f98a6c1701
HID: Enable HID_SENSOR_CUSTOM_SENSOR as module
2017-05-02 04:26:32 +01:00
bb3cdfe4f6
hda: Set SND_HDA_PREALLOC_SIZE=2048 as recommended for PulseAudio
2017-05-02 04:26:32 +01:00
6b9daaf87e
[x86] amdgpu,sound/soc: Enable DRM_AMD_ACP; enable SND_SOC_AMD_ACP as module
2017-05-02 04:26:32 +01:00
5ed69967a2
media: Enable VIDEO_TW5864, VIDEO_TW686X as modules
2017-05-02 04:26:32 +01:00
7ba1afb386
nfsd: stricter decoding of write-like NFSv2/v3 ops (CVE-2017-7895)
2017-04-29 22:02:50 +02:00
7961205000
nfsd4: minor NFSv2/v3 write decoding cleanup
2017-04-29 21:59:48 +02:00
0e77dea5fc
nfsd: check for oversized NFSv2/v3 arguments (CVE-2017-7645)
2017-04-29 21:52:43 +02:00
4c666bd4da
Update to 4.9.25
2017-04-27 20:19:04 +02:00
d2be118d62
[m68k] udeb: Enable suffix for kernel-image ( Closes : #859366 )
2017-04-27 18:37:09 +01:00
f3c3de0f60
integrity: Enable IMA and related kconfig symbols (except on armel/marvell)
...
Closes : #788290
Based on advice from Matthew Garrett.
2017-04-27 18:37:09 +01:00
6771be1138
macsec: dynamically allocate space for sglist
2017-04-27 07:42:13 +02:00
7b2acecada
macsec: avoid heap overflow in skb_to_sgvec (CVE-2017-7477)
2017-04-27 06:43:38 +02:00
e7b761c5fd
[arm64] Add bug closure for raising NR_CPUS
2017-04-25 23:40:09 +01:00
4e57833523
watchdog: Enable WATCHDOG_SYSFS
2017-04-25 23:16:40 +01:00
2b2a89c35f
thermal: Explicitly disable GENERIC_ADC_THERMAL per default
2017-04-25 23:15:47 +01:00
a1a96efe46
[x86] thermal: Enable INT3406_THERMAL as module
2017-04-25 23:13:32 +01:00
cc56cd8593
gpio: Explicitly set various symbols to their defaults
2017-04-25 22:58:43 +01:00
8ab44aa518
[x86] gpio: Enable GPIO_AMDPT as module
2017-04-25 22:57:34 +01:00
f3a2da345c
spi: Explicitly set various symbols to their defaults
2017-04-25 22:56:53 +01:00
9ad676b26c
char: Explicitly enable DEVPORT per default
2017-04-25 22:53:32 +01:00
fd23df3a24
serial/8250: Enable SERIAL_8250_MOXA as module
2017-04-25 22:50:51 +01:00
25cf1aa652
[x86] input/touchscreen: Enable TOUCHSCREEN_SURFACE3_SPI as module
2017-04-25 22:49:04 +01:00
79226c42bf
input: Enable TABLET_USB_PEGASUS as module
2017-04-25 22:48:26 +01:00
c9034d73b4
drivers/input: Explicitly set various symbols to their defaults
2017-04-25 22:46:57 +01:00
e4f8eedb77
net/phy: Enable MICROSEMI_PHY as module
2017-04-25 22:42:23 +01:00
9ee3fb1151
ethernet: Enable NFP_NETVF as module
2017-04-25 22:41:37 +01:00
6a09142123
drivers/net: Explicitly set various symbols to their defaults
2017-04-25 22:37:52 +01:00
94b8328125
net/sched: Enable NET_ACT_SKBMOD as module
2017-04-25 22:23:51 +01:00
45a93062df
6lowpan: Enable Generic Header Compression modules
2017-04-25 22:22:50 +01:00
f6ab826219
PCI: Enable PCIE_PTM (except on armel/marvell)
2017-04-25 22:20:09 +01:00
fe7d4b95a0
Add changelog entry for CVE-2017-8061
...
Gbp-Dch: Ignore
2017-04-23 12:15:25 +02:00
1beb630d78
Add changelog entry to record CVE-2017-8063
...
Gbp-Dch: Ignore
2017-04-23 12:09:00 +02:00
dff836d7ec
Add CVE-2017-8064 reference
...
Gbp-Dch: Ignore
2017-04-23 12:02:37 +02:00
1ad0a79c0a
Add changelog entry for CVE-2017-8067
...
Gbp-Dch: Ignore
2017-04-23 11:46:28 +02:00
7bf90ad750
KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings (CVE-2017-7472)
2017-04-22 02:26:48 +01:00
89402402c8
KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings (CVE-2016-9604)
2017-04-22 02:25:04 +01:00
74fdfed494
Drop ABI maintenance patches
...
We're bumping ABI in the next upload so don't need these.
2017-04-22 02:22:38 +01:00
9c5f88b1f6
Update to 4.9.24
...
Drop most of our bug fix patches, which were included in it.
Adjust context in a couple of rt patches that have textual conflicts.
2017-04-22 00:59:32 +01:00
d518bcf5f3
[mips*el/loongson-3] Disable PAGE_EXTENSION and PAGE_POISONING.
...
This workaround a kernel crash, until the real issue is found. It is
currently being investigated.
2017-04-22 01:16:49 +02:00
f2b1e81469
[mips*/octeon] Drop obsolete patch adding support for the UBNT E200 board.
2017-04-21 11:31:33 +02:00
22e8e7af28
Explicitly mark some patches as Forwarded: no or not-needed
2017-04-18 04:19:54 +01:00
cf75a4d22c
Add Origin for a probably-obsolete MIPS patch
2017-04-18 04:19:20 +01:00
aa2adea45f
Update Origin and description for various patches now applied/merged upstream
2017-04-18 04:18:56 +01:00
790885d6d8
Add Forwarded header and update description for several patches
2017-04-18 04:15:47 +01:00
8701ef58ba
Replace "[media] dvb-usb: Don't use stack for reset either" with upstream fix
2017-04-18 01:16:50 +01:00
3f62574711
crypto: ahash - Fix EINPROGRESS notification callback (CVE-2017-7618)
2017-04-16 23:25:12 +01:00
4d042ae0ff
[rt] Update to 4.9.20-rt16
2017-04-16 21:52:57 +01:00
31945f628c
Update to 4.9.22
...
Drop patches applied upstream.
2017-04-16 21:47:05 +01:00
326a2052e2
linux-image: Disable signing until it's supported in dak
...
Only code signing through dak is going to be acceptable for a stable
release, so disable the current arrangement.
2017-04-16 18:53:52 +01:00
b4b1be4c52
Move debug symbols back to the main archive
...
dak currently allows a binary upload to include debug symbol packages
that don't appear in the overrides file or the Binary field of the
changes file, so long as they have the appropriate
'Auto-Built-Package' field and their name matches another binary
package in the upload plus the '-dbgsym' suffix.
For architectures with code signing enabled, our binary uploads never
match this condition as the corresponding binary package has the
'-unsigned' suffix and the debug symbols package does not. Since we
do list the debug symbol packages in the Binary field, they do get
added to the overrides file when accepted through the NEW queue, but
they are automatically pruned from there some time later. Later
uploads then have to go through NEW even though they are not
introducing new binary packages. This would be a big problem for
stable security updates.
For now, move debug symbols back to the main archive with the old
'-dbg' suffix. Keep them enabled for all architectures.
2017-04-16 18:53:35 +01:00
Ben Hutchings
Salvatore Bonaccorso
John Paul Adrian Glaubitz
Aurelien Jarno