cb766cd661
Add follow-up fixes for CVE-2017-9074
2017-06-08 15:39:03 +01:00
9bf3ee218c
Add follow-up fixes for CVE-2017-9074
2017-06-08 15:37:04 +01:00
304a2920e5
Update to 4.11.4
2017-06-07 23:41:28 +01:00
2da7c17a3d
ipv6: Check ip6_find_1stfragopt() return value properly.
...
Follow-up to the fix for CVE-2017-9074.
2017-06-07 23:34:55 +01:00
cb232e3cbd
Set ABI to 1
2017-06-07 21:24:14 +01:00
2e4ca2c625
Drop experimental suffix from next version
2017-06-07 21:23:33 +01:00
7618511643
[x86] Enable SERIAL_8250_MID as built-in ( Closes : #864368 )
2017-06-07 21:21:21 +01:00
e3721c5e6a
[x86] SERIAL_8250_MID not GPIO_INTEL_MID
...
...although we might want that too
2017-06-07 21:19:02 +01:00
9da11541bd
[x86] Enable SERIAL_8250_MID as built-in ( Closes : #864368 )
2017-06-07 21:16:14 +01:00
1d233f0650
Merge branch 'm68k' of https://github.com/glaubitz/linux-debian
...
Move the added changelog lines into a new entry, as 4.11.3-1~exp1 has
already been uploaded.
2017-06-06 20:43:50 +01:00
18a83ebe4c
[m68k] udeb: Add atari_scsi, mac_esp, mac_scsi to scsi-modules
2017-06-06 00:27:44 +02:00
dbe60feb5b
[m68k] udeb: Add buddha, falconide, gayle, macide, q40ide to pata-modules
2017-06-06 00:25:47 +02:00
8af4425509
[m68k] udeb: Move non-shared modules from nic-shared-modules to nic-modules
2017-06-06 00:24:40 +02:00
2ae0e6b97a
[m68k] udeb: Build scsi-core-modules package
2017-06-06 00:22:45 +02:00
0f75b878c9
[m68k] udeb: Build pata-modules package
2017-06-06 00:21:33 +02:00
8a4fb2b833
[m68k] udeb: Build nic-modules package
2017-06-06 00:19:15 +02:00
3a28456c15
[m68k] udeb: Build hfs-modules package
2017-06-06 00:17:56 +02:00
a744ec62e0
[m68k] udeb: Build affs-modules package
2017-06-06 00:16:56 +02:00
aca58f8953
Prepare to release linux (4.11.3-1~exp1).
2017-06-05 14:13:41 +01:00
5174845342
Release linux (4.9.30-1).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlkz7vwACgkQ57/I7JWG
EQmWdQ//ctWbgUQezu+yi96QR/algQVpsRH/x1oUVnPIYi96FYOabS9pKaK0aAz1
gvTzEBz+ej2lj+ju51UWGsWHXG9CuBO9i+lRqxf74YdpmDPVco+sDWULBJzEnXqC
rYJsvnwLneDdUOeLd+r9nS/a38PezOqXd0eQApzwzvj4GStrj23aSQeLH7pXqXrr
KI/dORIXEujHoNeWzSzW3XXzOYlg9yAJuLyFmS8FGg7fBaEpnlRA+z2gXtmX7Bdn
SBJxYNttrVbucpHsIwFQysaVU+G0EXnbwgsB/AQBycCrDDIYmhmWLdqlIG+q6lsm
AGLmmX47xxrDpBPhr8iHWJkcmTBBNsSADghLvTru5PSWWTd70P/f2XWGYrfJ5bvU
OrQaV4BFG+zw6RC7Jlzx+byaXyWq15aorRAJSXKaFdebHBZXFzsbKTq4HNTRKV06
3DpoH47C0Jr4YXSbcNvgZiDZnF7OmYw/vsbJk+X4IC+igpriz3dV93QTnL2vf4iO
LaS2KT1MkGInS329DRpjCy14+q1LZM2nti6/mPji2Uqwl6ACvGYgL5y0FJLfEThH
XN+a2So6+u8MvWxrUoNrHIj8aYok96oONpDDbPIueS/PT7TwHBbq2ui1zlE8Uahg
zR3+U/V5VoBEct5n/nm0c8SRhkqsfOk8l42Dj5ibkQAuDzzt39g=
=MA6Q
-----END PGP SIGNATURE-----
Merge tag 'debian/4.9.30-1'
Drop ABI reference files and ABI maintenance patch.
2017-06-05 14:12:31 +01:00
7b53b52f6f
Update to 4.11.3
2017-06-05 14:04:06 +01:00
65c1808993
[m68k] Update 'Revert "m68k: move exports to definitions"' for 4.11 (fixes FTBFS)
...
Closes : #862393
2017-06-05 13:51:12 +01:00
6b3812c4f1
Prepare to release linux (4.9.30-1).
2017-06-04 03:03:01 +01:00
894e593fa3
[rt] Update to 4.9.30-rt20
2017-06-04 03:00:42 +01:00
9c84459829
[rt] Add new GPG subkeys for Sebastian Andrzej Siewior
2017-06-04 02:51:04 +01:00
4078eac467
[arm64] serial: pl011: add console matching function ( Closes : #861898 )
2017-06-04 02:40:54 +01:00
0aead2461f
[x86] pinctrl: cherryview: Add a quirk to make Acer Chromebook keyboard work again
...
Closes : #862723
2017-06-04 02:30:55 +01:00
8b4f995faa
[rt] Clean up kconfig with kconfigeditor2
2017-06-04 02:14:44 +01:00
3222b6559c
[m68k] udeb: Build loop-modules package
...
Signed-off-by: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
[bwh: Add changelog entry]
2017-06-04 02:08:50 +01:00
4ff30925bb
udeb: Add efivarfs to efi-modules.
...
This might be needed to retrieve firmware or configuration bits from
d-i.
[bwh: Add closes : #862555 ]
2017-06-04 01:40:22 +01:00
ae4eed4ced
btrfs: warn about RAID5/6 being experimental at mount time ( Closes : #863290 )
2017-06-04 01:20:23 +01:00
e6c8b0bdf6
Add Debian package version to "hung task" log messages
...
I noticed a couple of bug reports with these messages and unknown
packge version.
2017-06-04 00:02:06 +01:00
9479b65c42
debian/control: Fix compiler build-dependencies for cross-building
...
gcc cross-compilers *do* now have Multi-Arch: foreign, so we have
to take the :native qualfiication off again.
(cherry picked from commit 84e53d21c3Closes : #863907
2017-06-03 22:10:01 +01:00
f66ac78498
Note that "NFSv4: Fix callback server shutdown" closes #862357
2017-06-03 20:43:08 +01:00
b9ea5ea2a4
uapi: fix linux/if.h userspace compilation errors (see #822393 , #824442 )
2017-06-01 17:50:12 +01:00
a843bf5bb3
Merge remote-tracking branch 'alioth/sid' into sid
2017-06-01 14:10:48 +01:00
2502943c58
ipv6: fix out of bound writes in __ip6_append_data() (CVE-2017-9242)
2017-06-01 08:38:02 +02:00
cd87fb7a86
crypto: skcipher - Add missing API setkey checks (CVE-2017-9211)
2017-06-01 08:34:46 +02:00
261dbebcde
ipv6/dccp: do not inherit ipv6_mc_list from parent (CVE-2017-9076 CVE-2017-9077)
2017-06-01 08:13:06 +02:00
3253209d02
sctp: do not inherit ipv6_{mc|ac|fl}_list from parent (CVE-2017-9075)
2017-06-01 08:08:49 +02:00
35c1e8ae8d
ipv6: Prevent overrun when parsing v6 header options (CVE-2017-9074)
2017-06-01 08:05:24 +02:00
a68b36a505
dccp/tcp: do not inherit mc_list from parent (CVE-2017-8890)
2017-06-01 07:43:55 +02:00
20b3d9876a
tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline() (CVE-2017-0605)
2017-06-01 07:36:02 +02:00
ad62774819
Add various security fixes
2017-06-01 00:30:04 +01:00
c2d60c744a
Merge branch 'sid' of git+ssh://git.debian.org/git/kernel/linux into sid
2017-05-31 22:10:43 +01:00
85cfadf6c0
fix "[arm64] Enable DRM modules"
...
I forgot to add =m for CONFIG_DRM_MALI_DISPLAY. I fixed that for my
build test, but forgot to add to the index for committing. *sigh*
2017-05-31 22:30:20 +02:00
39fa3fc3aa
Ignore ABI changes in chipidea driver
2017-05-31 22:26:40 +02:00
7c8c8ef49a
[arm64] Enable DRM modules
2017-05-31 22:25:13 +02:00
e9619f03d3
Update to 4.9.30
...
* Drop/refresh patches as necessary
* Ignore ABI changes in ccp and hid-sensors
* [mips*el/loongson-3] Revert "MIPS: Loongson-3: Select
MIPS_L1_CACHE_SHIFT_6" to avoid ABI change
2017-05-31 21:02:34 +01:00
dd1408c66d
Update to 4.9.28
2017-05-27 17:12:34 +02:00
cb023ecab6
[armel] Note kernel size limit for Buffalo Linkstation
...
We don't know the actual limit for Linkstation device. The size
was taken from kernel of stock firmware.
2017-05-17 01:10:00 +09:00
75d5d0e57f
Update to 4.9.27
2017-05-13 18:52:03 +02:00
3d18d55b64
Update to 4.9.26
...
Ignore changes to module:sound/firewire/snd-firewire-lib
Ignore changes to module:net/l2tp/l2tp_core
2017-05-13 16:07:07 +02:00
f5fd64d72e
[mips*/*-malta] Enable POWER_RESET and POWER_RESET_SYSCON.
2017-05-08 21:12:41 +02:00
9e37525c5d
Add ABI reference for 4.9.0-3
2017-05-08 17:49:32 +01:00
0a348a06ca
[armel] udeb: Add af_packet. firmware_class, nls_base to kernel-image (fixes FTBFS)
2017-05-06 03:54:06 +01:00
3b2f2e5859
Prepare to release linux (4.11-1~exp2).
2017-05-05 04:35:12 +01:00
8356e87ef9
[mips*/octeon] Increase RELOCATION_TABLE_SIZE to 0x00110000 (fixes FTBFS)
2017-05-05 04:05:51 +01:00
2d982936e8
usbip: Fix potential format overflow in userspace tools
...
This fixes FTBFS on 64-bit architectures with gcc-7, which in
experimental means at least amd64, ppc64, sparc64.
2017-05-04 02:48:18 +01:00
3c6e75c193
[armel/marvell] Make more things modular (fixes FTBFS)
...
This still gets us to:
Image size 2086338/2097080, using 99.49%. Under 1% space in experimental. Continuing.
which is uncomfortably close.
2017-05-03 22:46:38 +01:00
85b468262e
Remove unused liblockdep packaging
2017-05-03 21:02:49 +01:00
c6d012b61d
Prepare to release linux (4.11-1~exp1).
2017-05-02 20:57:50 +01:00
44b570caef
block: Enable BLK_WBT, BLK_WBT_MQ ( Closes : #859570 )
2017-05-02 20:06:26 +01:00
a4e087d3b1
Release linux (4.9.25-1).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlkI0/kACgkQ57/I7JWG
EQkutQ/9EsYdnQXf4HaC1YTqQW0Nu5+swZzyosOcdtMfJrj+PWXQMgmY4WWav8I/
DipRGhfXXMnqlBg1vOR5cEdqPznRm/cwcuPqZpw7H0fA7LvyCibg/7yERJYv7i1U
BIy8s29NCpVVRhDhY9Nl5t0WLGQT4Rg9JW6iKNRDq2y91etahSxzOBxB2B3k04Ys
9vFPpuKq5QAskCBGEucinYYKTy7/ciIXsaSij2m/G7/ly/Qaqt0pIgjqi4QhuJs3
yWidIm1aBvE4MHXH8WQkg1aF20vfdGXz3CZNT6BWFn/6hNesS+tEQpF/nYLBqnfS
2GghqeWO1+xzxlXWNZU/SD0JhkB6gAeZ+4MP7eYz8BAtpUz7H/zZfZNsOBWb6YJY
Pc8AjqG6mBd/1B2O8yXUda/j/xazEtg0c7uxQjyOEqh2nPeHn9FVLuJsSP74wxdx
zjGmOjJzKUmhBGxLdJZAFL5N7YbLR+qNQfV2UGz4+zVIJge9R7HwWwR9+Um8AHq0
qrnjRf6iAla1phYlgHnPx4r6A9kactDuFsNMfUN8nsUrV+KX15k+dt02CpFSWw0B
lXGPf2MNXTEp+CsuAVBAWFP55JCOwD6yYoLfEfErXvchc7qqIKHgmIrLSyexro7O
F1+HBfu6t1M4tRz0xNu8sGL4uzsjockMW8RL1HFgboUluMgTFPQ=
=k/sj
-----END PGP SIGNATURE-----
Merge tag 'debian/4.9.25-1'
Drop the added patches, which are already in 4.11.
CONFIG_NFP_NETVF is replaced by CONFIG_NFP in 4.11.
2017-05-02 19:57:00 +01:00
fb9c5429ac
Prepare to release linux (4.9.25-1).
2017-05-02 16:21:44 +01:00
38ea360ed4
crypto: Change CRYPTO_SHA256 from module to built-in, as required by IMA
2017-05-02 16:21:36 +01:00
472b038c1a
udeb: Move mfd-core to kernel-image, as both input-modules and mmc-modules need it
2017-05-02 14:11:10 +01:00
c4f7fb8fd3
selinux: Set SECURITY_SELINUX_CHECKREQPROT_VALUE=0, per default
2017-05-02 05:22:00 +01:00
97c9515edc
leds: Enable LEDS_GPIO as module for all configurations with GPIOs ( Closes : #860569 )
2017-05-02 05:19:00 +01:00
29ba603942
udeb: Add tifm_7xx1 to mmc-modules ( Closes : #861195 )
2017-05-02 05:12:01 +01:00
96174d4f99
[arm64] Enable ARMV8_DEPRECATED, SWP_EMULATION, CP15_BARRIER_EMULATION, SETEND_EMULATION ( Closes : #861384 )
2017-05-02 04:57:37 +01:00
c18a3bc8d8
Note that 4.9.25 closes #856843
2017-05-02 04:55:07 +01:00
62f19b9260
crypto: Enable CRYPTO_DEV_CHELSIO as module
2017-05-02 04:53:13 +01:00
1cf36ebc7c
[x86] crypto: Enable CRYPTO_DEV_QAT_C3XXX, CRYPTO_DEV_QAT_C62X, CRYPTO_DEV_QAT_C3XXXVF, CRYPTO_DEV_QAT_C62XVF as modules
2017-05-02 04:53:13 +01:00
52e8d9f36f
[rt] tracing: Enable HWLAT_TRACER
...
This is in mainline but not that useful without PREEMPT_RT.
HWLAT_DETECTOR no longer exists but I didn't notice because
kconfigeditor2 only looks at the mainline Kconfig files.
2017-05-02 04:53:13 +01:00
a315c25499
[x86] hwtracing: Enable INTEL_TH, INTEL_TH_PCI, INTEL_TH_GTH, INTEL_TH_MSU, INTEL_TH_PTI as modules
2017-05-02 04:53:13 +01:00
f250ad6f7b
dma-buf: Explicitly disable SYNC_FILE
...
I think this is needed by Android userland, but then so are a lot of
other things we don't enable.
2017-05-02 04:53:13 +01:00
675249285f
Explicitly set various symbols to their defaults
...
Mostly this disables a whole lot of drivers that should only be enabled
in specific configurations (if at all).
2017-05-02 04:53:13 +01:00
0f9f62ce3e
[x86] platform: Enable INTEL_HID_EVENT as module
2017-05-02 04:26:32 +01:00
cf48795305
[x86] comedi: Enable COMEDI_ADV_PCI1720, COMEDI_ADV_PCI1760 as modules
2017-05-02 04:26:32 +01:00
f5c277c282
[amd64] EDAC: Enable EDAC_SKX as module
2017-05-02 04:26:32 +01:00
9728988386
IB: Enable INFINIBAND_HFI1, INFINIBAND_I40IW, INFINIBAND_QEDR, RDMA_RXE as modules
2017-05-02 04:26:32 +01:00
fd24af5949
leds: Enable LEDS_TRIGGER_DISK, LEDS_TRIGGER_MTD, LEDS_TRIGGER_PANIC
2017-05-02 04:26:32 +01:00
f965312c8e
USB/misc: Enable UCSI as module
2017-05-02 04:26:32 +01:00
3f68b53e2c
usbip: Enable USBIP_VUDC as module
2017-05-02 04:26:32 +01:00
6dafde3362
leds,USB: Enable USB_LEDS_TRIGGER_USBPORT as module
2017-05-02 04:26:32 +01:00
f98a6c1701
HID: Enable HID_SENSOR_CUSTOM_SENSOR as module
2017-05-02 04:26:32 +01:00
bb3cdfe4f6
hda: Set SND_HDA_PREALLOC_SIZE=2048 as recommended for PulseAudio
2017-05-02 04:26:32 +01:00
6b9daaf87e
[x86] amdgpu,sound/soc: Enable DRM_AMD_ACP; enable SND_SOC_AMD_ACP as module
2017-05-02 04:26:32 +01:00
5ed69967a2
media: Enable VIDEO_TW5864, VIDEO_TW686X as modules
2017-05-02 04:26:32 +01:00
2d277e1fa2
Update to 4.11
...
All patches still apply!
2017-05-01 17:56:56 +01:00
7ba1afb386
nfsd: stricter decoding of write-like NFSv2/v3 ops (CVE-2017-7895)
2017-04-29 22:02:50 +02:00
7961205000
nfsd4: minor NFSv2/v3 write decoding cleanup
2017-04-29 21:59:48 +02:00
0e77dea5fc
nfsd: check for oversized NFSv2/v3 arguments (CVE-2017-7645)
2017-04-29 21:52:43 +02:00
4c666bd4da
Update to 4.9.25
2017-04-27 20:19:04 +02:00
d2be118d62
[m68k] udeb: Enable suffix for kernel-image ( Closes : #859366 )
2017-04-27 18:37:09 +01:00
f3c3de0f60
integrity: Enable IMA and related kconfig symbols (except on armel/marvell)
...
Closes : #788290
Based on advice from Matthew Garrett.
2017-04-27 18:37:09 +01:00
6771be1138
macsec: dynamically allocate space for sglist
2017-04-27 07:42:13 +02:00
7b2acecada
macsec: avoid heap overflow in skb_to_sgvec (CVE-2017-7477)
2017-04-27 06:43:38 +02:00
e7b761c5fd
[arm64] Add bug closure for raising NR_CPUS
2017-04-25 23:40:09 +01:00
4e57833523
watchdog: Enable WATCHDOG_SYSFS
2017-04-25 23:16:40 +01:00
2b2a89c35f
thermal: Explicitly disable GENERIC_ADC_THERMAL per default
2017-04-25 23:15:47 +01:00
a1a96efe46
[x86] thermal: Enable INT3406_THERMAL as module
2017-04-25 23:13:32 +01:00
cc56cd8593
gpio: Explicitly set various symbols to their defaults
2017-04-25 22:58:43 +01:00
8ab44aa518
[x86] gpio: Enable GPIO_AMDPT as module
2017-04-25 22:57:34 +01:00
f3a2da345c
spi: Explicitly set various symbols to their defaults
2017-04-25 22:56:53 +01:00
9ad676b26c
char: Explicitly enable DEVPORT per default
2017-04-25 22:53:32 +01:00
fd23df3a24
serial/8250: Enable SERIAL_8250_MOXA as module
2017-04-25 22:50:51 +01:00
25cf1aa652
[x86] input/touchscreen: Enable TOUCHSCREEN_SURFACE3_SPI as module
2017-04-25 22:49:04 +01:00
79226c42bf
input: Enable TABLET_USB_PEGASUS as module
2017-04-25 22:48:26 +01:00
c9034d73b4
drivers/input: Explicitly set various symbols to their defaults
2017-04-25 22:46:57 +01:00
e4f8eedb77
net/phy: Enable MICROSEMI_PHY as module
2017-04-25 22:42:23 +01:00
9ee3fb1151
ethernet: Enable NFP_NETVF as module
2017-04-25 22:41:37 +01:00
6a09142123
drivers/net: Explicitly set various symbols to their defaults
2017-04-25 22:37:52 +01:00
94b8328125
net/sched: Enable NET_ACT_SKBMOD as module
2017-04-25 22:23:51 +01:00
45a93062df
6lowpan: Enable Generic Header Compression modules
2017-04-25 22:22:50 +01:00
f6ab826219
PCI: Enable PCIE_PTM (except on armel/marvell)
2017-04-25 22:20:09 +01:00
fe7d4b95a0
Add changelog entry for CVE-2017-8061
...
Gbp-Dch: Ignore
2017-04-23 12:15:25 +02:00
1beb630d78
Add changelog entry to record CVE-2017-8063
...
Gbp-Dch: Ignore
2017-04-23 12:09:00 +02:00
dff836d7ec
Add CVE-2017-8064 reference
...
Gbp-Dch: Ignore
2017-04-23 12:02:37 +02:00
1ad0a79c0a
Add changelog entry for CVE-2017-8067
...
Gbp-Dch: Ignore
2017-04-23 11:46:28 +02:00
7bf90ad750
KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings (CVE-2017-7472)
2017-04-22 02:26:48 +01:00
89402402c8
KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings (CVE-2016-9604)
2017-04-22 02:25:04 +01:00
74fdfed494
Drop ABI maintenance patches
...
We're bumping ABI in the next upload so don't need these.
2017-04-22 02:22:38 +01:00
9c5f88b1f6
Update to 4.9.24
...
Drop most of our bug fix patches, which were included in it.
Adjust context in a couple of rt patches that have textual conflicts.
2017-04-22 00:59:32 +01:00
d518bcf5f3
[mips*el/loongson-3] Disable PAGE_EXTENSION and PAGE_POISONING.
...
This workaround a kernel crash, until the real issue is found. It is
currently being investigated.
2017-04-22 01:16:49 +02:00
f2b1e81469
[mips*/octeon] Drop obsolete patch adding support for the UBNT E200 board.
2017-04-21 11:31:33 +02:00
3cd2ed795d
[arm64] Enable REGULATOR_GPIO as module ( Closes : #860222 )
2017-04-21 01:33:01 +01:00
1e2342437a
[arm64] Enable ARC_SUNXI, RTC_DRV_SUN6I as built-in, MMC_SUNXI and PHY_SUN4I_USB as modules
...
Closes : #860855
2017-04-21 01:00:12 +01:00
ce8bf477b0
Restore #include that I mistakenly removed from arm64 securelevel/lockdown patch
2017-04-21 00:54:11 +01:00
0905519af4
Clean up kconfig using kconfigeditor2
...
Rename or delete options that changed in 4.11.
2017-04-20 19:45:06 +01:00
259372e240
[x86] Make hyperv-modules depends on nic-shared-modules
...
hv_utils (not hv_netvsc!) now implements a PTP clock.
2017-04-20 19:24:09 +01:00
0e0b29ad5a
[arm64,x86] Replace securelevel patch set with lockdown patch set
...
Matthew stopped maintaining the securelevel patch set, and David
Howells has taken it up under the new name 'lockdown'. This is
taken from:
https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git#efi-lock-down
commits ddb99e118e37f324a4be65a411bb60ae62795cf9..0240fa7c7c948b19d57c0163d57e55296277ff3c
Rebase the three patches not included there (cold boot mitigation,
arm64 SB integration, MTD RAM restrictions).
Update our kconfig for the renaming.
2017-04-20 02:38:34 +01:00
be339ddfdd
aufs: Update support patchset to aufs4.x-rcN-20170410
2017-04-20 01:48:49 +01:00
327c328b54
Update to 4.11-rc7 (and credit Lukas for his previous work)
2017-04-20 01:11:22 +01:00
d85c3a332d
Complete forward-porting of "arm64: add kernel config option to set securelevel ..."
...
efi_get_secureboot() now returns one of three enumerated values, not
a boolean. We need to either redefine the DT property the same way
(risky unless we also rename it) or squash them into a boolean.
Do the latter.
2017-04-20 00:51:24 +01:00
85c3a1be4d
Note Lukas Wunner's forward-porting work in patches
2017-04-20 00:48:59 +01:00
40f397ca1a
Drop another patch redundant with upstream changes
2017-04-20 00:16:12 +01:00
f26f2a520d
Update to 4.11-rc6
...
Remove merged patches and rebase remaining patches.
A portion of the secureboot patches have been upstreamed, but were
changed substantially during review, primarily to avoid code
duplication among arches. I've stripped the patches of the merged
bits and rebased the remainder.
Signed-off-by: Lukas Wunner <lukas@wunner.de>
[bwh: Undo some incorrect context changes in
bugfix/all/firmware-remove-redundant-log-messages-from-drivers.patch]
2017-04-20 00:15:17 +01:00
22e8e7af28
Explicitly mark some patches as Forwarded: no or not-needed
2017-04-18 04:19:54 +01:00
cf75a4d22c
Add Origin for a probably-obsolete MIPS patch
2017-04-18 04:19:20 +01:00
aa2adea45f
Update Origin and description for various patches now applied/merged upstream
2017-04-18 04:18:56 +01:00
790885d6d8
Add Forwarded header and update description for several patches
2017-04-18 04:15:47 +01:00
8701ef58ba
Replace "[media] dvb-usb: Don't use stack for reset either" with upstream fix
2017-04-18 01:16:50 +01:00
3f62574711
crypto: ahash - Fix EINPROGRESS notification callback (CVE-2017-7618)
2017-04-16 23:25:12 +01:00
4d042ae0ff
[rt] Update to 4.9.20-rt16
2017-04-16 21:52:57 +01:00
31945f628c
Update to 4.9.22
...
Drop patches applied upstream.
2017-04-16 21:47:05 +01:00
326a2052e2
linux-image: Disable signing until it's supported in dak
...
Only code signing through dak is going to be acceptable for a stable
release, so disable the current arrangement.
2017-04-16 18:53:52 +01:00
b4b1be4c52
Move debug symbols back to the main archive
...
dak currently allows a binary upload to include debug symbol packages
that don't appear in the overrides file or the Binary field of the
changes file, so long as they have the appropriate
'Auto-Built-Package' field and their name matches another binary
package in the upload plus the '-dbgsym' suffix.
For architectures with code signing enabled, our binary uploads never
match this condition as the corresponding binary package has the
'-unsigned' suffix and the debug symbols package does not. Since we
do list the debug symbol packages in the Binary field, they do get
added to the overrides file when accepted through the NEW queue, but
they are automatically pruned from there some time later. Later
uploads then have to go through NEW even though they are not
introducing new binary packages. This would be a big problem for
stable security updates.
For now, move debug symbols back to the main archive with the old
'-dbg' suffix. Keep them enabled for all architectures.
2017-04-16 18:53:35 +01:00
6ef03e0be7
Merge remote-tracking branch 'alioth/sid' into sid
2017-04-16 17:22:54 +01:00
Ben Hutchings
John Paul Adrian Glaubitz
Cyril Brulebois
Salvatore Bonaccorso
Uwe Kleine-König
Roger Shimizu
Aurelien Jarno
Lukas Wunner