diff options
| author | Thorsten Leemhuis <fedora@leemhuis.info> | 2019-04-27 11:03:30 +0200 |
|---|---|---|
| committer | Thorsten Leemhuis <fedora@leemhuis.info> | 2019-04-27 11:03:30 +0200 |
| commit | 99f0e9370c534e521fc6997ae61735d218f318ea (patch) | |
| tree | 1b36f78fdae3d87e54564b56c8559a234cddcebb /kernel.spec | |
| parent | c9600d6ede1d98360d95de44ebdee06e674cd132 (diff) | |
| parent | 20acea15512b040b39438fb5c64602f1c97c0194 (diff) | |
| download | kernel-99f0e9370c534e521fc6997ae61735d218f318ea.tar.gz kernel-99f0e9370c534e521fc6997ae61735d218f318ea.tar.xz kernel-99f0e9370c534e521fc6997ae61735d218f318ea.zip | |
merge origin
Diffstat (limited to 'kernel.spec')
| -rw-r--r-- | kernel.spec | 39 |
1 files changed, 34 insertions, 5 deletions
diff --git a/kernel.spec b/kernel.spec index 6a7f6fb56..df73b8a89 100644 --- a/kernel.spec +++ b/kernel.spec @@ -557,8 +557,6 @@ Patch122: Input-synaptics-pin-3-touches-when-the-firmware-repo.patch Patch201: efi-lockdown.patch -Patch202: KEYS-Allow-unrestricted-boot-time-addition-of-keys-t.patch - # bz 1497559 - Make kernel MODSIGN code not error on missing variables Patch207: 0001-Make-get_cert_list-not-complain-about-cert-lists-tha.patch Patch208: 0002-Add-efi_status_to_str-and-rework-efi_status_to_err.patch @@ -643,8 +641,8 @@ Patch512: v3-tpm-fix-an-invalid-condition-in-tpm_common_poll.patch # rhbz 1683382 Patch515: nfsv4.1-avoid-false-retries.patch -# CVE-2019-9857 rhbz 1694758 1694759 -Patch516: 0001-inotify-Fix-fsnotify_mark-refcount-leak-in-inotify_u.patch +# https://bugs.freedesktop.org/show_bug.cgi?id=109806 +Patch516: 0001-Revert-drm-i915-fbdev-Actually-configure-untiled-dis.patch # CVE-2019-3882 rhbz 1689426 1695571 Patch517: vfio-type1-limit-dma-mappings-per-container.patch @@ -652,6 +650,21 @@ Patch517: vfio-type1-limit-dma-mappings-per-container.patch # CVE-2019-9500 rhbz 1701224 1701226 Patch518: 0001-brcmfmac-assure-SSID-length-from-firmware-is-limited.patch +# rhbz 1701077 +Patch519: nfsd-wake-waiters-blocked-on-file_lock-before-deleting-it.patch + +# CVE-2019-9503 rhbz 1701842 1701843 +Patch520: 0001-brcmfmac-add-subtype-check-for-event-handling-in-dat.patch + +# https://bugzilla.redhat.com/show_bug.cgi?id=1701096 +Patch521: 0001-integrity-KEYS-add-a-reference-to-platform-keyring.patch +Patch522: 0001-kexec-KEYS-Make-use-of-platform-keyring-for-signatur.patch +# Submitted upstream at https://lkml.org/lkml/2019/4/23/89 +Patch523: KEYS-Make-use-of-platform-keyring-for-module-signature.patch + +# CVE-2019-3900 rhbz 1698757 1702940 +Patch524: net-vhost_net-fix-possible-infinite-loop.patch + # END OF PATCH DEFINITIONS %endif @@ -1928,8 +1941,24 @@ fi # # %changelog +* Thu Apr 25 2019 Justin M. Forbes <jforbes@fedoraproject.org> +- Fix CVE-2019-3900 (rhbz 1698757 1702940) + +* Tue Apr 23 2019 Laura Abbott <labbott@redhat.com> - 5.0.9-301 +- Bring in DRM workaround + +* Tue Apr 23 2019 Jeremy Cline <jcline@redhat.com> +- Allow modules signed by keys in the platform keyring (rbhz 1701096) + +* Tue Apr 23 2019 Justin M. Forbes <jforbes@fedoraproject.org> +- Fix CVE-2019-9503 rhbz 1701842 1701843 + +* Mon Apr 22 2019 Laura Abbott <labbott@redhat.com> - 5.0.9-300 +- Linux v5.0.9 +- Fix NFS server crash (rhbz 1701077) + * Thu Apr 18 2019 Justin M. Forbes <jforbes@fedoraproject.org> -- Fix CVE-2019-9500 (rhbz 1701224 1701226) +- Fix CVE-2019-9500 (rhbz 1701224 1701225) * Wed Apr 17 2019 Laura Abbott <labbott@redhat.com> - 5.0.8-300 - Linux v5.0.8 |