To fix CVE-2019-1125 (SWAPGS)
Change-Id: Icca3444dc52a31b377935239bbfe28a843f243ee
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/7708
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Srinidhi Rao <srinidhir@vmware.com>
Reviewed-by: Srivatsa S. Bhat <srivatsab@vmware.com>
... | ... |
@@ -1,6 +1,6 @@ |
1 | 1 |
Summary: Linux API header files |
2 | 2 |
Name: linux-api-headers |
3 |
-Version: 4.19.52 |
|
3 |
+Version: 4.19.65 |
|
4 | 4 |
Release: 1%{?dist} |
5 | 5 |
License: GPLv2 |
6 | 6 |
URL: http://www.kernel.org/ |
... | ... |
@@ -8,7 +8,7 @@ Group: System Environment/Kernel |
8 | 8 |
Vendor: VMware, Inc. |
9 | 9 |
Distribution: Photon |
10 | 10 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz |
11 |
-%define sha1 linux=0fc8eeba8a8a710c95d71f140dfdc4bdff735248 |
|
11 |
+%define sha1 linux=598111781858ea0aaa328cfa0fec39264d2815d7 |
|
12 | 12 |
BuildArch: noarch |
13 | 13 |
%description |
14 | 14 |
The Linux API Headers expose the kernel's API for use by Glibc. |
... | ... |
@@ -25,6 +25,8 @@ find /%{buildroot}%{_includedir} \( -name .install -o -name ..install.cmd \) -de |
25 | 25 |
%defattr(-,root,root) |
26 | 26 |
%{_includedir}/* |
27 | 27 |
%changelog |
28 |
+* Tue Aug 06 2019 Alexey Makhalov <amakhalov@vmware.com> 4.19.65-1 |
|
29 |
+- Update to version 4.19.65 |
|
28 | 30 |
* Mon Jun 17 2019 Srivatsa S. Bhat (VMware) <srivatsa@csail.mit.edu> 4.19.52-1 |
29 | 31 |
- Update to version 4.19.52 |
30 | 32 |
* Tue May 07 2019 Ajay Kaher <akaher@vmware.com> 4.19.40-1 |
31 | 33 |
deleted file mode 100644 |
... | ... |
@@ -1,41 +0,0 @@ |
1 |
-From 9579fa77a71581a70d14a544cc58d0b00f700f05 Mon Sep 17 00:00:00 2001 |
|
2 |
-From: Gen Zhang <blackgod016574@gmail.com> |
|
3 |
-Date: Fri, 24 May 2019 10:32:22 +0800 |
|
4 |
-Subject: [PATCH] drm/edid: Fix a missing-check bug in drm_load_edid_firmware() |
|
5 |
- |
|
6 |
-[ This patch is not yet upstream; however, it has been accepted into |
|
7 |
- the drm maintainer's queue. ] |
|
8 |
- |
|
9 |
-In drm_load_edid_firmware(), fwstr is allocated by kstrdup(). And fwstr |
|
10 |
-is dereferenced in the following codes. However, memory allocation |
|
11 |
-functions such as kstrdup() may fail and returns NULL. Dereferencing |
|
12 |
-this null pointer may cause the kernel go wrong. Thus we should check |
|
13 |
-this kstrdup() operation. |
|
14 |
-Further, if kstrdup() returns NULL, we should return ERR_PTR(-ENOMEM) to |
|
15 |
-the caller site. |
|
16 |
- |
|
17 |
-Signed-off-by: Gen Zhang <blackgod016574@gmail.com> |
|
18 |
-Reviewed-by: Jani Nikula <jani.nikula@intel.com> |
|
19 |
-Signed-off-by: Jani Nikula <jani.nikula@intel.com> |
|
20 |
-Link: https://patchwork.freedesktop.org/patch/msgid/20190524023222.GA5302@zhanggen-UX430UQ |
|
21 |
-Signed-off-by: Srivatsa S. Bhat (VMware) <srivatsa@csail.mit.edu> |
|
22 |
- drivers/gpu/drm/drm_edid_load.c | 2 ++ |
|
23 |
- 1 file changed, 2 insertions(+) |
|
24 |
- |
|
25 |
-diff --git a/drivers/gpu/drm/drm_edid_load.c b/drivers/gpu/drm/drm_edid_load.c |
|
26 |
-index a491509..a0e107a 100644 |
|
27 |
-+++ b/drivers/gpu/drm/drm_edid_load.c |
|
28 |
-@@ -290,6 +290,8 @@ struct edid *drm_load_edid_firmware(struct drm_connector *connector) |
|
29 |
- * the last one found one as a fallback. |
|
30 |
- */ |
|
31 |
- fwstr = kstrdup(edid_firmware, GFP_KERNEL); |
|
32 |
-+ if (!fwstr) |
|
33 |
-+ return ERR_PTR(-ENOMEM); |
|
34 |
- edidstr = fwstr; |
|
35 |
- |
|
36 |
- while ((edidname = strsep(&edidstr, ","))) { |
|
37 |
-2.7.4 |
|
38 |
- |
... | ... |
@@ -84,6 +84,7 @@ Subject: [PATCH 3/3] Added rap_plugin |
84 | 84 |
drivers/scsi/csiostor/csio_lnode.c | 32 +- |
85 | 85 |
drivers/scsi/csiostor/csio_rnode.c | 28 +- |
86 | 86 |
drivers/scsi/csiostor/csio_scsi.c | 37 +- |
87 |
+ fs/9p/vfs_addr.c | 3 +- |
|
87 | 88 |
fs/afs/file.c | 8 +- |
88 | 89 |
fs/afs/internal.h | 2 +- |
89 | 90 |
fs/exofs/inode.c | 7 +- |
... | ... |
@@ -119,7 +120,7 @@ Subject: [PATCH 3/3] Added rap_plugin |
119 | 119 |
scripts/gcc-plugins/rap_plugin/rap_plugin.c | 534 +++++++++++++++++ |
120 | 120 |
scripts/gcc-plugins/rap_plugin/sip.c | 96 +++ |
121 | 121 |
security/Kconfig | 18 + |
122 |
- 115 files changed, 2511 insertions(+), 753 deletions(-) |
|
122 |
+ 116 files changed, 2512 insertions(+), 755 deletions(-) |
|
123 | 123 |
create mode 100644 scripts/gcc-plugins/rap_plugin/Makefile |
124 | 124 |
create mode 100644 scripts/gcc-plugins/rap_plugin/rap.h |
125 | 125 |
create mode 100644 scripts/gcc-plugins/rap_plugin/rap_fptr_pass.c |
... | ... |
@@ -3686,6 +3687,20 @@ index dab0d3f9bee1..770ffbf86037 100644 |
3686 | 3686 |
switch (evt) { |
3687 | 3687 |
case CSIO_SCSIE_ABORT: |
3688 | 3688 |
case CSIO_SCSIE_CLOSE: |
3689 |
+diff --git a/fs/9p/vfs_addr.c b/fs/9p/vfs_addr.c |
|
3690 |
+index 197069303510..793772d114db 100644 |
|
3691 |
+--- a/fs/9p/vfs_addr.c |
|
3692 |
+@@ -123,8 +123,7 @@ static int v9fs_vfs_readpages(struct file *filp, struct address_space *mapping, |
|
3693 |
+ if (ret == 0) |
|
3694 |
+ return ret; |
|
3695 |
+ |
|
3696 |
+- ret = read_cache_pages(mapping, pages, v9fs_fid_readpage, |
|
3697 |
+- filp->private_data); |
|
3698 |
++ ret = read_cache_pages(mapping, pages, v9fs_vfs_readpage, filp); |
|
3699 |
+ p9_debug(P9_DEBUG_VFS, " = %d\n", ret); |
|
3700 |
+ return ret; |
|
3701 |
+ } |
|
3689 | 3702 |
diff --git a/fs/afs/file.c b/fs/afs/file.c |
3690 | 3703 |
index 7d4f26198573..405f3c1034aa 100644 |
3691 | 3704 |
--- a/fs/afs/file.c |
... | ... |
@@ -2427,7 +2427,7 @@ CONFIG_SWPHY=y |
2427 | 2427 |
# |
2428 | 2428 |
CONFIG_AMD_PHY=m |
2429 | 2429 |
# CONFIG_AQUANTIA_PHY is not set |
2430 |
-# CONFIG_ASIX_PHY is not set |
|
2430 |
+# CONFIG_AX88796B_PHY is not set |
|
2431 | 2431 |
CONFIG_AT803X_PHY=m |
2432 | 2432 |
CONFIG_BCM7XXX_PHY=m |
2433 | 2433 |
CONFIG_BCM87XX_PHY=m |
... | ... |
@@ -2830,7 +2830,6 @@ CONFIG_HW_RANDOM_RDRAND=m |
2830 | 2830 |
CONFIG_HW_RANDOM_VIA=m |
2831 | 2831 |
CONFIG_HW_RANDOM_VIRTIO=m |
2832 | 2832 |
CONFIG_NVRAM=m |
2833 |
-# CONFIG_R3964 is not set |
|
2834 | 2833 |
# CONFIG_APPLICOM is not set |
2835 | 2834 |
# CONFIG_MWAVE is not set |
2836 | 2835 |
CONFIG_RAW_DRIVER=m |
... | ... |
@@ -3460,6 +3459,7 @@ CONFIG_DRM_RADEON=m |
3460 | 3460 |
# AMD Library routines |
3461 | 3461 |
# |
3462 | 3462 |
CONFIG_DRM_NOUVEAU=m |
3463 |
+CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT=y |
|
3463 | 3464 |
CONFIG_NOUVEAU_DEBUG=5 |
3464 | 3465 |
CONFIG_NOUVEAU_DEBUG_DEFAULT=3 |
3465 | 3466 |
# CONFIG_NOUVEAU_DEBUG_MMU is not set |
... | ... |
@@ -2222,7 +2222,7 @@ CONFIG_PHYLIB=m |
2222 | 2222 |
# |
2223 | 2223 |
# CONFIG_AMD_PHY is not set |
2224 | 2224 |
# CONFIG_AQUANTIA_PHY is not set |
2225 |
-# CONFIG_ASIX_PHY is not set |
|
2225 |
+# CONFIG_AX88796B_PHY is not set |
|
2226 | 2226 |
# CONFIG_AT803X_PHY is not set |
2227 | 2227 |
# CONFIG_BCM7XXX_PHY is not set |
2228 | 2228 |
# CONFIG_BCM87XX_PHY is not set |
... | ... |
@@ -2468,7 +2468,6 @@ CONFIG_HW_RANDOM_RDRAND=m |
2468 | 2468 |
CONFIG_HW_RANDOM_VIA=m |
2469 | 2469 |
CONFIG_HW_RANDOM_VIRTIO=m |
2470 | 2470 |
CONFIG_NVRAM=m |
2471 |
-# CONFIG_R3964 is not set |
|
2472 | 2471 |
# CONFIG_APPLICOM is not set |
2473 | 2472 |
# CONFIG_MWAVE is not set |
2474 | 2473 |
CONFIG_RAW_DRIVER=m |
... | ... |
@@ -2910,6 +2909,7 @@ CONFIG_DRM_RADEON=m |
2910 | 2910 |
# AMD Library routines |
2911 | 2911 |
# |
2912 | 2912 |
CONFIG_DRM_NOUVEAU=m |
2913 |
+CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT=y |
|
2913 | 2914 |
CONFIG_NOUVEAU_DEBUG=5 |
2914 | 2915 |
CONFIG_NOUVEAU_DEBUG_DEFAULT=3 |
2915 | 2916 |
# CONFIG_NOUVEAU_DEBUG_MMU is not set |
... | ... |
@@ -2068,7 +2068,6 @@ CONFIG_HW_RANDOM=m |
2068 | 2068 |
CONFIG_HW_RANDOM_RDRAND=m |
2069 | 2069 |
# CONFIG_HW_RANDOM_VIA is not set |
2070 | 2070 |
# CONFIG_NVRAM is not set |
2071 |
-# CONFIG_R3964 is not set |
|
2072 | 2071 |
# CONFIG_APPLICOM is not set |
2073 | 2072 |
# CONFIG_MWAVE is not set |
2074 | 2073 |
# CONFIG_RAW_DRIVER is not set |
... | ... |
@@ -2342,7 +2342,7 @@ CONFIG_SWPHY=y |
2342 | 2342 |
# |
2343 | 2343 |
CONFIG_AMD_PHY=m |
2344 | 2344 |
# CONFIG_AQUANTIA_PHY is not set |
2345 |
-# CONFIG_ASIX_PHY is not set |
|
2345 |
+# CONFIG_AX88796B_PHY is not set |
|
2346 | 2346 |
CONFIG_AT803X_PHY=m |
2347 | 2347 |
CONFIG_BCM7XXX_PHY=m |
2348 | 2348 |
CONFIG_BCM87XX_PHY=m |
... | ... |
@@ -2593,7 +2593,6 @@ CONFIG_HW_RANDOM_RDRAND=m |
2593 | 2593 |
CONFIG_HW_RANDOM_VIA=m |
2594 | 2594 |
CONFIG_HW_RANDOM_VIRTIO=m |
2595 | 2595 |
CONFIG_NVRAM=m |
2596 |
-# CONFIG_R3964 is not set |
|
2597 | 2596 |
# CONFIG_APPLICOM is not set |
2598 | 2597 |
# CONFIG_MWAVE is not set |
2599 | 2598 |
CONFIG_RAW_DRIVER=m |
... | ... |
@@ -3114,6 +3113,7 @@ CONFIG_DRM_RADEON=m |
3114 | 3114 |
# AMD Library routines |
3115 | 3115 |
# |
3116 | 3116 |
CONFIG_DRM_NOUVEAU=m |
3117 |
+CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT=y |
|
3117 | 3118 |
CONFIG_NOUVEAU_DEBUG=5 |
3118 | 3119 |
CONFIG_NOUVEAU_DEBUG_DEFAULT=3 |
3119 | 3120 |
# CONFIG_NOUVEAU_DEBUG_MMU is not set |
... | ... |
@@ -1,15 +1,15 @@ |
1 | 1 |
%global security_hardening none |
2 | 2 |
Summary: Kernel |
3 | 3 |
Name: linux-aws |
4 |
-Version: 4.19.52 |
|
5 |
-Release: 3%{?kat_build:.%kat_build}%{?dist} |
|
4 |
+Version: 4.19.65 |
|
5 |
+Release: 1%{?kat_build:.%kat_build}%{?dist} |
|
6 | 6 |
License: GPLv2 |
7 | 7 |
URL: http://www.kernel.org/ |
8 | 8 |
Group: System Environment/Kernel |
9 | 9 |
Vendor: VMware, Inc. |
10 | 10 |
Distribution: Photon |
11 | 11 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz |
12 |
-%define sha1 linux=0fc8eeba8a8a710c95d71f140dfdc4bdff735248 |
|
12 |
+%define sha1 linux=598111781858ea0aaa328cfa0fec39264d2815d7 |
|
13 | 13 |
Source1: config-aws |
14 | 14 |
Source2: initramfs.trigger |
15 | 15 |
Source3: update_photon_cfg.postun |
... | ... |
@@ -45,8 +45,6 @@ Patch34: 0001-consolemap-Fix-a-memory-leaking-bug-in-drivers-tty-v.patch |
45 | 45 |
Patch35: 0001-efi-x86-Add-missing-error-handling-to-old_memmap-1-1.patch |
46 | 46 |
# Fix for CVE-2019-12381 |
47 | 47 |
Patch36: 0001-ip_sockglue-Fix-missing-check-bug-in-ip_ra_control.patch |
48 |
-# Fix for CVE-2019-12382 |
|
49 |
-Patch37: 0001-drm-edid-Fix-a-missing-check-bug-in-drm_load_edid_fi.patch |
|
50 | 48 |
# Fix for CVE-2019-12378 |
51 | 49 |
Patch38: 0001-ipv6_sockglue-Fix-a-missing-check-bug-in-ip6_ra_cont.patch |
52 | 50 |
# Fix for CVE-2019-12455 |
... | ... |
@@ -165,7 +163,6 @@ Kernel driver for oprofile, a statistical profiler for Linux systems |
165 | 165 |
%patch34 -p1 |
166 | 166 |
%patch35 -p1 |
167 | 167 |
%patch36 -p1 |
168 |
-%patch37 -p1 |
|
169 | 168 |
%patch38 -p1 |
170 | 169 |
%patch39 -p1 |
171 | 170 |
|
... | ... |
@@ -357,6 +354,9 @@ ln -sf %{name}-%{uname_r}.cfg /boot/photon.cfg |
357 | 357 |
%endif |
358 | 358 |
|
359 | 359 |
%changelog |
360 |
+* Tue Aug 06 2019 Alexey Makhalov <amakhalov@vmware.com> 4.19.65-1 |
|
361 |
+- Update to version 4.19.65 |
|
362 |
+- Fix CVE-2019-1125 (SWAPGS) |
|
360 | 363 |
* Tue Jul 30 2019 Keerthana K <keerthanak@vmware.com> 4.19.52-3 |
361 | 364 |
- Fix postun script. |
362 | 365 |
* Wed Jul 10 2019 Srivatsa S. Bhat (VMware) <srivatsa@csail.mit.edu> 4.19.52-2 |
... | ... |
@@ -1,15 +1,15 @@ |
1 | 1 |
%global security_hardening none |
2 | 2 |
Summary: Kernel |
3 | 3 |
Name: linux-esx |
4 |
-Version: 4.19.52 |
|
5 |
-Release: 4%{?dist} |
|
4 |
+Version: 4.19.65 |
|
5 |
+Release: 1%{?dist} |
|
6 | 6 |
License: GPLv2 |
7 | 7 |
URL: http://www.kernel.org/ |
8 | 8 |
Group: System Environment/Kernel |
9 | 9 |
Vendor: VMware, Inc. |
10 | 10 |
Distribution: Photon |
11 | 11 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz |
12 |
-%define sha1 linux=0fc8eeba8a8a710c95d71f140dfdc4bdff735248 |
|
12 |
+%define sha1 linux=598111781858ea0aaa328cfa0fec39264d2815d7 |
|
13 | 13 |
Source1: config-esx |
14 | 14 |
Source2: initramfs.trigger |
15 | 15 |
Source3: update_photon_cfg.postun |
... | ... |
@@ -51,8 +51,6 @@ Patch30: 0001-consolemap-Fix-a-memory-leaking-bug-in-drivers-tty-v.patch |
51 | 51 |
Patch31: 0001-efi-x86-Add-missing-error-handling-to-old_memmap-1-1.patch |
52 | 52 |
# Fix for CVE-2019-12381 |
53 | 53 |
Patch32: 0001-ip_sockglue-Fix-missing-check-bug-in-ip_ra_control.patch |
54 |
-# Fix for CVE-2019-12382 |
|
55 |
-Patch33: 0001-drm-edid-Fix-a-missing-check-bug-in-drm_load_edid_fi.patch |
|
56 | 54 |
# Fix for CVE-2019-12378 |
57 | 55 |
Patch34: 0001-ipv6_sockglue-Fix-a-missing-check-bug-in-ip6_ra_cont.patch |
58 | 56 |
# Fix for CVE-2019-12455 |
... | ... |
@@ -122,7 +120,6 @@ The Linux package contains the Linux kernel doc files |
122 | 122 |
%patch30 -p1 |
123 | 123 |
%patch31 -p1 |
124 | 124 |
%patch32 -p1 |
125 |
-%patch33 -p1 |
|
126 | 125 |
%patch34 -p1 |
127 | 126 |
%patch35 -p1 |
128 | 127 |
|
... | ... |
@@ -222,6 +219,9 @@ ln -sf linux-%{uname_r}.cfg /boot/photon.cfg |
222 | 222 |
/usr/src/linux-headers-%{uname_r} |
223 | 223 |
|
224 | 224 |
%changelog |
225 |
+* Tue Aug 06 2019 Alexey Makhalov <amakhalov@vmware.com> 4.19.65-1 |
|
226 |
+- Update to version 4.19.65 |
|
227 |
+- Fix CVE-2019-1125 (SWAPGS) |
|
225 | 228 |
* Tue Jul 30 2019 Keerthana K <keerthanak@vmware.com> 4.19.52-4 |
226 | 229 |
- Fix postun script. |
227 | 230 |
* Tue Jul 02 2019 Alexey Makhalov <amakhalov@vmware.com> 4.19.52-3 |
... | ... |
@@ -1,15 +1,15 @@ |
1 | 1 |
%global security_hardening none |
2 | 2 |
Summary: Kernel |
3 | 3 |
Name: linux-secure |
4 |
-Version: 4.19.52 |
|
5 |
-Release: 3%{?kat_build:.%kat_build}%{?dist} |
|
4 |
+Version: 4.19.65 |
|
5 |
+Release: 1%{?kat_build:.%kat_build}%{?dist} |
|
6 | 6 |
License: GPLv2 |
7 | 7 |
URL: http://www.kernel.org/ |
8 | 8 |
Group: System Environment/Kernel |
9 | 9 |
Vendor: VMware, Inc. |
10 | 10 |
Distribution: Photon |
11 | 11 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz |
12 |
-%define sha1 linux=0fc8eeba8a8a710c95d71f140dfdc4bdff735248 |
|
12 |
+%define sha1 linux=598111781858ea0aaa328cfa0fec39264d2815d7 |
|
13 | 13 |
Source1: config-secure |
14 | 14 |
Source2: initramfs.trigger |
15 | 15 |
Source3: update_photon_cfg.postun |
... | ... |
@@ -49,8 +49,6 @@ Patch37: 0001-consolemap-Fix-a-memory-leaking-bug-in-drivers-tty-v.patch |
49 | 49 |
Patch38: 0001-efi-x86-Add-missing-error-handling-to-old_memmap-1-1.patch |
50 | 50 |
# Fix for CVE-2019-12381 |
51 | 51 |
Patch39: 0001-ip_sockglue-Fix-missing-check-bug-in-ip_ra_control.patch |
52 |
-# Fix for CVE-2019-12382 |
|
53 |
-Patch40: 0001-drm-edid-Fix-a-missing-check-bug-in-drm_load_edid_fi.patch |
|
54 | 52 |
# Fix for CVE-2019-12378 |
55 | 53 |
Patch41: 0001-ipv6_sockglue-Fix-a-missing-check-bug-in-ip6_ra_cont.patch |
56 | 54 |
# Fix for CVE-2019-12455 |
... | ... |
@@ -131,7 +129,6 @@ The Linux package contains the Linux kernel doc files |
131 | 131 |
%patch37 -p1 |
132 | 132 |
%patch38 -p1 |
133 | 133 |
%patch39 -p1 |
134 |
-%patch40 -p1 |
|
135 | 134 |
%patch41 -p1 |
136 | 135 |
%patch42 -p1 |
137 | 136 |
|
... | ... |
@@ -262,6 +259,9 @@ ln -sf linux-%{uname_r}.cfg /boot/photon.cfg |
262 | 262 |
/usr/src/linux-headers-%{uname_r} |
263 | 263 |
|
264 | 264 |
%changelog |
265 |
+* Tue Aug 06 2019 Alexey Makhalov <amakhalov@vmware.com> 4.19.65-1 |
|
266 |
+- Update to version 4.19.65 |
|
267 |
+- Fix CVE-2019-1125 (SWAPGS) |
|
265 | 268 |
* Tue Jul 30 2019 Keerthana K <keerthanak@vmware.com> 4.19.52-3 |
266 | 269 |
- Fix postun script. |
267 | 270 |
* Tue Jul 02 2019 Alexey Makhalov <amakhalov@vmware.com> 4.19.52-2 |
... | ... |
@@ -1,15 +1,15 @@ |
1 | 1 |
%global security_hardening none |
2 | 2 |
Summary: Kernel |
3 | 3 |
Name: linux |
4 |
-Version: 4.19.52 |
|
5 |
-Release: 7%{?kat_build:.%kat_build}%{?dist} |
|
4 |
+Version: 4.19.65 |
|
5 |
+Release: 1%{?kat_build:.%kat_build}%{?dist} |
|
6 | 6 |
License: GPLv2 |
7 | 7 |
URL: http://www.kernel.org/ |
8 | 8 |
Group: System Environment/Kernel |
9 | 9 |
Vendor: VMware, Inc. |
10 | 10 |
Distribution: Photon |
11 | 11 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz |
12 |
-%define sha1 linux=0fc8eeba8a8a710c95d71f140dfdc4bdff735248 |
|
12 |
+%define sha1 linux=598111781858ea0aaa328cfa0fec39264d2815d7 |
|
13 | 13 |
Source1: config |
14 | 14 |
Source2: initramfs.trigger |
15 | 15 |
%define ena_version 1.6.0 |
... | ... |
@@ -54,8 +54,6 @@ Patch34: 0001-consolemap-Fix-a-memory-leaking-bug-in-drivers-tty-v.patch |
54 | 54 |
Patch35: 0001-efi-x86-Add-missing-error-handling-to-old_memmap-1-1.patch |
55 | 55 |
# Fix for CVE-2019-12381 |
56 | 56 |
Patch36: 0001-ip_sockglue-Fix-missing-check-bug-in-ip_ra_control.patch |
57 |
-# Fix for CVE-2019-12382 |
|
58 |
-Patch37: 0001-drm-edid-Fix-a-missing-check-bug-in-drm_load_edid_fi.patch |
|
59 | 57 |
# Fix for CVE-2019-12378 |
60 | 58 |
Patch38: 0001-ipv6_sockglue-Fix-a-missing-check-bug-in-ip6_ra_cont.patch |
61 | 59 |
# Fix for CVE-2019-12455 |
... | ... |
@@ -209,7 +207,6 @@ Kernel Device Tree Blob files for NXP ls1012a FRWY board |
209 | 209 |
%patch34 -p1 |
210 | 210 |
%patch35 -p1 |
211 | 211 |
%patch36 -p1 |
212 |
-%patch37 -p1 |
|
213 | 212 |
%patch38 -p1 |
214 | 213 |
%patch39 -p1 |
215 | 214 |
|
... | ... |
@@ -475,6 +472,9 @@ ln -sf %{name}-%{uname_r}.cfg /boot/photon.cfg |
475 | 475 |
%endif |
476 | 476 |
|
477 | 477 |
%changelog |
478 |
+* Tue Aug 06 2019 Alexey Makhalov <amakhalov@vmware.com> 4.19.65-1 |
|
479 |
+- Update to version 4.19.65 |
|
480 |
+- Fix CVE-2019-1125 (SWAPGS) |
|
478 | 481 |
* Tue Jul 30 2019 Ajay Kaher <akaher@vmware.com> 4.19.52-7 |
479 | 482 |
- Added of_configfs patches to dynamic load Overlays. |
480 | 483 |
* Thu Jul 25 2019 Keerthana K <keerthanak@vmware.com> 4.19.52-6 |