Browse code
kernels: fix CVE-2017-11176 and CVE-2017-10911
linux-esx: tunneling support (CONFIG_NET_IPIP=m)
aufs-utils: remove source tarballs
Change-Id: If4174ace27effcfd009f9f52ec421841c49faa85
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/3253
Reviewed-by: Divya Thaluru <dthaluru@vmware.com>
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Alexey Makhalov authored on 2017/07/15 08:46:25Showing 7 changed files
- SPECS/aufs-util/aufs-util-20170206.tar.xz
- SPECS/aufs-util/aufs-util.spec
- SPECS/linux/aufs4.9.tar.gz
- SPECS/linux/config-esx
- SPECS/linux/linux-esx.spec
- SPECS/linux/linux-secure.spec
- SPECS/linux/linux.spec
| ... | ... |
@@ -1,14 +1,16 @@ |
| 1 | 1 |
Summary: Utilities for aufs |
| 2 | 2 |
Name: aufs-util |
| 3 | 3 |
Version: 20170206 |
| 4 |
-Release: 1%{?dist}
|
|
| 4 |
+Release: 2%{?dist}
|
|
| 5 | 5 |
License: GPLv2 |
| 6 | 6 |
URL: http://aufs.sourceforge.net/ |
| 7 | 7 |
Group: System Environment |
| 8 | 8 |
Vendor: VMware, Inc. |
| 9 | 9 |
Distribution: Photon |
| 10 | 10 |
Source0: %{name}-%{version}.tar.xz
|
| 11 |
+%define sha1 aufs-util=42622faa19d85737981e12d44a8e1bf5953e4d89 |
|
| 11 | 12 |
Source1: aufs4.9.tar.gz |
| 13 |
+%define sha1 aufs4.9=ebe716ce4b638a3772c7cd3161abbfe11d584906 |
|
| 12 | 14 |
Requires: linux-secure |
| 13 | 15 |
|
| 14 | 16 |
%description |
| ... | ... |
@@ -35,6 +37,8 @@ make CPPFLAGS="-I $PWD/../aufs4-standalone-aufs4.9/include/uapi" DESTDIR=%{build
|
| 35 | 35 |
%exclude /usr/lib/debug |
| 36 | 36 |
|
| 37 | 37 |
%changelog |
| 38 |
+* Fri Jul 14 2017 Alexey Makhalov <amakhalov@vmware.com> 20170206-2 |
|
| 39 |
+- Remove aufs source tarballs from git repo |
|
| 38 | 40 |
* Fri Feb 10 2017 Alexey Makhalov <amakhalov@vmware.com> 20170206-1 |
| 39 | 41 |
- Initial build. First version |
| 40 | 42 |
|
| ... | ... |
@@ -717,7 +717,7 @@ CONFIG_IP_MULTIPLE_TABLES=y |
| 717 | 717 |
CONFIG_IP_ROUTE_VERBOSE=y |
| 718 | 718 |
CONFIG_IP_ROUTE_CLASSID=y |
| 719 | 719 |
# CONFIG_IP_PNP is not set |
| 720 |
-# CONFIG_NET_IPIP is not set |
|
| 720 |
+CONFIG_NET_IPIP=m |
|
| 721 | 721 |
# CONFIG_NET_IPGRE_DEMUX is not set |
| 722 | 722 |
CONFIG_NET_IP_TUNNEL=m |
| 723 | 723 |
# CONFIG_IP_MROUTE is not set |
| ... | ... |
@@ -1,15 +1,15 @@ |
| 1 | 1 |
%global security_hardening none |
| 2 | 2 |
Summary: Kernel |
| 3 | 3 |
Name: linux-esx |
| 4 |
-Version: 4.9.34 |
|
| 5 |
-Release: 2%{?dist}
|
|
| 4 |
+Version: 4.9.38 |
|
| 5 |
+Release: 1%{?dist}
|
|
| 6 | 6 |
License: GPLv2 |
| 7 | 7 |
URL: http://www.kernel.org/ |
| 8 | 8 |
Group: System Environment/Kernel |
| 9 | 9 |
Vendor: VMware, Inc. |
| 10 | 10 |
Distribution: Photon |
| 11 | 11 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz
|
| 12 |
-%define sha1 linux=d02dc269e67eae329043c9aa7d6c2d6182950c2f |
|
| 12 |
+%define sha1 linux=d451b026976ee33e469aaa0eb734452b3d17b5d5 |
|
| 13 | 13 |
Source1: config-esx |
| 14 | 14 |
Source2: initramfs.trigger |
| 15 | 15 |
# common |
| ... | ... |
@@ -189,6 +189,9 @@ ln -sf linux-%{uname_r}.cfg /boot/photon.cfg
|
| 189 | 189 |
/usr/src/linux-headers-%{uname_r}
|
| 190 | 190 |
|
| 191 | 191 |
%changelog |
| 192 |
+* Tue Jul 18 2017 Alexey Makhalov <amakhalov@vmware.com> 4.9.38-1 |
|
| 193 |
+- [feature] IP tunneling support (CONFIG_NET_IPIP=m) |
|
| 194 |
+- Fix CVE-2017-11176 and CVE-2017-10911 |
|
| 192 | 195 |
* Mon Jul 03 2017 Xiaolin Li <xiaolinl@vmware.com> 4.9.34-2 |
| 193 | 196 |
- Add libdnet-devel, kmod-devel and libmspack-devel to BuildRequires |
| 194 | 197 |
* Wed Jun 28 2017 Alexey Makhalov <amakhalov@vmware.com> 4.9.34-1 |
| ... | ... |
@@ -1,17 +1,18 @@ |
| 1 | 1 |
%global security_hardening none |
| 2 | 2 |
Summary: Kernel |
| 3 | 3 |
Name: linux-secure |
| 4 |
-Version: 4.9.34 |
|
| 5 |
-Release: 2%{?dist}
|
|
| 4 |
+Version: 4.9.38 |
|
| 5 |
+Release: 1%{?dist}
|
|
| 6 | 6 |
License: GPLv2 |
| 7 | 7 |
URL: http://www.kernel.org/ |
| 8 | 8 |
Group: System Environment/Kernel |
| 9 | 9 |
Vendor: VMware, Inc. |
| 10 | 10 |
Distribution: Photon |
| 11 |
-Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz
|
|
| 12 |
-%define sha1 linux=d02dc269e67eae329043c9aa7d6c2d6182950c2f |
|
| 11 |
+Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz
|
|
| 12 |
+%define sha1 linux=d451b026976ee33e469aaa0eb734452b3d17b5d5 |
|
| 13 | 13 |
Source1: config-secure |
| 14 | 14 |
Source2: aufs4.9.tar.gz |
| 15 |
+%define sha1 aufs=ebe716ce4b638a3772c7cd3161abbfe11d584906 |
|
| 15 | 16 |
Source3: initramfs.trigger |
| 16 | 17 |
# common |
| 17 | 18 |
Patch0: x86-vmware-read-tsc_khz-only-once-at-boot-time.patch |
| ... | ... |
@@ -31,7 +32,7 @@ Patch12: x86-vmware-sta.patch |
| 31 | 31 |
Patch13: 0001-NOWRITEEXEC-and-PAX-features-MPROTECT-EMUTRAMP.patch |
| 32 | 32 |
Patch14: 0002-Added-rap_plugin.patch |
| 33 | 33 |
Patch15: 0003-Added-PAX_RANDKSTACK.patch |
| 34 |
-# NSX requirements |
|
| 34 |
+# NSX requirements (should be removed) |
|
| 35 | 35 |
Patch16: LKCM.patch |
| 36 | 36 |
BuildRequires: bc |
| 37 | 37 |
BuildRequires: kbd |
| ... | ... |
@@ -228,6 +229,10 @@ ln -sf linux-%{uname_r}.cfg /boot/photon.cfg
|
| 228 | 228 |
/usr/src/linux-headers-%{uname_r}
|
| 229 | 229 |
|
| 230 | 230 |
%changelog |
| 231 |
+* Tue Jul 18 2017 Alexey Makhalov <amakhalov@vmware.com> 4.9.38-1 |
|
| 232 |
+- Fix CVE-2017-11176 and CVE-2017-10911 |
|
| 233 |
+* Fri Jul 14 2017 Alexey Makhalov <amakhalov@vmware.com> 4.9.34-3 |
|
| 234 |
+- Remove aufs source tarballs from git repo |
|
| 231 | 235 |
* Mon Jul 03 2017 Xiaolin Li <xiaolinl@vmware.com> 4.9.34-2 |
| 232 | 236 |
- Add libdnet-devel, kmod-devel and libmspack-devel to BuildRequires |
| 233 | 237 |
* Wed Jun 28 2017 Alexey Makhalov <amakhalov@vmware.com> 4.9.34-1 |
| ... | ... |
@@ -1,15 +1,15 @@ |
| 1 | 1 |
%global security_hardening none |
| 2 | 2 |
Summary: Kernel |
| 3 | 3 |
Name: linux |
| 4 |
-Version: 4.9.34 |
|
| 5 |
-Release: 3%{?dist}
|
|
| 4 |
+Version: 4.9.38 |
|
| 5 |
+Release: 1%{?dist}
|
|
| 6 | 6 |
License: GPLv2 |
| 7 | 7 |
URL: http://www.kernel.org/ |
| 8 | 8 |
Group: System Environment/Kernel |
| 9 | 9 |
Vendor: VMware, Inc. |
| 10 | 10 |
Distribution: Photon |
| 11 | 11 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz
|
| 12 |
-%define sha1 linux=d02dc269e67eae329043c9aa7d6c2d6182950c2f |
|
| 12 |
+%define sha1 linux=d451b026976ee33e469aaa0eb734452b3d17b5d5 |
|
| 13 | 13 |
Source1: config |
| 14 | 14 |
Source2: initramfs.trigger |
| 15 | 15 |
%define ena_version 1.1.3 |
| ... | ... |
@@ -52,6 +52,7 @@ The Linux package contains the Linux kernel. |
| 52 | 52 |
Summary: Kernel Dev |
| 53 | 53 |
Group: System Environment/Kernel |
| 54 | 54 |
Obsoletes: linux-dev |
| 55 |
+Requires: %{name} = %{version}-%{release}
|
|
| 55 | 56 |
Requires: python2 gawk |
| 56 | 57 |
%description devel |
| 57 | 58 |
The Linux package contains the Linux kernel dev files |
| ... | ... |
@@ -268,6 +269,8 @@ ln -sf %{name}-%{uname_r}.cfg /boot/photon.cfg
|
| 268 | 268 |
/usr/share/doc/* |
| 269 | 269 |
|
| 270 | 270 |
%changelog |
| 271 |
+* Tue Jul 18 2017 Alexey Makhalov <amakhalov@vmware.com> 4.9.38-1 |
|
| 272 |
+- Fix CVE-2017-11176 and CVE-2017-10911 |
|
| 271 | 273 |
* Mon Jul 03 2017 Xiaolin Li <xiaolinl@vmware.com> 4.9.34-3 |
| 272 | 274 |
- Add libdnet-devel, kmod-devel and libmspack-devel to BuildRequires |
| 273 | 275 |
* Thu Jun 29 2017 Divya Thaluru <dthaluru@vmware.com> 4.9.34-2 |