aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLeonardo Arena <rnalrd@alpinelinux.org>2016-02-24 11:28:51 +0000
committerLeonardo Arena <rnalrd@alpinelinux.org>2016-02-24 11:29:47 +0000
commita148c910b9b3d31765e4d315b0db4f5195ffeb82 (patch)
tree5165cb6f188bcdb955db81d85d04c5234388e962
parent7be32ced535bc76310a46a87c5b4234d4e7c2357 (diff)
downloadaports-a148c910b9b3d31765e4d315b0db4f5195ffeb82.tar.bz2
aports-a148c910b9b3d31765e4d315b0db4f5195ffeb82.tar.xz
main/linux-vanilla: security fix (CVE-2015-8550, xsa-155). Fixes #5159
-rw-r--r--main/linux-vanilla/APKBUILD31
l---------main/linux-vanilla/xsa155-linux-xsa155-0001-xen-Add-RING_COPY_REQUEST.patch1
l---------main/linux-vanilla/xsa155-linux-xsa155-0002-xen-netback-don-t-use-last-request-to-determine-mini.patch1
l---------main/linux-vanilla/xsa155-linux-xsa155-0003-xen-netback-use-RING_COPY_REQUEST-throughout.patch1
l---------main/linux-vanilla/xsa155-linux-xsa155-0004-xen-blkback-only-read-request-operation-from-shared-.patch1
l---------main/linux-vanilla/xsa155-linux-xsa155-0006-xen-scsiback-safely-copy-requests.patch1
l---------main/linux-vanilla/xsa155-linux-xsa155-0007-xen-pciback-Save-xen_pci_op-commands-before-processi.patch1
l---------main/linux-vanilla/xsa155-linux43-0005-xen-blkback-read-from-indirect-descriptors-only-once.patch1
8 files changed, 37 insertions, 1 deletions
diff --git a/main/linux-vanilla/APKBUILD b/main/linux-vanilla/APKBUILD
index 565b128115..969badef4e 100644
--- a/main/linux-vanilla/APKBUILD
+++ b/main/linux-vanilla/APKBUILD
@@ -7,7 +7,7 @@ case $pkgver in
*.*.*) _kernver=${pkgver%.*};;
*.*) _kernver=$pkgver;;
esac
-pkgrel=0
+pkgrel=1
pkgdesc="Linux vanilla kernel"
url="http://kernel.org"
depends="mkinitfs linux-firmware"
@@ -20,6 +20,14 @@ source="http://ftp.kernel.org/pub/linux/kernel/v${pkgver%%.*}.x/linux-$_kernver.
config-vanilla.armhf
config-vanilla.x86
config-vanilla.x86_64
+
+ xsa155-linux-xsa155-0001-xen-Add-RING_COPY_REQUEST.patch
+ xsa155-linux-xsa155-0002-xen-netback-don-t-use-last-request-to-determine-mini.patch
+ xsa155-linux-xsa155-0003-xen-netback-use-RING_COPY_REQUEST-throughout.patch
+ xsa155-linux-xsa155-0004-xen-blkback-only-read-request-operation-from-shared-.patch
+ xsa155-linux-xsa155-0006-xen-scsiback-safely-copy-requests.patch
+ xsa155-linux-xsa155-0007-xen-pciback-Save-xen_pci_op-commands-before-processi.patch
+ xsa155-linux43-0005-xen-blkback-read-from-indirect-descriptors-only-once.patch
"
if [ "${pkgver%.0}" = "$pkgver" ]; then
source="$source
@@ -164,14 +172,35 @@ md5sums="fe9dc0f6729f36400ea81aa41d614c37 linux-4.1.tar.xz
61e385e0bc2e856ae0200f5c8361b02a config-vanilla.armhf
8653aa4fc6575cdb9c006a97d7f3d714 config-vanilla.x86
c7df48818cf5477063b464ddc016fe2d config-vanilla.x86_64
+7139ce0106f489a71474b2196cd70edc xsa155-linux-xsa155-0001-xen-Add-RING_COPY_REQUEST.patch
+484f3e18e22f6b7c06dabaaf5d5ed274 xsa155-linux-xsa155-0002-xen-netback-don-t-use-last-request-to-determine-mini.patch
+0bf4e9b42ff4c7feb968ab0e5b4a8be0 xsa155-linux-xsa155-0003-xen-netback-use-RING_COPY_REQUEST-throughout.patch
+f57e383a744db7ea6eb64d6a9e6fd5b0 xsa155-linux-xsa155-0004-xen-blkback-only-read-request-operation-from-shared-.patch
+6b41c3dbec8f4897bc9014d2a1ed9e66 xsa155-linux-xsa155-0006-xen-scsiback-safely-copy-requests.patch
+170b688697ab5a854f01d9d64d71098e xsa155-linux-xsa155-0007-xen-pciback-Save-xen_pci_op-commands-before-processi.patch
+70ae93ddef7c9832ecde037c81009099 xsa155-linux43-0005-xen-blkback-read-from-indirect-descriptors-only-once.patch
49c68f18968fa809e20a7b20423fd1d2 patch-4.1.17.xz"
sha256sums="caf51f085aac1e1cea4d00dbbf3093ead07b551fc07b31b2a989c05f8ea72d9f linux-4.1.tar.xz
37b9484f1cd9a81cf7a10b519f41b1e7b474fbda985d11ed44b59361a4dabf71 config-vanilla.armhf
2968941998a168f38ae6f987e4f2829a541e7f712f980b1db5aa4864c7244acd config-vanilla.x86
2548da460cb8d31c5d80a0f01fef4419fe465635dcc6bff255fb1a2a58a6de61 config-vanilla.x86_64
+2bd18632178e09394c5cd06aded2c14bcc6b6e360ad6e81827d24860fe3e8ca4 xsa155-linux-xsa155-0001-xen-Add-RING_COPY_REQUEST.patch
+cecdeccb8e2551252c81fc5f164a8298005df714a574a7ba18b84e8ed5f2bb70 xsa155-linux-xsa155-0002-xen-netback-don-t-use-last-request-to-determine-mini.patch
+3916b847243047f0e1053233ade742c14a7f29243584e60bf5db4842a8068855 xsa155-linux-xsa155-0003-xen-netback-use-RING_COPY_REQUEST-throughout.patch
+746c8eb0aeb200d76156c88dfbbd49db79f567b88b07eda70f7c7d095721f05a xsa155-linux-xsa155-0004-xen-blkback-only-read-request-operation-from-shared-.patch
+2e6d556d25b1cc16e71afde665ae3908f4fa8eab7e0d96283fc78400301baf92 xsa155-linux-xsa155-0006-xen-scsiback-safely-copy-requests.patch
+5e130d8b61906015c6a94f8edd3cce97b172f96a265d97ecf370e7b45125b73d xsa155-linux-xsa155-0007-xen-pciback-Save-xen_pci_op-commands-before-processi.patch
+590656d83ad7b6052b54659eccb3469658b3942c0dc1366423a66f2f5ac643e1 xsa155-linux43-0005-xen-blkback-read-from-indirect-descriptors-only-once.patch
60e5c4fb93705a1e7d075d528975661303d3a87c522f731b69da2e00f3170b10 patch-4.1.17.xz"
sha512sums="168ef84a4e67619f9f53f3574e438542a5747f9b43443363cb83597fcdac9f40d201625c66e375a23226745eaada9176eb006ca023613cec089349e91751f3c0 linux-4.1.tar.xz
e9309320b28bfc80ad1f44379f1615b4bc42c44b9cf52da2c8bc404282a1e758f5575a054ae59d5ceb4cc67bb194fc9eaac337f511ef1febae6d377750b922e9 config-vanilla.armhf
11d86ff22af5f899dd31c56ccdcba3c4ac364700df6b9cf4f30572010c6c40c925062cd02c1261f95cb19616d5e08d6b0eb3054183f0b5e6c41233c6d6e03519 config-vanilla.x86
052a7bcfd91b89fab7d4496001c38be9b00b7405fe0445c6ac8ba4d6a2b3712c0e974705ef3bcfe84b4b5613b283b8ccbb0191b96fb55bef0735f069c1ba0464 config-vanilla.x86_64
+a8a0a152638f9125274f9933c90cf2459b941ac5f6b860dcba1f35179eaa8f303eb7c392da360f423534c015ffba8818fb79fdb4a7b82a65d42415a7bd2beeb2 xsa155-linux-xsa155-0001-xen-Add-RING_COPY_REQUEST.patch
+e85369cec62f0b249362930bf32e03f277cfc7d9844e5250b5fd73a22dcc09720f1920bb5c5f1063a4ee51a146fe9c8eb5f180b58a41cd833916904fdc230e90 xsa155-linux-xsa155-0002-xen-netback-don-t-use-last-request-to-determine-mini.patch
+8814d694c2196ee4c8bcf52522622c56a166e6b77b414e9298190f23ed86c1e205410d3ba257a323d008c59df25496e2161d828bc99a34d445430115769495a8 xsa155-linux-xsa155-0003-xen-netback-use-RING_COPY_REQUEST-throughout.patch
+a79f354c4e82c0eefc9b346215a2e993508f139095a197565aa5c56b1e0981f06c66c4796d0fd97800ac25f1ff21f6921cb25a7dd455254fb446cf6845d8e0a3 xsa155-linux-xsa155-0004-xen-blkback-only-read-request-operation-from-shared-.patch
+7640585542d6970d2d35d728091c770daab7ea24c4a5d61e268d27b4b4bc9742d5fa04a11cbff9ac890376397f0b39f693e433639325470f6e39cea7a283810e xsa155-linux-xsa155-0006-xen-scsiback-safely-copy-requests.patch
+bf6c3c00e3b3b0030ba88dff96aead617e8b81a8add23811d029c1226f8a9cdacd348ccd109acafa536bcf553e0e0689e8cb4f2ccdf3dcb51e380ea07e197e0d xsa155-linux-xsa155-0007-xen-pciback-Save-xen_pci_op-commands-before-processi.patch
+2c5246a7c0a8fb19b8adf70162501f0af111ad3d1816e6719ae61b28c2b11565b1bd7a82c04ab50dce1ed88ec2259de0903222976d8cdf4b17ad1e5002e101bd xsa155-linux43-0005-xen-blkback-read-from-indirect-descriptors-only-once.patch
fa8675bac395ad7255693728ee601cd84a02aeee660ee5f2bf5684a6af053c9cf07afb0abb3324b1eb149305701a0bb9252053e840edc2aebb6499139dc12edd patch-4.1.17.xz"
diff --git a/main/linux-vanilla/xsa155-linux-xsa155-0001-xen-Add-RING_COPY_REQUEST.patch b/main/linux-vanilla/xsa155-linux-xsa155-0001-xen-Add-RING_COPY_REQUEST.patch
new file mode 120000
index 0000000000..ad9eb87837
--- /dev/null
+++ b/main/linux-vanilla/xsa155-linux-xsa155-0001-xen-Add-RING_COPY_REQUEST.patch
@@ -0,0 +1 @@
+../linux-grsec/xsa155-linux-xsa155-0001-xen-Add-RING_COPY_REQUEST.patch \ No newline at end of file
diff --git a/main/linux-vanilla/xsa155-linux-xsa155-0002-xen-netback-don-t-use-last-request-to-determine-mini.patch b/main/linux-vanilla/xsa155-linux-xsa155-0002-xen-netback-don-t-use-last-request-to-determine-mini.patch
new file mode 120000
index 0000000000..c55ce8caaa
--- /dev/null
+++ b/main/linux-vanilla/xsa155-linux-xsa155-0002-xen-netback-don-t-use-last-request-to-determine-mini.patch
@@ -0,0 +1 @@
+../linux-grsec/xsa155-linux-xsa155-0002-xen-netback-don-t-use-last-request-to-determine-mini.patch \ No newline at end of file
diff --git a/main/linux-vanilla/xsa155-linux-xsa155-0003-xen-netback-use-RING_COPY_REQUEST-throughout.patch b/main/linux-vanilla/xsa155-linux-xsa155-0003-xen-netback-use-RING_COPY_REQUEST-throughout.patch
new file mode 120000
index 0000000000..801933f275
--- /dev/null
+++ b/main/linux-vanilla/xsa155-linux-xsa155-0003-xen-netback-use-RING_COPY_REQUEST-throughout.patch
@@ -0,0 +1 @@
+../linux-grsec/xsa155-linux-xsa155-0003-xen-netback-use-RING_COPY_REQUEST-throughout.patch \ No newline at end of file
diff --git a/main/linux-vanilla/xsa155-linux-xsa155-0004-xen-blkback-only-read-request-operation-from-shared-.patch b/main/linux-vanilla/xsa155-linux-xsa155-0004-xen-blkback-only-read-request-operation-from-shared-.patch
new file mode 120000
index 0000000000..502b764aa2
--- /dev/null
+++ b/main/linux-vanilla/xsa155-linux-xsa155-0004-xen-blkback-only-read-request-operation-from-shared-.patch
@@ -0,0 +1 @@
+../linux-grsec/xsa155-linux-xsa155-0004-xen-blkback-only-read-request-operation-from-shared-.patch \ No newline at end of file
diff --git a/main/linux-vanilla/xsa155-linux-xsa155-0006-xen-scsiback-safely-copy-requests.patch b/main/linux-vanilla/xsa155-linux-xsa155-0006-xen-scsiback-safely-copy-requests.patch
new file mode 120000
index 0000000000..df6026653c
--- /dev/null
+++ b/main/linux-vanilla/xsa155-linux-xsa155-0006-xen-scsiback-safely-copy-requests.patch
@@ -0,0 +1 @@
+../linux-grsec/xsa155-linux-xsa155-0006-xen-scsiback-safely-copy-requests.patch \ No newline at end of file
diff --git a/main/linux-vanilla/xsa155-linux-xsa155-0007-xen-pciback-Save-xen_pci_op-commands-before-processi.patch b/main/linux-vanilla/xsa155-linux-xsa155-0007-xen-pciback-Save-xen_pci_op-commands-before-processi.patch
new file mode 120000
index 0000000000..6d74d1eb45
--- /dev/null
+++ b/main/linux-vanilla/xsa155-linux-xsa155-0007-xen-pciback-Save-xen_pci_op-commands-before-processi.patch
@@ -0,0 +1 @@
+../linux-grsec/xsa155-linux-xsa155-0007-xen-pciback-Save-xen_pci_op-commands-before-processi.patch \ No newline at end of file
diff --git a/main/linux-vanilla/xsa155-linux43-0005-xen-blkback-read-from-indirect-descriptors-only-once.patch b/main/linux-vanilla/xsa155-linux43-0005-xen-blkback-read-from-indirect-descriptors-only-once.patch
new file mode 120000
index 0000000000..707da96955
--- /dev/null
+++ b/main/linux-vanilla/xsa155-linux43-0005-xen-blkback-read-from-indirect-descriptors-only-once.patch
@@ -0,0 +1 @@
+../linux-grsec/xsa155-linux43-0005-xen-blkback-read-from-indirect-descriptors-only-once.patch \ No newline at end of file