diff options
author | Jeremy Cline <jeremy@jcline.org> | 2017-12-14 09:50:53 -0500 |
---|---|---|
committer | Jeremy Cline <jeremy@jcline.org> | 2017-12-14 09:50:53 -0500 |
commit | b6e3b19cd5c54902789574a3def1787d2c143246 (patch) | |
tree | a376a89a88c6f1d98803cd69ab939fc9089904ca /kernel.spec | |
parent | aede7982b7100e8b769edff793649a9b8258348d (diff) | |
download | kernel-b6e3b19cd5c54902789574a3def1787d2c143246.tar.gz kernel-b6e3b19cd5c54902789574a3def1787d2c143246.tar.xz kernel-b6e3b19cd5c54902789574a3def1787d2c143246.zip |
Linux v4.14.5
Also fixes CVE-2017-17448, CVE-2017-17449, CVE-2017-17450
Diffstat (limited to 'kernel.spec')
-rw-r--r-- | kernel.spec | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/kernel.spec b/kernel.spec index fdeb682c3..50b492bca 100644 --- a/kernel.spec +++ b/kernel.spec @@ -54,7 +54,7 @@ Summary: The Linux kernel %if 0%{?released_kernel} # Do we have a -stable update to apply? -%define stable_update 5 +%define stable_update 6 # Set rpm version accordingly %if 0%{?stable_update} %define stablerev %{stable_update} @@ -636,6 +636,18 @@ Patch501: USB-core-prevent-malicious-bNumInterfaces-overflow.patch # https://marc.info/?l=linux-kernel&m=151307686618795 Patch502: Revert-exec-avoid-RLIMIT_STACK-races-with-prlimit.patch +# CVE-2017-17449 +# rhbz 1525762 1525763 +Patch503: netlink-Add-netns-check-on-taps.patch + +# CVE-2017-17450 +# rhbz 1525761 1525764 +Patch504: netfilter-xt_osf-Add-missing-permission-checks.patch + +# CVE-2017-17448 +# rhbz 1525768 1525769 +Patch505: netfilter-nfnetlink_cthelper-Add-missing-permission-.patch + # 600 - Patches for improved Bay and Cherry Trail device support # Below patches are submitted upstream, awaiting review / merging Patch601: 0001-Input-gpio_keys-Allow-suppression-of-input-events-fo.patch @@ -2214,6 +2226,12 @@ fi # # %changelog +* Thu Dec 14 2017 Jeremy Cline <jeremy@jcline.org> - 4.14.6-300 +- Linux v4.14.6 +- Security fix for CVE-2017-17449 (rhbz 1525762 1525763) +- Security fix for CVE-2017-17450 (rhbz 1525761 1525764) +- Security fix for CVE-2017-17448 (rhbz 1525768 1525769) + * Wed Dec 13 2017 Jeremy Cline <jeremy@jcline.org> - Fix CVE-2017-17558 (rhbz 1525474 1525476) - Revert exec: avoid RLIMIT_STACK races with prlimit() |