debian-packaging
/
linux
8
0
Fork 0
Code Releases Activity
12,726 Commits 2 Branches 0 Tags 493 MiB
Commit Graph

2087 Commits

Author SHA1 Message Date
Ben Hutchings d42cdc5bfe audit: fix a double fetch in audit_log_single_execve_arg() (CVE-2016-6136) 2016-08-12 16:27:20 +01:00
Ben Hutchings 8bc5e687b1 [powerpc*] KVM: Book3S HV: Save/restore TM state in H_CEDE (CVE-2016-5412) 2016-08-12 16:25:34 +01:00
Salvatore Bonaccorso 7184d7bfd9 tcp: make challenge acks less predictable (CVE-2016-5696) 2016-08-12 06:52:28 +02:00
Salvatore Bonaccorso 457d8bb6bd Update to 4.6.6 2016-08-11 16:29:28 +02:00
Salvatore Bonaccorso c0e269c0cd libata: LITE-ON CX1-JB256-HP needs lower max_sectors 
Closes: #830971
 2016-08-05 15:40:08 +02:00
Salvatore Bonaccorso c2a8f662b5 vfs: ioctl: prevent double-fetch in dedupe ioctl (CVE-2016-6516) 2016-08-02 06:47:28 +02:00
Uwe Kleine-König f8edc4357a Fix perf to be able to find debug info based on build-id. 2016-07-31 22:35:09 +02:00
Ben Hutchings e8c1b8e306 Update to 4.6.5 
Drop patches applied upstream.

There are some ABI changes still to be resolved.
 2016-07-31 01:50:59 +01:00
Ben Hutchings 4e86887dda Update to 4.7-rc7 2016-07-14 10:50:31 +01:00
Salvatore Bonaccorso f000506362 apparmor: fix oops, validate buffer size in apparmor_setprocattr() (CVE-2016-6187) 2016-07-13 20:30:05 +02:00
Salvatore Bonaccorso 1a1a829223 Update to 4.6.4 2016-07-13 17:57:14 +02:00
Uwe Kleine-König 0818af71cc Cherry pick patches for rtc-s35390a from next 
This fixes shutting down some QNAP NAS devices after being waked up by
the rtc.
 2016-07-12 21:44:39 +02:00
Ben Hutchings ade54804a1 [powerpc*] tm: Always reclaim in start_thread() for exec() class syscalls (CVE-2016-5828) 2016-07-03 16:33:29 +02:00
Ben Hutchings aab434acde [x86] Fix incompatiblity between kaslr and hibernation 
* [amd64] power: Fix crash whan the hibernation code passes control to the
  image kernel
* [x86] KASLR, power: Remove x86 hibernation restrictions
 2016-07-02 19:29:28 +02:00
Salvatore Bonaccorso 3c35987b05 HID: hiddev: validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands (CVE-2016-5829) 2016-06-30 14:53:31 +02:00
Ben Hutchings 419d6356df Update to 4.6.3 2016-06-27 00:58:54 +02:00
Ben Hutchings 12183bf924 nfsd: check permissions when setting ACLs (CVE-2016-XXXX) 2016-06-25 00:56:15 +02:00
Ben Hutchings 9fd7bbdf1a netfilter: x_tables: Add fixes for CVE-2016-4997, CVE-2016-4998 
...and probably other issues never assigned an ID.
 2016-06-25 00:19:29 +02:00
Ben Hutchings f5f99415a2 percpu: Fix synchronization with chunk destruction (CVE-2016-4794) 2016-06-25 00:19:08 +02:00
Ben Hutchings b782c52536 KEYS: potential uninitialized variable (CVE-2016-4470) 2016-06-25 00:18:47 +02:00
Ben Hutchings eb1373a157 Update to 4.7-rc4 2016-06-20 13:40:09 +01:00
Ben Hutchings 8313db8a43 Add Forwarded URL for cpupower soversion bump 2016-06-18 13:00:14 +01:00
Ben Hutchings a808d3112b Release linux (4.6.2-1). 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCgAGBQJXYbBEAAoJEAVMuPMTQ89EM8wP/3llI8Jr6Q+2ktVOqYQ7U0JT
 +UEzEuKlVS+3/SjFZv8dAqpM018OJDIiccgzjvuny6MSYHiH//yWG4lC8O2WikBA
 RhfbUsNWFImEkwhY8wD1cjuF0QIXNtR7qOKdCPX5wQUiG469WF4F4l3lgWoo01ub
 hYXNsGebIjZTQE6KWGm97pvSRNFPT18DulANGpe9m804y2Xs+dQn6dVHKaSYT0BF
 labA6C+hCmbMos3gEYNzjbmU9fxYpS98pXq7uc04ryBj3UjGoBlmxeip9yrIiC0I
 oZr8kAxz5PCRSqPnhZqE51WO6eLaWIrEGGTnb6sOtbHYsTrNu8iHpWXVCkB8/2GL
 LYhOJn3AyqJE4yb69EKSWL7cbVEqyVJHkGntGhTm+tKJP0QmnKlhQY47aViPt4Fc
 IXQvUOeG94GROooRTNLp9/3N2di4p4YPNv2QgM5lUJjySWUMCNzw/MjpYfvuIHrp
 bowSN5EYDpO6WqcZZVHogM9hJ2Aq+zWYkfK4f38r4T4+g0T8IQ8qMCY/o/LV7uod
 KUbQ7SIHK7uAMT9BpJuslCwvwhKdf/9y/bcuOkB2alfR52uApdDkL04uD5jIbjaL
 fElOyQPmJPNe0zxP6yZp4G3/JbMhWdX+qc77+GWkj27mBqnBEZKBHjCmU/6Vfv2Y
 VolsoZ6sfxJ1pxlUcWPt
 =li3O
 -----END PGP SIGNATURE-----

Merge tag 'debian/4.6.2-1'
 2016-06-18 12:59:57 +01:00
Ben Hutchings ece80cbbec liblockdep: Add all the patches submitted upstream; drop one that's obsolete 
(cherry picked from commit 9d20ab14dd77ffa306f6eb70c447c73f69077773)
 2016-06-14 23:27:41 +01:00
Salvatore Bonaccorso 95cba203d5 rds: fix an infoleak in rds_inc_info_copy (CVE-2016-5244) 2016-06-11 07:26:02 +02:00
Salvatore Bonaccorso 01be9139c0 tipc: fix an infoleak in tipc_nl_compat_link_dump (CVE-2016-5243) 2016-06-11 07:18:28 +02:00
Salvatore Bonaccorso 91d6f22ed8 Stack overflow via ecryptfs and /proc/$pid/environ (CVE-2016-1583) 
proc: prevent stacking filesystems on top

ecryptfs: forbid opening files without mmap handler

sched: panic on corrupted stack end
 2016-06-11 07:11:08 +02:00
Ben Hutchings ff5804f208 cpupower: Bump soname version and rename library package accordingly 2016-06-10 14:47:48 +01:00
Ben Hutchings 906f7b1351 Update to 4.7-rc2 
[rt] Disable until it is updated for 4.7 or later
 2016-06-10 14:47:48 +01:00
Ben Hutchings 1537ff1314 Update to 4.6.2 2016-06-09 17:44:47 +01:00
Ben Hutchings 4e2a281abe Update to 4.6.1 2016-06-05 14:30:35 +01:00
Ben Hutchings 6976b08b12 Release linux (4.5.5-1). 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIVAwUAV0te3Oe/yOyVhhEJAQodqBAAjpkEuBm2kSlQD1y8qeb/+1+CxJPcqIH1
 DHTyMpFHQvX5VT+vCX83WhiWncMz85z7f0wcElpNaZ/3ExOQzbmrIwsucgXRXVUS
 txKxHaQQv8uU1m8dgxqjOWP80+IT71H9rBcitfrRqyzLiEhC1mPOfvxjtGTOJWw+
 Lohie5WPMMsfrahQGw4srPMcpVRwVKuX5N+azgk6rg8VA7rxyxQaMZRg3rr+N7Aw
 btwVC5vyL8K5Be0LnveR/PdOosaUU6XzyT7kNT0fLSO9H4bWenielHaduSDI5iU4
 WcPRhymrHv0dBDvbyw8vkJMDd+/1x9gWk4/DHFQNw1miaUx87N+vKyC4rZ7Lqc2d
 4n/hpq3HjPBZqC07Q0mddeTy7OoN4obYSXTipIu9rWBsTJtcxxwSUVg86+xo03Zg
 bb0VoEudp9JZGBMLS8PjBJ66d+/p7Q47YnKV7ZwNKyLwRq4AMo65L7PeUJflNHvj
 UmJrOG/6AJ6bi+eXrWDbwAA8mrwdPPKu+QzBSQ9c6hm4CFmgkgWTH/oA2iPsp7AX
 iqcPgKp6XA8YLXpiDeCqvMV5cSkGD67cpIcgTB0CrH7KILXD61cP8QEl7eaWiBMW
 MW9IPDeEBEmEN3ST2tg1H7udEzzpEZXHg4NZ5gOZ7lMZphbILrapJYuUf3PDdZKL
 Ccz9YH5eSuE=
 =gSlx
 -----END PGP SIGNATURE-----

Merge tag 'debian/4.5.5-1'
 2016-05-29 22:33:26 +01:00
Ben Hutchings 1edaa5dd82 Re-apply "[media] videobuf2-v4l2: Verify planes array in buffer dequeueing" 
This was reverted upstream in 4.5.5 due to a regression but we have a fix for
the regression (probably).
 2016-05-29 22:20:52 +01:00
Ben Hutchings 46e3b9492a dwc3-exynos: Fix deferred probing storm 
Closes: #823552; thanks to Steinar H. Gunderson
 2016-05-29 22:05:54 +01:00
Ben Hutchings 08942bb065 Add upstream fixes for various information leaks 2016-05-29 21:25:44 +01:00
Ben Hutchings 5bec7a0097 [x86] kvm:vmx: more complete state update on APICv on/off (CVE-2016-4440) 2016-05-23 02:35:36 +01:00
Ben Hutchings 327c921aa7 Update to 4.5.5 
Drop changes that were applied upstream.

Fix/ignore ABI changes.
 2016-05-23 02:34:41 +01:00
Ben Hutchings b88823f96b Revert "stmmac: Fix 'eth0: No PHY found' regression" (Closes: #823493) 2016-05-23 00:59:46 +01:00
Salvatore Bonaccorso 342ba3d57d tipc: check nl sock before parsing nested attributes (CVE-2016-4951) 2016-05-21 16:53:08 +02:00
Aurelien Jarno d961748cbb Update patches URL now that they are in Linus tree 2016-05-20 11:23:49 +02:00
Ben Hutchings a65b751ecf Add Forwarded/Origin headers to patches as appropriate 2016-05-17 14:44:47 +01:00
Ben Hutchings 5ba72559a1 Re-apply "[media] videobuf2-v4l2: Verify planes array in buffer dequeueing" 
This was reverted upstream in 4.6 due to a regression but we have a fix for
the regression (probably).
 2016-05-16 20:06:26 +01:00
Ben Hutchings eaafcf8a39 Release linux (4.5.4-1). 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIVAwUAVzoWxue/yOyVhhEJAQrD5RAAnOQWbgH3JJ/48u366vvlvebkKdfgdUQw
 wyj+rfxCxWbb2i8iGh+gk4aN9FlNfmzUlPgA2esXJiCpjmZ+Ffj0aF8k7W4HkGPw
 /dX2tuBEj7NKQ6TLY1BK9rzs8DQKMRw7lQ7r+uLlt0o8MjKMJg0FaA1UteC09trB
 AXcSZdIeAtyPaMk1mBk3qcNsDMTIb/K3zk03sGy8HKwWgJJmHbcTm4/XWEzOOZUd
 HYInRPiK724qMoIG+BkI+oigvaXEvuxHKMfKWdryKHsIyvAu4l/1myeBk/xy65Cv
 /ga+NQQHJt8mfiWfleljKU9DC4wN/SQ5Nr9wzFC512TQfFVmu47BlIQPQWZ1oHjP
 FQom301HEFTKqZRTIqOU6IQ+TPSSHWPPvD8jmmRFXycasvDkP0t2RNuM3gbhwU3b
 9hui/YUlbzQUJOgWRitnRMk1jXtHLkQm8vRf7AIVXxT5+6u4EiZUvk6gNjg3Jz6h
 dHkkrgCWzZgYIdAvqa8OF2j2ejSQUcBW3yxpSnw0T9YOxo4IiF+Il/dxwSDSX5BI
 tBoNyzNH62yMOjGSQXcYOdr64KE1mjXpST+x1tRdU+n74ifP2CtA57o93WB6Gn5z
 wVAuVeGmEAbIl7EcHl5r6ZC58da5syTl0BZEbH9YM54eLlM+qyLOwM0vWAztuIa5
 ciXotUkDZrM=
 =oSkt
 -----END PGP SIGNATURE-----

Merge tag 'debian/4.5.4-1'
 2016-05-16 20:00:43 +01:00
Ben Hutchings 0c5a10d4c1 Update to 4.6 
Rebase patch series.
 2016-05-16 19:49:24 +01:00
Salvatore Bonaccorso be1c8b16ab KVM: MTRR: remove MSR 0x2f8 (CVE-2016-3713) 2016-05-16 13:47:07 +02:00
Ben Hutchings 48902f4f1a videobuf2-core: Fix crash after fixing CVE-2016-4568 2016-05-16 03:33:38 +01:00
Ben Hutchings 3eae053b85 uapi glibc compat: fix compile errors when glibc net/if.h included before linux/if.h 
Closes: #822393
 2016-05-16 03:23:55 +01:00
Ben Hutchings efbab1e4bf Add various upstream fixes with known or probable security impact 2016-05-16 03:23:35 +01:00
Salvatore Bonaccorso 2365caa1f9 Further cleanup patch headers for net-fix-infoleak-in-llc.patch 2016-05-15 21:58:27 +02:00
Salvatore Bonaccorso c67a821486 Use correct patch header for via git format-patch-for-debian 2016-05-15 20:09:17 +02:00
Salvatore Bonaccorso 88ec3673ad net: fix infoleak in llc (CVE-2016-4485) 2016-05-15 20:04:29 +02:00
Salvatore Bonaccorso de9a44e36f KEYS: Fix ASN.1 indefinite length object parsing (CVE-2016-0758) 2016-05-14 05:18:04 +02:00
Aurelien Jarno 1275559aac [arm,x86] Fix memory corruption in KVM with THP enabled. 2016-05-12 23:52:30 +02:00
Salvatore Bonaccorso 2c6d72a09e Update to 4.5.4 2016-05-12 21:22:09 +02:00
Aurelien Jarno b101f08c76 [mips*] Fix PR_SET_FPMODE issues with multi-threaded programs. 2016-05-11 00:17:22 +02:00
Ben Hutchings b92b4d15f0 Update to 4.6-rc7 2016-05-08 23:56:51 +01:00
Ben Hutchings be31f1ecd5 Release linux (4.5.3-2). 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIVAwUAVy9ITOe/yOyVhhEJAQq2Tw/+IbJSVFZ3v7J7I6ZwZuJLmhnEpPyuE1Md
 OkJieChhe0wpnIFQD3fhHsKClXUzHORahq8O4qGd5BPb9ttYSr7Hm/SvPxQK91Cr
 mP857CZWNopLatVbKAzmQ3unFcpD/zbTGr2iC0IBmu4TJQBMr2tDejd2ndlq2psG
 YoaHSh1wHutenaF9iFQ2/H2V6ScM7DX9DMTOrqhFxaIkc7WaJSjpVoKCrYxRFQUX
 9ogMqxPRqTzsEBxS0PwO1vBTDx2OgwkmvnY0rOj1fpswgEfwvS4XO46EpiFx45Mc
 grzDW6jrKMKWpeH1JC1YLvOltR/nSx4vM3E5sbjSKJQv0F1oIoQuKyfRLOw9Oe3q
 4/7xqS5/aNJ9aaNPi4p7/L8JdGtkJEW26XczgXbKRlY4AfKvt7bPTztoe4KQOSDA
 roqmj7f782nJOerQxKScsE7HM6DpLViSoGhCyf0DNnqwQaUKDyaLhdu0LNA73wCx
 FMFQfZnDN8Yg0UP5BJouSoKprf4hL7CiQcMcfXqLj/QsNB8vCjfs6offKtZ7bckZ
 Si1L2proXY3esQ95Npd2HIKDo4gGajQ8Xkpkf9+6FZdhMLm/w17y9kppgVlcKQ/T
 q/emN0JEuzxMkvtZbmVMRzd0NI4tXzlBwOVcASMzI0ak5CLOPoWO0Cc/jOYg24H3
 yabrIvpcq0s=
 =jVBT
 -----END PGP SIGNATURE-----

Merge tag 'debian/4.5.3-2'

Drop the ABI reference files and patches.

Rebase patches added on the sid branch.
 2016-05-08 21:47:32 +01:00
Ben Hutchings 4ebee8024b [powerpc*] Fix sstep compile on powerpcspe 
Closes: #823526; thanks to Lennart Sorensen
 2016-05-08 12:08:04 +01:00
Ben Hutchings 8b31e1c0a6 Update to 4.5.3 
Drop changes which were included or superceded upstream.

Fix ABI changes.
 2016-05-07 19:40:36 +01:00
Ben Hutchings 405645d788 Add bpf security fixes 2016-05-05 23:13:51 +01:00
Ben Hutchings ae6831e8b6 Update to 4.6-rc6 2016-05-05 22:17:45 +01:00
Ben Hutchings 5416c1a1e3 Revert "sp5100_tco: fix the device check for SB800 and later chipsets" 
Probably fixes #822651, #823146
 2016-05-02 21:25:40 +02:00
Ben Hutchings fc5b920758 Release linux (4.5.2-1). 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIVAwUAVyKf7Oe/yOyVhhEJAQqAnQ//cXPxmlNgmpwl9YUWt7WWjMBr4fyShKp0
 0MIcV8O7G1Jaov8valxFnSp7/LEDkA5bkQFec39ZKR4jjnkATCY7LWhC35PDe7fK
 gSIu4+jhnAFMsedRcqlbugsnQAkZGfxPWvxBVqy7veBmMSEywnEs7XW/PVZBWLdX
 kBmTwqoE5aKnaEYa2HwT53zKZBO4zG3AqHJAnU71DLf20cIPXm/zYthxatQs8GYs
 AybmlejWWkZgpob6CSax8zoSvUuSJGIU63RaH4z8IT6I7C0imcAJ6qwqR5nKtkzb
 zDmG81mmxGT1JAxptIeaJQw9qAnygFWKrRxk/uERoFhpFXYiropCuP7bTG7DZgDc
 Nqec5PLt37Y6bV6eaKXpk/0IyvBdO5We+GUOTgf39v9HtDc6rKvHrTMtlr7DEKot
 9d+P9ybQlEwB61pe1HU9lGUKSjMAA6RKsa3qAWcZJQYLylrFVYPbnIsVk3EG6z5v
 0+F1rzTGPcB9iEUp1lKTOw+qk/13tKrLNvAX/Wz9RBpPUvNy2BBXNnEP8I5pCBV4
 C2iyQZAJuGtTHdH96LjVXq9vX78ohnRcOQVrimq8/X6HWrOSU0WYWWJkxcHl4D3d
 3Z6iOrrqWg95NIC/YH3iZHdKsq2KeHGsApZBBYitKCtCfkVchv7nfAb5rocc7u25
 LeOq7Rc/dIM=
 =BJL3
 -----END PGP SIGNATURE-----

Merge tag 'debian/4.5.2-1'
 2016-04-29 02:25:02 +02:00
Ben Hutchings d345dad8c9 Input: gtco - fix crash on detecting device without endpoints (CVE-2016-2187) 2016-04-28 17:21:17 +02:00
Ben Hutchings 32586f7a95 tools/build: Fix bpf(2) feature test (fixes FTBFS on alpha, sh4; closes: #822364) 2016-04-28 16:27:44 +02:00
Ben Hutchings d251b99807 memcg: remove lru_add_drain_all() invocation from mem_cgroup_move_charge() 
Closes: #822084
 2016-04-28 16:24:28 +02:00
Ben Hutchings 9321f394c6 [sparc] Implement and wire up hotplug and modalias_show for vio 
Thanks to Adrian Glaubitz; closes: #815977
 2016-04-28 00:09:05 +02:00
Ben Hutchings f69db0a093 Update to 4.6-rc5 2016-04-27 23:50:01 +02:00
Ben Hutchings dff5585589 module: Invalidate signatures on force-loaded modules 2016-04-23 20:48:33 +02:00
Ben Hutchings 2d9dcd6be6 atl2: Disable unimplemented scatter/gather feature (CVE-2016-2117) 2016-04-22 08:10:30 +01:00
Ben Hutchings b20f5e22b0 [armel/marvell] dts: kirkwood: fix SD slot default configuration for OpenRD (Closes: #811351) 2016-04-22 08:06:49 +01:00
Ben Hutchings fe835b64b1 Update to 4.5.2 
As this includes changes to header_ops and dentry_operations, bump
the ABI number to 2.
 2016-04-22 08:05:48 +01:00
Aurelien Jarno c5cec59895 [mips*] Emulate unaligned LDXC1 and SDXC1 instructions. 2016-04-22 00:01:29 +02:00
Salvatore Bonaccorso 9c63adf133 [x86] USB: usbip: fix potential out-of-bounds write (CVE-2016-3955) 2016-04-19 16:30:27 +02:00
Ben Hutchings 690df616c2 fs: Consolidate softdep declarations in each module 2016-04-14 20:40:33 +01:00
Salvatore Bonaccorso 92f972094e [x86] xen: suppress hugetlbfs in PV guests (CVE-2016-3961) 2016-04-14 20:57:52 +02:00
Ben Hutchings f4701f7d70 Update to 4.6-rc3 
Refresh or drop *many* patches.

aufs: Update support patches to aufs4.x-rcN-20160328
 2016-04-14 15:00:19 +01:00
Ben Hutchings e49fde3f56 fs: Add '#include <linux/module.h>' where necessary in the crypto softdep patch 2016-04-14 00:35:10 +01:00
Ben Hutchings c37887e538 Re-group the patch series 2016-04-13 23:31:28 +01:00
Ben Hutchings 1d7f287b7a [x86] ACPI / processor: Request native thermal interrupt handling via _OSC (Closes: #817016, #819336) 2016-04-13 23:06:17 +01:00
Ben Hutchings df965c4112 fs: Add MODULE_SOFTDEP declarations for hard-coded crypto drivers (Closes: #819725) 2016-04-13 22:17:00 +01:00
Ben Hutchings aac56d9572 [x86] mm/32: Enable full randomization on i386 and X86_32 (CVE-2016-3672) 2016-04-13 21:26:06 +01:00
Ben Hutchings e01d7b854c ipv4: Don't do expensive useless work during inetdev destroy (CVE-2016-3156) 2016-04-13 21:24:19 +01:00
Ben Hutchings d0292c6f67 netfilter: x_tables: Fix parsing of IPT_SO_SET_REPLACE blobs (CVE-2016-3134) 2016-04-13 21:11:40 +01:00
Ben Hutchings 6e05e68d7a Update to 4.5.1 2016-04-13 20:49:29 +01:00
Ben Hutchings 76de9f06e0 scripts: Fix X.509 PEM support in sign-file 
DER format works but it's easier if we can use PEM everywhere.
 2016-04-04 19:28:26 +01:00
Ben Hutchings ea7af96b4d Merge branch 'benh/merge-linux-tools' 
The primary reason not to build userland tools from src:linux was that
it allowed building with a minimal cross-toolchain and without the
target's glibc development files.  In particular, the CI system at
kernel-archive.buildserver.net used such minimal cross-toolchains.

It is been a long time since kernel-archive.buildserver.net was
running, so the original reason for the separation no longer exists.
If we implement CI using similarly limited toolchains again, we can use
a build-profile to exclude userland builds, as these are now well
supported.

This merges the full history of both source packages together,
including in debian/changelog (which looks rather weird).  The binary
packages resulting from this merge appear to be functionally the same,
though I can't be certain there's no regression.
 2016-04-02 15:13:23 +01:00
Ben Hutchings d3da98fed6 Cherry-pick ZONE_DEVICE changes from linux-next 2016-03-25 13:45:59 +00:00
Ben Hutchings f24971b257 Rename and regroup patches from linux-tools 
Move patches specific to Debian packaging under debian/, and bug fixes that
could go upstream belong under bugfix/.  Put them in two separate groups in
the series.
 2016-03-21 03:14:46 +00:00
Ben Hutchings 5c1a796192 [x86] vmxnet3: fix lock imbalance in vmxnet3_tq_xmit() (regression in 4.5) 2016-03-20 11:38:22 +00:00
Ben Hutchings 42fd34bcd1 Release linux (4.4.6-1). 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIVAwUAVuqe6ue/yOyVhhEJAQrUXhAAiL6ngAdCWDQRnkyS57hOm1wn8kVUtgHS
 DNJaSdc1Kh3y/H97RjsyQsSisGGpADVwz4lrPdl91104+muhHHDdgwQSXpcNLsLf
 USF5apNnKFm/fPHG9puTzAtXNWTeY7AMDF5FaNLWVTcCyhBpZZzp257AswrCZHc7
 7WWf4WNC2ShBiXidyPj7yYzBJn6VHeJRmUpq5EhQZW/t6aQud3biYTu4eE5QWrni
 CsU/gof1UT0nrN4iAnYp31saAm62ZhgnNDthfV2ihiGKw7uSlBm12PgsndE3XksM
 Kz/ANdW6ygd+GTsA63OjihOA4BDfX7rsu0rZfpuG+sMWmLfWmBH3olAs0aUjix8H
 0VPx9Z6bzGvUaelIo2uu3i5XxYE8Qc/74HCnuGs+oqaW1YJzvMoOzaxdRK51bKsA
 dpbYi+aievqkTzblgIKKCz/hn9DL8WWnYMvFXkB67MUGeM9gzAFCsjAZJkOpEOOm
 /mngZe7bs9FKBNbhnsdk2IS4G5g6/pa3RbBKK7P00gMKrx42jHN91uKCXn3B6ok8
 hlecoqiadRKU18RikXKtkSIZKSlGzIFs0ipS5XgUZxFY9z4QsJZ/FZUHRzCuNG43
 eLI4C8ongD/mbR58RTxRnwFmdy1mvQVtNnkqb8Ezr5F5x9FAY4YbIyVwH2yzDNhG
 QQ9b6gS5yyo=
 =5Nfc
 -----END PGP SIGNATURE-----

Merge tag 'debian/4.4.6-1'
 2016-03-20 01:15:39 +00:00
Ben Hutchings 37886b6ea3 netfilter: x_tables: check for size overflow (CVE-2016-3135) 2016-03-17 01:15:05 +00:00
Ben Hutchings 67517892da Update to 4.4.6 2016-03-17 01:04:39 +00:00
Ben Hutchings 35ecf69e71 Revert "drm/radeon/pm: adjust display configuration after powerstate" 
Reported to cause a regression on some older hardware.
 2016-03-16 04:09:45 +00:00
Ben Hutchings 328762c833 [amd64] Fix more regressions due to "efi: Build our own page table structure" 
- efi: Fix boot crash by always mapping boot service regions into new EFI
  page tables (Closes: #815125)
- mm/pat: Fix boot crash when 1GB pages are not supported by cpu

Although I don't have confirmation from Norbert Preining for #815125, it
does look like these fix all the remaining regressions.
 2016-03-14 23:45:22 +00:00
Ben Hutchings 1e5b912113 Update to 4.5 2016-03-14 11:51:52 +00:00
Ben Hutchings f0dae39dd6 [x86] drm/i915: Fix oops caused by fbdev initialization failure 2016-03-12 12:13:53 +00:00
Ben Hutchings f909b077b6 [powerpc*] Revert "powerpc: Simplify module TOC handling" 
It is not needed to fix #808043 and causes a regression on ppc64el.
See http://thread.gmane.org/gmane.linux.kernel.stable/166201/focus=166415
 2016-03-09 02:14:30 +00:00
Ben Hutchings acdae5bf41 Release linux (4.4.4-1). 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIVAwUAVt36Iue/yOyVhhEJAQq2sBAAsaH+xQpVkN6ebowtW4thLPrrqzRoIg3N
 a5LnM1ujK9EaQCj/ArtvD0VwLlYtUYSVGRhRJ+ipDGcQFkRTQhi1go4rymdKpTeg
 eUWlbL8raP4Zn+CoX1TUXRuLl2mtIGQWdGUnbVV6vgqMudirvV4l6rhG7kqfkB/J
 uuGaFK7xncI+rqBaPwnX1Gdoyltz88BMPW4H1XyN9tZRActH+k8EaqFURrP2Bk8/
 SL/2vQ6/YVrSp3VAmWiKBXLghEHOe8zXTiJWt5QpZt4F5EHA3CKIdUrxpOy/iMyk
 8bRwFCA11DA1BqVVlboZcerMFAHMwbPb8Z1p6MB6IwBzJ2XxShK2XqW/bxNmwbcy
 vQQQGqfkhXWU9hakDqgos/O7cHAcz9PnIdg0nKMOyc42p5OiJ6+OiHLntfyGzW8s
 keq3xfV0CUMbfg7AF1pKJv6IdrvQBIUzvPK+JiZVb7c8q+rGYaTBbWFn2oISAWWa
 hmyoYvi6XIhVEiBuwdtCzKz7E8MaPun+QjnJTU0dhj1HEA5gSbMl9VY7dqxAC4qR
 bp5WU/qFvMMGdJanSDW1PSSr3QZ7d2TB/oK2aPrYDh7JMWIBfjERrV6dTcZSHTa2
 xePncYxYq/BQMf2CZF3hNL3XVaF3Y/V7MDg1KdTpWNJb25pjo4WhsXsAR1kJBJJY
 prNUjENK65M=
 =g/x1
 -----END PGP SIGNATURE-----

Merge tag 'debian/4.4.4-1'

Drop changes to the ABI reference and ignore list.

Drop most of the new patches as they're already upstream.

Drop the -rt featureset update.
 2016-03-07 22:19:34 +00:00
Ben Hutchings 80ba0eaab8 [powerpc*] Fix module linking to work with binutils 2.26 (Closes: #808043) 
Cherry-picked these two patches from upstream:
- Simplify module TOC handling
- Fix dedotify for binutils >= 2.26
 2016-03-07 15:37:29 +00:00
Ben Hutchings d2894c9e58 Revert "drm/radeon: call hpd_irq_event on resume" 
It is reported to cause regressions (crash/hang) on some systems.
 2016-03-07 07:58:04 +00:00
Ben Hutchings 54a4358d99 Update to 4.5-rc7 2016-03-07 03:05:13 +00:00
Ben Hutchings 9f9bdca061 uas: Fix high-order alloc 2016-03-05 18:44:05 +00:00
Salvatore Bonaccorso 13ca0a257b Update to 4.4.4 
Drop patches included in it.
 2016-03-04 14:42:26 +01:00
Ben Hutchings 62226211b4 Update to 4.5-rc6 2016-03-02 14:33:44 +00:00
Uwe Kleine-König 4db36a2b1c genirq: Validate action before dereferencing it in handle_irq_event_percpu() 2016-03-01 20:15:44 +01:00
Salvatore Bonaccorso bcf60af755 Update to 4.4.3 
Drop several patches that are included in it.
 2016-02-28 07:57:17 +01:00
Aurelien Jarno dbe11b4d3b [x86] KVM: fix conversion of addresses to linear in 32-bit protected mode. 2016-02-26 09:29:37 +01:00
Ben Hutchings 5810ec7828 unix: correctly track in-flight fds in sending process user_struct 
Fixes a regression caused by the previous partial fix for CVE-2013-4312.

Ignore ABI changes as we never build unix sockets as a module and
nothing OOT should use the scm functions.
 2016-02-24 01:47:32 +00:00
Ben Hutchings c9699a3466 Release linux (4.4.2-3). 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIVAwUAVsm3ree/yOyVhhEJAQrSkhAAwKvXAXe3oiSV8xFAwykpp3XxeBznCdre
 /nCb5mE9+Dx7j/k7PCo1SeTtZjRqj7pfW7mjJ4ZIR1fWpfiF+ch4+WPaLn/QcxIS
 tqBFx5JzWjOP5MtxCgm5pr9YBkfibH/HDpLpwSY1FlLj1wTx8LcZyDc0cR4ntbDu
 S6p1Hi1ajVwaHlyYobNkN2OJdnGelI1wdQ2wYvQOo3Vv+xJOrF13fxoZ/f6e4fEp
 cBpHaA05N+Hv6VlAZTJ6YbuKkhruOG1IO6Ku4x9/E7IU/BD9bofd+khA8XO4j+mg
 a6/g+F/tygZ9XVrhl+gKig7VhndZJ5tH5QrIIttn7OWwA/FT7VtxRPtjQ9eyfwgH
 ZYx4s2kxBmcmMduwssGz47JQ9sb5kIBQfs4P4YxPFF5oVibCCcLCkVgkM/42MThS
 u1dslGOHli6wvzI+BOiN/h3GQOCJxYFC6xgYZyuN/zi8ZLbhbxSHRPGn5QhbQOBd
 dNyDEjKkrXiYzPLgb+mj3m9J8QXlI2RtD9AXPuk0eYj/I1K5VOFkai/1ysuP2Mfj
 xKvX4ZAVJSxKO5D7T1g55Vo/tXbuW0gs/sWrguMYBXFJsfI154y7voKDYkk9l5PI
 E1YSwPsUdOmYmlRf+1/CPH+MzLnu2y0TP6Y1jTyKPOxOkVzzRLnbqhHRLD8PFkN0
 3MEENRL3asg=
 =Htrh
 -----END PGP SIGNATURE-----

Merge tag 'debian/4.4.2-3'
 2016-02-21 13:17:07 +00:00
Ben Hutchings aae9cf4b6f Update to 4.5-rc5 2016-02-21 04:12:42 +00:00
Ben Hutchings 88d259a75c [x86] efi-bgrt: Fix kernel panic when mapping BGRT data (Closes: #815125) 
Plus the following fix-up.
 2016-02-20 23:25:05 +00:00
Ben Hutchings 416a13b622 [powerpc] mm: Fix HAVE_ARCH_SOFT_DIRTY dependencies (fixes FTBFS) 
Drop the previous attempted fix, which didn't work.
 2016-02-20 17:29:49 +00:00
Ben Hutchings 6b46662b94 swapops.h: Add #include to fix build failure on powerpc 2016-02-20 04:31:41 +00:00
Ben Hutchings c232b093cb [armel,armhf] net: mv643xx_eth: fix packet corruption with TSO and tiny unaligned packets. 
This looks like it fixes #814681.
 2016-02-18 16:45:54 +00:00
Ben Hutchings cdcc46b5c4 Release linux (4.4.2-1). 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIVAwUAVsT0Jue/yOyVhhEJAQo96w/+IZBasj9Vf3KovHNaOXaW1rZL6GRVNzpB
 OSNqINfAEtvOR8RuwAcA/zgHy7NNDS9CkDQgjGdJKIhdXXem7mG7Oo3iEwb5osL7
 HhUPmeTmXqsa5C6GWzNtERrtX6N8XtBV3inR8iSS46XOm+RHq5UnffqZB35DqUbq
 G0h5hiZSXXIXbn0MYJWSPAekAmTXdcevGUoe8bIBD+wH/X4oPINmQLkH6PL5iK7B
 KHbf7dJ+JnmbsKJdBpfZvPoa6B1a9FL3HLKkOQjmYF0YjIzZe14JHnvjZNULBmj9
 eqmwpfPxAmR5XQgUBu1TPx37FB/nJdMUjZQNz01k0Ybv3l6lKocc7YwX3kViitqe
 CiWqbq7LPwN1QNGI6Sf7UB/1XjWJPzWsYoZ0AjDH3ihIPrxmYCdjJstFXr0W3qEG
 4e3pJv8gqHxP5SSmE5PQQcS8uiisHmADHZc7C02mxWGDLpqb3gmtgrGqQRFjkk55
 tpn8jz2fGGt5VQkhpSBE8wWG4fHRFwiLaAsCVv9jE36pLNq5M9U9VnilCPeoTkti
 JcDfPYBjma6RVADIU6tkNnjxJcHFXAqEb5Jn0Wq89GGaS1egAlch4K/XYS+OnIH9
 m2Fg4P+TdMePDYxh40tNTIwwHcHLffNfe9K+Ien/DmffuQ87Jk4hfKPW/ZXDO3jO
 qdrmLXK2BEg=
 =syys
 -----END PGP SIGNATURE-----

Merge tag 'debian/4.4.2-1'

Drop rt featureset changes.

Drop patches that are already in 4.5-rc4.

Keep the ABI version at 'trunk'.
 2016-02-17 22:45:34 +00:00
Ben Hutchings edd433b85f Update to 4.4.2 
Drop patches included in it.

Refresh rt patches with textual conflicts.
 2016-02-17 21:19:37 +00:00
Ben Hutchings 96504c2870 IFF_NO_QUEUE: Fix for drivers not calling ether_setup() (regression in 4.3) 2016-02-17 18:00:31 +00:00
Ben Hutchings fcd5547ba0 [i386/686-pae] mm: Fix types used in pgprot cacheability flags translations 2016-02-16 02:04:23 +00:00
Ben Hutchings 5b76884dc2 [amd64] efi: Build our own page table structure 
This avoids adding W+X pages to the default page table, which is not
only bad for security but also now triggers a warning on boot.
 2016-02-16 02:03:55 +00:00
Ben Hutchings 4b4fa14653 Update to 4.5-rc4 
Drop many, many patches which went upstream.  Refresh others for
filename or context changes, and for removal of radeon UMS support.

[rt] Disable until it is updated for 4.5 or later

aufs: Update support patches to aufs4.x-rcN-20160215
 2016-02-15 17:37:08 +00:00
Ben Hutchings b84086545e ALSA: usb-audio: avoid freeing umidi object twice (CVE-2016-XXXX) 2016-02-14 04:55:59 +00:00
Ben Hutchings 29ef5032ac bpf: fix branch offset adjustment on backjumps after patching ctx expansion 
CVE ID to be assigned.
 2016-02-14 04:54:45 +00:00
Ben Hutchings 3c25ed439a af_unix: Don't set err in unix_stream_read_generic unless there was an error 
This fixes a regression in 4.4, also introduced in 4.3.4 and various
other stable updates.
 2016-02-13 00:56:13 +00:00
Ben Hutchings 2d5f78b62a Revert "workqueue: make sure delayed work run in local cpu" 
This caused a regression in 4.3
 2016-02-13 00:30:07 +00:00
Ben Hutchings 83fd76229d af_unix: Guard against other == sk in unix_dgram_sendmsg (regression in 4.2.6-2) 2016-02-13 00:23:18 +00:00
Ben Hutchings 1c28b9c3ed fs/hugetlbfs/inode.c: fix bugs in hugetlb_vmtruncate_list() (CVE-2016-0617) 
Fixes a regression in 4.3.
 2016-02-12 23:43:07 +00:00
Ben Hutchings 95ece6ebc6 iw_cxgb3: Fix incorrectly returning error on success (CVE-2015-8812) 2016-02-12 23:34:37 +00:00
Ben Hutchings 6c26fa513e Release linux (4.3.5-1). 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIVAwUAVrbUcee/yOyVhhEJAQqY7RAAvLy0Z5eKYP7/Re1jHCuYqGFwhgIig+uo
 yscoEqKlSWUwC7Tio5ar+oydqdvRyUOYB+ABXvpnQb+ImsPF5xNwYDLO5OIVGIuh
 yc7RgHROYzDMYSqO8ToDAJbhPfd/UVUp25gJQqdbmozXr9lMPL1zH3/d5FUQgrcz
 2AmCFDa6nvcCg6SxuT8IFl2lsDsPA7WI3AYUnFKVwxpwSGwZQmhH4G6SDBOTGd4n
 Zx8ySfHle+Jz4aIYyD6jAFV4RVCsucwswwD78PYDZlfqxr29IzdwOx4MJNuLzxGp
 A6/FVRg6V7b+/1E1BKS7wUAoN2F7JyXgrro7QsZEyq+ckQY/9CyfLopC0shx3+xv
 2nQLGLb3rFySKkYXFBPJdQacr0zGRtEa5QdRWRVYPCUvXc2ju5pv8DTINzb7aW+6
 tkec0Wks5LeDa+zVzbAJHpVgnE3PBSTJHpRWaqZv1C5avp92MmnphXxpjj5ifB2b
 /eu6PzF4zAwM0Sr8aBY2riELQXMbFmtAE60+weMUjYHiL4MHc/yDNHtpjiz3zgrQ
 qptf26uuHClC/FmMq+9jhTlbsXb9X30XWG94Dif0A46iAHAyRrO200DUlMYqx3KF
 tDtHKHsJ2rqso6WQhuLOgd37qTKlt93rA6Se4bbDASQKdQealbY3COsYS1eulyJI
 HXXB8qbopJI=
 =cqNy
 -----END PGP SIGNATURE-----

Merge tag 'debian/4.3.5-1'
 2016-02-07 05:28:43 +00:00
Ben Hutchings af8b80ce07 Fix yet another ABI change due to CVE-2013-4312 mitigation 2016-02-06 23:25:11 +00:00
Ben Hutchings ef736f8440 pipe: limit the per-user amount of pages allocated in pipes (CVE-2013-4312) 2016-02-04 20:34:11 +00:00
Ben Hutchings 3180443250 rt2x00: fix monitor mode regression (regression in 4.2) 2016-02-01 17:16:15 +00:00
Ben Hutchings 1ba618c3d3 Update to 4.4.1 2016-02-01 10:59:35 +00:00
Ben Hutchings ba1393105a Update to 4.3.5 
Drop several patches that are included in it.

Fix/ignore various ABI changes.
 2016-02-01 10:27:12 +00:00
Ben Hutchings 20ed8bdbac x86/mm: Add barriers and document switch_mm()-vs-flush synchronization (CVE-2016-2069) 
Plus a follow-up fix to the comments.
 2016-01-29 03:42:16 +00:00
Aurelien Jarno 237b83662e [mips*] Backport math emulation fix from 4.5. 2016-01-27 22:33:18 +01:00
Salvatore Bonaccorso b1fa3fac88 netfilter: nf_nat_redirect: add missing NULL pointer check (CVE-2015-8787) 2016-01-27 19:25:20 +01:00
Ben Hutchings 76c256b5b8 SCSI: fix crashes in sd and sr runtime PM (Closes: #801925) 2016-01-27 01:32:15 +00:00
Salvatore Bonaccorso cdfc3b2f30 tcp: fix zero cwnd in tcp_cwnd_reduction (CVE-2016-2070) 2016-01-26 09:00:04 +01:00
Ben Hutchings 024851fa3a fuse: break infinite loop in fuse_fill_write_pages() 
This doesn't have a CVE ID yet.
 2016-01-23 22:57:21 +00:00
Ben Hutchings 9b355e6846 Update to 4.3.4 2016-01-23 12:11:55 +00:00
Ben Hutchings 7aef5117c3 Release linux (4.3.3-6). 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIVAwUAVp48e+e/yOyVhhEJAQovuQ//Qqsr1OgRXNSxEZ9x6Szj+4wlhcHwnCB/
 hgAU+Lhkic44oGuNy9Hu9gnsiEqgWtDAXF1ZKFa+6iNsHEunommB84qc6a9qrtJ7
 TGzKaqyXQmvrQj9j9u5/09nw3Bx+LqZqRtGGN6kBwyTUhP0ndg6xfHtSZXP6JAAf
 8AKb5hvef25x9E4ZA9d2VzsgMwgtg9utxlZj/5WGhC4BwbkV96RrZu+hqO1akqsp
 bPKmKER0HDGvIqOfJQYTqjLAY4LjTGMLZAfcPeLn7gzT5Io+cujqy1K3JnqxRaWM
 5/bauyFnMaTiaN+oeozTtjs2wkdr+4EljGu0+WJAsvK8rQ6/mVJsqEcx8ESwuYx7
 lch8NBERfG0mGCEcpn+J5hsye7w9LQHugT1eKdrxx8JA1aiamnfofYE6XGYhURkx
 j0p2A5wZnB0T1j52mEwwa7HtNY0mgCfvFy1z45zVeQDyGH/09a/ZDCJf7ildOOLu
 cPDjyw3dGAi7HpeM2EkMCzZa342PaNYR//vfBRLb6kgQjMLgVev9jdf/mv2mqsB8
 qIDC1AtI1Tl9b3CTRGZ9RIdGZ93UpiiKKSoLpRyowuZYLej0Zk8zSfsbPDhwPq0c
 F+JiMqIQDZh/ggC9rzGCDbntqNv9oYk3r2WuLalGZQhP7lPig5J5Dz2i221RGCyu
 MjbiTh1PG1I=
 =vF8G
 -----END PGP SIGNATURE-----

Merge tag 'debian/4.3.3-6'
 2016-01-19 13:44:04 +00:00
Ben Hutchings e9490659aa KEYS: Fix keyring ref leak in join_session_keyring() (CVE-2016-0728) 2016-01-19 00:41:25 +00:00
Ben Hutchings e90dec2a0e bcache: Add upstream fixes marked for stable 
- fix a livelock when we cause a huge number of cache misses
- Add a cond_resched() call to gc
- clear BCACHE_DEV_UNLINK_DONE flag when attaching a backing device
- fix a leak in bch_cached_dev_run()
- unregister reboot notifier if bcache fails to unregister device
- allows use of register in udev to avoid "device_busy" error.
- prevent crash on changing writeback_running
- Change refill_dirty() to always scan entire disk if necessary

As requested in
https://lists.debian.org/debian-backports/2016/01/msg00067.html
 2016-01-17 21:59:33 +00:00
Ben Hutchings a9736a8ea4 Revert "block/sd: Fix device-imposed transfer length limits" 
This introduces an ABI change and it's not obvious how to work around that.
 2016-01-17 16:40:35 +00:00
Salvatore Bonaccorso f335c0cfcc unix: properly account for FDs passed over unix sockets (CVE-2013-4312) 2016-01-17 09:27:47 +01:00
Ben Hutchings 10211ef4c3 [x86] drm/vmwgfx: Fix a width / pitch mismatch on framebuffer updates 2016-01-16 04:04:53 +00:00
Ben Hutchings 74cadf39f7 block/sd: Fix device-imposed transfer length limits (Closes: #805252) 2016-01-16 03:50:08 +00:00
Ben Hutchings 18e70e2c53 Add some security fixes 2016-01-14 23:39:40 +00:00
Ben Hutchings d2547e3561 xen/gntdev: Grant maps should not be subject to NUMA balancing (Closes: #810472) 2016-01-08 19:32:35 +00:00
Ben Hutchings 0f11ea7f19 Update to 4.4-rc8 2016-01-04 01:57:00 +00:00
Ben Hutchings e2abaa403e Merge tag 'debian/4.3.3-3' 
Drop the ABI reference and ignored symbols.

Drop most of the patches, as they're already upstream.
 2016-01-02 19:18:54 +00:00
Ben Hutchings eafb4c30fd Revert "xhci: don't finish a TD if we get a short transfer event mid TD" 
Closes: #808602, #808953, regression in 4.3-rc7
 2016-01-02 03:09:56 +00:00
Ben Hutchings 50c5af2358 [armhf] crypto: sun4i-ss - add missing statesize (Closes: #808625) 2016-01-01 19:46:24 +00:00
Ben Hutchings 50263628e4 [x86] drm/i915: Don't compare has_drrs strictly in pipe config (Closes: #808720) 2016-01-01 19:24:50 +00:00
Ben Hutchings 45e2ecad07 drm/nouveau/pmu: do not assume a PMU is present (Closes: #809481) 2016-01-01 18:41:43 +00:00
Salvatore Bonaccorso abab5c2745 [x86] kvm: Reload pit counters for all channels when restoring state (CVE-2015-7513) 2015-12-31 15:49:59 +01:00
Ben Hutchings e57c91d886 KEYS: Fix race between read and revoke (CVE-2015-7550) 2015-12-31 02:53:31 +00:00
Ben Hutchings fd75678652 Update 'net: add validation for the socket syscall protocol argument' to upstream version 2015-12-27 19:21:59 +00:00
Ben Hutchings 6408412cc6 Add upstream references to selftest patches 2015-12-27 14:14:49 +00:00
Ben Hutchings 3fac5cf03c ptrace: being capable wrt a process requires mapped uids/gids 2015-12-27 06:19:08 +00:00
Ben Hutchings 7b6f99cec5 [xen] pciback: Fix state validation in MSI control operations (CVE-2015-8551, CVE-2015-8852, XSA-157) 2015-12-27 05:54:06 +00:00
Ben Hutchings 94b974ce0f [xen] Fix race conditions in back-end drivers (CVE-2015-8550, XSA-155) 2015-12-27 05:49:13 +00:00
Ben Hutchings 1ff79b037c bluetooth: Validate socket address length in sco_sock_bind() (CVE-2015-8575) 2015-12-27 04:26:45 +00:00
Ben Hutchings e9708970a6 pptp: verify sockaddr_len in pptp_bind() and pptp_connect() (CVE-2015-8569) 2015-12-27 04:26:45 +00:00
Ben Hutchings 5db0f0e307 block: ensure to split after potentially bouncing a bio (Closes: #809082) 2015-12-27 04:26:45 +00:00
Salvatore Bonaccorso d6b9e3f082 ovl: fix permission checking for setattr (CVE-2015-8660) 2015-12-24 06:42:25 +01:00
Ben Hutchings 0aaf811548 Update to 4.4-rc6 2015-12-21 11:13:30 +00:00
Ben Hutchings fc3ff0606d mm: Fix missing #include in <linux/mmdebug.h> (fixes FTBFS on arm64) 2015-12-19 20:32:14 +00:00
Ben Hutchings 70157abb7d Release linux (4.3.3-1). 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIVAwUAVnCT2+e/yOyVhhEJAQr+qw/9E5dEKfpAfOywx9lA0eQKKBx2yt2IkdGc
 0k9UFJlJc5xpOwEH03WOlU3XktlrwNzaT6U0Qvu6MW4Y77G60fDbAB/J+1jlYatK
 02CEUmBgrD5M6Cm/9J085mglIEt+5tq0RIZwAWx7iki53H/y1KQ6uski3oZwcguu
 Go5KP744Osen5cyJKgT+vV/VGHc+BJEMcNFNI1nlh71owTQKT2ZsLx8fd3ZIdGsB
 8rTC3pIsE8YjTcaRhKcJ1t6a19fX/2fD7KsfZTo8YdfLReg29CZ6TlQF8clzh8yH
 37RWnEEYZT3vDbLVFOr4RVj0/b5skJQmuC7Bs40dywPyjEK/OQHMUWdcw4ZAxsq1
 kNL9DhShF4G+HW58VOCRZSMO+R4R2Cl7JIz4bjhhPIOka9X/vn0yk/QgR6z16g0J
 DHc2zx9+OHlUgk89KpCtDYdzHth7uQAmg6WIJemVU1Mt4jdaHKoEtAI4iNkEjdby
 1LNnmYjukIixpTtb/NJGtyQPWSOOHnRQa7Cq36SngZoT4Gowb5hbDI9v+IrSQZUj
 ruEMqMl4Bcq3/R1HKdqcs0FK+obKceaHSoLH+ludH0U7UAjh3dqCotxHkX4DT+ws
 0CJAM1PIiiXG6n+TQve/wepG/Fv2yuOJg1BEo32Qjy5RtzhZf4vgZEYKJFrCGxR3
 oBYzz+yPcvg=
 =AlwC
 -----END PGP SIGNATURE-----

Merge tag 'debian/4.3.3-1'

Drop the ABI reference and ignored symbols.

Drop most of the patches, as they're already upstream.
 2015-12-16 17:15:08 +00:00
Ben Hutchings ca0bbf698b tipc: Fix kfree_skb() of uninitialised pointer (regression in 4.3.3) 2015-12-15 21:25:16 +00:00
Ben Hutchings 8fd06d9868 vrf: Fix broken backport of "vrf: fix double free and memory corruption on register_netdevice failure" in 4.3.3 2015-12-15 17:44:38 +00:00
Ben Hutchings c4e89babe4 Update to 4.3.3 
Drop 3 security fixes that were included in it.
 2015-12-15 17:40:55 +00:00
Ben Hutchings 61acdc692c net: add validation for the socket syscall protocol argument (CVE-2015-8543) 2015-12-14 20:59:45 +00:00
Ben Hutchings e97c318264 Drop another obsolete patch for X-Gene 
The xgene-reboot driver is now unused.
 2015-12-14 14:21:51 +00:00
Ben Hutchings a4febbdc67 [arm64] Drop now-redundant patch for X-Gene device tree (fixes FTBFS) 2015-12-14 02:51:41 +00:00
Ben Hutchings 1adea41376 Update metadata for patches that are in mainline with another commit hash 2015-12-13 04:52:07 +00:00
Ben Hutchings 405f12a12b [x86] nouveau: bios: return actual size of the buffer retrieved via _ROM (Closes: #772716) 2015-12-13 00:34:44 +00:00
Ben Hutchings efc870db16 [x86] drm/i915: Mark uneven memory banks on gen4 desktop as unknown swizzling (Closes: #780363) 2015-12-12 22:53:37 +00:00
Ben Hutchings d89f74a7ba [armel/kirkwood] dts: Fix QNAP TS219 power-off (Closes: #807696) 2015-12-11 18:36:54 +00:00
Ben Hutchings 824b04a59d Update to 4.4-rc4 
Refresh and drop patches as appropriate.

- Rewrite memcg disable patch to operate on cgroup_disable_mask
- The ancient Advansys Kconfig bug was fixed (differently) upstream
- ft1000 driver is gone, so we no longer need to remove its firmware
- One hunk of aufs4-mmap.patch is obsolete
 2015-12-10 18:13:16 +00:00
Ben Hutchings 26e03c2621 Update to 4.3.1 2015-12-09 23:48:47 +00:00
Ben Hutchings 12dc87aa9c Release linux (4.2.6-2). 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIVAwUAVmHQq+e/yOyVhhEJAQoKGw/+L3omCHQc+jEfre5v9KaKEFfDn/5wh2fF
 C1U2n9tW3Dje//k1t5IalN2bxugjg86lvyobnNo+fP3GxbEftr0OJFKspWDlREcT
 epebhVQwzIY5ilNaayIqU8+wO6N/Ocy7kDspDjT7aqKFs5ZxmKReR6mvqZzYtJX5
 W6lrinX03bcBLaFGgHOFJeI/6JapVC8LxQPiek2NYuEAnMsGdN0CDpZRqsmgNtjn
 PBYbfsfk/JMubr+2ddksZcQTPKoK5fcbbgHRgN76eKDEGZ9XychWlhA8VANw+dhx
 I572cypGXxfV6AoLky7VcP8WKmWQVNWsXTMaFd8j0703xF/ands/Ic8mZOiftfh9
 9Qg6yhDt16zBPk+6Ct2ce04TAEdaY6Zr4WZdYphgVrkoZQrMc1PUVJkg6cPC7bKZ
 XANEWus39vJmHIM82ETY2BpZ8+kdFqehWpo0PM8kCfL06fAm3inIsKDa7iyrpLbJ
 DSdrQiRPeGr9jjB6mOuAIw/Otlq+M8kHfBGD1lgf7luLWOuP7z67mj2kjhNUP+pI
 yKZI6+xbwZ79+Sr6ZFQBPDVH400zbvinV0B3xV+ZUU/3ze6j3QVFEuA9KsqAVqN6
 R9CiQJ3lP3SL64P9FMQDfQL75HD0CZnEULlqDIYAzBmtz2B/H0lhrODoO2oZHHKT
 jmxxrVLxbPg=
 =jlfq
 -----END PGP SIGNATURE-----

Merge tag 'debian/4.2.6-2'

Exclude one new patch that's already in 4.3, and the ABI stuff.

Remove items from the open changelog entry that are now redundant.
 2015-12-04 18:03:02 +00:00
Ben Hutchings b1805eb5b3 [x86] drm/i915: shut up gen8+ SDE irq dmesg noise (Closes: #806304) 
(cherry picked from commit fd13855f77)
 2015-12-04 01:18:53 +00:00
Ben Hutchings 7d0a4425fd firmware_class: Fix condition in directory search loop (Closes: #804862) 
(cherry picked from commit 5269f93afe)
 2015-12-04 01:15:54 +00:00
Ben Hutchings 4668d13b75 Btrfs: fix truncation of compressed and inlined extents (CVE-2015-8374) 2015-12-03 00:50:36 +00:00
Ben Hutchings 1060c43c3d ppp, slip: Validate VJ compression slot parameters completely (CVE-2015-7799) 
Plus a preparatory fix to isdn_ppp.
 2015-12-03 00:48:31 +00:00
Ben Hutchings 045f1d7a16 unix: avoid use-after-free in ep_remove_wait_queue (CVE-2013-7446) 2015-12-03 00:45:29 +00:00
Ben Hutchings fd13855f77 [x86] drm/i915: shut up gen8+ SDE irq dmesg noise (Closes: #806304) 2015-11-26 20:47:26 +00:00
Ben Hutchings 22ad2142d1 media: usbvision: fix crash on detecting device with invalid configuration 
(CVE-2015-7833, partly fixed in 4.2.6-1)

Also update headers of the previous patch to match the commit in
media_tree.git.
 2015-11-24 17:09:48 +00:00
Ian Campbell 00e7e4e3ed [x86] Xen: expose a more realistic max p2m size in the shared info 
Fixes migration (Closes: #797205)
 2015-11-21 13:48:44 +00:00
Salvatore Bonaccorso 3dd5f35dcb Refresh patch headers for patches for CVE-2015-8104 2015-11-15 09:48:31 +01:00
Ben Hutchings 5269f93afe firmware_class: Fix condition in directory search loop (Closes: #804862) 2015-11-12 14:59:37 +00:00
Salvatore Bonaccorso 1d08805288 [x86] KVM: rename update_db_bp_intercept to update_bp_intercept 2015-11-10 22:14:32 +01:00
Salvatore Bonaccorso 45bf582b02 [x86] KVM: svm: unconditionally intercept #DB (CVE-2015-8104) 2015-11-10 22:14:32 +01:00
Ben Hutchings b531af6929 Release linux (4.2.6-1). 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIVAwUAVkIVT+e/yOyVhhEJAQo9JxAAzMhh283CLxwNC9+oJKEpfD/ve+WLEcKI
 7TiyttUesYegG0/5JAPU//S8LyHOXeu+6vqEO0NzReCTGdQi4oXZTpUQA9KNzCTF
 TLsdFBa6z5mRYcRHeGVYjmhKr8MTVRumXv/3WTVSwp71t1W7dce4qTboMsFr/kmk
 c6rGv5GNTtpHpyjevIrLAkBq83rwdbPz6dtNnBAna38awY61a7snFPr81WUvNu3I
 uVD5Dcm+efAzL/tPSxwdZRhQ7Qi5SnqUgP/c/3keDYeCLgj87FxdXK4vlJvkgmQs
 VGX/D9VyCQvFbtWmEtAdOJHqu2LuYd0ZljFvx3Fo59KHDm6GV60jsHaGYjc8a6o1
 F7r6vaRGMLDtZhjFeYwVgJYCcHmQ8RO0fuKe4hslaiItg1rKLV738SrVRzl/oTq+
 l/HwdWxyeEbqMi1rc8bzwnFaet2Av+eArEfsla4uul1ZgNwkGbV/qZjDW/lIHcLS
 7cIYdiiv719AVU9rRR1JZR+92k4MsDaqerKNUl72yHr6F8YMY0T10GY5ddlyzAjD
 gbOkqcAIxlwVdxzXjzVUdA6T2R7edEbGnVtSaqKdFJUgRuGMqqGlcQ5xsK3CN4LC
 YlbHa2y90BpOro6E6d4Tt4dLBvq49PQ2QJio8JJNtIrpAEjN41xIXUD1AOsLvC56
 S737q+9MAIg=
 =Bxdo
 -----END PGP SIGNATURE-----

Merge tag 'debian/4.2.6-1'

Refresh some patches.
 2015-11-10 16:12:32 +00:00
Ben Hutchings 7f79eccf5e Update to 4.2.6 2015-11-10 11:32:17 +00:00
Ben Hutchings ef1fd62260 [x86] KVM: Intercept #AC to avoid guest->host denial-of-service (CVE-2015-5307) 2015-11-08 15:13:48 +00:00
Ben Hutchings b2076bbc37 media/vivid-osd: fix info leak in ioctl (CVE-2015-7884) 2015-11-08 15:01:04 +00:00
Ben Hutchings ed853af7cb RDS: fix race condition when sending a message on unbound socket (CVE-2015-7990) 2015-11-08 14:48:48 +00:00
Ben Hutchings 222755c823 usbvision: fix overflow of interfaces array (CVE-2015-7833) 2015-11-08 14:48:04 +00:00
Ben Hutchings e317536be0 mv643xx_eth: Re-enable TSO, fixed upstream in 4.3 2015-11-07 14:23:40 +00:00
Ben Hutchings c5e06b9078 Update to 4.3 2015-11-02 10:29:06 +00:00
Ben Hutchings 4c1226a6c4 selftests: breakpoint: Actually build it 2015-10-31 22:04:13 +00:00
Ben Hutchings a29879587a selftests: vm: Try harder to allocate huge pages 2015-10-31 22:04:13 +00:00
Ben Hutchings a748a69c46 selftests: Make scripts executable 2015-10-31 22:04:13 +00:00
Ben Hutchings 47af940cea selftests: kprobe: Choose an always-defined function to probe 2015-10-31 22:04:13 +00:00
Ben Hutchings ac28c69026 selftests: Ignore compiler warnings 
We can't fix them all yet, and they shouldn't cause a test failure.
Patch memfd makefile to ensure we don't rebuild it and thus emit
warnings during a test run.
 2015-10-31 22:04:13 +00:00
Ben Hutchings 499a3df5b5 selftests: Add missing #include directives 2015-10-31 22:04:13 +00:00
Ben Hutchings 61407a46ed Update to 4.2.5 2015-10-27 11:01:28 +09:00
Ben Hutchings 5c41cc7594 Update to 4.3-rc7 2015-10-25 19:47:58 +09:00
Ben Hutchings 53dc794e5f [x86] smpboot: Fix CPU #1 boot timeout (Closes: #802464) 2015-10-24 10:50:52 +09:00
Ben Hutchings 3bbce43ea7 Update to 4.2.4 
Drop patches applied upstream.

Fix two ABI changes.
 2015-10-23 01:37:19 +01:00
Salvatore Bonaccorso 4a5cabce55 Rename patches for crash issue when attempting to garbage collect an uninstantiated keyring 2015-10-20 14:06:05 +02:00
Salvatore Bonaccorso 6dd6bf4bb2 KEYS: Don't permit request_key() to construct a new keyring 2015-10-19 21:33:39 +02:00
Salvatore Bonaccorso a4b71a2ac3 KEYS: Fix crash when attempt to garbage collect an uninstantiated keyring 2015-10-19 21:31:55 +02:00
Salvatore Bonaccorso 0856d72c31 KEYS: Fix race between key destruction and finding a keyring by name 2015-10-19 21:24:41 +02:00
Ben Hutchings 79863cf1e4 Update to 4.3-rc6 2015-10-19 02:29:50 +01:00
Ben Hutchings 96c69c65e9 Update to 4.3-rc5 2015-10-13 22:00:37 +01:00
Ben Hutchings e3bec54b78 nbd: Restore request timeout detection (Closes: #770479) 2015-10-08 21:26:03 +01:00
Ben Hutchings 48bbfe3b4f Update to 4.3-rc4 2015-10-06 23:13:52 +01:00
Ben Hutchings 74a655e99e Release linux (4.2.3-1). 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIVAwUAVhQlHee/yOyVhhEJAQp14g//bgpNy9R1+sRM/tDsNhW3H331YOLlLnf5
 1F6VXgzHnDspblgJctDmYAFKIujRNO/Rn1qDXJzh6bRrHnehnH/kJmu8fXk7zbHz
 zT35/HhPIDQV04OTIne+6Pj56iMAneplPhoxtfEPUbLsqzcS9xriTIU3Hv+U7i4a
 y7hfw5lYjbNFdkeJ91VmBFF6U2usmYYPFxokua4vFNsBAStayhoq0ozbaWCePMwn
 V+tgR4GxlbPNvlfTMmEVITTM1M3wXLc9Gq87yEVwLVooshu0yQEmYD3KE87nLLAa
 9zUpH5xK05EKZEPFDtLIcLa3JIB36BfNGqPLICGnw6EesHBU2ywGTDmQlQSd262W
 byhbBMEMrCOQYkL53oMPXjBK5Sf+QuXlbaV+EOXUaolKS0qS+ss/ceip799RHa/F
 JrEYJCLbboML6+2uE47cXugnEz2aYkDeiFygC4qTYxZAbGd6udZpsRVQTpjrhhoK
 B+FPxwK8r5OX6OG6TOfr3XqmAeifTLn7g0IwQ5xqILO/6II/aZI6YvwF7DOrJx3+
 0k6T+RwhSjy55l/8nCZnsbFQvxbYbVON7eQk5TNkting9CDHmWNzE5bTo0sUzWFt
 ajrtrWQ34Z98a30GqMWPT8vPjgQx6Jos1XHzGa379W/jyArqe2QAedSfauWIszez
 e4BdJBFD1YY=
 =C10r
 -----END PGP SIGNATURE-----

Merge tag 'debian/4.2.3-1'

Drop ABI reference files and ABI fixes.
 2015-10-06 22:16:11 +01:00
Ben Hutchings 25353e24ef [mips*] io: Define ioremap_uc (fixes FTBFS) 2015-10-06 22:00:43 +01:00
Ben Hutchings 14667fb8db [x86] crypto camellia_aesni_avx: Fix CPU feature checks (Closes: #800934) 2015-10-06 12:34:12 +01:00
Ben Hutchings 8418beadb6 [armhf] dts: Fix Makefile target for sun4i-a10-itead-iteaduino-plus (fixes FTBFS) 2015-10-06 00:01:48 +01:00
Ben Hutchings 11e8b8bbe3 Update to 4.2.3 2015-10-04 02:27:48 +01:00
Salvatore Bonaccorso b532cf080d ipc: Initialize msg/shm IPC objects before doing ipc_addid() (CVE-2015-7613) 2015-10-03 15:26:49 +02:00
Ben Hutchings 9490057db7 netfilter: conntrack: use nf_ct_tmpl_free in CT/synproxy error paths (Closes: #800445) 2015-10-03 02:33:14 +01:00
Ben Hutchings 721a706dea [x86] ALSA: hda - Disable power_save_node for Thinkpads (Closes: #800694) 2015-10-03 01:58:54 +01:00
Ben Hutchings 7427111a9f ovl: conditionally use O_LARGEFILE in ovl_copy_up() (Closes: #800724) 2015-10-03 01:41:31 +01:00
Aurelien Jarno 487e6df891 Patches have been merged, use upstream URL 2015-09-29 09:37:10 +02:00
Ben Hutchings 26783922e0 Correct some patch headers 2015-09-28 02:58:48 +01:00
Ben Hutchings c0eccb7ba3 Update some patches to the latest versions forwarded upstream 2015-09-28 02:54:35 +01:00
Ben Hutchings 21444b8838 Update to 4.3-rc3 2015-09-27 18:36:09 +01:00
Ben Hutchings 346c496823 Release linux (4.2.1-2). 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIVAwUAVggkn+e/yOyVhhEJAQp5tA//RSYWzmr1GYzsO0GdQf2VHjEVn533NGWJ
 cB08dkPDadnnmAA0T1SswWCuAJpdr/AAOKvvaD+sfWPrnIMrGs4E1B3HloQPFnbU
 n7cxIzWikH7PzizkxwFlcvquNBGCetP1Ztl2KmuLwxN/bHL0z/gZRFqz6pzanVp+
 sXhoZa/dikFVrcTNOZcyVwpguwStI8BNOgsK+YWWGMGqvp+Uh82/MMjKmEgo8Qeh
 3pYmza+uNtMvhJJKt7/ALUAcOwXw7HS8GLjojPJiCHIYy0DTFfNtxyos0gzzPRhP
 kvRrjEWOT0OcbVKAHpfTaCWZSFGFgVTiZV0WwN26+iNmsTgHo69esDbB2XU50837
 bkIMrBCGQxbT5GrRXIQXx4RC693MFy2vZw+MT48Pr2c3VV4mJ8sthl6c3bdghB7l
 J417512J9kE8l2ESFEnqoFk7nFH3UywmIvgWQzaPctUF7E+ZR5oM4Ejo3NNWGJ7U
 c7gWwBX45AAKRl5dMbqn6DWzxymJFL/dCiWwr4t7eiDzAGCQMq7gT/jQMH0LfOAu
 WLKoxLeZERcLIIlfqbxzxmu2/qkGNN97w/hlwmDWLizlFLRnmWj5s0r7/f7Se5g/
 KYMJBtFvN/+0igiJGcwDMYNEE2TbgXxTP46xkcCad7xZh/GZP/Lrtpmc4l7hjFwC
 K9Gq6Sh9Lms=
 =w3w8
 -----END PGP SIGNATURE-----

Merge tag 'debian/4.2.1-2'

Drop one added patch that is already included in 4.3-rc2.
 2015-09-27 18:20:06 +01:00
Ben Hutchings 484d1aef7c [mips*] pgtable-bits.h: Correct _PAGE_GLOBAL_SHIFT build failure 
This was a regression in 4.0, but not a build failure for us.
 2015-09-27 14:17:21 +01:00
Ben Hutchings 8cc382f208 sctp: fix race on protocol/netns initialization (CVE-2015-5283) 2015-09-27 13:30:23 +01:00
Ben Hutchings 5cdb1bae58 Update to 4.3-rc2 
Drop a load of patches that went upstream.
Drop aic94xx patch which was obsoleted by a different fix upstream.
Refresh remaining patches.
 2015-09-26 17:25:45 +01:00
Ben Hutchings 1554dfda02 media: uvcvideo: Disable hardware timestamps by default (Closes: #794327) 2015-09-26 16:41:18 +01:00
Ben Hutchings 9f0e754c60 USB: whiteheat: fix potential null-deref at probe (CVE-2015-5257) 2015-09-25 17:46:08 +01:00
Ben Hutchings 30da8b4d4f e1000e: Fix tight loop implementation of systime read algorithm 2015-09-22 20:33:59 +02:00
Ben Hutchings 57644b0054 RDS: verify the underlying transport exists before creating a connection (CVE-2015-6937) 2015-09-19 03:25:49 +02:00
Ben Hutchings 5932de869a vfs: Fix possible escape from mount namespace (CVE-2015-2925) 2015-09-19 03:15:21 +02:00
Ben Hutchings dd220fc567 workqueue: Make flush_workqueue() available again to non GPL modules (Closes: #798311) 2015-09-08 12:46:57 +01:00
Aurelien Jarno 5c7b00ac36 [mips*el] Fix BPF assembly code for pre-R2 CPUs. 2015-09-05 19:40:41 +02:00
Ben Hutchings e99baa4adc Remove leading space from LC_CTYPE set in Documentation/DocBook/Makefile 
This sort of worked in that the C library would fall back to the "C"
locale, but it's not really what I intended.
 2015-08-31 02:06:02 +01:00
Ben Hutchings 32fff0de75 DocBook: Use a fixed encoding for output 
This was the last blocker for reproduciblity, so close that bug.
 2015-08-27 09:44:20 +01:00
Ben Hutchings d477438be7 gfs2: Make statistics unsigned, suitable for use with do_div() 
Fixes FTBFS on mips,mipsel,m68k.
 2015-08-26 01:43:52 +01:00
Ben Hutchings 13be7e1afd Documentation: Avoid creating man pages in source tree 
kernel-doc can currently generate dummy DocBook files using
absolute paths as their titles, which results in man pages being
created in the source tree (and thus going into linux-headers
and linux-source packages).
 2015-08-21 22:47:31 +02:00
Ben Hutchings d97fca4d0a Update patches for reproducible doc builds to match upstream 2015-08-16 21:19:41 +02:00
Ben Hutchings 5058702df6 Update to 4.2-rc6 2015-08-11 20:20:40 +02:00
Ben Hutchings 79f636b4bf Update to 4.2-rc5 
Refresh/drop patches as needed.

svn path=/dists/trunk/linux/; revision=22909
 2015-08-04 01:30:23 +00:00
Ben Hutchings f3a0728b97 md: use kzalloc() when bitmap is disabled (CVE-2015-5697) 
svn path=/dists/trunk/linux/; revision=22886
 2015-08-03 00:38:33 +00:00
Ben Hutchings 890d5dc0aa [s390x] cachinfo: add missing facility check to init_cache_level() (Closes: #793929) 
svn path=/dists/trunk/linux/; revision=22873
 2015-07-29 03:28:09 +00:00
Ben Hutchings 4272044bc9 KEYS: ensure we free the assoc array edit if edit is valid (CVE-2015-1333) 
svn path=/dists/trunk/linux/; revision=22862
 2015-07-27 18:12:37 +00:00
Ben Hutchings 1617b3f14e Merge changes from sid up to 4.0.8-2 
Drop the new rt patches.
Forward-port the NMI fixes to 4.1 (hopefully correctly).

svn path=/dists/trunk/linux/; revision=22851
 2015-07-23 01:24:14 +00:00
Ben Hutchings 561e869fda [amd64] Fix nested NMI handling (CVE-2015-3290, CVE-2015-3291, CVE-2015-5157) 
svn path=/dists/sid/linux/; revision=22842
 2015-07-22 20:46:22 +00:00
Ben Hutchings f9fdaa5b51 Merge changes from sid up to 4.0.8-1 
svn path=/dists/trunk/linux/; revision=22825
 2015-07-11 16:50:09 +00:00
Ben Hutchings 0a33208a6d [x86] kvm: fix kvm_apic_has_events to check for NULL pointer (CVE-2015-4692) 
svn path=/dists/sid/linux/; revision=22821
 2015-07-11 03:33:17 +00:00
Ben Hutchings 918b37b2bd Update to 4.0.8 
svn path=/dists/sid/linux/; revision=22819
 2015-07-11 02:47:13 +00:00
Ben Hutchings 6fa2b3e596 linux-manual: kernel-doc: Use $KBUILD_BUILD_TIMESTAMP as man page date 
svn path=/dists/trunk/linux/; revision=22814
 2015-07-08 01:54:15 +00:00
Ben Hutchings fe2e97b36c DocBook: Fix duplicate man pages (v2) 
svn path=/dists/trunk/linux/; revision=22813
 2015-07-08 01:01:30 +00:00
Ben Hutchings eb4b510b6d DocBook: Fix duplicate man pages 
svn path=/dists/trunk/linux/; revision=22812
 2015-07-08 01:00:56 +00:00
Ben Hutchings bea534ac5d DocBook: Define generate.consistent.ids in stylesheet, not on command line 
svn path=/dists/trunk/linux/; revision=22811
 2015-07-07 18:03:03 +00:00
Ben Hutchings 94f19b438b DocBook: generate consistent IDs 
svn path=/dists/trunk/linux/; revision=22810
 2015-07-07 16:25:17 +00:00
Ben Hutchings 45a060d5a7 Add bug URL to "parse kernel-doc deterministically" 
svn path=/dists/trunk/linux/; revision=22806
 2015-07-06 23:36:53 +00:00
Ben Hutchings 5558f2b836 linux-manual: Drop original timestamp (and name) when compressing 
svn path=/dists/trunk/linux/; revision=22805
 2015-07-06 23:35:25 +00:00
Ben Hutchings 7886d2f1e2 [mips*] Correct FP ISA requirements (Closes: #781892) 
svn path=/dists/sid/linux/; revision=22792
 2015-07-05 23:09:31 +00:00
Ben Hutchings 029e70eef5 Update to 4.0.6 
svn path=/dists/sid/linux/; revision=22778
 2015-06-28 22:58:51 +00:00
Ben Hutchings 785dd82c82 Update to 4.1-rc8 
svn path=/dists/trunk/linux/; revision=22760
 2015-06-16 22:54:51 +00:00
Ben Hutchings 8e62b8255e Update to 4.0.5 
svn path=/dists/sid/linux/; revision=22735
 2015-06-08 14:18:48 +00:00
Ian Campbell 829384f516 [arm] Fix mvebu-mbus for non-io-coherent platforms. 
svn path=/dists/sid/linux/; revision=22729
 2015-06-01 21:09:02 +00:00
Ben Hutchings 3f27648fda mac80211: Fix fatal kernel-doc errors 
svn path=/dists/trunk/linux/; revision=22721
 2015-05-27 19:30:35 +00:00
Ben Hutchings cc28b6b52f Merge changes from sid up to 4.0.4-1 
Excluding the ABI number bump and the PREEMPT_RT featureset.

svn path=/dists/trunk/linux/; revision=22720
 2015-05-27 02:40:14 +00:00
Ben Hutchings a6d6bb9297 Add some fixes already applied to jessie 
svn path=/dists/sid/linux/; revision=22692
 2015-05-25 01:05:34 +00:00
Ben Hutchings 695036fbe2 md/raid0: fix restore to sector variable in raid0_make_request (Closes: #786372) (regression in 4.0.2) 
svn path=/dists/sid/linux/; revision=22673
 2015-05-23 00:30:31 +00:00
Ben Hutchings a6e1905b8a Update to 4.0.4 
Drop patches that were applied upstream.

Changelog still needs trimming.

svn path=/dists/sid/linux/; revision=22662
 2015-05-20 00:22:50 +00:00
Ben Hutchings e0fa49030a Fix error messages at boot on systems without an RTC (Closes: #784146) 
svn path=/dists/sid/linux/; revision=22657
 2015-05-17 23:00:53 +00:00
Ben Hutchings cbfecc70a4 linux-doc: parse kernel-doc deterministically 
svn path=/dists/trunk/linux/; revision=22650
 2015-05-12 19:36:40 +00:00
Ben Hutchings 56c70a5fd2 Update to 4.1-rc3 
Drop and refresh patches as appropriate.

In the x86 memtest patch, add #ifdef CONFIG_X86 as memtest is now
cross-architecture and memtest86+ is not.

svn path=/dists/trunk/linux/; revision=22616
 2015-05-11 16:39:41 +00:00
Ben Hutchings 8ed388e21b mnt: Add missing pieces of fix for CVE-2014-9717 
svn path=/dists/trunk/linux/; revision=22605
 2015-05-11 03:29:09 +00:00
Ben Hutchings bf73af3760 path_openat(): fix double fput() 
svn path=/dists/trunk/linux/; revision=22584
 2015-05-10 19:07:03 +00:00
Ben Hutchings 6bd3003700 ipv4: Missing sk_nulls_node_init() in ping_unhash() (CVE-2015-3636) 
svn path=/dists/trunk/linux/; revision=22553
 2015-05-03 15:24:53 +00:00
Ben Hutchings c544d987d9 Update to 4.0 
svn path=/dists/trunk/linux/; revision=22505
 2015-04-13 02:02:26 +00:00
Ben Hutchings 1553282b11 Merge changes from sid up to 3.16.7-ckt9-2 
svn path=/dists/trunk/linux/; revision=22504
 2015-04-13 01:18:26 +00:00
Ben Hutchings a283a09236 btrfs: simplify insert_orphan_item (Closes: #782362) 
svn path=/dists/sid/linux/; revision=22501
 2015-04-13 00:40:50 +00:00
Ben Hutchings 6d4496e9a3 Merge changes from sid up to 3.16.7-ckt9-1 
svn path=/dists/trunk/linux/; revision=22495
 2015-04-08 04:04:18 +00:00
Ben Hutchings 2e1bc269ef [x86] powercap / RAPL: change domain detection message (Closes: #781418) 
svn path=/dists/sid/linux/; revision=22484
 2015-04-06 20:19:39 +00:00
Ben Hutchings 29d76076b2 HID: thingm: fix workqueue race on remove (Closes: #780055) 
svn path=/dists/sid/linux/; revision=22482
 2015-04-06 19:20:15 +00:00
Ben Hutchings d66ac0ed1c [x86] drm/i915: Add limited color range readout for HDMI/DP ports on g4x/vlv/chv (Closes: #775217) 
svn path=/dists/sid/linux/; revision=22479
 2015-04-06 18:34:20 +00:00
Ben Hutchings ab89a645d4 ipv6: Don't reduce hop limit for an interface (CVE-2015-2922) 
svn path=/dists/sid/linux/; revision=22475
 2015-04-06 17:45:04 +00:00
Ben Hutchings 6bc904578f [x86] microcode/intel: Guard against stack overflow in the loader (CVE-2015-2666) 
svn path=/dists/sid/linux/; revision=22474
 2015-04-06 17:31:57 +00:00
Ben Hutchings 999727f3c9 ext4: allocate entire range in zero range (CVE-2015-0275) 
plus earlier fixes for this function that it depends on

svn path=/dists/sid/linux/; revision=22473
 2015-04-06 17:28:52 +00:00
Ben Hutchings a1a7477708 Btrfs: make xattr replace operations atomic (CVE-2014-9710) 
svn path=/dists/sid/linux/; revision=22472
 2015-04-06 17:24:48 +00:00
Ben Hutchings cb90a912a0 IB/core: Prevent integer overflow in ib_umem_get address arithmetic (CVE-2014-8159) 
svn path=/dists/sid/linux/; revision=22471
 2015-04-06 17:06:28 +00:00
Ben Hutchings 6ede30f9f0 Update to 3.16.7-ckt9 
svn path=/dists/sid/linux/; revision=22470
 2015-04-06 16:54:31 +00:00
Ian Campbell bcf9b5250a [armhf] mvebu: do not register custom DMA operations when coherency is disabled 
(Closes: #780858)

svn path=/dists/sid/linux/; revision=22457
 2015-03-20 20:15:32 +00:00
Ian Campbell 9f304528a2 Add a missing Origin header 
svn path=/dists/sid/linux/; revision=22456
 2015-03-20 20:15:24 +00:00
Ben Hutchings 1a12a90d3a Update to 3.19.1 
svn path=/dists/trunk/linux/; revision=22449
 2015-03-07 22:35:29 +00:00
Ben Hutchings c6d983ba6a Merge changes from sid up to 3.16.7-ckt7-1 
svn path=/dists/trunk/linux/; revision=22445
 2015-03-05 00:45:32 +00:00
Ben Hutchings 5b6b9def87 KEYS: request_key() should reget expired keys rather than give EKEYEXPIRED (regression in 3.13) (Closes: #758870) 
svn path=/dists/sid/linux/; revision=22436
 2015-03-01 05:40:01 +00:00
Ben Hutchings 0b2d017901 [x86] drm/i915: Quietly reject attempts to create non-pagealigned stolen objects (Closes: #763155) 
svn path=/dists/sid/linux/; revision=22435
 2015-03-01 05:09:52 +00:00
Ben Hutchings 2826e488d1 [x86] ACPI / video: Add disable_native_backlight quirk for various Samsung models and Dell XPS15 L521X (Closes: #772440) 
svn path=/dists/sid/linux/; revision=22431
 2015-03-01 03:14:33 +00:00
Ben Hutchings 0568c0df1e Update to 3.16.7-ckt6 
Drop/refresh patches as necessary.
ABI changes still need to be resolved.

svn path=/dists/sid/linux/; revision=22412
 2015-02-22 05:08:16 +00:00
Ben Hutchings ef31d8f0b0 ASLR: fix stack randomization on 64-bit systems (CVE-2015-1593) 
svn path=/dists/sid/linux/; revision=22399
 2015-02-17 05:25:56 +00:00
Ben Hutchings dfd470cb06 vfs: read file_handle only once in handle_to_path (CVE-2015-1420) 
svn path=/dists/sid/linux/; revision=22398
 2015-02-17 05:19:56 +00:00
Ben Hutchings bda3d7b1ef [x86] HPET force enable for e6xx based systems (Closes: #772951) 
svn path=/dists/sid/linux/; revision=22390
 2015-02-16 03:35:17 +00:00
Ben Hutchings 2aa87b787b Rebase and re-enable various patches for 3.19 
svn path=/dists/trunk/linux/; revision=22362
 2015-02-10 01:13:04 +00:00
Maximilian Attems 207ecec09f axe one more 
Signed-off-by: maximilian attems <maks@debian.org>

svn path=/dists/trunk/linux/; revision=22361
 2015-02-09 20:38:40 +00:00
Maximilian Attems a1fbb0ec43 axe more merge patches 
Signed-off-by: maximilian attems <maks@debian.org>

svn path=/dists/trunk/linux/; revision=22360
 2015-02-09 20:37:00 +00:00
Maximilian Attems 6346582d80 axe merge x86 patch, uncomment unclear status 
Signed-off-by: maximilian attems <maks@debian.org>

svn path=/dists/trunk/linux/; revision=22358
 2015-02-09 20:23:25 +00:00
Maximilian Attems f89db51cd6 update more stuff 
TODO: fix it up.

Signed-off-by: maximilian attems <maks@debian.org>

svn path=/dists/trunk/linux/; revision=22353
 2015-02-08 20:20:12 +00:00
Maximilian Attems 11a6bf0679 radeon fixup 
Signed-off-by: maximilian attems <maks@debian.org>

svn path=/dists/trunk/linux/; revision=22352
 2015-02-08 20:20:11 +00:00
Maximilian Attems 685d5ac49d firmware second go 
Signed-off-by: maximilian attems <maks@debian.org>

svn path=/dists/trunk/linux/; revision=22351
 2015-02-08 19:30:35 +00:00
Maximilian Attems 3838708a0e first go at those firmware messages 
TODO: fixup more..

Signed-off-by: maximilian attems <maks@debian.org>

svn path=/dists/trunk/linux/; revision=22350
 2015-02-08 19:05:12 +00:00
Ben Hutchings 09cca14080 Update to 3.18.6 
svn path=/dists/trunk/linux/; revision=22344
 2015-02-06 19:26:16 +00:00
Ben Hutchings e955a034cc Merge changes from sid up to 3.16.7-ckt4-3 
svn path=/dists/trunk/linux/; revision=22343
 2015-02-03 23:01:03 +00:00
Ben Hutchings 3bc54756b8 net: sctp: fix slab corruption from use after free on INIT collisions (CVE-2015-1421) 
svn path=/dists/sid/linux/; revision=22340
 2015-02-03 20:07:00 +00:00
Ben Hutchings 6215101edd [x86] Fix TLS regressions resulting from CVE-2014-8133 related fixes 
svn path=/dists/sid/linux/; revision=22339
 2015-02-03 19:46:31 +00:00
Ian Campbell 4087554882 [arm64] Only use the virtual counter (CNTVCT) on arm64. 
svn path=/dists/sid/linux/; revision=22337
 2015-02-03 09:20:15 +00:00
Maximilian Attems 929422ec2d bugfix/x86: axe merged kvm fixes 
Signed-off-by: maximilian attems <maks@debian.org>

svn path=/dists/trunk/linux/; revision=22315
 2015-01-31 13:35:02 +00:00
Maximilian Attems ccf5d0a2e1 patches/bugfix: axe merged crypto patches 
Signed-off-by: maximilian attems <maks@debian.org>

svn path=/dists/trunk/linux/; revision=22314
 2015-01-31 13:35:00 +00:00
Maximilian Attems c5c9b67ca6 bugfix/sh4: axe another merged patch 
Signed-off-by: maximilian attems <maks@debian.org>

svn path=/dists/trunk/linux/; revision=22313
 2015-01-31 13:34:58 +00:00
Maximilian Attems 6f317108fd patches/bugfix: axe 3.18.5 merged patch 
Signed-off-by: maximilian attems <maks@debian.org>

svn path=/dists/trunk/linux/; revision=22312
 2015-01-31 13:34:56 +00:00
Ian Campbell ddd86e5e0c [xen] annother ballooning patch related to #776448 
svn path=/dists/sid/linux/; revision=22310
 2015-01-30 12:11:35 +00:00
Ian Campbell 3392dfe657 [xen] cancel ballooning if adding new memory failed (Closes: #776448) 
svn path=/dists/sid/linux/; revision=22305
 2015-01-29 13:42:23 +00:00
Ben Hutchings 4f4c93c29b [x86] Revert "KVM: Fix of previously incomplete fix for CVE-2014-8480" as that issue does not affect 3.16 
svn path=/dists/sid/linux/; revision=22303
 2015-01-29 04:51:00 +00:00
Ben Hutchings 4931fc74b2 [sh4] ftrace: Remove -m32 option from recordmcount.pl (Closes: #775611) 
svn path=/dists/sid/linux/; revision=22294
 2015-01-28 17:53:17 +00:00
Ben Hutchings f960ba05a1 Un-backport the patches for CVE-2013-7421/CVE-2014-9644 
The backported versions leave out various drivers not present in 3.16.

svn path=/dists/trunk/linux/; revision=22293
 2015-01-28 03:37:06 +00:00
Ben Hutchings 4d1f08d9da Update to 3.18.4 
svn path=/dists/trunk/linux/; revision=22292
 2015-01-28 01:12:02 +00:00
Ben Hutchings 7a65d0afd3 Merge changes from sid up to 3.16.7-ckt4-2 
svn path=/dists/trunk/linux/; revision=22291
 2015-01-28 00:26:48 +00:00
Ben Hutchings 424adbaf17 [x86] KVM security fixes 
svn path=/dists/sid/linux/; revision=22288
 2015-01-27 03:28:25 +00:00
Ben Hutchings afd12d78e4 crypto: Fix unprivileged arbitrary module loading (CVE-2013-7421, CVE-2014-9644) 
svn path=/dists/sid/linux/; revision=22287
 2015-01-27 02:35:59 +00:00
Ian Campbell f800ed5d8d [xen] Revert "swiotlb-xen: pass dev_addr to swiotlb_tbl_unmap_single" 
(Closes: #776237)

svn path=/dists/sid/linux/; revision=22285
 2015-01-26 13:25:40 +00:00
Helge Deller c0b8466bf2 [hppa] apply upstream patch for ldcw.h 
svn path=/dists/trunk/linux/; revision=22282
 2015-01-19 07:54:49 +00:00
Ben Hutchings f6cc1119d2 [sh4] ftrace: Remove -m32 option from recordmcount.pl (Closes: #775611) 
svn path=/dists/trunk/linux/; revision=22278
 2015-01-18 20:48:01 +00:00
Ben Hutchings 3b695bd955 Update to 3.18.3 
svn path=/dists/trunk/linux/; revision=22275
 2015-01-16 22:04:33 +00:00
Ben Hutchings 10f7943320 Merge changes from sid up to 3.16.7-ckt4-1 
svn path=/dists/trunk/linux/; revision=22265
 2015-01-16 02:43:15 +00:00
Ben Hutchings ca7ceedfad Add two security fixes 
svn path=/dists/sid/linux/; revision=22262
 2015-01-16 00:15:01 +00:00
Ben Hutchings 167d9fdacc Update to 3.16.7-ckt4 
- Drop various patches that were applied upstream
- Refresh "add sysctl to disallow unprivileged CLONE_NEWUSER by default"
- Fix/ignore ABI changes as appropriate
- Explicitly disable the new CONFIG_IWLWIFI_UAPSD symbol

svn path=/dists/sid/linux/; revision=22261
 2015-01-16 00:04:09 +00:00
Ian Campbell f90bca66d2 Disable TSO in mv643xx_eth driver by default again 
Since previous fix appears to not work on all platforms (Closes: #764162).

svn path=/dists/sid/linux/; revision=22254
 2015-01-12 14:27:33 +00:00
Ben Hutchings 3aa362afbe vfs: Fix potential deadlock in dcache (CVE-2014-8559) 
svn path=/dists/sid/linux/; revision=22250
 2015-01-12 05:08:31 +00:00
Ben Hutchings 45c478e07e Add various security fixes 
svn path=/dists/sid/linux/; revision=22249
 2015-01-12 03:09:51 +00:00
Ben Hutchings da330a0eef [x86] ACPI / video: Run _BCL before deciding registering backlight (regression in 3.16) (Closes: #762285) 
svn path=/dists/sid/linux/; revision=22242
 2015-01-02 04:26:05 +00:00
Ben Hutchings f75504c2b3 Update to 3.16.7-ckt3 
- Drop various patches that were applied upstream
- Refresh the big firmware logging patch
- Fix/ignore ABI changes as appropriate


svn path=/dists/sid/linux/; revision=22238
 2015-01-02 03:44:16 +00:00
Ian Campbell b84001ac07 [xen] More netback fixes 
(including reintroducing support for feature-rx-notify, which was regressed by
the fix to #767261).

svn path=/dists/sid/linux/; revision=22235
 2014-12-29 23:16:40 +00:00
Ben Hutchings dff5dedd0f Update to 3.18 
Drop/refresh patches as necessary.

Disable aufs.

svn path=/dists/trunk/linux/; revision=22149
 2014-12-09 03:06:08 +00:00
Ben Hutchings e0ff76482a Merge changes from sid up to 3.16.7-ckt2-1 
svn path=/dists/trunk/linux/; revision=22148
 2014-12-09 02:55:16 +00:00
Ben Hutchings bfa6c7f357 [amd64] asm/traps: Disable tracing and kprobes in fixup_bad_iret and sync_regs 
svn path=/dists/sid/linux/; revision=22140
 2014-12-08 20:03:06 +00:00
Ben Hutchings ce9486ad20 Revert "drivers/net: Disable UFO through virtio" in macvtap and tun. 
svn path=/dists/sid/linux/; revision=22139
 2014-12-08 19:35:31 +00:00