From 1cea4bfbc911fc3948ae8256b55657576eb03f7d Mon Sep 17 00:00:00 2001
From: "Justin M. Forbes" <jforbes@fedoraproject.org>
Date: Wed, 13 Sep 2017 14:16:59 -0700
Subject: Fix CVE-2017-12154 CVE-2017-12153 CVE-2017-1000251

---
 kernel.spec | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

(limited to 'kernel.spec')

diff --git a/kernel.spec b/kernel.spec
index ed0d381d5..0b0a0996d 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -646,6 +646,15 @@ Patch617: Fix-for-module-sig-verification.patch
 # rhbz 1485086
 Patch619: pci-mark-amd-stoney-gpu-ats-as-broken.patch
 
+# CVE-2017-12154 rhbz 1491224 1491231
+Patch620: kvm-nVMX-Don-t-allow-L2-to-access-the-hardware-CR8.patch
+
+# CVE-2017-12153 rhbz 1491046 1491057
+Patch621: nl80211-check-for-the-required-netlink-attributes-presence.patch
+
+# CVE-2017-1000251 rhbz 1489716 1490906
+Patch622: bluetooth-properly-check-l2cap-config-option-output-buffer-length.patch
+
 # END OF PATCH DEFINITIONS
 
 %endif
@@ -2219,6 +2228,11 @@ fi
 #
 #
 %changelog
+* Wed Sep 13 2017 Justin M. Forbes <jforbes@fedoraproject.org>
+- Fix CVE-2017-12154 (rhbz 1491224 1491231)
+- Fix CVE-2017-12153 (rhbz 1491046 1491057)
+- Fix CVE-2017-1000251 (rhbz 1489716 1490906)
+
 * Sun Sep 10 2017 Laura Abbott <labbott@fedoraproject.org> - 4.13.1-200
 - Linux v4.13.1
 
-- 
cgit