diff options
Diffstat (limited to 'PKGBUILD')
-rw-r--r-- | PKGBUILD | 21 |
1 files changed, 16 insertions, 5 deletions
@@ -5,7 +5,7 @@ pkgbase=linux-selinux _srcname=linux-4.11 pkgver=4.11.6 -pkgrel=1 +pkgrel=3 arch=('i686' 'x86_64') url="https://www.kernel.org/" license=('GPL2') @@ -21,16 +21,22 @@ source=("https://www.kernel.org/pub/linux/kernel/v4.x/${_srcname}.tar.xz" # pacman hook for initramfs regeneration '90-linux.hook' # standard config files for mkinitcpio ramdisk - 'linux.preset') + 'linux.preset' + CVE-2017-1000364.mm-larger-stack-guard-gap-between-vmas.patch + CVE-2017-1000364.mm-fix-new-crash-in-unmapped_area_topdown.patch + CVE-2017-1000364.fixup.allow-stack-to-grow-up-to-address-space-limit.patch) sha256sums=('b67ecafd0a42b3383bf4d82f0850cbff92a7e72a215a6d02f42ddbafcf42a7d6' 'SKIP' '00c0b804ccda18d6ed4a32ba0be049a80363aa2bc084733a22da03f435d992a4' 'SKIP' - 'cdb71954e601a1a9bed9e9fb3ba7d8d704953d8bc816dbadee9ef0ddbac3e8ed' - '37907b939ccbfefb31d1caa655d95f9828a368ecf9631ff02c7bd73ec1ff9209' + '07caad444b2bfea964135d161742ea84601bed448393f3389a486b5cd10f6db5' + '6dd031414c3677ecafb2886a38616bca0e8a52850150f9341bc95038118541c4' '834bd254b56ab71d73f59b3221f056c72f559553c04718e350ab2a3e2991afe0' - 'ad6344badc91ad0630caacde83f7f9b97276f80d26a20619a87952be65492c65') + 'ad6344badc91ad0630caacde83f7f9b97276f80d26a20619a87952be65492c65' + 'e1b6a237894fb9e7bf142eb97b5e53c2e46a15ff69ef11593007f254b9faa160' + 'beede1721c92bae39049be5bcb30e4274406dc53c41436bf75bd44238ee8efe4' + 'de9c4f81b51c497de930b365f63633a005e3b8bcfbb21be93fe0cbab84ed9f76') validpgpkeys=( 'ABAF11C65A2970B130ABE3C479BE3E4300411886' # Linus Torvalds '647F28654894E3BD457199BE38DBBDC86092693E' # Greg Kroah-Hartman @@ -44,6 +50,11 @@ prepare() { # add upstream patch patch -p1 -i "${srcdir}/patch-${pkgver}" + # security patches + patch -p1 < "${srcdir}/CVE-2017-1000364.mm-larger-stack-guard-gap-between-vmas.patch" + patch -p1 < "${srcdir}/CVE-2017-1000364.mm-fix-new-crash-in-unmapped_area_topdown.patch" + patch -p1 < "${srcdir}/CVE-2017-1000364.fixup.allow-stack-to-grow-up-to-address-space-limit.patch" + # add latest fixes from stable queue, if needed # http://git.kernel.org/?p=linux/kernel/git/stable/stable-queue.git |