diff options
| author | Figue | 2017-12-26 10:32:31 +0100 |
|---|---|---|
| committer | Figue | 2017-12-26 10:32:31 +0100 |
| commit | bfa93f0ccf025b85d4acc6ec857f8ae51585293f (patch) | |
| tree | 3adbe7ec81a6e8220f4b02312ff0a4a5beaab363 /PKGBUILD | |
| parent | 3f30491870bfe98cd3c5c2f6c4fccbe4d8803ce3 (diff) | |
| download | aur-bfa93f0ccf025b85d4acc6ec857f8ae51585293f.tar.gz | |
Added Archlinux patches and config
Diffstat (limited to 'PKGBUILD')
| -rw-r--r-- | PKGBUILD | 32 |
1 files changed, 25 insertions, 7 deletions
@@ -8,14 +8,14 @@ _kernelname=-bld pkgver=4.14.9 _srcname=linux-4.14 _pkgver2=${_srcname#*-}.0 -pkgrel=1 +pkgrel=2 arch=('x86_64') url="https://github.com/rmullick/linux" license=('GPL2') makedepends=('xmlto' 'kmod' 'inetutils' 'bc' 'libelf') options=('!strip') _BLDpatch="BLD-${_srcname#*-}.patch" -arch_config_trunk=21974ba817377021dde4233a34b61a6b5fba798b +arch_config_trunk=08b9be792b16e05a6febc3184c286c99a8088b86 source=("http://www.kernel.org/pub/linux/kernel/v4.x/${_srcname}.tar.xz" "https://www.kernel.org/pub/linux/kernel/v4.x/${_srcname}.tar.sign" "http://www.kernel.org/pub/linux/kernel/v4.x/patch-${pkgver}.xz" @@ -28,9 +28,13 @@ source=("http://www.kernel.org/pub/linux/kernel/v4.x/${_srcname}.tar.xz" "config::https://git.archlinux.org/svntogit/packages.git/plain/trunk/config?h=packages/linux&id=${arch_config_trunk}" # main BLD patch "https://raw.githubusercontent.com/rmullick/bld-patches/master/${_BLDpatch}" - "0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch" - "0001-e1000e-Fix-e1000_check_for_copper_link_ich8lan-retur.patch" - "0002-dccp-CVE-2017-8824-use-after-free-in-DCCP-code.patch" + 0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch + 0001-e1000e-Fix-e1000_check_for_copper_link_ich8lan-retur.patch + 0002-dccp-CVE-2017-8824-use-after-free-in-DCCP-code.patch + 0001-Revert-xfrm-Fix-stack-out-of-bounds-read-in-xfrm_sta.patch + 0002-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch + 0003-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch + 0001-ALSA-usb-audio-Fix-the-missing-ctl-name-suffix-at-pa.patch ) sha256sums=('f81d59477e90a130857ce18dc02f4fbe5725854911db1e7ba770c7cd350f96a7' @@ -40,11 +44,15 @@ sha256sums=('f81d59477e90a130857ce18dc02f4fbe5725854911db1e7ba770c7cd350f96a7' 'ae2e95db94ef7176207c690224169594d49445e04249d2499e9d2fbc117a0b21' '75f99f5239e03238f88d1a834c50043ec32b1dc568f2cc291b07d04718483919' '5b51a1eacb3e00b304ca54d31f467ec1fb15fdfce93f1c62963d087bf753e812' - '3d139e6cfc42a0bb52a6c49a2bb94ff523dc728b8d548178dbc0a90726eb4151' + '4d12ed868b05720c3d263c8454622c67bdee6969400049d7adac7b00907ad195' '80b697edb27534e0651609708faaa9f933c8bbc198d410f6cd50ef9ae2128794' '37b86ca3de148a34258e3176dbf41488d9dbd19e93adbd22a062b3c41332ce85' 'c6e7db7dfd6a07e1fd0e20c3a5f0f315f9c2a366fe42214918b756f9a1c9bfa3' - '1d69940c6bf1731fa1d1da29b32ec4f594fa360118fe7b128c9810285ebf13e2') + '1d69940c6bf1731fa1d1da29b32ec4f594fa360118fe7b128c9810285ebf13e2' + 'ed3266ab03f836f57de0faf8a10ffd7566c909515c2649de99adaab2fac4aa32' + '64a014f7e1b4588728b3ea9538beee67ec63fb792d890c7be9cc13ddc2121b00' + '3d4c41086c077fbd515d04f5e59c0c258f700433c5da3365d960b696c2e56efb' + '95f0d0a94983b0dafd295f660a663f9be5ef2fcb9646098426a5d12b59f50638') validpgpkeys=( 'ABAF11C65A2970B130ABE3C479BE3E4300411886' # Linus Torvalds @@ -89,6 +97,16 @@ prepare() { # https://nvd.nist.gov/vuln/detail/CVE-2017-8824 patch -Np1 -i ../0002-dccp-CVE-2017-8824-use-after-free-in-DCCP-code.patch + # https://bugs.archlinux.org/task/56605 + patch -Np1 -i ../0001-Revert-xfrm-Fix-stack-out-of-bounds-read-in-xfrm_sta.patch + patch -Np1 -i ../0002-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch + + # https://bugs.archlinux.org/task/56846 + patch -Np1 -i ../0003-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch + + # https://bugs.archlinux.org/task/56830 + patch -Np1 -i ../0001-ALSA-usb-audio-Fix-the-missing-ctl-name-suffix-at-pa.patch + cp -Tf ../config .config ### Optionally disable NUMA for 64-bit kernels only |