diff options
Diffstat (limited to 'kernel.spec')
-rw-r--r-- | kernel.spec | 75 |
1 files changed, 5 insertions, 70 deletions
diff --git a/kernel.spec b/kernel.spec index de88b520..b5a08182 100644 --- a/kernel.spec +++ b/kernel.spec @@ -42,7 +42,7 @@ Summary: The Linux kernel # For non-released -rc kernels, this will be appended after the rcX and # gitX tags, so a 3 here would become part of release "0.rcX.gitX.3" # -%global baserelease 301 +%global baserelease 300 %global fedora_build %{baserelease} # base_sublevel is the kernel version we're starting with and patching @@ -54,7 +54,7 @@ Summary: The Linux kernel %if 0%{?released_kernel} # Do we have a -stable update to apply? -%define stable_update 7 +%define stable_update 8 # Set rpm version accordingly %if 0%{?stable_update} %define stablerev %{stable_update} @@ -624,9 +624,6 @@ Patch26058: asus-nb-wmi-Add-wapf4-quirk-for-the-X550VB.patch #rhbz 1135338 Patch26090: HID-add-support-for-MS-Surface-Pro-3-Type-Cover.patch -#CVE-2014-8134 rhbz 1172765 1172769 -Patch26091: x86-kvm-Clear-paravirt_enabled-on-KVM-guests-for-esp.patch - #rhbz 1164945 Patch26092: xhci-Add-broken-streams-quirk-for-Fresco-Logic-FL100.patch Patch26093: uas-Add-US_FL_NO_ATA_1X-for-Seagate-devices-with-usb.patch @@ -635,9 +632,6 @@ Patch26094: uas-Add-US_FL_NO_REPORT_OPCODES-for-JMicron-JMS566-w.patch #rhbz 1172543 Patch26096: cfg80211-don-t-WARN-about-two-consecutive-Country-IE.patch -#CVE-2014-8133 rhbz 1172797 1174374 -Patch26100: x86-tls-Validate-TLS-entries-to-protect-espfix.patch - #rhbz 1173806 Patch26101: powerpc-powernv-force-all-CPUs-to-be-bootable.patch @@ -645,43 +639,15 @@ Patch26101: powerpc-powernv-force-all-CPUs-to-be-bootable.patch Patch26098: move-d_rcu-from-overlapping-d_child-to-overlapping-d.patch Patch26099: deal-with-deadlock-in-d_walk.patch -#CVE-2014-XXXX rhbz 1175235 1175250 -Patch26102: isofs-Fix-infinite-looping-over-CE-entries.patch - #rhbz 1175261 Patch26103: blk-mq-Fix-uninitialized-kobject-at-CPU-hotplugging.patch -#rhbz 1168434 -Patch26104: dm-cache-only-use-overwrite-optimisation-for-promoti.patch -Patch26105: dm-cache-dirty-flag-was-mistakenly-being-cleared-whe.patch -Patch26106: dm-cache-fix-spurious-cell_defer-when-dealing-with-p.patch - -#mount fixes for stable -Patch26108: mnt-Implicitly-add-MNT_NODEV-on-remount-when-it-was-.patch -Patch26109: mnt-Update-unprivileged-remount-test.patch -Patch26110: umount-Disallow-unprivileged-mount-force.patch - -#CVE-2014-8989 rhbz 1170684 1170688 -Patch26111: groups-Consolidate-the-setgroups-permission-checks.patch -Patch26112: userns-Document-what-the-invariant-required-for-safe.patch -Patch26113: userns-Don-t-allow-setgroups-until-a-gid-mapping-has.patch -Patch26114: userns-Don-t-allow-unprivileged-creation-of-gid-mapp.patch -Patch26115: userns-Check-euid-no-fsuid-when-establishing-an-unpr.patch -Patch26116: userns-Only-allow-the-creator-of-the-userns-unprivil.patch -Patch26117: userns-Rename-id_map_mutex-to-userns_state_mutex.patch -Patch26118: userns-Add-a-knob-to-disable-setgroups-on-a-per-user.patch -Patch26119: userns-Allow-setting-gid_maps-without-privilege-when.patch -Patch26120: userns-Unbreak-the-unprivileged-remount-tests.patch - #rhbz 1163927 Patch26121: Set-UID-in-sess_auth_rawntlmssp_authenticate-too.patch #CVE-2014-9428 rhbz 1178826,1178833 Patch26122: batman-adv-Calculate-extra-tail-size-based-on-queued.patch -#CVE-2014-9419 rhbz 1177260,1177263 -Patch26123: x86_64-switch_to-Load-TLS-descriptors-before-switchi.patch - #CVE-2014-9529 rhbz 1179813 1179853 Patch26124: KEYS-close-race-between-key-lookup-and-freeing.patch @@ -1418,9 +1384,6 @@ ApplyPatch asus-nb-wmi-Add-wapf4-quirk-for-the-X550VB.patch #rhbz 1135338 ApplyPatch HID-add-support-for-MS-Surface-Pro-3-Type-Cover.patch -#CVE-2014-8134 rhbz 1172765 1172769 -ApplyPatch x86-kvm-Clear-paravirt_enabled-on-KVM-guests-for-esp.patch - #rhbz 1164945 ApplyPatch xhci-Add-broken-streams-quirk-for-Fresco-Logic-FL100.patch ApplyPatch uas-Add-US_FL_NO_ATA_1X-for-Seagate-devices-with-usb.patch @@ -1429,9 +1392,6 @@ ApplyPatch uas-Add-US_FL_NO_REPORT_OPCODES-for-JMicron-JMS566-w.patch #rhbz 1172543 ApplyPatch cfg80211-don-t-WARN-about-two-consecutive-Country-IE.patch -#CVE-2014-8133 rhbz 1172797 1174374 -ApplyPatch x86-tls-Validate-TLS-entries-to-protect-espfix.patch - #rhbz 1173806 ApplyPatch powerpc-powernv-force-all-CPUs-to-be-bootable.patch @@ -1439,43 +1399,15 @@ ApplyPatch powerpc-powernv-force-all-CPUs-to-be-bootable.patch ApplyPatch move-d_rcu-from-overlapping-d_child-to-overlapping-d.patch ApplyPatch deal-with-deadlock-in-d_walk.patch -#CVE-2014-XXXX rhbz 1175235 1175250 -ApplyPatch isofs-Fix-infinite-looping-over-CE-entries.patch - #rhbz 1175261 ApplyPatch blk-mq-Fix-uninitialized-kobject-at-CPU-hotplugging.patch -#rhbz 1168434 -ApplyPatch dm-cache-only-use-overwrite-optimisation-for-promoti.patch -ApplyPatch dm-cache-dirty-flag-was-mistakenly-being-cleared-whe.patch -ApplyPatch dm-cache-fix-spurious-cell_defer-when-dealing-with-p.patch - -#mount fixes for stable -ApplyPatch mnt-Implicitly-add-MNT_NODEV-on-remount-when-it-was-.patch -ApplyPatch mnt-Update-unprivileged-remount-test.patch -ApplyPatch umount-Disallow-unprivileged-mount-force.patch - -#CVE-2014-8989 rhbz 1170684 1170688 -ApplyPatch groups-Consolidate-the-setgroups-permission-checks.patch -ApplyPatch userns-Document-what-the-invariant-required-for-safe.patch -ApplyPatch userns-Don-t-allow-setgroups-until-a-gid-mapping-has.patch -ApplyPatch userns-Don-t-allow-unprivileged-creation-of-gid-mapp.patch -ApplyPatch userns-Check-euid-no-fsuid-when-establishing-an-unpr.patch -ApplyPatch userns-Only-allow-the-creator-of-the-userns-unprivil.patch -ApplyPatch userns-Rename-id_map_mutex-to-userns_state_mutex.patch -ApplyPatch userns-Add-a-knob-to-disable-setgroups-on-a-per-user.patch -ApplyPatch userns-Allow-setting-gid_maps-without-privilege-when.patch -ApplyPatch userns-Unbreak-the-unprivileged-remount-tests.patch - #rhbz 1163927 ApplyPatch Set-UID-in-sess_auth_rawntlmssp_authenticate-too.patch #CVE-2014-9428 rhbz 1178826,1178833 ApplyPatch batman-adv-Calculate-extra-tail-size-based-on-queued.patch -#CVE-2014-9419 rhbz 1177260,1177263 -ApplyPatch x86_64-switch_to-Load-TLS-descriptors-before-switchi.patch - #CVE-2014-9529 rhbz 1179813 1179853 ApplyPatch KEYS-close-race-between-key-lookup-and-freeing.patch @@ -2353,6 +2285,9 @@ fi # ||----w | # || || %changelog +* Thu Jan 08 2015 Justin M. Forbes <jforbes@fedoraproject.org> - 3.17.8-300 +- Linux v3.17.8 + * Wed Jan 07 2015 Josh Boyer <jwboyer@fedoraproject.org> - CVE-2014-9529 memory corruption or panic during key gc (rhbz 1179813 1179853) - Enable POWERCAP and INTEL_RAPL |