe9e18c1
aufs: Update support patches to aufs4.5-20160523
...
- mmap: Fix use-after-free in remap_file_pages(2)
2016-05-23 00:47:15 +01:00
Salvatore Bonaccorso
342ba3d57d
tipc: check nl sock before parsing nested attributes (CVE-2016-4951)
2016-05-21 16:53:08 +02:00
Ben Hutchings
5f0787708a
Prepare to release linux (4.5.4-1).
2016-05-16 19:17:22 +01:00
Ben Hutchings
4665b0730f
[armhf] Enable Exynos video drivers ( Closes : #824435 )
...
- drm: Enable DRM_EXYNOS as module, DRM_EXYNOS_MIXER, DRM_EXYNOS_FIMD,
DRM_EXYNOS_DSI, DRM_EXYNOS_DP, DRM_EXYNOS_HDMI
- phy: Enable PHY_EXYNOS_MIPI_VIDEO, PHY_EXYNOS_DP_VIDEO as modules
- cpuidle: Enable ARM_EXYNOS_CPUIDLE
- iio: Enable EXYNOS_ADC as module
2016-05-16 19:13:58 +01:00
Salvatore Bonaccorso
be1c8b16ab
KVM: MTRR: remove MSR 0x2f8 (CVE-2016-3713)
2016-05-16 13:47:07 +02:00
Ben Hutchings
48902f4f1a
videobuf2-core: Fix crash after fixing CVE-2016-4568
2016-05-16 03:33:38 +01:00
Ben Hutchings
3eae053b85
uapi glibc compat: fix compile errors when glibc net/if.h included before linux/if.h
...
Closes : #822393
2016-05-16 03:23:55 +01:00
Ben Hutchings
efbab1e4bf
Add various upstream fixes with known or probable security impact
2016-05-16 03:23:35 +01:00
Salvatore Bonaccorso
878c650ebf
Revert "Add CVE reference for CVE-2016-4805"
...
This reverts commit 066544159a
.
We do not update debian/changelog entries for already released versions.
Tracked via kernel-sec and security-tracker.
2016-05-15 21:58:43 +02:00
Salvatore Bonaccorso
88ec3673ad
net: fix infoleak in llc (CVE-2016-4485)
2016-05-15 20:04:29 +02:00
Salvatore Bonaccorso
066544159a
Add CVE reference for CVE-2016-4805
2016-05-15 18:44:34 +02:00
Ben Hutchings
64ecb1331b
Add/correct architecture prefixes to changelog for 4.5.4
...
Also delete mention of clk-meson, which we don't build at all.
2016-05-15 03:29:08 +01:00
Ben Hutchings
00d06a9006
Word-wrap changelog for 4.5.4
2016-05-15 03:22:33 +01:00
Ben Hutchings
a126067de6
debian/control: Remove alternate build-dependency on binutils-dev
...
This was used for backports from to wheezy, but we don't backport from
stretch/sid to wheezy.
2016-05-15 03:11:42 +01:00
Ben Hutchings
59b5fabac6
debian/control,debian/rules,debian/rules.d: Support the 'nodoc' build profile
2016-05-15 03:11:42 +01:00
Ben Hutchings
43640872d9
debian/control,debian/rules: Support a 'pkg.linux.notools' build profile
...
...which does not build tools packages
2016-05-14 20:46:46 +01:00
Ben Hutchings
f865a890fd
debian/control: Exclude tools from 'stage1' build profile
2016-05-14 20:06:34 +01:00
Yves-Alexis Perez
0dd643da08
fix tools disabling in arch-specific rules
...
(cherry picked from commit 3aa2269f2b3162772d052154d8bed726ff18df1e)
[bwh: Note this in debian/changelog. Neaten vertical spacing.]
2016-05-14 19:07:15 +01:00
Salvatore Bonaccorso
de9a44e36f
KEYS: Fix ASN.1 indefinite length object parsing (CVE-2016-0758)
2016-05-14 05:18:04 +02:00
Aurelien Jarno
5bd961d21f
Add bug number
2016-05-13 19:27:17 +02:00
Aurelien Jarno
3ec9fea9ef
[mipsel/octeon] Activate flavour on mipsel.
2016-05-13 18:58:54 +02:00
Aurelien Jarno
4a8b374466
[mips*/octeon] Add support for byte swapped initramfs to handle u-boot and kernel running with a different endianness.
2016-05-13 18:54:45 +02:00
Ben Hutchings
594eaf7125
Add bug closure for new netfilter modules
2016-05-13 12:14:39 +01:00
Roger Shimizu
1f6b038c6f
netfilter: Enable NF_DUP_NETDEV / NFT_DUP_NETDEV / NFT_FWD_NETDEV as module
...
Recommended by Arturo Borrero Gonzalez.
2016-05-13 19:26:17 +09:00
Aurelien Jarno
1275559aac
[arm,x86] Fix memory corruption in KVM with THP enabled.
2016-05-12 23:52:30 +02:00
Salvatore Bonaccorso
99cf691f48
Improve changelog for stable update 4.5.4
2016-05-12 22:28:05 +02:00
Salvatore Bonaccorso
09efe199c6
Add CVE-2016-4581 to changelog entry
2016-05-12 21:23:34 +02:00
Salvatore Bonaccorso
2c6d72a09e
Update to 4.5.4
2016-05-12 21:22:09 +02:00
Aurelien Jarno
102221d3f4
[i386] Stop recommending libc6-i686.
2016-05-12 14:34:03 +02:00
Aurelien Jarno
b101f08c76
[mips*] Fix PR_SET_FPMODE issues with multi-threaded programs.
2016-05-11 00:17:22 +02:00
Ben Hutchings
9f2cb7b094
Prepare to release linux (4.5.3-2).
2016-05-08 15:03:45 +01:00
Ben Hutchings
4ebee8024b
[powerpc*] Fix sstep compile on powerpcspe
...
Closes : #823526 ; thanks to Lennart Sorensen
2016-05-08 12:08:04 +01:00
Ben Hutchings
d0b84ae1e7
[s390x] PCI: Ignore zpci ABI changes; these functions are not used by modules
2016-05-08 11:56:28 +01:00
Ben Hutchings
a9415bbeb4
Prepare to release linux (4.5.3-1).
2016-05-07 22:03:54 +01:00
Ben Hutchings
a93e24dc98
Remove placeholder CVE ID for "bpf: fix check_map_func_compatibility logic"
...
This doesn't have an ID yet and may not get one.
2016-05-07 22:03:54 +01:00
Ben Hutchings
3793255fc1
Add CVE IDs for two issues fixed in 4.5.3
2016-05-07 19:50:19 +01:00
Ben Hutchings
8b31e1c0a6
Update to 4.5.3
...
Drop changes which were included or superceded upstream.
Fix ABI changes.
2016-05-07 19:40:36 +01:00
Ben Hutchings
12fe9efbc6
stable-update: Rewrite stable-update.sh in Python
...
This fixes some of the problems dch was causing:
- Putting the stable log in the wrong place
- Updating the date unnecessarily
Change stable-update.sh to be a wrapper for stable-update.
Delete ckt-stable-update.sh; if we need it again in future, it can be
implemented more cleanly as part of the new script.
2016-05-06 21:37:36 +01:00
Salvatore Bonaccorso
83c1717866
CVE-2016-4558 assigned
2016-05-06 17:45:38 +02:00
Salvatore Bonaccorso
09dcf3082d
CVE-2016-4557 assigned
2016-05-06 17:44:03 +02:00
Salvatore Bonaccorso
58abfbd52f
Adding indication to close #823603
2016-05-06 15:15:41 +02:00
Ben Hutchings
405645d788
Add bpf security fixes
2016-05-05 23:13:51 +01:00
Ben Hutchings
0b841b071c
Note closure of #823146
2016-05-04 22:49:24 +01:00
Ben Hutchings
5416c1a1e3
Revert "sp5100_tco: fix the device check for SB800 and later chipsets"
...
Probably fixes #822651 , #823146
2016-05-02 21:25:40 +02:00
Ben Hutchings
c92155bd7f
bug control: Update list of related firmware packages
2016-05-02 21:25:40 +02:00
Uwe Kleine-König
e04bb76810
[armhf] enable I2C_MUX_PCA954x, MMC_SDHCI_PXAV3, AHCI_MVEBU
...
CONFIG_I2C_MUX is also enabled explicitly, up to now it just happened to
be on because something below MEDIA_SUPPORT selected it (in conjunction
with MEDIA_SUBDRV_AUTOSELECT).
2016-05-01 16:13:46 +02:00