summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLaura Abbott <labbott@fedoraproject.org>2016-06-13 08:18:37 -0700
committerLaura Abbott <labbott@fedoraproject.org>2016-06-13 08:18:37 -0700
commit4b9053da49f84665c0556fe7bf01d0d7bd9f4d6e (patch)
treec8340852e81f94042a717d017f8a27f4ac90b90c
parentd100a58678e1434667887874f50e327dc3b6e56a (diff)
downloadkernel-4b9053da49f84665c0556fe7bf01d0d7bd9f4d6e.tar.gz
kernel-4b9053da49f84665c0556fe7bf01d0d7bd9f4d6e.tar.xz
kernel-4b9053da49f84665c0556fe7bf01d0d7bd9f4d6e.zip
Linux v4.7-rc3
- Disable debugging options.
-rw-r--r--kernel.spec16
-rw-r--r--rds-fix-an-infoleak-in-rds_inc_info_copy.txt31
-rw-r--r--sources3
-rw-r--r--tipc-fix-an-infoleak-in-tipc_nl_compat_link_dump.patch32
4 files changed, 8 insertions, 74 deletions
diff --git a/kernel.spec b/kernel.spec
index af30c3a15..c0572cd41 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -42,7 +42,7 @@ Summary: The Linux kernel
# For non-released -rc kernels, this will be appended after the rcX and
# gitX tags, so a 3 here would become part of release "0.rcX.gitX.3"
#
-%global baserelease 2
+%global baserelease 1
%global fedora_build %{baserelease}
# base_sublevel is the kernel version we're starting with and patching
@@ -67,9 +67,9 @@ Summary: The Linux kernel
# The next upstream release sublevel (base_sublevel+1)
%define upstream_sublevel %(echo $((%{base_sublevel} + 1)))
# The rc snapshot level
-%define rcrev 2
+%define rcrev 3
# The git snapshot level
-%define gitrev 3
+%define gitrev 0
# Set rpm version accordingly
%define rpmversion 4.%{upstream_sublevel}.0
%endif
@@ -602,12 +602,6 @@ Patch641: disable-CONFIG_EXPERT-for-ZONE_DMA.patch
#CVE-2016-3134 rhbz 1317383 1317384
Patch665: netfilter-x_tables-deal-with-bogus-nextoffset-values.patch
-#CVE-2016-5243 rhbz 1343338 1343335
-Patch721: tipc-fix-an-infoleak-in-tipc_nl_compat_link_dump.patch
-
-#CVE-2016-5244 rhbz 1343338 1343337
-Patch722: rds-fix-an-infoleak-in-rds_inc_info_copy.txt
-
# END OF PATCH DEFINITIONS
%endif
@@ -2133,6 +2127,10 @@ fi
#
#
%changelog
+* Mon Jun 13 2016 Laura Abbott <labbott@redhat.com> - 4.7.0-0.rc3.git0.1
+- Linux v4.7-rc3
+- Disable debugging options.
+
* Fri Jun 10 2016 Peter Robinson <pbrobinson@fedoraproject.org> 4.7.0-0.rc2.git3.2
- Fix Power64 module filters
- Minor ARM updates
diff --git a/rds-fix-an-infoleak-in-rds_inc_info_copy.txt b/rds-fix-an-infoleak-in-rds_inc_info_copy.txt
deleted file mode 100644
index a9b1e49fe..000000000
--- a/rds-fix-an-infoleak-in-rds_inc_info_copy.txt
+++ /dev/null
@@ -1,31 +0,0 @@
-From 4116def2337991b39919f3b448326e21c40e0dbb Mon Sep 17 00:00:00 2001
-From: Kangjie Lu <kangjielu@gmail.com>
-Date: Thu, 2 Jun 2016 04:11:20 -0400
-Subject: rds: fix an infoleak in rds_inc_info_copy
-
-The last field "flags" of object "minfo" is not initialized.
-Copying this object out may leak kernel stack data.
-Assign 0 to it to avoid leak.
-
-Signed-off-by: Kangjie Lu <kjlu@gatech.edu>
-Acked-by: Santosh Shilimkar <santosh.shilimkar@oracle.com>
-Signed-off-by: David S. Miller <davem@davemloft.net>
----
- net/rds/recv.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/net/rds/recv.c b/net/rds/recv.c
-index c0be1ec..8413f6c 100644
---- a/net/rds/recv.c
-+++ b/net/rds/recv.c
-@@ -561,5 +561,7 @@ void rds_inc_info_copy(struct rds_incoming *inc,
- minfo.fport = inc->i_hdr.h_dport;
- }
-
-+ minfo.flags = 0;
-+
- rds_info_copy(iter, &minfo, sizeof(minfo));
- }
---
-cgit v0.12
-
diff --git a/sources b/sources
index cc9f2c955..c18e1b585 100644
--- a/sources
+++ b/sources
@@ -1,4 +1,3 @@
d2927020e24a76da4ab482a8bc3e9ef3 linux-4.6.tar.xz
fd23b14b9d474c3dfacb6e8ee82d3a51 perf-man-4.6.tar.gz
-7c23235807e3c4d86b9c7ea5aef47068 patch-4.7-rc2.xz
-f4dff60e8aeb57a45621f6684fb46879 patch-4.7-rc2-git3.xz
+4197bebd41db2f1cfe9ba8e98cc53832 patch-4.7-rc3.xz
diff --git a/tipc-fix-an-infoleak-in-tipc_nl_compat_link_dump.patch b/tipc-fix-an-infoleak-in-tipc_nl_compat_link_dump.patch
deleted file mode 100644
index 9cd7c09a3..000000000
--- a/tipc-fix-an-infoleak-in-tipc_nl_compat_link_dump.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From 5d2be1422e02ccd697ccfcd45c85b4a26e6178e2 Mon Sep 17 00:00:00 2001
-From: Kangjie Lu <kangjielu@gmail.com>
-Date: Thu, 2 Jun 2016 04:04:56 -0400
-Subject: tipc: fix an infoleak in tipc_nl_compat_link_dump
-
-link_info.str is a char array of size 60. Memory after the NULL
-byte is not initialized. Sending the whole object out can cause
-a leak.
-
-Signed-off-by: Kangjie Lu <kjlu@gatech.edu>
-Signed-off-by: David S. Miller <davem@davemloft.net>
----
- net/tipc/netlink_compat.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/net/tipc/netlink_compat.c b/net/tipc/netlink_compat.c
-index f795b1d..3ad9fab 100644
---- a/net/tipc/netlink_compat.c
-+++ b/net/tipc/netlink_compat.c
-@@ -604,7 +604,8 @@ static int tipc_nl_compat_link_dump(struct tipc_nl_compat_msg *msg,
-
- link_info.dest = nla_get_flag(link[TIPC_NLA_LINK_DEST]);
- link_info.up = htonl(nla_get_flag(link[TIPC_NLA_LINK_UP]));
-- strcpy(link_info.str, nla_data(link[TIPC_NLA_LINK_NAME]));
-+ nla_strlcpy(link_info.str, nla_data(link[TIPC_NLA_LINK_NAME]),
-+ TIPC_MAX_LINK_NAME);
-
- return tipc_add_tlv(msg->rep, TIPC_TLV_LINK_INFO,
- &link_info, sizeof(link_info));
---
-cgit v0.12
-