1 files changed, 5 insertions, 70 deletions
diff --git a/kernel.spec b/kernel.spec
index de88b520..b5a08182 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -42,7 +42,7 @@ Summary: The Linux kernel
 # For non-released -rc kernels, this will be appended after the rcX and
 # gitX tags, so a 3 here would become part of release "0.rcX.gitX.3"
 #
-%global baserelease 301
+%global baserelease 300
 %global fedora_build %{baserelease}
 
 # base_sublevel is the kernel version we're starting with and patching
@@ -54,7 +54,7 @@ Summary: The Linux kernel
 %if 0%{?released_kernel}
 
 # Do we have a -stable update to apply?
-%define stable_update 7
+%define stable_update 8
 # Set rpm version accordingly
 %if 0%{?stable_update}
 %define stablerev %{stable_update}
@@ -624,9 +624,6 @@ Patch26058: asus-nb-wmi-Add-wapf4-quirk-for-the-X550VB.patch
 #rhbz 1135338
 Patch26090: HID-add-support-for-MS-Surface-Pro-3-Type-Cover.patch
 
-#CVE-2014-8134 rhbz 1172765 1172769
-Patch26091: x86-kvm-Clear-paravirt_enabled-on-KVM-guests-for-esp.patch
-
 #rhbz 1164945
 Patch26092: xhci-Add-broken-streams-quirk-for-Fresco-Logic-FL100.patch
 Patch26093: uas-Add-US_FL_NO_ATA_1X-for-Seagate-devices-with-usb.patch
@@ -635,9 +632,6 @@ Patch26094: uas-Add-US_FL_NO_REPORT_OPCODES-for-JMicron-JMS566-w.patch
 #rhbz 1172543
 Patch26096: cfg80211-don-t-WARN-about-two-consecutive-Country-IE.patch
 
-#CVE-2014-8133 rhbz 1172797 1174374
-Patch26100: x86-tls-Validate-TLS-entries-to-protect-espfix.patch
-
 #rhbz 1173806
 Patch26101: powerpc-powernv-force-all-CPUs-to-be-bootable.patch
 
@@ -645,43 +639,15 @@ Patch26101: powerpc-powernv-force-all-CPUs-to-be-bootable.patch
 Patch26098: move-d_rcu-from-overlapping-d_child-to-overlapping-d.patch
 Patch26099: deal-with-deadlock-in-d_walk.patch
 
-#CVE-2014-XXXX rhbz 1175235 1175250
-Patch26102: isofs-Fix-infinite-looping-over-CE-entries.patch
-
 #rhbz 1175261
 Patch26103: blk-mq-Fix-uninitialized-kobject-at-CPU-hotplugging.patch
 
-#rhbz 1168434
-Patch26104: dm-cache-only-use-overwrite-optimisation-for-promoti.patch
-Patch26105: dm-cache-dirty-flag-was-mistakenly-being-cleared-whe.patch
-Patch26106: dm-cache-fix-spurious-cell_defer-when-dealing-with-p.patch
-
-#mount fixes for stable
-Patch26108: mnt-Implicitly-add-MNT_NODEV-on-remount-when-it-was-.patch
-Patch26109: mnt-Update-unprivileged-remount-test.patch
-Patch26110: umount-Disallow-unprivileged-mount-force.patch
-
-#CVE-2014-8989 rhbz 1170684 1170688
-Patch26111: groups-Consolidate-the-setgroups-permission-checks.patch
-Patch26112: userns-Document-what-the-invariant-required-for-safe.patch
-Patch26113: userns-Don-t-allow-setgroups-until-a-gid-mapping-has.patch
-Patch26114: userns-Don-t-allow-unprivileged-creation-of-gid-mapp.patch
-Patch26115: userns-Check-euid-no-fsuid-when-establishing-an-unpr.patch
-Patch26116: userns-Only-allow-the-creator-of-the-userns-unprivil.patch
-Patch26117: userns-Rename-id_map_mutex-to-userns_state_mutex.patch
-Patch26118: userns-Add-a-knob-to-disable-setgroups-on-a-per-user.patch
-Patch26119: userns-Allow-setting-gid_maps-without-privilege-when.patch
-Patch26120: userns-Unbreak-the-unprivileged-remount-tests.patch
-
 #rhbz 1163927
 Patch26121: Set-UID-in-sess_auth_rawntlmssp_authenticate-too.patch
 
 #CVE-2014-9428 rhbz 1178826,1178833
 Patch26122: batman-adv-Calculate-extra-tail-size-based-on-queued.patch
 
-#CVE-2014-9419 rhbz 1177260,1177263
-Patch26123: x86_64-switch_to-Load-TLS-descriptors-before-switchi.patch
-
 #CVE-2014-9529 rhbz 1179813 1179853
 Patch26124: KEYS-close-race-between-key-lookup-and-freeing.patch
 
@@ -1418,9 +1384,6 @@ ApplyPatch asus-nb-wmi-Add-wapf4-quirk-for-the-X550VB.patch
 #rhbz 1135338
 ApplyPatch HID-add-support-for-MS-Surface-Pro-3-Type-Cover.patch
 
-#CVE-2014-8134 rhbz 1172765 1172769
-ApplyPatch x86-kvm-Clear-paravirt_enabled-on-KVM-guests-for-esp.patch
-
 #rhbz 1164945
 ApplyPatch xhci-Add-broken-streams-quirk-for-Fresco-Logic-FL100.patch
 ApplyPatch uas-Add-US_FL_NO_ATA_1X-for-Seagate-devices-with-usb.patch
@@ -1429,9 +1392,6 @@ ApplyPatch uas-Add-US_FL_NO_REPORT_OPCODES-for-JMicron-JMS566-w.patch
 #rhbz 1172543
 ApplyPatch cfg80211-don-t-WARN-about-two-consecutive-Country-IE.patch
 
-#CVE-2014-8133 rhbz 1172797 1174374
-ApplyPatch x86-tls-Validate-TLS-entries-to-protect-espfix.patch
-
 #rhbz 1173806
 ApplyPatch powerpc-powernv-force-all-CPUs-to-be-bootable.patch
 
@@ -1439,43 +1399,15 @@ ApplyPatch powerpc-powernv-force-all-CPUs-to-be-bootable.patch
 ApplyPatch move-d_rcu-from-overlapping-d_child-to-overlapping-d.patch
 ApplyPatch deal-with-deadlock-in-d_walk.patch
 
-#CVE-2014-XXXX rhbz 1175235 1175250
-ApplyPatch isofs-Fix-infinite-looping-over-CE-entries.patch
-
 #rhbz 1175261
 ApplyPatch blk-mq-Fix-uninitialized-kobject-at-CPU-hotplugging.patch
 
-#rhbz 1168434
-ApplyPatch dm-cache-only-use-overwrite-optimisation-for-promoti.patch
-ApplyPatch dm-cache-dirty-flag-was-mistakenly-being-cleared-whe.patch
-ApplyPatch dm-cache-fix-spurious-cell_defer-when-dealing-with-p.patch
-
-#mount fixes for stable
-ApplyPatch mnt-Implicitly-add-MNT_NODEV-on-remount-when-it-was-.patch
-ApplyPatch mnt-Update-unprivileged-remount-test.patch
-ApplyPatch umount-Disallow-unprivileged-mount-force.patch
-
-#CVE-2014-8989 rhbz 1170684 1170688
-ApplyPatch groups-Consolidate-the-setgroups-permission-checks.patch
-ApplyPatch userns-Document-what-the-invariant-required-for-safe.patch
-ApplyPatch userns-Don-t-allow-setgroups-until-a-gid-mapping-has.patch
-ApplyPatch userns-Don-t-allow-unprivileged-creation-of-gid-mapp.patch
-ApplyPatch userns-Check-euid-no-fsuid-when-establishing-an-unpr.patch
-ApplyPatch userns-Only-allow-the-creator-of-the-userns-unprivil.patch
-ApplyPatch userns-Rename-id_map_mutex-to-userns_state_mutex.patch
-ApplyPatch userns-Add-a-knob-to-disable-setgroups-on-a-per-user.patch
-ApplyPatch userns-Allow-setting-gid_maps-without-privilege-when.patch
-ApplyPatch userns-Unbreak-the-unprivileged-remount-tests.patch
-
 #rhbz 1163927
 ApplyPatch Set-UID-in-sess_auth_rawntlmssp_authenticate-too.patch
 
 #CVE-2014-9428 rhbz 1178826,1178833
 ApplyPatch batman-adv-Calculate-extra-tail-size-based-on-queued.patch
 
-#CVE-2014-9419 rhbz 1177260,1177263
-ApplyPatch x86_64-switch_to-Load-TLS-descriptors-before-switchi.patch
-
 #CVE-2014-9529 rhbz 1179813 1179853
 ApplyPatch KEYS-close-race-between-key-lookup-and-freeing.patch
 
@@ -2353,6 +2285,9 @@ fi
 #                                    ||----w |
 #                                    ||     ||
 %changelog
+* Thu Jan 08 2015 Justin M. Forbes <jforbes@fedoraproject.org> - 3.17.8-300
+- Linux v3.17.8
+
 * Wed Jan 07 2015 Josh Boyer <jwboyer@fedoraproject.org>
 - CVE-2014-9529 memory corruption or panic during key gc (rhbz 1179813 1179853)
 - Enable POWERCAP and INTEL_RAPL