diff options
| author | Stijn Tintel <stijn@linux-ipv6.be> | 2018-07-31 05:11:07 +0300 |
|---|---|---|
| committer | Stijn Tintel <stijn@linux-ipv6.be> | 2018-07-31 05:11:07 +0300 |
| commit | 22b9f99b87fa1ff991180cabf02dd04d1bddce2b (patch) | |
| tree | 4675ce75a330278a46b34522f99d9e5ca6b9e8d3 /target/linux/generic/pending-4.14/610-netfilter_match_bypass_default_checks.patch | |
| parent | c89195eb25a4dfd093f9d0d3b3adac896bb471ad (diff) | |
| download | upstream-22b9f99b87fa1ff991180cabf02dd04d1bddce2b.tar.gz upstream-22b9f99b87fa1ff991180cabf02dd04d1bddce2b.tar.bz2 upstream-22b9f99b87fa1ff991180cabf02dd04d1bddce2b.zip | |
kernel: bump 4.14 to 4.14.59
Drop patch that was superseded upstream:
ramips/0036-mtd-fix-cfi-cmdset-0002-erase-status-check.patch
Drop upstreamed patches:
- apm821xx/020-0001-crypto-crypto4xx-remove-bad-list_del.patch
- apm821xx/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch
- ath79/0011-MIPS-ath79-fix-register-address-in-ath79_ddr_wb_flus.patch
- brcm63xx/001-4.15-08-bcm63xx_enet-correct-clock-usage.patch
- brcm63xx/001-4.15-09-bcm63xx_enet-do-not-write-to-random-DMA-channel-on-B.patch
- generic/backport/080-net-convert-sock.sk_wmem_alloc-from-atomic_t-to-refc.patch
- generic/pending/170-usb-dwc2-Fix-DMA-alignment-to-start-at-allocated-boun.patch
- generic/pending/900-gen_stats-fix-netlink-stats-padding.patch
In 4.14.55, a patch was introduced that breaks ext4 images in some
cases. The newly introduced patch
backport-4.14/500-ext4-fix-check-to-prevent-initializing-reserved-inod.patch
addresses this breakage.
Fixes the following CVEs:
- CVE-2018-10876
- CVE-2018-10877
- CVE-2018-10879
- CVE-2018-10880
- CVE-2018-10881
- CVE-2018-10882
- CVE-2018-10883
Compile-tested: ath79, octeon, x86/64
Runtime-tested: ath79, octeon, x86/64
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Diffstat (limited to 'target/linux/generic/pending-4.14/610-netfilter_match_bypass_default_checks.patch')
| -rw-r--r-- | target/linux/generic/pending-4.14/610-netfilter_match_bypass_default_checks.patch | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/target/linux/generic/pending-4.14/610-netfilter_match_bypass_default_checks.patch b/target/linux/generic/pending-4.14/610-netfilter_match_bypass_default_checks.patch index 3611879609..2541230ff5 100644 --- a/target/linux/generic/pending-4.14/610-netfilter_match_bypass_default_checks.patch +++ b/target/linux/generic/pending-4.14/610-netfilter_match_bypass_default_checks.patch @@ -68,7 +68,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name> if (!xt_percpu_counter_alloc(alloc_state, &e->counters)) return -ENOMEM; -@@ -817,6 +845,7 @@ copy_entries_to_user(unsigned int total_ +@@ -818,6 +846,7 @@ copy_entries_to_user(unsigned int total_ const struct xt_table_info *private = table->private; int ret = 0; const void *loc_cpu_entry; @@ -76,7 +76,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name> counters = alloc_counters(table); if (IS_ERR(counters)) -@@ -844,6 +873,14 @@ copy_entries_to_user(unsigned int total_ +@@ -845,6 +874,14 @@ copy_entries_to_user(unsigned int total_ goto free_counters; } @@ -91,7 +91,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name> for (i = sizeof(struct ipt_entry); i < e->target_offset; i += m->u.match_size) { -@@ -1226,12 +1263,15 @@ compat_copy_entry_to_user(struct ipt_ent +@@ -1227,12 +1264,15 @@ compat_copy_entry_to_user(struct ipt_ent compat_uint_t origsize; const struct xt_entry_match *ematch; int ret = 0; |