Browse code
kernels: Fix CVE-2017-16532 by updating to 4.9.64
Upstream commit 7c80f9e4a588f1925b07134bb2e3689335f6c6d8
(usb: usbtest: fix NULL pointer dereference) fixes this CVE,
and has been included in linux-stable 4.9.63. So update to
the latest stable kernel [4.9.64] to get the fix.
Change-Id: I440dc201d4c4235cc9d216dd68f620fc8455d683
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/4360
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Alexey Makhalov <amakhalov@vmware.com>
Srivatsa S. Bhat authored on 2017/11/22 04:57:06Showing 7 changed files
- SPECS/linux-api-headers/linux-api-headers.spec
- SPECS/linux/config
- SPECS/linux/config-esx
- SPECS/linux/config-secure
- SPECS/linux/linux-esx.spec
- SPECS/linux/linux-secure.spec
- SPECS/linux/linux.spec
| ... | ... |
@@ -1,6 +1,6 @@ |
| 1 | 1 |
Summary: Linux API header files |
| 2 | 2 |
Name: linux-api-headers |
| 3 |
-Version: 4.9.60 |
|
| 3 |
+Version: 4.9.64 |
|
| 4 | 4 |
Release: 1%{?dist}
|
| 5 | 5 |
License: GPLv2 |
| 6 | 6 |
URL: http://www.kernel.org/ |
| ... | ... |
@@ -8,7 +8,7 @@ Group: System Environment/Kernel |
| 8 | 8 |
Vendor: VMware, Inc. |
| 9 | 9 |
Distribution: Photon |
| 10 | 10 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz
|
| 11 |
-%define sha1 linux=1f30f2da710d5dcb63f15f69fdb2c90e96064179 |
|
| 11 |
+%define sha1 linux=06466679a6b1ada7614d988ed730ccd5c03210d9 |
|
| 12 | 12 |
BuildArch: noarch |
| 13 | 13 |
%description |
| 14 | 14 |
The Linux API Headers expose the kernel's API for use by Glibc. |
| ... | ... |
@@ -25,6 +25,8 @@ find /%{buildroot}%{_includedir} \( -name .install -o -name ..install.cmd \) -de
|
| 25 | 25 |
%defattr(-,root,root) |
| 26 | 26 |
%{_includedir}/*
|
| 27 | 27 |
%changelog |
| 28 |
+* Tue Nov 21 2017 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.9.64-1 |
|
| 29 |
+- Version update |
|
| 28 | 30 |
* Mon Nov 06 2017 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.9.60-1 |
| 29 | 31 |
- Version update |
| 30 | 32 |
* Thu Oct 05 2017 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.9.53-1 |
| ... | ... |
@@ -1,6 +1,6 @@ |
| 1 | 1 |
# |
| 2 | 2 |
# Automatically generated file; DO NOT EDIT. |
| 3 |
-# Linux/x86 4.9.53 Kernel Configuration |
|
| 3 |
+# Linux/x86 4.9.64 Kernel Configuration |
|
| 4 | 4 |
# |
| 5 | 5 |
CONFIG_64BIT=y |
| 6 | 6 |
CONFIG_X86_64=y |
| ... | ... |
@@ -802,7 +802,6 @@ CONFIG_IA32_EMULATION=y |
| 802 | 802 |
CONFIG_COMPAT=y |
| 803 | 803 |
CONFIG_COMPAT_FOR_U64_ALIGNMENT=y |
| 804 | 804 |
CONFIG_SYSVIPC_COMPAT=y |
| 805 |
-CONFIG_KEYS_COMPAT=y |
|
| 806 | 805 |
CONFIG_X86_DEV_DMA_OPS=y |
| 807 | 806 |
CONFIG_PMC_ATOM=y |
| 808 | 807 |
CONFIG_NET=y |
| ... | ... |
@@ -1279,6 +1278,7 @@ CONFIG_BRIDGE=m |
| 1279 | 1279 |
CONFIG_BRIDGE_IGMP_SNOOPING=y |
| 1280 | 1280 |
CONFIG_BRIDGE_VLAN_FILTERING=y |
| 1281 | 1281 |
CONFIG_HAVE_NET_DSA=y |
| 1282 |
+# CONFIG_NET_DSA is not set |
|
| 1282 | 1283 |
CONFIG_VLAN_8021Q=m |
| 1283 | 1284 |
CONFIG_VLAN_8021Q_GVRP=y |
| 1284 | 1285 |
CONFIG_VLAN_8021Q_MVRP=y |
| ... | ... |
@@ -4410,6 +4410,7 @@ CONFIG_OPTIMIZE_INLINING=y |
| 4410 | 4410 |
# Security options |
| 4411 | 4411 |
# |
| 4412 | 4412 |
CONFIG_KEYS=y |
| 4413 |
+CONFIG_KEYS_COMPAT=y |
|
| 4413 | 4414 |
# CONFIG_PERSISTENT_KEYRINGS is not set |
| 4414 | 4415 |
# CONFIG_BIG_KEYS is not set |
| 4415 | 4416 |
CONFIG_TRUSTED_KEYS=m |
| ... | ... |
@@ -1,6 +1,6 @@ |
| 1 | 1 |
# |
| 2 | 2 |
# Automatically generated file; DO NOT EDIT. |
| 3 |
-# Linux/x86 4.9.53 Kernel Configuration |
|
| 3 |
+# Linux/x86 4.9.64 Kernel Configuration |
|
| 4 | 4 |
# |
| 5 | 5 |
CONFIG_64BIT=y |
| 6 | 6 |
CONFIG_X86_64=y |
| ... | ... |
@@ -687,7 +687,6 @@ CONFIG_IA32_EMULATION=y |
| 687 | 687 |
CONFIG_COMPAT=y |
| 688 | 688 |
CONFIG_COMPAT_FOR_U64_ALIGNMENT=y |
| 689 | 689 |
CONFIG_SYSVIPC_COMPAT=y |
| 690 |
-CONFIG_KEYS_COMPAT=y |
|
| 691 | 690 |
CONFIG_X86_DEV_DMA_OPS=y |
| 692 | 691 |
CONFIG_PMC_ATOM=y |
| 693 | 692 |
CONFIG_NET=y |
| ... | ... |
@@ -1081,6 +1080,7 @@ CONFIG_BRIDGE=m |
| 1081 | 1081 |
CONFIG_BRIDGE_IGMP_SNOOPING=y |
| 1082 | 1082 |
# CONFIG_BRIDGE_VLAN_FILTERING is not set |
| 1083 | 1083 |
CONFIG_HAVE_NET_DSA=y |
| 1084 |
+# CONFIG_NET_DSA is not set |
|
| 1084 | 1085 |
CONFIG_VLAN_8021Q=m |
| 1085 | 1086 |
CONFIG_VLAN_8021Q_GVRP=y |
| 1086 | 1087 |
# CONFIG_VLAN_8021Q_MVRP is not set |
| ... | ... |
@@ -3059,6 +3059,7 @@ CONFIG_DEFAULT_IO_DELAY_TYPE=3 |
| 3059 | 3059 |
# Security options |
| 3060 | 3060 |
# |
| 3061 | 3061 |
CONFIG_KEYS=y |
| 3062 |
+CONFIG_KEYS_COMPAT=y |
|
| 3062 | 3063 |
# CONFIG_PERSISTENT_KEYRINGS is not set |
| 3063 | 3064 |
# CONFIG_BIG_KEYS is not set |
| 3064 | 3065 |
# CONFIG_ENCRYPTED_KEYS is not set |
| ... | ... |
@@ -1,6 +1,6 @@ |
| 1 | 1 |
# |
| 2 | 2 |
# Automatically generated file; DO NOT EDIT. |
| 3 |
-# Linux/x86 4.9.53 Kernel Configuration |
|
| 3 |
+# Linux/x86 4.9.64 Kernel Configuration |
|
| 4 | 4 |
# |
| 5 | 5 |
CONFIG_64BIT=y |
| 6 | 6 |
CONFIG_X86_64=y |
| ... | ... |
@@ -1248,6 +1248,7 @@ CONFIG_BRIDGE=m |
| 1248 | 1248 |
CONFIG_BRIDGE_IGMP_SNOOPING=y |
| 1249 | 1249 |
CONFIG_BRIDGE_VLAN_FILTERING=y |
| 1250 | 1250 |
CONFIG_HAVE_NET_DSA=y |
| 1251 |
+# CONFIG_NET_DSA is not set |
|
| 1251 | 1252 |
CONFIG_VLAN_8021Q=m |
| 1252 | 1253 |
CONFIG_VLAN_8021Q_GVRP=y |
| 1253 | 1254 |
CONFIG_VLAN_8021Q_MVRP=y |
| ... | ... |
@@ -1,7 +1,7 @@ |
| 1 | 1 |
%global security_hardening none |
| 2 | 2 |
Summary: Kernel |
| 3 | 3 |
Name: linux-esx |
| 4 |
-Version: 4.9.60 |
|
| 4 |
+Version: 4.9.64 |
|
| 5 | 5 |
Release: 1%{?dist}
|
| 6 | 6 |
License: GPLv2 |
| 7 | 7 |
URL: http://www.kernel.org/ |
| ... | ... |
@@ -9,7 +9,7 @@ Group: System Environment/Kernel |
| 9 | 9 |
Vendor: VMware, Inc. |
| 10 | 10 |
Distribution: Photon |
| 11 | 11 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz
|
| 12 |
-%define sha1 linux=1f30f2da710d5dcb63f15f69fdb2c90e96064179 |
|
| 12 |
+%define sha1 linux=06466679a6b1ada7614d988ed730ccd5c03210d9 |
|
| 13 | 13 |
Source1: config-esx |
| 14 | 14 |
Source2: initramfs.trigger |
| 15 | 15 |
# common |
| ... | ... |
@@ -198,6 +198,8 @@ ln -sf linux-%{uname_r}.cfg /boot/photon.cfg
|
| 198 | 198 |
/usr/src/linux-headers-%{uname_r}
|
| 199 | 199 |
|
| 200 | 200 |
%changelog |
| 201 |
+* Tue Nov 21 2017 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.9.64-1 |
|
| 202 |
+- Version update |
|
| 201 | 203 |
* Mon Nov 06 2017 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.9.60-1 |
| 202 | 204 |
- Version update |
| 203 | 205 |
* Wed Oct 25 2017 Anish Swaminathan <anishs@vmware.com> 4.9.53-5 |
| ... | ... |
@@ -1,15 +1,15 @@ |
| 1 | 1 |
%global security_hardening none |
| 2 | 2 |
Summary: Kernel |
| 3 | 3 |
Name: linux-secure |
| 4 |
-Version: 4.9.60 |
|
| 5 |
-Release: 2%{?dist}
|
|
| 4 |
+Version: 4.9.64 |
|
| 5 |
+Release: 1%{?dist}
|
|
| 6 | 6 |
License: GPLv2 |
| 7 | 7 |
URL: http://www.kernel.org/ |
| 8 | 8 |
Group: System Environment/Kernel |
| 9 | 9 |
Vendor: VMware, Inc. |
| 10 | 10 |
Distribution: Photon |
| 11 | 11 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz
|
| 12 |
-%define sha1 linux=1f30f2da710d5dcb63f15f69fdb2c90e96064179 |
|
| 12 |
+%define sha1 linux=06466679a6b1ada7614d988ed730ccd5c03210d9 |
|
| 13 | 13 |
Source1: config-secure |
| 14 | 14 |
Source2: aufs4.9.tar.gz |
| 15 | 15 |
%define sha1 aufs=ebe716ce4b638a3772c7cd3161abbfe11d584906 |
| ... | ... |
@@ -277,6 +277,8 @@ ln -sf linux-%{uname_r}.cfg /boot/photon.cfg
|
| 277 | 277 |
/usr/src/linux-headers-%{uname_r}
|
| 278 | 278 |
|
| 279 | 279 |
%changelog |
| 280 |
+* Tue Nov 21 2017 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.9.64-1 |
|
| 281 |
+- Version update |
|
| 280 | 282 |
* Wed Nov 08 2017 Alexey Makhalov <amakhalov@vmware.com> 4.9.60-2 |
| 281 | 283 |
- Update LKCM module |
| 282 | 284 |
- Add -lkcm subpackage |
| ... | ... |
@@ -1,7 +1,7 @@ |
| 1 | 1 |
%global security_hardening none |
| 2 | 2 |
Summary: Kernel |
| 3 | 3 |
Name: linux |
| 4 |
-Version: 4.9.60 |
|
| 4 |
+Version: 4.9.64 |
|
| 5 | 5 |
Release: 1%{?dist}
|
| 6 | 6 |
License: GPLv2 |
| 7 | 7 |
URL: http://www.kernel.org/ |
| ... | ... |
@@ -9,7 +9,7 @@ Group: System Environment/Kernel |
| 9 | 9 |
Vendor: VMware, Inc. |
| 10 | 10 |
Distribution: Photon |
| 11 | 11 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz
|
| 12 |
-%define sha1 linux=1f30f2da710d5dcb63f15f69fdb2c90e96064179 |
|
| 12 |
+%define sha1 linux=06466679a6b1ada7614d988ed730ccd5c03210d9 |
|
| 13 | 13 |
Source1: config |
| 14 | 14 |
Source2: initramfs.trigger |
| 15 | 15 |
%define ena_version 1.1.3 |
| ... | ... |
@@ -302,6 +302,8 @@ ln -sf %{name}-%{uname_r}.cfg /boot/photon.cfg
|
| 302 | 302 |
/usr/share/doc/* |
| 303 | 303 |
|
| 304 | 304 |
%changelog |
| 305 |
+* Tue Nov 21 2017 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.9.64-1 |
|
| 306 |
+- Version update |
|
| 305 | 307 |
* Mon Nov 06 2017 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.9.60-1 |
| 306 | 308 |
- Version update |
| 307 | 309 |
* Wed Oct 11 2017 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.9.53-3 |