diff options
| author | Thorsten Leemhuis <fedora@leemhuis.info> | 2019-11-26 20:01:33 +0100 |
|---|---|---|
| committer | Thorsten Leemhuis <fedora@leemhuis.info> | 2019-11-26 20:01:33 +0100 |
| commit | 320121213583c38b408b7a967c77d3b270941c2d (patch) | |
| tree | 1e1830c191d38375a517685bb14d49f9c4cfcb69 /kernel.spec | |
| parent | 288ae1c5232eaee23d77f5214098237151452b00 (diff) | |
| parent | 17ffa26d54598f92b17e25a82f76ffa1837d06c2 (diff) | |
| download | kernel-320121213583c38b408b7a967c77d3b270941c2d.tar.gz kernel-320121213583c38b408b7a967c77d3b270941c2d.tar.xz kernel-320121213583c38b408b7a967c77d3b270941c2d.zip | |
Merge remote-tracking branch 'origin/master' into rawhide-user-thl-vanilla-fedorakernel-5.5.0-0.rc0.git1.1.vanilla.knurd.1.fc31
Diffstat (limited to 'kernel.spec')
| -rw-r--r-- | kernel.spec | 65 |
1 files changed, 24 insertions, 41 deletions
diff --git a/kernel.spec b/kernel.spec index d3179fa0f..ca36e4536 100644 --- a/kernel.spec +++ b/kernel.spec @@ -24,7 +24,7 @@ Summary: The Linux kernel # For rawhide and/or a kernel built from an rc or git snapshot, # released_kernel should be 0. # For a stable, released kernel, released_kernel should be 1. -%global released_kernel 1 +%global released_kernel 0 %if 0%{?fedora} %define secure_boot_arch x86_64 @@ -110,7 +110,7 @@ Summary: The Linux kernel # The next upstream release sublevel (base_sublevel+1) %define upstream_sublevel %(echo $((%{base_sublevel} + 1))) # The rc snapshot level -%global rcrev 1 +%global rcrev 0 # The git snapshot level %define gitrev 1 # Set rpm version accordingly @@ -199,7 +199,7 @@ Summary: The Linux kernel # Set debugbuildsenabled to 1 for production (build separate debug kernels) # and 0 for rawhide (all kernels are debug kernels). # See also 'make debug' and 'make release'. -%define debugbuildsenabled 1 +%define debugbuildsenabled 0 %if 0%{?fedora} # Kernel headers are being split out into a separate package @@ -609,12 +609,22 @@ Source11: x509.genkey.fedora Source12: securebootca.cer Source13: secureboot.cer +Source14: secureboot_s390.cer +Source15: secureboot_ppc.cer %define secureboot_ca %{SOURCE12} %ifarch x86_64 aarch64 %define secureboot_key %{SOURCE13} %define pesign_name redhatsecureboot301 %endif +%ifarch s390x +%define secureboot_key %{SOURCE14} +%define pesign_name redhatsecureboot302 +%endif +%ifarch ppc64le +%define secureboot_key %{SOURCE15} +%define pesign_name redhatsecureboot303 +%endif %else # released_kernel @@ -627,7 +637,7 @@ Source13: redhatsecureboot003.cer %endif # released_kernel -Source15: mod-extra.list.rhel +Source22: mod-extra.list.rhel Source16: mod-extra.list.fedora Source17: mod-extra.sh Source18: mod-sign.sh @@ -817,43 +827,12 @@ Patch504: 0001-mm-kmemleak-skip-late_init-if-not-skip-disable.patch # https://lkml.org/lkml/2019/8/29/1772 Patch505: ARM-fix-__get_user_check-in-case-uaccess_-calls-are-not-inlined.patch -# CVE-2019-19071 rhbz 1774949 1774950 -Patch509: rsi-release-skb-if-rsi_prepare_beacon-fails.patch - -# CVE-2019-19070 rhbz 1774957 1774958 -Patch510: spi-gpio-prevent-memory-leak-in-spi_gpio_probe.patch - -# CVE-2019-19068 rhbz 1774963 1774965 -Patch511: rtl8xxxu-prevent-leaking-urb.patch - -# CVE-2019-19043 rhbz 1774972 1774973 -Patch512: net-next-v2-9-9-i40e-prevent-memory-leak-in-i40e_setup_macvlans.patch - # CVE-2019-19066 rhbz 1774976 1774978 Patch513: scsi-bfa-release-allocated-memory-in-case-of-error.patch -# CVE-2019-19046 rhbz 1774988 1774989 -Patch514: ipmi-Fix-memory-leak-in-__ipmi_bmc_register.patch - -# CVE-2019-19050 rhbz 1774998 1775002 -# CVE-2019-19062 rhbz 1775021 1775023 -Patch515: crypto-user-fix-memory-leak-in-crypto_reportstat.patch - -# CVE-2019-19064 rhbz 1775010 1775011 -Patch516: spi-lpspi-fix-memory-leak-in-fsl_lpspi_probe.patch - -# CVE-2019-19063 rhbz 1775015 1775016 -Patch517: rtlwifi-prevent-memory-leak-in-rtl_usb_probe.patch - -# CVE-2019-19057 rhbz 1775050 1775051 -Patch520: mwifiex-pcie-Fix-memory-leak-in-mwifiex_pcie_init_evt_ring.patch - # CVE-2019-19053 rhbz 1775956 1775110 Patch521: rpmsg-char-release-allocated-memory.patch -# CVE-2019-19056 rhbz 1775097 1775115 -Patch522: mwifiex-pcie-fix-memory-leak-in-mwifiex_pcie_alloc_cmdrsp_buf.patch - # CVE-2019-19054 rhbz 1775063 1775117 Patch524: media-rc-prevent-memory-leak-in-cx23888_ir_probe.patch @@ -867,9 +846,6 @@ Patch526: libertas-Fix-two-buffer-overflows-at-parsing-bss-descriptor.patch # CVE-2019-14901 rhbz 1773519 1776184 Patch527: mwifiex-Fix-heap-overflow-in-mmwifiex_process_tdls_action_frame.patch -# CVE-2019-19078 rhbz 1776354 1776353 -Patch528: ath10k-fix-memory-leak.patch - # END OF PATCH DEFINITIONS %endif @@ -1738,6 +1714,9 @@ BuildKernel() { mkdir -p $RPM_BUILD_ROOT/lib/modules/$KernelVer/extra mkdir -p $RPM_BUILD_ROOT/lib/modules/$KernelVer/internal mkdir -p $RPM_BUILD_ROOT/lib/modules/$KernelVer/updates + # CONFIG_KERNEL_HEADER_TEST generates some extra files in the process of + # testing so just delete + find . -name *.h.s -delete # first copy everything cp --parents `find -type f -name "Makefile*" -o -name "Kconfig*"` $RPM_BUILD_ROOT/lib/modules/$KernelVer/build cp Module.symvers $RPM_BUILD_ROOT/lib/modules/$KernelVer/build @@ -2532,9 +2511,6 @@ fi %{expand:%%files %{?3:%{3}-}modules-extra}\ %config(noreplace) /etc/modprobe.d/*-blacklist.conf\ /lib/modules/%{KVERREL}%{?3:+%{3}}/extra\ -%%defattr(-,root,root)\ -%defverify(not mtime)\ -/usr/src/kernels/%{KVERREL}%{?3:+%{3}}\ %{expand:%%files %{?3:%{3}-}modules-internal}\ /lib/modules/%{KVERREL}%{?3:+%{3}}/internal\ %if %{with_debuginfo}\ @@ -2571,6 +2547,13 @@ fi # # %changelog +* Tue Nov 26 2019 Justin M. Forbes <jforbes@fedoraproject.org> - 5.5.0-0.rc0.git1.1 +- Linux v5.4-3619-gbe2eca94d144 +- Reenable debugging options. + +* Mon Nov 25 2019 Laura Abbott <labbott@redhat.com> - 5.4.0-2 +- bump and build to pick up fixes + * Mon Nov 25 2019 Justin M. Forbes <jforbes@fedoraproject.org> - Fix CVE-2019-14895 (rhbz 1774870 1776139) - Fix CVE-2019-14896 (rhbz 1774875 1776143) |