diff options
author | Leonardo Arena <rnalrd@alpinelinux.org> | 2016-02-24 11:28:51 +0000 |
---|---|---|
committer | Leonardo Arena <rnalrd@alpinelinux.org> | 2016-02-24 11:29:47 +0000 |
commit | a148c910b9b3d31765e4d315b0db4f5195ffeb82 (patch) | |
tree | 5165cb6f188bcdb955db81d85d04c5234388e962 | |
parent | 7be32ced535bc76310a46a87c5b4234d4e7c2357 (diff) | |
download | aports-a148c910b9b3d31765e4d315b0db4f5195ffeb82.tar.bz2 aports-a148c910b9b3d31765e4d315b0db4f5195ffeb82.tar.xz |
main/linux-vanilla: security fix (CVE-2015-8550, xsa-155). Fixes #5159
8 files changed, 37 insertions, 1 deletions
diff --git a/main/linux-vanilla/APKBUILD b/main/linux-vanilla/APKBUILD index 565b128115..969badef4e 100644 --- a/main/linux-vanilla/APKBUILD +++ b/main/linux-vanilla/APKBUILD @@ -7,7 +7,7 @@ case $pkgver in *.*.*) _kernver=${pkgver%.*};; *.*) _kernver=$pkgver;; esac -pkgrel=0 +pkgrel=1 pkgdesc="Linux vanilla kernel" url="http://kernel.org" depends="mkinitfs linux-firmware" @@ -20,6 +20,14 @@ source="http://ftp.kernel.org/pub/linux/kernel/v${pkgver%%.*}.x/linux-$_kernver. config-vanilla.armhf config-vanilla.x86 config-vanilla.x86_64 + + xsa155-linux-xsa155-0001-xen-Add-RING_COPY_REQUEST.patch + xsa155-linux-xsa155-0002-xen-netback-don-t-use-last-request-to-determine-mini.patch + xsa155-linux-xsa155-0003-xen-netback-use-RING_COPY_REQUEST-throughout.patch + xsa155-linux-xsa155-0004-xen-blkback-only-read-request-operation-from-shared-.patch + xsa155-linux-xsa155-0006-xen-scsiback-safely-copy-requests.patch + xsa155-linux-xsa155-0007-xen-pciback-Save-xen_pci_op-commands-before-processi.patch + xsa155-linux43-0005-xen-blkback-read-from-indirect-descriptors-only-once.patch " if [ "${pkgver%.0}" = "$pkgver" ]; then source="$source @@ -164,14 +172,35 @@ md5sums="fe9dc0f6729f36400ea81aa41d614c37 linux-4.1.tar.xz 61e385e0bc2e856ae0200f5c8361b02a config-vanilla.armhf 8653aa4fc6575cdb9c006a97d7f3d714 config-vanilla.x86 c7df48818cf5477063b464ddc016fe2d config-vanilla.x86_64 +7139ce0106f489a71474b2196cd70edc xsa155-linux-xsa155-0001-xen-Add-RING_COPY_REQUEST.patch +484f3e18e22f6b7c06dabaaf5d5ed274 xsa155-linux-xsa155-0002-xen-netback-don-t-use-last-request-to-determine-mini.patch +0bf4e9b42ff4c7feb968ab0e5b4a8be0 xsa155-linux-xsa155-0003-xen-netback-use-RING_COPY_REQUEST-throughout.patch +f57e383a744db7ea6eb64d6a9e6fd5b0 xsa155-linux-xsa155-0004-xen-blkback-only-read-request-operation-from-shared-.patch +6b41c3dbec8f4897bc9014d2a1ed9e66 xsa155-linux-xsa155-0006-xen-scsiback-safely-copy-requests.patch +170b688697ab5a854f01d9d64d71098e xsa155-linux-xsa155-0007-xen-pciback-Save-xen_pci_op-commands-before-processi.patch +70ae93ddef7c9832ecde037c81009099 xsa155-linux43-0005-xen-blkback-read-from-indirect-descriptors-only-once.patch 49c68f18968fa809e20a7b20423fd1d2 patch-4.1.17.xz" sha256sums="caf51f085aac1e1cea4d00dbbf3093ead07b551fc07b31b2a989c05f8ea72d9f linux-4.1.tar.xz 37b9484f1cd9a81cf7a10b519f41b1e7b474fbda985d11ed44b59361a4dabf71 config-vanilla.armhf 2968941998a168f38ae6f987e4f2829a541e7f712f980b1db5aa4864c7244acd config-vanilla.x86 2548da460cb8d31c5d80a0f01fef4419fe465635dcc6bff255fb1a2a58a6de61 config-vanilla.x86_64 +2bd18632178e09394c5cd06aded2c14bcc6b6e360ad6e81827d24860fe3e8ca4 xsa155-linux-xsa155-0001-xen-Add-RING_COPY_REQUEST.patch +cecdeccb8e2551252c81fc5f164a8298005df714a574a7ba18b84e8ed5f2bb70 xsa155-linux-xsa155-0002-xen-netback-don-t-use-last-request-to-determine-mini.patch +3916b847243047f0e1053233ade742c14a7f29243584e60bf5db4842a8068855 xsa155-linux-xsa155-0003-xen-netback-use-RING_COPY_REQUEST-throughout.patch +746c8eb0aeb200d76156c88dfbbd49db79f567b88b07eda70f7c7d095721f05a xsa155-linux-xsa155-0004-xen-blkback-only-read-request-operation-from-shared-.patch +2e6d556d25b1cc16e71afde665ae3908f4fa8eab7e0d96283fc78400301baf92 xsa155-linux-xsa155-0006-xen-scsiback-safely-copy-requests.patch +5e130d8b61906015c6a94f8edd3cce97b172f96a265d97ecf370e7b45125b73d xsa155-linux-xsa155-0007-xen-pciback-Save-xen_pci_op-commands-before-processi.patch +590656d83ad7b6052b54659eccb3469658b3942c0dc1366423a66f2f5ac643e1 xsa155-linux43-0005-xen-blkback-read-from-indirect-descriptors-only-once.patch 60e5c4fb93705a1e7d075d528975661303d3a87c522f731b69da2e00f3170b10 patch-4.1.17.xz" sha512sums="168ef84a4e67619f9f53f3574e438542a5747f9b43443363cb83597fcdac9f40d201625c66e375a23226745eaada9176eb006ca023613cec089349e91751f3c0 linux-4.1.tar.xz e9309320b28bfc80ad1f44379f1615b4bc42c44b9cf52da2c8bc404282a1e758f5575a054ae59d5ceb4cc67bb194fc9eaac337f511ef1febae6d377750b922e9 config-vanilla.armhf 11d86ff22af5f899dd31c56ccdcba3c4ac364700df6b9cf4f30572010c6c40c925062cd02c1261f95cb19616d5e08d6b0eb3054183f0b5e6c41233c6d6e03519 config-vanilla.x86 052a7bcfd91b89fab7d4496001c38be9b00b7405fe0445c6ac8ba4d6a2b3712c0e974705ef3bcfe84b4b5613b283b8ccbb0191b96fb55bef0735f069c1ba0464 config-vanilla.x86_64 +a8a0a152638f9125274f9933c90cf2459b941ac5f6b860dcba1f35179eaa8f303eb7c392da360f423534c015ffba8818fb79fdb4a7b82a65d42415a7bd2beeb2 xsa155-linux-xsa155-0001-xen-Add-RING_COPY_REQUEST.patch +e85369cec62f0b249362930bf32e03f277cfc7d9844e5250b5fd73a22dcc09720f1920bb5c5f1063a4ee51a146fe9c8eb5f180b58a41cd833916904fdc230e90 xsa155-linux-xsa155-0002-xen-netback-don-t-use-last-request-to-determine-mini.patch +8814d694c2196ee4c8bcf52522622c56a166e6b77b414e9298190f23ed86c1e205410d3ba257a323d008c59df25496e2161d828bc99a34d445430115769495a8 xsa155-linux-xsa155-0003-xen-netback-use-RING_COPY_REQUEST-throughout.patch +a79f354c4e82c0eefc9b346215a2e993508f139095a197565aa5c56b1e0981f06c66c4796d0fd97800ac25f1ff21f6921cb25a7dd455254fb446cf6845d8e0a3 xsa155-linux-xsa155-0004-xen-blkback-only-read-request-operation-from-shared-.patch +7640585542d6970d2d35d728091c770daab7ea24c4a5d61e268d27b4b4bc9742d5fa04a11cbff9ac890376397f0b39f693e433639325470f6e39cea7a283810e xsa155-linux-xsa155-0006-xen-scsiback-safely-copy-requests.patch +bf6c3c00e3b3b0030ba88dff96aead617e8b81a8add23811d029c1226f8a9cdacd348ccd109acafa536bcf553e0e0689e8cb4f2ccdf3dcb51e380ea07e197e0d xsa155-linux-xsa155-0007-xen-pciback-Save-xen_pci_op-commands-before-processi.patch +2c5246a7c0a8fb19b8adf70162501f0af111ad3d1816e6719ae61b28c2b11565b1bd7a82c04ab50dce1ed88ec2259de0903222976d8cdf4b17ad1e5002e101bd xsa155-linux43-0005-xen-blkback-read-from-indirect-descriptors-only-once.patch fa8675bac395ad7255693728ee601cd84a02aeee660ee5f2bf5684a6af053c9cf07afb0abb3324b1eb149305701a0bb9252053e840edc2aebb6499139dc12edd patch-4.1.17.xz" diff --git a/main/linux-vanilla/xsa155-linux-xsa155-0001-xen-Add-RING_COPY_REQUEST.patch b/main/linux-vanilla/xsa155-linux-xsa155-0001-xen-Add-RING_COPY_REQUEST.patch new file mode 120000 index 0000000000..ad9eb87837 --- /dev/null +++ b/main/linux-vanilla/xsa155-linux-xsa155-0001-xen-Add-RING_COPY_REQUEST.patch @@ -0,0 +1 @@ +../linux-grsec/xsa155-linux-xsa155-0001-xen-Add-RING_COPY_REQUEST.patch
\ No newline at end of file diff --git a/main/linux-vanilla/xsa155-linux-xsa155-0002-xen-netback-don-t-use-last-request-to-determine-mini.patch b/main/linux-vanilla/xsa155-linux-xsa155-0002-xen-netback-don-t-use-last-request-to-determine-mini.patch new file mode 120000 index 0000000000..c55ce8caaa --- /dev/null +++ b/main/linux-vanilla/xsa155-linux-xsa155-0002-xen-netback-don-t-use-last-request-to-determine-mini.patch @@ -0,0 +1 @@ +../linux-grsec/xsa155-linux-xsa155-0002-xen-netback-don-t-use-last-request-to-determine-mini.patch
\ No newline at end of file diff --git a/main/linux-vanilla/xsa155-linux-xsa155-0003-xen-netback-use-RING_COPY_REQUEST-throughout.patch b/main/linux-vanilla/xsa155-linux-xsa155-0003-xen-netback-use-RING_COPY_REQUEST-throughout.patch new file mode 120000 index 0000000000..801933f275 --- /dev/null +++ b/main/linux-vanilla/xsa155-linux-xsa155-0003-xen-netback-use-RING_COPY_REQUEST-throughout.patch @@ -0,0 +1 @@ +../linux-grsec/xsa155-linux-xsa155-0003-xen-netback-use-RING_COPY_REQUEST-throughout.patch
\ No newline at end of file diff --git a/main/linux-vanilla/xsa155-linux-xsa155-0004-xen-blkback-only-read-request-operation-from-shared-.patch b/main/linux-vanilla/xsa155-linux-xsa155-0004-xen-blkback-only-read-request-operation-from-shared-.patch new file mode 120000 index 0000000000..502b764aa2 --- /dev/null +++ b/main/linux-vanilla/xsa155-linux-xsa155-0004-xen-blkback-only-read-request-operation-from-shared-.patch @@ -0,0 +1 @@ +../linux-grsec/xsa155-linux-xsa155-0004-xen-blkback-only-read-request-operation-from-shared-.patch
\ No newline at end of file diff --git a/main/linux-vanilla/xsa155-linux-xsa155-0006-xen-scsiback-safely-copy-requests.patch b/main/linux-vanilla/xsa155-linux-xsa155-0006-xen-scsiback-safely-copy-requests.patch new file mode 120000 index 0000000000..df6026653c --- /dev/null +++ b/main/linux-vanilla/xsa155-linux-xsa155-0006-xen-scsiback-safely-copy-requests.patch @@ -0,0 +1 @@ +../linux-grsec/xsa155-linux-xsa155-0006-xen-scsiback-safely-copy-requests.patch
\ No newline at end of file diff --git a/main/linux-vanilla/xsa155-linux-xsa155-0007-xen-pciback-Save-xen_pci_op-commands-before-processi.patch b/main/linux-vanilla/xsa155-linux-xsa155-0007-xen-pciback-Save-xen_pci_op-commands-before-processi.patch new file mode 120000 index 0000000000..6d74d1eb45 --- /dev/null +++ b/main/linux-vanilla/xsa155-linux-xsa155-0007-xen-pciback-Save-xen_pci_op-commands-before-processi.patch @@ -0,0 +1 @@ +../linux-grsec/xsa155-linux-xsa155-0007-xen-pciback-Save-xen_pci_op-commands-before-processi.patch
\ No newline at end of file diff --git a/main/linux-vanilla/xsa155-linux43-0005-xen-blkback-read-from-indirect-descriptors-only-once.patch b/main/linux-vanilla/xsa155-linux43-0005-xen-blkback-read-from-indirect-descriptors-only-once.patch new file mode 120000 index 0000000000..707da96955 --- /dev/null +++ b/main/linux-vanilla/xsa155-linux43-0005-xen-blkback-read-from-indirect-descriptors-only-once.patch @@ -0,0 +1 @@ +../linux-grsec/xsa155-linux43-0005-xen-blkback-read-from-indirect-descriptors-only-once.patch
\ No newline at end of file |