summarylogtreecommitdiffstats
path: root/PKGBUILD
diff options
context:
space:
mode:
Diffstat (limited to 'PKGBUILD')
-rw-r--r--PKGBUILD30
1 files changed, 24 insertions, 6 deletions
diff --git a/PKGBUILD b/PKGBUILD
index 3be5f8f0b1c..784290bf5e6 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -69,7 +69,7 @@ _use_current=
pkgbase=linux-ck
_srcname=linux-4.14
-pkgver=4.14.8
+pkgver=4.14.9
pkgrel=1
_ckpatchversion=1
arch=('x86_64')
@@ -100,6 +100,10 @@ source=(
0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch
0001-e1000e-Fix-e1000_check_for_copper_link_ich8lan-retur.patch
0002-dccp-CVE-2017-8824-use-after-free-in-DCCP-code.patch
+ 0001-Revert-xfrm-Fix-stack-out-of-bounds-read-in-xfrm_sta.patch
+ 0002-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch
+ 0003-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch
+ 0001-ALSA-usb-audio-Fix-the-missing-ctl-name-suffix-at-pa.patch
)
validpgpkeys=(
'ABAF11C65A2970B130ABE3C479BE3E4300411886' # Linus Torvalds
@@ -107,9 +111,9 @@ validpgpkeys=(
)
sha256sums=('f81d59477e90a130857ce18dc02f4fbe5725854911db1e7ba770c7cd350f96a7'
'SKIP'
- '42eaed731b716244514b765c199e8f675d79287d7630e5c2911053ad52a1fa0a'
+ '5edc955bb67b04c7ed426b1df17a3e322e32ad9fdda9c6abb53ab6eca7faf704'
'SKIP'
- '565f14038a4e781bdf3914dd374fb16553d7925dd3ead14e8b72c9d308828b45'
+ '6dd496a79efcc9c14e38a271bac6288225f997e9aa966ba9ea43e5445d276bed'
'ae2e95db94ef7176207c690224169594d49445e04249d2499e9d2fbc117a0b21'
'834bd254b56ab71d73f59b3221f056c72f559553c04718e350ab2a3e2991afe0'
'ad6344badc91ad0630caacde83f7f9b97276f80d26a20619a87952be65492c65'
@@ -122,7 +126,11 @@ sha256sums=('f81d59477e90a130857ce18dc02f4fbe5725854911db1e7ba770c7cd350f96a7'
'0dbf2d23df0b5d023794332872b8b346d0c4994576b778396364e803acac4498'
'37b86ca3de148a34258e3176dbf41488d9dbd19e93adbd22a062b3c41332ce85'
'c6e7db7dfd6a07e1fd0e20c3a5f0f315f9c2a366fe42214918b756f9a1c9bfa3'
- '1d69940c6bf1731fa1d1da29b32ec4f594fa360118fe7b128c9810285ebf13e2')
+ '1d69940c6bf1731fa1d1da29b32ec4f594fa360118fe7b128c9810285ebf13e2'
+ 'ed3266ab03f836f57de0faf8a10ffd7566c909515c2649de99adaab2fac4aa32'
+ '64a014f7e1b4588728b3ea9538beee67ec63fb792d890c7be9cc13ddc2121b00'
+ '3d4c41086c077fbd515d04f5e59c0c258f700433c5da3365d960b696c2e56efb'
+ '95f0d0a94983b0dafd295f660a663f9be5ef2fcb9646098426a5d12b59f50638')
_kernelname=${pkgbase#linux}
@@ -134,13 +142,23 @@ prepare() {
# disable USER_NS for non-root users by default
patch -Np1 -i ../0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch
-
+
# https://bugs.archlinux.org/task/56575
patch -Np1 -i ../0001-e1000e-Fix-e1000_check_for_copper_link_ich8lan-retur.patch
-
+
# https://nvd.nist.gov/vuln/detail/CVE-2017-8824
patch -Np1 -i ../0002-dccp-CVE-2017-8824-use-after-free-in-DCCP-code.patch
+ # https://bugs.archlinux.org/task/56605
+ patch -Np1 -i ../0001-Revert-xfrm-Fix-stack-out-of-bounds-read-in-xfrm_sta.patch
+ patch -Np1 -i ../0002-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch
+
+ # https://bugs.archlinux.org/task/56846
+ patch -Np1 -i ../0003-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch
+
+ # https://bugs.archlinux.org/task/56830
+ patch -Np1 -i ../0001-ALSA-usb-audio-Fix-the-missing-ctl-name-suffix-at-pa.patch
+
# fix naming schema in EXTRAVERSION of ck patch set
sed -i -re "s/^(.EXTRAVERSION).*$/\1 = /" "../${_ckpatchname}"