Date: Wednesday, January 18, 2023 @ 11:49:23
Author: andyrtr
Revision: 466893
upgpkg: linux-lts 5.15.89-1: upstream update 5.15.89
Modified:
linux-lts/trunk/PKGBUILD
linux-lts/trunk/config
Deleted:
linux-lts/trunk/0006-netfilter-nft_payload-incorrect-arithmetics-when-fetching-vlan-header-bits.patch
---------------------------------------------------------------------------------------+
0006-netfilter-nft_payload-incorrect-arithmetics-when-fetching-vlan-header-bits.patch
| 37 ----------
PKGBUILD
| 12 +--
config
| 10 +-
3 files changed, 10 insertions(+), 49 deletions(-)
Deleted:
0006-netfilter-nft_payload-incorrect-arithmetics-when-fetching-vlan-header-bits.patch
===================================================================
---
0006-netfilter-nft_payload-incorrect-arithmetics-when-fetching-vlan-header-bits.patch
2023-01-18 11:33:34 UTC (rev 466892)
+++
0006-netfilter-nft_payload-incorrect-arithmetics-when-fetching-vlan-header-bits.patch
2023-01-18 11:49:23 UTC (rev 466893)
@@ -1,37 +0,0 @@
-From 696e1a48b1a1b01edad542a1ef293665864a4dd0 Mon Sep 17 00:00:00 2001
-From: Pablo Neira Ayuso <[email protected]>
-Date: Wed, 11 Jan 2023 17:07:33 +0100
-Subject: netfilter: nft_payload: incorrect arithmetics when fetching VLAN
header bits
-
-From: Pablo Neira Ayuso <[email protected]>
-
-commit 696e1a48b1a1b01edad542a1ef293665864a4dd0 upstream.
-
-If the offset + length goes over the ethernet + vlan header, then the
-length is adjusted to copy the bytes that are within the boundaries of
-the vlan_ethhdr scratchpad area. The remaining bytes beyond ethernet +
-vlan header are copied directly from the skbuff data area.
-
-Fix incorrect arithmetic operator: subtract, not add, the size of the
-vlan header in case of double-tagged packets to adjust the length
-accordingly to address CVE-2023-0179.
-
-Reported-by: Davide Ornaghi <[email protected]>
-Fixes: f6ae9f120dad ("netfilter: nft_payload: add C-VLAN support")
-Signed-off-by: Pablo Neira Ayuso <[email protected]>
-Signed-off-by: Greg Kroah-Hartman <[email protected]>
----
- net/netfilter/nft_payload.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
---- a/net/netfilter/nft_payload.c
-+++ b/net/netfilter/nft_payload.c
-@@ -63,7 +63,7 @@ nft_payload_copy_vlan(u32 *d, const stru
- return false;
-
- if (offset + len > VLAN_ETH_HLEN + vlan_hlen)
-- ethlen -= offset + len - VLAN_ETH_HLEN + vlan_hlen;
-+ ethlen -= offset + len - VLAN_ETH_HLEN - vlan_hlen;
-
- memcpy(dst_u8, vlanh + offset - vlan_hlen, ethlen);
-
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2023-01-18 11:33:34 UTC (rev 466892)
+++ PKGBUILD 2023-01-18 11:49:23 UTC (rev 466893)
@@ -1,8 +1,8 @@
# Maintainer: Andreas Radke <[email protected]>
pkgbase=linux-lts
-pkgver=5.15.88
-pkgrel=2
+pkgver=5.15.89
+pkgrel=1
pkgdesc='LTS Linux'
url="https://www.kernel.org/";
arch=(x86_64)
@@ -21,7 +21,6 @@
0003-iommu-intel-do-deep-dma-unmapping-to-avoid-kernel-fl.patch
0004-Bluetooth-btintel-Fix-bdaddress-comparison-with-garb.patch
0005-lg-laptop-Recognize-more-models.patch
-
0006-netfilter-nft_payload-incorrect-arithmetics-when-fetching-vlan-header-bits.patch
)
validpgpkeys=(
'ABAF11C65A2970B130ABE3C479BE3E4300411886' # Linus Torvalds
@@ -28,15 +27,14 @@
'647F28654894E3BD457199BE38DBBDC86092693E' # Greg Kroah-Hartman
)
# https://www.kernel.org/pub/linux/kernel/v5.x/sha256sums.asc
-sha256sums=('417539fdd96a3af97ef9ad2b51ca13967cb922f53970563b60290b935a81a181'
+sha256sums=('e7311b874e014bb6d37c051319bd6a4a4e3d05a1c32546522deabbfd2d752fe8'
'SKIP'
- '63e560fe9eff69f07336334a38f22eef8a798ccf6c7a4a90285ea94c70d5fbb4'
+ 'e4327d26fc51b2cd304fc40695ba5433974a4545c8b12adf227a826f0b7008e2'
'3b5cfc9ca9cf778ea2c4b619b933cda26519969df2d764b5a687f63cf59974cd'
'c175fbb141c3cec013c799f694d88310375ac5456042f6a4a1adc7667836d786'
'8357f000b2b622e73dcfd41c2bad42b5e99fffe8f7ee64f774aa771f86cef43c'
'5c1ee81fdd5818442af6081de987f9c1a9ce3c8d183566b3dfc19a8433aa3dde'
- '067e8995fcd6f6ed25e0253e9374c0e179a000c154da3e59ce62634945ac5be9'
- 'e1ba639a62ef788cb5653cbf5601b1534379211c50176e48f0b04ae555941c8d')
+ '067e8995fcd6f6ed25e0253e9374c0e179a000c154da3e59ce62634945ac5be9')
export KBUILD_BUILD_HOST=archlinux
export KBUILD_BUILD_USER=$pkgbase
Modified: config
===================================================================
--- config 2023-01-18 11:33:34 UTC (rev 466892)
+++ config 2023-01-18 11:49:23 UTC (rev 466893)
@@ -1,15 +1,15 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/x86 5.15.88 Kernel Configuration
+# Linux/x86 5.15.89 Kernel Configuration
#
-CONFIG_CC_VERSION_TEXT="gcc (GCC) 12.2.0"
+CONFIG_CC_VERSION_TEXT="gcc (GCC) 12.2.1 20230111"
CONFIG_CC_IS_GCC=y
-CONFIG_GCC_VERSION=120200
+CONFIG_GCC_VERSION=120201
CONFIG_CLANG_VERSION=0
CONFIG_AS_IS_GNU=y
-CONFIG_AS_VERSION=23900
+CONFIG_AS_VERSION=24000
CONFIG_LD_IS_BFD=y
-CONFIG_LD_VERSION=23900
+CONFIG_LD_VERSION=24000
CONFIG_LLD_VERSION=0
CONFIG_CC_CAN_LINK=y
CONFIG_CC_CAN_LINK_STATIC=y
