diff options
| author | Jeremy Cline <jcline@redhat.com> | 2019-05-22 17:41:29 +0000 |
|---|---|---|
| committer | Jeremy Cline <jcline@redhat.com> | 2019-06-03 16:40:33 +0000 |
| commit | 36b34bfcbfc751e730bd8d87c4913824bdfdb320 (patch) | |
| tree | 8a37da44ea39a60b6549ddb51789264178a05f90 /scripts | |
| parent | 3074ed2654b76680777291ee552ff1ee53dcc8f6 (diff) | |
| download | kernel-36b34bfcbfc751e730bd8d87c4913824bdfdb320.tar.gz kernel-36b34bfcbfc751e730bd8d87c4913824bdfdb320.tar.xz kernel-36b34bfcbfc751e730bd8d87c4913824bdfdb320.zip | |
Linux v5.1.6
Fix CVE-2019-12378 CVE-2019-3846 CVE-2019-12380 CVE-2019-12381 CVE-2019-12382 CVE-2019-12379
Diffstat (limited to 'scripts')
| -rwxr-xr-x | scripts/rawhide-rc.sh | 11 | ||||
| -rwxr-xr-x | scripts/stable-update.sh | 17 |
2 files changed, 23 insertions, 5 deletions
diff --git a/scripts/rawhide-rc.sh b/scripts/rawhide-rc.sh index ba8b467b2..a4e15820a 100755 --- a/scripts/rawhide-rc.sh +++ b/scripts/rawhide-rc.sh @@ -22,19 +22,20 @@ BASE=`grep "%define base_sublevel" kernel.spec| cut -d ' ' -f 3` OLDBASE=$BASE # See comment in kernel.spec about the base numbering BASE=$(($BASE+1)) +MAJORVER=5 # Kill all patches awk '!/patch/ { print $0 }' < sources > sources.tmp mv sources.tmp sources # Grab the tarball -if [ ! -f patch-4.$BASE-rc$RC.xz ]; then - wget -O patch-4.$BASE-rc$RC https://git.kernel.org/torvalds/p/v4.$BASE-rc$RC/v4.$OLDBASE +if [ ! -f patch-$MAJORVER.$BASE-rc$RC.xz ]; then + wget -O patch-$MAJORVER.$BASE-rc$RC https://git.kernel.org/torvalds/p/v$MAJORVER.$BASE-rc$RC/v$MAJORVER.$OLDBASE if [ ! $? -eq 0 ]; then exit 1 fi - xz -9 patch-4.$BASE-rc$RC - fedpkg upload patch-4.$BASE-rc$RC.xz + xz -9 patch-$MAJORVER.$BASE-rc$RC + fedpkg upload patch-$MAJORVER.$BASE-rc$RC.xz fi # bump rcrev in the spec and set git snapshot to 0 @@ -44,6 +45,6 @@ perl -p -i -e 's|%define gitrev.*|%define gitrev 0|' kernel.spec perl -p -i -e 's|%global baserelease.*|%global baserelease 0|' kernel.spec -rpmdev-bumpspec -c "Linux v4.$BASE-rc$RC" kernel.spec +rpmdev-bumpspec -c "Linux v$MAJORVER.$BASE-rc$RC" kernel.spec echo "Don't forget to bump kernel-tools" diff --git a/scripts/stable-update.sh b/scripts/stable-update.sh index 26c81b937..259a338c1 100755 --- a/scripts/stable-update.sh +++ b/scripts/stable-update.sh @@ -42,6 +42,23 @@ if [ ! -f patch-$1.xz ]; then fi fi +# This all needs to be updated for the new generation system +# +# if [ ! -f "patch-$1.sign" ]; then +# wget "https://cdn.kernel.org/pub/linux/kernel/v4.x/patch-$1.sign" +# if [ ! $? -eq 0 ]; then +# echo "Signature download failed" +# exit 1 +# fi +# fi + +# xzcat "patch-$1.xz" | gpg2 --verify "patch-$1.sign" - +# if [ ! $? -eq 0 ]; then +# echo "Patch file has invalid or untrusted signature!" +# echo "See https://www.kernel.org/category/signatures.html" +# exit 1 +# fi + grep $1 sources &> /dev/null if [ ! $? -eq 0 ]; then fedpkg upload patch-$1.xz |