Romain Perier
fbe4322901
[powerpc*] mm/64s/hash: Reallocate context ids on fork (CVE-2019-12817)
2019-07-20 17:17:59 +02:00
Romain Perier
7e902dbcd3
[x86] x86/insn-eval: Fix use-after-free access to LDT entry (CVE-2019-13233)
2019-07-20 17:17:43 +02:00
Salvatore Bonaccorso
aa3c23fe0e
Release linux (4.19.37-5+deb10u1).
...
-----BEGIN PGP SIGNATURE-----
iQKmBAABCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl0xhh1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89E8nEP/iF7NUo1hvYNR/ueapgtpnMaHh/OeiGp
x5/4RQW9Lo+Y8djiJWr9Kh7DVT7zp2k6OOb6o2qypgpEpFGGZAf02E3kheTJMhJz
XxDHyGRflQpXDsEbPCcWCXvJjH/7puV/GWATPYo9qE/hs9rBAiFsOlOTqWSJf8Yd
rVxjRRXe9/qRcOV4OJyiuL2GbeL7eO3TqTEl1NVSNP4V1RjYFFy/CUelWAcGzUOI
tkk+NM7CEspQQhpIRkSGB+GyYMvOFNi2mkrz+mJbSUeb75uiZq3myJqHiQOKpwHe
OGJiVBD4Ce8pv3PvR9bFZwgOV2t1XTDOeyUcmh8C07SblwI6iM/vi/nWw7B9VUEH
X2EB/3/TuhKgJHtYpFZdi1mlRrt+6YYgDmbFVUyjojZhOONlVagwq2vaX0ep6yI4
FOQo4kpCG10yse4JxUS0Unv6hk7ShfLe/Kb9lOJvPSZM5dCutWTQrRO05gTyFaev
orMZou9lsXYDTzpFAICE2ZhCcySvYLqvPkkCoabiECMlJE2Ra/rsHiuQEcSNjG8E
A8EqJhElt+W8mvTkofG5yL3oguD6yg4Qf0luKOl0bEcZyBXDbK4nHtHAwcBNoR5X
zNfrikCyo7jPX3JGH3F8wYE9vc04SO+YEkvcyZcLTOUBiDIpZgC4r3IOyBDgzv1K
KDIBNpFCBL0Z
=794G
-----END PGP SIGNATURE-----
Merge tag 'debian/4.19.37-5+deb10u1' into buster-security
Release linux (4.19.37-5+deb10u1).
2019-07-19 11:15:23 +02:00
Salvatore Bonaccorso
786d73da80
Prepare to release linux (4.19.37-5+deb10u1).
2019-07-19 10:46:02 +02:00
Salvatore Bonaccorso
c6f3814dc4
ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME (CVE-2019-13272)
2019-07-19 10:45:11 +02:00
John Paul Adrian Glaubitz
c342a968c4
[sh4]: Check for kprobe trap number before trying to handle a kprobe trap
2019-06-23 18:59:55 +02:00
Ben Hutchings
e2cc6dfed3
debian/changelog: Clean up entry for Huawei TaiShan support
2019-06-23 17:27:59 +01:00
Ben Hutchings
c01ce3da12
Merge branch '93sam/linux-huawei-taishan-support' into sid
...
[arm64] Improve support for the Huawei TaiShan server platform
See merge request kernel-team/linux!151
2019-06-23 17:19:03 +01:00
Salvatore Bonaccorso
eb5241a213
tcp: refine memory limit test in tcp_fragment()
...
Closes : #930904
2019-06-23 16:15:34 +02:00
Steve McIntyre
2c3b28ea8f
[arm64] Improve support for the Huawei TaiShan server platform
...
Closes : #930554
Enable the HNS/ROCE Infiniband driver
Backport fixes from 4.20 and 4.21 for HNS3 networking, hisi_sas SAS
and HNS/ROCE Infiniband
Signed-off-by: Steve McIntyre <93sam@debian.org>
2019-06-23 10:58:07 +01:00
Ben Hutchings
8fb3f0b24d
Prepare to release linux (4.19.37-5).
2019-06-19 23:16:58 +01:00
Ben Hutchings
e60e81ccd9
debian/changelog: Wrap a >80-character line
2019-06-19 23:16:33 +01:00
Ben Hutchings
0a8cb2b316
Add ABI reference for 4.19.0-5
...
This is based on version 4.19.37-1 and 4.19.37-3, which are
consistent except for the addition of two symbols related to the
MDS mitigation on x86.
2019-06-19 23:16:32 +01:00
Ben Hutchings
ac648cc5be
debian/changelog: Record ABI fix that did *not* make it into 4.19.37-4
...
Thought I'd built with the ABI fix, but didn't. And there was
no ABI reference to catch this. :-(
2019-06-19 23:16:25 +01:00
Romain Perier
d2962338d6
[sparc64] Fix device naming inconsistency between sunhv_console and sunhv_reg ( Closes : #926539 )
2019-06-19 16:30:43 +02:00
Ben Hutchings
2536e21256
Prepare to release linux (4.19.37-4).
2019-06-17 20:00:30 +01:00
Ben Hutchings
afceeb64fe
debian/changelog: List changes in 4.19.37-rt20
2019-06-17 20:00:14 +01:00
Ben Hutchings
1e253edaa7
Add TCP DoS fixes
2019-06-17 19:46:08 +01:00
Ben Hutchings
4ea468554d
mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (CVE-2019-10126)
2019-06-17 19:32:38 +01:00
Ben Hutchings
e5664e23f5
mm/mincore.c: make mincore() more conservative (CVE-2019-5489)
2019-06-17 19:29:35 +01:00
Ben Hutchings
1894e89399
mwifiex: Don't abort on small, spec-compliant vendor IEs
2019-06-17 19:29:14 +01:00
Ben Hutchings
70b1e1a8fa
mwifiex: Abort at too short BSS descriptor element
2019-06-17 19:25:01 +01:00
Ben Hutchings
54fa813858
mwifiex: Fix possible buffer overflows at parsing bss descriptor (CVE-2019-3846)
2019-06-17 19:24:10 +01:00
Alper Nebi Yasak
cc59373e08
[arm64] udeb: fb-modules: Include rockchipdrm, panel-simple, pwm_bl, pwm-cros-ec
...
Some ChromeOS devices need these for the display.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
2019-06-10 18:50:46 +03:00
Alper Nebi Yasak
c8cdb80b66
[arm64] udeb: mmc-modules: Include phy-rockchip-emmc
...
Needed for internal storage on some ChromeOS devices.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
2019-06-10 18:50:46 +03:00
Alper Nebi Yasak
cb05f8d52a
[arm64] udeb: usb-modules: Include phy-rockchip-typec, extcon-usbc-cros-ec
...
On Samsung Chromebook Plus (v1) trying to boot from a rootfs on a USB
storage device without these modules in the initramfs, it drops to an
initramfs shell with a non-working display. For the d-i netboot image,
the screen doesn't turn on, but the installer menu works.
A recent change to initramfs-tools includes extcon-usbc-cros-ec, so
include that and a relevant PHY module here as well.
Relevant:
https://salsa.debian.org/kernel-team/initramfs-tools/commit/994d698a
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
2019-06-10 18:50:45 +03:00
Alper Nebi Yasak
3c9e2d8dee
[arm64] udeb: kernel-image: Include phy-rockchip-pcie
...
On some ChromeOS devices, this is required to connect to a wireless
network via mwifiex_pcie.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
2019-06-10 18:50:45 +03:00
Alper Nebi Yasak
b68c83d156
[arm64] udeb: kernel-image: Include cros_ec_spi and SPI drivers
...
The cros_ec multifunction device provides the keyboard services on some
ChromeOS devices, but requires a bus to be enabled to communicate with
it. On Samsung Chromebook Plus (v1), including spi-rockchip and
cros_ec_spi are enough. A recent change in initramfs-tools included all
SPI drivers, so include them here as well.
Relevant:
https://salsa.debian.org/kernel-team/initramfs-tools/commit/797e5fed
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
2019-06-10 18:50:45 +03:00
Alper Nebi Yasak
0114d125ba
udeb: input-modules: Include all keyboard driver modules
...
Some important modules like cros_ec_keyb are in input/keyboard. A recent
change in initramfs-tools also includes them, so include them here too.
Relevant:
https://salsa.debian.org/kernel-team/initramfs-tools/commit/40f66474
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
2019-06-10 18:50:45 +03:00
Ben Hutchings
d7374fce1e
Merge branch 'sparc64-sid' into 'sid'
...
[sparc64] udeb: Disable suffix for kernel-image
See merge request kernel-team/linux!147
2019-06-09 23:28:08 +00:00
Aurelien Jarno
cbcfb20ce0
[mips] Correctly bounds check virt_addr_valid ( Closes : #929366 )
2019-06-09 00:06:52 +02:00
Salvatore Bonaccorso
3b44df1499
Bluetooth: hidp: fix buffer overflow (CVE-2019-11884)
2019-06-07 15:25:30 +02:00
Salvatore Bonaccorso
8910626bca
ext4: zero out the unused memory region in the extent tree block (CVE-2019-11833)
2019-06-07 14:53:07 +02:00
Salvatore Bonaccorso
23527ae20b
brcmfmac: add subtype check for event handling in data path (CVE-2019-9503)
2019-06-07 14:49:05 +02:00
Salvatore Bonaccorso
8970aaa563
brcmfmac: assure SSID length from firmware is limited (CVE-2019-9500)
2019-06-07 14:43:58 +02:00
Romain Perier
c11ba60cce
[rt] Update to 4.19.37-rt20
2019-05-29 21:49:30 +02:00
Ben Hutchings
92a96d298e
[x86] lockdown,sysrq: Enable ALLOW_LOCKDOWN_LIFT_BY_SYSRQ ( Closes : #929583 )
2019-05-26 18:13:59 +01:00
John Paul Adrian Glaubitz
db249f2b52
[sparc64] udeb: Disable suffix for kernel-image
2019-05-21 14:29:31 +02:00
Ben Hutchings
a8c3d89c71
README.source: Document the various makefiles and use of out-of-tree builds
2019-05-19 15:05:10 +01:00
Ben Hutchings
a96bd61a2e
libbpf: Build out-of-tree
2019-05-19 14:49:48 +01:00
Ben Hutchings
9b28931859
libbpf: Use only 2 components in soversion, matching package name
...
Debian policy says the package name must change when the soname
changes. We don't expect the ABI to change in a stable update,
so use only 2 components in both.
2019-05-19 14:48:13 +01:00
Ben Hutchings
a6879552b5
Drop unnecessary changes from "libbpf: add SONAME to shared object"
...
It's not necessary to delete the definitions of the variables that
become unused. Nor is it necessary to move the definition of
LIBBPF_VERSION before LIB_FILES, because the latter is defined
as recursively expanded (i.e. its variable references are not
immediately expanded).
This makes the actual change we're making clearer, and should
reduce the future work to maintain this patch.
2019-05-19 14:36:25 +01:00
Ben Hutchings
9329ccdf87
[powerpc*] 64s: Include cpu header (fixes FTBFS)
2019-05-15 23:07:44 +01:00
Ben Hutchings
85eddd4dd2
Prepare to release linux (4.19.37-2).
2019-05-14 17:34:46 +01:00
Ben Hutchings
4abc99e835
[x86] linux-cpupower: Update CPPFLAGS for change in <asm/msr-index.h>
2019-05-14 17:34:29 +01:00
Ben Hutchings
1565dc00f4
[x86] Mitigate Microarchitectural Data Sampling (MDS) vulnerabilities
...
Together with a microcode update, this mitigates CVE-2018-12126,
CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091.
2019-05-10 12:03:12 +01:00
Ben Hutchings
98cbc347d3
debian/bin: Fix Python static checker regressions ( Closes : #928618 )
2019-05-07 21:04:05 +01:00
Ben Hutchings
5ece558b8d
Prepare to release linux (4.19.37-1).
2019-05-05 19:32:32 +01:00
Ben Hutchings
ece5b4e4cd
mm,fs: Prevent page refcount overflow (CVE-2019-11487)
2019-05-05 15:44:05 +01:00
Ben Hutchings
83f5e0f1ef
tracing: Fix buffer_ref pipe ops
...
This is preparation for fixing CVE-2019-11487.
2019-05-05 15:42:32 +01:00