diff options
author | Thorsten Leemhuis <fedora@leemhuis.info> | 2019-11-22 17:15:14 +0100 |
---|---|---|
committer | Thorsten Leemhuis <fedora@leemhuis.info> | 2019-11-22 17:15:14 +0100 |
commit | fc10a67441c62a88e7e4055423c0fb11f1928dfe (patch) | |
tree | 406da91a6f1f74e31747fab9bdbbd51f2ce9a44f /kernel.spec | |
parent | 698074117f5e5d1f0d32a5581f21440c29b5f2d7 (diff) | |
parent | 97bb52b5db0b55b977f75767aa40ffafaf7289e2 (diff) | |
download | kernel-fc10a67441c62a88e7e4055423c0fb11f1928dfe.tar.gz kernel-fc10a67441c62a88e7e4055423c0fb11f1928dfe.tar.xz kernel-fc10a67441c62a88e7e4055423c0fb11f1928dfe.zip |
Merge remote-tracking branch 'origin/master' into rawhide-user-thl-vanilla-fedora
Diffstat (limited to 'kernel.spec')
-rw-r--r-- | kernel.spec | 78 |
1 files changed, 71 insertions, 7 deletions
diff --git a/kernel.spec b/kernel.spec index 4f9224654..888164e2c 100644 --- a/kernel.spec +++ b/kernel.spec @@ -79,7 +79,7 @@ Summary: The Linux kernel # For non-released -rc kernels, this will be appended after the rcX and # gitX tags, so a 3 here would become part of release "0.rcX.gitX.3" # -%global baserelease 1 +%global baserelease 2 %global fedora_build %{baserelease} # base_sublevel is the kernel version we're starting with and patching @@ -112,7 +112,7 @@ Summary: The Linux kernel # The rc snapshot level %global rcrev 8 # The git snapshot level -%define gitrev 0 +%define gitrev 1 # Set rpm version accordingly %define rpmversion 5.%{upstream_sublevel}.0 %endif @@ -199,7 +199,7 @@ Summary: The Linux kernel # Set debugbuildsenabled to 1 for production (build separate debug kernels) # and 0 for rawhide (all kernels are debug kernels). # See also 'make debug' and 'make release'. -%define debugbuildsenabled 1 +%define debugbuildsenabled 0 %if 0%{?fedora} # Kernel headers are being split out into a separate package @@ -827,6 +827,46 @@ Patch504: 0001-mm-kmemleak-skip-late_init-if-not-skip-disable.patch # https://lkml.org/lkml/2019/8/29/1772 Patch505: ARM-fix-__get_user_check-in-case-uaccess_-calls-are-not-inlined.patch +# CVE-2019-19071 rhbz 1774949 1774950 +Patch509: rsi-release-skb-if-rsi_prepare_beacon-fails.patch + +# CVE-2019-19070 rhbz 1774957 1774958 +Patch510: spi-gpio-prevent-memory-leak-in-spi_gpio_probe.patch + +# CVE-2019-19068 rhbz 1774963 1774965 +Patch511: rtl8xxxu-prevent-leaking-urb.patch + +# CVE-2019-19043 rhbz 1774972 1774973 +Patch512: net-next-v2-9-9-i40e-prevent-memory-leak-in-i40e_setup_macvlans.patch + +# CVE-2019-19066 rhbz 1774976 1774978 +Patch513: scsi-bfa-release-allocated-memory-in-case-of-error.patch + +# CVE-2019-19046 rhbz 1774988 1774989 +Patch514: ipmi-Fix-memory-leak-in-__ipmi_bmc_register.patch + +# CVE-2019-19050 rhbz 1774998 1775002 +# CVE-2019-19062 rhbz 1775021 1775023 +Patch515: crypto-user-fix-memory-leak-in-crypto_reportstat.patch + +# CVE-2019-19064 rhbz 1775010 1775011 +Patch516: spi-lpspi-fix-memory-leak-in-fsl_lpspi_probe.patch + +# CVE-2019-19063 rhbz 1775015 1775016 +Patch517: rtlwifi-prevent-memory-leak-in-rtl_usb_probe.patch + +# CVE-2019-19057 rhbz 1775050 1775051 +Patch520: mwifiex-pcie-Fix-memory-leak-in-mwifiex_pcie_init_evt_ring.patch + +# CVE-2019-19053 rhbz 1775956 1775110 +Patch521: rpmsg-char-release-allocated-memory.patch + +# CVE-2019-19056 rhbz 1775097 1775115 +Patch522: mwifiex-pcie-fix-memory-leak-in-mwifiex_pcie_alloc_cmdrsp_buf.patch + +# CVE-2019-19054 rhbz 1775063 1775117 +Patch524: media-rc-prevent-memory-leak-in-cx23888_ir_probe.patch + # END OF PATCH DEFINITIONS %endif @@ -1620,12 +1660,8 @@ BuildKernel() { fi %ifarch x86_64 aarch64 - %if 0%{?fedora} - %pesign -s -i $KernelImage -o vmlinuz.signed - %else %pesign -s -i $SignImage -o vmlinuz.signed -a %{secureboot_ca} -c %{secureboot_key} -n %{pesign_name} %endif - %endif %ifarch s390x ppc64le if [ -x /usr/bin/rpm-sign ]; then rpm-sign --key "%{pesign_name}" --lkmsign $SignImage --output vmlinuz.signed @@ -2532,6 +2568,34 @@ fi # # %changelog +* Fri Nov 22 2019 Laura Abbott <labbott@redhat.com> - 5.4.0-0.rc8.git1.2 +- bump and build to test new configs + +* Fri Nov 22 2019 Jeremy Cline <jcline@redhat.com> - 5.4.0-0.rc8.git1.1 +- Linux v5.4-rc8-15-g81429eb8d9ca + +* Fri Nov 22 2019 Jeremy Cline <jcline@redhat.com> +- Reenable debugging options. + +* Thu Nov 21 2019 Justin M. Forbes <jforbes@fedoraproject.org> - 5.3.12-300 +- Fix CVE-2019-19071 (rhbz 1774949 1774950) +- Fix CVE-2019-19070 (rhbz 1774957 1774958) +- Fix CVE-2019-19068 (rhbz 1774963 1774965) +- Fix CVE-2019-19043 (rhbz 1774972 1774973) +- Fix CVE-2019-19066 (rhbz 1774976 1774978) +- Fix CVE-2019-19046 (rhbz 1774988 1774989) +- Fix CVE-2019-19050 (rhbz 1774998 1775002) +- Fix CVE-2019-19062 (rhbz 1775021 1775023) +- Fix CVE-2019-19064 (rhbz 1775010 1775011) +- Fix CVE-2019-19063 (rhbz 1775015 1775016) +- Fix CVE-2019-19057 (rhbz 1775050 1775051) +- Fix CVE-2019-19053 (rhbz 1775956 1775110) +- Fix CVE-2019-19056 (rhbz 1775097 1775115) +- Fix CVE-2019-19054 (rhbz 1775063 1775117) + +* Wed Nov 20 2019 Laura Abbott <labbott@redhat.com> - 5.4.0-0.rc8.git0.2 +- bump and build to check the pesign + * Mon Nov 18 2019 Jeremy Cline <jcline@redhat.com> - 5.4.0-0.rc8.git0.1 - Linux v5.4-rc8 |