472b038c1a
udeb: Move mfd-core to kernel-image, as both input-modules and mmc-modules need it
2017-05-02 14:11:10 +01:00
c4f7fb8fd3
selinux: Set SECURITY_SELINUX_CHECKREQPROT_VALUE=0, per default
2017-05-02 05:22:00 +01:00
97c9515edc
leds: Enable LEDS_GPIO as module for all configurations with GPIOs ( Closes : #860569 )
2017-05-02 05:19:00 +01:00
29ba603942
udeb: Add tifm_7xx1 to mmc-modules ( Closes : #861195 )
2017-05-02 05:12:01 +01:00
96174d4f99
[arm64] Enable ARMV8_DEPRECATED, SWP_EMULATION, CP15_BARRIER_EMULATION, SETEND_EMULATION ( Closes : #861384 )
2017-05-02 04:57:37 +01:00
c18a3bc8d8
Note that 4.9.25 closes #856843
2017-05-02 04:55:07 +01:00
62f19b9260
crypto: Enable CRYPTO_DEV_CHELSIO as module
2017-05-02 04:53:13 +01:00
1cf36ebc7c
[x86] crypto: Enable CRYPTO_DEV_QAT_C3XXX, CRYPTO_DEV_QAT_C62X, CRYPTO_DEV_QAT_C3XXXVF, CRYPTO_DEV_QAT_C62XVF as modules
2017-05-02 04:53:13 +01:00
52e8d9f36f
[rt] tracing: Enable HWLAT_TRACER
...
This is in mainline but not that useful without PREEMPT_RT.
HWLAT_DETECTOR no longer exists but I didn't notice because
kconfigeditor2 only looks at the mainline Kconfig files.
2017-05-02 04:53:13 +01:00
a315c25499
[x86] hwtracing: Enable INTEL_TH, INTEL_TH_PCI, INTEL_TH_GTH, INTEL_TH_MSU, INTEL_TH_PTI as modules
2017-05-02 04:53:13 +01:00
0f9f62ce3e
[x86] platform: Enable INTEL_HID_EVENT as module
2017-05-02 04:26:32 +01:00
cf48795305
[x86] comedi: Enable COMEDI_ADV_PCI1720, COMEDI_ADV_PCI1760 as modules
2017-05-02 04:26:32 +01:00
f5c277c282
[amd64] EDAC: Enable EDAC_SKX as module
2017-05-02 04:26:32 +01:00
9728988386
IB: Enable INFINIBAND_HFI1, INFINIBAND_I40IW, INFINIBAND_QEDR, RDMA_RXE as modules
2017-05-02 04:26:32 +01:00
fd24af5949
leds: Enable LEDS_TRIGGER_DISK, LEDS_TRIGGER_MTD, LEDS_TRIGGER_PANIC
2017-05-02 04:26:32 +01:00
f965312c8e
USB/misc: Enable UCSI as module
2017-05-02 04:26:32 +01:00
3f68b53e2c
usbip: Enable USBIP_VUDC as module
2017-05-02 04:26:32 +01:00
6dafde3362
leds,USB: Enable USB_LEDS_TRIGGER_USBPORT as module
2017-05-02 04:26:32 +01:00
f98a6c1701
HID: Enable HID_SENSOR_CUSTOM_SENSOR as module
2017-05-02 04:26:32 +01:00
bb3cdfe4f6
hda: Set SND_HDA_PREALLOC_SIZE=2048 as recommended for PulseAudio
2017-05-02 04:26:32 +01:00
6b9daaf87e
[x86] amdgpu,sound/soc: Enable DRM_AMD_ACP; enable SND_SOC_AMD_ACP as module
2017-05-02 04:26:32 +01:00
5ed69967a2
media: Enable VIDEO_TW5864, VIDEO_TW686X as modules
2017-05-02 04:26:32 +01:00
2d277e1fa2
Update to 4.11
...
All patches still apply!
2017-05-01 17:56:56 +01:00
7ba1afb386
nfsd: stricter decoding of write-like NFSv2/v3 ops (CVE-2017-7895)
2017-04-29 22:02:50 +02:00
7961205000
nfsd4: minor NFSv2/v3 write decoding cleanup
2017-04-29 21:59:48 +02:00
0e77dea5fc
nfsd: check for oversized NFSv2/v3 arguments (CVE-2017-7645)
2017-04-29 21:52:43 +02:00
4c666bd4da
Update to 4.9.25
2017-04-27 20:19:04 +02:00
d2be118d62
[m68k] udeb: Enable suffix for kernel-image ( Closes : #859366 )
2017-04-27 18:37:09 +01:00
f3c3de0f60
integrity: Enable IMA and related kconfig symbols (except on armel/marvell)
...
Closes : #788290
Based on advice from Matthew Garrett.
2017-04-27 18:37:09 +01:00
6771be1138
macsec: dynamically allocate space for sglist
2017-04-27 07:42:13 +02:00
7b2acecada
macsec: avoid heap overflow in skb_to_sgvec (CVE-2017-7477)
2017-04-27 06:43:38 +02:00
e7b761c5fd
[arm64] Add bug closure for raising NR_CPUS
2017-04-25 23:40:09 +01:00
4e57833523
watchdog: Enable WATCHDOG_SYSFS
2017-04-25 23:16:40 +01:00
a1a96efe46
[x86] thermal: Enable INT3406_THERMAL as module
2017-04-25 23:13:32 +01:00
8ab44aa518
[x86] gpio: Enable GPIO_AMDPT as module
2017-04-25 22:57:34 +01:00
fd23df3a24
serial/8250: Enable SERIAL_8250_MOXA as module
2017-04-25 22:50:51 +01:00
25cf1aa652
[x86] input/touchscreen: Enable TOUCHSCREEN_SURFACE3_SPI as module
2017-04-25 22:49:04 +01:00
79226c42bf
input: Enable TABLET_USB_PEGASUS as module
2017-04-25 22:48:26 +01:00
e4f8eedb77
net/phy: Enable MICROSEMI_PHY as module
2017-04-25 22:42:23 +01:00
9ee3fb1151
ethernet: Enable NFP_NETVF as module
2017-04-25 22:41:37 +01:00
94b8328125
net/sched: Enable NET_ACT_SKBMOD as module
2017-04-25 22:23:51 +01:00
45a93062df
6lowpan: Enable Generic Header Compression modules
2017-04-25 22:22:50 +01:00
f6ab826219
PCI: Enable PCIE_PTM (except on armel/marvell)
2017-04-25 22:20:09 +01:00
fe7d4b95a0
Add changelog entry for CVE-2017-8061
...
Gbp-Dch: Ignore
2017-04-23 12:15:25 +02:00
1beb630d78
Add changelog entry to record CVE-2017-8063
...
Gbp-Dch: Ignore
2017-04-23 12:09:00 +02:00
dff836d7ec
Add CVE-2017-8064 reference
...
Gbp-Dch: Ignore
2017-04-23 12:02:37 +02:00
1ad0a79c0a
Add changelog entry for CVE-2017-8067
...
Gbp-Dch: Ignore
2017-04-23 11:46:28 +02:00
7bf90ad750
KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings (CVE-2017-7472)
2017-04-22 02:26:48 +01:00
89402402c8
KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings (CVE-2016-9604)
2017-04-22 02:25:04 +01:00
9c5f88b1f6
Update to 4.9.24
...
Drop most of our bug fix patches, which were included in it.
Adjust context in a couple of rt patches that have textual conflicts.
2017-04-22 00:59:32 +01:00
d518bcf5f3
[mips*el/loongson-3] Disable PAGE_EXTENSION and PAGE_POISONING.
...
This workaround a kernel crash, until the real issue is found. It is
currently being investigated.
2017-04-22 01:16:49 +02:00
f2b1e81469
[mips*/octeon] Drop obsolete patch adding support for the UBNT E200 board.
2017-04-21 11:31:33 +02:00
3cd2ed795d
[arm64] Enable REGULATOR_GPIO as module ( Closes : #860222 )
2017-04-21 01:33:01 +01:00
1e2342437a
[arm64] Enable ARC_SUNXI, RTC_DRV_SUN6I as built-in, MMC_SUNXI and PHY_SUN4I_USB as modules
...
Closes : #860855
2017-04-21 01:00:12 +01:00
259372e240
[x86] Make hyperv-modules depends on nic-shared-modules
...
hv_utils (not hv_netvsc!) now implements a PTP clock.
2017-04-20 19:24:09 +01:00
0e0b29ad5a
[arm64,x86] Replace securelevel patch set with lockdown patch set
...
Matthew stopped maintaining the securelevel patch set, and David
Howells has taken it up under the new name 'lockdown'. This is
taken from:
https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git#efi-lock-down
commits ddb99e118e37f324a4be65a411bb60ae62795cf9..0240fa7c7c948b19d57c0163d57e55296277ff3c
Rebase the three patches not included there (cold boot mitigation,
arm64 SB integration, MTD RAM restrictions).
Update our kconfig for the renaming.
2017-04-20 02:38:34 +01:00
be339ddfdd
aufs: Update support patchset to aufs4.x-rcN-20170410
2017-04-20 01:48:49 +01:00
327c328b54
Update to 4.11-rc7 (and credit Lukas for his previous work)
2017-04-20 01:11:22 +01:00
f26f2a520d
Update to 4.11-rc6
...
Remove merged patches and rebase remaining patches.
A portion of the secureboot patches have been upstreamed, but were
changed substantially during review, primarily to avoid code
duplication among arches. I've stripped the patches of the merged
bits and rebased the remainder.
Signed-off-by: Lukas Wunner <lukas@wunner.de>
[bwh: Undo some incorrect context changes in
bugfix/all/firmware-remove-redundant-log-messages-from-drivers.patch]
2017-04-20 00:15:17 +01:00
8701ef58ba
Replace "[media] dvb-usb: Don't use stack for reset either" with upstream fix
2017-04-18 01:16:50 +01:00
3f62574711
crypto: ahash - Fix EINPROGRESS notification callback (CVE-2017-7618)
2017-04-16 23:25:12 +01:00
4d042ae0ff
[rt] Update to 4.9.20-rt16
2017-04-16 21:52:57 +01:00
31945f628c
Update to 4.9.22
...
Drop patches applied upstream.
2017-04-16 21:47:05 +01:00
326a2052e2
linux-image: Disable signing until it's supported in dak
...
Only code signing through dak is going to be acceptable for a stable
release, so disable the current arrangement.
2017-04-16 18:53:52 +01:00
b4b1be4c52
Move debug symbols back to the main archive
...
dak currently allows a binary upload to include debug symbol packages
that don't appear in the overrides file or the Binary field of the
changes file, so long as they have the appropriate
'Auto-Built-Package' field and their name matches another binary
package in the upload plus the '-dbgsym' suffix.
For architectures with code signing enabled, our binary uploads never
match this condition as the corresponding binary package has the
'-unsigned' suffix and the debug symbols package does not. Since we
do list the debug symbol packages in the Binary field, they do get
added to the overrides file when accepted through the NEW queue, but
they are automatically pruned from there some time later. Later
uploads then have to go through NEW even though they are not
introducing new binary packages. This would be a big problem for
stable security updates.
For now, move debug symbols back to the main archive with the old
'-dbg' suffix. Keep them enabled for all architectures.
2017-04-16 18:53:35 +01:00
6ef03e0be7
Merge remote-tracking branch 'alioth/sid' into sid
2017-04-16 17:22:54 +01:00
b80acec65e
[arm64] Set NR_CPUS=256 to allow for multi-SoC systems
...
ThunderX1 has 48 cores and supports 2-way systems for 96 CPUs.
ThunderX2 has 54 cores and also supports 2-way systems for 108 CPUs.
X-Gene 3 "Skylark" is supposed to support 8-way systems with 32
cores each for 256 CPUs (I'm not sure if they're cache-coherent
beyond 2-way though.
2017-04-16 17:19:45 +01:00
01f0df794d
[mips*/octeon] Set NR_CPUS=64 to allow for Cavium CN7890
...
The CN7890 has 48 Octeon III cores.
I don't know whether current configuration will run on a CN7890, but this
should avoid an ABI break if we add support later.
2017-04-16 17:19:00 +01:00
c22c7deb17
[mips*el/loongson-3] Set NR_CPUS=16 to allow for Loongson 3B2000
...
The Loongson 3B2000 has 4 cores and can apparently be used in a 4-way
configuration, for 16 CPUs.
I don't think the current configuration will run on a 3B2000, but this
should avoid an ABI break if we address that.
2017-04-16 17:18:59 +01:00
ba74e6e6c8
[powerpc*/*64*] Enable CPUMASK_OFFSTACK to reduce stack usage
2017-04-16 17:18:44 +01:00
23fadf4f82
Update debian/changelog file
...
Gbp-Dch: Ignore
2017-04-16 08:00:01 +02:00
1d5fde10d8
mm/mempolicy.c: fix error handling in set_mempolicy and mbind (CVE-2017-7616)
2017-04-16 07:59:50 +02:00
b1b8586924
[powerpc/powerpc64,ppc64] Set NR_CPUS=2048, matching ppc64el
2017-04-15 02:41:22 +01:00
9cb1bd16f9
udeb: Include all AHCI drivers in sata-modules ( Closes : #860335 )
2017-04-14 20:35:35 +01:00
263f51b136
cpupower: Fix turbo frequency reporting for pre-Sandy Bridge cores ( Closes : #859978 )
2017-04-11 02:57:43 +01:00
5547db97a6
fscrypt: remove broken support for detecting keyring key revocation (CVE-2017-7374)
2017-04-08 09:36:53 +02:00
43f7156d3a
ping: implement proper locking (CVE-2017-2671)
2017-04-08 09:18:35 +02:00
ca91ae2eb7
[powerpc/powerpc64,ppc64*] target: Enable SCSI_IBMVSCSIS as module
...
This driver was removed in 3.18, but has been updated to use the new
target framework and was added again in 4.8.
As it lives under drivers/scsi and not drivers/target, exclude it from
the scsi-modules udeb.
2017-04-08 01:43:00 +01:00
20a0659e24
drm/nouveau/disp/mcp7x: disable dptmds workaround ( Closes : #850219 )
2017-04-07 20:42:59 +01:00
505d589daf
[x86] usbip: Increase USBIP_VHCI_NR_HCS to 8 and USBIP_VHCI_HC_PORTS to 31
...
Closes : #859641
2017-04-07 20:32:56 +01:00
abd4d7ab60
[s390x] Set NR_CPUS=256 ( Closes : #858731 )
2017-04-07 20:29:12 +01:00
1d2e81c18d
Bump ABI to 3
2017-04-07 20:28:09 +01:00
699099dfce
debian/rules.real: Undefine $LANGUAGE, which can break debug symbols for vDSOs
...
Closes : #859807
2017-04-07 20:25:37 +01:00
c59213f33a
Prepare to release linux (4.10.7-1~exp1).
2017-03-31 00:41:15 +01:00
9ee9c719d0
Enable BUG_ON_DATA_CORRUPTION
...
This means errors detected by DEBUG_LIST result in BUG rather than WARN.
2017-03-31 00:33:12 +01:00
fa49af3f6b
[s390x] Set NR_CPUS=256 ( Closes : #858731 )
2017-03-31 00:02:59 +01:00
500ce0c9cd
netfilter: Enable NF_SOCKET_IPV4, NF_SOCKET_IPV6 as modules ( Closes : #858897 )
2017-03-31 00:02:01 +01:00
473a9f83a2
w1: Really enable W1_MASTER_GPIO as module ( Closes : #858975 )
2017-03-30 18:27:54 +01:00
459f0a48e4
Release linux (4.9.18-1).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAljcf5EACgkQ57/I7JWG
EQmFcQ/8DoBxenUbNW5cY+YbwBKsjuBb8Q6gnqQLOX/JtOJ8MtpQ1t2QQPvMYdXJ
PTcNZAKm8mrsWJxos9WsUHjkdrfuLAsMTisC5FvDkE6myBt++GH3gRtKCT0A2nep
ZU17YeHYfcqv6UK90Jg0p+xAKQEEqKZrryP7fvb8oX5wOORwlLMxBScErftbB/vV
hBvwybq7gfA/4KxDTnWgadpidg16/67ZgKd0EoSsbCpFAJble/hRroMwzKUSzFW+
2yFxrmUNFoIXddoDtORNNdK0nM6b2MKeWKjmndknz4QehlayZWCg1+mEjp7A7Wqp
9naONqhQWMibARGkDl5Y7SZ9/XJXjPmDFXi3EIbhrWMN2TUkzUN14A1YHw+M9p5Q
9UbnpI6eDxjvlezcPjqucIM0ywFwljBrDsQXfGsR6ogQbYvA7nJ0dK63/EXzvl1U
UGUBwHtDhLHxtv85/JsUqq9/UVGbZjcHvyEfmE1mvbMcNxkSLSewt+jd78h7xIyL
tOZP24ARPKqcQ1detou47o8cMmwTqVl6xu08w83xin2Xux+UlYFTtI/LVws3oYNb
F3uEzIgtJbu7ENxCkY5RmIJG9qRJZJ2f6dnpLLld6D52paD5OYNrk1NShtf/Dp+r
zjJoiIRTcO9fPatjl07Y2eDeFeo2SKoD+Xd/5nGDoytE6JiDEXg=
=ONVb
-----END PGP SIGNATURE-----
Merge tag 'debian/4.9.18-1'
Drop ABI reference files.
Refresh/drop patches as needed.
2017-03-30 14:16:47 +01:00
2df8b204ea
Update to 4.10.7
2017-03-30 14:04:10 +01:00
9df323e7dd
Prepare to release linux (4.9.18-1).
2017-03-30 02:16:33 +01:00
4adb26a0c1
w1: Enable W1_MASTER_GPIO as module ( Closes : #858975 )
2017-03-30 01:53:01 +01:00
f294506bfa
netfilter: nft_ct: add notrack support ( Closes : #845500 )
2017-03-30 01:40:57 +01:00
4f10661dbb
[arm64,x86] Enable CROS_KBD_LED_BACKLIGHT as module ( Closes : #856906 )
2017-03-30 01:01:37 +01:00
576f686158
[armhf] sound/soc: Enable SND_SUN4I_SPDIF as module ( Closes : #857410 )
2017-03-30 00:22:17 +01:00
a1503865a9
[sparc64] udeb: Re-add ufs-modules ( Closes : #858049 )
2017-03-30 00:19:48 +01:00
42ea80c71c
[arm64] rtc: tegra: Implement clock handling ( Closes : #858514 )
2017-03-29 23:42:54 +01:00
8a7210aeea
net/packet: Fix integer overflow in various range checks (CVE-2017-7308)
2017-03-29 22:50:53 +01:00
8703214f24
[x86] drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl() (CVE-2017-7294)
2017-03-29 22:42:53 +01:00
de3e9af4dc
[x86] vmwgfx: NULL pointer dereference in vmw_surface_define_ioctl() (CVE-2017-7261)
2017-03-29 22:36:16 +01:00
2dd2d226ca
scsi: sg: check length passed to SG_NEXT_CMD_LEN (CVE-2017-7187)
2017-03-29 22:31:24 +01:00
3e739d51e3
xfrm_user: Apply fixes for CVE-2017-7184
2017-03-29 22:28:20 +01:00
9984b67924
[rt] Update to 4.9.18-rt14
2017-03-29 04:57:14 +01:00
5c465af56e
[rt] Update to 4.9.18-rt13 (no functional change)
2017-03-27 23:33:49 +01:00
8f58868ca2
Update to 4.9.18
...
Ignore ABI changes as they don't seem to affect OOT modules.
2017-03-27 23:33:33 +01:00
6f1e58a58e
[powerpc*] Ignore ABI changes in cxl (fixes FTBFS) ( Closes : #858530 )
2017-03-27 22:25:03 +01:00
7a622bd483
Prepare to release linux (4.9.16-1).
2017-03-22 17:01:40 +01:00
b303c03f3b
Update to 4.9.16
...
Drop one patch included in it
2017-03-20 00:12:10 +00:00
529c42c701
Reorganise and improve comments for ignored ABI changes
2017-03-20 00:10:59 +00:00
f271c6453d
Update to 4.9.15
...
Drop one patch included in 4.9.15
Ignore ABI changes for
module:drivers/nvdimm/libnvdimm
module:drivers/target/**
debugfs_create_automount
2017-03-19 21:41:18 +01:00
73b2f137b6
fjes: Disable auto-loading, as this driver matches a very common ACPI ID ( Closes : #853976 )
2017-03-18 20:51:22 +00:00
15269fa16f
Add bug closer for CVE-2017-2636
2017-03-18 17:13:39 +01:00
edfd36210e
[hppa] Switch to debian default config option for bonding, irda and atalk
2017-03-18 00:30:00 +01:00
4c22453363
[amd64] Don't WARN about expected W+X pages on Xen (see #852324 )
2017-03-16 04:14:51 +00:00
8851d0b7ac
ucount: Remove the atomicity from ucount->count (CVE-2017-6874)
...
...and avoid an ABI change.
2017-03-14 21:39:16 +00:00
f8dd73abfa
Ignore ABI change for first_ec (not declared in public header)
2017-03-14 07:02:46 +01:00
e67a9e0c75
Ignore ABI changes for acpi_ec_{add,remove}_query_handler
2017-03-13 21:36:31 +01:00
42afd6a1f7
Sync debian/changelog entries with git log
...
Gbp-Dch: Ignore
2017-03-13 07:35:13 +01:00
11c1294899
ACPI / EC: Use busy polling mode when GPE is not enabled
...
Thanks: Jakobus Schurz <jakobus.schurz@gmail.com>
Closes : #846792
2017-03-13 07:34:43 +01:00
f96b366d00
Update to 4.9.14
...
Drop a patch applied upstream.
Ignore ABI changes as they shouldn't affect OOT modules.
2017-03-12 18:35:37 +00:00
11d69f4069
tty: n_hdlc: get rid of racy n_hdlc.tbuf (CVE-2017-2636)
2017-03-08 03:07:36 +00:00
cd00ebfdee
[rt] Update to 4.9.13-rt12
2017-03-08 03:01:24 +00:00
7513bdfe2b
Kbuild.include: addtree: Remove quotes before matching path (regression in 4.8)
...
loses: #856474
2017-03-04 02:19:07 +00:00
79e486b59b
[media] dvb-usb: don't use stack for firmware load or reset ( Closes : #853894 )
2017-03-01 15:43:37 +00:00
f1c761e452
Prepare to release linux (4.9.13-1).
2017-02-27 15:58:07 +00:00
ab97125626
[rt] Update to 4.9.13-rt10
2017-02-27 15:57:02 +00:00
49569a3b8c
sctp: deny peeloff operation on asocs with threads sleeping on it (CVE-2017-6353)
2017-02-27 15:49:27 +00:00
28bcf3a477
Add CVE-2017-6348 CVE identifier
2017-02-27 06:52:48 +01:00
3333d73728
Add CVE-2017-6347 CVE identifier
2017-02-27 06:48:34 +01:00
ba31bbd36f
Add CVE-2017-6346 identifier
2017-02-27 06:42:54 +01:00
62bab38998
Add CVE-2017-6345 identifier
2017-02-27 06:38:46 +01:00
49c2b92937
time: Disable TIMER_STATS (CVE-2017-5967)
...
The upstream "fix" for this is to remove the feature, as it is
redundant with tracing. I'd be quite happy to do that, but it
introduces several conflicts with the PREEMPT_RT patch series.
Unless and until those are resolved in 4.9-stable and 4.9-rt, disable
it in our kconfig and add a dependency on BROKEN to ensure it's
disabled in custom kernels too.
2017-02-26 21:05:05 +00:00
f32a03523e
ipc/shm: Fix shmat mmap nil-page protection (CVE-2017-5669)
2017-02-26 20:51:00 +00:00
003300166a
[x86] kvm: fix page struct leak in handle_vmon (CVE-2017-2596)
2017-02-26 20:29:29 +00:00
93819d25f0
Update to 4.9.13
2017-02-26 20:10:47 +00:00
5d326c4855
udeb: Add more USB host and dual-role drivers to usb-modules ( Closes : #856111 )
...
This mostly affects armhf, but it should be safe to list all the
directories in the common usb-modules. The module list should now
match initramfs-tools.
Remove the redundant list of specific modules for armhf-armmp.
2017-02-25 21:40:03 +00:00
a5fbe7bcef
Update to 4.9.12
2017-02-25 21:36:31 +00:00
fe42826053
Wrap two long changelog entries
2017-02-23 19:18:07 +01:00
4746877ba5
Add CVE id for CVE-2017-6214
2017-02-23 19:17:24 +01:00
1bdf4070d4
Prepare to release linux (4.10-1~exp1).
2017-02-22 20:58:19 +00:00
1fcade696a
Update to 4.10
2017-02-22 20:58:16 +00:00
8c94f719fa
Release linux (4.9.10-1).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlinNOsACgkQ57/I7JWG
EQntWg//RuNSbOQeyML971UnFUtZjY3yAUYqhPJdpJimjY3WHjmZlJQrLlSz9IYQ
48Pkt/64P0+iAr9zJ+3uJv1fOagKePd5RaS/iChJdvq0fCGZstFlti5NwXEQtGSv
Yzp0LStZr+pEPZo+8Bo+TVSP25FNXdZBvhUXE2sbxaV8+W9Vx+qFkfrWEiW7hpFv
nCQJic7kmzllS4Aol9e/jj2MqcdWIhviufAImNnfrbpK61Ud6Gznw9gTODw9+OIT
ny6F/k7O6MFPuHp3aAxVC5TCowh16PcC+VqJF9MTnnvHQmD3jYqdeA8zKLnW/tJk
Dl9A6whZ3n4fFRlGjgxjmTP/CgAIeQVqgTgYCApuQQTVG3svIkznoXJLraj5UE90
rzeB30x3ikUWcVggN7xfSkW3e6/v+XSbRfu73sFA81mWyWoddT/NYhw+Y18ym4UJ
Vk8iuAakpjdVj73FSyYOcNGRzOEp2SAV72EsJEMw1/IlIkmRkMmJkkg4T/HYj11P
jK/TjZtSsVbje4zx9/U6g8Rj4Wi40EHZu6kuh2jUhCk91zsAr+7EC45gZC+uohxL
jxKxv2R5p9AR7uN6JzQR4OuOL1bTCrt02MrWdsiPlUi0RBKlJ7O5sGMMsHrVMinn
4zFNeYq2U3Fyaejb32x3DOKtgCjoMRQ5iHyrjgljhzxJcf3fWKk=
=rRkU
-----END PGP SIGNATURE-----
Merge tag 'debian/4.9.10-1'
Drop changes to aufs.
2017-02-22 20:57:36 +00:00
e88bad2d33
Add CVE-2017-5897 CVE id to changelog entry
2017-02-20 15:10:28 +01:00
8db6ed9e89
dccp: fix freeing skb too early for IPV6_RECVPKTINFO (CVE-2017-6074)
2017-02-19 10:46:20 +01:00
4fe7cfed42
Update to 4.9.11
...
Ignore/avoid a few ABI changes in net.
2017-02-18 21:54:07 +00:00
7b50304bda
Update to 4.9.11
2017-02-18 20:53:41 +00:00
5e5afa386a
[armhf] Enable DRM_OMAP_PANEL_TPO_TD028TTEC1, PWM_OMAP_DMTIMER as modules ( Closes : #855472 )
2017-02-18 20:29:32 +00:00
5d590456c4
[armel] dts: kirkwood: Fix SATA pinmux-ing for TS419 ( Closes : #855017 )
2017-02-18 00:38:36 +00:00
ad25780220
Prepare to release linux (4.9.10-1).
2017-02-17 13:18:17 +00:00
92d269eac2
media: dvb-usb-dibusb-mc-common: Add MODULE_LICENSE ( Closes : #853110 )
2017-02-17 02:56:32 +00:00
4e1df53c24
[x86] xen: Fix APIC id mismatch warning on Intel ( Closes : #853193 )
2017-02-17 02:42:17 +00:00
31532f0851
[x86] platform: acer-wmi: setup accelerometer when machine has appropriate notify event ( Closes : #853067 )
2017-02-17 02:37:50 +00:00
fdd44fecba
udeb: Add bcache to md-modules ( Closes : #718548 )
2017-02-17 02:26:47 +00:00
d7a4c15c51
[m68k] Change MAC8390, MAC_SCSI from built-in to modules ( Closes : #826614 )
...
udeb: Add mac8390 to nic-shared-modules
2017-02-17 02:21:21 +00:00
df90250caf
[armel/marvell] hwmon: Enable SENSORS_G762 as module ( Closes : #854662 )
2017-02-17 02:14:35 +00:00
daef7b18db
[arm64] drm: Enable DRM_AST as module ( Closes : #820168 )
...
udeb: Add ast to fb-modules
2017-02-17 02:05:03 +00:00
c69737eaf8
Note that 4.9.9 closes #853073 , #855055
2017-02-17 01:58:58 +00:00
e035177b13
net: ipv6: check route protocol when deleting routes ( Closes : #855153 )
2017-02-17 00:58:21 +00:00
8cf3230524
dccp: Disable auto-loading as mitigation against local exploits
2017-02-16 19:11:26 +00:00
10f2dad569
Update to 4.9.10
2017-02-16 19:06:43 +00:00
452d9f1e7d
Add CVE-2017-6001 CVE id to changelog for 4.9.9-1
2017-02-16 05:14:56 +01:00
58fbff3df5
sctp: avoid BUG_ON on sctp_wait_for_sndbuf (CVE-2017-5986)
2017-02-15 11:54:59 +01:00
9e381d5c13
ipv4: keep skb->dst around in presence of IP options (CVE-2017-5970)
2017-02-15 11:50:22 +01:00
4e5e705c5f
selinux: fix off-by-one in setprocattr (CVE-2017-2618)
2017-02-15 11:44:55 +01:00
4a1042f1a0
IB/rxe: Fix mem_check_range integer overflow (CVE-2016-8636)
2017-02-15 11:41:25 +01:00
848ab3cd4d
CVE-2016-10208 pending for 4.9.9-1
2017-02-14 20:48:26 +01:00
82f952c50f
[rt] Update to 4.9.9-rt6
2017-02-11 14:49:54 +00:00
9ee6dbd395
Update to 4.9.9
...
Drop revert-patch which is superseded by upstream fix in 4.9.9.
Delete log line for commit that went into 4.9.7 and has now been
reverted.
2017-02-10 00:04:25 +00:00
06c483a015
debian/copyright: Prefer https URL than http for security merit
...
Also changed bit for debian/README.source
2017-02-10 07:44:04 +09:00
4b402f4b97
[armel] ARM: orion5x: fix Makefile for linkstation-lschl.dtb
...
Note the patch in changelog and add Origin to the patch
2017-02-09 23:18:25 +09:00
fc4d14f63f
test-patches: Set default number of jobs to number of available processors
...
With the current default of 1, most users are going to be kept waiting
unncessarily.
2017-02-08 02:05:30 +00:00
bd4315df9c
test-patches: Use the pkg.linux.notools build profile
...
test-patches never builds tools, and this greatly reduces the
build-dependencies.
2017-02-07 23:47:20 +00:00
fb27baab98
pegasus: Use heap buffers for all register access ( Closes : #852556 )
2017-02-07 01:44:24 +00:00
abd788f1da
cpumask: use nr_cpumask_bits for parsing functions ( Closes : #848682 )
2017-02-07 01:40:13 +00:00
a6f6ce057f
[rt] Update to 4.9.6-rt4
2017-02-07 00:55:55 +00:00
bfd586db54
aufs: Update support patchset to aufs4.9-20170206
2017-02-07 00:48:26 +00:00
6a7f3d6b71
aufs: Update support patchset to aufs4.x-rcN-20170206
2017-02-07 00:47:34 +00:00
63ef596c74
Update to 4.10-rc7
2017-02-07 00:39:58 +00:00
6dfab36dd8
Update to 4.9.8
2017-02-06 15:59:29 +00:00
7eec246dc0
Update to 4.9.7
...
Drop patches applied upstream.
2017-02-03 13:51:44 +00:00
701bf4b244
Revert efistub changes, Closes : #853170
...
[benh: Update changelog]
2017-02-03 03:51:48 +00:00
3af020874b
Prepare to release linux (4.10~rc6-1~exp2).
2017-02-02 03:44:51 +00:00
6da646ca30
[armel] Adjust configuration to reduce image size (fixes FTBFS)
2017-02-02 03:44:43 +00:00
84e53d21c3
debian/control: Fix compiler build-dependencies for cross-building
...
gcc cross-compilers *do* now have Multi-Arch: foreign, so we have
to take the :native qualfiication off again.
2017-02-02 02:36:49 +00:00
aca7f25415
[ppc64el] Disable IBMEBUS; this bus does not exist on POWER8 systems
...
In 4.10 its dependencies are changed accordingly. We might as well
disable it here as well.
Also explicitly disable EHEA, which depends on IBMEBUS, and exclude
ehea from nic-modules.
2017-02-02 00:53:44 +00:00
fd8856b5ca
[ppc64el] udeb: Exclude ehea from nic-modules
...
It depends on IBMEBUS which can no longer be enabled on this
architecture as the bus isn't present in POWER8 systems.
2017-02-01 23:54:02 +00:00
1ca7f0fad2
[powerpc*] Fix missing CRC for _mcount
2017-02-01 23:53:37 +00:00
000457eb03
[powerpc*] Revert the initial stack protector support
...
Fixes build failure on ppc32 (or one reason for it) and boot failure on
ppc64.
2017-02-01 23:51:09 +00:00
9805479fdb
[sparc64] topology_64.h: Fix condition for including cpudata.h
...
This might fix the FTBFS, but as I can't currently do a test build
I'm not sure.
2017-02-01 23:50:15 +00:00
cebb2af7dd
[s390x] Un-revert upstream change moving exports to assembly sources
...
s390 now has <asm/asm-prototypes.h>, so exports from asm should have
versions. It also gained another EXPORT_SYMBOL() in asm that we
didn't revert, leading to FTBFS.
2017-02-01 23:49:39 +00:00
63915af674
Prepare to release linux (4.10~rc6-1~exp1).
2017-01-31 15:33:20 +00:00
3c80d83bb1
linux-doc: Copy source to build directory
...
This is necessary to avoid creating files in source directory, which
makes the linux-source package unclean (and unreproducible).
Firstly, Python creates bytecode files alongside the module sources.
We can and do exclude those, though.
Secondly, starting with 4.10, Documentation/media/Makefile converts
from dot to SVG and from SVG to PDF in the source directory. These
can't easily be excluded, as SVG is also used as a source format.
2017-01-31 15:32:40 +00:00
90c2b44bab
debian/control: Add build-dependency on graphviz for documentation
2017-01-30 20:31:24 +00:00
20f61fd51d
linux-doc: Fix up symlinks to gzipped docs
...
Some files are moving around under Documentation and being replaced
with symlinks.
gzip -r doesn't even check for symlinks, and fails when they're broken
(which happens if the destination was found first). So use find and
xargs instead, and deal with the symlinks separately.
2017-01-30 17:53:40 +00:00
8d3d6efcde
linux-doc: Update documentation file list for 4.10
...
REPORTING-BUGS moved to Documentation/admin-guide/reporting-bugs.rst
and doesn't need to be listed separately.
Many of the ReST files in Documentation used to be plain-text and
users may want to continue reading them as such, so don't prune
*.rst.
2017-01-30 17:21:50 +00:00
28002f99bf
[armel] ARM: dts: orion5x-linkstation-lschl
...
- Fix model name
- More consistent naming on linkstation series
2017-01-31 02:11:17 +09:00
9c3f98c0c4
cpupower: Fix compiler options for turbostat on 4.10
2017-01-30 16:28:55 +00:00
6b038a62ac
Update to 4.10-rc6
2017-01-30 16:28:55 +00:00
b476f54cc9
net: Enable SFC_FALCON as module; SFC_FALCON_MTD
2017-01-30 16:28:55 +00:00
1b9aa796be
Note adding GPL/X11 Dual License in changelog
2017-01-30 21:26:52 +09:00
Ben Hutchings
Salvatore Bonaccorso
John Paul Adrian Glaubitz
Aurelien Jarno
Lukas Wunner
James Clarke
Helge Deller
Roger Shimizu
Riku Voipio