Ben Hutchings
40f397ca1a
Drop another patch redundant with upstream changes
2017-04-20 00:16:12 +01:00
Lukas Wunner
f26f2a520d
Update to 4.11-rc6
...
Remove merged patches and rebase remaining patches.
A portion of the secureboot patches have been upstreamed, but were
changed substantially during review, primarily to avoid code
duplication among arches. I've stripped the patches of the merged
bits and rebased the remainder.
Signed-off-by: Lukas Wunner <lukas@wunner.de>
[bwh: Undo some incorrect context changes in
bugfix/all/firmware-remove-redundant-log-messages-from-drivers.patch]
2017-04-20 00:15:17 +01:00
Ben Hutchings
aa2adea45f
Update Origin and description for various patches now applied/merged upstream
2017-04-18 04:18:56 +01:00
Ben Hutchings
790885d6d8
Add Forwarded header and update description for several patches
2017-04-18 04:15:47 +01:00
Ben Hutchings
8701ef58ba
Replace "[media] dvb-usb: Don't use stack for reset either" with upstream fix
2017-04-18 01:16:50 +01:00
Ben Hutchings
3f62574711
crypto: ahash - Fix EINPROGRESS notification callback (CVE-2017-7618)
2017-04-16 23:25:12 +01:00
Ben Hutchings
31945f628c
Update to 4.9.22
...
Drop patches applied upstream.
2017-04-16 21:47:05 +01:00
Salvatore Bonaccorso
1d5fde10d8
mm/mempolicy.c: fix error handling in set_mempolicy and mbind (CVE-2017-7616)
2017-04-16 07:59:50 +02:00
Ben Hutchings
263f51b136
cpupower: Fix turbo frequency reporting for pre-Sandy Bridge cores ( Closes : #859978 )
2017-04-11 02:57:43 +01:00
Salvatore Bonaccorso
5547db97a6
fscrypt: remove broken support for detecting keyring key revocation (CVE-2017-7374)
2017-04-08 09:36:53 +02:00
Salvatore Bonaccorso
43f7156d3a
ping: implement proper locking (CVE-2017-2671)
2017-04-08 09:18:35 +02:00
Ben Hutchings
20a0659e24
drm/nouveau/disp/mcp7x: disable dptmds workaround ( Closes : #850219 )
2017-04-07 20:42:59 +01:00
Ben Hutchings
459f0a48e4
Release linux (4.9.18-1).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAljcf5EACgkQ57/I7JWG
EQmFcQ/8DoBxenUbNW5cY+YbwBKsjuBb8Q6gnqQLOX/JtOJ8MtpQ1t2QQPvMYdXJ
PTcNZAKm8mrsWJxos9WsUHjkdrfuLAsMTisC5FvDkE6myBt++GH3gRtKCT0A2nep
ZU17YeHYfcqv6UK90Jg0p+xAKQEEqKZrryP7fvb8oX5wOORwlLMxBScErftbB/vV
hBvwybq7gfA/4KxDTnWgadpidg16/67ZgKd0EoSsbCpFAJble/hRroMwzKUSzFW+
2yFxrmUNFoIXddoDtORNNdK0nM6b2MKeWKjmndknz4QehlayZWCg1+mEjp7A7Wqp
9naONqhQWMibARGkDl5Y7SZ9/XJXjPmDFXi3EIbhrWMN2TUkzUN14A1YHw+M9p5Q
9UbnpI6eDxjvlezcPjqucIM0ywFwljBrDsQXfGsR6ogQbYvA7nJ0dK63/EXzvl1U
UGUBwHtDhLHxtv85/JsUqq9/UVGbZjcHvyEfmE1mvbMcNxkSLSewt+jd78h7xIyL
tOZP24ARPKqcQ1detou47o8cMmwTqVl6xu08w83xin2Xux+UlYFTtI/LVws3oYNb
F3uEzIgtJbu7ENxCkY5RmIJG9qRJZJ2f6dnpLLld6D52paD5OYNrk1NShtf/Dp+r
zjJoiIRTcO9fPatjl07Y2eDeFeo2SKoD+Xd/5nGDoytE6JiDEXg=
=ONVb
-----END PGP SIGNATURE-----
Merge tag 'debian/4.9.18-1'
Drop ABI reference files.
Refresh/drop patches as needed.
2017-03-30 14:16:47 +01:00
Ben Hutchings
42ea80c71c
[arm64] rtc: tegra: Implement clock handling ( Closes : #858514 )
2017-03-29 23:42:54 +01:00
Ben Hutchings
8a7210aeea
net/packet: Fix integer overflow in various range checks (CVE-2017-7308)
2017-03-29 22:50:53 +01:00
Ben Hutchings
8703214f24
[x86] drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl() (CVE-2017-7294)
2017-03-29 22:42:53 +01:00
Ben Hutchings
de3e9af4dc
[x86] vmwgfx: NULL pointer dereference in vmw_surface_define_ioctl() (CVE-2017-7261)
2017-03-29 22:36:16 +01:00
Ben Hutchings
2dd2d226ca
scsi: sg: check length passed to SG_NEXT_CMD_LEN (CVE-2017-7187)
2017-03-29 22:31:24 +01:00
Ben Hutchings
3e739d51e3
xfrm_user: Apply fixes for CVE-2017-7184
2017-03-29 22:28:20 +01:00
Ben Hutchings
b303c03f3b
Update to 4.9.16
...
Drop one patch included in it
2017-03-20 00:12:10 +00:00
Salvatore Bonaccorso
f271c6453d
Update to 4.9.15
...
Drop one patch included in 4.9.15
Ignore ABI changes for
module:drivers/nvdimm/libnvdimm
module:drivers/target/**
debugfs_create_automount
2017-03-19 21:41:18 +01:00
Ben Hutchings
8851d0b7ac
ucount: Remove the atomicity from ucount->count (CVE-2017-6874)
...
...and avoid an ABI change.
2017-03-14 21:39:16 +00:00
Salvatore Bonaccorso
11c1294899
ACPI / EC: Use busy polling mode when GPE is not enabled
...
Thanks: Jakobus Schurz <jakobus.schurz@gmail.com>
Closes : #846792
2017-03-13 07:34:43 +01:00
Ben Hutchings
f96b366d00
Update to 4.9.14
...
Drop a patch applied upstream.
Ignore ABI changes as they shouldn't affect OOT modules.
2017-03-12 18:35:37 +00:00
Ben Hutchings
11d69f4069
tty: n_hdlc: get rid of racy n_hdlc.tbuf (CVE-2017-2636)
2017-03-08 03:07:36 +00:00
Ben Hutchings
7513bdfe2b
Kbuild.include: addtree: Remove quotes before matching path (regression in 4.8)
...
loses: #856474
2017-03-04 02:19:07 +00:00
Ben Hutchings
79e486b59b
[media] dvb-usb: don't use stack for firmware load or reset ( Closes : #853894 )
2017-03-01 15:43:37 +00:00
Ben Hutchings
49569a3b8c
sctp: deny peeloff operation on asocs with threads sleeping on it (CVE-2017-6353)
2017-02-27 15:49:27 +00:00
Ben Hutchings
f32a03523e
ipc/shm: Fix shmat mmap nil-page protection (CVE-2017-5669)
2017-02-26 20:51:00 +00:00
Ben Hutchings
003300166a
[x86] kvm: fix page struct leak in handle_vmon (CVE-2017-2596)
2017-02-26 20:29:29 +00:00
Ben Hutchings
93819d25f0
Update to 4.9.13
2017-02-26 20:10:47 +00:00
Ben Hutchings
1fcade696a
Update to 4.10
2017-02-22 20:58:16 +00:00
Ben Hutchings
8c94f719fa
Release linux (4.9.10-1).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlinNOsACgkQ57/I7JWG
EQntWg//RuNSbOQeyML971UnFUtZjY3yAUYqhPJdpJimjY3WHjmZlJQrLlSz9IYQ
48Pkt/64P0+iAr9zJ+3uJv1fOagKePd5RaS/iChJdvq0fCGZstFlti5NwXEQtGSv
Yzp0LStZr+pEPZo+8Bo+TVSP25FNXdZBvhUXE2sbxaV8+W9Vx+qFkfrWEiW7hpFv
nCQJic7kmzllS4Aol9e/jj2MqcdWIhviufAImNnfrbpK61Ud6Gznw9gTODw9+OIT
ny6F/k7O6MFPuHp3aAxVC5TCowh16PcC+VqJF9MTnnvHQmD3jYqdeA8zKLnW/tJk
Dl9A6whZ3n4fFRlGjgxjmTP/CgAIeQVqgTgYCApuQQTVG3svIkznoXJLraj5UE90
rzeB30x3ikUWcVggN7xfSkW3e6/v+XSbRfu73sFA81mWyWoddT/NYhw+Y18ym4UJ
Vk8iuAakpjdVj73FSyYOcNGRzOEp2SAV72EsJEMw1/IlIkmRkMmJkkg4T/HYj11P
jK/TjZtSsVbje4zx9/U6g8Rj4Wi40EHZu6kuh2jUhCk91zsAr+7EC45gZC+uohxL
jxKxv2R5p9AR7uN6JzQR4OuOL1bTCrt02MrWdsiPlUi0RBKlJ7O5sGMMsHrVMinn
4zFNeYq2U3Fyaejb32x3DOKtgCjoMRQ5iHyrjgljhzxJcf3fWKk=
=rRkU
-----END PGP SIGNATURE-----
Merge tag 'debian/4.9.10-1'
Drop changes to aufs.
2017-02-22 20:57:36 +00:00
Salvatore Bonaccorso
8db6ed9e89
dccp: fix freeing skb too early for IPV6_RECVPKTINFO (CVE-2017-6074)
2017-02-19 10:46:20 +01:00
Ben Hutchings
7b50304bda
Update to 4.9.11
2017-02-18 20:53:41 +00:00
Ben Hutchings
5d590456c4
[armel] dts: kirkwood: Fix SATA pinmux-ing for TS419 ( Closes : #855017 )
2017-02-18 00:38:36 +00:00
Ben Hutchings
92d269eac2
media: dvb-usb-dibusb-mc-common: Add MODULE_LICENSE ( Closes : #853110 )
2017-02-17 02:56:32 +00:00
Ben Hutchings
4e1df53c24
[x86] xen: Fix APIC id mismatch warning on Intel ( Closes : #853193 )
2017-02-17 02:42:17 +00:00
Ben Hutchings
31532f0851
[x86] platform: acer-wmi: setup accelerometer when machine has appropriate notify event ( Closes : #853067 )
2017-02-17 02:37:50 +00:00
Ben Hutchings
e035177b13
net: ipv6: check route protocol when deleting routes ( Closes : #855153 )
2017-02-17 00:58:21 +00:00
Ben Hutchings
10f2dad569
Update to 4.9.10
2017-02-16 19:06:43 +00:00
Salvatore Bonaccorso
58fbff3df5
sctp: avoid BUG_ON on sctp_wait_for_sndbuf (CVE-2017-5986)
2017-02-15 11:54:59 +01:00
Salvatore Bonaccorso
9e381d5c13
ipv4: keep skb->dst around in presence of IP options (CVE-2017-5970)
2017-02-15 11:50:22 +01:00
Salvatore Bonaccorso
4e5e705c5f
selinux: fix off-by-one in setprocattr (CVE-2017-2618)
2017-02-15 11:44:55 +01:00
Salvatore Bonaccorso
4a1042f1a0
IB/rxe: Fix mem_check_range integer overflow (CVE-2016-8636)
2017-02-15 11:41:25 +01:00
Ben Hutchings
9ee6dbd395
Update to 4.9.9
...
Drop revert-patch which is superseded by upstream fix in 4.9.9.
Delete log line for commit that went into 4.9.7 and has now been
reverted.
2017-02-10 00:04:25 +00:00
Ben Hutchings
fb27baab98
pegasus: Use heap buffers for all register access ( Closes : #852556 )
2017-02-07 01:44:24 +00:00
Ben Hutchings
abd788f1da
cpumask: use nr_cpumask_bits for parsing functions ( Closes : #848682 )
2017-02-07 01:40:13 +00:00
Ben Hutchings
63ef596c74
Update to 4.10-rc7
2017-02-07 00:39:58 +00:00
Ben Hutchings
7eec246dc0
Update to 4.9.7
...
Drop patches applied upstream.
2017-02-03 13:51:44 +00:00
Riku Voipio
701bf4b244
Revert efistub changes, Closes : #853170
...
[benh: Update changelog]
2017-02-03 03:51:48 +00:00
Ben Hutchings
1ca7f0fad2
[powerpc*] Fix missing CRC for _mcount
2017-02-01 23:53:37 +00:00
Ben Hutchings
000457eb03
[powerpc*] Revert the initial stack protector support
...
Fixes build failure on ppc32 (or one reason for it) and boot failure on
ppc64.
2017-02-01 23:51:09 +00:00
Ben Hutchings
9805479fdb
[sparc64] topology_64.h: Fix condition for including cpudata.h
...
This might fix the FTBFS, but as I can't currently do a test build
I'm not sure.
2017-02-01 23:50:15 +00:00
Ben Hutchings
cebb2af7dd
[s390x] Un-revert upstream change moving exports to assembly sources
...
s390 now has <asm/asm-prototypes.h>, so exports from asm should have
versions. It also gained another EXPORT_SYMBOL() in asm that we
didn't revert, leading to FTBFS.
2017-02-01 23:49:39 +00:00
Ben Hutchings
6b038a62ac
Update to 4.10-rc6
2017-01-30 16:28:55 +00:00
Ben Hutchings
6adadc8ec6
Release linux (4.9.6-2).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAliL3k0ACgkQ57/I7JWG
EQlmog/8D/DowVsxEjNdiHAewH7HUyqdADkCRkeqsmKgCtZEmvEaYE0RijZzGDhm
Ge4PxOzhLE/DRxJF2gN8y0hIVOnigje9qYN5OBdgB/FNNKThL6ARwiu2LD6DYcwU
+Lu6g8iHqsKHZ+NllHEiiwJ4rR39qf3Tkzz5cgm4jEi+5IjnoefOhaFhyPzBkz8i
p6fWklEhev8+lQ1sW9gF94p3t0dOp/31TWACagRQronrTtT2xAzdrR5ESPTo6FFg
gtcfqoB7AYA4LTuzoKIQRgGLsgKk73iLPF874ZuK9g/+4Z2lF9NBbwve3O0qYKCy
NERddjjx9QEf4cjToqAii10AzAfuBFDG/b77ZscREwysUwMhkz47ADefu5v1P2kJ
XdL/sJ/nXyhItV/VK8ym9lg4jAA8K5UOjn+8RtWBTE8091N7y7kyNHTQ4SppySIZ
Ow+NsWkMd+WYxkdGPSYc7nHthhVRvfC9C4cxamn9en+MNmakMgJcOZTxS4/gcTvx
DMCWGmEJrD5Bu3m9GrJzwfaXteWxMYihsq9ofjXeaeYqxgXZ62GuxMeRq3kBOhSw
H9MUITkqfsjcg7eAz8elFhRvrurlVUWFsSCGr4Fd1Tv9zrFw8OXNRrApy4UQOQ4x
Uw5AcA/3ZA3QCPsOuU8ENES57vJb+D3E/LZZJdTktVLUcoxA0tA=
=C8FJ
-----END PGP SIGNATURE-----
Merge tag 'debian/4.9.6-2'
2017-01-28 01:19:31 +00:00
Ben Hutchings
e345ccbabe
[armhf,arm64] Add security fixes for vc4 driver
2017-01-26 21:27:04 +00:00
Ben Hutchings
810b36a1d3
fbdev: color map copying bounds checking (CVE-2016-8405)
2017-01-26 21:15:56 +00:00
Ben Hutchings
a873a1d79d
Update to 4.9.6
...
Drop patches which are included in it.
2017-01-26 19:24:36 +00:00
Ben Hutchings
601b9e92a1
Update to 4.10-rc5
...
Drop/refresh patches as appropriate.
[rt] Disable until it is updated for 4.10 or later
2017-01-24 19:26:38 +00:00
Roger Shimizu
7a613e23af
nbd: fix 64-bit division
2017-01-24 21:35:14 +09:00
Ben Hutchings
a2704d736e
[x86] ASoC: Intel: select DW_DMAC_CORE since it's mandatory
...
This also allows enabling SND_SOC_INTEL_BDW_RT5677_MACH without
DW_DMAC_CORE built-in.
2017-01-24 04:43:02 +00:00
Salvatore Bonaccorso
3c00650618
ieee802154: atusb: do not use the stack for buffers to make them DMA able (CVE-2017-5548)
2017-01-23 20:59:51 +01:00
Salvatore Bonaccorso
c74f7d65fe
HID: corsair: fix DMA buffers on stack (CVE-2017-5547)
2017-01-23 20:57:07 +01:00
Salvatore Bonaccorso
4686b122fc
Update to 4.9.5
2017-01-21 15:52:44 +01:00
Salvatore Bonaccorso
f18792b8fa
[x86] KVM: fix emulation of "MOV SS, null selector" (CVE-2017-2583)
2017-01-19 13:13:14 +01:00
Salvatore Bonaccorso
5745d97d88
[x86] KVM: Introduce segmented_write_std (CVE-2017-2584)
2017-01-19 13:09:22 +01:00
Ben Hutchings
c6b1f1b2b1
ath9k: fix NULL pointer dereference ( Closes : #851621 )
2017-01-17 03:51:38 +00:00
Salvatore Bonaccorso
d264d7d524
tmpfs: clear S_ISGID when setting posix ACLs
2017-01-16 09:31:01 +01:00
Salvatore Bonaccorso
a126d0bd27
sysctl: Drop reference added by grab_header in proc_sys_readdir (CVE-2016-9191)
2017-01-16 09:26:36 +01:00
Ben Hutchings
a7f877c1f1
nbd: use loff_t for blocksize and nbd_set_size args ( Closes : #851533 )
2017-01-16 02:36:18 +00:00
Ben Hutchings
39fa6fb0e9
[sparc64] Export memcpy and memset to modules again (fixes FTBFS)
2017-01-12 02:09:42 +00:00
Ben Hutchings
2ebf1235ed
Partially revert "usb: Kconfig: using select for USB_COMMON dependency"
...
It causes USB_COMMON to be built-in for no good reason.
2017-01-11 04:40:28 +00:00
Ben Hutchings
13c410d6c1
Update to 4.9.2
2017-01-09 21:06:30 +00:00
Ben Hutchings
0814db65a8
Update to 4.9.1
...
Drop two obsolete patches.
"ptrace: being capable wrt a process requires mapped uids/gids"
appears to be obsoleted by upstream commit bfedb589252c "mm: Add
a user_ns owner to mm_struct and fix ptrace permission checks".
2017-01-07 03:27:13 +00:00
Ben Hutchings
9e92fc9bab
Revert "arm64/mm: Limit TASK_SIZE_64 ..." and add breaks on incompatible mozjs
...
mozjs assumed VAs would never be wider than 47 bits. Add Breaks to
force upgrades of those packages. For mozjs 1.8.5 the fix requires an
ABI change so this is unversioned; for mozjs 24 there was no ABI
change so this is versioned.
(luajit has the same problem but only the experimental version
supports arm64. I assume this will be fixed before it goes into
unstable, so we don't need it in Breaks.)
2017-01-07 02:07:50 +00:00
Ben Hutchings
97ab9059a9
Release linux (4.8.15-2).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlhtitEACgkQ57/I7JWG
EQlPqQ//V6+eUGkATmlFFyxsM91OsMgZyxtt0Pzf7XvFg4gBr+hJIaJwxasVRZGi
w/r4uYHmiX7fLrXnanT+RekT1zCGQBOLUvm2Rlwi845PAl9fMCSb+9Jiz60THeN7
cHg7JEvNhTEEDpLK1FJlU3fiMqb5LRdUTkz+RkhKRfITm4/bT3h0Ow72/Xy6JsrI
nAf/AyncvBCQvrIUXYyfyHUPhkYMk8L7bC6G4o803kFdPYTb1WR2gRbpsI6jSVs8
YFbrfMpH1foPHiTVWP+inDN9LA2TO8QGMvAuCAQzQuLzKztrU0i/1shjDfaN61qx
xQhXE08TwNnkDZQCtIFZrLkRPSFlLqFqVWyL9eyPAYNAnZeugxB6F3HOWk5cKWqj
NPpZ10zAnKliPnL7z+eFlxLq34UgVqqe1FeRB5iBEC2dQYEs3LuB1RF2zFOuZ74T
cvXKJJhuR4iMNcAOax6Uab+3iyC/PGm5VSiCL+IPbD7H9IaXLcICE8l1r0zRs5Sa
Um4YQKTy8kFK/CRsEOB8CofXMuBXLzEw2xeNn6187d/ZeA7uiUsyd2nVkXnO0FNt
B2JkV6kwO99WAnNwTZSwF7QJJe8ir7X4X1qdk00sqNYiDff/CBHjRT1gLRzNyOuJ
r9QFKRt4UGF3XGpE89czRRoHfP9WkdrmdmP1i/DnkSVO6L8/y6Y=
=AxAX
-----END PGP SIGNATURE-----
Merge tag 'debian/4.8.15-2'
2017-01-05 00:01:00 +00:00
Ben Hutchings
bc0de8a222
[powerpc*] boot: Request no dynamic linker for boot wrapper
...
Closes : #848851 , FTBFS on ppc6el
2017-01-02 03:09:22 +00:00
Salvatore Bonaccorso
5efdda62b4
kvm: nVMX: Allow L1 to intercept software exceptions (#BP and #OF) (CVE-2016-9588)
2017-01-01 09:15:13 +01:00
Salvatore Bonaccorso
e7ccf65ec6
sg_write()/bsg_write() is not fit to be called under KERNEL_DS (CVE-2016-10088)
2016-12-31 20:21:43 +01:00
Ben Hutchings
344453b7f7
Release linux (4.8.15-1).
...
-----BEGIN PGP SIGNATURE-----
iQKmBAABCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlhYKrFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89E6xQP/1MRca+ekUynYy2IFUipst1zlvO94p59
79Pe26mFBb05MuDdU1DaA/fJvlpG14rDCnXCid8AAGF9LtuCzrxo6K2RdHpCi8h8
JuJCRSMrh3p3SvkeTDm3osLuRgaARvD7ruBOpWYki3D3TORpJk9IELK+HLw4CfBb
I50sJQSfTQm1/TKEwbHIHc0L1/FH5yVqMYA8v5KvJsz94ICXe4J5FJyIReexqVIL
LGO45r23eOHJ9rmO/XP1gtp9sRtPev2ZAbL4VwOqbku/KVQGQUMsikv0TUHBZT1C
jCz2ffFaJtTWWFhoKTUqCmKyqhuIklGMS4MOPHMxjXBdgA6Nb2iGOWc53ilQ35v+
umh4BJWNgqtJfkibJTDD/gA/f/U2f7O+a2ZTOXZjJPbK8bVNiyqnImHP4XWDS4OC
5IW7swgvvBVDIk7eDzDd3lKK8O1ZcWjS5U9PbaXu9C0XDeTSOKQUhfpRkfvUaqzQ
BshFmULrdvFKQzS/FJdcW/DkjGdcyYLjYtB+jPaHTG/ZytGDBqZIu4Yb4/hFAdUd
rk1MgyI4GfeBFT7RlItBJK+12WtdyTbfaiCDS4O+av0yM0drBIpm6wpl2OHZrP0R
70nZKVTcdSu+4TN3uoy2ZHHaw/ZsrsAE3EePQtdNtDAFYj7oIWjDDCVHJH4zdFHl
ekMUyxf7Hzun
=i7IG
-----END PGP SIGNATURE-----
Merge tag 'debian/4.8.15-1'
Drop ABI reference files.
2016-12-20 03:58:23 +00:00
Salvatore Bonaccorso
09027445ba
Fix another mistake in original commit, set Origin propriately
...
Gbp-Dch: Ignore
2016-12-19 09:16:12 +01:00
Salvatore Bonaccorso
46f0821f70
Fix Signed-off-by line for docs-sphinx-extensions-make-rstFlatTable-work-with-d.patch
...
Gbp-Dch: Ignore
2016-12-19 09:14:36 +01:00
Salvatore Bonaccorso
36b7372766
docs: sphinx-extensions: make rstFlatTable work with docutils 0.13
...
Thanks: Dmitry Shachnev <mitya57@debian.org>
Closes : #848349
2016-12-19 08:30:20 +01:00
Uwe Kleine-Koenig
a9f6833ed4
Update to 4.9
2016-12-18 18:00:28 +01:00
Salvatore Bonaccorso
966cf13de0
netfilter: ipv6: nf_defrag: drop mangled skb on ream error (CVE-2016-9755)
2016-12-14 17:12:59 +01:00
Salvatore Bonaccorso
14a852ee64
Update to 4.8.14
2016-12-12 20:28:07 +01:00
Ben Hutchings
c7f834c8dc
Revert "Revert "arm64/mm: Limit TASK_SIZE_64 ..." and add breaks on incompatible mozjs"
...
This reverts commit a462c39f5d
. mozjs24
got 'fixed' in an ABI-compatible way that had to be reverted, so it's
still broken. Same for mozjs, though it hasn't been reverted yet.
Also, Breaks relations against source package names would not have
been very effective.
2016-12-11 02:15:44 +00:00
Salvatore Bonaccorso
93304bd632
net: handle no dst on skb in icmp6_send (CVE-2016-9919)
2016-12-10 07:42:41 +01:00
Salvatore Bonaccorso
d2f4158d99
Don't feed anything but regular iovec's to blk_rq_map_user_iov (CVE-2016-9576)
2016-12-10 07:35:50 +01:00
Salvatore Bonaccorso
56659f5080
net: ping: check minimum size on ICMP header length (CVE-2016-8399)
2016-12-10 07:29:51 +01:00
Ben Hutchings
a462c39f5d
Revert "arm64/mm: Limit TASK_SIZE_64 ..." and add breaks on incompatible mozjs
...
mozjs assumed VAs would never be wider than 47 bits. Add versioned
Breaks to force upgrades of those packages.
(luajit has the same problem but only the experimental version
supports arm64. I assume this will be fixed before it goes into
unstable, so we don't need it in Breaks.)
2016-12-09 12:07:18 +00:00
Salvatore Bonaccorso
be8be2cb5f
net: avoid signed overflows for SO_{SND|RCV}BUFFORCE (CVE-2016-9793)
2016-12-08 19:28:56 +01:00
Salvatore Bonaccorso
3b66b4fcef
packet: fix race condition in packet_set_ring (CVE-2016-8655)
2016-12-07 10:34:33 +01:00
Salvatore Bonaccorso
27fc4207c6
tipc: check minimum bearer MTU (CVE-2016-8632)
2016-12-07 10:31:56 +01:00
Salvatore Bonaccorso
59ebe22f2f
Update to 4.8.12
2016-12-06 21:19:22 +01:00
Ben Hutchings
41004b49b6
[sparc64] Don't re-add exports of string functions that are now only defined as macros
...
Together with fixes to DMA address types in 4.9-rc8, this should fix
the previous FTBFS.
2016-12-05 01:45:33 +00:00
Ben Hutchings
b3906798a8
Revert "default exported asm symbols to zero"
2016-12-05 01:07:36 +00:00
Ben Hutchings
1c1ab88dbe
Update to 4.9-rc8
2016-12-05 01:02:03 +00:00
Ben Hutchings
7e80c27706
radeon: Update package name in error message for missing firmware
2016-12-03 03:30:15 +00:00
Ben Hutchings
34594185e1
Drop "default exported asm symbols to zero"
...
This caused *all* symbol version CRCs to be zero in modules on amd64.
2016-12-03 01:45:17 +00:00
Ben Hutchings
2431e89ed3
Update fixes for exported symbol versions
...
Linus has re-enable CONFIG_MODVERSIONS, but also weakened the version
matching. Apply his match but then revert the weakening.
Also add a proposed fix for missing version CRCs, which gives them a
default value of zero. Since buildcheck.py now checks for this, we
should detect all unversioned symbols at build time.
2016-12-02 23:13:17 +00:00
Ben Hutchings
ab01013e14
[powerpc*] Fix more exported symbol versions
2016-12-02 02:49:08 +00:00
Ben Hutchings
aca57cd0d7
Fix patch header for "x86/kbuild: enable modversions for symbols exported from asm"
2016-12-02 02:49:08 +00:00
Ben Hutchings
aa461be2cb
Add patch reverting s390 asm symbol export changes, missed from previous commit
2016-12-02 02:49:08 +00:00
Ben Hutchings
54d0756a33
Fix exported symbol versions
...
- Revert upstream changes moving exports to assembly sources
- [x86] kbuild: enable modversions for symbols exported from assembly
- Revert "Fix subtle CONFIG_MODVERSIONS problems"
This leaves powerpc and x86 as the only kernel architectures that
export symbols from assembly, and <asm/asm-prototypes.h> for those
two appear to define prototypes for all the functions that are used.
2016-12-02 00:19:09 +00:00
Ben Hutchings
67d96bc121
Update to 4.9-rc7
...
This has a different fix for the missing modversions on ARM.
2016-12-01 20:08:58 +00:00
Salvatore Bonaccorso
ceb75c4337
mnt: Add a per mount namespace limit on the number of mounts (CVE-2016-6213)
2016-11-30 16:15:29 +01:00
Salvatore Bonaccorso
b67bd212fa
vfio/pci: Fix integer overflows, bitmask check (CVE-2016-9083 CVE-2016-9084)
2016-11-30 09:15:19 +01:00
Salvatore Bonaccorso
609f818472
mpi: Fix NULL ptr dereference in mpi_powm() (CVE-2016-8650)
2016-11-30 09:04:11 +01:00
Salvatore Bonaccorso
3536d5d7a6
Update to 4.8.10
2016-11-28 21:10:27 +01:00
Salvatore Bonaccorso
a559c41683
Update to 4.8.9
2016-11-26 17:37:18 +01:00
Ben Hutchings
fa9e148da4
Update to 4.9-rc6
2016-11-21 23:52:49 +00:00
Uwe Kleine-König
0971da3b71
[armhf,armel] fix CRC generation for modules
2016-11-19 17:06:08 +01:00
Ben Hutchings
96f3d8b5c3
Revert "include/uapi/linux/atm_zatm.h: include linux/time.h" ( Closes : #844491 )
2016-11-16 21:18:15 +00:00
Salvatore Bonaccorso
b7117071e0
fs: Avoid premature clearing of capabilities (CVE-2015-1350)
...
Closes : #770492
2016-11-16 19:23:06 +01:00
Salvatore Bonaccorso
b048cc5a7c
fs: Give dentry to inode_change_ok() instead of inode
2016-11-16 19:20:21 +01:00
Salvatore Bonaccorso
2e74b80287
fuse: Propagate dentry down to inode_change_ok()
2016-11-16 19:18:11 +01:00
Salvatore Bonaccorso
055cd5a2d1
ceph: Propagate dentry down to inode_change_ok()
2016-11-16 19:14:26 +01:00
Salvatore Bonaccorso
2683f37d06
xfs: Propagate dentry down to inode_change_ok()
2016-11-16 19:11:36 +01:00
Salvatore Bonaccorso
26676cdca0
Update to 4.8.8
2016-11-15 22:32:40 +01:00
Ben Hutchings
abd19bbc53
Release linux (4.8.7-1).
...
-----BEGIN PGP SIGNATURE-----
iQIcBAABCgAGBQJYKMjFAAoJEOe/yOyVhhEJOtIP/RIo9vUk0PusThnw4bYQTA8T
x8UTEpGJ+tqWBRL+yv7Ff3A8qP2TRAvJW2xzqu1+4UwNYgCSTa8A20bJ6crGzN8X
Y6J7nqWFuzWsB2SHsPvYI1m0Q9luNrQ+1vkohpH53u8FfJxuceHwP/tFj6ShMl8i
bNUiftui2Sc82JUjUdiG2EpXlIJH+N3aO8+R5ER3qUqoiHxChrslSbh3Lg8T8Tcp
ItwwLi6K9s3CjYCiDiZ54+BYYQRy+rmTRFpEmgac4v2+HqXrMKAR4D6EomqMl3r1
wHQ/F/Tt1GMvYvJniKWJIJVeCzuZSBmaQrL+D7xkKVGrzMo7QGGW1xr3DzyV1alc
Ugx4k2nDbPDGinrbkhJbuds02VDIl8vfrnUM1NCYZ2GrReD5jJPj6OcZvlXRbjZw
gUL1j+3w1dCa71E2rufZK7DZnGw4MjR9Q0cAefbgWNzEFDNh3nXQEKpxleEMmT/C
xXVR2cfUpOAr1J4vR++I7kAn9re9tw7UlX3JYqH8+ty6Lm+DxrzoGMxEd1bmxYm9
yzIn4O8x6LK2B7NdHfRs1SJC4rWWy/3+2z+5SnFroGMem8ugDhB95Q3QFvQGe9Ga
zw1T6+GlYF9oglzY87XcKY2oUQveL8A45pM2TF3HsgGbx7wziR2yymjWAk03w32Y
uYbKvmpQsH/wNrOA8E8I
=uDst
-----END PGP SIGNATURE-----
Merge tag 'debian/4.8.7-1'
Drop ABI maintenance and patches that are already upstream.
2016-11-13 21:52:47 +00:00
Ben Hutchings
9ab8cb710b
[x86] efi: Prevent mixed mode boot corruption with CONFIG_VMAP_STACK=y
2016-11-13 21:00:47 +00:00
Ben Hutchings
b15e0cf459
Update to 4.9-rc5
2016-11-13 20:35:21 +00:00
Salvatore Bonaccorso
e8880932f8
Update to 4.8.7
2016-11-11 20:00:01 +01:00
Ben Hutchings
82c55764b5
kbuild: Update -fno-PIE patches to match upstream
2016-11-10 20:26:29 +00:00
Salvatore Bonaccorso
d99e060fe3
[x86] kvm: Check memopp before dereference (CVE-2016-8630)
2016-11-06 17:54:35 +01:00
Ben Hutchings
7aecddec04
[amd64] kbuild: Add -fno-PIE to scripts/gcc-x86_64-has-stack-protector.sh
2016-11-03 16:51:48 -06:00
Ben Hutchings
d882885835
cpupower: Fix checks for CPU existence ( Closes : #843071 )
2016-11-03 16:11:35 -06:00
Ben Hutchings
586b6ef20b
kbuild: add -fno-PIE ( Closes : #841368 )
2016-11-03 13:32:07 -06:00
Ben Hutchings
c6318ee2ee
Update to 4.9-rc3
2016-11-03 13:04:20 -06:00
Ben Hutchings
0acd08301d
Update to 4.8.6
2016-11-03 12:08:20 -06:00
Ben Hutchings
4ac6860c3b
Update to 4.9-rc2
...
Drop/refresh patches as appropriate.
2016-11-01 09:39:31 -06:00
Ben Hutchings
64e2286fbd
Update to 4.8.5
...
Drop patches applied upstream and move changelog text for the bugs
under the stable update.
2016-10-28 20:31:36 +01:00
Ben Hutchings
e34c6c01c6
[x86] Input: elantech - add Fujitsu Lifebook E556 to force crc_enabled ( Closes : #835160 )
2016-10-28 20:18:08 +01:00
Ben Hutchings
4456cb3bc3
[x86] Input: i8042 - skip selftest on ASUS laptops
2016-10-28 20:16:42 +01:00
Ben Hutchings
d9f03c486b
netfilter: xt_NFLOG: fix unexpected truncated packet ( Closes : #841261 )
2016-10-28 20:16:09 +01:00
Salvatore Bonaccorso
f86bc88075
[x86] boot/smp: Don't try to poke disabled/non-existent APIC
...
Closes : #841850
2016-10-26 09:17:48 +02:00
Ben Hutchings
68bef0cc04
Release linux (4.7.8-1).
...
-----BEGIN PGP SIGNATURE-----
iQKPBAABCgB5BQJYB7RuXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ0NjQ0NDA5ODA4QzE3MUUwNTUzMURERUUw
NTRDQjhGMzEzNDNDRjQ0EhxjYXJuaWxAZGViaWFuLm9yZwAKCRAFTLjzE0PPRKbv
EACPw/ltBkYlQohcTxO+Jwg6Pj9J2UAcuQeDBsRLxOONLEcfChUtB6YbWnjpP4n7
PBjFl1oXFlRL2AIp8yJJDNyLRApNHaIJ5Rw15OU0XBZi61iFkMhvZHtFUJI0VifU
40otIo4/IAgWfYjcIl445m13bS21XzaYkT5hDmKihp1975gBP51LyVXtMPvYC2HO
2grpj37HbDEhKfXSxPDG++ID20VrHOyKVNnfyzg9lOe0oNRT36j5i1QJtqQPekh1
gWx98W/QqVpmeyRV1xvFjit2AzjwrIyp8H22wlN5IOG0HXitOrEA0AiQi1pjcMM0
3O6wRmWTiOoiMiCQEQ+O+92U+uALTG0ssq/9rubAW70CieiQLKmQBZiSoY3JVDfl
AojNP89QIx273w2aGQpZUY/RJnFWFy3fdh+c8wuLbTGkV3cCwXTd1VpNvi1EVKKK
SjFytKI3AGLAihXiThbICSiynqsRKdh7ypWzoCF5OxdURk9/HXSOYpk0Ieuqze+R
niLpETsVpfZCSHjjlG/7oaPAdGEqTm1BZ8a36HmzuByGftARwZ0XqaSUMsbOJC+n
nZrljSt1migRNKcONPuAvVucOjtI6Bj52Azdq2KutQiKZt1Kie9jLSA32/VNT6u5
xCRtMNQnatFCUqdJm5pI0pnUgdpL9nykbggY/g0uPBJfEg==
=6RXa
-----END PGP SIGNATURE-----
Merge tag 'debian/4.7.8-1'
2016-10-23 04:43:12 +01:00
Salvatore Bonaccorso
c5c7172244
mm: remove gup_flags FOLL_WRITE games from __get_user_pages() (CVE-2016-5195)
2016-10-19 17:56:02 +02:00
Salvatore Bonaccorso
82d68fe753
KEYS: Fix short sprintf buffer in /proc/keys show function (CVE-2016-7042)
2016-10-13 22:50:12 +02:00
Ben Hutchings
ae695bc66b
scsi: arcmsr: Buffer overflow in arcmsr_iop_message_xfer() (CVE-2016-7425)
2016-10-13 00:24:49 +01:00
Ben Hutchings
efccbd4eb2
posix_acl: Clear SGID bit when setting file permissions (CVE-2016-7097)
2016-10-13 00:23:11 +01:00
Ben Hutchings
c27b72f255
net: add recursion limit to GRO (CVE-2016-7039)
2016-10-13 00:17:03 +01:00
Ben Hutchings
6429254d8f
Release linux (4.7.6-1).
...
-----BEGIN PGP SIGNATURE-----
iQIcBAABCgAGBQJX9/r9AAoJEOe/yOyVhhEJaFIQANHw/AYqMiP/0fnT8TRl1ISq
1jK7KhHKs4h7O+f4r/D31FLUAC+YVhpAqw4aHCiTwg9fjVULLcxaX91AAtpdliGm
NhWPT7/p8S6SiLTZtVxEb8MAzNqTnN4UdoBMdetWvHYSD/zq5U/BSWCTmm5pOu+X
E6mzwHdkgzUF/Wnt3bmmSmU415BG4nW6xIroYfH3DDSoj1pkxSW9BUhIv2L5mY25
emjFyXMqYRKJ93CBbCewNy0sLiL1V94P0r8HIdo2JDQg1QecYnYtV0AC/2kZODhm
9l3OyB6Dp20y5ib+t6/+4WqvmXl6XrvvjZMtHXsyv44gC1j7e0ChrXbsYk//4Lpo
FgQ8IYaNLskPEXyjzNHhwt61i0BIfZmKSJ17ldkgofAmt+Wa1926jFih5twFu5fj
pMkkxlJUZU7QKxEtuhC7bSOzRzoXjb+xx21Zgenhc89GamagRAKncFbRlJ6K+4pS
SMVlnXuLC0MHlUnAxZQ/N7hdhS235UxSFBp3qyOrYDWmjxyXkItyRfd7SKeSk3Vx
ZikpGlvsvExvyzrjTdyLwBmlyj2I+XZxGxOT2pe4EYb1xxLXUTBAqU1Ycsd8XjC3
lUqTn3r29PYeXRYC9eUsJryLJjejdkTIssM5Y9hhoi9KjMnLptRS7tJAeCO+C8QF
Qyhb3De7DCWrkcl8YSJI
=fl9b
-----END PGP SIGNATURE-----
Merge tag 'debian/4.7.6-1'
2016-10-07 21:04:15 +01:00
Ben Hutchings
ec2dc97fc9
mm: memcontrol: use special workqueue for creating per-memcg caches
2016-10-07 00:59:09 +01:00
Ben Hutchings
78f97bb258
Add of_mdio fixes to make device tree fixed-link definitions work properly
2016-10-02 16:26:16 +01:00
Ben Hutchings
b2480a3dfe
Release linux (4.7.5-1).
...
-----BEGIN PGP SIGNATURE-----
iQIcBAABCgAGBQJX6HXOAAoJEOe/yOyVhhEJA68QAJSLxpMHBbl9474Q/SPonncf
S7NXiYZQuo7STq0uHUVxtOTpVKRc/7y793tdtpI3Ec6nZqilS+4uKq1QNAh7kj6n
JwilTLkfbjRS4+VqEEHJtVfK/bjijEep943W+uv3foMXPzbJulgRNrf54nUOFA2n
WY1ZfL6Dp+tvys49UrK+3lsuY/ZCLzpck3m0rScGYgalfnZo00ttPto29YZjVXrp
7RZset950hvEvL7cD7GXi2pqoEcvV3AISOABgKU0U6VitS1E8wJHW1pDZvHgZDKO
55lAdyyEsAE96J1RzKwPjyHTKDmr1v6AiqNxwviLndwoLflYHUbsZBx0H9pRE0Gi
45IDQELGFToJ/4dDNijk3oyOsQaV06f0gYv+FqGnN33IWxrlz9oQ3PSWB6qA9dr5
vBGG1tzoYFdManBwZvH5smD25Ckc3TK2UzMqJA1BIjRpCoajxfmZWcgfPH8Z9gwJ
5giCQkEKCbbwAXmRwVCYDFp5t0DlnyiY0/IizunHUxFapl9B6SNRFPhJVbUCNV07
/yzsRU+TcNnV1oGQE9+uWTIelUQmc5cvMiaIlW7fifrqPAKCCnk2imYI1Tx1jsVl
VqLo1Jalt+iZGKsEt6I3ST6LX1k/QFkz7BmJ4Yz+NdwwN6/Jq5rufFxLWGdIYPdI
N4PnNBVMK0ooLqbaatRO
=PYYu
-----END PGP SIGNATURE-----
Merge tag 'debian/4.7.5-1'
Drop ABI maintenance patches.
2016-09-26 02:16:56 +01:00
Ben Hutchings
7a0f81fe53
ext4: Fix checksum validation for inodes with small i_extra_isize
...
Closes : #838544 , regression in 4.7.4
2016-09-25 22:00:56 +01:00
Ben Hutchings
bdec0fe8f0
Update to 4.7.5
2016-09-25 03:05:35 +01:00
Ben Hutchings
b37c595561
Release linux (4.7.4-2).
...
-----BEGIN PGP SIGNATURE-----
iQIcBAABCgAGBQJX4HvgAAoJEOe/yOyVhhEJq9cP/j1XO1dNpOXxq0JZod66K1sl
JIC4LPZ3i+kiAD0amMZiAexAuCpqCDjinjVr/pAhEoAa79983tFoY9yWjDCAW+9H
0j7Torb5wQ76BlyXCjSoaztcQmzQ1YiCvjIzk4hCJCcvqdTuA1MMr7+AbXAgi3xE
Es/G7ai+7SK5suEYgsbliM2ndFFMtIDqgpvDVDFNBDt61m2RXKxw7SQwyItIx+Hn
n7Aq/P+LP7BjMSP6nW6EafF/RidbAwq4x+FKqzGyZhVQV7c3YFbh0EA7lVcTDhC7
A1ZbdeUjiFhUKchRPa56qf+eAI8sBEeU3Ga1mhpkxL8RkFKwvWmmB2J0tBE7KHgw
WCy+8nPxnLAq3eVIkOcB3MuvNdM9DvvtQ7X5NjXnBIfq06OX4y+C+udMpafmegTG
5YB3FVppFQNGZcOxeF9hCQspHGvBsTGRYoK3hxzx4AY94E1cakl08oZte4dHYALz
GvP/tjbLH5i/g9djVNGtfZCHKMZbDq2QhD60GNwFoN/ssX4Q/L3q4N+eyJD9KoQM
Bu44v1ZY7M13F4t5JUomjU2e5mze3opxEB2C7vIoyJfaUvtAWX/mn8SysDGdT0OJ
zd8ow6IntzcL+mqxrarOPMenSt2yqoQ6WdkYkpF5aCTj2GJyAkU7dUWfWdKWtLM7
yjuIvqRAcVzMU9XuU8uf
=s0s4
-----END PGP SIGNATURE-----
Merge tag 'debian/4.7.4-2'
- Drop ABI references and ABI maintenance patches
- Fix Kconfig symbols for omapdss sub-drivers, which were renamed for 4.8
2016-09-22 01:17:51 +01:00
Ben Hutchings
2d327101d1
[arm64] mm: Limit TASK_SIZE_64 for compatibility
2016-09-16 16:40:35 +01:00
Ben Hutchings
ab1157972f
[powerpcspe] xmon: Don't use ld on 32-bit ( Closes : #836741 )
2016-09-12 20:38:54 +01:00
Ben Hutchings
63e9d321c9
mm, oom: prevent premature OOM killer invocation for high order request
...
Fixes a regression in 4.7 and someone already asked for this.
2016-09-09 20:49:48 +01:00
Ben Hutchings
7dd9d01ac5
Update to 4.7.3
2016-09-07 22:07:27 +01:00
Ben Hutchings
95a7eda177
Update to 4.8-rc5
2016-09-07 21:27:44 +01:00
Ben Hutchings
507f588e72
drivers/net/phy/marvell: Fix mis-applied patch causing build failure
...
We patch out some of the code here by inserting #if 0...#endif. When
I last rebased, one of the #endifs ended up much too far down.
2016-09-03 13:00:10 +01:00
Ben Hutchings
1222968771
Update to 4.8-rc3
2016-08-28 19:52:50 +01:00
Ben Hutchings
47ba702e2c
liblockdep: Move dummy definition of prandom_u32() to fix missing declaration
2016-08-28 15:03:02 +01:00
Ben Hutchings
2c76695c24
aacraid: Check size values after double-fetch from user (CVE-2016-6480)
2016-08-27 23:17:17 +01:00
Ben Hutchings
0db6147b7d
tcp: fix use after free in tcp_xmit_retransmit_queue() (CVE-2016-6828)
2016-08-27 23:14:24 +01:00
Ben Hutchings
6ab7944873
kbuild: Do not export variable name with hyphen ( Closes : #833561 )
2016-08-26 01:43:33 +01:00
Ben Hutchings
68c8135d73
Add hppa/parisc bug fixesfrom Helge Deller
2016-08-25 18:30:06 +01:00
Ben Hutchings
2fddcf7c7f
usbip: Use the locally-installed <linux/usbip.h>
...
Some years back I patched the #include of <linux/usbip.h> to include
the current, uninstalled version through a relative path because the
system-installed version will normally be outdated. We're about to
start copying the source to avoid writing autotools crap into the
source directory, which breaks this relative path.
Since we now install the UAPI headers under debian/build at the start
of the tools build, drop the patch and add that directory to the
include path.
2016-08-25 01:28:48 +01:00
Ben Hutchings
7a54b56ad5
Merge branch 'sid'
...
Drop rt patchset updates as they don't apply to 4.7.
Drop various other patches already in 4.7.
Fold the remaining Debian changes in the open changelog entry for 4.6.7-1
into the open changelog entry here.
2016-08-24 20:43:19 +01:00
Ben Hutchings
f445dbb9d9
Update to 4.7.2
...
Note the CVE IDs and Debian bugs fixed.
Drop the patches that have gone upstream.
2016-08-24 20:40:14 +01:00
Salvatore Bonaccorso
a7280813ac
Update to 4.6.7
2016-08-16 11:13:39 +02:00
Ben Hutchings
d42cdc5bfe
audit: fix a double fetch in audit_log_single_execve_arg() (CVE-2016-6136)
2016-08-12 16:27:20 +01:00
Ben Hutchings
8bc5e687b1
[powerpc*] KVM: Book3S HV: Save/restore TM state in H_CEDE (CVE-2016-5412)
2016-08-12 16:25:34 +01:00
Salvatore Bonaccorso
7184d7bfd9
tcp: make challenge acks less predictable (CVE-2016-5696)
2016-08-12 06:52:28 +02:00
Salvatore Bonaccorso
457d8bb6bd
Update to 4.6.6
2016-08-11 16:29:28 +02:00
Salvatore Bonaccorso
c0e269c0cd
libata: LITE-ON CX1-JB256-HP needs lower max_sectors
...
Closes : #830971
2016-08-05 15:40:08 +02:00
Salvatore Bonaccorso
c2a8f662b5
vfs: ioctl: prevent double-fetch in dedupe ioctl (CVE-2016-6516)
2016-08-02 06:47:28 +02:00
Uwe Kleine-König
f8edc4357a
Fix perf to be able to find debug info based on build-id.
2016-07-31 22:35:09 +02:00
Ben Hutchings
e8c1b8e306
Update to 4.6.5
...
Drop patches applied upstream.
There are some ABI changes still to be resolved.
2016-07-31 01:50:59 +01:00
Ben Hutchings
4e86887dda
Update to 4.7-rc7
2016-07-14 10:50:31 +01:00
Salvatore Bonaccorso
f000506362
apparmor: fix oops, validate buffer size in apparmor_setprocattr() (CVE-2016-6187)
2016-07-13 20:30:05 +02:00
Salvatore Bonaccorso
1a1a829223
Update to 4.6.4
2016-07-13 17:57:14 +02:00
Uwe Kleine-König
0818af71cc
Cherry pick patches for rtc-s35390a from next
...
This fixes shutting down some QNAP NAS devices after being waked up by
the rtc.
2016-07-12 21:44:39 +02:00
Ben Hutchings
ade54804a1
[powerpc*] tm: Always reclaim in start_thread() for exec() class syscalls (CVE-2016-5828)
2016-07-03 16:33:29 +02:00
Ben Hutchings
aab434acde
[x86] Fix incompatiblity between kaslr and hibernation
...
* [amd64] power: Fix crash whan the hibernation code passes control to the
image kernel
* [x86] KASLR, power: Remove x86 hibernation restrictions
2016-07-02 19:29:28 +02:00
Salvatore Bonaccorso
3c35987b05
HID: hiddev: validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands (CVE-2016-5829)
2016-06-30 14:53:31 +02:00
Ben Hutchings
419d6356df
Update to 4.6.3
2016-06-27 00:58:54 +02:00
Ben Hutchings
12183bf924
nfsd: check permissions when setting ACLs (CVE-2016-XXXX)
2016-06-25 00:56:15 +02:00
Ben Hutchings
9fd7bbdf1a
netfilter: x_tables: Add fixes for CVE-2016-4997, CVE-2016-4998
...
...and probably other issues never assigned an ID.
2016-06-25 00:19:29 +02:00
Ben Hutchings
f5f99415a2
percpu: Fix synchronization with chunk destruction (CVE-2016-4794)
2016-06-25 00:19:08 +02:00
Ben Hutchings
b782c52536
KEYS: potential uninitialized variable (CVE-2016-4470)
2016-06-25 00:18:47 +02:00
Ben Hutchings
eb1373a157
Update to 4.7-rc4
2016-06-20 13:40:09 +01:00
Ben Hutchings
8313db8a43
Add Forwarded URL for cpupower soversion bump
2016-06-18 13:00:14 +01:00
Ben Hutchings
a808d3112b
Release linux (4.6.2-1).
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABCgAGBQJXYbBEAAoJEAVMuPMTQ89EM8wP/3llI8Jr6Q+2ktVOqYQ7U0JT
+UEzEuKlVS+3/SjFZv8dAqpM018OJDIiccgzjvuny6MSYHiH//yWG4lC8O2WikBA
RhfbUsNWFImEkwhY8wD1cjuF0QIXNtR7qOKdCPX5wQUiG469WF4F4l3lgWoo01ub
hYXNsGebIjZTQE6KWGm97pvSRNFPT18DulANGpe9m804y2Xs+dQn6dVHKaSYT0BF
labA6C+hCmbMos3gEYNzjbmU9fxYpS98pXq7uc04ryBj3UjGoBlmxeip9yrIiC0I
oZr8kAxz5PCRSqPnhZqE51WO6eLaWIrEGGTnb6sOtbHYsTrNu8iHpWXVCkB8/2GL
LYhOJn3AyqJE4yb69EKSWL7cbVEqyVJHkGntGhTm+tKJP0QmnKlhQY47aViPt4Fc
IXQvUOeG94GROooRTNLp9/3N2di4p4YPNv2QgM5lUJjySWUMCNzw/MjpYfvuIHrp
bowSN5EYDpO6WqcZZVHogM9hJ2Aq+zWYkfK4f38r4T4+g0T8IQ8qMCY/o/LV7uod
KUbQ7SIHK7uAMT9BpJuslCwvwhKdf/9y/bcuOkB2alfR52uApdDkL04uD5jIbjaL
fElOyQPmJPNe0zxP6yZp4G3/JbMhWdX+qc77+GWkj27mBqnBEZKBHjCmU/6Vfv2Y
VolsoZ6sfxJ1pxlUcWPt
=li3O
-----END PGP SIGNATURE-----
Merge tag 'debian/4.6.2-1'
2016-06-18 12:59:57 +01:00
Ben Hutchings
ece80cbbec
liblockdep: Add all the patches submitted upstream; drop one that's obsolete
...
(cherry picked from commit 9d20ab14dd77ffa306f6eb70c447c73f69077773)
2016-06-14 23:27:41 +01:00
Salvatore Bonaccorso
95cba203d5
rds: fix an infoleak in rds_inc_info_copy (CVE-2016-5244)
2016-06-11 07:26:02 +02:00
Salvatore Bonaccorso
01be9139c0
tipc: fix an infoleak in tipc_nl_compat_link_dump (CVE-2016-5243)
2016-06-11 07:18:28 +02:00
Salvatore Bonaccorso
91d6f22ed8
Stack overflow via ecryptfs and /proc/$pid/environ (CVE-2016-1583)
...
proc: prevent stacking filesystems on top
ecryptfs: forbid opening files without mmap handler
sched: panic on corrupted stack end
2016-06-11 07:11:08 +02:00
Ben Hutchings
ff5804f208
cpupower: Bump soname version and rename library package accordingly
2016-06-10 14:47:48 +01:00
Ben Hutchings
906f7b1351
Update to 4.7-rc2
...
[rt] Disable until it is updated for 4.7 or later
2016-06-10 14:47:48 +01:00
Ben Hutchings
1537ff1314
Update to 4.6.2
2016-06-09 17:44:47 +01:00
Ben Hutchings
4e2a281abe
Update to 4.6.1
2016-06-05 14:30:35 +01:00
Ben Hutchings
6976b08b12
Release linux (4.5.5-1).
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAV0te3Oe/yOyVhhEJAQodqBAAjpkEuBm2kSlQD1y8qeb/+1+CxJPcqIH1
DHTyMpFHQvX5VT+vCX83WhiWncMz85z7f0wcElpNaZ/3ExOQzbmrIwsucgXRXVUS
txKxHaQQv8uU1m8dgxqjOWP80+IT71H9rBcitfrRqyzLiEhC1mPOfvxjtGTOJWw+
Lohie5WPMMsfrahQGw4srPMcpVRwVKuX5N+azgk6rg8VA7rxyxQaMZRg3rr+N7Aw
btwVC5vyL8K5Be0LnveR/PdOosaUU6XzyT7kNT0fLSO9H4bWenielHaduSDI5iU4
WcPRhymrHv0dBDvbyw8vkJMDd+/1x9gWk4/DHFQNw1miaUx87N+vKyC4rZ7Lqc2d
4n/hpq3HjPBZqC07Q0mddeTy7OoN4obYSXTipIu9rWBsTJtcxxwSUVg86+xo03Zg
bb0VoEudp9JZGBMLS8PjBJ66d+/p7Q47YnKV7ZwNKyLwRq4AMo65L7PeUJflNHvj
UmJrOG/6AJ6bi+eXrWDbwAA8mrwdPPKu+QzBSQ9c6hm4CFmgkgWTH/oA2iPsp7AX
iqcPgKp6XA8YLXpiDeCqvMV5cSkGD67cpIcgTB0CrH7KILXD61cP8QEl7eaWiBMW
MW9IPDeEBEmEN3ST2tg1H7udEzzpEZXHg4NZ5gOZ7lMZphbILrapJYuUf3PDdZKL
Ccz9YH5eSuE=
=gSlx
-----END PGP SIGNATURE-----
Merge tag 'debian/4.5.5-1'
2016-05-29 22:33:26 +01:00
Ben Hutchings
1edaa5dd82
Re-apply "[media] videobuf2-v4l2: Verify planes array in buffer dequeueing"
...
This was reverted upstream in 4.5.5 due to a regression but we have a fix for
the regression (probably).
2016-05-29 22:20:52 +01:00
Ben Hutchings
46e3b9492a
dwc3-exynos: Fix deferred probing storm
...
Closes : #823552 ; thanks to Steinar H. Gunderson
2016-05-29 22:05:54 +01:00
Ben Hutchings
08942bb065
Add upstream fixes for various information leaks
2016-05-29 21:25:44 +01:00
Ben Hutchings
5bec7a0097
[x86] kvm:vmx: more complete state update on APICv on/off (CVE-2016-4440)
2016-05-23 02:35:36 +01:00
Ben Hutchings
327c921aa7
Update to 4.5.5
...
Drop changes that were applied upstream.
Fix/ignore ABI changes.
2016-05-23 02:34:41 +01:00
Ben Hutchings
b88823f96b
Revert "stmmac: Fix 'eth0: No PHY found' regression" ( Closes : #823493 )
2016-05-23 00:59:46 +01:00
Salvatore Bonaccorso
342ba3d57d
tipc: check nl sock before parsing nested attributes (CVE-2016-4951)
2016-05-21 16:53:08 +02:00
Aurelien Jarno
d961748cbb
Update patches URL now that they are in Linus tree
2016-05-20 11:23:49 +02:00
Ben Hutchings
a65b751ecf
Add Forwarded/Origin headers to patches as appropriate
2016-05-17 14:44:47 +01:00
Ben Hutchings
5ba72559a1
Re-apply "[media] videobuf2-v4l2: Verify planes array in buffer dequeueing"
...
This was reverted upstream in 4.6 due to a regression but we have a fix for
the regression (probably).
2016-05-16 20:06:26 +01:00
Ben Hutchings
eaafcf8a39
Release linux (4.5.4-1).
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAVzoWxue/yOyVhhEJAQrD5RAAnOQWbgH3JJ/48u366vvlvebkKdfgdUQw
wyj+rfxCxWbb2i8iGh+gk4aN9FlNfmzUlPgA2esXJiCpjmZ+Ffj0aF8k7W4HkGPw
/dX2tuBEj7NKQ6TLY1BK9rzs8DQKMRw7lQ7r+uLlt0o8MjKMJg0FaA1UteC09trB
AXcSZdIeAtyPaMk1mBk3qcNsDMTIb/K3zk03sGy8HKwWgJJmHbcTm4/XWEzOOZUd
HYInRPiK724qMoIG+BkI+oigvaXEvuxHKMfKWdryKHsIyvAu4l/1myeBk/xy65Cv
/ga+NQQHJt8mfiWfleljKU9DC4wN/SQ5Nr9wzFC512TQfFVmu47BlIQPQWZ1oHjP
FQom301HEFTKqZRTIqOU6IQ+TPSSHWPPvD8jmmRFXycasvDkP0t2RNuM3gbhwU3b
9hui/YUlbzQUJOgWRitnRMk1jXtHLkQm8vRf7AIVXxT5+6u4EiZUvk6gNjg3Jz6h
dHkkrgCWzZgYIdAvqa8OF2j2ejSQUcBW3yxpSnw0T9YOxo4IiF+Il/dxwSDSX5BI
tBoNyzNH62yMOjGSQXcYOdr64KE1mjXpST+x1tRdU+n74ifP2CtA57o93WB6Gn5z
wVAuVeGmEAbIl7EcHl5r6ZC58da5syTl0BZEbH9YM54eLlM+qyLOwM0vWAztuIa5
ciXotUkDZrM=
=oSkt
-----END PGP SIGNATURE-----
Merge tag 'debian/4.5.4-1'
2016-05-16 20:00:43 +01:00
Ben Hutchings
0c5a10d4c1
Update to 4.6
...
Rebase patch series.
2016-05-16 19:49:24 +01:00
Salvatore Bonaccorso
be1c8b16ab
KVM: MTRR: remove MSR 0x2f8 (CVE-2016-3713)
2016-05-16 13:47:07 +02:00
Ben Hutchings
48902f4f1a
videobuf2-core: Fix crash after fixing CVE-2016-4568
2016-05-16 03:33:38 +01:00
Ben Hutchings
3eae053b85
uapi glibc compat: fix compile errors when glibc net/if.h included before linux/if.h
...
Closes : #822393
2016-05-16 03:23:55 +01:00
Ben Hutchings
efbab1e4bf
Add various upstream fixes with known or probable security impact
2016-05-16 03:23:35 +01:00
Salvatore Bonaccorso
2365caa1f9
Further cleanup patch headers for net-fix-infoleak-in-llc.patch
2016-05-15 21:58:27 +02:00
Salvatore Bonaccorso
c67a821486
Use correct patch header for via git format-patch-for-debian
2016-05-15 20:09:17 +02:00
Salvatore Bonaccorso
88ec3673ad
net: fix infoleak in llc (CVE-2016-4485)
2016-05-15 20:04:29 +02:00
Salvatore Bonaccorso
de9a44e36f
KEYS: Fix ASN.1 indefinite length object parsing (CVE-2016-0758)
2016-05-14 05:18:04 +02:00
Aurelien Jarno
1275559aac
[arm,x86] Fix memory corruption in KVM with THP enabled.
2016-05-12 23:52:30 +02:00
Salvatore Bonaccorso
2c6d72a09e
Update to 4.5.4
2016-05-12 21:22:09 +02:00
Aurelien Jarno
b101f08c76
[mips*] Fix PR_SET_FPMODE issues with multi-threaded programs.
2016-05-11 00:17:22 +02:00
Ben Hutchings
b92b4d15f0
Update to 4.6-rc7
2016-05-08 23:56:51 +01:00
Ben Hutchings
be31f1ecd5
Release linux (4.5.3-2).
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAVy9ITOe/yOyVhhEJAQq2Tw/+IbJSVFZ3v7J7I6ZwZuJLmhnEpPyuE1Md
OkJieChhe0wpnIFQD3fhHsKClXUzHORahq8O4qGd5BPb9ttYSr7Hm/SvPxQK91Cr
mP857CZWNopLatVbKAzmQ3unFcpD/zbTGr2iC0IBmu4TJQBMr2tDejd2ndlq2psG
YoaHSh1wHutenaF9iFQ2/H2V6ScM7DX9DMTOrqhFxaIkc7WaJSjpVoKCrYxRFQUX
9ogMqxPRqTzsEBxS0PwO1vBTDx2OgwkmvnY0rOj1fpswgEfwvS4XO46EpiFx45Mc
grzDW6jrKMKWpeH1JC1YLvOltR/nSx4vM3E5sbjSKJQv0F1oIoQuKyfRLOw9Oe3q
4/7xqS5/aNJ9aaNPi4p7/L8JdGtkJEW26XczgXbKRlY4AfKvt7bPTztoe4KQOSDA
roqmj7f782nJOerQxKScsE7HM6DpLViSoGhCyf0DNnqwQaUKDyaLhdu0LNA73wCx
FMFQfZnDN8Yg0UP5BJouSoKprf4hL7CiQcMcfXqLj/QsNB8vCjfs6offKtZ7bckZ
Si1L2proXY3esQ95Npd2HIKDo4gGajQ8Xkpkf9+6FZdhMLm/w17y9kppgVlcKQ/T
q/emN0JEuzxMkvtZbmVMRzd0NI4tXzlBwOVcASMzI0ak5CLOPoWO0Cc/jOYg24H3
yabrIvpcq0s=
=jVBT
-----END PGP SIGNATURE-----
Merge tag 'debian/4.5.3-2'
Drop the ABI reference files and patches.
Rebase patches added on the sid branch.
2016-05-08 21:47:32 +01:00
Ben Hutchings
4ebee8024b
[powerpc*] Fix sstep compile on powerpcspe
...
Closes : #823526 ; thanks to Lennart Sorensen
2016-05-08 12:08:04 +01:00
Ben Hutchings
8b31e1c0a6
Update to 4.5.3
...
Drop changes which were included or superceded upstream.
Fix ABI changes.
2016-05-07 19:40:36 +01:00
Ben Hutchings
405645d788
Add bpf security fixes
2016-05-05 23:13:51 +01:00
Ben Hutchings
ae6831e8b6
Update to 4.6-rc6
2016-05-05 22:17:45 +01:00
Ben Hutchings
5416c1a1e3
Revert "sp5100_tco: fix the device check for SB800 and later chipsets"
...
Probably fixes #822651 , #823146
2016-05-02 21:25:40 +02:00
Ben Hutchings
fc5b920758
Release linux (4.5.2-1).
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAVyKf7Oe/yOyVhhEJAQqAnQ//cXPxmlNgmpwl9YUWt7WWjMBr4fyShKp0
0MIcV8O7G1Jaov8valxFnSp7/LEDkA5bkQFec39ZKR4jjnkATCY7LWhC35PDe7fK
gSIu4+jhnAFMsedRcqlbugsnQAkZGfxPWvxBVqy7veBmMSEywnEs7XW/PVZBWLdX
kBmTwqoE5aKnaEYa2HwT53zKZBO4zG3AqHJAnU71DLf20cIPXm/zYthxatQs8GYs
AybmlejWWkZgpob6CSax8zoSvUuSJGIU63RaH4z8IT6I7C0imcAJ6qwqR5nKtkzb
zDmG81mmxGT1JAxptIeaJQw9qAnygFWKrRxk/uERoFhpFXYiropCuP7bTG7DZgDc
Nqec5PLt37Y6bV6eaKXpk/0IyvBdO5We+GUOTgf39v9HtDc6rKvHrTMtlr7DEKot
9d+P9ybQlEwB61pe1HU9lGUKSjMAA6RKsa3qAWcZJQYLylrFVYPbnIsVk3EG6z5v
0+F1rzTGPcB9iEUp1lKTOw+qk/13tKrLNvAX/Wz9RBpPUvNy2BBXNnEP8I5pCBV4
C2iyQZAJuGtTHdH96LjVXq9vX78ohnRcOQVrimq8/X6HWrOSU0WYWWJkxcHl4D3d
3Z6iOrrqWg95NIC/YH3iZHdKsq2KeHGsApZBBYitKCtCfkVchv7nfAb5rocc7u25
LeOq7Rc/dIM=
=BJL3
-----END PGP SIGNATURE-----
Merge tag 'debian/4.5.2-1'
2016-04-29 02:25:02 +02:00
Ben Hutchings
d345dad8c9
Input: gtco - fix crash on detecting device without endpoints (CVE-2016-2187)
2016-04-28 17:21:17 +02:00
Ben Hutchings
32586f7a95
tools/build: Fix bpf(2) feature test (fixes FTBFS on alpha, sh4; closes : #822364 )
2016-04-28 16:27:44 +02:00
Ben Hutchings
d251b99807
memcg: remove lru_add_drain_all() invocation from mem_cgroup_move_charge()
...
Closes : #822084
2016-04-28 16:24:28 +02:00
Ben Hutchings
9321f394c6
[sparc] Implement and wire up hotplug and modalias_show for vio
...
Thanks to Adrian Glaubitz; closes : #815977
2016-04-28 00:09:05 +02:00
Ben Hutchings
f69db0a093
Update to 4.6-rc5
2016-04-27 23:50:01 +02:00
Ben Hutchings
dff5585589
module: Invalidate signatures on force-loaded modules
2016-04-23 20:48:33 +02:00
Ben Hutchings
2d9dcd6be6
atl2: Disable unimplemented scatter/gather feature (CVE-2016-2117)
2016-04-22 08:10:30 +01:00
Ben Hutchings
b20f5e22b0
[armel/marvell] dts: kirkwood: fix SD slot default configuration for OpenRD ( Closes : #811351 )
2016-04-22 08:06:49 +01:00
Ben Hutchings
fe835b64b1
Update to 4.5.2
...
As this includes changes to header_ops and dentry_operations, bump
the ABI number to 2.
2016-04-22 08:05:48 +01:00
Aurelien Jarno
c5cec59895
[mips*] Emulate unaligned LDXC1 and SDXC1 instructions.
2016-04-22 00:01:29 +02:00
Salvatore Bonaccorso
9c63adf133
[x86] USB: usbip: fix potential out-of-bounds write (CVE-2016-3955)
2016-04-19 16:30:27 +02:00
Ben Hutchings
690df616c2
fs: Consolidate softdep declarations in each module
2016-04-14 20:40:33 +01:00
Salvatore Bonaccorso
92f972094e
[x86] xen: suppress hugetlbfs in PV guests (CVE-2016-3961)
2016-04-14 20:57:52 +02:00
Ben Hutchings
f4701f7d70
Update to 4.6-rc3
...
Refresh or drop *many* patches.
aufs: Update support patches to aufs4.x-rcN-20160328
2016-04-14 15:00:19 +01:00
Ben Hutchings
e49fde3f56
fs: Add '#include <linux/module.h>' where necessary in the crypto softdep patch
2016-04-14 00:35:10 +01:00
Ben Hutchings
c37887e538
Re-group the patch series
2016-04-13 23:31:28 +01:00
Ben Hutchings
1d7f287b7a
[x86] ACPI / processor: Request native thermal interrupt handling via _OSC ( Closes : #817016 , #819336 )
2016-04-13 23:06:17 +01:00
Ben Hutchings
df965c4112
fs: Add MODULE_SOFTDEP declarations for hard-coded crypto drivers ( Closes : #819725 )
2016-04-13 22:17:00 +01:00
Ben Hutchings
aac56d9572
[x86] mm/32: Enable full randomization on i386 and X86_32 (CVE-2016-3672)
2016-04-13 21:26:06 +01:00