diff options
author | Justin M. Forbes <jforbes@fedoraproject.org> | 2018-01-31 09:18:39 -0600 |
---|---|---|
committer | Justin M. Forbes <jforbes@fedoraproject.org> | 2018-01-31 09:18:39 -0600 |
commit | 34149598a0dcd3069cf405c9b8886184d95e084a (patch) | |
tree | 6d6c719507f816d33c71d1a934240d577ebdf402 | |
parent | 65381b04519ff5ac062991816725c12516095d18 (diff) | |
download | kernel-34149598a0dcd3069cf405c9b8886184d95e084a.tar.gz kernel-34149598a0dcd3069cf405c9b8886184d95e084a.tar.xz kernel-34149598a0dcd3069cf405c9b8886184d95e084a.zip |
Linux v4.14.16
-rw-r--r-- | kernel-aarch64-debug.config | 1 | ||||
-rw-r--r-- | kernel-aarch64.config | 1 | ||||
-rw-r--r-- | kernel-armv7hl-debug.config | 1 | ||||
-rw-r--r-- | kernel-armv7hl-lpae-debug.config | 1 | ||||
-rw-r--r-- | kernel-armv7hl-lpae.config | 1 | ||||
-rw-r--r-- | kernel-armv7hl.config | 1 | ||||
-rw-r--r-- | kernel-i686-PAE.config | 1 | ||||
-rw-r--r-- | kernel-i686-PAEdebug.config | 1 | ||||
-rw-r--r-- | kernel-i686-debug.config | 1 | ||||
-rw-r--r-- | kernel-i686.config | 1 | ||||
-rw-r--r-- | kernel-ppc64-debug.config | 1 | ||||
-rw-r--r-- | kernel-ppc64.config | 1 | ||||
-rw-r--r-- | kernel-ppc64le-debug.config | 1 | ||||
-rw-r--r-- | kernel-ppc64le.config | 1 | ||||
-rw-r--r-- | kernel-s390x-debug.config | 1 | ||||
-rw-r--r-- | kernel-s390x.config | 1 | ||||
-rw-r--r-- | kernel-x86_64-debug.config | 1 | ||||
-rw-r--r-- | kernel-x86_64.config | 1 | ||||
-rw-r--r-- | kernel.spec | 16 | ||||
-rw-r--r-- | netfilter-nfnetlink_cthelper-Add-missing-permission-.patch | 78 | ||||
-rw-r--r-- | netfilter-xt_osf-Add-missing-permission-checks.patch | 59 | ||||
-rw-r--r-- | revert-module-add-retpoline-tag-to-vermagic.patch | 52 | ||||
-rw-r--r-- | sources | 2 |
23 files changed, 24 insertions, 201 deletions
diff --git a/kernel-aarch64-debug.config b/kernel-aarch64-debug.config index 02f5f79d0..0c11cb1bb 100644 --- a/kernel-aarch64-debug.config +++ b/kernel-aarch64-debug.config @@ -592,6 +592,7 @@ CONFIG_BONDING=m CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC_VALUE=0 CONFIG_BOOT_PRINTK_DELAY=y CONFIG_BOUNCE=y +CONFIG_BPF_JIT_ALWAYS_ON=y CONFIG_BPF_JIT=y CONFIG_BPF_STREAM_PARSER=y CONFIG_BPF_SYSCALL=y diff --git a/kernel-aarch64.config b/kernel-aarch64.config index a2ccf0168..2abce37a2 100644 --- a/kernel-aarch64.config +++ b/kernel-aarch64.config @@ -592,6 +592,7 @@ CONFIG_BONDING=m CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC_VALUE=0 CONFIG_BOOT_PRINTK_DELAY=y CONFIG_BOUNCE=y +CONFIG_BPF_JIT_ALWAYS_ON=y CONFIG_BPF_JIT=y CONFIG_BPF_STREAM_PARSER=y CONFIG_BPF_SYSCALL=y diff --git a/kernel-armv7hl-debug.config b/kernel-armv7hl-debug.config index 4e01ac447..57e85ef32 100644 --- a/kernel-armv7hl-debug.config +++ b/kernel-armv7hl-debug.config @@ -635,6 +635,7 @@ CONFIG_BONDING=m # CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC is not set CONFIG_BOOT_PRINTK_DELAY=y CONFIG_BOUNCE=y +CONFIG_BPF_JIT_ALWAYS_ON=y CONFIG_BPF_JIT=y CONFIG_BPF_STREAM_PARSER=y CONFIG_BPF_SYSCALL=y diff --git a/kernel-armv7hl-lpae-debug.config b/kernel-armv7hl-lpae-debug.config index 1afeb9459..15bb7e2d7 100644 --- a/kernel-armv7hl-lpae-debug.config +++ b/kernel-armv7hl-lpae-debug.config @@ -611,6 +611,7 @@ CONFIG_BONDING=m # CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC is not set CONFIG_BOOT_PRINTK_DELAY=y CONFIG_BOUNCE=y +CONFIG_BPF_JIT_ALWAYS_ON=y CONFIG_BPF_JIT=y CONFIG_BPF_STREAM_PARSER=y CONFIG_BPF_SYSCALL=y diff --git a/kernel-armv7hl-lpae.config b/kernel-armv7hl-lpae.config index 4f6102b18..c7821bee5 100644 --- a/kernel-armv7hl-lpae.config +++ b/kernel-armv7hl-lpae.config @@ -610,6 +610,7 @@ CONFIG_BONDING=m # CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC is not set CONFIG_BOOT_PRINTK_DELAY=y CONFIG_BOUNCE=y +CONFIG_BPF_JIT_ALWAYS_ON=y CONFIG_BPF_JIT=y CONFIG_BPF_STREAM_PARSER=y CONFIG_BPF_SYSCALL=y diff --git a/kernel-armv7hl.config b/kernel-armv7hl.config index 47c12642f..dbe60efc9 100644 --- a/kernel-armv7hl.config +++ b/kernel-armv7hl.config @@ -634,6 +634,7 @@ CONFIG_BONDING=m # CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC is not set CONFIG_BOOT_PRINTK_DELAY=y CONFIG_BOUNCE=y +CONFIG_BPF_JIT_ALWAYS_ON=y CONFIG_BPF_JIT=y CONFIG_BPF_STREAM_PARSER=y CONFIG_BPF_SYSCALL=y diff --git a/kernel-i686-PAE.config b/kernel-i686-PAE.config index c730bf1f6..8e97918bf 100644 --- a/kernel-i686-PAE.config +++ b/kernel-i686-PAE.config @@ -502,6 +502,7 @@ CONFIG_BONDING=m # CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC is not set CONFIG_BOOT_PRINTK_DELAY=y CONFIG_BOUNCE=y +CONFIG_BPF_JIT_ALWAYS_ON=y CONFIG_BPF_JIT=y CONFIG_BPF_STREAM_PARSER=y CONFIG_BPF_SYSCALL=y diff --git a/kernel-i686-PAEdebug.config b/kernel-i686-PAEdebug.config index 1690e7ebf..78dfbe2fa 100644 --- a/kernel-i686-PAEdebug.config +++ b/kernel-i686-PAEdebug.config @@ -503,6 +503,7 @@ CONFIG_BONDING=m # CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC is not set CONFIG_BOOT_PRINTK_DELAY=y CONFIG_BOUNCE=y +CONFIG_BPF_JIT_ALWAYS_ON=y CONFIG_BPF_JIT=y CONFIG_BPF_STREAM_PARSER=y CONFIG_BPF_SYSCALL=y diff --git a/kernel-i686-debug.config b/kernel-i686-debug.config index 0a12c0a41..e20b5ff36 100644 --- a/kernel-i686-debug.config +++ b/kernel-i686-debug.config @@ -503,6 +503,7 @@ CONFIG_BONDING=m # CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC is not set CONFIG_BOOT_PRINTK_DELAY=y CONFIG_BOUNCE=y +CONFIG_BPF_JIT_ALWAYS_ON=y CONFIG_BPF_JIT=y CONFIG_BPF_STREAM_PARSER=y CONFIG_BPF_SYSCALL=y diff --git a/kernel-i686.config b/kernel-i686.config index f90e98970..daba49a64 100644 --- a/kernel-i686.config +++ b/kernel-i686.config @@ -502,6 +502,7 @@ CONFIG_BONDING=m # CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC is not set CONFIG_BOOT_PRINTK_DELAY=y CONFIG_BOUNCE=y +CONFIG_BPF_JIT_ALWAYS_ON=y CONFIG_BPF_JIT=y CONFIG_BPF_STREAM_PARSER=y CONFIG_BPF_SYSCALL=y diff --git a/kernel-ppc64-debug.config b/kernel-ppc64-debug.config index d26f38b06..469584e37 100644 --- a/kernel-ppc64-debug.config +++ b/kernel-ppc64-debug.config @@ -489,6 +489,7 @@ CONFIG_BONDING=m CONFIG_BOOT_PRINTK_DELAY=y CONFIG_BOOTX_TEXT=y CONFIG_BOUNCE=y +CONFIG_BPF_JIT_ALWAYS_ON=y CONFIG_BPF_JIT=y CONFIG_BPF_STREAM_PARSER=y CONFIG_BPF_SYSCALL=y diff --git a/kernel-ppc64.config b/kernel-ppc64.config index c981069df..485180a7a 100644 --- a/kernel-ppc64.config +++ b/kernel-ppc64.config @@ -488,6 +488,7 @@ CONFIG_BONDING=m CONFIG_BOOT_PRINTK_DELAY=y CONFIG_BOOTX_TEXT=y CONFIG_BOUNCE=y +CONFIG_BPF_JIT_ALWAYS_ON=y CONFIG_BPF_JIT=y CONFIG_BPF_STREAM_PARSER=y CONFIG_BPF_SYSCALL=y diff --git a/kernel-ppc64le-debug.config b/kernel-ppc64le-debug.config index 6ffb04406..f39293c95 100644 --- a/kernel-ppc64le-debug.config +++ b/kernel-ppc64le-debug.config @@ -445,6 +445,7 @@ CONFIG_BONDING=m CONFIG_BOOT_PRINTK_DELAY=y CONFIG_BOOTX_TEXT=y CONFIG_BOUNCE=y +CONFIG_BPF_JIT_ALWAYS_ON=y CONFIG_BPF_JIT=y CONFIG_BPF_STREAM_PARSER=y CONFIG_BPF_SYSCALL=y diff --git a/kernel-ppc64le.config b/kernel-ppc64le.config index b1b5730c3..4baeb6946 100644 --- a/kernel-ppc64le.config +++ b/kernel-ppc64le.config @@ -444,6 +444,7 @@ CONFIG_BONDING=m CONFIG_BOOT_PRINTK_DELAY=y CONFIG_BOOTX_TEXT=y CONFIG_BOUNCE=y +CONFIG_BPF_JIT_ALWAYS_ON=y CONFIG_BPF_JIT=y CONFIG_BPF_STREAM_PARSER=y CONFIG_BPF_SYSCALL=y diff --git a/kernel-s390x-debug.config b/kernel-s390x-debug.config index ddf932706..266657931 100644 --- a/kernel-s390x-debug.config +++ b/kernel-s390x-debug.config @@ -445,6 +445,7 @@ CONFIG_BONDING=m # CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC is not set CONFIG_BOOT_PRINTK_DELAY=y CONFIG_BOUNCE=y +CONFIG_BPF_JIT_ALWAYS_ON=y CONFIG_BPF_JIT=y CONFIG_BPF_STREAM_PARSER=y CONFIG_BPF_SYSCALL=y diff --git a/kernel-s390x.config b/kernel-s390x.config index d7b1ab5c3..58fac0fa1 100644 --- a/kernel-s390x.config +++ b/kernel-s390x.config @@ -444,6 +444,7 @@ CONFIG_BONDING=m # CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC is not set CONFIG_BOOT_PRINTK_DELAY=y CONFIG_BOUNCE=y +CONFIG_BPF_JIT_ALWAYS_ON=y CONFIG_BPF_JIT=y CONFIG_BPF_STREAM_PARSER=y CONFIG_BPF_SYSCALL=y diff --git a/kernel-x86_64-debug.config b/kernel-x86_64-debug.config index 276257ca3..0dde47979 100644 --- a/kernel-x86_64-debug.config +++ b/kernel-x86_64-debug.config @@ -515,6 +515,7 @@ CONFIG_BONDING=m # CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC is not set CONFIG_BOOT_PRINTK_DELAY=y CONFIG_BOUNCE=y +CONFIG_BPF_JIT_ALWAYS_ON=y CONFIG_BPF_JIT=y CONFIG_BPF_STREAM_PARSER=y CONFIG_BPF_SYSCALL=y diff --git a/kernel-x86_64.config b/kernel-x86_64.config index b374723a2..0d4f6ef70 100644 --- a/kernel-x86_64.config +++ b/kernel-x86_64.config @@ -514,6 +514,7 @@ CONFIG_BONDING=m # CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC is not set CONFIG_BOOT_PRINTK_DELAY=y CONFIG_BOUNCE=y +CONFIG_BPF_JIT_ALWAYS_ON=y CONFIG_BPF_JIT=y CONFIG_BPF_STREAM_PARSER=y CONFIG_BPF_SYSCALL=y diff --git a/kernel.spec b/kernel.spec index 816a7ea79..3e11694d7 100644 --- a/kernel.spec +++ b/kernel.spec @@ -42,7 +42,7 @@ Summary: The Linux kernel # For non-released -rc kernels, this will be appended after the rcX and # gitX tags, so a 3 here would become part of release "0.rcX.gitX.3" # -%global baserelease 201 +%global baserelease 200 %global fedora_build %{baserelease} # base_sublevel is the kernel version we're starting with and patching @@ -54,7 +54,7 @@ Summary: The Linux kernel %if 0%{?released_kernel} # Do we have a -stable update to apply? -%define stable_update 15 +%define stable_update 16 # Set rpm version accordingly %if 0%{?stable_update} %define stablerev %{stable_update} @@ -621,20 +621,11 @@ Patch335: arm-exynos-fix-usb3.patch # rbhz 1519591 1520764 Patch500: dccp-CVE-2017-8824-use-after-free-in-DCCP-code.patch -# CVE-2017-17450 -# rhbz 1525761 1525764 -Patch504: netfilter-xt_osf-Add-missing-permission-checks.patch - -# CVE-2017-17448 -# rhbz 1525768 1525769 -Patch505: netfilter-nfnetlink_cthelper-Add-missing-permission-.patch - # CVE-2018-5344 rhbz 1533909 1533911 Patch507: loop-fix-concurrent-lo_open-lo_release.patch # 550-600 Meltdown and Spectre Fixes Patch550: prevent-bounds-check-bypass-via-speculative-execution.patch -Patch551: revert-module-add-retpoline-tag-to-vermagic.patch # 600 - Patches for improved Bay and Cherry Trail device support # Below patches are submitted upstream, awaiting review / merging @@ -2252,6 +2243,9 @@ fi # # %changelog +* Wed Jan 31 2018 Justin M. Forbes <jforbes@fedoraproject.org> - 4.14.16-200 +- Linux v4.14.16 + * Mon Jan 29 2018 Justin M. Forbes <jforbes@fedoraproject.org> - Fix CVE-2018-5750 (rhbz 1539706 1539708) - Fix softlockup (rhbz 1492664 1492665) diff --git a/netfilter-nfnetlink_cthelper-Add-missing-permission-.patch b/netfilter-nfnetlink_cthelper-Add-missing-permission-.patch deleted file mode 100644 index d7d795d00..000000000 --- a/netfilter-nfnetlink_cthelper-Add-missing-permission-.patch +++ /dev/null @@ -1,78 +0,0 @@ -From 56ae5f7c9230c0aa474eef638cf9bf8ae6a79ab1 Mon Sep 17 00:00:00 2001 -From: Kevin Cernekee <cernekee@chromium.org> -Date: Sun, 3 Dec 2017 12:12:45 -0800 -Subject: [PATCH] netfilter: nfnetlink_cthelper: Add missing permission - checks - -The capability check in nfnetlink_rcv() verifies that the caller -has CAP_NET_ADMIN in the namespace that "owns" the netlink socket. -However, nfnl_cthelper_list is shared by all net namespaces on the -system. An unprivileged user can create user and net namespaces -in which he holds CAP_NET_ADMIN to bypass the netlink_net_capable() -check: - - $ nfct helper list - nfct v1.4.4: netlink error: Operation not permitted - $ vpnns -- nfct helper list - { - .name = ftp, - .queuenum = 0, - .l3protonum = 2, - .l4protonum = 6, - .priv_data_len = 24, - .status = enabled, - }; - -Add capable() checks in nfnetlink_cthelper, as this is cleaner than -trying to generalize the solution. - -Signed-off-by: Kevin Cernekee <cernekee@chromium.org> ---- - net/netfilter/nfnetlink_cthelper.c | 10 ++++++++++ - 1 file changed, 10 insertions(+) - -diff --git a/net/netfilter/nfnetlink_cthelper.c b/net/netfilter/nfnetlink_cthelper.c -index 41628b393673..d33ce6d5ebce 100644 ---- a/net/netfilter/nfnetlink_cthelper.c -+++ b/net/netfilter/nfnetlink_cthelper.c -@@ -17,6 +17,7 @@ - #include <linux/types.h> - #include <linux/list.h> - #include <linux/errno.h> -+#include <linux/capability.h> - #include <net/netlink.h> - #include <net/sock.h> - -@@ -407,6 +408,9 @@ static int nfnl_cthelper_new(struct net *net, struct sock *nfnl, - struct nfnl_cthelper *nlcth; - int ret = 0; - -+ if (!capable(CAP_NET_ADMIN)) -+ return -EPERM; -+ - if (!tb[NFCTH_NAME] || !tb[NFCTH_TUPLE]) - return -EINVAL; - -@@ -611,6 +615,9 @@ static int nfnl_cthelper_get(struct net *net, struct sock *nfnl, - struct nfnl_cthelper *nlcth; - bool tuple_set = false; - -+ if (!capable(CAP_NET_ADMIN)) -+ return -EPERM; -+ - if (nlh->nlmsg_flags & NLM_F_DUMP) { - struct netlink_dump_control c = { - .dump = nfnl_cthelper_dump_table, -@@ -678,6 +685,9 @@ static int nfnl_cthelper_del(struct net *net, struct sock *nfnl, - struct nfnl_cthelper *nlcth, *n; - int j = 0, ret; - -+ if (!capable(CAP_NET_ADMIN)) -+ return -EPERM; -+ - if (tb[NFCTH_NAME]) - helper_name = nla_data(tb[NFCTH_NAME]); - --- -2.14.3 - diff --git a/netfilter-xt_osf-Add-missing-permission-checks.patch b/netfilter-xt_osf-Add-missing-permission-checks.patch deleted file mode 100644 index 80cd60847..000000000 --- a/netfilter-xt_osf-Add-missing-permission-checks.patch +++ /dev/null @@ -1,59 +0,0 @@ -From 2af0d441c8b1151a5d8bb46ec9c58ab575fe7d6f Mon Sep 17 00:00:00 2001 -From: Kevin Cernekee <cernekee@chromium.org> -Date: Tue, 5 Dec 2017 15:42:41 -0800 -Subject: [PATCH] netfilter: xt_osf: Add missing permission checks - -The capability check in nfnetlink_rcv() verifies that the caller -has CAP_NET_ADMIN in the namespace that "owns" the netlink socket. -However, xt_osf_fingers is shared by all net namespaces on the -system. An unprivileged user can create user and net namespaces -in which he holds CAP_NET_ADMIN to bypass the netlink_net_capable() -check: - - vpnns -- nfnl_osf -f /tmp/pf.os - - vpnns -- nfnl_osf -f /tmp/pf.os -d - -These non-root operations successfully modify the systemwide OS -fingerprint list. Add new capable() checks so that they can't. - -Signed-off-by: Kevin Cernekee <cernekee@chromium.org> ---- - net/netfilter/xt_osf.c | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/net/netfilter/xt_osf.c b/net/netfilter/xt_osf.c -index 36e14b1f061d..a34f314a8c23 100644 ---- a/net/netfilter/xt_osf.c -+++ b/net/netfilter/xt_osf.c -@@ -19,6 +19,7 @@ - #include <linux/module.h> - #include <linux/kernel.h> - -+#include <linux/capability.h> - #include <linux/if.h> - #include <linux/inetdevice.h> - #include <linux/ip.h> -@@ -70,6 +71,9 @@ static int xt_osf_add_callback(struct net *net, struct sock *ctnl, - struct xt_osf_finger *kf = NULL, *sf; - int err = 0; - -+ if (!capable(CAP_NET_ADMIN)) -+ return -EPERM; -+ - if (!osf_attrs[OSF_ATTR_FINGER]) - return -EINVAL; - -@@ -115,6 +119,9 @@ static int xt_osf_remove_callback(struct net *net, struct sock *ctnl, - struct xt_osf_finger *sf; - int err = -ENOENT; - -+ if (!capable(CAP_NET_ADMIN)) -+ return -EPERM; -+ - if (!osf_attrs[OSF_ATTR_FINGER]) - return -EINVAL; - --- -2.14.3 - diff --git a/revert-module-add-retpoline-tag-to-vermagic.patch b/revert-module-add-retpoline-tag-to-vermagic.patch deleted file mode 100644 index 2b4d0eacc..000000000 --- a/revert-module-add-retpoline-tag-to-vermagic.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 5132ede0fe8092b043dae09a7cc32b8ae7272baa Mon Sep 17 00:00:00 2001 -From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> -Date: Wed, 24 Jan 2018 15:28:17 +0100 -Subject: Revert "module: Add retpoline tag to VERMAGIC" - -From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> - -commit 5132ede0fe8092b043dae09a7cc32b8ae7272baa upstream. - -This reverts commit 6cfb521ac0d5b97470883ff9b7facae264b7ab12. - -Turns out distros do not want to make retpoline as part of their "ABI", -so this patch should not have been merged. Sorry Andi, this was my -fault, I suggested it when your original patch was the "correct" way of -doing this instead. - -Reported-by: Jiri Kosina <jikos@kernel.org> -Fixes: 6cfb521ac0d5 ("module: Add retpoline tag to VERMAGIC") -Acked-by: Andi Kleen <ak@linux.intel.com> -Cc: Thomas Gleixner <tglx@linutronix.de> -Cc: David Woodhouse <dwmw@amazon.co.uk> -Cc: rusty@rustcorp.com.au -Cc: arjan.van.de.ven@intel.com -Cc: jeyu@kernel.org -Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> -Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> - ---- - include/linux/vermagic.h | 8 +------- - 1 file changed, 1 insertion(+), 7 deletions(-) - ---- a/include/linux/vermagic.h -+++ b/include/linux/vermagic.h -@@ -31,17 +31,11 @@ - #else - #define MODULE_RANDSTRUCT_PLUGIN - #endif --#ifdef RETPOLINE --#define MODULE_VERMAGIC_RETPOLINE "retpoline " --#else --#define MODULE_VERMAGIC_RETPOLINE "" --#endif - - #define VERMAGIC_STRING \ - UTS_RELEASE " " \ - MODULE_VERMAGIC_SMP MODULE_VERMAGIC_PREEMPT \ - MODULE_VERMAGIC_MODULE_UNLOAD MODULE_VERMAGIC_MODVERSIONS \ - MODULE_ARCH_VERMAGIC \ -- MODULE_RANDSTRUCT_PLUGIN \ -- MODULE_VERMAGIC_RETPOLINE -+ MODULE_RANDSTRUCT_PLUGIN - @@ -1,3 +1,3 @@ SHA512 (linux-4.14.tar.xz) = 77e43a02d766c3d73b7e25c4aafb2e931d6b16e870510c22cef0cdb05c3acb7952b8908ebad12b10ef982c6efbe286364b1544586e715cf38390e483927904d8 SHA512 (perf-man-4.14.tar.gz) = 76a9d8adc284cdffd4b3fbb060e7f9a14109267707ce1d03f4c3239cd70d8d164f697da3a0f90a363fbcac42a61d3c378afbcc2a86f112c501b9cb5ce74ef9f8 -SHA512 (patch-4.14.15.xz) = faf165072fcff9f6f8cec76f0c35cf422afc453dfa2fc9ab5bc918eb177ebefd1e305f2c994a90c9dff073151762d79359789d118307ba15f53a020426c291a8 +SHA512 (patch-4.14.16.xz) = 7ba492011915a356ea696a6ae2269ff85725f726f6dd382973ceb417ac3289c7b4384bdffbde8ddea04b386126e07a3ea3aacf18253db4fcbc461e7c7e75d371 |