40f397ca1a
Drop another patch redundant with upstream changes
2017-04-20 00:16:12 +01:00
f26f2a520d
Update to 4.11-rc6
...
Remove merged patches and rebase remaining patches.
A portion of the secureboot patches have been upstreamed, but were
changed substantially during review, primarily to avoid code
duplication among arches. I've stripped the patches of the merged
bits and rebased the remainder.
Signed-off-by: Lukas Wunner <lukas@wunner.de>
[bwh: Undo some incorrect context changes in
bugfix/all/firmware-remove-redundant-log-messages-from-drivers.patch]
2017-04-20 00:15:17 +01:00
aa2adea45f
Update Origin and description for various patches now applied/merged upstream
2017-04-18 04:18:56 +01:00
790885d6d8
Add Forwarded header and update description for several patches
2017-04-18 04:15:47 +01:00
8701ef58ba
Replace "[media] dvb-usb: Don't use stack for reset either" with upstream fix
2017-04-18 01:16:50 +01:00
3f62574711
crypto: ahash - Fix EINPROGRESS notification callback (CVE-2017-7618)
2017-04-16 23:25:12 +01:00
31945f628c
Update to 4.9.22
...
Drop patches applied upstream.
2017-04-16 21:47:05 +01:00
1d5fde10d8
mm/mempolicy.c: fix error handling in set_mempolicy and mbind (CVE-2017-7616)
2017-04-16 07:59:50 +02:00
5547db97a6
fscrypt: remove broken support for detecting keyring key revocation (CVE-2017-7374)
2017-04-08 09:36:53 +02:00
43f7156d3a
ping: implement proper locking (CVE-2017-2671)
2017-04-08 09:18:35 +02:00
20a0659e24
drm/nouveau/disp/mcp7x: disable dptmds workaround ( Closes : #850219 )
2017-04-07 20:42:59 +01:00
459f0a48e4
Release linux (4.9.18-1).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAljcf5EACgkQ57/I7JWG
EQmFcQ/8DoBxenUbNW5cY+YbwBKsjuBb8Q6gnqQLOX/JtOJ8MtpQ1t2QQPvMYdXJ
PTcNZAKm8mrsWJxos9WsUHjkdrfuLAsMTisC5FvDkE6myBt++GH3gRtKCT0A2nep
ZU17YeHYfcqv6UK90Jg0p+xAKQEEqKZrryP7fvb8oX5wOORwlLMxBScErftbB/vV
hBvwybq7gfA/4KxDTnWgadpidg16/67ZgKd0EoSsbCpFAJble/hRroMwzKUSzFW+
2yFxrmUNFoIXddoDtORNNdK0nM6b2MKeWKjmndknz4QehlayZWCg1+mEjp7A7Wqp
9naONqhQWMibARGkDl5Y7SZ9/XJXjPmDFXi3EIbhrWMN2TUkzUN14A1YHw+M9p5Q
9UbnpI6eDxjvlezcPjqucIM0ywFwljBrDsQXfGsR6ogQbYvA7nJ0dK63/EXzvl1U
UGUBwHtDhLHxtv85/JsUqq9/UVGbZjcHvyEfmE1mvbMcNxkSLSewt+jd78h7xIyL
tOZP24ARPKqcQ1detou47o8cMmwTqVl6xu08w83xin2Xux+UlYFTtI/LVws3oYNb
F3uEzIgtJbu7ENxCkY5RmIJG9qRJZJ2f6dnpLLld6D52paD5OYNrk1NShtf/Dp+r
zjJoiIRTcO9fPatjl07Y2eDeFeo2SKoD+Xd/5nGDoytE6JiDEXg=
=ONVb
-----END PGP SIGNATURE-----
Merge tag 'debian/4.9.18-1'
Drop ABI reference files.
Refresh/drop patches as needed.
2017-03-30 14:16:47 +01:00
8a7210aeea
net/packet: Fix integer overflow in various range checks (CVE-2017-7308)
2017-03-29 22:50:53 +01:00
2dd2d226ca
scsi: sg: check length passed to SG_NEXT_CMD_LEN (CVE-2017-7187)
2017-03-29 22:31:24 +01:00
3e739d51e3
xfrm_user: Apply fixes for CVE-2017-7184
2017-03-29 22:28:20 +01:00
b303c03f3b
Update to 4.9.16
...
Drop one patch included in it
2017-03-20 00:12:10 +00:00
f271c6453d
Update to 4.9.15
...
Drop one patch included in 4.9.15
Ignore ABI changes for
module:drivers/nvdimm/libnvdimm
module:drivers/target/**
debugfs_create_automount
2017-03-19 21:41:18 +01:00
8851d0b7ac
ucount: Remove the atomicity from ucount->count (CVE-2017-6874)
...
...and avoid an ABI change.
2017-03-14 21:39:16 +00:00
11c1294899
ACPI / EC: Use busy polling mode when GPE is not enabled
...
Thanks: Jakobus Schurz <jakobus.schurz@gmail.com>
Closes : #846792
2017-03-13 07:34:43 +01:00
f96b366d00
Update to 4.9.14
...
Drop a patch applied upstream.
Ignore ABI changes as they shouldn't affect OOT modules.
2017-03-12 18:35:37 +00:00
11d69f4069
tty: n_hdlc: get rid of racy n_hdlc.tbuf (CVE-2017-2636)
2017-03-08 03:07:36 +00:00
7513bdfe2b
Kbuild.include: addtree: Remove quotes before matching path (regression in 4.8)
...
loses: #856474
2017-03-04 02:19:07 +00:00
79e486b59b
[media] dvb-usb: don't use stack for firmware load or reset ( Closes : #853894 )
2017-03-01 15:43:37 +00:00
49569a3b8c
sctp: deny peeloff operation on asocs with threads sleeping on it (CVE-2017-6353)
2017-02-27 15:49:27 +00:00
f32a03523e
ipc/shm: Fix shmat mmap nil-page protection (CVE-2017-5669)
2017-02-26 20:51:00 +00:00
93819d25f0
Update to 4.9.13
2017-02-26 20:10:47 +00:00
1fcade696a
Update to 4.10
2017-02-22 20:58:16 +00:00
8c94f719fa
Release linux (4.9.10-1).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlinNOsACgkQ57/I7JWG
EQntWg//RuNSbOQeyML971UnFUtZjY3yAUYqhPJdpJimjY3WHjmZlJQrLlSz9IYQ
48Pkt/64P0+iAr9zJ+3uJv1fOagKePd5RaS/iChJdvq0fCGZstFlti5NwXEQtGSv
Yzp0LStZr+pEPZo+8Bo+TVSP25FNXdZBvhUXE2sbxaV8+W9Vx+qFkfrWEiW7hpFv
nCQJic7kmzllS4Aol9e/jj2MqcdWIhviufAImNnfrbpK61Ud6Gznw9gTODw9+OIT
ny6F/k7O6MFPuHp3aAxVC5TCowh16PcC+VqJF9MTnnvHQmD3jYqdeA8zKLnW/tJk
Dl9A6whZ3n4fFRlGjgxjmTP/CgAIeQVqgTgYCApuQQTVG3svIkznoXJLraj5UE90
rzeB30x3ikUWcVggN7xfSkW3e6/v+XSbRfu73sFA81mWyWoddT/NYhw+Y18ym4UJ
Vk8iuAakpjdVj73FSyYOcNGRzOEp2SAV72EsJEMw1/IlIkmRkMmJkkg4T/HYj11P
jK/TjZtSsVbje4zx9/U6g8Rj4Wi40EHZu6kuh2jUhCk91zsAr+7EC45gZC+uohxL
jxKxv2R5p9AR7uN6JzQR4OuOL1bTCrt02MrWdsiPlUi0RBKlJ7O5sGMMsHrVMinn
4zFNeYq2U3Fyaejb32x3DOKtgCjoMRQ5iHyrjgljhzxJcf3fWKk=
=rRkU
-----END PGP SIGNATURE-----
Merge tag 'debian/4.9.10-1'
Drop changes to aufs.
2017-02-22 20:57:36 +00:00
8db6ed9e89
dccp: fix freeing skb too early for IPV6_RECVPKTINFO (CVE-2017-6074)
2017-02-19 10:46:20 +01:00
7b50304bda
Update to 4.9.11
2017-02-18 20:53:41 +00:00
92d269eac2
media: dvb-usb-dibusb-mc-common: Add MODULE_LICENSE ( Closes : #853110 )
2017-02-17 02:56:32 +00:00
e035177b13
net: ipv6: check route protocol when deleting routes ( Closes : #855153 )
2017-02-17 00:58:21 +00:00
10f2dad569
Update to 4.9.10
2017-02-16 19:06:43 +00:00
58fbff3df5
sctp: avoid BUG_ON on sctp_wait_for_sndbuf (CVE-2017-5986)
2017-02-15 11:54:59 +01:00
9e381d5c13
ipv4: keep skb->dst around in presence of IP options (CVE-2017-5970)
2017-02-15 11:50:22 +01:00
4e5e705c5f
selinux: fix off-by-one in setprocattr (CVE-2017-2618)
2017-02-15 11:44:55 +01:00
4a1042f1a0
IB/rxe: Fix mem_check_range integer overflow (CVE-2016-8636)
2017-02-15 11:41:25 +01:00
fb27baab98
pegasus: Use heap buffers for all register access ( Closes : #852556 )
2017-02-07 01:44:24 +00:00
abd788f1da
cpumask: use nr_cpumask_bits for parsing functions ( Closes : #848682 )
2017-02-07 01:40:13 +00:00
7eec246dc0
Update to 4.9.7
...
Drop patches applied upstream.
2017-02-03 13:51:44 +00:00
6b038a62ac
Update to 4.10-rc6
2017-01-30 16:28:55 +00:00
6adadc8ec6
Release linux (4.9.6-2).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAliL3k0ACgkQ57/I7JWG
EQlmog/8D/DowVsxEjNdiHAewH7HUyqdADkCRkeqsmKgCtZEmvEaYE0RijZzGDhm
Ge4PxOzhLE/DRxJF2gN8y0hIVOnigje9qYN5OBdgB/FNNKThL6ARwiu2LD6DYcwU
+Lu6g8iHqsKHZ+NllHEiiwJ4rR39qf3Tkzz5cgm4jEi+5IjnoefOhaFhyPzBkz8i
p6fWklEhev8+lQ1sW9gF94p3t0dOp/31TWACagRQronrTtT2xAzdrR5ESPTo6FFg
gtcfqoB7AYA4LTuzoKIQRgGLsgKk73iLPF874ZuK9g/+4Z2lF9NBbwve3O0qYKCy
NERddjjx9QEf4cjToqAii10AzAfuBFDG/b77ZscREwysUwMhkz47ADefu5v1P2kJ
XdL/sJ/nXyhItV/VK8ym9lg4jAA8K5UOjn+8RtWBTE8091N7y7kyNHTQ4SppySIZ
Ow+NsWkMd+WYxkdGPSYc7nHthhVRvfC9C4cxamn9en+MNmakMgJcOZTxS4/gcTvx
DMCWGmEJrD5Bu3m9GrJzwfaXteWxMYihsq9ofjXeaeYqxgXZ62GuxMeRq3kBOhSw
H9MUITkqfsjcg7eAz8elFhRvrurlVUWFsSCGr4Fd1Tv9zrFw8OXNRrApy4UQOQ4x
Uw5AcA/3ZA3QCPsOuU8ENES57vJb+D3E/LZZJdTktVLUcoxA0tA=
=C8FJ
-----END PGP SIGNATURE-----
Merge tag 'debian/4.9.6-2'
2017-01-28 01:19:31 +00:00
810b36a1d3
fbdev: color map copying bounds checking (CVE-2016-8405)
2017-01-26 21:15:56 +00:00
a873a1d79d
Update to 4.9.6
...
Drop patches which are included in it.
2017-01-26 19:24:36 +00:00
601b9e92a1
Update to 4.10-rc5
...
Drop/refresh patches as appropriate.
[rt] Disable until it is updated for 4.10 or later
2017-01-24 19:26:38 +00:00
7a613e23af
nbd: fix 64-bit division
2017-01-24 21:35:14 +09:00
3c00650618
ieee802154: atusb: do not use the stack for buffers to make them DMA able (CVE-2017-5548)
2017-01-23 20:59:51 +01:00
c74f7d65fe
HID: corsair: fix DMA buffers on stack (CVE-2017-5547)
2017-01-23 20:57:07 +01:00
4686b122fc
Update to 4.9.5
2017-01-21 15:52:44 +01:00
c6b1f1b2b1
ath9k: fix NULL pointer dereference ( Closes : #851621 )
2017-01-17 03:51:38 +00:00
d264d7d524
tmpfs: clear S_ISGID when setting posix ACLs
2017-01-16 09:31:01 +01:00
a126d0bd27
sysctl: Drop reference added by grab_header in proc_sys_readdir (CVE-2016-9191)
2017-01-16 09:26:36 +01:00
a7f877c1f1
nbd: use loff_t for blocksize and nbd_set_size args ( Closes : #851533 )
2017-01-16 02:36:18 +00:00
2ebf1235ed
Partially revert "usb: Kconfig: using select for USB_COMMON dependency"
...
It causes USB_COMMON to be built-in for no good reason.
2017-01-11 04:40:28 +00:00
13c410d6c1
Update to 4.9.2
2017-01-09 21:06:30 +00:00
0814db65a8
Update to 4.9.1
...
Drop two obsolete patches.
"ptrace: being capable wrt a process requires mapped uids/gids"
appears to be obsoleted by upstream commit bfedb589252c "mm: Add
a user_ns owner to mm_struct and fix ptrace permission checks".
2017-01-07 03:27:13 +00:00
97ab9059a9
Release linux (4.8.15-2).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlhtitEACgkQ57/I7JWG
EQlPqQ//V6+eUGkATmlFFyxsM91OsMgZyxtt0Pzf7XvFg4gBr+hJIaJwxasVRZGi
w/r4uYHmiX7fLrXnanT+RekT1zCGQBOLUvm2Rlwi845PAl9fMCSb+9Jiz60THeN7
cHg7JEvNhTEEDpLK1FJlU3fiMqb5LRdUTkz+RkhKRfITm4/bT3h0Ow72/Xy6JsrI
nAf/AyncvBCQvrIUXYyfyHUPhkYMk8L7bC6G4o803kFdPYTb1WR2gRbpsI6jSVs8
YFbrfMpH1foPHiTVWP+inDN9LA2TO8QGMvAuCAQzQuLzKztrU0i/1shjDfaN61qx
xQhXE08TwNnkDZQCtIFZrLkRPSFlLqFqVWyL9eyPAYNAnZeugxB6F3HOWk5cKWqj
NPpZ10zAnKliPnL7z+eFlxLq34UgVqqe1FeRB5iBEC2dQYEs3LuB1RF2zFOuZ74T
cvXKJJhuR4iMNcAOax6Uab+3iyC/PGm5VSiCL+IPbD7H9IaXLcICE8l1r0zRs5Sa
Um4YQKTy8kFK/CRsEOB8CofXMuBXLzEw2xeNn6187d/ZeA7uiUsyd2nVkXnO0FNt
B2JkV6kwO99WAnNwTZSwF7QJJe8ir7X4X1qdk00sqNYiDff/CBHjRT1gLRzNyOuJ
r9QFKRt4UGF3XGpE89czRRoHfP9WkdrmdmP1i/DnkSVO6L8/y6Y=
=AxAX
-----END PGP SIGNATURE-----
Merge tag 'debian/4.8.15-2'
2017-01-05 00:01:00 +00:00
5efdda62b4
kvm: nVMX: Allow L1 to intercept software exceptions (#BP and #OF) (CVE-2016-9588)
2017-01-01 09:15:13 +01:00
e7ccf65ec6
sg_write()/bsg_write() is not fit to be called under KERNEL_DS (CVE-2016-10088)
2016-12-31 20:21:43 +01:00
344453b7f7
Release linux (4.8.15-1).
...
-----BEGIN PGP SIGNATURE-----
iQKmBAABCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlhYKrFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89E6xQP/1MRca+ekUynYy2IFUipst1zlvO94p59
79Pe26mFBb05MuDdU1DaA/fJvlpG14rDCnXCid8AAGF9LtuCzrxo6K2RdHpCi8h8
JuJCRSMrh3p3SvkeTDm3osLuRgaARvD7ruBOpWYki3D3TORpJk9IELK+HLw4CfBb
I50sJQSfTQm1/TKEwbHIHc0L1/FH5yVqMYA8v5KvJsz94ICXe4J5FJyIReexqVIL
LGO45r23eOHJ9rmO/XP1gtp9sRtPev2ZAbL4VwOqbku/KVQGQUMsikv0TUHBZT1C
jCz2ffFaJtTWWFhoKTUqCmKyqhuIklGMS4MOPHMxjXBdgA6Nb2iGOWc53ilQ35v+
umh4BJWNgqtJfkibJTDD/gA/f/U2f7O+a2ZTOXZjJPbK8bVNiyqnImHP4XWDS4OC
5IW7swgvvBVDIk7eDzDd3lKK8O1ZcWjS5U9PbaXu9C0XDeTSOKQUhfpRkfvUaqzQ
BshFmULrdvFKQzS/FJdcW/DkjGdcyYLjYtB+jPaHTG/ZytGDBqZIu4Yb4/hFAdUd
rk1MgyI4GfeBFT7RlItBJK+12WtdyTbfaiCDS4O+av0yM0drBIpm6wpl2OHZrP0R
70nZKVTcdSu+4TN3uoy2ZHHaw/ZsrsAE3EePQtdNtDAFYj7oIWjDDCVHJH4zdFHl
ekMUyxf7Hzun
=i7IG
-----END PGP SIGNATURE-----
Merge tag 'debian/4.8.15-1'
Drop ABI reference files.
2016-12-20 03:58:23 +00:00
09027445ba
Fix another mistake in original commit, set Origin propriately
...
Gbp-Dch: Ignore
2016-12-19 09:16:12 +01:00
46f0821f70
Fix Signed-off-by line for docs-sphinx-extensions-make-rstFlatTable-work-with-d.patch
...
Gbp-Dch: Ignore
2016-12-19 09:14:36 +01:00
36b7372766
docs: sphinx-extensions: make rstFlatTable work with docutils 0.13
...
Thanks: Dmitry Shachnev <mitya57@debian.org>
Closes : #848349
2016-12-19 08:30:20 +01:00
a9f6833ed4
Update to 4.9
2016-12-18 18:00:28 +01:00
966cf13de0
netfilter: ipv6: nf_defrag: drop mangled skb on ream error (CVE-2016-9755)
2016-12-14 17:12:59 +01:00
14a852ee64
Update to 4.8.14
2016-12-12 20:28:07 +01:00
93304bd632
net: handle no dst on skb in icmp6_send (CVE-2016-9919)
2016-12-10 07:42:41 +01:00
d2f4158d99
Don't feed anything but regular iovec's to blk_rq_map_user_iov (CVE-2016-9576)
2016-12-10 07:35:50 +01:00
56659f5080
net: ping: check minimum size on ICMP header length (CVE-2016-8399)
2016-12-10 07:29:51 +01:00
be8be2cb5f
net: avoid signed overflows for SO_{SND|RCV}BUFFORCE (CVE-2016-9793)
2016-12-08 19:28:56 +01:00
3b66b4fcef
packet: fix race condition in packet_set_ring (CVE-2016-8655)
2016-12-07 10:34:33 +01:00
27fc4207c6
tipc: check minimum bearer MTU (CVE-2016-8632)
2016-12-07 10:31:56 +01:00
59ebe22f2f
Update to 4.8.12
2016-12-06 21:19:22 +01:00
b3906798a8
Revert "default exported asm symbols to zero"
2016-12-05 01:07:36 +00:00
1c1ab88dbe
Update to 4.9-rc8
2016-12-05 01:02:03 +00:00
7e80c27706
radeon: Update package name in error message for missing firmware
2016-12-03 03:30:15 +00:00
34594185e1
Drop "default exported asm symbols to zero"
...
This caused *all* symbol version CRCs to be zero in modules on amd64.
2016-12-03 01:45:17 +00:00
2431e89ed3
Update fixes for exported symbol versions
...
Linus has re-enable CONFIG_MODVERSIONS, but also weakened the version
matching. Apply his match but then revert the weakening.
Also add a proposed fix for missing version CRCs, which gives them a
default value of zero. Since buildcheck.py now checks for this, we
should detect all unversioned symbols at build time.
2016-12-02 23:13:17 +00:00
54d0756a33
Fix exported symbol versions
...
- Revert upstream changes moving exports to assembly sources
- [x86] kbuild: enable modversions for symbols exported from assembly
- Revert "Fix subtle CONFIG_MODVERSIONS problems"
This leaves powerpc and x86 as the only kernel architectures that
export symbols from assembly, and <asm/asm-prototypes.h> for those
two appear to define prototypes for all the functions that are used.
2016-12-02 00:19:09 +00:00
ceb75c4337
mnt: Add a per mount namespace limit on the number of mounts (CVE-2016-6213)
2016-11-30 16:15:29 +01:00
b67bd212fa
vfio/pci: Fix integer overflows, bitmask check (CVE-2016-9083 CVE-2016-9084)
2016-11-30 09:15:19 +01:00
609f818472
mpi: Fix NULL ptr dereference in mpi_powm() (CVE-2016-8650)
2016-11-30 09:04:11 +01:00
3536d5d7a6
Update to 4.8.10
2016-11-28 21:10:27 +01:00
a559c41683
Update to 4.8.9
2016-11-26 17:37:18 +01:00
fa9e148da4
Update to 4.9-rc6
2016-11-21 23:52:49 +00:00
96f3d8b5c3
Revert "include/uapi/linux/atm_zatm.h: include linux/time.h" ( Closes : #844491 )
2016-11-16 21:18:15 +00:00
b7117071e0
fs: Avoid premature clearing of capabilities (CVE-2015-1350)
...
Closes : #770492
2016-11-16 19:23:06 +01:00
b048cc5a7c
fs: Give dentry to inode_change_ok() instead of inode
2016-11-16 19:20:21 +01:00
2e74b80287
fuse: Propagate dentry down to inode_change_ok()
2016-11-16 19:18:11 +01:00
055cd5a2d1
ceph: Propagate dentry down to inode_change_ok()
2016-11-16 19:14:26 +01:00
2683f37d06
xfs: Propagate dentry down to inode_change_ok()
2016-11-16 19:11:36 +01:00
26676cdca0
Update to 4.8.8
2016-11-15 22:32:40 +01:00
abd19bbc53
Release linux (4.8.7-1).
...
-----BEGIN PGP SIGNATURE-----
iQIcBAABCgAGBQJYKMjFAAoJEOe/yOyVhhEJOtIP/RIo9vUk0PusThnw4bYQTA8T
x8UTEpGJ+tqWBRL+yv7Ff3A8qP2TRAvJW2xzqu1+4UwNYgCSTa8A20bJ6crGzN8X
Y6J7nqWFuzWsB2SHsPvYI1m0Q9luNrQ+1vkohpH53u8FfJxuceHwP/tFj6ShMl8i
bNUiftui2Sc82JUjUdiG2EpXlIJH+N3aO8+R5ER3qUqoiHxChrslSbh3Lg8T8Tcp
ItwwLi6K9s3CjYCiDiZ54+BYYQRy+rmTRFpEmgac4v2+HqXrMKAR4D6EomqMl3r1
wHQ/F/Tt1GMvYvJniKWJIJVeCzuZSBmaQrL+D7xkKVGrzMo7QGGW1xr3DzyV1alc
Ugx4k2nDbPDGinrbkhJbuds02VDIl8vfrnUM1NCYZ2GrReD5jJPj6OcZvlXRbjZw
gUL1j+3w1dCa71E2rufZK7DZnGw4MjR9Q0cAefbgWNzEFDNh3nXQEKpxleEMmT/C
xXVR2cfUpOAr1J4vR++I7kAn9re9tw7UlX3JYqH8+ty6Lm+DxrzoGMxEd1bmxYm9
yzIn4O8x6LK2B7NdHfRs1SJC4rWWy/3+2z+5SnFroGMem8ugDhB95Q3QFvQGe9Ga
zw1T6+GlYF9oglzY87XcKY2oUQveL8A45pM2TF3HsgGbx7wziR2yymjWAk03w32Y
uYbKvmpQsH/wNrOA8E8I
=uDst
-----END PGP SIGNATURE-----
Merge tag 'debian/4.8.7-1'
Drop ABI maintenance and patches that are already upstream.
2016-11-13 21:52:47 +00:00
b15e0cf459
Update to 4.9-rc5
2016-11-13 20:35:21 +00:00
e8880932f8
Update to 4.8.7
2016-11-11 20:00:01 +01:00
82c55764b5
kbuild: Update -fno-PIE patches to match upstream
2016-11-10 20:26:29 +00:00
7aecddec04
[amd64] kbuild: Add -fno-PIE to scripts/gcc-x86_64-has-stack-protector.sh
2016-11-03 16:51:48 -06:00
d882885835
cpupower: Fix checks for CPU existence ( Closes : #843071 )
2016-11-03 16:11:35 -06:00
586b6ef20b
kbuild: add -fno-PIE ( Closes : #841368 )
2016-11-03 13:32:07 -06:00
c6318ee2ee
Update to 4.9-rc3
2016-11-03 13:04:20 -06:00
0acd08301d
Update to 4.8.6
2016-11-03 12:08:20 -06:00
4ac6860c3b
Update to 4.9-rc2
...
Drop/refresh patches as appropriate.
2016-11-01 09:39:31 -06:00
d9f03c486b
netfilter: xt_NFLOG: fix unexpected truncated packet ( Closes : #841261 )
2016-10-28 20:16:09 +01:00
68bef0cc04
Release linux (4.7.8-1).
...
-----BEGIN PGP SIGNATURE-----
iQKPBAABCgB5BQJYB7RuXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ0NjQ0NDA5ODA4QzE3MUUwNTUzMURERUUw
NTRDQjhGMzEzNDNDRjQ0EhxjYXJuaWxAZGViaWFuLm9yZwAKCRAFTLjzE0PPRKbv
EACPw/ltBkYlQohcTxO+Jwg6Pj9J2UAcuQeDBsRLxOONLEcfChUtB6YbWnjpP4n7
PBjFl1oXFlRL2AIp8yJJDNyLRApNHaIJ5Rw15OU0XBZi61iFkMhvZHtFUJI0VifU
40otIo4/IAgWfYjcIl445m13bS21XzaYkT5hDmKihp1975gBP51LyVXtMPvYC2HO
2grpj37HbDEhKfXSxPDG++ID20VrHOyKVNnfyzg9lOe0oNRT36j5i1QJtqQPekh1
gWx98W/QqVpmeyRV1xvFjit2AzjwrIyp8H22wlN5IOG0HXitOrEA0AiQi1pjcMM0
3O6wRmWTiOoiMiCQEQ+O+92U+uALTG0ssq/9rubAW70CieiQLKmQBZiSoY3JVDfl
AojNP89QIx273w2aGQpZUY/RJnFWFy3fdh+c8wuLbTGkV3cCwXTd1VpNvi1EVKKK
SjFytKI3AGLAihXiThbICSiynqsRKdh7ypWzoCF5OxdURk9/HXSOYpk0Ieuqze+R
niLpETsVpfZCSHjjlG/7oaPAdGEqTm1BZ8a36HmzuByGftARwZ0XqaSUMsbOJC+n
nZrljSt1migRNKcONPuAvVucOjtI6Bj52Azdq2KutQiKZt1Kie9jLSA32/VNT6u5
xCRtMNQnatFCUqdJm5pI0pnUgdpL9nykbggY/g0uPBJfEg==
=6RXa
-----END PGP SIGNATURE-----
Merge tag 'debian/4.7.8-1'
2016-10-23 04:43:12 +01:00
c5c7172244
mm: remove gup_flags FOLL_WRITE games from __get_user_pages() (CVE-2016-5195)
2016-10-19 17:56:02 +02:00
82d68fe753
KEYS: Fix short sprintf buffer in /proc/keys show function (CVE-2016-7042)
2016-10-13 22:50:12 +02:00
ae695bc66b
scsi: arcmsr: Buffer overflow in arcmsr_iop_message_xfer() (CVE-2016-7425)
2016-10-13 00:24:49 +01:00
efccbd4eb2
posix_acl: Clear SGID bit when setting file permissions (CVE-2016-7097)
2016-10-13 00:23:11 +01:00
c27b72f255
net: add recursion limit to GRO (CVE-2016-7039)
2016-10-13 00:17:03 +01:00
6429254d8f
Release linux (4.7.6-1).
...
-----BEGIN PGP SIGNATURE-----
iQIcBAABCgAGBQJX9/r9AAoJEOe/yOyVhhEJaFIQANHw/AYqMiP/0fnT8TRl1ISq
1jK7KhHKs4h7O+f4r/D31FLUAC+YVhpAqw4aHCiTwg9fjVULLcxaX91AAtpdliGm
NhWPT7/p8S6SiLTZtVxEb8MAzNqTnN4UdoBMdetWvHYSD/zq5U/BSWCTmm5pOu+X
E6mzwHdkgzUF/Wnt3bmmSmU415BG4nW6xIroYfH3DDSoj1pkxSW9BUhIv2L5mY25
emjFyXMqYRKJ93CBbCewNy0sLiL1V94P0r8HIdo2JDQg1QecYnYtV0AC/2kZODhm
9l3OyB6Dp20y5ib+t6/+4WqvmXl6XrvvjZMtHXsyv44gC1j7e0ChrXbsYk//4Lpo
FgQ8IYaNLskPEXyjzNHhwt61i0BIfZmKSJ17ldkgofAmt+Wa1926jFih5twFu5fj
pMkkxlJUZU7QKxEtuhC7bSOzRzoXjb+xx21Zgenhc89GamagRAKncFbRlJ6K+4pS
SMVlnXuLC0MHlUnAxZQ/N7hdhS235UxSFBp3qyOrYDWmjxyXkItyRfd7SKeSk3Vx
ZikpGlvsvExvyzrjTdyLwBmlyj2I+XZxGxOT2pe4EYb1xxLXUTBAqU1Ycsd8XjC3
lUqTn3r29PYeXRYC9eUsJryLJjejdkTIssM5Y9hhoi9KjMnLptRS7tJAeCO+C8QF
Qyhb3De7DCWrkcl8YSJI
=fl9b
-----END PGP SIGNATURE-----
Merge tag 'debian/4.7.6-1'
2016-10-07 21:04:15 +01:00
ec2dc97fc9
mm: memcontrol: use special workqueue for creating per-memcg caches
2016-10-07 00:59:09 +01:00
78f97bb258
Add of_mdio fixes to make device tree fixed-link definitions work properly
2016-10-02 16:26:16 +01:00
b2480a3dfe
Release linux (4.7.5-1).
...
-----BEGIN PGP SIGNATURE-----
iQIcBAABCgAGBQJX6HXOAAoJEOe/yOyVhhEJA68QAJSLxpMHBbl9474Q/SPonncf
S7NXiYZQuo7STq0uHUVxtOTpVKRc/7y793tdtpI3Ec6nZqilS+4uKq1QNAh7kj6n
JwilTLkfbjRS4+VqEEHJtVfK/bjijEep943W+uv3foMXPzbJulgRNrf54nUOFA2n
WY1ZfL6Dp+tvys49UrK+3lsuY/ZCLzpck3m0rScGYgalfnZo00ttPto29YZjVXrp
7RZset950hvEvL7cD7GXi2pqoEcvV3AISOABgKU0U6VitS1E8wJHW1pDZvHgZDKO
55lAdyyEsAE96J1RzKwPjyHTKDmr1v6AiqNxwviLndwoLflYHUbsZBx0H9pRE0Gi
45IDQELGFToJ/4dDNijk3oyOsQaV06f0gYv+FqGnN33IWxrlz9oQ3PSWB6qA9dr5
vBGG1tzoYFdManBwZvH5smD25Ckc3TK2UzMqJA1BIjRpCoajxfmZWcgfPH8Z9gwJ
5giCQkEKCbbwAXmRwVCYDFp5t0DlnyiY0/IizunHUxFapl9B6SNRFPhJVbUCNV07
/yzsRU+TcNnV1oGQE9+uWTIelUQmc5cvMiaIlW7fifrqPAKCCnk2imYI1Tx1jsVl
VqLo1Jalt+iZGKsEt6I3ST6LX1k/QFkz7BmJ4Yz+NdwwN6/Jq5rufFxLWGdIYPdI
N4PnNBVMK0ooLqbaatRO
=PYYu
-----END PGP SIGNATURE-----
Merge tag 'debian/4.7.5-1'
Drop ABI maintenance patches.
2016-09-26 02:16:56 +01:00
7a0f81fe53
ext4: Fix checksum validation for inodes with small i_extra_isize
...
Closes : #838544 , regression in 4.7.4
2016-09-25 22:00:56 +01:00
bdec0fe8f0
Update to 4.7.5
2016-09-25 03:05:35 +01:00
63e9d321c9
mm, oom: prevent premature OOM killer invocation for high order request
...
Fixes a regression in 4.7 and someone already asked for this.
2016-09-09 20:49:48 +01:00
7dd9d01ac5
Update to 4.7.3
2016-09-07 22:07:27 +01:00
95a7eda177
Update to 4.8-rc5
2016-09-07 21:27:44 +01:00
507f588e72
drivers/net/phy/marvell: Fix mis-applied patch causing build failure
...
We patch out some of the code here by inserting #if 0...#endif. When
I last rebased, one of the #endifs ended up much too far down.
2016-09-03 13:00:10 +01:00
1222968771
Update to 4.8-rc3
2016-08-28 19:52:50 +01:00
47ba702e2c
liblockdep: Move dummy definition of prandom_u32() to fix missing declaration
2016-08-28 15:03:02 +01:00
2c76695c24
aacraid: Check size values after double-fetch from user (CVE-2016-6480)
2016-08-27 23:17:17 +01:00
0db6147b7d
tcp: fix use after free in tcp_xmit_retransmit_queue() (CVE-2016-6828)
2016-08-27 23:14:24 +01:00
6ab7944873
kbuild: Do not export variable name with hyphen ( Closes : #833561 )
2016-08-26 01:43:33 +01:00
2fddcf7c7f
usbip: Use the locally-installed <linux/usbip.h>
...
Some years back I patched the #include of <linux/usbip.h> to include
the current, uninstalled version through a relative path because the
system-installed version will normally be outdated. We're about to
start copying the source to avoid writing autotools crap into the
source directory, which breaks this relative path.
Since we now install the UAPI headers under debian/build at the start
of the tools build, drop the patch and add that directory to the
include path.
2016-08-25 01:28:48 +01:00
7a54b56ad5
Merge branch 'sid'
...
Drop rt patchset updates as they don't apply to 4.7.
Drop various other patches already in 4.7.
Fold the remaining Debian changes in the open changelog entry for 4.6.7-1
into the open changelog entry here.
2016-08-24 20:43:19 +01:00
f445dbb9d9
Update to 4.7.2
...
Note the CVE IDs and Debian bugs fixed.
Drop the patches that have gone upstream.
2016-08-24 20:40:14 +01:00
a7280813ac
Update to 4.6.7
2016-08-16 11:13:39 +02:00
d42cdc5bfe
audit: fix a double fetch in audit_log_single_execve_arg() (CVE-2016-6136)
2016-08-12 16:27:20 +01:00
7184d7bfd9
tcp: make challenge acks less predictable (CVE-2016-5696)
2016-08-12 06:52:28 +02:00
457d8bb6bd
Update to 4.6.6
2016-08-11 16:29:28 +02:00
c0e269c0cd
libata: LITE-ON CX1-JB256-HP needs lower max_sectors
...
Closes : #830971
2016-08-05 15:40:08 +02:00
c2a8f662b5
vfs: ioctl: prevent double-fetch in dedupe ioctl (CVE-2016-6516)
2016-08-02 06:47:28 +02:00
f8edc4357a
Fix perf to be able to find debug info based on build-id.
2016-07-31 22:35:09 +02:00
e8c1b8e306
Update to 4.6.5
...
Drop patches applied upstream.
There are some ABI changes still to be resolved.
2016-07-31 01:50:59 +01:00
f000506362
apparmor: fix oops, validate buffer size in apparmor_setprocattr() (CVE-2016-6187)
2016-07-13 20:30:05 +02:00
0818af71cc
Cherry pick patches for rtc-s35390a from next
...
This fixes shutting down some QNAP NAS devices after being waked up by
the rtc.
2016-07-12 21:44:39 +02:00
3c35987b05
HID: hiddev: validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands (CVE-2016-5829)
2016-06-30 14:53:31 +02:00
419d6356df
Update to 4.6.3
2016-06-27 00:58:54 +02:00
12183bf924
nfsd: check permissions when setting ACLs (CVE-2016-XXXX)
2016-06-25 00:56:15 +02:00
9fd7bbdf1a
netfilter: x_tables: Add fixes for CVE-2016-4997, CVE-2016-4998
...
...and probably other issues never assigned an ID.
2016-06-25 00:19:29 +02:00
f5f99415a2
percpu: Fix synchronization with chunk destruction (CVE-2016-4794)
2016-06-25 00:19:08 +02:00
b782c52536
KEYS: potential uninitialized variable (CVE-2016-4470)
2016-06-25 00:18:47 +02:00
8313db8a43
Add Forwarded URL for cpupower soversion bump
2016-06-18 13:00:14 +01:00
a808d3112b
Release linux (4.6.2-1).
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABCgAGBQJXYbBEAAoJEAVMuPMTQ89EM8wP/3llI8Jr6Q+2ktVOqYQ7U0JT
+UEzEuKlVS+3/SjFZv8dAqpM018OJDIiccgzjvuny6MSYHiH//yWG4lC8O2WikBA
RhfbUsNWFImEkwhY8wD1cjuF0QIXNtR7qOKdCPX5wQUiG469WF4F4l3lgWoo01ub
hYXNsGebIjZTQE6KWGm97pvSRNFPT18DulANGpe9m804y2Xs+dQn6dVHKaSYT0BF
labA6C+hCmbMos3gEYNzjbmU9fxYpS98pXq7uc04ryBj3UjGoBlmxeip9yrIiC0I
oZr8kAxz5PCRSqPnhZqE51WO6eLaWIrEGGTnb6sOtbHYsTrNu8iHpWXVCkB8/2GL
LYhOJn3AyqJE4yb69EKSWL7cbVEqyVJHkGntGhTm+tKJP0QmnKlhQY47aViPt4Fc
IXQvUOeG94GROooRTNLp9/3N2di4p4YPNv2QgM5lUJjySWUMCNzw/MjpYfvuIHrp
bowSN5EYDpO6WqcZZVHogM9hJ2Aq+zWYkfK4f38r4T4+g0T8IQ8qMCY/o/LV7uod
KUbQ7SIHK7uAMT9BpJuslCwvwhKdf/9y/bcuOkB2alfR52uApdDkL04uD5jIbjaL
fElOyQPmJPNe0zxP6yZp4G3/JbMhWdX+qc77+GWkj27mBqnBEZKBHjCmU/6Vfv2Y
VolsoZ6sfxJ1pxlUcWPt
=li3O
-----END PGP SIGNATURE-----
Merge tag 'debian/4.6.2-1'
2016-06-18 12:59:57 +01:00
ece80cbbec
liblockdep: Add all the patches submitted upstream; drop one that's obsolete
...
(cherry picked from commit 9d20ab14dd77ffa306f6eb70c447c73f69077773)
2016-06-14 23:27:41 +01:00
95cba203d5
rds: fix an infoleak in rds_inc_info_copy (CVE-2016-5244)
2016-06-11 07:26:02 +02:00
01be9139c0
tipc: fix an infoleak in tipc_nl_compat_link_dump (CVE-2016-5243)
2016-06-11 07:18:28 +02:00
91d6f22ed8
Stack overflow via ecryptfs and /proc/$pid/environ (CVE-2016-1583)
...
proc: prevent stacking filesystems on top
ecryptfs: forbid opening files without mmap handler
sched: panic on corrupted stack end
2016-06-11 07:11:08 +02:00
ff5804f208
cpupower: Bump soname version and rename library package accordingly
2016-06-10 14:47:48 +01:00
906f7b1351
Update to 4.7-rc2
...
[rt] Disable until it is updated for 4.7 or later
2016-06-10 14:47:48 +01:00
4e2a281abe
Update to 4.6.1
2016-06-05 14:30:35 +01:00
6976b08b12
Release linux (4.5.5-1).
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAV0te3Oe/yOyVhhEJAQodqBAAjpkEuBm2kSlQD1y8qeb/+1+CxJPcqIH1
DHTyMpFHQvX5VT+vCX83WhiWncMz85z7f0wcElpNaZ/3ExOQzbmrIwsucgXRXVUS
txKxHaQQv8uU1m8dgxqjOWP80+IT71H9rBcitfrRqyzLiEhC1mPOfvxjtGTOJWw+
Lohie5WPMMsfrahQGw4srPMcpVRwVKuX5N+azgk6rg8VA7rxyxQaMZRg3rr+N7Aw
btwVC5vyL8K5Be0LnveR/PdOosaUU6XzyT7kNT0fLSO9H4bWenielHaduSDI5iU4
WcPRhymrHv0dBDvbyw8vkJMDd+/1x9gWk4/DHFQNw1miaUx87N+vKyC4rZ7Lqc2d
4n/hpq3HjPBZqC07Q0mddeTy7OoN4obYSXTipIu9rWBsTJtcxxwSUVg86+xo03Zg
bb0VoEudp9JZGBMLS8PjBJ66d+/p7Q47YnKV7ZwNKyLwRq4AMo65L7PeUJflNHvj
UmJrOG/6AJ6bi+eXrWDbwAA8mrwdPPKu+QzBSQ9c6hm4CFmgkgWTH/oA2iPsp7AX
iqcPgKp6XA8YLXpiDeCqvMV5cSkGD67cpIcgTB0CrH7KILXD61cP8QEl7eaWiBMW
MW9IPDeEBEmEN3ST2tg1H7udEzzpEZXHg4NZ5gOZ7lMZphbILrapJYuUf3PDdZKL
Ccz9YH5eSuE=
=gSlx
-----END PGP SIGNATURE-----
Merge tag 'debian/4.5.5-1'
2016-05-29 22:33:26 +01:00
1edaa5dd82
Re-apply "[media] videobuf2-v4l2: Verify planes array in buffer dequeueing"
...
This was reverted upstream in 4.5.5 due to a regression but we have a fix for
the regression (probably).
2016-05-29 22:20:52 +01:00
08942bb065
Add upstream fixes for various information leaks
2016-05-29 21:25:44 +01:00
327c921aa7
Update to 4.5.5
...
Drop changes that were applied upstream.
Fix/ignore ABI changes.
2016-05-23 02:34:41 +01:00
b88823f96b
Revert "stmmac: Fix 'eth0: No PHY found' regression" ( Closes : #823493 )
2016-05-23 00:59:46 +01:00
342ba3d57d
tipc: check nl sock before parsing nested attributes (CVE-2016-4951)
2016-05-21 16:53:08 +02:00
a65b751ecf
Add Forwarded/Origin headers to patches as appropriate
2016-05-17 14:44:47 +01:00
5ba72559a1
Re-apply "[media] videobuf2-v4l2: Verify planes array in buffer dequeueing"
...
This was reverted upstream in 4.6 due to a regression but we have a fix for
the regression (probably).
2016-05-16 20:06:26 +01:00
eaafcf8a39
Release linux (4.5.4-1).
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAVzoWxue/yOyVhhEJAQrD5RAAnOQWbgH3JJ/48u366vvlvebkKdfgdUQw
wyj+rfxCxWbb2i8iGh+gk4aN9FlNfmzUlPgA2esXJiCpjmZ+Ffj0aF8k7W4HkGPw
/dX2tuBEj7NKQ6TLY1BK9rzs8DQKMRw7lQ7r+uLlt0o8MjKMJg0FaA1UteC09trB
AXcSZdIeAtyPaMk1mBk3qcNsDMTIb/K3zk03sGy8HKwWgJJmHbcTm4/XWEzOOZUd
HYInRPiK724qMoIG+BkI+oigvaXEvuxHKMfKWdryKHsIyvAu4l/1myeBk/xy65Cv
/ga+NQQHJt8mfiWfleljKU9DC4wN/SQ5Nr9wzFC512TQfFVmu47BlIQPQWZ1oHjP
FQom301HEFTKqZRTIqOU6IQ+TPSSHWPPvD8jmmRFXycasvDkP0t2RNuM3gbhwU3b
9hui/YUlbzQUJOgWRitnRMk1jXtHLkQm8vRf7AIVXxT5+6u4EiZUvk6gNjg3Jz6h
dHkkrgCWzZgYIdAvqa8OF2j2ejSQUcBW3yxpSnw0T9YOxo4IiF+Il/dxwSDSX5BI
tBoNyzNH62yMOjGSQXcYOdr64KE1mjXpST+x1tRdU+n74ifP2CtA57o93WB6Gn5z
wVAuVeGmEAbIl7EcHl5r6ZC58da5syTl0BZEbH9YM54eLlM+qyLOwM0vWAztuIa5
ciXotUkDZrM=
=oSkt
-----END PGP SIGNATURE-----
Merge tag 'debian/4.5.4-1'
2016-05-16 20:00:43 +01:00
be1c8b16ab
KVM: MTRR: remove MSR 0x2f8 (CVE-2016-3713)
2016-05-16 13:47:07 +02:00
48902f4f1a
videobuf2-core: Fix crash after fixing CVE-2016-4568
2016-05-16 03:33:38 +01:00
3eae053b85
uapi glibc compat: fix compile errors when glibc net/if.h included before linux/if.h
...
Closes : #822393
2016-05-16 03:23:55 +01:00
efbab1e4bf
Add various upstream fixes with known or probable security impact
2016-05-16 03:23:35 +01:00
2365caa1f9
Further cleanup patch headers for net-fix-infoleak-in-llc.patch
2016-05-15 21:58:27 +02:00
c67a821486
Use correct patch header for via git format-patch-for-debian
2016-05-15 20:09:17 +02:00
88ec3673ad
net: fix infoleak in llc (CVE-2016-4485)
2016-05-15 20:04:29 +02:00
de9a44e36f
KEYS: Fix ASN.1 indefinite length object parsing (CVE-2016-0758)
2016-05-14 05:18:04 +02:00
1275559aac
[arm,x86] Fix memory corruption in KVM with THP enabled.
2016-05-12 23:52:30 +02:00
b92b4d15f0
Update to 4.6-rc7
2016-05-08 23:56:51 +01:00
be31f1ecd5
Release linux (4.5.3-2).
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAVy9ITOe/yOyVhhEJAQq2Tw/+IbJSVFZ3v7J7I6ZwZuJLmhnEpPyuE1Md
OkJieChhe0wpnIFQD3fhHsKClXUzHORahq8O4qGd5BPb9ttYSr7Hm/SvPxQK91Cr
mP857CZWNopLatVbKAzmQ3unFcpD/zbTGr2iC0IBmu4TJQBMr2tDejd2ndlq2psG
YoaHSh1wHutenaF9iFQ2/H2V6ScM7DX9DMTOrqhFxaIkc7WaJSjpVoKCrYxRFQUX
9ogMqxPRqTzsEBxS0PwO1vBTDx2OgwkmvnY0rOj1fpswgEfwvS4XO46EpiFx45Mc
grzDW6jrKMKWpeH1JC1YLvOltR/nSx4vM3E5sbjSKJQv0F1oIoQuKyfRLOw9Oe3q
4/7xqS5/aNJ9aaNPi4p7/L8JdGtkJEW26XczgXbKRlY4AfKvt7bPTztoe4KQOSDA
roqmj7f782nJOerQxKScsE7HM6DpLViSoGhCyf0DNnqwQaUKDyaLhdu0LNA73wCx
FMFQfZnDN8Yg0UP5BJouSoKprf4hL7CiQcMcfXqLj/QsNB8vCjfs6offKtZ7bckZ
Si1L2proXY3esQ95Npd2HIKDo4gGajQ8Xkpkf9+6FZdhMLm/w17y9kppgVlcKQ/T
q/emN0JEuzxMkvtZbmVMRzd0NI4tXzlBwOVcASMzI0ak5CLOPoWO0Cc/jOYg24H3
yabrIvpcq0s=
=jVBT
-----END PGP SIGNATURE-----
Merge tag 'debian/4.5.3-2'
Drop the ABI reference files and patches.
Rebase patches added on the sid branch.
2016-05-08 21:47:32 +01:00
8b31e1c0a6
Update to 4.5.3
...
Drop changes which were included or superceded upstream.
Fix ABI changes.
2016-05-07 19:40:36 +01:00
405645d788
Add bpf security fixes
2016-05-05 23:13:51 +01:00
ae6831e8b6
Update to 4.6-rc6
2016-05-05 22:17:45 +01:00
fc5b920758
Release linux (4.5.2-1).
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAVyKf7Oe/yOyVhhEJAQqAnQ//cXPxmlNgmpwl9YUWt7WWjMBr4fyShKp0
0MIcV8O7G1Jaov8valxFnSp7/LEDkA5bkQFec39ZKR4jjnkATCY7LWhC35PDe7fK
gSIu4+jhnAFMsedRcqlbugsnQAkZGfxPWvxBVqy7veBmMSEywnEs7XW/PVZBWLdX
kBmTwqoE5aKnaEYa2HwT53zKZBO4zG3AqHJAnU71DLf20cIPXm/zYthxatQs8GYs
AybmlejWWkZgpob6CSax8zoSvUuSJGIU63RaH4z8IT6I7C0imcAJ6qwqR5nKtkzb
zDmG81mmxGT1JAxptIeaJQw9qAnygFWKrRxk/uERoFhpFXYiropCuP7bTG7DZgDc
Nqec5PLt37Y6bV6eaKXpk/0IyvBdO5We+GUOTgf39v9HtDc6rKvHrTMtlr7DEKot
9d+P9ybQlEwB61pe1HU9lGUKSjMAA6RKsa3qAWcZJQYLylrFVYPbnIsVk3EG6z5v
0+F1rzTGPcB9iEUp1lKTOw+qk/13tKrLNvAX/Wz9RBpPUvNy2BBXNnEP8I5pCBV4
C2iyQZAJuGtTHdH96LjVXq9vX78ohnRcOQVrimq8/X6HWrOSU0WYWWJkxcHl4D3d
3Z6iOrrqWg95NIC/YH3iZHdKsq2KeHGsApZBBYitKCtCfkVchv7nfAb5rocc7u25
LeOq7Rc/dIM=
=BJL3
-----END PGP SIGNATURE-----
Merge tag 'debian/4.5.2-1'
2016-04-29 02:25:02 +02:00
d345dad8c9
Input: gtco - fix crash on detecting device without endpoints (CVE-2016-2187)
2016-04-28 17:21:17 +02:00
32586f7a95
tools/build: Fix bpf(2) feature test (fixes FTBFS on alpha, sh4; closes : #822364 )
2016-04-28 16:27:44 +02:00
d251b99807
memcg: remove lru_add_drain_all() invocation from mem_cgroup_move_charge()
...
Closes : #822084
2016-04-28 16:24:28 +02:00
f69db0a093
Update to 4.6-rc5
2016-04-27 23:50:01 +02:00
dff5585589
module: Invalidate signatures on force-loaded modules
2016-04-23 20:48:33 +02:00
2d9dcd6be6
atl2: Disable unimplemented scatter/gather feature (CVE-2016-2117)
2016-04-22 08:10:30 +01:00
fe835b64b1
Update to 4.5.2
...
As this includes changes to header_ops and dentry_operations, bump
the ABI number to 2.
2016-04-22 08:05:48 +01:00
9c63adf133
[x86] USB: usbip: fix potential out-of-bounds write (CVE-2016-3955)
2016-04-19 16:30:27 +02:00
690df616c2
fs: Consolidate softdep declarations in each module
2016-04-14 20:40:33 +01:00
f4701f7d70
Update to 4.6-rc3
...
Refresh or drop *many* patches.
aufs: Update support patches to aufs4.x-rcN-20160328
2016-04-14 15:00:19 +01:00
e49fde3f56
fs: Add '#include <linux/module.h>' where necessary in the crypto softdep patch
2016-04-14 00:35:10 +01:00
c37887e538
Re-group the patch series
2016-04-13 23:31:28 +01:00
df965c4112
fs: Add MODULE_SOFTDEP declarations for hard-coded crypto drivers ( Closes : #819725 )
2016-04-13 22:17:00 +01:00
e01d7b854c
ipv4: Don't do expensive useless work during inetdev destroy (CVE-2016-3156)
2016-04-13 21:24:19 +01:00
d0292c6f67
netfilter: x_tables: Fix parsing of IPT_SO_SET_REPLACE blobs (CVE-2016-3134)
2016-04-13 21:11:40 +01:00
6e05e68d7a
Update to 4.5.1
2016-04-13 20:49:29 +01:00
76de9f06e0
scripts: Fix X.509 PEM support in sign-file
...
DER format works but it's easier if we can use PEM everywhere.
2016-04-04 19:28:26 +01:00
ea7af96b4d
Merge branch 'benh/merge-linux-tools'
...
The primary reason not to build userland tools from src:linux was that
it allowed building with a minimal cross-toolchain and without the
target's glibc development files. In particular, the CI system at
kernel-archive.buildserver.net used such minimal cross-toolchains.
It is been a long time since kernel-archive.buildserver.net was
running, so the original reason for the separation no longer exists.
If we implement CI using similarly limited toolchains again, we can use
a build-profile to exclude userland builds, as these are now well
supported.
This merges the full history of both source packages together,
including in debian/changelog (which looks rather weird). The binary
packages resulting from this merge appear to be functionally the same,
though I can't be certain there's no regression.
2016-04-02 15:13:23 +01:00
d3da98fed6
Cherry-pick ZONE_DEVICE changes from linux-next
2016-03-25 13:45:59 +00:00
f24971b257
Rename and regroup patches from linux-tools
...
Move patches specific to Debian packaging under debian/, and bug fixes that
could go upstream belong under bugfix/. Put them in two separate groups in
the series.
2016-03-21 03:14:46 +00:00
42fd34bcd1
Release linux (4.4.6-1).
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAVuqe6ue/yOyVhhEJAQrUXhAAiL6ngAdCWDQRnkyS57hOm1wn8kVUtgHS
DNJaSdc1Kh3y/H97RjsyQsSisGGpADVwz4lrPdl91104+muhHHDdgwQSXpcNLsLf
USF5apNnKFm/fPHG9puTzAtXNWTeY7AMDF5FaNLWVTcCyhBpZZzp257AswrCZHc7
7WWf4WNC2ShBiXidyPj7yYzBJn6VHeJRmUpq5EhQZW/t6aQud3biYTu4eE5QWrni
CsU/gof1UT0nrN4iAnYp31saAm62ZhgnNDthfV2ihiGKw7uSlBm12PgsndE3XksM
Kz/ANdW6ygd+GTsA63OjihOA4BDfX7rsu0rZfpuG+sMWmLfWmBH3olAs0aUjix8H
0VPx9Z6bzGvUaelIo2uu3i5XxYE8Qc/74HCnuGs+oqaW1YJzvMoOzaxdRK51bKsA
dpbYi+aievqkTzblgIKKCz/hn9DL8WWnYMvFXkB67MUGeM9gzAFCsjAZJkOpEOOm
/mngZe7bs9FKBNbhnsdk2IS4G5g6/pa3RbBKK7P00gMKrx42jHN91uKCXn3B6ok8
hlecoqiadRKU18RikXKtkSIZKSlGzIFs0ipS5XgUZxFY9z4QsJZ/FZUHRzCuNG43
eLI4C8ongD/mbR58RTxRnwFmdy1mvQVtNnkqb8Ezr5F5x9FAY4YbIyVwH2yzDNhG
QQ9b6gS5yyo=
=5Nfc
-----END PGP SIGNATURE-----
Merge tag 'debian/4.4.6-1'
2016-03-20 01:15:39 +00:00
37886b6ea3
netfilter: x_tables: check for size overflow (CVE-2016-3135)
2016-03-17 01:15:05 +00:00
67517892da
Update to 4.4.6
2016-03-17 01:04:39 +00:00
35ecf69e71
Revert "drm/radeon/pm: adjust display configuration after powerstate"
...
Reported to cause a regression on some older hardware.
2016-03-16 04:09:45 +00:00
1e5b912113
Update to 4.5
2016-03-14 11:51:52 +00:00
acdae5bf41
Release linux (4.4.4-1).
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAVt36Iue/yOyVhhEJAQq2sBAAsaH+xQpVkN6ebowtW4thLPrrqzRoIg3N
a5LnM1ujK9EaQCj/ArtvD0VwLlYtUYSVGRhRJ+ipDGcQFkRTQhi1go4rymdKpTeg
eUWlbL8raP4Zn+CoX1TUXRuLl2mtIGQWdGUnbVV6vgqMudirvV4l6rhG7kqfkB/J
uuGaFK7xncI+rqBaPwnX1Gdoyltz88BMPW4H1XyN9tZRActH+k8EaqFURrP2Bk8/
SL/2vQ6/YVrSp3VAmWiKBXLghEHOe8zXTiJWt5QpZt4F5EHA3CKIdUrxpOy/iMyk
8bRwFCA11DA1BqVVlboZcerMFAHMwbPb8Z1p6MB6IwBzJ2XxShK2XqW/bxNmwbcy
vQQQGqfkhXWU9hakDqgos/O7cHAcz9PnIdg0nKMOyc42p5OiJ6+OiHLntfyGzW8s
keq3xfV0CUMbfg7AF1pKJv6IdrvQBIUzvPK+JiZVb7c8q+rGYaTBbWFn2oISAWWa
hmyoYvi6XIhVEiBuwdtCzKz7E8MaPun+QjnJTU0dhj1HEA5gSbMl9VY7dqxAC4qR
bp5WU/qFvMMGdJanSDW1PSSr3QZ7d2TB/oK2aPrYDh7JMWIBfjERrV6dTcZSHTa2
xePncYxYq/BQMf2CZF3hNL3XVaF3Y/V7MDg1KdTpWNJb25pjo4WhsXsAR1kJBJJY
prNUjENK65M=
=g/x1
-----END PGP SIGNATURE-----
Merge tag 'debian/4.4.4-1'
Drop changes to the ABI reference and ignore list.
Drop most of the new patches as they're already upstream.
Drop the -rt featureset update.
2016-03-07 22:19:34 +00:00
d2894c9e58
Revert "drm/radeon: call hpd_irq_event on resume"
...
It is reported to cause regressions (crash/hang) on some systems.
2016-03-07 07:58:04 +00:00
54a4358d99
Update to 4.5-rc7
2016-03-07 03:05:13 +00:00
9f9bdca061
uas: Fix high-order alloc
2016-03-05 18:44:05 +00:00
13ca0a257b
Update to 4.4.4
...
Drop patches included in it.
2016-03-04 14:42:26 +01:00
62226211b4
Update to 4.5-rc6
2016-03-02 14:33:44 +00:00
4db36a2b1c
genirq: Validate action before dereferencing it in handle_irq_event_percpu()
2016-03-01 20:15:44 +01:00
bcf60af755
Update to 4.4.3
...
Drop several patches that are included in it.
2016-02-28 07:57:17 +01:00
5810ec7828
unix: correctly track in-flight fds in sending process user_struct
...
Fixes a regression caused by the previous partial fix for CVE-2013-4312.
Ignore ABI changes as we never build unix sockets as a module and
nothing OOT should use the scm functions.
2016-02-24 01:47:32 +00:00
cdcc46b5c4
Release linux (4.4.2-1).
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAVsT0Jue/yOyVhhEJAQo96w/+IZBasj9Vf3KovHNaOXaW1rZL6GRVNzpB
OSNqINfAEtvOR8RuwAcA/zgHy7NNDS9CkDQgjGdJKIhdXXem7mG7Oo3iEwb5osL7
HhUPmeTmXqsa5C6GWzNtERrtX6N8XtBV3inR8iSS46XOm+RHq5UnffqZB35DqUbq
G0h5hiZSXXIXbn0MYJWSPAekAmTXdcevGUoe8bIBD+wH/X4oPINmQLkH6PL5iK7B
KHbf7dJ+JnmbsKJdBpfZvPoa6B1a9FL3HLKkOQjmYF0YjIzZe14JHnvjZNULBmj9
eqmwpfPxAmR5XQgUBu1TPx37FB/nJdMUjZQNz01k0Ybv3l6lKocc7YwX3kViitqe
CiWqbq7LPwN1QNGI6Sf7UB/1XjWJPzWsYoZ0AjDH3ihIPrxmYCdjJstFXr0W3qEG
4e3pJv8gqHxP5SSmE5PQQcS8uiisHmADHZc7C02mxWGDLpqb3gmtgrGqQRFjkk55
tpn8jz2fGGt5VQkhpSBE8wWG4fHRFwiLaAsCVv9jE36pLNq5M9U9VnilCPeoTkti
JcDfPYBjma6RVADIU6tkNnjxJcHFXAqEb5Jn0Wq89GGaS1egAlch4K/XYS+OnIH9
m2Fg4P+TdMePDYxh40tNTIwwHcHLffNfe9K+Ien/DmffuQ87Jk4hfKPW/ZXDO3jO
qdrmLXK2BEg=
=syys
-----END PGP SIGNATURE-----
Merge tag 'debian/4.4.2-1'
Drop rt featureset changes.
Drop patches that are already in 4.5-rc4.
Keep the ABI version at 'trunk'.
2016-02-17 22:45:34 +00:00
edd433b85f
Update to 4.4.2
...
Drop patches included in it.
Refresh rt patches with textual conflicts.
2016-02-17 21:19:37 +00:00
96504c2870
IFF_NO_QUEUE: Fix for drivers not calling ether_setup() (regression in 4.3)
2016-02-17 18:00:31 +00:00
4b4fa14653
Update to 4.5-rc4
...
Drop many, many patches which went upstream. Refresh others for
filename or context changes, and for removal of radeon UMS support.
[rt] Disable until it is updated for 4.5 or later
aufs: Update support patches to aufs4.x-rcN-20160215
2016-02-15 17:37:08 +00:00
b84086545e
ALSA: usb-audio: avoid freeing umidi object twice (CVE-2016-XXXX)
2016-02-14 04:55:59 +00:00
29ef5032ac
bpf: fix branch offset adjustment on backjumps after patching ctx expansion
...
CVE ID to be assigned.
2016-02-14 04:54:45 +00:00
3c25ed439a
af_unix: Don't set err in unix_stream_read_generic unless there was an error
...
This fixes a regression in 4.4, also introduced in 4.3.4 and various
other stable updates.
2016-02-13 00:56:13 +00:00
2d5f78b62a
Revert "workqueue: make sure delayed work run in local cpu"
...
This caused a regression in 4.3
2016-02-13 00:30:07 +00:00
83fd76229d
af_unix: Guard against other == sk in unix_dgram_sendmsg (regression in 4.2.6-2)
2016-02-13 00:23:18 +00:00
1c28b9c3ed
fs/hugetlbfs/inode.c: fix bugs in hugetlb_vmtruncate_list() (CVE-2016-0617)
...
Fixes a regression in 4.3.
2016-02-12 23:43:07 +00:00
95ece6ebc6
iw_cxgb3: Fix incorrectly returning error on success (CVE-2015-8812)
2016-02-12 23:34:37 +00:00
6c26fa513e
Release linux (4.3.5-1).
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAVrbUcee/yOyVhhEJAQqY7RAAvLy0Z5eKYP7/Re1jHCuYqGFwhgIig+uo
yscoEqKlSWUwC7Tio5ar+oydqdvRyUOYB+ABXvpnQb+ImsPF5xNwYDLO5OIVGIuh
yc7RgHROYzDMYSqO8ToDAJbhPfd/UVUp25gJQqdbmozXr9lMPL1zH3/d5FUQgrcz
2AmCFDa6nvcCg6SxuT8IFl2lsDsPA7WI3AYUnFKVwxpwSGwZQmhH4G6SDBOTGd4n
Zx8ySfHle+Jz4aIYyD6jAFV4RVCsucwswwD78PYDZlfqxr29IzdwOx4MJNuLzxGp
A6/FVRg6V7b+/1E1BKS7wUAoN2F7JyXgrro7QsZEyq+ckQY/9CyfLopC0shx3+xv
2nQLGLb3rFySKkYXFBPJdQacr0zGRtEa5QdRWRVYPCUvXc2ju5pv8DTINzb7aW+6
tkec0Wks5LeDa+zVzbAJHpVgnE3PBSTJHpRWaqZv1C5avp92MmnphXxpjj5ifB2b
/eu6PzF4zAwM0Sr8aBY2riELQXMbFmtAE60+weMUjYHiL4MHc/yDNHtpjiz3zgrQ
qptf26uuHClC/FmMq+9jhTlbsXb9X30XWG94Dif0A46iAHAyRrO200DUlMYqx3KF
tDtHKHsJ2rqso6WQhuLOgd37qTKlt93rA6Se4bbDASQKdQealbY3COsYS1eulyJI
HXXB8qbopJI=
=cqNy
-----END PGP SIGNATURE-----
Merge tag 'debian/4.3.5-1'
2016-02-07 05:28:43 +00:00
af8b80ce07
Fix yet another ABI change due to CVE-2013-4312 mitigation
2016-02-06 23:25:11 +00:00
ef736f8440
pipe: limit the per-user amount of pages allocated in pipes (CVE-2013-4312)
2016-02-04 20:34:11 +00:00
3180443250
rt2x00: fix monitor mode regression (regression in 4.2)
2016-02-01 17:16:15 +00:00
1ba618c3d3
Update to 4.4.1
2016-02-01 10:59:35 +00:00
ba1393105a
Update to 4.3.5
...
Drop several patches that are included in it.
Fix/ignore various ABI changes.
2016-02-01 10:27:12 +00:00
b1fa3fac88
netfilter: nf_nat_redirect: add missing NULL pointer check (CVE-2015-8787)
2016-01-27 19:25:20 +01:00
76c256b5b8
SCSI: fix crashes in sd and sr runtime PM ( Closes : #801925 )
2016-01-27 01:32:15 +00:00
cdfc3b2f30
tcp: fix zero cwnd in tcp_cwnd_reduction (CVE-2016-2070)
2016-01-26 09:00:04 +01:00
024851fa3a
fuse: break infinite loop in fuse_fill_write_pages()
...
This doesn't have a CVE ID yet.
2016-01-23 22:57:21 +00:00
9b355e6846
Update to 4.3.4
2016-01-23 12:11:55 +00:00
7aef5117c3
Release linux (4.3.3-6).
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAVp48e+e/yOyVhhEJAQovuQ//Qqsr1OgRXNSxEZ9x6Szj+4wlhcHwnCB/
hgAU+Lhkic44oGuNy9Hu9gnsiEqgWtDAXF1ZKFa+6iNsHEunommB84qc6a9qrtJ7
TGzKaqyXQmvrQj9j9u5/09nw3Bx+LqZqRtGGN6kBwyTUhP0ndg6xfHtSZXP6JAAf
8AKb5hvef25x9E4ZA9d2VzsgMwgtg9utxlZj/5WGhC4BwbkV96RrZu+hqO1akqsp
bPKmKER0HDGvIqOfJQYTqjLAY4LjTGMLZAfcPeLn7gzT5Io+cujqy1K3JnqxRaWM
5/bauyFnMaTiaN+oeozTtjs2wkdr+4EljGu0+WJAsvK8rQ6/mVJsqEcx8ESwuYx7
lch8NBERfG0mGCEcpn+J5hsye7w9LQHugT1eKdrxx8JA1aiamnfofYE6XGYhURkx
j0p2A5wZnB0T1j52mEwwa7HtNY0mgCfvFy1z45zVeQDyGH/09a/ZDCJf7ildOOLu
cPDjyw3dGAi7HpeM2EkMCzZa342PaNYR//vfBRLb6kgQjMLgVev9jdf/mv2mqsB8
qIDC1AtI1Tl9b3CTRGZ9RIdGZ93UpiiKKSoLpRyowuZYLej0Zk8zSfsbPDhwPq0c
F+JiMqIQDZh/ggC9rzGCDbntqNv9oYk3r2WuLalGZQhP7lPig5J5Dz2i221RGCyu
MjbiTh1PG1I=
=vF8G
-----END PGP SIGNATURE-----
Merge tag 'debian/4.3.3-6'
2016-01-19 13:44:04 +00:00
e9490659aa
KEYS: Fix keyring ref leak in join_session_keyring() (CVE-2016-0728)
2016-01-19 00:41:25 +00:00
e90dec2a0e
bcache: Add upstream fixes marked for stable
...
- fix a livelock when we cause a huge number of cache misses
- Add a cond_resched() call to gc
- clear BCACHE_DEV_UNLINK_DONE flag when attaching a backing device
- fix a leak in bch_cached_dev_run()
- unregister reboot notifier if bcache fails to unregister device
- allows use of register in udev to avoid "device_busy" error.
- prevent crash on changing writeback_running
- Change refill_dirty() to always scan entire disk if necessary
As requested in
https://lists.debian.org/debian-backports/2016/01/msg00067.html
2016-01-17 21:59:33 +00:00
a9736a8ea4
Revert "block/sd: Fix device-imposed transfer length limits"
...
This introduces an ABI change and it's not obvious how to work around that.
2016-01-17 16:40:35 +00:00
f335c0cfcc
unix: properly account for FDs passed over unix sockets (CVE-2013-4312)
2016-01-17 09:27:47 +01:00
74cadf39f7
block/sd: Fix device-imposed transfer length limits ( Closes : #805252 )
2016-01-16 03:50:08 +00:00
18e70e2c53
Add some security fixes
2016-01-14 23:39:40 +00:00
d2547e3561
xen/gntdev: Grant maps should not be subject to NUMA balancing ( Closes : #810472 )
2016-01-08 19:32:35 +00:00
0f11ea7f19
Update to 4.4-rc8
2016-01-04 01:57:00 +00:00
e2abaa403e
Merge tag 'debian/4.3.3-3'
...
Drop the ABI reference and ignored symbols.
Drop most of the patches, as they're already upstream.
2016-01-02 19:18:54 +00:00
eafb4c30fd
Revert "xhci: don't finish a TD if we get a short transfer event mid TD"
...
Closes : #808602 , #808953 , regression in 4.3-rc7
2016-01-02 03:09:56 +00:00
45e2ecad07
drm/nouveau/pmu: do not assume a PMU is present ( Closes : #809481 )
2016-01-01 18:41:43 +00:00
e57c91d886
KEYS: Fix race between read and revoke (CVE-2015-7550)
2015-12-31 02:53:31 +00:00
fd75678652
Update 'net: add validation for the socket syscall protocol argument' to upstream version
2015-12-27 19:21:59 +00:00
6408412cc6
Add upstream references to selftest patches
2015-12-27 14:14:49 +00:00
3fac5cf03c
ptrace: being capable wrt a process requires mapped uids/gids
2015-12-27 06:19:08 +00:00
7b6f99cec5
[xen] pciback: Fix state validation in MSI control operations (CVE-2015-8551, CVE-2015-8852, XSA-157)
2015-12-27 05:54:06 +00:00
94b974ce0f
[xen] Fix race conditions in back-end drivers (CVE-2015-8550, XSA-155)
2015-12-27 05:49:13 +00:00
1ff79b037c
bluetooth: Validate socket address length in sco_sock_bind() (CVE-2015-8575)
2015-12-27 04:26:45 +00:00
e9708970a6
pptp: verify sockaddr_len in pptp_bind() and pptp_connect() (CVE-2015-8569)
2015-12-27 04:26:45 +00:00
5db0f0e307
block: ensure to split after potentially bouncing a bio ( Closes : #809082 )
2015-12-27 04:26:45 +00:00
d6b9e3f082
ovl: fix permission checking for setattr (CVE-2015-8660)
2015-12-24 06:42:25 +01:00
0aaf811548
Update to 4.4-rc6
2015-12-21 11:13:30 +00:00
fc3ff0606d
mm: Fix missing #include in <linux/mmdebug.h> (fixes FTBFS on arm64)
2015-12-19 20:32:14 +00:00
70157abb7d
Release linux (4.3.3-1).
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAVnCT2+e/yOyVhhEJAQr+qw/9E5dEKfpAfOywx9lA0eQKKBx2yt2IkdGc
0k9UFJlJc5xpOwEH03WOlU3XktlrwNzaT6U0Qvu6MW4Y77G60fDbAB/J+1jlYatK
02CEUmBgrD5M6Cm/9J085mglIEt+5tq0RIZwAWx7iki53H/y1KQ6uski3oZwcguu
Go5KP744Osen5cyJKgT+vV/VGHc+BJEMcNFNI1nlh71owTQKT2ZsLx8fd3ZIdGsB
8rTC3pIsE8YjTcaRhKcJ1t6a19fX/2fD7KsfZTo8YdfLReg29CZ6TlQF8clzh8yH
37RWnEEYZT3vDbLVFOr4RVj0/b5skJQmuC7Bs40dywPyjEK/OQHMUWdcw4ZAxsq1
kNL9DhShF4G+HW58VOCRZSMO+R4R2Cl7JIz4bjhhPIOka9X/vn0yk/QgR6z16g0J
DHc2zx9+OHlUgk89KpCtDYdzHth7uQAmg6WIJemVU1Mt4jdaHKoEtAI4iNkEjdby
1LNnmYjukIixpTtb/NJGtyQPWSOOHnRQa7Cq36SngZoT4Gowb5hbDI9v+IrSQZUj
ruEMqMl4Bcq3/R1HKdqcs0FK+obKceaHSoLH+ludH0U7UAjh3dqCotxHkX4DT+ws
0CJAM1PIiiXG6n+TQve/wepG/Fv2yuOJg1BEo32Qjy5RtzhZf4vgZEYKJFrCGxR3
oBYzz+yPcvg=
=AlwC
-----END PGP SIGNATURE-----
Merge tag 'debian/4.3.3-1'
Drop the ABI reference and ignored symbols.
Drop most of the patches, as they're already upstream.
2015-12-16 17:15:08 +00:00
ca0bbf698b
tipc: Fix kfree_skb() of uninitialised pointer (regression in 4.3.3)
2015-12-15 21:25:16 +00:00
8fd06d9868
vrf: Fix broken backport of "vrf: fix double free and memory corruption on register_netdevice failure" in 4.3.3
2015-12-15 17:44:38 +00:00
c4e89babe4
Update to 4.3.3
...
Drop 3 security fixes that were included in it.
2015-12-15 17:40:55 +00:00
61acdc692c
net: add validation for the socket syscall protocol argument (CVE-2015-8543)
2015-12-14 20:59:45 +00:00
824b04a59d
Update to 4.4-rc4
...
Refresh and drop patches as appropriate.
- Rewrite memcg disable patch to operate on cgroup_disable_mask
- The ancient Advansys Kconfig bug was fixed (differently) upstream
- ft1000 driver is gone, so we no longer need to remove its firmware
- One hunk of aufs4-mmap.patch is obsolete
2015-12-10 18:13:16 +00:00
12dc87aa9c
Release linux (4.2.6-2).
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAVmHQq+e/yOyVhhEJAQoKGw/+L3omCHQc+jEfre5v9KaKEFfDn/5wh2fF
C1U2n9tW3Dje//k1t5IalN2bxugjg86lvyobnNo+fP3GxbEftr0OJFKspWDlREcT
epebhVQwzIY5ilNaayIqU8+wO6N/Ocy7kDspDjT7aqKFs5ZxmKReR6mvqZzYtJX5
W6lrinX03bcBLaFGgHOFJeI/6JapVC8LxQPiek2NYuEAnMsGdN0CDpZRqsmgNtjn
PBYbfsfk/JMubr+2ddksZcQTPKoK5fcbbgHRgN76eKDEGZ9XychWlhA8VANw+dhx
I572cypGXxfV6AoLky7VcP8WKmWQVNWsXTMaFd8j0703xF/ands/Ic8mZOiftfh9
9Qg6yhDt16zBPk+6Ct2ce04TAEdaY6Zr4WZdYphgVrkoZQrMc1PUVJkg6cPC7bKZ
XANEWus39vJmHIM82ETY2BpZ8+kdFqehWpo0PM8kCfL06fAm3inIsKDa7iyrpLbJ
DSdrQiRPeGr9jjB6mOuAIw/Otlq+M8kHfBGD1lgf7luLWOuP7z67mj2kjhNUP+pI
yKZI6+xbwZ79+Sr6ZFQBPDVH400zbvinV0B3xV+ZUU/3ze6j3QVFEuA9KsqAVqN6
R9CiQJ3lP3SL64P9FMQDfQL75HD0CZnEULlqDIYAzBmtz2B/H0lhrODoO2oZHHKT
jmxxrVLxbPg=
=jlfq
-----END PGP SIGNATURE-----
Merge tag 'debian/4.2.6-2'
Exclude one new patch that's already in 4.3, and the ABI stuff.
Remove items from the open changelog entry that are now redundant.
2015-12-04 18:03:02 +00:00
7d0a4425fd
firmware_class: Fix condition in directory search loop ( Closes : #804862 )
...
(cherry picked from commit 5269f93afe
2015-12-04 01:15:54 +00:00
4668d13b75
Btrfs: fix truncation of compressed and inlined extents (CVE-2015-8374)
2015-12-03 00:50:36 +00:00
1060c43c3d
ppp, slip: Validate VJ compression slot parameters completely (CVE-2015-7799)
...
Plus a preparatory fix to isdn_ppp.
2015-12-03 00:48:31 +00:00
045f1d7a16
unix: avoid use-after-free in ep_remove_wait_queue (CVE-2013-7446)
2015-12-03 00:45:29 +00:00
22ad2142d1
media: usbvision: fix crash on detecting device with invalid configuration
...
(CVE-2015-7833, partly fixed in 4.2.6-1)
Also update headers of the previous patch to match the commit in
media_tree.git.
2015-11-24 17:09:48 +00:00
5269f93afe
firmware_class: Fix condition in directory search loop ( Closes : #804862 )
2015-11-12 14:59:37 +00:00
b531af6929
Release linux (4.2.6-1).
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAVkIVT+e/yOyVhhEJAQo9JxAAzMhh283CLxwNC9+oJKEpfD/ve+WLEcKI
7TiyttUesYegG0/5JAPU//S8LyHOXeu+6vqEO0NzReCTGdQi4oXZTpUQA9KNzCTF
TLsdFBa6z5mRYcRHeGVYjmhKr8MTVRumXv/3WTVSwp71t1W7dce4qTboMsFr/kmk
c6rGv5GNTtpHpyjevIrLAkBq83rwdbPz6dtNnBAna38awY61a7snFPr81WUvNu3I
uVD5Dcm+efAzL/tPSxwdZRhQ7Qi5SnqUgP/c/3keDYeCLgj87FxdXK4vlJvkgmQs
VGX/D9VyCQvFbtWmEtAdOJHqu2LuYd0ZljFvx3Fo59KHDm6GV60jsHaGYjc8a6o1
F7r6vaRGMLDtZhjFeYwVgJYCcHmQ8RO0fuKe4hslaiItg1rKLV738SrVRzl/oTq+
l/HwdWxyeEbqMi1rc8bzwnFaet2Av+eArEfsla4uul1ZgNwkGbV/qZjDW/lIHcLS
7cIYdiiv719AVU9rRR1JZR+92k4MsDaqerKNUl72yHr6F8YMY0T10GY5ddlyzAjD
gbOkqcAIxlwVdxzXjzVUdA6T2R7edEbGnVtSaqKdFJUgRuGMqqGlcQ5xsK3CN4LC
YlbHa2y90BpOro6E6d4Tt4dLBvq49PQ2QJio8JJNtIrpAEjN41xIXUD1AOsLvC56
S737q+9MAIg=
=Bxdo
-----END PGP SIGNATURE-----
Merge tag 'debian/4.2.6-1'
Refresh some patches.
2015-11-10 16:12:32 +00:00
7f79eccf5e
Update to 4.2.6
2015-11-10 11:32:17 +00:00
b2076bbc37
media/vivid-osd: fix info leak in ioctl (CVE-2015-7884)
2015-11-08 15:01:04 +00:00
ed853af7cb
RDS: fix race condition when sending a message on unbound socket (CVE-2015-7990)
2015-11-08 14:48:48 +00:00
222755c823
usbvision: fix overflow of interfaces array (CVE-2015-7833)
2015-11-08 14:48:04 +00:00
e317536be0
mv643xx_eth: Re-enable TSO, fixed upstream in 4.3
2015-11-07 14:23:40 +00:00
c5e06b9078
Update to 4.3
2015-11-02 10:29:06 +00:00
4c1226a6c4
selftests: breakpoint: Actually build it
2015-10-31 22:04:13 +00:00
a29879587a
selftests: vm: Try harder to allocate huge pages
2015-10-31 22:04:13 +00:00
a748a69c46
selftests: Make scripts executable
2015-10-31 22:04:13 +00:00
47af940cea
selftests: kprobe: Choose an always-defined function to probe
2015-10-31 22:04:13 +00:00
ac28c69026
selftests: Ignore compiler warnings
...
We can't fix them all yet, and they shouldn't cause a test failure.
Patch memfd makefile to ensure we don't rebuild it and thus emit
warnings during a test run.
2015-10-31 22:04:13 +00:00
499a3df5b5
selftests: Add missing #include directives
2015-10-31 22:04:13 +00:00
3bbce43ea7
Update to 4.2.4
...
Drop patches applied upstream.
Fix two ABI changes.
2015-10-23 01:37:19 +01:00
4a5cabce55
Rename patches for crash issue when attempting to garbage collect an uninstantiated keyring
2015-10-20 14:06:05 +02:00
6dd6bf4bb2
KEYS: Don't permit request_key() to construct a new keyring
2015-10-19 21:33:39 +02:00
a4b71a2ac3
KEYS: Fix crash when attempt to garbage collect an uninstantiated keyring
2015-10-19 21:31:55 +02:00
0856d72c31
KEYS: Fix race between key destruction and finding a keyring by name
2015-10-19 21:24:41 +02:00
e3bec54b78
nbd: Restore request timeout detection ( Closes : #770479 )
2015-10-08 21:26:03 +01:00
48bbfe3b4f
Update to 4.3-rc4
2015-10-06 23:13:52 +01:00
74a655e99e
Release linux (4.2.3-1).
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAVhQlHee/yOyVhhEJAQp14g//bgpNy9R1+sRM/tDsNhW3H331YOLlLnf5
1F6VXgzHnDspblgJctDmYAFKIujRNO/Rn1qDXJzh6bRrHnehnH/kJmu8fXk7zbHz
zT35/HhPIDQV04OTIne+6Pj56iMAneplPhoxtfEPUbLsqzcS9xriTIU3Hv+U7i4a
y7hfw5lYjbNFdkeJ91VmBFF6U2usmYYPFxokua4vFNsBAStayhoq0ozbaWCePMwn
V+tgR4GxlbPNvlfTMmEVITTM1M3wXLc9Gq87yEVwLVooshu0yQEmYD3KE87nLLAa
9zUpH5xK05EKZEPFDtLIcLa3JIB36BfNGqPLICGnw6EesHBU2ywGTDmQlQSd262W
byhbBMEMrCOQYkL53oMPXjBK5Sf+QuXlbaV+EOXUaolKS0qS+ss/ceip799RHa/F
JrEYJCLbboML6+2uE47cXugnEz2aYkDeiFygC4qTYxZAbGd6udZpsRVQTpjrhhoK
B+FPxwK8r5OX6OG6TOfr3XqmAeifTLn7g0IwQ5xqILO/6II/aZI6YvwF7DOrJx3+
0k6T+RwhSjy55l/8nCZnsbFQvxbYbVON7eQk5TNkting9CDHmWNzE5bTo0sUzWFt
ajrtrWQ34Z98a30GqMWPT8vPjgQx6Jos1XHzGa379W/jyArqe2QAedSfauWIszez
e4BdJBFD1YY=
=C10r
-----END PGP SIGNATURE-----
Merge tag 'debian/4.2.3-1'
Drop ABI reference files and ABI fixes.
2015-10-06 22:16:11 +01:00
11e8b8bbe3
Update to 4.2.3
2015-10-04 02:27:48 +01:00
b532cf080d
ipc: Initialize msg/shm IPC objects before doing ipc_addid() (CVE-2015-7613)
2015-10-03 15:26:49 +02:00
9490057db7
netfilter: conntrack: use nf_ct_tmpl_free in CT/synproxy error paths ( Closes : #800445 )
2015-10-03 02:33:14 +01:00
7427111a9f
ovl: conditionally use O_LARGEFILE in ovl_copy_up() ( Closes : #800724 )
2015-10-03 01:41:31 +01:00
c0eccb7ba3
Update some patches to the latest versions forwarded upstream
2015-09-28 02:54:35 +01:00
21444b8838
Update to 4.3-rc3
2015-09-27 18:36:09 +01:00
346c496823
Release linux (4.2.1-2).
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAVggkn+e/yOyVhhEJAQp5tA//RSYWzmr1GYzsO0GdQf2VHjEVn533NGWJ
cB08dkPDadnnmAA0T1SswWCuAJpdr/AAOKvvaD+sfWPrnIMrGs4E1B3HloQPFnbU
n7cxIzWikH7PzizkxwFlcvquNBGCetP1Ztl2KmuLwxN/bHL0z/gZRFqz6pzanVp+
sXhoZa/dikFVrcTNOZcyVwpguwStI8BNOgsK+YWWGMGqvp+Uh82/MMjKmEgo8Qeh
3pYmza+uNtMvhJJKt7/ALUAcOwXw7HS8GLjojPJiCHIYy0DTFfNtxyos0gzzPRhP
kvRrjEWOT0OcbVKAHpfTaCWZSFGFgVTiZV0WwN26+iNmsTgHo69esDbB2XU50837
bkIMrBCGQxbT5GrRXIQXx4RC693MFy2vZw+MT48Pr2c3VV4mJ8sthl6c3bdghB7l
J417512J9kE8l2ESFEnqoFk7nFH3UywmIvgWQzaPctUF7E+ZR5oM4Ejo3NNWGJ7U
c7gWwBX45AAKRl5dMbqn6DWzxymJFL/dCiWwr4t7eiDzAGCQMq7gT/jQMH0LfOAu
WLKoxLeZERcLIIlfqbxzxmu2/qkGNN97w/hlwmDWLizlFLRnmWj5s0r7/f7Se5g/
KYMJBtFvN/+0igiJGcwDMYNEE2TbgXxTP46xkcCad7xZh/GZP/Lrtpmc4l7hjFwC
K9Gq6Sh9Lms=
=w3w8
-----END PGP SIGNATURE-----
Merge tag 'debian/4.2.1-2'
Drop one added patch that is already included in 4.3-rc2.
2015-09-27 18:20:06 +01:00
8cc382f208
sctp: fix race on protocol/netns initialization (CVE-2015-5283)
2015-09-27 13:30:23 +01:00
5cdb1bae58
Update to 4.3-rc2
...
Drop a load of patches that went upstream.
Drop aic94xx patch which was obsoleted by a different fix upstream.
Refresh remaining patches.
2015-09-26 17:25:45 +01:00
1554dfda02
media: uvcvideo: Disable hardware timestamps by default ( Closes : #794327 )
2015-09-26 16:41:18 +01:00
Ben Hutchings
Lukas Wunner
Salvatore Bonaccorso
Roger Shimizu
Uwe Kleine-Koenig
Aurelien Jarno