------------------------------------------------------------------- Mon Apr 10 16:47:24 CEST 2017 - mbenes@suse.cz - Bump up the version number in spec file - commit 32a61be ------------------------------------------------------------------- Mon Apr 10 13:14:50 CEST 2017 - mbenes@suse.cz - bsc#1030467: Add references - commit 4c2d046 ------------------------------------------------------------------- Mon Apr 10 11:47:36 CEST 2017 - mbenes@suse.cz - bsc#1030575: Update to upstream version - commit 99544fe ------------------------------------------------------------------- Thu Apr 6 10:23:41 CEST 2017 - mbenes@suse.cz - bsc#1031660: Add upstream references - commit ade61d9 ------------------------------------------------------------------- Wed Apr 5 17:49:53 CEST 2017 - mbenes@suse.cz - Fix for CVE-2017-7308 (packet_set_ring function in net/packet/af_packet.c vulnerable) Live patch for CVE-2017-7308. Fixes: CVE-2017-7308 References: bsc#1031660 CVE-2017-7308 - commit 3bfd75e ------------------------------------------------------------------- Tue Apr 4 15:08:03 CEST 2017 - mbenes@suse.cz - Fix for CVE-2017-7294 (vmwgfx: vmw_surface_define_ioctl function vuln) Live patch for CVE-2017-7294. SLE12-SP1 commit 65869d2751a7 ("drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl() (boo#1031440 CVE-2017-7294)."). Fixes: CVE-2017-7294 References: bsc#1031481 CVE-2017-7294 - commit 0120a97 ------------------------------------------------------------------- Fri Mar 31 13:51:36 CEST 2017 - mbenes@suse.cz - bsc#1030575: Add references - commit dcfb9c8 ------------------------------------------------------------------- Tue Mar 28 16:04:05 CEST 2017 - mbenes@suse.cz - Fix for bsc#1030467 (Dirty COW fix causes some apps to freeze) Live patch for bsc#1030467. Upstream commit 8310d48b125d ("mm/huge_memory.c: respect FOLL_FORCE/FOLL_COW for thp"). Fixes: bsc#1030467 References: bsc#1030467 - commit da7ebc8 ------------------------------------------------------------------- Fri Mar 24 14:53:19 CET 2017 - mbenes@suse.cz - Bump up the version number in spec file - commit b92c9ce ------------------------------------------------------------------- Fri Mar 24 12:39:20 CET 2017 - mbenes@suse.cz - Fix for CVE-2017-7184 (xfrm kernel heap out-of-bounds access) Live patch for CVE-2017-7184. Fixes: CVE-2017-7184 References: bsc#1030575 CVE-2017-7184 - commit 223a98c ------------------------------------------------------------------- Wed Mar 8 09:49:53 CET 2017 - mbenes@suse.cz - Bump up the version number in spec file - commit 376e01e ------------------------------------------------------------------- Tue Feb 14 11:12:42 CET 2017 - mbenes@suse.cz - Fix for CVE-2017-5970 (ipv4: keep skb->dst around in presence of IP options) Live patch for CVE-2017-5970. Upstream commit 34b2cef20f19 ("ipv4: keep skb->dst around in presence of IP options"). Fixes: CVE-2017-5970 References: bsc#1025013 CVE-2017-5970 - commit bdfc97a ------------------------------------------------------------------- Thu Feb 2 11:15:50 CET 2017 - mbenes@suse.cz - Bump up the version number in spec file - commit a5b07bb ------------------------------------------------------------------- Wed Feb 1 15:36:36 CET 2017 - mbenes@suse.cz - bsc#1004419: fix the loading problem on XEN kGraft patches for bsc#1004419 are broken for XEN arch. The modules cannot be loaded and kGraft reports "symbol follow_trans_huge_pmd() not resolved". The mentioned function comes from mm/huge_memory.c which is built only when CONFIG_TRANSPARENT_HUGEPAGES is set. This is not the case of XEN. The problem is that there is only one definition of the function. The only callsite is in follow_page_mask() which is built for XEN. The whole kernel builds successfully because GCC compiler is satisfied with a declaration of the function in include/linux/huge_mm.h. Then dead code elimination is applied and the only callsite is removed for XEN. Linked of course finds no problem afterwards. Move kallsyms lookup for follow_trans_huge_pmd() to !xen section and rely on a dead code elimination too. References: bsc#1023031 - commit 1320985 ------------------------------------------------------------------- Mon Jan 30 10:47:02 CET 2017 - mbenes@suse.cz - Fix for bsc#1021417 (Xen netback: DomU hangs under heavy load: grant still in use by backend domain) Live patch for bsc#1021417. SLE12-SP1 commit d7c3c33c7c75 ("netback: correct array index (bsc#983348)."). Fixes: bsc#1021417 References: bsc#1021417 - commit 455b648 ------------------------------------------------------------------- Fri Dec 30 15:28:38 CET 2016 - mbenes@suse.cz - Fix for CVE-2016-9806 (double free in netlink_dump) Live patch for CVE-2016-9806. Upstream commit 92964c79b357 ("netlink: Fix dump skb leak/double free"). Fixes: CVE-2016-9806 References: bsc#1017589 CVE-2016-9806 - commit 7d09b50 ------------------------------------------------------------------- Fri Dec 30 12:52:55 CET 2016 - mbenes@suse.cz - Bump up the version number in spec file - commit 57af1de ------------------------------------------------------------------- Thu Dec 22 17:15:25 CET 2016 - mbenes@suse.cz - Fix for CVE-2016-9794 (ALSA: use-after-free in,kill_fasync) Live patch for CVE-2016-9794. Upstream commit 3aa02cb664c5 ("ALSA: pcm : Call kill_fasync() in stream lock"). Fixes: CVE-2016-9794 References: bsc#1013543 CVE-2016-9794 - commit fbd84a7 ------------------------------------------------------------------- Tue Dec 20 14:51:09 CET 2016 - mbenes@suse.cz - Fix for CVE-2016-8632 (tipc: tipc_msg_build() doesn't validate MTU) Live patch for CVE-2016-8632. Upstream commit 3de81b758853 ("tipc: check minimum bearer MTU"). Fixes: CVE-2016-8632 References: bsc#1012852 CVE-2016-8632 - commit e4c637f ------------------------------------------------------------------- Tue Dec 13 14:47:06 CET 2016 - mbenes@suse.cz - Fix for CVE-2016-9576 (Use-after-free in SCSI Generic driver) Live patch for CVE-2016-9576. Based on SLE12(-SP1) commit b3017e878b1b ("splice: introduce FMODE_SPLICE_READ and FMODE_SPLICE_WRITE (CVE-2016-9576, bsc#1013604)."). Fixes: CVE-2016-9576 References: bsc#1014271 CVE-2016-9576 - commit debf04f ------------------------------------------------------------------- Tue Dec 6 13:03:00 CET 2016 - mbenes@suse.cz - Bump up the version number in spec file - commit 19c9849 ------------------------------------------------------------------- Mon Dec 5 11:27:12 CET 2016 - mbenes@suse.cz - Fix for CVE-2016-8655 (Local root privilege packet_set_ring/timer_list) Live patch for CVE-2016-8655. Upstream commit 84ac7260236a ("packet: fix race condition in packet_set_ring"). Fixes: CVE-2016-8655 References: bsc#1012759 CVE-2016-8655 - commit 554f05e ------------------------------------------------------------------- Mon Nov 28 15:40:04 CET 2016 - mbenes@suse.cz - Fix for CVE-2016-9555 (net/sctp: slab-out-of-bounds in sctp_sf_ootb) Live patch for CVE-2016-9555. Upstream commit bf911e985d6b ("sctp: validate chunk len before actually using it"). Fixes: CVE-2016-9555 References: bsc#1012183 CVE-2016-9555 - commit 74dfd73 ------------------------------------------------------------------- Mon Oct 24 13:26:09 CEST 2016 - mbenes@suse.cz - Better to use SUSE:SLE-12:Update than Devel:kGraft:SLE12 project - commit bdc7598 ------------------------------------------------------------------- Fri Oct 21 13:48:47 CEST 2016 - mbenes@suse.cz - Bump up the version number in spec file - commit 2cb7987 ------------------------------------------------------------------- Thu Oct 20 12:38:29 CEST 2016 - mbenes@suse.cz - Fix for CVE-2016-5195 (mm: local privilege escalation using MAP_PRIVATE) Live patch for CVE-2016-5195. Upstream commit 19be0eaffa3a ("mm: remove gup_flags FOLL_WRITE games from __get_user_pages()"). Fixes: CVE-2016-5195 References: bsc#1004419 CVE-2016-5195 - commit 6c7d9fe ------------------------------------------------------------------- Wed Oct 19 09:25:23 CEST 2016 - mbenes@suse.cz - Fix for CVE-2016-8666 (gre: Don't apply GRO to multiple layers of encapsulation) Live patch for CVE-2016-8666. Upstream commit fac8e0f57969 ("tunnels: Don't apply GRO to multiple layers of encapsulation"). SLE12-SP1 commit 9293295f045f ("tunnels: Don't apply GRO to multiple layers of encapsulation (bsc#1001486)."). Fixes: CVE-2016-8666 References: bsc#1001487 CVE-2016-8666 - commit c7103d8 ------------------------------------------------------------------- Mon Aug 22 11:07:57 CEST 2016 - mbenes@suse.cz - bsc#991667: Update upstream commit info - commit c5b27f6 ------------------------------------------------------------------- Mon Aug 15 14:36:54 CEST 2016 - mbenes@suse.cz - Bump up the version number in spec file - commit 05c5a38 ------------------------------------------------------------------- Thu Aug 11 13:52:23 CEST 2016 - mbenes@suse.cz - Fix for CVE-2016-6480 (aacraid: double read leading to kernel information disclosure) Live patch for CVE-2016-6480. SLE12-SP1 commit e3474174b039 ("- aacraid: Check size values after double-fetch from user (CVE-2016-6480 bsc#991608). - Delete patches.drivers/0001-aacraid-prevent-out-of-bounds-access-due-to-changing.patch.") Fixes: CVE-2016-6480 References: bsc#991667 CVE-2016-6480 - commit e3a7649 ------------------------------------------------------------------- Mon Aug 8 12:18:31 CEST 2016 - jeremy.huang@suse.com - Fix for CVE-2016-5829 (HID: hiddev: validate num_values for HIDIOCGUSAGES,HIDIOCSUSAGES commands) If a user-land process calls the hiddev ioctl with the HIDIOCGUSAGES or HIDIOCSUSAGES command, and passes a report id of HID_REPORT_ID_UNKNOWN it bypasses a series of bounds checks. Later in the code the attacker can loop on some controlled value and overwrite past the bounds of the uref_multi array or the value array. We do not have the hardware of hiddev, so need to modify kernel for verification. Upstream commit 93a2001bdfd5 ("HID: hiddev: validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands"). [ mbenes: changelog edited a bit, tags added, fixed some style issues ] Fixes: CVE-2016-5829 References: bsc#986573 CVE-2016-5829 - commit 0440675 ------------------------------------------------------------------- Wed Jul 27 15:16:58 CEST 2016 - mbenes@suse.cz - Fix for CVE-2016-4997 (netfilter: Linux local privilege escalation in compat_setsockopt) Live patch for CVE-2016-4997. Upstream commit ce683e5f9d04 ("netfilter: x_tables: check for bogus target offset") and more. Fixes: CVE-2016-4997 References: bsc#986377 CVE-2016-4997 - commit bb173bb ------------------------------------------------------------------- Fri Jul 1 12:53:30 CEST 2016 - mbenes@suse.cz - Bump up the version number in spec file - commit c7fd813 ------------------------------------------------------------------- Thu Jun 30 16:37:47 CEST 2016 - mbenes@suse.cz - Fix for CVE-2016-4470 (Uninitialized variable in request_key handling) Live patch for CVE-2016-4470. Upstream commit 38327424b40b ("KEYS: potential uninitialized variable"). Fixes: CVE-2016-4470 References: bsc#984764 CVE-2016-4470 - commit 3d2806b ------------------------------------------------------------------- Mon Jun 20 10:56:34 CEST 2016 - mbenes@suse.cz - Update IBS_PROJECT to correct maintenance incident once again - commit f7a3e39 ------------------------------------------------------------------- Wed Jun 1 14:22:13 CEST 2016 - mbenes@suse.cz - Fix for CVE-2016-4565 (infiniband: Using write() instead of bi-directional ioctl() allows writing into user specified kernel memory) Live patch for CVE-2016-4565. Upstream commit e6bd18f57aad ("IB/security: Restrict use of the write() interface"). Fixes: CVE-2016-4565 References: bsc#980883 CVE-2016-4565 - commit 8aab794 ------------------------------------------------------------------- Wed May 25 11:21:25 CEST 2016 - mbenes@suse.cz - Fix for CVE-2016-0758 (tags with indefinite length can corrupt pointers in asn1_find_indefinite_length()) Live patch for CVE-2016-0758. Upstream commit 23c8a812dc3c ("KEYS: Fix ASN.1 indefinite length object parsing"). Fixes: CVE-2016-0758 References: bsc#980856 CVE-2016-0758 - commit 9933063 ------------------------------------------------------------------- Wed May 18 16:41:48 CEST 2016 - mbenes@suse.cz - Fix for CVE-2016-2053 (KEYS: Kernel panic and system lockup by triggering BUG_ON() in public_key_verify_signature()) Live patch for CVE-2016-2053. Upstream commit 0d62e9dd6da4 ("ASN.1: Fix non-match detection failure on data overrun"). Fixes: CVE-2016-2053 References: bsc#979074 CVE-2016-2053 - commit 515639f ------------------------------------------------------------------- Fri May 13 11:40:05 CEST 2016 - mbenes@suse.cz - Update IBS_PROJECT to correct maintenance incident after initial submission - commit 6185706 ------------------------------------------------------------------- Tue May 10 15:43:59 CEST 2016 - mbenes@suse.cz - Add compat.h to deal with changes of KGR_PATCH macro Sympos patch set for kGraft redefined KGR_PATCH macro and added two new ones. Add new compat.h which contains macro magic so that all kGraft patches would work on both old and new kernels with the patch set merged. - commit 4186bef ------------------------------------------------------------------- Tue May 10 12:50:49 CEST 2016 - mbenes@suse.cz - New branch for SLE12-SP1_Update_5 - commit 366d4b4 ------------------------------------------------------------------- Fri May 6 17:01:17 CEST 2016 - mbenes@suse.cz - Fix the number of parameters of KGR_PATCH macro New kernels contain kGraft's sympos patch set which changed number of paramaters of KGR_PATCH macro and introduced new macros. Fix it in master so it will be ok for new branches. - commit 78cf676 ------------------------------------------------------------------- Tue Sep 1 13:00:23 CEST 2015 - mmarek@suse.com - Include the RPM version number in the module name - commit 8fa02c6 ------------------------------------------------------------------- Wed Aug 26 11:29:44 CEST 2015 - mbenes@suse.cz - Remove forgotten debug option in the Makefile - commit 9c24ab8 ------------------------------------------------------------------- Mon Aug 17 13:42:04 CEST 2015 - mbenes@suse.cz - Add license and copyright notices - commit d42d3aa ------------------------------------------------------------------- Wed Jul 15 15:58:35 CEST 2015 - mbenes@suse.cz - Remove immediate flag Fake signal was merged to kGraft and immediate feature removed. Remove it in kGraft patches from now on too. - commit c767ad2 ------------------------------------------------------------------- Wed May 20 16:32:17 CEST 2015 - mbenes@suse.cz - Set immediate flag to false Using immediate set to true can lead to BUGs and oopses when downgrading, reverting or applying replace_all patches. There is no way how to find out if there is a process in the old code which is being removed. The module would be put, removed and the process will crash. The consistency model guarantees that there is no one in the old code when the finalization ends. Thus use it for all case to be safe. - commit 830e1a3 ------------------------------------------------------------------- Tue May 12 15:48:07 CEST 2015 - mbenes@suse.cz - Fix description in rpm spec file Spec file description mentions initial kGraft patch which is only true for real initial patch. Make it more neutral. References: bsc#930408 - commit a55e023 ------------------------------------------------------------------- Wed Apr 1 15:36:24 CEST 2015 - mbenes@suse.cz - Generate archives names automatically in tar-up.sh - commit 1f34f18 ------------------------------------------------------------------- Wed Apr 1 13:39:26 CEST 2015 - mbenes@suse.cz - Automatically generate .changes file from git log Also add comments to tar-up.sh script to distinguish between sections. - commit 212a7ae ------------------------------------------------------------------- Thu Mar 26 14:24:21 CET 2015 - mmarek@suse.cz - Revert "Require exact kernel version in the patch" This needs to be done differently, so that modprobe --force works as expected. References: bnc#920615 This reverts commit c62c11aecd4e3f8822e1b835fea403acc3148c5a. - commit bc88dd7 ------------------------------------------------------------------- Wed Mar 25 13:10:24 CET 2015 - mmarek@suse.cz - Require exact kernel version in the patch References: bnc#920615 - commit c62c11a ------------------------------------------------------------------- Tue Mar 24 12:15:41 CET 2015 - mmarek@suse.cz - Add the git commit and branch to the package description References: bnc#920633 - commit 1ff4e48 ------------------------------------------------------------------- Wed Nov 26 10:09:14 CET 2014 - mbenes@suse.cz - Set immediate flag for the initial patch Setting immediate to true will simplify installation of the initial patch and possibly also of the further updates. References: bnc#907150 - commit 391b810 ------------------------------------------------------------------- Tue Nov 25 16:26:40 CET 2014 - mbenes@suse.cz - Add .replace_all set to true Add .replace_all flag set to true even to the initial patch. Thus we will not forget to add that later. Also .immediate is there as a comment. - commit 933e15e ------------------------------------------------------------------- Mon Nov 24 15:02:33 CET 2014 - mmarek@suse.cz - Drop the hardcoded kernel release string The updated kgraft-devel macros set this during build time, so we do not need to know the kernel release string beforehand. As a name suffix for the source packages, let's use SLE12_Test in the master branch and SLE12_Update_ in the update branches. - commit 65f7a25 ------------------------------------------------------------------- Fri Nov 21 15:48:48 CET 2014 - mmarek@suse.cz - Check that we are building against the set kernel version - commit 689e44a ------------------------------------------------------------------- Wed Nov 12 04:11:14 CET 2014 - mmarek@suse.cz - Mark the module as supported References: bnc#904970 - commit 6249314 ------------------------------------------------------------------- Tue Nov 11 17:11:28 CET 2014 - mmarek@suse.cz - Build the test packages against Devel:kGraft:SLE12 - commit c952fbb ------------------------------------------------------------------- Thu Nov 6 13:55:43 CET 2014 - mbenes@suse.cz - Add top git commit hash to uname -v Add top git commit hash to version part of uname. This makes the identification of current patch level easy (even in crash: p kgr_tag). References: fate#317769 - commit 54c9595 ------------------------------------------------------------------- Tue Nov 4 16:23:50 CET 2014 - mbenes@suse.cz - Replace @@RELEASE@@ in kgr_patch->name with @@RPMRELEASE@@ We need to replace @@RELEASE@@ in kgr_patch->name with @@RPMRELEASE@@ due to sysfs tree. @@RELEASE@@ changes with each new version of package. - commit 51fd9dd ------------------------------------------------------------------- Mon Nov 3 17:27:24 CET 2014 - mmarek@suse.cz - Add a source-timestamp file with the git commit hash and branch This is required by the bs-upload-kernel script to upload packages to the BS. It can also be used by the specfile in the future. - commit feab4f1 ------------------------------------------------------------------- Mon Nov 3 16:56:31 CET 2014 - mbenes@suse.cz - Initial commit - commit 600de9d ------------------------------------------------------------------- Mon Nov 3 14:59:46 CET 2014 - mmarek@suse.cz - Add config.sh script This tells the automatic builder which IBS project to use. - commit aa7f1cb