Browse code
kernel: Fix CVE-2017-7487 and CVE-2017-9059
by version update to 4.4.70
Change-Id: I1a4fc589a5099c750b26bf8332efe32c61b14acd
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/2793
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Dheeraj S Shetty <dheerajs@vmware.com>
Alexey Makhalov authored on 2017/05/26 06:12:32Showing 3 changed files
| ... | ... |
@@ -1,6 +1,6 @@ |
| 1 | 1 |
Summary: Linux API header files |
| 2 | 2 |
Name: linux-api-headers |
| 3 |
-Version: 4.4.67 |
|
| 3 |
+Version: 4.4.70 |
|
| 4 | 4 |
Release: 1%{?dist}
|
| 5 | 5 |
License: GPLv2 |
| 6 | 6 |
URL: http://www.kernel.org/ |
| ... | ... |
@@ -8,7 +8,7 @@ Group: System Environment/Kernel |
| 8 | 8 |
Vendor: VMware, Inc. |
| 9 | 9 |
Distribution: Photon |
| 10 | 10 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz
|
| 11 |
-%define sha1 linux=1a396da733c26066af6ab1a13ade3779af175afd |
|
| 11 |
+%define sha1 linux=857eedbb2c61efa3d8a281111d4563476f52183b |
|
| 12 | 12 |
BuildArch: noarch |
| 13 | 13 |
%description |
| 14 | 14 |
The Linux API Headers expose the kernel's API for use by Glibc. |
| ... | ... |
@@ -25,6 +25,8 @@ find /%{buildroot}%{_includedir} \( -name .install -o -name ..install.cmd \) -de
|
| 25 | 25 |
%defattr(-,root,root) |
| 26 | 26 |
%{_includedir}/*
|
| 27 | 27 |
%changelog |
| 28 |
+* Thu May 25 2017 Alexey Makhalov <amakhalov@vmware.com> 4.4.70-1 |
|
| 29 |
+- Update version |
|
| 28 | 30 |
* Tue May 9 2017 Alexey Makhalov <amakhalov@vmware.com> 4.4.67-1 |
| 29 | 31 |
- Update version |
| 30 | 32 |
* Tue May 2 2017 Alexey Makhalov <amakhalov@vmware.com> 4.4.65-1 |
| ... | ... |
@@ -1,7 +1,7 @@ |
| 1 | 1 |
%global security_hardening none |
| 2 | 2 |
Summary: Kernel |
| 3 | 3 |
Name: linux-esx |
| 4 |
-Version: 4.4.67 |
|
| 4 |
+Version: 4.4.70 |
|
| 5 | 5 |
Release: 1%{?dist}
|
| 6 | 6 |
License: GPLv2 |
| 7 | 7 |
URL: http://www.kernel.org/ |
| ... | ... |
@@ -9,7 +9,7 @@ Group: System Environment/Kernel |
| 9 | 9 |
Vendor: VMware, Inc. |
| 10 | 10 |
Distribution: Photon |
| 11 | 11 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz
|
| 12 |
-%define sha1 linux=1a396da733c26066af6ab1a13ade3779af175afd |
|
| 12 |
+%define sha1 linux=857eedbb2c61efa3d8a281111d4563476f52183b |
|
| 13 | 13 |
Source1: config-esx |
| 14 | 14 |
Patch0: double-tcp_mem-limits.patch |
| 15 | 15 |
Patch1: linux-4.4-sysctl-sched_weighted_cpuload_uses_rla.patch |
| ... | ... |
@@ -183,6 +183,8 @@ ln -sf linux-%{uname_r}.cfg /boot/photon.cfg
|
| 183 | 183 |
/usr/src/linux-headers-%{uname_r}
|
| 184 | 184 |
|
| 185 | 185 |
%changelog |
| 186 |
+* Thu May 25 2017 Alexey Makhalov <amakhalov@vmware.com> 4.4.70-1 |
|
| 187 |
+- Fix CVE-2017-7487 and CVE-2017-9059 |
|
| 186 | 188 |
* Tue May 9 2017 Alexey Makhalov <amakhalov@vmware.com> 4.4.67-1 |
| 187 | 189 |
- Version update |
| 188 | 190 |
- pci-probe: set bar count to 4 for class 0x010000 |
| ... | ... |
@@ -1,7 +1,7 @@ |
| 1 | 1 |
%global security_hardening none |
| 2 | 2 |
Summary: Kernel |
| 3 | 3 |
Name: linux |
| 4 |
-Version: 4.4.67 |
|
| 4 |
+Version: 4.4.70 |
|
| 5 | 5 |
Release: 1%{?dist}
|
| 6 | 6 |
License: GPLv2 |
| 7 | 7 |
URL: http://www.kernel.org/ |
| ... | ... |
@@ -9,7 +9,7 @@ Group: System Environment/Kernel |
| 9 | 9 |
Vendor: VMware, Inc. |
| 10 | 10 |
Distribution: Photon |
| 11 | 11 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/%{name}-%{version}.tar.xz
|
| 12 |
-%define sha1 linux=1a396da733c26066af6ab1a13ade3779af175afd |
|
| 12 |
+%define sha1 linux=857eedbb2c61efa3d8a281111d4563476f52183b |
|
| 13 | 13 |
Source1: config |
| 14 | 14 |
Patch0: double-tcp_mem-limits.patch |
| 15 | 15 |
Patch1: linux-4.4-sysctl-sched_weighted_cpuload_uses_rla.patch |
| ... | ... |
@@ -259,6 +259,8 @@ ln -sf %{name}-%{uname_r}.cfg /boot/photon.cfg
|
| 259 | 259 |
/usr/share/perf-core |
| 260 | 260 |
|
| 261 | 261 |
%changelog |
| 262 |
+* Thu May 25 2017 Alexey Makhalov <amakhalov@vmware.com> 4.4.70-1 |
|
| 263 |
+- Fix CVE-2017-7487 and CVE-2017-9059 |
|
| 262 | 264 |
* Tue May 9 2017 Alexey Makhalov <amakhalov@vmware.com> 4.4.67-1 |
| 263 | 265 |
- Version update |
| 264 | 266 |
- Sign and compress modules after stripping. fips=1 requires signed modules |