summaryrefslogtreecommitdiffstats
path: root/freed-ora/current/f22/kernel.spec
diff options
context:
space:
mode:
Diffstat (limited to 'freed-ora/current/f22/kernel.spec')
-rw-r--r--freed-ora/current/f22/kernel.spec131
1 files changed, 51 insertions, 80 deletions
diff --git a/freed-ora/current/f22/kernel.spec b/freed-ora/current/f22/kernel.spec
index d86f21397..c7e027659 100644
--- a/freed-ora/current/f22/kernel.spec
+++ b/freed-ora/current/f22/kernel.spec
@@ -40,7 +40,7 @@ Summary: The Linux kernel
# For non-released -rc kernels, this will be appended after the rcX and
# gitX tags, so a 3 here would become part of release "0.rcX.gitX.3"
#
-%global baserelease 201
+%global baserelease 200
%global fedora_build %{baserelease}
# base_sublevel is the kernel version we're starting with and patching
@@ -90,7 +90,7 @@ Summary: The Linux kernel
%if 0%{?released_kernel}
# Do we have a -stable update to apply?
-%define stable_update 6
+%define stable_update 7
# Set rpm version accordingly
%if 0%{?stable_update}
%define stablerev %{stable_update}
@@ -672,9 +672,6 @@ Patch660: 0001-drm-i915-Pretend-cursor-is-always-on-for-ILK-style-W.patch
#rhbz 1316719
Patch662: 0001-cdc-acm-fix-NULL-pointer-reference.patch
-#rhbz 1316136
-Patch663: USB-serial-ftdi_sio-Add-support-for-ICP-DAS-I-756xU-.patch
-
#CVE-2016-3135 rhbz 1317386 1317387
Patch664: netfilter-x_tables-check-for-size-overflow.patch
@@ -684,51 +681,30 @@ Patch665: netfilter-x_tables-deal-with-bogus-nextoffset-values.patch
#CVE-2016-3135 rhbz 1318172 1318270
Patch666: ipv4-Dont-do-expensive-useless-work-during-inetdev-des.patch
-#CVE-2016-2184 rhbz 1317012 1317470
-Patch670: ALSA-usb-audio-Fix-NULL-dereference-in-create_fixed_.patch
-Patch671: ALSA-usb-audio-Add-sanity-checks-for-endpoint-access.patch
-
-#CVE-2016-3137 rhbz 1317010 1316996
-Patch672: cypress_m8-add-sanity-checking.patch
-
-#CVE-2016-2186 rhbz 1317015 1317464
-Patch673: USB-input-powermate-fix-oops-with-malicious-USB-desc.patch
-
-#CVE-2016-2188 rhbz 1317018 1317467
-Patch674: USB-iowarrior-fix-oops-with-malicious-USB-descriptor.patch
-
-#CVE-2016-2185 rhbz 1317014 1317471
-Patch675: usb_driver_claim_interface-add-sanity-checking.patch
-Patch669: Input-ati_remote2-fix-crashes-on-detecting-device-wi.patch
-
-#CVE-2016-3138 rhbz 1317010 1316204
-Patch676: cdc-acm-more-sanity-checking.patch
-
-#CVE-2016-3140 rhbz 1317010 1316995
-Patch677: digi_acceleport-do-sanity-checking-for-the-number-of.patch
-
-Patch678: ims-pcu-sanity-check-against-missing-interfaces.patch
-
#rhbz 1315013
Patch679: 0001-uas-Limit-qdepth-at-the-scsi-host-level.patch
-#rhbz 1317190
-Patch680: thermal-fix.patch
-
-#rhbz 1318079
-Patch681: 0001-Input-synaptics-handle-spurious-release-of-trackstic.patch
-
#CVE-2016-2187 rhbz 1317017 1317010
Patch686: input-gtco-fix-crash-on-detecting-device-without-end.patch
-#CVE-2016-3136 rhbz 1317007 1317010
-Patch687: mct_u232-sanity-checking-in-probe.patch
-
#rhbz 1295646
Patch688: 09-29-drm-udl-Use-unlocked-gem-unreferencing.patch
-# CVE-2016-3157 rhbz 1315711 1321948
-Patch689: x86-iopl-64-Properly-context-switch-IOPL-on-Xen-PV.patch
+# CVE-2016-3672 rhbz 1324749 1324750
+Patch690: x86-mm-32-Enable-full-randomization-on-i386-and-X86_.patch
+
+#CVE-2015-8839 rhbz 1323577 1323579
+Patch691: ext4-fix-races-between-page-faults-and-hole-punching.patch
+Patch692: ext4-move-unlocked-dio-protection-from-ext4_alloc_fi.patch
+Patch693: ext4-fix-races-between-buffered-IO-and-collapse-inse.patch
+Patch694: ext4-fix-races-of-writeback-with-punch-hole-and-zero.patch
+
+#CVE-2016-3951 rhbz 1324782 1324815
+Patch695: cdc_ncm-do-not-call-usbnet_link_change-from-cdc_ncm_.patch
+Patch696: usbnet-cleanup-after-bind-in-probe.patch
+
+#rhbz 1317116
+Patch697: HID-wacom-fix-Bamboo-ONE-oops.patch
# END OF PATCH DEFINITIONS
%endif
@@ -1502,9 +1478,6 @@ ApplyPatch 0001-drm-i915-Pretend-cursor-is-always-on-for-ILK-style-W.patch
ApplyPatch 0001-cdc-acm-fix-NULL-pointer-reference.patch
-#rhbz 1316136
-ApplyPatch USB-serial-ftdi_sio-Add-support-for-ICP-DAS-I-756xU-.patch
-
#CVE-2016-3135 rhbz 1317386 1317387
ApplyPatch netfilter-x_tables-check-for-size-overflow.patch
@@ -1514,51 +1487,30 @@ ApplyPatch netfilter-x_tables-deal-with-bogus-nextoffset-values.patch
#CVE-2016-3135 rhbz 1318172 1318270
ApplyPatch ipv4-Dont-do-expensive-useless-work-during-inetdev-des.patch
-#CVE-2016-2184 rhbz 1317012 1317470
-ApplyPatch ALSA-usb-audio-Fix-NULL-dereference-in-create_fixed_.patch
-ApplyPatch ALSA-usb-audio-Add-sanity-checks-for-endpoint-access.patch
-
-#CVE-2016-3137 rhbz 1317010 1316996
-ApplyPatch cypress_m8-add-sanity-checking.patch
-
-#CVE-2016-2186 rhbz 1317015 1317464
-ApplyPatch USB-input-powermate-fix-oops-with-malicious-USB-desc.patch
-
-#CVE-2016-2188 rhbz 1317018 1317467
-ApplyPatch USB-iowarrior-fix-oops-with-malicious-USB-descriptor.patch
-
-#CVE-2016-2185 rhbz 1317014 1317471
-ApplyPatch usb_driver_claim_interface-add-sanity-checking.patch
-ApplyPatch Input-ati_remote2-fix-crashes-on-detecting-device-wi.patch
-
-#CVE-2016-3138 rhbz 1317010 1316204
-ApplyPatch cdc-acm-more-sanity-checking.patch
-
-#CVE-2016-3140 rhbz 1317010 1316995
-ApplyPatch digi_acceleport-do-sanity-checking-for-the-number-of.patch
-
-ApplyPatch ims-pcu-sanity-check-against-missing-interfaces.patch
-
#rhbz 1315013
ApplyPatch 0001-uas-Limit-qdepth-at-the-scsi-host-level.patch
-#rhbz 1317190
-ApplyPatch thermal-fix.patch
-
-#rhbz 1318079
-ApplyPatch 0001-Input-synaptics-handle-spurious-release-of-trackstic.patch
-
#CVE-2016-2187 rhbz 1317017 1317010
ApplyPatch input-gtco-fix-crash-on-detecting-device-without-end.patch
-#CVE-2016-3136 rhbz 1317007 1317010
-ApplyPatch mct_u232-sanity-checking-in-probe.patch
-
#rhbz 1295646
ApplyPatch 09-29-drm-udl-Use-unlocked-gem-unreferencing.patch
-# CVE-2016-3157 rhbz 1315711 1321948
-ApplyPatch x86-iopl-64-Properly-context-switch-IOPL-on-Xen-PV.patch
+# CVE-2016-3672 rhbz 1324749 1324750
+ApplyPatch x86-mm-32-Enable-full-randomization-on-i386-and-X86_.patch
+
+#CVE-2015-8839 rhbz 1323577 1323579
+ApplyPatch ext4-fix-races-between-page-faults-and-hole-punching.patch
+ApplyPatch ext4-move-unlocked-dio-protection-from-ext4_alloc_fi.patch
+ApplyPatch ext4-fix-races-between-buffered-IO-and-collapse-inse.patch
+ApplyPatch ext4-fix-races-of-writeback-with-punch-hole-and-zero.patch
+
+#CVE-2016-3951 rhbz 1324782 1324815
+ApplyPatch cdc_ncm-do-not-call-usbnet_link_change-from-cdc_ncm_.patch
+ApplyPatch usbnet-cleanup-after-bind-in-probe.patch
+
+#rhbz 1317116
+ApplyPatch HID-wacom-fix-Bamboo-ONE-oops.patch
# END OF PATCH APPLICATIONS
@@ -2422,6 +2374,25 @@ fi
#
#
%changelog
+* Wed Apr 13 2016 Alexandre Oliva <lxoliva@fsfla.org> -libre
+- GNU Linux-libre 4.4.7-gnu.
+
+* Tue Apr 12 2016 Laura Abbott <labbott@redhat.com> - 4.4.7-200
+- Linux v4.4.7
+
+* Tue Apr 12 2016 Josh Boyer <jwboyer@fedoraproject.org>
+- Fix Bamboo ONE issues (rhbz 1317116)
+
+* Mon Apr 11 2016 Josh Boyer <jwboyer@fedoraproject.org>
+- CVE-2016-3951 usbnet: crash on invalid USB descriptors (rhbz 1324782 1324815)
+- CVE-2015-8839 ext4: data corruption due to punch hole races (rhbz 1323577 1323579)
+
+* Thu Apr 07 2016 Justin M. Forbes <jforbes@fedoraproject.org>
+- Enable Full Randomization on 32bit x86 CVE-2016-3672 (rhbz 1324749 1324750)
+`
+* Thu Mar 31 2016 Josh Boyer <jwboyer@fedoraproject.org>
+- Add two more patches for CVE-2016-2184
+
* Wed Mar 30 2016 Laura Abbott <labbott@redhat.com> - 4.4.6-201
- Bump and build
OpenPOWER on IntegriCloud