Ben Hutchings
6573a2a7c7
security,perf: Replace GRKERNSEC_PERF_HARDEN patch with the version submitted upstream
...
This hasn't been *accepted* upstream, but maybe some day? It has gone
into AOSP.
2016-10-05 22:23:08 +01:00
Ben Hutchings
b2480a3dfe
Release linux (4.7.5-1).
...
-----BEGIN PGP SIGNATURE-----
iQIcBAABCgAGBQJX6HXOAAoJEOe/yOyVhhEJA68QAJSLxpMHBbl9474Q/SPonncf
S7NXiYZQuo7STq0uHUVxtOTpVKRc/7y793tdtpI3Ec6nZqilS+4uKq1QNAh7kj6n
JwilTLkfbjRS4+VqEEHJtVfK/bjijEep943W+uv3foMXPzbJulgRNrf54nUOFA2n
WY1ZfL6Dp+tvys49UrK+3lsuY/ZCLzpck3m0rScGYgalfnZo00ttPto29YZjVXrp
7RZset950hvEvL7cD7GXi2pqoEcvV3AISOABgKU0U6VitS1E8wJHW1pDZvHgZDKO
55lAdyyEsAE96J1RzKwPjyHTKDmr1v6AiqNxwviLndwoLflYHUbsZBx0H9pRE0Gi
45IDQELGFToJ/4dDNijk3oyOsQaV06f0gYv+FqGnN33IWxrlz9oQ3PSWB6qA9dr5
vBGG1tzoYFdManBwZvH5smD25Ckc3TK2UzMqJA1BIjRpCoajxfmZWcgfPH8Z9gwJ
5giCQkEKCbbwAXmRwVCYDFp5t0DlnyiY0/IizunHUxFapl9B6SNRFPhJVbUCNV07
/yzsRU+TcNnV1oGQE9+uWTIelUQmc5cvMiaIlW7fifrqPAKCCnk2imYI1Tx1jsVl
VqLo1Jalt+iZGKsEt6I3ST6LX1k/QFkz7BmJ4Yz+NdwwN6/Jq5rufFxLWGdIYPdI
N4PnNBVMK0ooLqbaatRO
=PYYu
-----END PGP SIGNATURE-----
Merge tag 'debian/4.7.5-1'
Drop ABI maintenance patches.
2016-09-26 02:16:56 +01:00
Ben Hutchings
7a0f81fe53
ext4: Fix checksum validation for inodes with small i_extra_isize
...
Closes : #838544 , regression in 4.7.4
2016-09-25 22:00:56 +01:00
Ben Hutchings
bdec0fe8f0
Update to 4.7.5
2016-09-25 03:05:35 +01:00
Ben Hutchings
1f0935b411
Regroup ABI maintenance patches
2016-09-25 01:33:49 +01:00
Ben Hutchings
b37c595561
Release linux (4.7.4-2).
...
-----BEGIN PGP SIGNATURE-----
iQIcBAABCgAGBQJX4HvgAAoJEOe/yOyVhhEJq9cP/j1XO1dNpOXxq0JZod66K1sl
JIC4LPZ3i+kiAD0amMZiAexAuCpqCDjinjVr/pAhEoAa79983tFoY9yWjDCAW+9H
0j7Torb5wQ76BlyXCjSoaztcQmzQ1YiCvjIzk4hCJCcvqdTuA1MMr7+AbXAgi3xE
Es/G7ai+7SK5suEYgsbliM2ndFFMtIDqgpvDVDFNBDt61m2RXKxw7SQwyItIx+Hn
n7Aq/P+LP7BjMSP6nW6EafF/RidbAwq4x+FKqzGyZhVQV7c3YFbh0EA7lVcTDhC7
A1ZbdeUjiFhUKchRPa56qf+eAI8sBEeU3Ga1mhpkxL8RkFKwvWmmB2J0tBE7KHgw
WCy+8nPxnLAq3eVIkOcB3MuvNdM9DvvtQ7X5NjXnBIfq06OX4y+C+udMpafmegTG
5YB3FVppFQNGZcOxeF9hCQspHGvBsTGRYoK3hxzx4AY94E1cakl08oZte4dHYALz
GvP/tjbLH5i/g9djVNGtfZCHKMZbDq2QhD60GNwFoN/ssX4Q/L3q4N+eyJD9KoQM
Bu44v1ZY7M13F4t5JUomjU2e5mze3opxEB2C7vIoyJfaUvtAWX/mn8SysDGdT0OJ
zd8ow6IntzcL+mqxrarOPMenSt2yqoQ6WdkYkpF5aCTj2GJyAkU7dUWfWdKWtLM7
yjuIvqRAcVzMU9XuU8uf
=s0s4
-----END PGP SIGNATURE-----
Merge tag 'debian/4.7.4-2'
- Drop ABI references and ABI maintenance patches
- Fix Kconfig symbols for omapdss sub-drivers, which were renamed for 4.8
2016-09-22 01:17:51 +01:00
Ben Hutchings
5a8adae35b
[arm64] Revert "arm64: Define AT_VECTOR_SIZE_ARCH for ARCH_DLINFO" (fixes FTBFS)
2016-09-19 18:10:01 +01:00
Ben Hutchings
2d327101d1
[arm64] mm: Limit TASK_SIZE_64 for compatibility
2016-09-16 16:40:35 +01:00
Ben Hutchings
ab1157972f
[powerpcspe] xmon: Don't use ld on 32-bit ( Closes : #836741 )
2016-09-12 20:38:54 +01:00
Ben Hutchings
63e9d321c9
mm, oom: prevent premature OOM killer invocation for high order request
...
Fixes a regression in 4.7 and someone already asked for this.
2016-09-09 20:49:48 +01:00
Ben Hutchings
5f7e2d6a98
i8042: Revert ABI break in 4.7.3
2016-09-09 02:26:58 +01:00
Ben Hutchings
7dd9d01ac5
Update to 4.7.3
2016-09-07 22:07:27 +01:00
Ben Hutchings
95a7eda177
Update to 4.8-rc5
2016-09-07 21:27:44 +01:00
Martin Michlmayr
7d47a94178
[arm64] Remove patches in 4.8-rc1
2016-08-28 13:30:32 -07:00
Ben Hutchings
1222968771
Update to 4.8-rc3
2016-08-28 19:52:50 +01:00
Ben Hutchings
2c76695c24
aacraid: Check size values after double-fetch from user (CVE-2016-6480)
2016-08-27 23:17:17 +01:00
Ben Hutchings
0db6147b7d
tcp: fix use after free in tcp_xmit_retransmit_queue() (CVE-2016-6828)
2016-08-27 23:14:24 +01:00
Ben Hutchings
0a8dfe2ccc
[arm64] Add support for securelevel and Secure Boot
...
Closes : #831827 , thanks to Linn Crosetto
2016-08-27 22:17:30 +01:00
Ben Hutchings
6ab7944873
kbuild: Do not export variable name with hyphen ( Closes : #833561 )
2016-08-26 01:43:33 +01:00
Ben Hutchings
68c8135d73
Add hppa/parisc bug fixesfrom Helge Deller
2016-08-25 18:30:06 +01:00
Ben Hutchings
2fddcf7c7f
usbip: Use the locally-installed <linux/usbip.h>
...
Some years back I patched the #include of <linux/usbip.h> to include
the current, uninstalled version through a relative path because the
system-installed version will normally be outdated. We're about to
start copying the source to avoid writing autotools crap into the
source directory, which breaks this relative path.
Since we now install the UAPI headers under debian/build at the start
of the tools build, drop the patch and add that directory to the
include path.
2016-08-25 01:28:48 +01:00
Ben Hutchings
7a54b56ad5
Merge branch 'sid'
...
Drop rt patchset updates as they don't apply to 4.7.
Drop various other patches already in 4.7.
Fold the remaining Debian changes in the open changelog entry for 4.6.7-1
into the open changelog entry here.
2016-08-24 20:43:19 +01:00
Ben Hutchings
f445dbb9d9
Update to 4.7.2
...
Note the CVE IDs and Debian bugs fixed.
Drop the patches that have gone upstream.
2016-08-24 20:40:14 +01:00
Salvatore Bonaccorso
a7280813ac
Update to 4.6.7
2016-08-16 11:13:39 +02:00
Ben Hutchings
d42cdc5bfe
audit: fix a double fetch in audit_log_single_execve_arg() (CVE-2016-6136)
2016-08-12 16:27:20 +01:00
Ben Hutchings
8bc5e687b1
[powerpc*] KVM: Book3S HV: Save/restore TM state in H_CEDE (CVE-2016-5412)
2016-08-12 16:25:34 +01:00
Ben Hutchings
d62992a05c
Drop ABI maintenance patches since we're bumping the ABI number
2016-08-12 16:22:46 +01:00
Salvatore Bonaccorso
7184d7bfd9
tcp: make challenge acks less predictable (CVE-2016-5696)
2016-08-12 06:52:28 +02:00
Salvatore Bonaccorso
457d8bb6bd
Update to 4.6.6
2016-08-11 16:29:28 +02:00
Salvatore Bonaccorso
c0e269c0cd
libata: LITE-ON CX1-JB256-HP needs lower max_sectors
...
Closes : #830971
2016-08-05 15:40:08 +02:00
Martin Michlmayr
02b2135a4b
Add USB support for NVIDIA Jetson TX1 Developer Kit
...
Add patches from 4.8-rc1 required for USB support on the NVIDIA Jetson
TX1 Developer Kit.
2016-08-02 15:54:01 -07:00
Salvatore Bonaccorso
c2a8f662b5
vfs: ioctl: prevent double-fetch in dedupe ioctl (CVE-2016-6516)
2016-08-02 06:47:28 +02:00
Uwe Kleine-König
f8edc4357a
Fix perf to be able to find debug info based on build-id.
2016-07-31 22:35:09 +02:00
Ben Hutchings
e8c1b8e306
Update to 4.6.5
...
Drop patches applied upstream.
There are some ABI changes still to be resolved.
2016-07-31 01:50:59 +01:00
Ben Hutchings
0ddaf6aed3
cgroups: Enable memory controller by default
2016-07-29 12:23:32 +01:00
Ben Hutchings
4e86887dda
Update to 4.7-rc7
2016-07-14 10:50:31 +01:00
Ben Hutchings
bd2f2b2ea4
bridge: Fix ABI change in 4.6.4
2016-07-14 00:33:32 +01:00
Salvatore Bonaccorso
f000506362
apparmor: fix oops, validate buffer size in apparmor_setprocattr() (CVE-2016-6187)
2016-07-13 20:30:05 +02:00
Salvatore Bonaccorso
1a1a829223
Update to 4.6.4
2016-07-13 17:57:14 +02:00
Ben Hutchings
38ec618a21
fanotify: Enable FANOTIFY_ACCESS_PERMISSIONS ( Closes : #690737 )
...
Various free and proprietary AV products use this feature and users
apparently want it. But punting access checks to userland seems like
an easy way to deadlock the system, and there will be nothing we can
do about that. So warn and taint the kernel if this feature is
actually used.
2016-07-13 01:53:59 +01:00
Uwe Kleine-König
0818af71cc
Cherry pick patches for rtc-s35390a from next
...
This fixes shutting down some QNAP NAS devices after being waked up by
the rtc.
2016-07-12 21:44:39 +02:00
Ben Hutchings
ade54804a1
[powerpc*] tm: Always reclaim in start_thread() for exec() class syscalls (CVE-2016-5828)
2016-07-03 16:33:29 +02:00
Ben Hutchings
aab434acde
[x86] Fix incompatiblity between kaslr and hibernation
...
* [amd64] power: Fix crash whan the hibernation code passes control to the
image kernel
* [x86] KASLR, power: Remove x86 hibernation restrictions
2016-07-02 19:29:28 +02:00
Salvatore Bonaccorso
3c35987b05
HID: hiddev: validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands (CVE-2016-5829)
2016-06-30 14:53:31 +02:00
Ben Hutchings
419d6356df
Update to 4.6.3
2016-06-27 00:58:54 +02:00
Ben Hutchings
12183bf924
nfsd: check permissions when setting ACLs (CVE-2016-XXXX)
2016-06-25 00:56:15 +02:00
Ben Hutchings
9fd7bbdf1a
netfilter: x_tables: Add fixes for CVE-2016-4997, CVE-2016-4998
...
...and probably other issues never assigned an ID.
2016-06-25 00:19:29 +02:00
Ben Hutchings
f5f99415a2
percpu: Fix synchronization with chunk destruction (CVE-2016-4794)
2016-06-25 00:19:08 +02:00
Ben Hutchings
b782c52536
KEYS: potential uninitialized variable (CVE-2016-4470)
2016-06-25 00:18:47 +02:00
Ben Hutchings
eb1373a157
Update to 4.7-rc4
2016-06-20 13:40:09 +01:00