Salvatore Bonaccorso
7fb2e63e99
cdrom: fix improper type cast, which can leat to information leak (CVE-2018-18710)
2018-10-29 22:04:01 +01:00
Salvatore Bonaccorso
5f66f9439a
mremap: properly flush TLB before releasing the page (CVE-2018-18281)
2018-10-29 22:01:56 +01:00
Romain Perier
540db7a99c
Update to 4.18.14
...
This updates the debian changelog for listing changes of this stable
update, including removal of cherry picked commits applied on upstream.
2018-10-21 21:04:32 +02:00
Salvatore Bonaccorso
8287bd051d
Move CVE-2018-18445 entry to upstream changelog
...
4.18.12-1 was never released with the cherry picked patch, and as such
we drop the maintainer stanza entry but add relevant information (e.g.
bug closer or CVE id) to the upstream changelog entry.
2018-10-21 10:23:47 +02:00
Romain Perier
63b0a73429
Update to 4.18.13
2018-10-21 09:31:01 +02:00
Salvatore Bonaccorso
3448bce542
bpf: 32-bit RSH verification must truncate input before the ALU op (CVE-2018-18445)
2018-10-20 22:45:49 +02:00
Salvatore Bonaccorso
b2e84defa2
[x86] swiotlb: Enable swiotlb for > 4GiG RAM on 32-bit kernels
...
Closes : #908924
2018-10-20 21:27:48 +02:00
Vagrant Cascadian
07cd30904b
[arm64] Update pinebook/teres-i device-tree patches to 4.19.x:
...
- Enables the lid to wakeup from suspend.
2018-10-18 19:59:22 -07:00
Salvatore Bonaccorso
201100ffa3
Remove 4.18.12 changelog entries already included earlier
2018-10-15 21:24:44 +02:00
Salvatore Bonaccorso
1813b53c0e
Remove 4.18.11 changelog entries already included earlier
2018-10-15 21:22:25 +02:00
Salvatore Bonaccorso
9e35d4c881
Add CVE id reference for CVE-2018-12896
2018-10-15 21:19:44 +02:00
Salvatore Bonaccorso
cbec9704cd
Add CVE id reference for CVE-2018-13053
2018-10-15 21:19:24 +02:00
Romain Perier
2c7f5f2710
Update to 4.18.12-rt7
...
This updates to 4.18.12-rt7 and re-enables rt
2018-10-15 21:04:07 +02:00
Romain Perier
2c351aeb14
Update to 4.18.12
...
This updates to 4.18.12, including removal of applied upstream patches.
This also disables rt until 4.18.12-rt7 is integrated to this package
2018-10-15 20:14:39 +02:00
Romain Perier
eba87a92ee
Update to 4.18.11
2018-10-15 19:23:03 +02:00
Ben Hutchings
88995ec002
linux-perf: Fix BPF feature detection
2018-10-08 19:06:09 +01:00
Ben Hutchings
e2c454b73b
Prepare to release linux (4.18.10-2).
2018-10-07 21:57:06 +01:00
Ben Hutchings
a2764e86a2
Revert "uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name"
...
Closes : #909813
2018-10-07 21:56:58 +01:00
Ben Hutchings
272a938bb7
xen-netback: fix input validation in xenvif_set_hash_mapping() (CVE-2018-15471)
2018-10-07 21:29:25 +01:00
Salvatore Bonaccorso
2db297e8f5
[arm64] KVM: Sanitize PSTATE.M when being set from userspace (CVE-2018-18021)
2018-10-07 08:37:42 +02:00
Salvatore Bonaccorso
20bad055e2
[arm64] KVM: Tighten guest core register access from userspace (CVE-2018-18021)
2018-10-07 08:30:32 +02:00
Ben Hutchings
10190f3972
[rt][arm64,armhf] Fix build failure after rebasing onto 4.18.10
...
The rt patch "of: allocate / free phandle cache outside of the
devtree_lock" drops the lock earlier in of_populate_phandle_cache()
and removes the "out" label which is no longer needed.
4.18.10 includes "of: fix phandle cache creation for DTs with no
phandles" which adds another "goto out" inside the locked section.
The previous textual conflict resolution between these changes left
the "goto out" in place, but it needs to be a "return".
2018-10-05 18:11:21 +01:00
Ben Hutchings
698ccd4cb9
Prepare to release linux (4.18.10-1).
2018-09-30 18:02:51 +01:00
Romain Perier
14d9845760
Update to 4.18.10
...
This updates the debian changelog for listing changes of this stable
update. It also removes patches applied upstream and refreshes a patch
that is part of 4.18.7-rt5.
2018-09-30 16:01:44 +02:00
Salvatore Bonaccorso
7b1a277680
scsi: target: iscsi: Use bin2hex instead of a re-implementation
2018-09-27 21:20:47 +02:00
Salvatore Bonaccorso
7ceb71a555
scsi: target: iscsi: Use hex2bin instead of a re-implementation (CVE-2018-14633)
2018-09-27 21:19:15 +02:00
Salvatore Bonaccorso
ed71066b24
Add CVE id reference for CVE-2018-13098
2018-09-26 22:39:52 +02:00
Ben Hutchings
f81ec680a5
Bump ABI to 2
...
- Drop ABI reference files and ABI maintenance patch
- Delete claim that ignoring ABI changes is a build fix
2018-09-25 22:22:56 +01:00
Ben Hutchings
5a77952e41
[i386/686] Enable MGEODE_LX instead of M686 (regression in 4.16)
...
- x86-32: Disable 3D-Now in generic config
2018-09-25 21:55:43 +01:00
Salvatore Bonaccorso
89193121c5
Add CVE id reference for CVE-2018-17182
2018-09-23 20:42:51 +02:00
Salvatore Bonaccorso
bea28910c7
Remove f2fs entries which are included in 4.18.9 import
2018-09-23 20:39:44 +02:00
Romain Perier
5ea1715db4
Update to 4.18.9
...
This updates the debian changelog for listing changes of this stable
update. It also removes patches applied upstream and refreshes a patch
that is part of 4.18.7-rt5.
2018-09-23 20:00:57 +02:00
Salvatore Bonaccorso
d112adae70
f2fs: fix to do sanity check with secs_per_zone (CVE-2018-13100)
2018-09-22 17:31:48 +02:00
Salvatore Bonaccorso
310f694a6b
f2fs: fix to do sanity check with reserved blkaddr of inline inode (CVE-2018-13099)
2018-09-22 17:28:29 +02:00
Salvatore Bonaccorso
f46ed6ff17
floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (CVE-2018-7755)
2018-09-22 17:11:42 +02:00
Geoff Levand
bf27abcb1c
Add fixup for HPE m400 APEI firmware problems
...
Signed-off-by: Geoff Levand <geoff@infradead.org>
[bwh: Add Forwarded field and note the patch in debian/changelog]
2018-09-21 18:34:18 +01:00
Geoff Levand
ec664376f8
Updates for ACPI servers
...
o Enable CONFIG_SCHED_SMT for hyperthreading processors.
o Enable CONFIG_ARM64_LSE_ATOMICS for v8.1 processors.
o Enable a number of ACPI options likely to be available on servers.
o CONFIG_ACPI_APEI selects PSTORE, so remove the arm64 specific setting.
Signed-off-by: Geoff Levand <geoff@infradead.org>
[bwh:
- Drop CONFIG_ACPI_CONFIGFS for now, as I think this the feature
might need to be disabled under Secure Boot and the lockdown
patches don't currently do that
- Drop automatic config symbols
- Note the changes in debian/changelog
]
2018-09-21 18:34:12 +01:00
Ben Hutchings
7fc1bf289c
[arm64] ACPI: Change ACPI_NFIT from built-in to module
...
Geoff Levand wrote:
> Commit ed497f3cb7
(Add server and
> 96boards options) added an arm64 specific CONFIG_ACPI_NFIT=y,
> overriding the default of =m, but the commit message mentions
> nothing about why this was done.
>
> Remove the arm64 specific setting and use the default of module
> build.
Unlike Geoff's patch, this removes the explicit setting for arm64.
2018-09-21 18:03:35 +01:00
Yves-Alexis Perez
612bd4493b
[x86] enable PINCTRL_AMD for touchpad support on Lenovo IdeaPad. ( closes : #876141 )
2018-09-19 17:41:18 +02:00
Ben Hutchings
9870a632a0
drivers/net/ethernet: Ignore ABI changes (fixes FTBFS on arm64, armhf)
2018-09-19 02:59:15 +01:00
Vagrant Cascadian
65bccba1ae
debian/rules.real: Generate linux-source tarball with root user and
...
group specified, to fix reproducibility issues.
2018-09-18 12:59:03 -07:00
Ben Hutchings
bb21838ec3
Prepare to release linux (4.18.8-1).
2018-09-18 03:05:01 +01:00
Ben Hutchings
ee7d2e20ff
Update to 4.18.8
...
- Drop security fixes included in it
- mm: Avoid ABI change in 4.18.7
2018-09-17 01:13:52 +01:00
Ben Hutchings
d7423140dd
Revert "i40e: Add kconfig dependency to ensure cmpxchg64() is available"
...
The bug that prompted this was fixed upstream in 4.17 by commit
8f769dd14a43 "i40e: re-number feature flags to remove gaps".
2018-09-16 16:13:00 +01:00
Ben Hutchings
6b3296f897
README.Debian: Describe where to find patches for a specific version
...
I think this is more useful than linking to the master branch. Almost
no-one is running the packages from experimental.
2018-09-16 15:40:49 +01:00
Ben Hutchings
20d52cb0e9
README.Debian: Update URLs that were pointing to Alioth
2018-09-16 15:36:14 +01:00
Romain Perier
2943a959c9
[x86] crypto: ccp: add timeout support in the SEV command ( Closes : #908248 )
2018-09-16 01:58:12 +01:00
Ben Hutchings
6fc99bc70c
Clean up changelog for 4.18.7
...
- Add some architecture qualifications
- Remove architecture qualifications for ACPICA changes, since ACPI
is also used on ia64
- Remove lines for some components we don't build
2018-09-15 20:34:00 +01:00
Romain Perier
f0df74a77c
[rt] Update to 4.18.7-rt5
2018-09-15 20:33:59 +01:00
Romain Perier
21f4f386c3
Update to 4.18.7
...
This updates the debian changelog for listing changes of this stable
update. It also removes patches that have been applied upstream.
2018-09-15 20:27:11 +01:00