diff options
author | Stijn Tintel <stijn@linux-ipv6.be> | 2017-08-17 10:51:05 +0200 |
---|---|---|
committer | Stijn Tintel <stijn@linux-ipv6.be> | 2017-08-17 12:34:34 +0200 |
commit | 2d02a4f5bda4a5ff392286360ec7d1129bd77d25 (patch) | |
tree | c243a9231fd508b585c2711e8b691e8ca06d2988 /target/linux/generic/pending-4.9/613-netfilter_optional_tcp_window_check.patch | |
parent | d9564d79b8e91eed23c45afd2eb4a71a97c922eb (diff) | |
download | upstream-2d02a4f5bda4a5ff392286360ec7d1129bd77d25.tar.gz upstream-2d02a4f5bda4a5ff392286360ec7d1129bd77d25.tar.bz2 upstream-2d02a4f5bda4a5ff392286360ec7d1129bd77d25.zip |
kernel: update 4.9 to 4.9.44
Refresh patches.
Adapt 704-phy-no-genphy-soft-reset.patch.
Remove brcm2708/950-0005-mm-Remove-the-PFN-busy-warning.patch.
Compile-tested on brcm2708/bcm2708 and x86/64.
Runtime-tested on brcm2708/bcm2708 and x86/64.
Fixes the following vulnerabilities:
- CVE-2017-7533
- CVE-2017-1000111
- CVE-2017-1000112
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Diffstat (limited to 'target/linux/generic/pending-4.9/613-netfilter_optional_tcp_window_check.patch')
-rw-r--r-- | target/linux/generic/pending-4.9/613-netfilter_optional_tcp_window_check.patch | 9 |
1 files changed, 2 insertions, 7 deletions
diff --git a/target/linux/generic/pending-4.9/613-netfilter_optional_tcp_window_check.patch b/target/linux/generic/pending-4.9/613-netfilter_optional_tcp_window_check.patch index b11337e944..78a9617762 100644 --- a/target/linux/generic/pending-4.9/613-netfilter_optional_tcp_window_check.patch +++ b/target/linux/generic/pending-4.9/613-netfilter_optional_tcp_window_check.patch @@ -6,8 +6,6 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name> net/netfilter/nf_conntrack_proto_tcp.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) -diff --git a/net/netfilter/nf_conntrack_proto_tcp.c b/net/netfilter/nf_conntrack_proto_tcp.c -index 69f687740c76..f24b62668dc8 100644 --- a/net/netfilter/nf_conntrack_proto_tcp.c +++ b/net/netfilter/nf_conntrack_proto_tcp.c @@ -33,6 +33,9 @@ @@ -20,7 +18,7 @@ index 69f687740c76..f24b62668dc8 100644 /* "Be conservative in what you do, be liberal in what you accept from others." If it's non-zero, we mark only out of window RST segments as INVALID. */ -@@ -513,6 +516,9 @@ static bool tcp_in_window(const struct nf_conn *ct, +@@ -513,6 +516,9 @@ static bool tcp_in_window(const struct n s32 receiver_offset; bool res, in_recv_win; @@ -30,7 +28,7 @@ index 69f687740c76..f24b62668dc8 100644 /* * Get the required data from the packet. */ -@@ -1479,6 +1485,13 @@ static struct ctl_table tcp_sysctl_table[] = { +@@ -1479,6 +1485,13 @@ static struct ctl_table tcp_sysctl_table .mode = 0644, .proc_handler = proc_dointvec, }, @@ -44,6 +42,3 @@ index 69f687740c76..f24b62668dc8 100644 { } }; #endif /* CONFIG_SYSCTL */ --- -2.11.0 - |