openSUSE Commits
Threads by month
- ----- 2024 -----
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
January 2012
- 1 participants
- 1314 discussions
Hello community,
here is the log from the commit of package agg for openSUSE:Factory checked in at 2012-01-04 07:23:08
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/agg (Old)
and /work/SRC/openSUSE:Factory/.agg.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "agg", Maintainer is "adrian(a)suse.com"
Changes:
--------
--- /work/SRC/openSUSE:Factory/agg/agg.changes 2011-10-03 09:11:36.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.agg.new/agg.changes 2012-01-04 07:23:11.000000000 +0100
@@ -1,0 +2,6 @@
+Fri Dec 30 11:12:05 UTC 2011 - idonmez(a)suse.com
+
+- Add agg-remove-const-violation.patch: Don't leak non-const
+ reference to const private member. Based on NetBSD patch.
+
+-------------------------------------------------------------------
New:
----
agg-remove-const-violation.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ agg.spec ++++++
--- /var/tmp/diff_new_pack.5ZNaVU/_old 2012-01-04 07:23:12.000000000 +0100
+++ /var/tmp/diff_new_pack.5ZNaVU/_new 2012-01-04 07:23:12.000000000 +0100
@@ -15,19 +15,20 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
-# norootforbuild
-
-
Name: agg
-BuildRequires: SDL-devel freetype2-devel gcc-c++ libbz2-devel xorg-x11-devel
-BuildRequires: libtool
+Version: 2.5
+Release: 0
+Summary: C++ SVG Rendering Library
License: GPL-2.0+
Group: Development/Libraries/C and C++
-Summary: C++ SVG Rendering Library
-Version: 2.5
-Release: 170
Url: http://antigrain.com
-Provides: agg = %version
+BuildRequires: SDL-devel
+BuildRequires: freetype2-devel
+BuildRequires: gcc-c++
+BuildRequires: libbz2-devel
+BuildRequires: libtool
+BuildRequires: xorg-x11-devel
+Provides: agg = %{version}
Obsoletes: agg <= 2.5
%if 0
Source: agg-%{version}.tar.bz2
@@ -37,9 +38,10 @@
Source: agg-%{version}-patched.tar.bz2
%endif
Source1: agg-patch-source
-Patch: agg-automake-fix.diff
+Patch0: agg-automake-fix.diff
Patch1: agg-gpc.patch
Patch2: agg-2.5.dif
+Patch3: agg-remove-const-violation.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
@@ -47,7 +49,6 @@
C++ interface.
%package -n libagg2
-License: GPL-2.0+
Summary: C++ SVG rendering library
Group: Development/Libraries/C and C++
@@ -55,34 +56,33 @@
Very fast and complete library to render SVG graphics. It provides a
C++ interface.
-
%package devel
-License: GPL-2.0+
Summary: C++ SVG rendering library
Group: Development/Libraries/C and C++
-Requires: libagg2 = %{version}
Requires: freetype2-devel
Requires: glibc-devel
+Requires: libagg2 = %{version}
%description devel
Very fast and complete library to render SVG graphics. It provides a
C++ interface.
%prep
-%setup -q -n agg-%version
-%patch
+%setup -q -n agg-%{version}
+%patch0
%patch1
%patch2 -p0
+%patch3 -p1
%build
mkdir m4
autoreconf -fiv
%configure --disable-static
-%{__make} %{?_smp_mflags}
+make %{?_smp_mflags}
%install
-%makeinstall
-rm -f $RPM_BUILD_ROOT%{_libdir}/lib*.la
+%make_install
+rm -f %{buildroot}%{_libdir}/lib*.la
%post -n libagg2 -p /sbin/ldconfig
@@ -90,7 +90,7 @@
%files -n libagg2
%defattr(-,root,root)
-%_libdir/lib*.so.*
+%{_libdir}/lib*.so.*
%files devel
%defattr(-,root,root)
++++++ agg-remove-const-violation.patch ++++++
Index: agg-2.5/include/agg_renderer_outline_aa.h
===================================================================
--- agg-2.5.orig/include/agg_renderer_outline_aa.h
+++ agg-2.5/include/agg_renderer_outline_aa.h
@@ -1375,7 +1375,6 @@ namespace agg
//---------------------------------------------------------------------
void profile(const line_profile_aa& prof) { m_profile = &prof; }
const line_profile_aa& profile() const { return *m_profile; }
- line_profile_aa& profile() { return *m_profile; }
//---------------------------------------------------------------------
int subpixel_width() const { return m_profile->subpixel_width(); }
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package acpica for openSUSE:Factory checked in at 2012-01-04 07:23:03
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/acpica (Old)
and /work/SRC/openSUSE:Factory/.acpica.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "acpica", Maintainer is "trenn(a)novell.com"
Changes:
--------
--- /work/SRC/openSUSE:Factory/acpica/acpica.changes 2011-09-23 01:51:29.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.acpica.new/acpica.changes 2012-01-04 07:23:05.000000000 +0100
@@ -1,0 +2,33 @@
+Tue Jan 3 11:02:28 UTC 2012 - cfarrell(a)suse.com
+
+- license update: GPL-2.0
+ You added ec_access.c with a GPL-2.0 (only) license. Now the spec file
+ has to be updated to reflect this
+
+-------------------------------------------------------------------
+Wed Dec 21 09:51:55 UTC 2011 - aj(a)suse.de
+
+- Clarify license, it's GPL-2.0+ (bnc#711299).
+
+-------------------------------------------------------------------
+Thu Nov 24 16:33:44 UTC 2011 - trenn(a)suse.de
+
+- ACPICA version 20111123 released with full ACPI 5.0 support
+ Detailed changelog can be found here:
+ http://acpica.org/download/changes.txt
+
+-------------------------------------------------------------------
+Wed Jun 29 19:40:28 UTC 2011 - trenn(a)suse.de
+
+- Fix build for 32 bit
+
+-------------------------------------------------------------------
+Mon Jun 27 11:55:35 UTC 2011 - trenn(a)suse.de
+
+- Update to version 20110623
+- Fixed some "set but not used" errors and a link order issue
+ and sent patches upstream.
+- Set "-Wno-unused-result" for some compilations -> too many
+ offenders to fix that all up.
+
+-------------------------------------------------------------------
Old:
----
acpica-unix-20110316-gcc46.patch
acpica-unix-20110316.tar.bz2
acpica-unix-const.patch
acpica_fix_acpixtract
acpiexec_fix_build_missing_utdecode.patch
New:
----
acpica-unix2-20111123.tar.bz2
acpica_fix_32bit_build.patch
acpica_fix_link_order.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ acpica.spec ++++++
--- /var/tmp/diff_new_pack.oXtbD5/_old 2012-01-04 07:23:06.000000000 +0100
+++ /var/tmp/diff_new_pack.oXtbD5/_new 2012-01-04 07:23:06.000000000 +0100
@@ -20,28 +20,24 @@
Name: acpica
Url: http://acpica.org
-Version: 20110316
-Release: 8
-License: Intel ACPI
-%define src_dir acpica-unix-%{version}
+Version: 20111123
+Release: 6
+License: GPL-2.0
+%define src_dir acpica-unix2-%{version}
%define dmp_ver 20110323
Group: Development/Tools/Debuggers
Summary: This is a set of tools to display and debug your BIOS ACPI tables
Source: %{src_dir}.tar.bz2
Patch1: acpica-override-CFLAGS.diff
Patch2: acpidump-override-CFLAGS.patch
-Patch3: acpiexec_fix_build_missing_utdecode.patch
-Patch4: acpica_fix_acpixtract
-# PATCH-FIX-UPSTREAM acpica-unix-20110316-gcc46.patch idoenmez(a)suse.de -- Fix compilation with gcc 4.6
-Patch5: acpica-unix-20110316-gcc46.patch
-Patch6: acpica-no-compiletime.patch
-# PATCH-FIX-UPSTREAM acpica-unix-const.patch http://www.acpica.org/bugzilla/show_bug.cgi?id=923 -- Fix const correctness
-Patch7: acpica-unix-const.patch
+Patch3: acpica-no-compiletime.patch
+Patch4: acpica_fix_link_order.patch
+Patch5: acpica_fix_32bit_build.patch
Source1: ec_access.c
Source2: acpidump-%{dmp_ver}.tar.bz2
BuildRoot: %{_tmppath}/%{name}-%{version}-build
ExclusiveArch: %ix86 ia64 x86_64
-BuildRequires: bison flex
+BuildRequires: bison flex glibc-devel
Provides: iasl
%description
@@ -69,23 +65,21 @@
%setup -n %{src_dir} -a 2
%patch1 -p1
%patch2 -p1
-%patch3 -p1
+%patch3
%patch4 -p1
-%patch5
-%patch6
-%patch7
+%patch5 -p1
%build
RPM_OPT_FLAGS="$RPM_OPT_FLAGS"
cc %{SOURCE1} $RPM_OPT_FLAGS -o ec_access
make -C acpidump CFLAGS="$RPM_OPT_FLAGS"
-make -C compiler CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"
-make -C tools/acpisrc CFLAGS="$RPM_OPT_FLAGS"
+make -C compiler CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -Wno-unused-result"
+make -C tools/acpisrc CFLAGS="$RPM_OPT_FLAGS -Wno-unused-result"
make -C tools/acpixtract CFLAGS="$RPM_OPT_FLAGS"
# this needs total recompilation with other flags
cp compiler/iasl .
make clean -C compiler CFLAGS="$RPM_OPT_FLAGS"
-make -C tools/acpiexec CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"
+make -C tools/acpiexec CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -Wno-unused-result"
%install
++++++ acpica-no-compiletime.patch ++++++
--- /var/tmp/diff_new_pack.oXtbD5/_old 2012-01-04 07:23:06.000000000 +0100
+++ /var/tmp/diff_new_pack.oXtbD5/_new 2012-01-04 07:23:06.000000000 +0100
@@ -1,8 +1,29 @@
+---
+ compiler/aslcompile.c | 9 ++-------
+ compiler/aslutils.c | 4 ++--
+ include/acapps.h | 8 ++++----
+ 3 files changed, 8 insertions(+), 13 deletions(-)
+
+Index: compiler/aslcompile.c
+===================================================================
--- compiler/aslcompile.c.orig
+++ compiler/aslcompile.c
-@@ -274,8 +274,8 @@ AslCompilerFileHeader (
- NewTime = localtime (&Aclock);
+@@ -157,8 +157,6 @@ void
+ AslCompilerFileHeader (
+ UINT32 FileId)
+ {
+- struct tm *NewTime;
+- time_t Aclock;
+ char *Prefix = "";
+
+@@ -198,12 +196,9 @@ AslCompilerFileHeader (
+
+ /* Compilation header with timestamp */
+
+- (void) time (&Aclock);
+- NewTime = localtime (&Aclock);
+-
FlPrintFile (FileId,
- "%sCompilation of \"%s\" - %s%s\n",
- Prefix, Gbl_Files[ASL_FILE_INPUT].Filename, asctime (NewTime),
@@ -11,22 +32,26 @@
Prefix);
switch (FileId)
+Index: compiler/aslutils.c
+===================================================================
--- compiler/aslutils.c.orig
+++ compiler/aslutils.c
-@@ -567,8 +567,8 @@ UtDisplaySummary (
+@@ -478,8 +478,8 @@ UtDisplaySummary (
{
/* Compiler name and version number */
-- FlPrintFile (FileId, "%s version %X%s [%s]\n",
+- FlPrintFile (FileId, "%s version %X%s [%s]\n\n",
- ASL_COMPILER_NAME, (UINT32) ACPI_CA_VERSION, ACPI_WIDTH, __DATE__);
-+ FlPrintFile (FileId, "%s version %X%s\n",
++ FlPrintFile (FileId, "%s version %X%s\n\n",
+ ASL_COMPILER_NAME, (UINT32) ACPI_CA_VERSION, ACPI_WIDTH);
}
- if (Gbl_FileType == ASL_INPUT_TYPE_ASCII_DATA)
+ /* Summary of main input and output files */
+Index: include/acapps.h
+===================================================================
--- include/acapps.h.orig
+++ include/acapps.h
-@@ -141,15 +141,15 @@
+@@ -69,15 +69,15 @@
/* Macros for signons and file headers */
#define ACPI_COMMON_SIGNON(UtilityName) \
++++++ acpica-override-CFLAGS.diff ++++++
--- /var/tmp/diff_new_pack.oXtbD5/_old 2012-01-04 07:23:06.000000000 +0100
+++ /var/tmp/diff_new_pack.oXtbD5/_new 2012-01-04 07:23:06.000000000 +0100
@@ -9,55 +9,55 @@
tools/acpixtract/Makefile | 2 +-
4 files changed, 4 insertions(+), 4 deletions(-)
-Index: acpica-unix-20101013/compiler/Makefile
+Index: acpica-unix2-20111123/compiler/Makefile
===================================================================
---- acpica-unix-20101013.orig/compiler/Makefile
-+++ acpica-unix-20101013/compiler/Makefile
-@@ -12,7 +12,7 @@ ACPICA_TOOLS = $(ACPICA_SRC)/tools
- ACPICA_OSL = $(ACPICA_SRC)/os_specific/service_layers
-
- NOMAN= YES
--CFLAGS+= -Wall -O2 -Wstrict-prototypes -D_LINUX -DACPI_ASL_COMPILER -I../include -I../compiler
-+override CFLAGS+= -Wall -O2 -Wstrict-prototypes -D_LINUX -DACPI_ASL_COMPILER -I../include -I../compiler
-
- #
- # Bison/Flex configuration
-Index: acpica-unix-20101013/tools/acpiexec/Makefile
+--- acpica-unix2-20111123.orig/compiler/Makefile
++++ acpica-unix2-20111123/compiler/Makefile
+@@ -217,7 +217,7 @@ MISC = \
+ dtparser.y.h \
+ dtparserparse.output
+
+-CFLAGS+= \
++override CFLAGS+= \
+ -D$(HOST) \
+ -D_GNU_SOURCE \
+ -DACPI_ASL_COMPILER \
+Index: acpica-unix2-20111123/tools/acpiexec/Makefile
===================================================================
---- acpica-unix-20101013.orig/tools/acpiexec/Makefile
-+++ acpica-unix-20101013/tools/acpiexec/Makefile
-@@ -11,7 +11,7 @@ ACPICA_TOOLS = $(ACPICA_SRC)/tools
- ACPICA_OSL = $(ACPICA_SRC)/os_specific/service_layers
-
- NOMAN= YES
--CFLAGS+= -Wall -g -D_LINUX -DNDEBUG -D_CONSOLE -DACPI_EXEC_APP -Wstrict-prototypes -I$(ACPICA_SRC)/include
-+override CFLAGS+= -Wall -g -D_LINUX -DNDEBUG -D_CONSOLE -DACPI_EXEC_APP -Wstrict-prototypes -I$(ACPICA_SRC)/include
-
- COMPILE = $(CC) -c $(CFLAGS) -o$@ $?
- LDFLAGS += -lpthread -lrt
-Index: acpica-unix-20101013/tools/acpixtract/Makefile
+--- acpica-unix2-20111123.orig/tools/acpiexec/Makefile
++++ acpica-unix2-20111123/tools/acpiexec/Makefile
+@@ -229,7 +229,7 @@ OBJECTS = \
+ utxface.o \
+ utxfmutex.o
+
+-CFLAGS+= \
++override CFLAGS+= \
+ -D$(HOST) \
+ -D_GNU_SOURCE \
+ -DACPI_EXEC_APP \
+Index: acpica-unix2-20111123/tools/acpixtract/Makefile
===================================================================
---- acpica-unix-20101013.orig/tools/acpixtract/Makefile
-+++ acpica-unix-20101013/tools/acpixtract/Makefile
-@@ -3,7 +3,7 @@
- PROG= acpixtract
- SRCS= acpixtract.c
-
--CFLAGS+= -Wall -O2 -D_LINUX -DACPI_APPLICATION -Wstrict-prototypes -I../../include
-+override CFLAGS+= -D_LINUX -DACPI_APPLICATION -Wstrict-prototypes -I../../include
-
-
- acpixtract : $(patsubst %.c,%.o, $(SRCS))
-Index: acpica-unix-20101013/tools/acpisrc/Makefile
+--- acpica-unix2-20111123.orig/tools/acpixtract/Makefile
++++ acpica-unix2-20111123/tools/acpixtract/Makefile
+@@ -50,7 +50,7 @@ OBJECTS = \
+ axmain.o \
+ getopt.o
+
+-CFLAGS+= \
++override CFLAGS+= \
+ -D$(HOST) \
+ -D_GNU_SOURCE \
+ -DACPI_XTRACT_APP \
+Index: acpica-unix2-20111123/tools/acpisrc/Makefile
===================================================================
---- acpica-unix-20101013.orig/tools/acpisrc/Makefile
-+++ acpica-unix-20101013/tools/acpisrc/Makefile
-@@ -4,7 +4,7 @@ PROG= acpisrc
- SRCS= ascase.c asconvrt.c asfile.c asmain.c asremove.c astable.c \
- asutils.c osunixdir.c ../../common/getopt.c
-
--CFLAGS+= -Wall -O2 -D_LINUX -DACPI_APPLICATION -Wstrict-prototypes -I../../include
-+override CFLAGS+= -Wall -O2 -D_LINUX -DACPI_APPLICATION -Wstrict-prototypes -I../../include
-
-
- aslmain : $(patsubst %.c,%.o, $(SRCS))
+--- acpica-unix2-20111123.orig/tools/acpisrc/Makefile
++++ acpica-unix2-20111123/tools/acpisrc/Makefile
+@@ -58,7 +58,7 @@ OBJECTS = \
+ osunixdir.o \
+ getopt.o
+
+-CFLAGS+= \
++override CFLAGS+= \
+ -D$(HOST) \
+ -D_GNU_SOURCE \
+ -DACPI_SRC_APP \
++++++ acpica-unix-20110316.tar.bz2 -> acpica-unix2-20111123.tar.bz2 ++++++
++++ 78300 lines of diff (skipped)
++++++ acpica_fix_32bit_build.patch ++++++
---
include/platform/aclinux.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Index: acpica-unix-20110623/include/platform/aclinux.h
===================================================================
--- acpica-unix-20110623.orig/include/platform/aclinux.h
+++ acpica-unix-20110623/include/platform/aclinux.h
@@ -170,7 +170,7 @@
#define COMPILER_DEPENDENT_INT64 long long
#define COMPILER_DEPENDENT_UINT64 unsigned long long
#define ACPI_USE_NATIVE_DIVIDE
-#define ACPI_CAST_PTHREAD_T(pthread) ((ACPI_THREAD_ID) (UINT32) (void *) (pthread))
+#define ACPI_CAST_PTHREAD_T(pthread) ((ACPI_THREAD_ID) (UINT32) (pthread))
#endif
#ifndef __cdecl
++++++ acpica_fix_link_order.patch ++++++
---
tools/acpiexec/Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Index: acpica-unix2-20111123/tools/acpiexec/Makefile
===================================================================
--- acpica-unix2-20111123.orig/tools/acpiexec/Makefile
+++ acpica-unix2-20111123/tools/acpiexec/Makefile
@@ -272,7 +272,7 @@ CWARNINGFLAGS += \
# Rules
#
$(PROG) : $(OBJECTS)
- $(CC) $(LDFLAGS) $(OBJECTS) -o $(PROG)
+ $(CC) $(OBJECTS) $(LDFLAGS) -o $(PROG)
$(COPYPROG)
%.o : %.c $(HEADERS) $(ACPICA_HEADERS)
++++++ acpidump-override-CFLAGS.patch ++++++
--- /var/tmp/diff_new_pack.oXtbD5/_old 2012-01-04 07:23:07.000000000 +0100
+++ /var/tmp/diff_new_pack.oXtbD5/_new 2012-01-04 07:23:07.000000000 +0100
@@ -6,10 +6,10 @@
acpidump/Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
-Index: acpica-unix-20090320/acpidump/Makefile
+Index: acpica-unix-20110413/acpidump/Makefile
===================================================================
---- acpica-unix-20090320.orig/acpidump/Makefile
-+++ acpica-unix-20090320/acpidump/Makefile
+--- acpica-unix-20110413.orig/acpidump/Makefile
++++ acpica-unix-20110413/acpidump/Makefile
@@ -1,7 +1,7 @@
PROG= acpidump
SRCS= acpidump.c
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package kernel-source for openSUSE:11.3
checked in at Wed Jan 4 00:45:41 CET 2012.
--------
--- old-versions/11.3/UPDATES/all/kernel-source/kernel-debug.changes 2011-10-24 17:22:09.000000000 +0200
+++ 11.3/kernel-source/kernel-debug.changes 2011-12-21 17:26:42.000000000 +0100
@@ -1,0 +2,124 @@
+Tue Dec 13 18:27:21 CET 2011 - bpoirier(a)suse.de
+
+- patches.fixes/batman-adv-Only-write-requested-number-of-byte-to-us.patch:
+ batman-adv: Only write requested number of byte to user buffer
+ (bnc#736149 CVE-2011-4604).
+- patches.fixes/batman-adv-bat_socket_read-missing-checks.patch:
+ batman-adv: bat_socket_read missing checks (bnc#736149
+ CVE-2011-4604).
+
+-------------------------------------------------------------------
+Mon Dec 12 19:58:02 CET 2011 - bpoirier(a)suse.de
+
+- patches.fixes/net_sched-Fix-qdisc_notify.patch: net_sched:
+ Fix qdisc_notify() (bnc#735612 CVE-2011-2525).
+
+-------------------------------------------------------------------
+Thu Dec 8 16:40:13 CET 2011 - bpoirier(a)suse.de
+
+- patches.fixes/ipv6-fix-NULL-dereference-in-udp6_ufo_fragment.patch:
+ ipv6: fix NULL dereference in udp6_ufo_fragment() (bnc#707288
+ CVE-2011-2699).
+
+-------------------------------------------------------------------
+Wed Nov 30 23:58:35 CET 2011 - bpoirier(a)suse.de
+
+- patches.fixes/inet_diag-fix-inet_diag_bc_audit.patch: inet_diag:
+ fix inet_diag_bc_audit() (bnc#700879 CVE-2011-2213).
+
+-------------------------------------------------------------------
+Tue Nov 29 10:06:42 CET 2011 - mhocko(a)suse.cz
+
+- patches.fixes/x86-mm-Fix-pgd_lock-deadlock.patch: x86/mm:
+ Fix pgd_lock deadlock (bnc#728661).
+- patches.xen/xen-x86_64-pgd-alloc-order: Refresh.
+- patches.xen/xen3-x86-mm-Fix-pgd_lock-deadlock.patch: x86/mm:
+ Fix pgd_lock deadlock (bnc#728661).
+
+-------------------------------------------------------------------
+Fri Nov 25 16:17:48 CET 2011 - bpoirier(a)suse.de
+
+- patches.fixes/vlan-reset-skb-vlan_tci-field-before-reusing-skb.patch:
+ vlan: reset skb->vlan_tci field before reusing skb (bnc#698450
+ CVE-2011-1576).
+
+-------------------------------------------------------------------
+Tue Nov 22 16:39:46 CET 2011 - jdelvare(a)suse.de
+
+- patches.fixes/drm-radeon-kms-fix-up-gpio-i2c-mask-bits-for-r4xx.patch:
+ drm/radeon/kms: fix up gpio i2c mask bits for r4xx (bnc#691052).
+
+-------------------------------------------------------------------
+Mon Nov 21 21:48:10 CET 2011 - bpoirier(a)suse.de
+
+- patches.fixes/netfilter-ipt_CLUSTERIP-fix-buffer-overflow:
+ netfilter: ipt_CLUSTERIP: fix buffer overflow (bnc#702037
+ CVE-2011-2534).
+
+-------------------------------------------------------------------
+Fri Nov 18 23:33:57 CET 2011 - bpoirier(a)suse.de
+
+- patches.fixes/dccp-handle-invalid-feature-options-length:
+ dccp: handle invalid feature options length (bnc#692498
+ CVE-2011-1770).
+
+-------------------------------------------------------------------
+Wed Nov 16 13:49:34 CET 2011 - bpoirier(a)suse.de
+
+- patches.fixes/igbvf-remove-extra-struct-page-member:
+ Remove extra struct page member from
+ the buffer info structure declaration
+ (http://article.gmane.org/gmane.linux.network/180760).
+
+-------------------------------------------------------------------
+Tue Nov 15 17:40:37 CET 2011 - bpoirier(a)suse.de
+
+- patches.fixes/ipv6-make-fragment-identifications-less-predictable.patch:
+ ipv6: make fragment identifications less predictable (bnc#707288
+ CVE-2011-2699).
+
+-------------------------------------------------------------------
+Mon Nov 14 16:41:45 CET 2011 - bpoirier(a)suse.de
+
+- patches.fixes/gro-only-reset-frag0-when-skb-can-be-pulled:
+ gro: Only reset frag0 when skb can be pulled (bnc#709764
+ CVE-2011-2723).
+
+-------------------------------------------------------------------
+Fri Nov 11 22:01:29 CET 2011 - bpoirier(a)suse.de
+
+- patches.fixes/af_packet-prevent-information-leak:
+ af_packet: prevent information leak
+ (bnc#710235 CVE-2011-2898).
+
+-------------------------------------------------------------------
+Thu Nov 3 17:56:07 CET 2011 - mszeredi(a)suse.cz
+
+- patches.fixes/hfs-fix-hfs_find_init-sb-ext_tree-null-ptr-oops.patch:
+ hfs: fix hfs_find_init() sb->ext_tree NULL ptr oops
+ (CVE-2011-2203 bnc#699709).
+
+-------------------------------------------------------------------
+Thu Nov 3 17:05:06 CET 2011 - jeffm(a)suse.com
+
+- patches.fixes/crypto-ghash-avoid-null-pointer-dereference-if-no-key-is-set:
+ crypto: ghash - Avoid null pointer dereference if no key is set
+ (CVE-2011-4081 bnc#726788).
+
+-------------------------------------------------------------------
+Thu Nov 3 16:31:05 CET 2011 - jdelvare(a)suse.de
+
+- patches.fixes/drm-radeon-kms-fix-i2c-masks.patch: Add git commit
+ ID.
+
+-------------------------------------------------------------------
+Thu Nov 3 15:42:12 CET 2011 - jdelvare(a)suse.de
+
+- patches.fixes/ata-pata_it821x-fix-types-array.patch:
+ pata_it821x: Fix RAID type display.
+- patches.fixes/i2c-taos-evm-fix-log-messages.patch: i2c-taos-evm:
+ Fix log messages.
+- patches.fixes/i8k-avoid-lahf-in-64bit-code.patch: i8k: Avoid
+ lahf in 64-bit code.
+
+-------------------------------------------------------------------
kernel-default.changes: same change
kernel-desktop.changes: same change
kernel-docs.changes: same change
kernel-ec2.changes: same change
kernel-net.changes: same change
kernel-pae.changes: same change
kernel-ppc64.changes: same change
kernel-ps3.changes: same change
kernel-s390.changes: same change
kernel-source.changes: same change
kernel-syms.changes: same change
kernel-trace.changes: same change
kernel-vanilla.changes: same change
kernel-vmi.changes: same change
kernel-xen.changes: same change
calling whatdependson for 11.3-i586
Old:
----
minmem
needed_space_in_mb
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ kernel-debug.spec ++++++
--- /var/tmp/diff_new_pack.ZA1beI/_old 2012-01-04 00:42:39.000000000 +0100
+++ /var/tmp/diff_new_pack.ZA1beI/_new 2012-01-04 00:42:39.000000000 +0100
@@ -1,7 +1,7 @@
#
# spec file for package kernel-debug
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -56,7 +56,7 @@
Name: kernel-debug
Summary: A Debug Version of the Kernel
Version: 2.6.34.10
-Release: 0.<RELEASE4>
+Release: 0.<RELEASE6>
%if %using_buildservice
%else
%endif
kernel-default.spec: same change
kernel-desktop.spec: same change
++++++ kernel-docs.spec ++++++
--- /var/tmp/diff_new_pack.ZA1beI/_old 2012-01-04 00:42:39.000000000 +0100
+++ /var/tmp/diff_new_pack.ZA1beI/_new 2012-01-04 00:42:39.000000000 +0100
@@ -1,7 +1,7 @@
#
# spec file for package kernel-docs
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -30,7 +30,7 @@
Group: Documentation/Man
AutoReqProv: on
Version: 2.6.34.10
-Release: 0.<RELEASE2>
+Release: 0.<RELEASE3>
%if %using_buildservice
%else
%endif
++++++ kernel-ec2.spec ++++++
--- /var/tmp/diff_new_pack.ZA1beI/_old 2012-01-04 00:42:39.000000000 +0100
+++ /var/tmp/diff_new_pack.ZA1beI/_new 2012-01-04 00:42:39.000000000 +0100
@@ -1,7 +1,7 @@
#
# spec file for package kernel-ec2
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -56,7 +56,7 @@
Name: kernel-ec2
Summary: The Amazon EC2 Xen Kernel
Version: 2.6.34.10
-Release: 0.<RELEASE4>
+Release: 0.<RELEASE6>
%if %using_buildservice
%else
%endif
++++++ kernel-net.spec ++++++
--- /var/tmp/diff_new_pack.ZA1beI/_old 2012-01-04 00:42:39.000000000 +0100
+++ /var/tmp/diff_new_pack.ZA1beI/_new 2012-01-04 00:42:39.000000000 +0100
@@ -1,7 +1,7 @@
#
# spec file for package kernel-net
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -56,7 +56,7 @@
Name: kernel-net
Summary: Minimal kernel with disk and net support
Version: 2.6.34.10
-Release: 0.<RELEASE2>
+Release: 0.<RELEASE3>
%if %using_buildservice
%else
%endif
++++++ kernel-pae.spec ++++++
--- /var/tmp/diff_new_pack.ZA1beI/_old 2012-01-04 00:42:39.000000000 +0100
+++ /var/tmp/diff_new_pack.ZA1beI/_new 2012-01-04 00:42:39.000000000 +0100
@@ -1,7 +1,7 @@
#
# spec file for package kernel-pae
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -56,7 +56,7 @@
Name: kernel-pae
Summary: Kernel with PAE Support
Version: 2.6.34.10
-Release: 0.<RELEASE4>
+Release: 0.<RELEASE6>
%if %using_buildservice
%else
%endif
++++++ kernel-ppc64.spec ++++++
--- /var/tmp/diff_new_pack.ZA1beI/_old 2012-01-04 00:42:39.000000000 +0100
+++ /var/tmp/diff_new_pack.ZA1beI/_new 2012-01-04 00:42:39.000000000 +0100
@@ -1,7 +1,7 @@
#
# spec file for package kernel-ppc64
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -56,7 +56,7 @@
Name: kernel-ppc64
Summary: Kernel for ppc64 Systems
Version: 2.6.34.10
-Release: 0.<RELEASE2>
+Release: 0.<RELEASE3>
%if %using_buildservice
%else
%endif
kernel-ps3.spec: same change
kernel-s390.spec: same change
++++++ kernel-source.spec ++++++
--- /var/tmp/diff_new_pack.ZA1beI/_old 2012-01-04 00:42:39.000000000 +0100
+++ /var/tmp/diff_new_pack.ZA1beI/_new 2012-01-04 00:42:39.000000000 +0100
@@ -1,7 +1,7 @@
#
# spec file for package kernel-source
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -31,7 +31,7 @@
Name: kernel-source
Summary: The Linux Kernel Sources
Version: 2.6.34.10
-Release: 0.<RELEASE4>
+Release: 0.<RELEASE6>
%if %using_buildservice
%else
%endif
++++++ kernel-syms.spec ++++++
--- /var/tmp/diff_new_pack.ZA1beI/_old 2012-01-04 00:42:39.000000000 +0100
+++ /var/tmp/diff_new_pack.ZA1beI/_new 2012-01-04 00:42:39.000000000 +0100
@@ -1,7 +1,7 @@
#
# spec file for package kernel-syms
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -24,7 +24,7 @@
Name: kernel-syms
Summary: Kernel Symbol Versions (modversions)
Version: 2.6.34.10
-Release: 0.<RELEASE4>
+Release: 0.<RELEASE6>
%if %using_buildservice
%else
%define kernel_source_release %(LC_ALL=C rpm -q kernel-devel%variant-%version --qf "%{RELEASE}" | grep -v 'not installed' || echo 0)
++++++ kernel-trace.spec ++++++
--- /var/tmp/diff_new_pack.ZA1beI/_old 2012-01-04 00:42:39.000000000 +0100
+++ /var/tmp/diff_new_pack.ZA1beI/_new 2012-01-04 00:42:39.000000000 +0100
@@ -1,7 +1,7 @@
#
# spec file for package kernel-trace
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -56,7 +56,7 @@
Name: kernel-trace
Summary: The Realtime Linux Kernel
Version: 2.6.34.10
-Release: 0.<RELEASE4>
+Release: 0.<RELEASE6>
%if %using_buildservice
%else
%endif
kernel-vanilla.spec: same change
kernel-vmi.spec: same change
kernel-xen.spec: same change
++++++ patches.fixes.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.fixes/af_packet-prevent-information-leak new/patches.fixes/af_packet-prevent-information-leak
--- old/patches.fixes/af_packet-prevent-information-leak 1970-01-01 01:00:00.000000000 +0100
+++ new/patches.fixes/af_packet-prevent-information-leak 2011-12-13 18:27:38.000000000 +0100
@@ -0,0 +1,59 @@
+From: Eric Dumazet <eric.dumazet(a)gmail.com>
+Date: Mon, 6 Jun 2011 22:42:06 -0700
+Subject: af_packet: prevent information leak
+Patch-mainline: v3.0-rc3
+Git-commit: 13fcb7bd322164c67926ffe272846d4860196dc6
+References: bnc#710235 CVE-2011-2898
+
+af_packet: prevent information leak
+
+In 2.6.27, commit 393e52e33c6c2 (packet: deliver VLAN TCI to userspace)
+added a small information leak.
+
+Add padding field and make sure its zeroed before copy to user.
+
+Signed-off-by: Eric Dumazet <eric.dumazet(a)gmail.com>
+CC: Patrick McHardy <kaber(a)trash.net>
+Signed-off-by: David S. Miller <davem(a)davemloft.net>
+Acked-by: Benjamin Poirier <bpoirier(a)suse.de>
+---
+ include/linux/if_packet.h | 2 ++
+ net/packet/af_packet.c | 2 ++
+ 2 files changed, 4 insertions(+)
+
+--- a/include/linux/if_packet.h
++++ b/include/linux/if_packet.h
+@@ -60,6 +60,7 @@ struct tpacket_auxdata {
+ __u16 tp_mac;
+ __u16 tp_net;
+ __u16 tp_vlan_tci;
++ __u16 tp_padding;
+ };
+
+ /* Rx ring - header status */
+@@ -98,6 +99,7 @@ struct tpacket2_hdr {
+ __u32 tp_sec;
+ __u32 tp_nsec;
+ __u16 tp_vlan_tci;
++ __u16 tp_padding;
+ };
+
+ #define TPACKET2_HDRLEN (TPACKET_ALIGN(sizeof(struct tpacket2_hdr)) + sizeof(struct sockaddr_ll))
+--- a/net/packet/af_packet.c
++++ b/net/packet/af_packet.c
+@@ -751,6 +751,7 @@ static int tpacket_rcv(struct sk_buff *s
+ h.h2->tp_sec = ts.tv_sec;
+ h.h2->tp_nsec = ts.tv_nsec;
+ h.h2->tp_vlan_tci = vlan_tx_tag_get(skb);
++ h.h2->tp_padding = 0;
+ hdrlen = sizeof(*h.h2);
+ break;
+ default:
+@@ -1616,6 +1617,7 @@ static int packet_recvmsg(struct kiocb *
+ aux.tp_mac = 0;
+ aux.tp_net = skb_network_offset(skb);
+ aux.tp_vlan_tci = vlan_tx_tag_get(skb);
++ aux.tp_padding = 0;
+
+ put_cmsg(msg, SOL_PACKET, PACKET_AUXDATA, sizeof(aux), &aux);
+ }
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.fixes/ata-pata_it821x-fix-types-array.patch new/patches.fixes/ata-pata_it821x-fix-types-array.patch
--- old/patches.fixes/ata-pata_it821x-fix-types-array.patch 1970-01-01 01:00:00.000000000 +0100
+++ new/patches.fixes/ata-pata_it821x-fix-types-array.patch 2011-12-13 18:27:38.000000000 +0100
@@ -0,0 +1,28 @@
+From: Jean Delvare <khali(a)linux-fr.org>
+Subject: pata_it821x: Fix RAID type display
+Patch-mainline: 3.1
+Git-commit: 1c30c02757027ed2da1b0e26609ac8b9b1c2bb1f
+
+The missing comma causes the wrong RAID type to be displayed.
+Introduced by commit 963e4975c6f93c148ca809d986d412201df9af89 three
+years ago, odd that nobody noticed before.
+
+Signed-off-by: Jean Delvare <khali(a)linux-fr.org>
+Cc: Jeff Garzik <jgarzik(a)pobox.com>
+Cc: Alan Cox <alan(a)lxorguk.ukuu.org.uk>
+Acked-by: Jean Delvare <jdelvare(a)suse.de>
+---
+ drivers/ata/pata_it821x.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- linux-3.0-rc5.orig/drivers/ata/pata_it821x.c 2011-05-20 10:42:40.000000000 +0200
++++ linux-3.0-rc5/drivers/ata/pata_it821x.c 2011-07-04 15:05:14.000000000 +0200
+@@ -610,7 +610,7 @@ static void it821x_display_disk(int n, u
+ char *cbl = "(40 wire cable)";
+
+ static const char *types[5] = {
+- "RAID0", "RAID1" "RAID 0+1", "JBOD", "DISK"
++ "RAID0", "RAID1", "RAID 0+1", "JBOD", "DISK"
+ };
+
+ if (buf[52] > 4) /* No Disk */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.fixes/batman-adv-Only-write-requested-number-of-byte-to-us.patch new/patches.fixes/batman-adv-Only-write-requested-number-of-byte-to-us.patch
--- old/patches.fixes/batman-adv-Only-write-requested-number-of-byte-to-us.patch 1970-01-01 01:00:00.000000000 +0100
+++ new/patches.fixes/batman-adv-Only-write-requested-number-of-byte-to-us.patch 2011-12-13 18:27:38.000000000 +0100
@@ -0,0 +1,50 @@
+From: Sven Eckelmann <sven(a)narfation.org>
+Date: Sat, 10 Dec 2011 15:28:36 +0100
+Subject: [PATCH 2/2] batman-adv: Only write requested number of byte to user
+ buffer
+Git-commit: b5a1eeef04cc7859f34dec9b72ea1b28e4aba07c
+Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git
+Patch-mainline: Queued in subsystem maintainer repo
+References: bnc#736149 CVE-2011-4604
+
+Don't write more than the requested number of bytes of an batman-adv icmp
+packet to the userspace buffer. Otherwise unrelated userspace memory might get
+overridden by the kernel.
+
+Signed-off-by: Sven Eckelmann <sven(a)narfation.org>
+Signed-off-by: Marek Lindner <lindner_marek(a)yahoo.de>
+Acked-by: Benjamin Poirier <bpoirier(a)suse.de>
+---
+ drivers/staging/batman-adv/device.c | 9 +++++----
+ 1 file changed, 5 insertions(+), 4 deletions(-)
+
+--- a/drivers/staging/batman-adv/device.c
++++ b/drivers/staging/batman-adv/device.c
+@@ -162,6 +162,7 @@ ssize_t bat_device_read(struct file *fil
+ struct device_client *device_client =
+ (struct device_client *)file->private_data;
+ struct device_packet *device_packet;
++ size_t packet_len;
+ int error;
+ unsigned long flags;
+
+@@ -189,15 +190,15 @@ ssize_t bat_device_read(struct file *fil
+
+ spin_unlock_irqrestore(&device_client->lock, flags);
+
+- error = copy_to_user(buf, &device_packet->icmp_packet,
+- sizeof(struct icmp_packet));
++ packet_len = min(count, sizeof(struct icmp_packet));
++ error = copy_to_user(buf, &device_packet->icmp_packet, packet_len);
+
+ kfree(device_packet);
+
+ if (error)
+- return error;
++ return -EFAULT;
+
+- return sizeof(struct icmp_packet);
++ return packet_len;
+ }
+
+ ssize_t bat_device_write(struct file *file, const char __user *buff,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.fixes/batman-adv-bat_socket_read-missing-checks.patch new/patches.fixes/batman-adv-bat_socket_read-missing-checks.patch
--- old/patches.fixes/batman-adv-bat_socket_read-missing-checks.patch 1970-01-01 01:00:00.000000000 +0100
+++ new/patches.fixes/batman-adv-bat_socket_read-missing-checks.patch 2011-12-13 18:27:38.000000000 +0100
@@ -0,0 +1,33 @@
+From: Paul Kot <pawlkt(a)gmail.com>
+Date: Sat, 10 Dec 2011 15:28:34 +0100
+Subject: [PATCH 1/2] batman-adv: bat_socket_read missing checks
+Git-commit: c00b6856fc642b234895cfabd15b289e76726430
+Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git
+Patch-mainline: Queued in subsystem maintainer repo
+References: bnc#736149 CVE-2011-4604
+
+Writing a icmp_packet_rr and then reading icmp_packet can lead to kernel
+memory corruption, if __user *buf is just below TASK_SIZE.
+
+Signed-off-by: Paul Kot <pawlkt(a)gmail.com>
+[sven(a)narfation.org: made it checkpatch clean]
+Signed-off-by: Sven Eckelmann <sven(a)narfation.org>
+Signed-off-by: Marek Lindner <lindner_marek(a)yahoo.de>
+Acked-by: Benjamin Poirier <bpoirier(a)suse.de>
+---
+ drivers/staging/batman-adv/device.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/drivers/staging/batman-adv/device.c
++++ b/drivers/staging/batman-adv/device.c
+@@ -189,8 +189,8 @@ ssize_t bat_device_read(struct file *fil
+
+ spin_unlock_irqrestore(&device_client->lock, flags);
+
+- error = __copy_to_user(buf, &device_packet->icmp_packet,
+- sizeof(struct icmp_packet));
++ error = copy_to_user(buf, &device_packet->icmp_packet,
++ sizeof(struct icmp_packet));
+
+ kfree(device_packet);
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.fixes/crypto-ghash-avoid-null-pointer-dereference-if-no-key-is-set new/patches.fixes/crypto-ghash-avoid-null-pointer-dereference-if-no-key-is-set
--- old/patches.fixes/crypto-ghash-avoid-null-pointer-dereference-if-no-key-is-set 1970-01-01 01:00:00.000000000 +0100
+++ new/patches.fixes/crypto-ghash-avoid-null-pointer-dereference-if-no-key-is-set 2011-12-13 18:27:38.000000000 +0100
@@ -0,0 +1,105 @@
+From 7ed47b7d142ec99ad6880bbbec51e9f12b3af74c Mon Sep 17 00:00:00 2001
+From: Nick Bowler <nbowler(a)elliptictech.com>
+Date: Thu, 20 Oct 2011 14:16:55 +0200
+Subject: crypto: ghash - Avoid null pointer dereference if no key is set
+Git-commit: 7ed47b7d142ec99ad6880bbbec51e9f12b3af74c
+Patch-mainline: v3.1
+References: CVE-2011-4081 bnc#726788
+Introduced-by: 2.6.32-rc1
+
+The ghash_update function passes a pointer to gf128mul_4k_lle which will
+be NULL if ghash_setkey is not called or if the most recent call to
+ghash_setkey failed to allocate memory. This causes an oops. Fix this
+up by returning an error code in the null case.
+
+This is trivially triggered from unprivileged userspace through the
+AF_ALG interface by simply writing to the socket without setting a key.
+
+The ghash_final function has a similar issue, but triggering it requires
+a memory allocation failure in ghash_setkey _after_ at least one
+successful call to ghash_update.
+
+ BUG: unable to handle kernel NULL pointer dereference at 00000670
+ IP: [<d88c92d4>] gf128mul_4k_lle+0x23/0x60 [gf128mul]
+ *pde = 00000000
+ Oops: 0000 [#1] PREEMPT SMP
+ Modules linked in: ghash_generic gf128mul algif_hash af_alg nfs lockd nfs_acl sunrpc bridge ipv6 stp llc
+
+ Pid: 1502, comm: hashatron Tainted: G W 3.1.0-rc9-00085-ge9308cf #32 Bochs Bochs
+ EIP: 0060:[<d88c92d4>] EFLAGS: 00000202 CPU: 0
+ EIP is at gf128mul_4k_lle+0x23/0x60 [gf128mul]
+ EAX: d69db1f0 EBX: d6b8ddac ECX: 00000004 EDX: 00000000
+ ESI: 00000670 EDI: d6b8ddac EBP: d6b8ddc8 ESP: d6b8dda4
+ DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
+ Process hashatron (pid: 1502, ti=d6b8c000 task=d6810000 task.ti=d6b8c000)
+ Stack:
+ 00000000 d69db1f0 00000163 00000000 d6b8ddc8 c101a520 d69db1f0 d52aa000
+ 00000ff0 d6b8dde8 d88d310f d6b8a3f8 d52aa000 00001000 d88d502c d6b8ddfc
+ 00001000 d6b8ddf4 c11676ed d69db1e8 d6b8de24 c11679ad d52aa000 00000000
+ Call Trace:
+ [<c101a520>] ? kmap_atomic_prot+0x37/0xa6
+ [<d88d310f>] ghash_update+0x85/0xbe [ghash_generic]
+ [<c11676ed>] crypto_shash_update+0x18/0x1b
+ [<c11679ad>] shash_ahash_update+0x22/0x36
+ [<c11679cc>] shash_async_update+0xb/0xd
+ [<d88ce0ba>] hash_sendpage+0xba/0xf2 [algif_hash]
+ [<c121b24c>] kernel_sendpage+0x39/0x4e
+ [<d88ce000>] ? 0xd88cdfff
+ [<c121b298>] sock_sendpage+0x37/0x3e
+ [<c121b261>] ? kernel_sendpage+0x4e/0x4e
+ [<c10b4dbc>] pipe_to_sendpage+0x56/0x61
+ [<c10b4e1f>] splice_from_pipe_feed+0x58/0xcd
+ [<c10b4d66>] ? splice_from_pipe_begin+0x10/0x10
+ [<c10b51f5>] __splice_from_pipe+0x36/0x55
+ [<c10b4d66>] ? splice_from_pipe_begin+0x10/0x10
+ [<c10b6383>] splice_from_pipe+0x51/0x64
+ [<c10b63c2>] ? default_file_splice_write+0x2c/0x2c
+ [<c10b63d5>] generic_splice_sendpage+0x13/0x15
+ [<c10b4d66>] ? splice_from_pipe_begin+0x10/0x10
+ [<c10b527f>] do_splice_from+0x5d/0x67
+ [<c10b6865>] sys_splice+0x2bf/0x363
+ [<c129373b>] ? sysenter_exit+0xf/0x16
+ [<c104dc1e>] ? trace_hardirqs_on_caller+0x10e/0x13f
+ [<c129370c>] sysenter_do_call+0x12/0x32
+ Code: 83 c4 0c 5b 5e 5f c9 c3 55 b9 04 00 00 00 89 e5 57 8d 7d e4 56 53 8d 5d e4 83 ec 18 89 45 e0 89 55 dc 0f b6 70 0f c1 e6 04 01 d6 <f3> a5 be 0f 00 00 00 4e 89 d8 e8 48 ff ff ff 8b 45 e0 89 da 0f
+ EIP: [<d88c92d4>] gf128mul_4k_lle+0x23/0x60 [gf128mul] SS:ESP 0068:d6b8dda4
+ CR2: 0000000000000670
+ ---[ end trace 4eaa2a86a8e2da24 ]---
+ note: hashatron[1502] exited with preempt_count 1
+ BUG: scheduling while atomic: hashatron/1502/0x10000002
+ INFO: lockdep is turned off.
+ [...]
+
+Signed-off-by: Nick Bowler <nbowler(a)elliptictech.com>
+Cc: stable(a)kernel.org [2.6.37+]
+Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au>
+Acked-by: Jeff Mahoney <jeffm(a)suse.com>
+---
+ crypto/ghash-generic.c | 6 ++++++
+ 1 files changed, 6 insertions(+), 0 deletions(-)
+
+diff --git a/crypto/ghash-generic.c b/crypto/ghash-generic.c
+index be44256..7835b8f 100644
+--- a/crypto/ghash-generic.c
++++ b/crypto/ghash-generic.c
+@@ -67,6 +67,9 @@ static int ghash_update(struct shash_desc *desc,
+ struct ghash_ctx *ctx = crypto_shash_ctx(desc->tfm);
+ u8 *dst = dctx->buffer;
+
++ if (!ctx->gf128)
++ return -ENOKEY;
++
+ if (dctx->bytes) {
+ int n = min(srclen, dctx->bytes);
+ u8 *pos = dst + (GHASH_BLOCK_SIZE - dctx->bytes);
+@@ -119,6 +122,9 @@ static int ghash_final(struct shash_desc *desc, u8 *dst)
+ struct ghash_ctx *ctx = crypto_shash_ctx(desc->tfm);
+ u8 *buf = dctx->buffer;
+
++ if (!ctx->gf128)
++ return -ENOKEY;
++
+ ghash_flush(ctx, dctx);
+ memcpy(dst, buf, GHASH_BLOCK_SIZE);
+
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.fixes/dccp-handle-invalid-feature-options-length new/patches.fixes/dccp-handle-invalid-feature-options-length
--- old/patches.fixes/dccp-handle-invalid-feature-options-length 1970-01-01 01:00:00.000000000 +0100
+++ new/patches.fixes/dccp-handle-invalid-feature-options-length 2011-12-13 18:27:38.000000000 +0100
@@ -0,0 +1,33 @@
+From: Dan Rosenberg <drosenberg(a)vsecurity.com>
+Date: Fri, 6 May 2011 03:27:18 +0000
+Subject: [PATCH] dccp: handle invalid feature options length
+Patch-mainline: v2.6.39
+Git-commit: a294865978b701e4d0d90135672749531b9a900d
+References: bnc#692498 CVE-2011-1770
+
+A length of zero (after subtracting two for the type and len fields) for
+the DCCPO_{CHANGE,CONFIRM}_{L,R} options will cause an underflow due to
+the subtraction. The subsequent code may read past the end of the
+options value buffer when parsing. I'm unsure of what the consequences
+of this might be, but it's probably not good.
+
+Signed-off-by: Dan Rosenberg <drosenberg(a)vsecurity.com>
+Cc: stable(a)kernel.org
+Acked-by: Gerrit Renker <gerrit(a)erg.abdn.ac.uk>
+Signed-off-by: David S. Miller <davem(a)davemloft.net>
+Acked-by: Benjamin Poirier <bpoirier(a)suse.de>
+---
+ net/dccp/options.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/net/dccp/options.c
++++ b/net/dccp/options.c
+@@ -131,6 +131,8 @@ int dccp_parse_options(struct sock *sk,
+ case DCCPO_CHANGE_L ... DCCPO_CONFIRM_R:
+ if (pkt_type == DCCP_PKT_DATA) /* RFC 4340, 6 */
+ break;
++ if (len == 0)
++ goto out_invalid_option;
+ rc = dccp_feat_parse_options(sk, dreq, mandatory, opt,
+ *value, value + 1, len - 1);
+ if (rc)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.fixes/drm-radeon-kms-fix-i2c-masks.patch new/patches.fixes/drm-radeon-kms-fix-i2c-masks.patch
--- old/patches.fixes/drm-radeon-kms-fix-i2c-masks.patch 2011-10-19 22:16:41.000000000 +0200
+++ new/patches.fixes/drm-radeon-kms-fix-i2c-masks.patch 2011-12-13 18:27:38.000000000 +0100
@@ -1,6 +1,7 @@
From: Jean Delvare <jdelvare(a)suse.de>
Subject: drm/radeon/kms: Fix I2C mask definitions
-Patch-mainline: Not yet, should happen soon
+Patch-mainline: 3.2
+Git-commit: 286e0c94f9c3f292cb38a977fbbde3433347a868
References: bnc#712023
Commit 9b9fe724 accidentally used RADEON_GPIO_EN_* where
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.fixes/drm-radeon-kms-fix-up-gpio-i2c-mask-bits-for-r4xx.patch new/patches.fixes/drm-radeon-kms-fix-up-gpio-i2c-mask-bits-for-r4xx.patch
--- old/patches.fixes/drm-radeon-kms-fix-up-gpio-i2c-mask-bits-for-r4xx.patch 1970-01-01 01:00:00.000000000 +0100
+++ new/patches.fixes/drm-radeon-kms-fix-up-gpio-i2c-mask-bits-for-r4xx.patch 2011-12-13 18:27:38.000000000 +0100
@@ -0,0 +1,39 @@
+From: Alex Deucher <alexander.deucher(a)amd.com>
+Subject: drm/radeon/kms: fix up gpio i2c mask bits for r4xx
+References: bnc#691052
+Patch-mainline: 3.2
+Git-commit: 6c47e5c23aa2a7c54ad7ac13af4bd56cd9e703bf
+
+Fixes i2c test failures when i2c_algo_bit.bit_test=1.
+
+The hw doesn't actually require a mask, so just set it
+to the default mask bits for r1xx-r4xx radeon ddc.
+
+Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com>
+Cc: stable(a)kernel.org
+Acked-by: Jean Delvare <jdelvare(a)suse.de>
+---
+ drivers/gpu/drm/radeon/radeon_atombios.c | 12 ++++++++++++
+ 1 file changed, 12 insertions(+)
+
+--- a/drivers/gpu/drm/radeon/radeon_atombios.c
++++ b/drivers/gpu/drm/radeon/radeon_atombios.c
+@@ -84,6 +84,18 @@ static inline struct radeon_i2c_bus_rec
+ for (i = 0; i < num_indices; i++) {
+ gpio = &i2c_info->asGPIO_Info[i];
+
++ /* r4xx mask is technically not used by the hw, so patch in the legacy mask bits */
++ if ((rdev->family == CHIP_R420) ||
++ (rdev->family == CHIP_R423) ||
++ (rdev->family == CHIP_RV410)) {
++ if ((le16_to_cpu(gpio->usClkMaskRegisterIndex) == 0x0018) ||
++ (le16_to_cpu(gpio->usClkMaskRegisterIndex) == 0x0019) ||
++ (le16_to_cpu(gpio->usClkMaskRegisterIndex) == 0x001a)) {
++ gpio->ucClkMaskShift = 0x19;
++ gpio->ucDataMaskShift = 0x18;
++ }
++ }
++
+ if (gpio->sucI2cId.ucAccess == id) {
+ i2c.mask_clk_reg = le16_to_cpu(gpio->usClkMaskRegisterIndex) * 4;
+ i2c.mask_data_reg = le16_to_cpu(gpio->usDataMaskRegisterIndex) * 4;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.fixes/gro-only-reset-frag0-when-skb-can-be-pulled new/patches.fixes/gro-only-reset-frag0-when-skb-can-be-pulled
--- old/patches.fixes/gro-only-reset-frag0-when-skb-can-be-pulled 1970-01-01 01:00:00.000000000 +0100
+++ new/patches.fixes/gro-only-reset-frag0-when-skb-can-be-pulled 2011-12-13 18:27:38.000000000 +0100
@@ -0,0 +1,37 @@
+From: Herbert Xu <herbert(a)gondor.apana.org.au>
+Date: Wed, 27 Jul 2011 06:16:28 -0700
+Subject: [PATCH] gro: Only reset frag0 when skb can be pulled
+Patch-mainline: v3.1-rc1
+Git-commit: 17dd759c67f21e34f2156abcf415e1f60605a188
+References: bnc#709764 CVE-2011-2723
+
+Currently skb_gro_header_slow unconditionally resets frag0 and
+frag0_len. However, when we can't pull on the skb this leaves
+the GRO fields in an inconsistent state.
+
+This patch fixes this by only resetting those fields after the
+pskb_may_pull test.
+
+Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au>
+Signed-off-by: David S. Miller <davem(a)davemloft.net>
+Acked-by: Benjamin Poirier <bpoirier(a)suse.de>
+---
+ include/linux/netdevice.h | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+--- a/include/linux/netdevice.h
++++ b/include/linux/netdevice.h
+@@ -1261,9 +1261,12 @@ static inline int skb_gro_header_hard(st
+ static inline void *skb_gro_header_slow(struct sk_buff *skb, unsigned int hlen,
+ unsigned int offset)
+ {
++ if (!pskb_may_pull(skb, hlen))
++ return NULL;
++
+ NAPI_GRO_CB(skb)->frag0 = NULL;
+ NAPI_GRO_CB(skb)->frag0_len = 0;
+- return pskb_may_pull(skb, hlen) ? skb->data + offset : NULL;
++ return skb->data + offset;
+ }
+
+ static inline void *skb_gro_mac_header(struct sk_buff *skb)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.fixes/hfs-fix-hfs_find_init-sb-ext_tree-null-ptr-oops.patch new/patches.fixes/hfs-fix-hfs_find_init-sb-ext_tree-null-ptr-oops.patch
--- old/patches.fixes/hfs-fix-hfs_find_init-sb-ext_tree-null-ptr-oops.patch 1970-01-01 01:00:00.000000000 +0100
+++ new/patches.fixes/hfs-fix-hfs_find_init-sb-ext_tree-null-ptr-oops.patch 2011-12-13 18:27:38.000000000 +0100
@@ -0,0 +1,91 @@
+From 434a964daa14b9db083ce20404a4a2add54d037a Mon Sep 17 00:00:00 2001
+From: Phillip Lougher <plougher(a)redhat.com>
+Date: Wed, 2 Nov 2011 13:38:01 -0700
+Subject: hfs: fix hfs_find_init() sb->ext_tree NULL ptr oops
+Patch-mainline: yes
+References: CVE-2011-2203 bnc#699709
+
+Clement Lecigne reports a filesystem which causes a kernel oops in
+hfs_find_init() trying to dereference sb->ext_tree which is NULL.
+
+This proves to be because the filesystem has a corrupted MDB extent
+record, where the extents file does not fit into the first three extents
+in the file record (the first blocks).
+
+In hfs_get_block() when looking up the blocks for the extent file
+(HFS_EXT_CNID), it fails the first blocks special case, and falls
+through to the extent code (which ultimately calls hfs_find_init())
+which is in the process of being initialised.
+
+Hfs avoids this scenario by always having the extents b-tree fitting
+into the first blocks (the extents B-tree can't have overflow extents).
+
+The fix is to check at mount time that the B-tree fits into first
+blocks, i.e. fail if HFS_I(inode)->alloc_blocks >=
+HFS_I(inode)->first_blocks
+
+Note, the existing commit 47f365eb57573 ("hfs: fix oops on mount with
+corrupted btree extent records") becomes subsumed into this as a special
+case, but only for the extents B-tree (HFS_EXT_CNID), it is perfectly
+acceptable for the catalog B-Tree file to grow beyond three extents,
+with the remaining extent descriptors in the extents overfow.
+
+This fixes CVE-2011-2203
+
+Reported-by: Clement LECIGNE <clement.lecigne(a)netasq.com>
+Signed-off-by: Phillip Lougher <plougher(a)redhat.com>
+Cc: Jeff Mahoney <jeffm(a)suse.com>
+Cc: Christoph Hellwig <hch(a)lst.de>
+Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
+Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org>
+Acked-by: Miklos Szeredi <mszeredi(a)suse.cz>
+---
+ fs/hfs/btree.c | 20 +++++++++++++++-----
+ 1 files changed, 15 insertions(+), 5 deletions(-)
+
+diff --git a/fs/hfs/btree.c b/fs/hfs/btree.c
+index 3ebc437..1cbdeea 100644
+--- a/fs/hfs/btree.c
++++ b/fs/hfs/btree.c
+@@ -46,11 +46,26 @@ struct hfs_btree *hfs_btree_open(struct super_block *sb, u32 id, btree_keycmp ke
+ case HFS_EXT_CNID:
+ hfs_inode_read_fork(tree->inode, mdb->drXTExtRec, mdb->drXTFlSize,
+ mdb->drXTFlSize, be32_to_cpu(mdb->drXTClpSiz));
++ if (HFS_I(tree->inode)->alloc_blocks >
++ HFS_I(tree->inode)->first_blocks) {
++ printk(KERN_ERR "hfs: invalid btree extent records\n");
++ unlock_new_inode(tree->inode);
++ goto free_inode;
++ }
++
+ tree->inode->i_mapping->a_ops = &hfs_btree_aops;
+ break;
+ case HFS_CAT_CNID:
+ hfs_inode_read_fork(tree->inode, mdb->drCTExtRec, mdb->drCTFlSize,
+ mdb->drCTFlSize, be32_to_cpu(mdb->drCTClpSiz));
++
++ if (!HFS_I(tree->inode)->first_blocks) {
++ printk(KERN_ERR "hfs: invalid btree extent records "
++ "(0 size).\n");
++ unlock_new_inode(tree->inode);
++ goto free_inode;
++ }
++
+ tree->inode->i_mapping->a_ops = &hfs_btree_aops;
+ break;
+ default:
+@@ -59,11 +74,6 @@ struct hfs_btree *hfs_btree_open(struct super_block *sb, u32 id, btree_keycmp ke
+ }
+ unlock_new_inode(tree->inode);
+
+- if (!HFS_I(tree->inode)->first_blocks) {
+- printk(KERN_ERR "hfs: invalid btree extent records (0 size).\n");
+- goto free_inode;
+- }
+-
+ mapping = tree->inode->i_mapping;
+ page = read_mapping_page(mapping, 0, NULL);
+ if (IS_ERR(page))
+--
+1.7.3.4
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.fixes/i2c-taos-evm-fix-log-messages.patch new/patches.fixes/i2c-taos-evm-fix-log-messages.patch
--- old/patches.fixes/i2c-taos-evm-fix-log-messages.patch 1970-01-01 01:00:00.000000000 +0100
+++ new/patches.fixes/i2c-taos-evm-fix-log-messages.patch 2011-12-13 18:27:38.000000000 +0100
@@ -0,0 +1,54 @@
+From: Jean Delvare <khali(a)linux-fr.org>
+Subject: i2c-taos-evm: Fix log messages
+Patch-mainline: 3.0
+Git-commit: 9b640f2e154268cb516efcaf9c434f2e73c6783e
+
+* Print all error and information messages even when debugging is
+ disabled.
+* Don't use adapter device to log messages before it is ready.
+
+Signed-off-by: Jean Delvare <khali(a)linux-fr.org>
+Cc: stable(a)kernel.org
+Acked-by: Jean Delvare <jdelvare(a)suse.de>
+---
+ drivers/i2c/busses/i2c-taos-evm.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+--- linux-3.0-rc2.orig/drivers/i2c/busses/i2c-taos-evm.c 2010-08-02 00:11:14.000000000 +0200
++++ linux-3.0-rc2/drivers/i2c/busses/i2c-taos-evm.c 2011-06-08 18:06:32.000000000 +0200
+@@ -234,7 +234,7 @@ static int taos_connect(struct serio *se
+
+ if (taos->state != TAOS_STATE_IDLE) {
+ err = -ENODEV;
+- dev_dbg(&serio->dev, "TAOS EVM reset failed (state=%d, "
++ dev_err(&serio->dev, "TAOS EVM reset failed (state=%d, "
+ "pos=%d)\n", taos->state, taos->pos);
+ goto exit_close;
+ }
+@@ -255,7 +255,7 @@ static int taos_connect(struct serio *se
+ msecs_to_jiffies(250));
+ if (taos->state != TAOS_STATE_IDLE) {
+ err = -ENODEV;
+- dev_err(&adapter->dev, "Echo off failed "
++ dev_err(&serio->dev, "TAOS EVM echo off failed "
+ "(state=%d)\n", taos->state);
+ goto exit_close;
+ }
+@@ -263,7 +263,7 @@ static int taos_connect(struct serio *se
+ err = i2c_add_adapter(adapter);
+ if (err)
+ goto exit_close;
+- dev_dbg(&serio->dev, "Connected to TAOS EVM\n");
++ dev_info(&serio->dev, "Connected to TAOS EVM\n");
+
+ taos->client = taos_instantiate_device(adapter);
+ return 0;
+@@ -288,7 +288,7 @@ static void taos_disconnect(struct serio
+ serio_set_drvdata(serio, NULL);
+ kfree(taos);
+
+- dev_dbg(&serio->dev, "Disconnected from TAOS EVM\n");
++ dev_info(&serio->dev, "Disconnected from TAOS EVM\n");
+ }
+
+ static struct serio_device_id taos_serio_ids[] = {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.fixes/i8k-avoid-lahf-in-64bit-code.patch new/patches.fixes/i8k-avoid-lahf-in-64bit-code.patch
--- old/patches.fixes/i8k-avoid-lahf-in-64bit-code.patch 1970-01-01 01:00:00.000000000 +0100
+++ new/patches.fixes/i8k-avoid-lahf-in-64bit-code.patch 2011-12-13 18:27:38.000000000 +0100
@@ -0,0 +1,35 @@
+From: Luca Tettamanti <kronos.it(a)gmail.com>
+Subject: i8k: Avoid lahf in 64-bit code
+Patch-mainline: 3.0
+Git-commit: bc1f419c76a2d6450413ce4349f4e4a07be011d5
+
+i8k uses lahf to read the flag register in 64-bit code; early x86-64
+CPUs, however, lack this instruction and we get an invalid opcode
+exception at runtime.
+Use pushf to load the flag register into the stack instead.
+
+Signed-off-by: Luca Tettamanti <kronos.it(a)gmail.com>
+Reported-by: Jeff Rickman <jrickman(a)myamigos.us>
+Tested-by: Jeff Rickman <jrickman(a)myamigos.us>
+Tested-by: Harry G McGavran Jr <w5pny(a)arrl.net>
+Cc: stable(a)kernel.org
+Cc: Massimo Dal Zotto <dz(a)debian.org>
+Signed-off-by: Jean Delvare <khali(a)linux-fr.org>
+Acked-by: Jean Delvare <jdelvare(a)suse.de>
+---
+ drivers/char/i8k.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/drivers/char/i8k.c
++++ b/drivers/char/i8k.c
+@@ -138,8 +138,8 @@ static int i8k_smm(struct smm_regs *regs
+ "movl %%edi,20(%%rax)\n\t"
+ "popq %%rdx\n\t"
+ "movl %%edx,0(%%rax)\n\t"
+- "lahf\n\t"
+- "shrl $8,%%eax\n\t"
++ "pushfq\n\t"
++ "popq %%rax\n\t"
+ "andl $1,%%eax\n"
+ :"=a"(rc)
+ : "a"(regs)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.fixes/igbvf-remove-extra-struct-page-member new/patches.fixes/igbvf-remove-extra-struct-page-member
--- old/patches.fixes/igbvf-remove-extra-struct-page-member 1970-01-01 01:00:00.000000000 +0100
+++ new/patches.fixes/igbvf-remove-extra-struct-page-member 2011-12-13 18:27:38.000000000 +0100
@@ -0,0 +1,26 @@
+From: Greg Rose <gregory.v.rose(a)intel.com>
+Date: Tue, 16 Nov 2010 19:41:36 -0800
+Subject: Remove extra struct page member from the buffer info structure declaration.
+Patch-mainline: v2.6.38-rc2
+Git-commit: b1d670f10e8078485884f0cf7e384d890
+References: http://article.gmane.org/gmane.linux.network/180760
+
+Reported-by: Andi Kleen <andi(a)firstfloor.org>
+Signed-off-by: Greg Rose <gregory.v.rose(a)intel.com>
+Tested-by: Emil Tantilov <emil.s.tantilov(a)intel.com>
+Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher(a)intel.com>
+Acked-by: Benjamin Poirier <bpoirier(a)suse.de>
+---
+ drivers/net/igbvf/igbvf.h | 1 -
+ 1 file changed, 1 deletion(-)
+
+--- a/drivers/net/igbvf/igbvf.h
++++ b/drivers/net/igbvf/igbvf.h
+@@ -126,7 +126,6 @@ struct igbvf_buffer {
+ unsigned int page_offset;
+ };
+ };
+- struct page *page;
+ };
+
+ union igbvf_desc {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.fixes/inet_diag-fix-inet_diag_bc_audit.patch new/patches.fixes/inet_diag-fix-inet_diag_bc_audit.patch
--- old/patches.fixes/inet_diag-fix-inet_diag_bc_audit.patch 1970-01-01 01:00:00.000000000 +0100
+++ new/patches.fixes/inet_diag-fix-inet_diag_bc_audit.patch 2011-12-13 18:27:38.000000000 +0100
@@ -0,0 +1,75 @@
+From: Eric Dumazet <eric.dumazet(a)gmail.com>
+Date: Fri, 17 Jun 2011 16:25:39 -0400
+Subject: [PATCH] inet_diag: fix inet_diag_bc_audit()
+Patch-mainline: v3.0-rc4
+Git-commit: eeb1497277d6b1a0a34ed36b97e18f2bd7d6de0d
+References: bnc#700879 CVE-2011-2213
+
+[ Upstream commit eeb1497277d6b1a0a34ed36b97e18f2bd7d6de0d ]
+
+A malicious user or buggy application can inject code and trigger an
+infinite loop in inet_diag_bc_audit()
+
+Also make sure each instruction is aligned on 4 bytes boundary, to avoid
+unaligned accesses.
+
+Reported-by: Dan Rosenberg <drosenberg(a)vsecurity.com>
+Signed-off-by: Eric Dumazet <eric.dumazet(a)gmail.com>
+Signed-off-by: David S. Miller <davem(a)davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh(a)suse.de>
+Acked-by: Benjamin Poirier <bpoirier(a)suse.de>
+---
+ net/ipv4/inet_diag.c | 14 ++++++--------
+ 1 file changed, 6 insertions(+), 8 deletions(-)
+
+--- a/net/ipv4/inet_diag.c
++++ b/net/ipv4/inet_diag.c
+@@ -437,7 +437,7 @@ static int valid_cc(const void *bc, int
+ return 0;
+ if (cc == len)
+ return 1;
+- if (op->yes < 4)
++ if (op->yes < 4 || op->yes & 3)
+ return 0;
+ len -= op->yes;
+ bc += op->yes;
+@@ -447,11 +447,11 @@ static int valid_cc(const void *bc, int
+
+ static int inet_diag_bc_audit(const void *bytecode, int bytecode_len)
+ {
+- const unsigned char *bc = bytecode;
++ const void *bc = bytecode;
+ int len = bytecode_len;
+
+ while (len > 0) {
+- struct inet_diag_bc_op *op = (struct inet_diag_bc_op *)bc;
++ const struct inet_diag_bc_op *op = bc;
+
+ //printk("BC: %d %d %d {%d} / %d\n", op->code, op->yes, op->no, op[1].no, len);
+ switch (op->code) {
+@@ -462,22 +462,20 @@ static int inet_diag_bc_audit(const void
+ case INET_DIAG_BC_S_LE:
+ case INET_DIAG_BC_D_GE:
+ case INET_DIAG_BC_D_LE:
+- if (op->yes < 4 || op->yes > len + 4)
+- return -EINVAL;
+ case INET_DIAG_BC_JMP:
+- if (op->no < 4 || op->no > len + 4)
++ if (op->no < 4 || op->no > len + 4 || op->no & 3)
+ return -EINVAL;
+ if (op->no < len &&
+ !valid_cc(bytecode, bytecode_len, len - op->no))
+ return -EINVAL;
+ break;
+ case INET_DIAG_BC_NOP:
+- if (op->yes < 4 || op->yes > len + 4)
+- return -EINVAL;
+ break;
+ default:
+ return -EINVAL;
+ }
++ if (op->yes < 4 || op->yes > len + 4 || op->yes & 3)
++ return -EINVAL;
+ bc += op->yes;
+ len -= op->yes;
+ }
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.fixes/ipv6-fix-NULL-dereference-in-udp6_ufo_fragment.patch new/patches.fixes/ipv6-fix-NULL-dereference-in-udp6_ufo_fragment.patch
--- old/patches.fixes/ipv6-fix-NULL-dereference-in-udp6_ufo_fragment.patch 1970-01-01 01:00:00.000000000 +0100
+++ new/patches.fixes/ipv6-fix-NULL-dereference-in-udp6_ufo_fragment.patch 2011-12-13 18:27:38.000000000 +0100
@@ -0,0 +1,101 @@
+From: Jason Wang <jasowang(a)redhat.com>
+Date: Sun, 9 Oct 2011 10:56:44 +0800
+Subject: [PATCH] ipv6: fix NULL dereference in udp6_ufo_fragment()
+Patch-mainline: v3.0.7
+Git-commit: a1b7ab0836a56fa4c9578f88ba1042398d7d9316
+References: bnc#707288 CVE-2011-2699
+
+This patch fixes the issue caused by ef81bb40bf15f350fe865f31fa42f1082772a576
+which is a backport of upstream 87c48fa3b4630905f98268dde838ee43626a060c. The
+problem does not exist in upstream.
+
+We do not check whether route is attached before trying to assign ip
+identification through route dest which lead NULL pointer dereference. This
+happens when host bridge transmit a packet from guest.
+
+This patch changes ipv6_select_ident() to accept in6_addr as its paramter and
+fix the issue by using the destination address in ipv6 header when no route is
+attached.
+
+Signed-off-by: Jason Wang <jasowang(a)redhat.com>
+Acked-by: David S. Miller <davem(a)davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh(a)suse.de>
+Acked-by: Benjamin Poirier <bpoirier(a)suse.de>
+---
+ include/net/ipv6.h | 2 +-
+ net/ipv6/ip6_output.c | 10 +++++-----
+ net/ipv6/udp.c | 4 +++-
+ 3 files changed, 9 insertions(+), 7 deletions(-)
+
+--- a/include/net/ipv6.h
++++ b/include/net/ipv6.h
+@@ -449,7 +449,7 @@ static inline int ipv6_addr_diff(const s
+ return __ipv6_addr_diff(a1, a2, sizeof(struct in6_addr));
+ }
+
+-extern void ipv6_select_ident(struct frag_hdr *fhdr, struct rt6_info *rt);
++extern void ipv6_select_ident(struct frag_hdr *fhdr, struct in6_addr *addr);
+
+ /*
+ * Prototypes exported by ipv6
+--- a/net/ipv6/ip6_output.c
++++ b/net/ipv6/ip6_output.c
+@@ -632,9 +632,9 @@ static u32 __ipv6_select_ident(const str
+ return hash + newid;
+ }
+
+-void ipv6_select_ident(struct frag_hdr *fhdr, struct rt6_info *rt)
++void ipv6_select_ident(struct frag_hdr *fhdr, struct in6_addr *addr)
+ {
+- fhdr->identification = htonl(__ipv6_select_ident(&rt->rt6i_dst.addr));
++ fhdr->identification = htonl(__ipv6_select_ident(addr));
+ }
+
+ static int ip6_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *))
+@@ -721,7 +721,7 @@ static int ip6_fragment(struct sk_buff *
+ skb_reset_network_header(skb);
+ memcpy(skb_network_header(skb), tmp_hdr, hlen);
+
+- ipv6_select_ident(fh, rt);
++ ipv6_select_ident(fh, &rt->rt6i_dst.addr);
+ fh->nexthdr = nexthdr;
+ fh->reserved = 0;
+ fh->frag_off = htons(IP6_MF);
+@@ -867,7 +867,7 @@ slow_path:
+ fh->nexthdr = nexthdr;
+ fh->reserved = 0;
+ if (!frag_id) {
+- ipv6_select_ident(fh, rt);
++ ipv6_select_ident(fh, &rt->rt6i_dst.addr);
+ frag_id = fh->identification;
+ } else
+ fh->identification = frag_id;
+@@ -1117,7 +1117,7 @@ static inline int ip6_ufo_append_data(st
+ skb_shinfo(skb)->gso_size = (mtu - fragheaderlen -
+ sizeof(struct frag_hdr)) & ~7;
+ skb_shinfo(skb)->gso_type = SKB_GSO_UDP;
+- ipv6_select_ident(&fhdr, rt);
++ ipv6_select_ident(&fhdr, &rt->rt6i_dst.addr);
+ skb_shinfo(skb)->ip6_frag_id = fhdr.identification;
+ __skb_queue_tail(&sk->sk_write_queue, skb);
+
+--- a/net/ipv6/udp.c
++++ b/net/ipv6/udp.c
+@@ -1284,6 +1284,7 @@ static struct sk_buff *udp6_ufo_fragment
+ u8 frag_hdr_sz = sizeof(struct frag_hdr);
+ int offset;
+ __wsum csum;
++ struct rt6_info *rt = (struct rt6_info *)skb_dst(skb);
+
+ mss = skb_shinfo(skb)->gso_size;
+ if (unlikely(skb->len <= mss))
+@@ -1334,7 +1335,8 @@ static struct sk_buff *udp6_ufo_fragment
+ fptr = (struct frag_hdr *)(skb_network_header(skb) + unfrag_ip6hlen);
+ fptr->nexthdr = nexthdr;
+ fptr->reserved = 0;
+- ipv6_select_ident(fptr, (struct rt6_info *)skb_dst(skb));
++ ipv6_select_ident(fptr,
++ rt ? &rt->rt6i_dst.addr : &ipv6_hdr(skb)->daddr);
+
+ /* Fragment the skb. ipv6 header and the remaining fields of the
+ * fragment header are updated in ipv6_gso_segment()
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.fixes/ipv6-make-fragment-identifications-less-predictable.patch new/patches.fixes/ipv6-make-fragment-identifications-less-predictable.patch
--- old/patches.fixes/ipv6-make-fragment-identifications-less-predictable.patch 1970-01-01 01:00:00.000000000 +0100
+++ new/patches.fixes/ipv6-make-fragment-identifications-less-predictable.patch 2011-12-13 18:27:38.000000000 +0100
@@ -0,0 +1,175 @@
+From: Eric Dumazet <eric.dumazet(a)gmail.com>
+Date: Mon, 8 Aug 2011 23:44:00 -0700
+Subject: ipv6: make fragment identifications less predictable
+Patch-mainline: v3.1-rc1
+Git-commit: 87c48fa3b4630905f98268dde838ee43626a060c (for >= v3.1-rc1 kernels)
+Git-commit: ef81bb40bf15f350fe865f31fa42f1082772a576 (for -stable kernels)
+References: bnc#707288 CVE-2011-2699
+
+[ Backport of upstream commit 87c48fa3b4630905f98268dde838ee43626a060c ]
+
+Fernando Gont reported current IPv6 fragment identification generation
+was not secure, because using a very predictable system-wide generator,
+allowing various attacks.
+
+IPv4 uses inetpeer cache to address this problem and to get good
+performance. We'll use this mechanism when IPv6 inetpeer is stable
+enough in linux-3.1
+
+For the time being, we use jhash on destination address to provide less
+predictable identifications. Also remove a spinlock and use cmpxchg() to
+get better SMP performance.
+
+Reported-by: Fernando Gont <fernando(a)gont.com.ar>
+Signed-off-by: Eric Dumazet <eric.dumazet(a)gmail.com>
+Signed-off-by: David S. Miller <davem(a)davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh(a)suse.de>
+Acked-by: Benjamin Poirier <bpoirier(a)suse.de>
+---
+ include/net/ipv6.h | 12 +-----------
+ include/net/transp_v6.h | 4 +++-
+ net/ipv6/af_inet6.c | 2 ++
+ net/ipv6/ip6_output.c | 40 +++++++++++++++++++++++++++++++++++-----
+ net/ipv6/udp.c | 2 +-
+ 5 files changed, 42 insertions(+), 18 deletions(-)
+
+--- a/include/net/ipv6.h
++++ b/include/net/ipv6.h
+@@ -449,17 +449,7 @@ static inline int ipv6_addr_diff(const s
+ return __ipv6_addr_diff(a1, a2, sizeof(struct in6_addr));
+ }
+
+-static __inline__ void ipv6_select_ident(struct frag_hdr *fhdr)
+-{
+- static u32 ipv6_fragmentation_id = 1;
+- static DEFINE_SPINLOCK(ip6_id_lock);
+-
+- spin_lock_bh(&ip6_id_lock);
+- fhdr->identification = htonl(ipv6_fragmentation_id);
+- if (++ipv6_fragmentation_id == 0)
+- ipv6_fragmentation_id = 1;
+- spin_unlock_bh(&ip6_id_lock);
+-}
++extern void ipv6_select_ident(struct frag_hdr *fhdr, struct rt6_info *rt);
+
+ /*
+ * Prototypes exported by ipv6
+--- a/include/net/transp_v6.h
++++ b/include/net/transp_v6.h
+@@ -16,7 +16,9 @@ extern struct proto tcpv6_prot;
+
+ struct flowi;
+
+-/* extention headers */
++extern void initialize_hashidentrnd(void);
++
++/* extension headers */
+ extern int ipv6_exthdrs_init(void);
+ extern void ipv6_exthdrs_exit(void);
+ extern int ipv6_frag_init(void);
+--- a/net/ipv6/af_inet6.c
++++ b/net/ipv6/af_inet6.c
+@@ -1077,6 +1077,8 @@ static int __init inet6_init(void)
+ goto out;
+ }
+
++ initialize_hashidentrnd();
++
+ err = proto_register(&tcpv6_prot, 1);
+ if (err)
+ goto out;
+--- a/net/ipv6/ip6_output.c
++++ b/net/ipv6/ip6_output.c
+@@ -608,6 +608,35 @@ int ip6_find_1stfragopt(struct sk_buff *
+ return offset;
+ }
+
++static u32 hashidentrnd __read_mostly;
++#define FID_HASH_SZ 16
++static u32 ipv6_fragmentation_id[FID_HASH_SZ];
++
++void __init initialize_hashidentrnd(void)
++{
++ get_random_bytes(&hashidentrnd, sizeof(hashidentrnd));
++}
++
++static u32 __ipv6_select_ident(const struct in6_addr *addr)
++{
++ u32 newid, oldid, hash = jhash2((u32 *)addr, 4, hashidentrnd);
++ u32 *pid = &ipv6_fragmentation_id[hash % FID_HASH_SZ];
++
++ do {
++ oldid = *pid;
++ newid = oldid + 1;
++ if (!(hash + newid))
++ newid++;
++ } while (cmpxchg(pid, oldid, newid) != oldid);
++
++ return hash + newid;
++}
++
++void ipv6_select_ident(struct frag_hdr *fhdr, struct rt6_info *rt)
++{
++ fhdr->identification = htonl(__ipv6_select_ident(&rt->rt6i_dst.addr));
++}
++
+ static int ip6_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *))
+ {
+ struct sk_buff *frag;
+@@ -692,7 +721,7 @@ static int ip6_fragment(struct sk_buff *
+ skb_reset_network_header(skb);
+ memcpy(skb_network_header(skb), tmp_hdr, hlen);
+
+- ipv6_select_ident(fh);
++ ipv6_select_ident(fh, rt);
+ fh->nexthdr = nexthdr;
+ fh->reserved = 0;
+ fh->frag_off = htons(IP6_MF);
+@@ -838,7 +867,7 @@ slow_path:
+ fh->nexthdr = nexthdr;
+ fh->reserved = 0;
+ if (!frag_id) {
+- ipv6_select_ident(fh);
++ ipv6_select_ident(fh, rt);
+ frag_id = fh->identification;
+ } else
+ fh->identification = frag_id;
+@@ -1042,7 +1071,8 @@ static inline int ip6_ufo_append_data(st
+ int getfrag(void *from, char *to, int offset, int len,
+ int odd, struct sk_buff *skb),
+ void *from, int length, int hh_len, int fragheaderlen,
+- int transhdrlen, int mtu,unsigned int flags)
++ int transhdrlen, int mtu,unsigned int flags,
++ struct rt6_info *rt)
+
+ {
+ struct sk_buff *skb;
+@@ -1087,7 +1117,7 @@ static inline int ip6_ufo_append_data(st
+ skb_shinfo(skb)->gso_size = (mtu - fragheaderlen -
+ sizeof(struct frag_hdr)) & ~7;
+ skb_shinfo(skb)->gso_type = SKB_GSO_UDP;
+- ipv6_select_ident(&fhdr);
++ ipv6_select_ident(&fhdr, rt);
+ skb_shinfo(skb)->ip6_frag_id = fhdr.identification;
+ __skb_queue_tail(&sk->sk_write_queue, skb);
+
+@@ -1236,7 +1266,7 @@ int ip6_append_data(struct sock *sk, int
+
+ err = ip6_ufo_append_data(sk, getfrag, from, length, hh_len,
+ fragheaderlen, transhdrlen, mtu,
+- flags);
++ flags, rt);
+ if (err)
+ goto error;
+ return 0;
+--- a/net/ipv6/udp.c
++++ b/net/ipv6/udp.c
+@@ -1334,7 +1334,7 @@ static struct sk_buff *udp6_ufo_fragment
+ fptr = (struct frag_hdr *)(skb_network_header(skb) + unfrag_ip6hlen);
+ fptr->nexthdr = nexthdr;
+ fptr->reserved = 0;
+- ipv6_select_ident(fptr);
++ ipv6_select_ident(fptr, (struct rt6_info *)skb_dst(skb));
+
+ /* Fragment the skb. ipv6 header and the remaining fields of the
+ * fragment header are updated in ipv6_gso_segment()
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.fixes/net_sched-Fix-qdisc_notify.patch new/patches.fixes/net_sched-Fix-qdisc_notify.patch
--- old/patches.fixes/net_sched-Fix-qdisc_notify.patch 1970-01-01 01:00:00.000000000 +0100
+++ new/patches.fixes/net_sched-Fix-qdisc_notify.patch 2011-12-13 18:27:38.000000000 +0100
@@ -0,0 +1,66 @@
+From: Eric Dumazet <eric.dumazet(a)gmail.com>
+Date: Sat, 22 May 2010 20:37:44 +0000
+Subject: [PATCH] net_sched: Fix qdisc_notify()
+Patch-mainline: v2.6.35-rc1
+Git-commit: 53b0f08042f04813cd1a7473dacd3edfacb28eb3
+References: bnc#735612 CVE-2011-2525
+
+Ben Pfaff reported a kernel oops and provided a test program to
+reproduce it.
+
+https://kerneltrap.org/mailarchive/linux-netdev/2010/5/21/6277805
+
+tc_fill_qdisc() should not be called for builtin qdisc, or it
+dereference a NULL pointer to get device ifindex.
+
+Fix is to always use tc_qdisc_dump_ignore() before calling
+tc_fill_qdisc().
+
+Reported-by: Ben Pfaff <blp(a)nicira.com>
+Signed-off-by: Eric Dumazet <eric.dumazet(a)gmail.com>
+Signed-off-by: David S. Miller <davem(a)davemloft.net>
+Acked-by: Benjamin Poirier <bpoirier(a)suse.de>
+---
+ net/sched/sch_api.c | 14 +++++++-------
+ 1 file changed, 7 insertions(+), 7 deletions(-)
+
+--- a/net/sched/sch_api.c
++++ b/net/sched/sch_api.c
+@@ -1196,6 +1196,11 @@ nla_put_failure:
+ return -1;
+ }
+
++static bool tc_qdisc_dump_ignore(struct Qdisc *q)
++{
++ return (q->flags & TCQ_F_BUILTIN) ? true : false;
++}
++
+ static int qdisc_notify(struct sk_buff *oskb, struct nlmsghdr *n,
+ u32 clid, struct Qdisc *old, struct Qdisc *new)
+ {
+@@ -1206,11 +1211,11 @@ static int qdisc_notify(struct sk_buff *
+ if (!skb)
+ return -ENOBUFS;
+
+- if (old && old->handle) {
++ if (old && !tc_qdisc_dump_ignore(old)) {
+ if (tc_fill_qdisc(skb, old, clid, pid, n->nlmsg_seq, 0, RTM_DELQDISC) < 0)
+ goto err_out;
+ }
+- if (new) {
++ if (new && !tc_qdisc_dump_ignore(new)) {
+ if (tc_fill_qdisc(skb, new, clid, pid, n->nlmsg_seq, old ? NLM_F_REPLACE : 0, RTM_NEWQDISC) < 0)
+ goto err_out;
+ }
+@@ -1223,11 +1228,6 @@ err_out:
+ return -EINVAL;
+ }
+
+-static bool tc_qdisc_dump_ignore(struct Qdisc *q)
+-{
+- return (q->flags & TCQ_F_BUILTIN) ? true : false;
+-}
+-
+ static int tc_dump_qdisc_root(struct Qdisc *root, struct sk_buff *skb,
+ struct netlink_callback *cb,
+ int *q_idx_p, int s_q_idx)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.fixes/netfilter-ipt_CLUSTERIP-fix-buffer-overflow new/patches.fixes/netfilter-ipt_CLUSTERIP-fix-buffer-overflow
--- old/patches.fixes/netfilter-ipt_CLUSTERIP-fix-buffer-overflow 1970-01-01 01:00:00.000000000 +0100
+++ new/patches.fixes/netfilter-ipt_CLUSTERIP-fix-buffer-overflow 2011-12-13 18:27:38.000000000 +0100
@@ -0,0 +1,41 @@
+From: Vasiliy Kulikov <segoon(a)openwall.com>
+Date: Sun, 20 Mar 2011 15:42:52 +0100
+Subject: [PATCH] netfilter: ipt_CLUSTERIP: fix buffer overflow
+Patch-mainline: v2.6.39-rc5
+Git-commit: 961ed183a9fd080cf306c659b8736007e44065a5
+References: bnc#702037 CVE-2011-2534
+
+commit 961ed183a9fd080cf306c659b8736007e44065a5 upstream.
+
+'buffer' string is copied from userspace. It is not checked whether it is
+zero terminated. This may lead to overflow inside of simple_strtoul().
+Changli Gao suggested to copy not more than user supplied 'size' bytes.
+
+It was introduced before the git epoch. Files "ipt_CLUSTERIP/*" are
+root writable only by default, however, on some setups permissions might be
+relaxed to e.g. network admin user.
+
+Signed-off-by: Vasiliy Kulikov <segoon(a)openwall.com>
+Acked-by: Changli Gao <xiaosuo(a)gmail.com>
+Signed-off-by: Patrick McHardy <kaber(a)trash.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh(a)suse.de>
+Acked-by: Benjamin Poirier <bpoirier(a)suse.de>
+---
+ net/ipv4/netfilter/ipt_CLUSTERIP.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+--- a/net/ipv4/netfilter/ipt_CLUSTERIP.c
++++ b/net/ipv4/netfilter/ipt_CLUSTERIP.c
+@@ -663,8 +663,11 @@ static ssize_t clusterip_proc_write(stru
+ char buffer[PROC_WRITELEN+1];
+ unsigned long nodenum;
+
+- if (copy_from_user(buffer, input, PROC_WRITELEN))
++ if (size > PROC_WRITELEN)
++ return -EIO;
++ if (copy_from_user(buffer, input, size))
+ return -EFAULT;
++ buffer[size] = 0;
+
+ if (*buffer == '+') {
+ nodenum = simple_strtoul(buffer+1, NULL, 10);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.fixes/vlan-reset-skb-vlan_tci-field-before-reusing-skb.patch new/patches.fixes/vlan-reset-skb-vlan_tci-field-before-reusing-skb.patch
--- old/patches.fixes/vlan-reset-skb-vlan_tci-field-before-reusing-skb.patch 1970-01-01 01:00:00.000000000 +0100
+++ new/patches.fixes/vlan-reset-skb-vlan_tci-field-before-reusing-skb.patch 2011-12-13 18:27:38.000000000 +0100
@@ -0,0 +1,34 @@
+From: Benjamin Poirier <bpoirier(a)suse.de>
+Date: Fri, 25 Nov 2011 08:50:21 -0500
+Subject: [PATCH] vlan: reset skb->vlan_tci field before reusing skb
+Patch-mainline: v2.6.37-rc1
+Git-commit: 3701e51382a026cba10c60b03efabe534fba4ca4
+References: bnc#698450 CVE-2011-1576
+
+This same line is present in upstream commit 3701e51382a026cba10c60b03efab
+
+For drivers using the vlan_gro_frags() interface, a packet with invalid tci
+leads to GRO_DROP and napi_reuse_skb(). The skb has to be sanitized before
+being reused lest we face problems of a similar nature to those described
+here:
+http://thread.gmane.org/gmane.linux.kernel/1069597
+
+Note that this is a different fix than what was applied by RH (and picked up
+by others) for this CVE issue, which is "core: Fix memory leak/corruption on
+VLAN GRO_DROP" http://patchwork.ozlabs.org/patch/115348/
+
+Signed-off-by: Benjamin Poirier <bpoirier(a)suse.de>
+---
+ net/core/dev.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/net/core/dev.c
++++ b/net/core/dev.c
+@@ -2950,6 +2950,7 @@ void napi_reuse_skb(struct napi_struct *
+ {
+ __skb_pull(skb, skb_headlen(skb));
+ skb_reserve(skb, NET_IP_ALIGN - skb_headroom(skb));
++ skb->vlan_tci = 0;
+ skb->dev = napi->dev;
+ skb->skb_iif = 0;
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.fixes/x86-mm-Fix-pgd_lock-deadlock.patch new/patches.fixes/x86-mm-Fix-pgd_lock-deadlock.patch
--- old/patches.fixes/x86-mm-Fix-pgd_lock-deadlock.patch 1970-01-01 01:00:00.000000000 +0100
+++ new/patches.fixes/x86-mm-Fix-pgd_lock-deadlock.patch 2011-12-13 18:27:38.000000000 +0100
@@ -0,0 +1,246 @@
+From 864034c49639fd6caafbbef23f3ef2536cf9af13 Mon Sep 17 00:00:00 2001
+From: Andrea Arcangeli <aarcange(a)redhat.com>
+Date: Wed, 16 Feb 2011 15:45:22 -0800
+Subject: [PATCH] x86/mm: Fix pgd_lock deadlock
+Patch-mainline: v2.6.38
+Git-commit: a79e53d85683c6dd9f99c90511028adc2043031f
+References: bnc#728661
+
+It's forbidden to take the page_table_lock with the irq disabled
+or if there's contention the IPIs (for tlb flushes) sent with
+the page_table_lock held will never run leading to a deadlock.
+
+Nobody takes the pgd_lock from irq context so the _irqsave can be
+removed.
+
+Signed-off-by: Andrea Arcangeli <aarcange(a)redhat.com>
+Acked-by: Rik van Riel <riel(a)redhat.com>
+Tested-by: Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com>
+Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
+Cc: Peter Zijlstra <peterz(a)infradead.org>
+Cc: Linus Torvalds <torvalds(a)linux-foundation.org>
+Cc: <stable(a)kernel.org>
+Lkml-reference: <201102162345.p1GNjMjm021738(a)imap1.linux-foundation.org>
+Signed-off-by: Ingo Molnar <mingo(a)elte.hu>
+Acked-by: Michal Hocko <mhocko(a)suse.cz>
+
+Conflicts:
+
+ arch/x86/mm/fault.c
+ arch/x86/mm/init_64.c
+
+---
+ mm/fault.c | 11 ++++-------
+ mm/pageattr.c | 18 ++++++++----------
+ mm/pgtable.c | 11 ++++-------
+ xen/mmu.c | 10 ++++------
+ 4 files changed, 20 insertions(+), 30 deletions(-)
+Index: linux-2.6.32-SLE11-SP1/arch/x86/mm/fault.c
+===================================================================
+--- linux-2.6.32-SLE11-SP1.orig/arch/x86/mm/fault.c
++++ linux-2.6.32-SLE11-SP1/arch/x86/mm/fault.c
+@@ -222,16 +222,14 @@ void vmalloc_sync_all(void)
+ for (address = VMALLOC_START & PMD_MASK;
+ address >= TASK_SIZE && address < FIXADDR_TOP;
+ address += PMD_SIZE) {
+-
+- unsigned long flags;
+ struct page *page;
+
+- spin_lock_irqsave(&pgd_lock, flags);
++ spin_lock(&pgd_lock);
+ list_for_each_entry(page, &pgd_list, lru) {
+ if (!vmalloc_sync_one(page_address(page), address))
+ break;
+ }
+- spin_unlock_irqrestore(&pgd_lock, flags);
++ spin_unlock(&pgd_lock);
+ }
+ }
+
+@@ -331,13 +329,12 @@ void vmalloc_sync_all(void)
+ address += PGDIR_SIZE) {
+
+ const pgd_t *pgd_ref = pgd_offset_k(address);
+- unsigned long flags;
+ struct page *page;
+
+ if (pgd_none(*pgd_ref))
+ continue;
+
+- spin_lock_irqsave(&pgd_lock, flags);
++ spin_lock(&pgd_lock);
+ list_for_each_entry(page, &pgd_list, lru) {
+ pgd_t *pgd;
+ pgd = (pgd_t *)page_address(page) + pgd_index(address);
+@@ -346,7 +343,7 @@ void vmalloc_sync_all(void)
+ else
+ BUG_ON(pgd_page_vaddr(*pgd) != pgd_page_vaddr(*pgd_ref));
+ }
+- spin_unlock_irqrestore(&pgd_lock, flags);
++ spin_unlock(&pgd_lock);
+ }
+ }
+
+Index: linux-2.6.32-SLE11-SP1/arch/x86/mm/pageattr.c
+===================================================================
+--- linux-2.6.32-SLE11-SP1.orig/arch/x86/mm/pageattr.c
++++ linux-2.6.32-SLE11-SP1/arch/x86/mm/pageattr.c
+@@ -56,12 +56,10 @@ static unsigned long direct_pages_count[
+
+ void update_page_count(int level, unsigned long pages)
+ {
+- unsigned long flags;
+-
+ /* Protect against CPA */
+- spin_lock_irqsave(&pgd_lock, flags);
++ spin_lock(&pgd_lock);
+ direct_pages_count[level] += pages;
+- spin_unlock_irqrestore(&pgd_lock, flags);
++ spin_unlock(&pgd_lock);
+ }
+
+ static void split_page_count(int level)
+@@ -376,7 +374,7 @@ static int
+ try_preserve_large_page(pte_t *kpte, unsigned long address,
+ struct cpa_data *cpa)
+ {
+- unsigned long nextpage_addr, numpages, pmask, psize, flags, addr, pfn;
++ unsigned long nextpage_addr, numpages, pmask, psize, addr, pfn;
+ pte_t new_pte, old_pte, *tmp;
+ pgprot_t old_prot, new_prot;
+ int i, do_split = 1;
+@@ -385,7 +383,7 @@ try_preserve_large_page(pte_t *kpte, uns
+ if (cpa->force_split)
+ return 1;
+
+- spin_lock_irqsave(&pgd_lock, flags);
++ spin_lock(&pgd_lock);
+ /*
+ * Check for races, another CPU might have split this page
+ * up already:
+@@ -480,14 +478,14 @@ try_preserve_large_page(pte_t *kpte, uns
+ }
+
+ out_unlock:
+- spin_unlock_irqrestore(&pgd_lock, flags);
++ spin_unlock(&pgd_lock);
+
+ return do_split;
+ }
+
+ static int split_large_page(pte_t *kpte, unsigned long address)
+ {
+- unsigned long flags, pfn, pfninc = 1;
++ unsigned long pfn, pfninc = 1;
+ unsigned int i, level;
+ pte_t *pbase, *tmp;
+ pgprot_t ref_prot;
+@@ -501,7 +499,7 @@ static int split_large_page(pte_t *kpte,
+ if (!base)
+ return -ENOMEM;
+
+- spin_lock_irqsave(&pgd_lock, flags);
++ spin_lock(&pgd_lock);
+ /*
+ * Check for races, another CPU might have split this page
+ * up for us already:
+@@ -573,7 +571,7 @@ out_unlock:
+ */
+ if (base)
+ __free_page(base);
+- spin_unlock_irqrestore(&pgd_lock, flags);
++ spin_unlock(&pgd_lock);
+
+ return 0;
+ }
+Index: linux-2.6.32-SLE11-SP1/arch/x86/mm/pgtable.c
+===================================================================
+--- linux-2.6.32-SLE11-SP1.orig/arch/x86/mm/pgtable.c
++++ linux-2.6.32-SLE11-SP1/arch/x86/mm/pgtable.c
+@@ -110,14 +110,12 @@ static void pgd_ctor(pgd_t *pgd)
+
+ static void pgd_dtor(pgd_t *pgd)
+ {
+- unsigned long flags; /* can be called from interrupt context */
+-
+ if (SHARED_KERNEL_PMD)
+ return;
+
+- spin_lock_irqsave(&pgd_lock, flags);
++ spin_lock(&pgd_lock);
+ pgd_list_del(pgd);
+- spin_unlock_irqrestore(&pgd_lock, flags);
++ spin_unlock(&pgd_lock);
+ }
+
+ /*
+@@ -248,7 +246,6 @@ pgd_t *pgd_alloc(struct mm_struct *mm)
+ {
+ pgd_t *pgd;
+ pmd_t *pmds[PREALLOCATED_PMDS];
+- unsigned long flags;
+
+ pgd = (pgd_t *)__get_free_page(PGALLOC_GFP);
+
+@@ -268,12 +265,12 @@ pgd_t *pgd_alloc(struct mm_struct *mm)
+ * respect to anything walking the pgd_list, so that they
+ * never see a partially populated pgd.
+ */
+- spin_lock_irqsave(&pgd_lock, flags);
++ spin_lock(&pgd_lock);
+
+ pgd_ctor(pgd);
+ pgd_prepopulate_pmd(mm, pgd, pmds);
+
+- spin_unlock_irqrestore(&pgd_lock, flags);
++ spin_unlock(&pgd_lock);
+
+ return pgd;
+
+Index: linux-2.6.32-SLE11-SP1/arch/x86/xen/mmu.c
+===================================================================
+--- linux-2.6.32-SLE11-SP1.orig/arch/x86/xen/mmu.c
++++ linux-2.6.32-SLE11-SP1/arch/x86/xen/mmu.c
+@@ -987,10 +987,9 @@ static void xen_pgd_pin(struct mm_struct
+ */
+ void xen_mm_pin_all(void)
+ {
+- unsigned long flags;
+ struct page *page;
+
+- spin_lock_irqsave(&pgd_lock, flags);
++ spin_lock(&pgd_lock);
+
+ list_for_each_entry(page, &pgd_list, lru) {
+ if (!PagePinned(page)) {
+@@ -999,7 +998,7 @@ void xen_mm_pin_all(void)
+ }
+ }
+
+- spin_unlock_irqrestore(&pgd_lock, flags);
++ spin_unlock(&pgd_lock);
+ }
+
+ /*
+@@ -1100,10 +1099,9 @@ static void xen_pgd_unpin(struct mm_stru
+ */
+ void xen_mm_unpin_all(void)
+ {
+- unsigned long flags;
+ struct page *page;
+
+- spin_lock_irqsave(&pgd_lock, flags);
++ spin_lock(&pgd_lock);
+
+ list_for_each_entry(page, &pgd_list, lru) {
+ if (PageSavePinned(page)) {
+@@ -1113,7 +1111,7 @@ void xen_mm_unpin_all(void)
+ }
+ }
+
+- spin_unlock_irqrestore(&pgd_lock, flags);
++ spin_unlock(&pgd_lock);
+ }
+
+ void xen_activate_mm(struct mm_struct *prev, struct mm_struct *next)
++++++ patches.xen.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.xen/xen-x86_64-pgd-alloc-order new/patches.xen/xen-x86_64-pgd-alloc-order
--- old/patches.xen/xen-x86_64-pgd-alloc-order 2011-10-11 14:57:23.000000000 +0200
+++ new/patches.xen/xen-x86_64-pgd-alloc-order 2011-11-29 10:06:49.000000000 +0100
@@ -4,8 +4,10 @@
At the same time remove the useless user mode pair of init_level4_pgt.
---- 11.3-2011-07-25.orig/arch/x86/include/mach-xen/asm/hypervisor.h 2010-03-25 14:45:56.000000000 +0100
-+++ 11.3-2011-07-25/arch/x86/include/mach-xen/asm/hypervisor.h 2010-03-25 14:46:03.000000000 +0100
+Index: linux-2.6.34-openSUSE-11.3/arch/x86/include/mach-xen/asm/hypervisor.h
+===================================================================
+--- linux-2.6.34-openSUSE-11.3.orig/arch/x86/include/mach-xen/asm/hypervisor.h
++++ linux-2.6.34-openSUSE-11.3/arch/x86/include/mach-xen/asm/hypervisor.h
@@ -102,8 +102,8 @@ void do_hypervisor_callback(struct pt_re
* be MACHINE addresses.
*/
@@ -26,8 +28,10 @@
void xen_pgd_pin(pgd_t *);
void xen_pgd_unpin(pgd_t *);
---- 11.3-2011-07-25.orig/arch/x86/include/mach-xen/asm/mmu_context.h 2011-07-25 13:06:21.000000000 +0200
-+++ 11.3-2011-07-25/arch/x86/include/mach-xen/asm/mmu_context.h 2011-07-25 13:12:30.000000000 +0200
+Index: linux-2.6.34-openSUSE-11.3/arch/x86/include/mach-xen/asm/mmu_context.h
+===================================================================
+--- linux-2.6.34-openSUSE-11.3.orig/arch/x86/include/mach-xen/asm/mmu_context.h
++++ linux-2.6.34-openSUSE-11.3/arch/x86/include/mach-xen/asm/mmu_context.h
@@ -82,6 +82,9 @@ static inline void switch_mm(struct mm_s
{
unsigned cpu = smp_processor_id();
@@ -61,8 +65,10 @@
load_LDT_nolock(&next->context);
}
}
---- 11.3-2011-07-25.orig/arch/x86/include/mach-xen/asm/pgalloc.h 2010-03-25 14:41:00.000000000 +0100
-+++ 11.3-2011-07-25/arch/x86/include/mach-xen/asm/pgalloc.h 2010-03-25 14:46:03.000000000 +0100
+Index: linux-2.6.34-openSUSE-11.3/arch/x86/include/mach-xen/asm/pgalloc.h
+===================================================================
+--- linux-2.6.34-openSUSE-11.3.orig/arch/x86/include/mach-xen/asm/pgalloc.h
++++ linux-2.6.34-openSUSE-11.3/arch/x86/include/mach-xen/asm/pgalloc.h
@@ -123,15 +123,13 @@ static inline void pud_populate(struct m
#endif /* CONFIG_X86_PAE */
@@ -80,8 +86,10 @@
else
*__user_pgd(pgd) = *pgd = ent;
}
---- 11.3-2011-07-25.orig/arch/x86/include/mach-xen/asm/pgtable_64.h 2010-03-25 14:41:15.000000000 +0100
-+++ 11.3-2011-07-25/arch/x86/include/mach-xen/asm/pgtable_64.h 2010-03-25 14:46:03.000000000 +0100
+Index: linux-2.6.34-openSUSE-11.3/arch/x86/include/mach-xen/asm/pgtable_64.h
+===================================================================
+--- linux-2.6.34-openSUSE-11.3.orig/arch/x86/include/mach-xen/asm/pgtable_64.h
++++ linux-2.6.34-openSUSE-11.3/arch/x86/include/mach-xen/asm/pgtable_64.h
@@ -100,18 +100,25 @@ static inline void xen_set_pud(pud_t *pu
: (void)(*__pudp = xen_make_pud(0)); \
})
@@ -111,8 +119,10 @@
: (void)(*__user_pgd(__pgdp) = *__pgdp = xen_make_pgd(0)); \
})
---- 11.3-2011-07-25.orig/arch/x86/kernel/cpu/common-xen.c 2010-03-25 14:41:15.000000000 +0100
-+++ 11.3-2011-07-25/arch/x86/kernel/cpu/common-xen.c 2010-03-25 14:46:03.000000000 +0100
+Index: linux-2.6.34-openSUSE-11.3/arch/x86/kernel/cpu/common-xen.c
+===================================================================
+--- linux-2.6.34-openSUSE-11.3.orig/arch/x86/kernel/cpu/common-xen.c
++++ linux-2.6.34-openSUSE-11.3/arch/x86/kernel/cpu/common-xen.c
@@ -1037,8 +1037,7 @@ DEFINE_PER_CPU_FIRST(union irq_stack_uni
void xen_switch_pt(void)
{
@@ -123,8 +133,10 @@
#endif
}
---- 11.3-2011-07-25.orig/arch/x86/kernel/head_64-xen.S 2010-03-24 16:00:05.000000000 +0100
-+++ 11.3-2011-07-25/arch/x86/kernel/head_64-xen.S 2010-03-25 14:46:03.000000000 +0100
+Index: linux-2.6.34-openSUSE-11.3/arch/x86/kernel/head_64-xen.S
+===================================================================
+--- linux-2.6.34-openSUSE-11.3.orig/arch/x86/kernel/head_64-xen.S
++++ linux-2.6.34-openSUSE-11.3/arch/x86/kernel/head_64-xen.S
@@ -56,14 +56,6 @@ ENTRY(name)
__PAGE_ALIGNED_BSS
NEXT_PAGE(init_level4_pgt)
@@ -140,8 +152,10 @@
NEXT_PAGE(level3_kernel_pgt)
.fill 512,8,0
---- 11.3-2011-07-25.orig/arch/x86/mm/hypervisor.c 2010-03-25 17:55:14.000000000 +0100
-+++ 11.3-2011-07-25/arch/x86/mm/hypervisor.c 2010-03-25 17:55:21.000000000 +0100
+Index: linux-2.6.34-openSUSE-11.3/arch/x86/mm/hypervisor.c
+===================================================================
+--- linux-2.6.34-openSUSE-11.3.orig/arch/x86/mm/hypervisor.c
++++ linux-2.6.34-openSUSE-11.3/arch/x86/mm/hypervisor.c
@@ -524,7 +524,7 @@ void xen_l3_entry_update(pud_t *ptr, pud
#endif
@@ -223,8 +237,10 @@
#endif
if (HYPERVISOR_mmuext_op(op, NR_PGD_PIN_OPS, NULL, DOMID_SELF) < 0)
BUG();
---- 11.3-2011-07-25.orig/arch/x86/mm/init_64-xen.c 2010-04-15 11:49:06.000000000 +0200
-+++ 11.3-2011-07-25/arch/x86/mm/init_64-xen.c 2010-04-15 11:49:18.000000000 +0200
+Index: linux-2.6.34-openSUSE-11.3/arch/x86/mm/init_64-xen.c
+===================================================================
+--- linux-2.6.34-openSUSE-11.3.orig/arch/x86/mm/init_64-xen.c
++++ linux-2.6.34-openSUSE-11.3/arch/x86/mm/init_64-xen.c
@@ -724,9 +724,6 @@ void __init xen_init_pt(void)
(PTRS_PER_PUD - pud_index(__START_KERNEL_map))
* sizeof(*level3_kernel_pgt));
@@ -244,8 +260,10 @@
early_make_page_readonly(level3_kernel_pgt,
XENFEAT_writable_page_tables);
early_make_page_readonly(level3_user_pgt,
---- 11.3-2011-07-25.orig/arch/x86/mm/pgtable-xen.c 2010-04-15 11:49:08.000000000 +0200
-+++ 11.3-2011-07-25/arch/x86/mm/pgtable-xen.c 2011-07-25 13:12:23.000000000 +0200
+Index: linux-2.6.34-openSUSE-11.3/arch/x86/mm/pgtable-xen.c
+===================================================================
+--- linux-2.6.34-openSUSE-11.3.orig/arch/x86/mm/pgtable-xen.c
++++ linux-2.6.34-openSUSE-11.3/arch/x86/mm/pgtable-xen.c
@@ -291,9 +291,11 @@ static void pgd_walk(pgd_t *pgd_base, pg
BUG();
seq = 0;
@@ -260,7 +278,7 @@
0);
MULTI_update_va_mapping(mcl + seq + 1,
(unsigned long)pgd_base,
-@@ -680,12 +682,29 @@ static void pgd_prepopulate_pmd(struct m
+@@ -678,19 +680,36 @@ static void pgd_prepopulate_pmd(struct m
}
}
@@ -294,16 +312,15 @@
pgd_t *pgd_alloc(struct mm_struct *mm)
{
-@@ -693,7 +712,7 @@ pgd_t *pgd_alloc(struct mm_struct *mm)
+ pgd_t *pgd;
pmd_t *pmds[PREALLOCATED_PMDS];
- unsigned long flags;
- pgd = (pgd_t *)__get_free_pages(PGALLOC_GFP, PGD_ORDER);
+ pgd = user_pgd_alloc((void *)__get_free_page(PGALLOC_GFP));
if (pgd == NULL)
goto out;
-@@ -732,7 +751,8 @@ pgd_t *pgd_alloc(struct mm_struct *mm)
+@@ -729,7 +748,8 @@ pgd_t *pgd_alloc(struct mm_struct *mm)
out_free_pmds:
free_pmds(pmds, mm, !xen_feature(XENFEAT_pae_pgdir_above_4gb));
out_free_pgd:
@@ -313,7 +330,7 @@
out:
return NULL;
}
-@@ -751,7 +771,8 @@ void pgd_free(struct mm_struct *mm, pgd_
+@@ -748,7 +768,8 @@ void pgd_free(struct mm_struct *mm, pgd_
pgd_mop_up_pmds(mm, pgd);
paravirt_pgd_free(mm, pgd);
@@ -323,8 +340,10 @@
}
/* blktap and gntdev need this, as otherwise they would implicitly (and
---- 11.3-2011-07-25.orig/drivers/xen/core/machine_reboot.c 2010-05-26 17:12:21.000000000 +0200
-+++ 11.3-2011-07-25/drivers/xen/core/machine_reboot.c 2011-07-25 13:12:40.000000000 +0200
+Index: linux-2.6.34-openSUSE-11.3/drivers/xen/core/machine_reboot.c
+===================================================================
+--- linux-2.6.34-openSUSE-11.3.orig/drivers/xen/core/machine_reboot.c
++++ linux-2.6.34-openSUSE-11.3/drivers/xen/core/machine_reboot.c
@@ -193,8 +193,7 @@ static int take_machine_down(void *_susp
* in fast-suspend mode as that implies a new enough Xen.
*/
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.xen/xen3-x86-mm-Fix-pgd_lock-deadlock.patch new/patches.xen/xen3-x86-mm-Fix-pgd_lock-deadlock.patch
--- old/patches.xen/xen3-x86-mm-Fix-pgd_lock-deadlock.patch 1970-01-01 01:00:00.000000000 +0100
+++ new/patches.xen/xen3-x86-mm-Fix-pgd_lock-deadlock.patch 2011-11-29 10:06:49.000000000 +0100
@@ -0,0 +1,225 @@
+From: Andrea Arcangeli <aarcange(a)redhat.com>
+Date: Wed, 16 Feb 2011 15:45:22 -0800
+Subject: [PATCH] x86/mm: Fix pgd_lock deadlock
+Patch-mainline: v2.6.38
+Git-commit: a79e53d85683c6dd9f99c90511028adc2043031f
+References: bnc#728661
+
+It's forbidden to take the page_table_lock with the irq disabled
+or if there's contention the IPIs (for tlb flushes) sent with
+the page_table_lock held will never run leading to a deadlock.
+
+Nobody takes the pgd_lock from irq context so the _irqsave can be
+removed.
+
+Signed-off-by: Andrea Arcangeli <aarcange(a)redhat.com>
+Acked-by: Rik van Riel <riel(a)redhat.com>
+Tested-by: Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com>
+Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
+Cc: Peter Zijlstra <peterz(a)infradead.org>
+Cc: Linus Torvalds <torvalds(a)linux-foundation.org>
+Cc: <stable(a)kernel.org>
+Lkml-reference: <201102162345.p1GNjMjm021738(a)imap1.linux-foundation.org>
+Signed-off-by: Ingo Molnar <mingo(a)elte.hu>
+Acked-by: Michal Hocko <mhocko(a)suse.cz>
+
+Conflicts:
+
+ arch/x86/mm/fault.c
+ arch/x86/mm/init_64.c
+
+
+Index: linux-2.6.34-openSUSE-11.3/arch/x86/mm/fault-xen.c
+===================================================================
+--- linux-2.6.34-openSUSE-11.3.orig/arch/x86/mm/fault-xen.c
++++ linux-2.6.34-openSUSE-11.3/arch/x86/mm/fault-xen.c
+@@ -232,15 +232,14 @@ void vmalloc_sync_all(void)
+ address >= TASK_SIZE && address < FIXADDR_TOP;
+ address += PMD_SIZE) {
+
+- unsigned long flags;
+ struct page *page;
+
+- spin_lock_irqsave(&pgd_lock, flags);
++ spin_lock(&pgd_lock);
+ list_for_each_entry(page, &pgd_list, lru) {
+ if (!vmalloc_sync_one(page_address(page), address))
+ break;
+ }
+- spin_unlock_irqrestore(&pgd_lock, flags);
++ spin_unlock(&pgd_lock);
+ }
+ }
+
+@@ -340,13 +339,12 @@ void vmalloc_sync_all(void)
+ address += PGDIR_SIZE) {
+
+ const pgd_t *pgd_ref = pgd_offset_k(address);
+- unsigned long flags;
+ struct page *page;
+
+ if (pgd_none(*pgd_ref))
+ continue;
+
+- spin_lock_irqsave(&pgd_lock, flags);
++ spin_lock(&pgd_lock);
+ list_for_each_entry(page, &pgd_list, lru) {
+ pgd_t *pgd;
+ pgd = (pgd_t *)page_address(page) + pgd_index(address);
+@@ -355,7 +353,7 @@ void vmalloc_sync_all(void)
+ else
+ BUG_ON(pgd_page_vaddr(*pgd) != pgd_page_vaddr(*pgd_ref));
+ }
+- spin_unlock_irqrestore(&pgd_lock, flags);
++ spin_unlock(&pgd_lock);
+ }
+ }
+
+Index: linux-2.6.34-openSUSE-11.3/arch/x86/mm/pageattr-xen.c
+===================================================================
+--- linux-2.6.34-openSUSE-11.3.orig/arch/x86/mm/pageattr-xen.c
++++ linux-2.6.34-openSUSE-11.3/arch/x86/mm/pageattr-xen.c
+@@ -56,12 +56,10 @@ static unsigned long direct_pages_count[
+
+ void update_page_count(int level, unsigned long pages)
+ {
+- unsigned long flags;
+-
+ /* Protect against CPA */
+- spin_lock_irqsave(&pgd_lock, flags);
++ spin_lock(&pgd_lock);
+ direct_pages_count[level] += pages;
+- spin_unlock_irqrestore(&pgd_lock, flags);
++ spin_unlock(&pgd_lock);
+ }
+
+ static void split_page_count(int level)
+@@ -409,7 +407,7 @@ static int
+ try_preserve_large_page(pte_t *kpte, unsigned long address,
+ struct cpa_data *cpa)
+ {
+- unsigned long nextpage_addr, numpages, pmask, psize, flags, addr, pfn;
++ unsigned long nextpage_addr, numpages, pmask, psize, addr, pfn;
+ pte_t new_pte, old_pte, *tmp;
+ pgprot_t old_prot, new_prot;
+ int i, do_split = 1;
+@@ -418,7 +416,7 @@ try_preserve_large_page(pte_t *kpte, uns
+ if (cpa->force_split)
+ return 1;
+
+- spin_lock_irqsave(&pgd_lock, flags);
++ spin_lock(&pgd_lock);
+ /*
+ * Check for races, another CPU might have split this page
+ * up already:
+@@ -515,14 +513,14 @@ try_preserve_large_page(pte_t *kpte, uns
+ }
+
+ out_unlock:
+- spin_unlock_irqrestore(&pgd_lock, flags);
++ spin_unlock(&pgd_lock);
+
+ return do_split;
+ }
+
+ static int split_large_page(pte_t *kpte, unsigned long address)
+ {
+- unsigned long flags, mfn, mfninc = 1;
++ unsigned long mfn, mfninc = 1;
+ unsigned int i, level;
+ pte_t *pbase, *tmp;
+ pgprot_t ref_prot;
+@@ -536,7 +534,7 @@ static int split_large_page(pte_t *kpte,
+ if (!base)
+ return -ENOMEM;
+
+- spin_lock_irqsave(&pgd_lock, flags);
++ spin_lock(&pgd_lock);
+ /*
+ * Check for races, another CPU might have split this page
+ * up for us already:
+@@ -612,7 +610,7 @@ out_unlock:
+ */
+ if (base)
+ __free_page(base);
+- spin_unlock_irqrestore(&pgd_lock, flags);
++ spin_unlock(&pgd_lock);
+
+ return 0;
+ }
+Index: linux-2.6.34-openSUSE-11.3/arch/x86/mm/pgtable-xen.c
+===================================================================
+--- linux-2.6.34-openSUSE-11.3.orig/arch/x86/mm/pgtable-xen.c
++++ linux-2.6.34-openSUSE-11.3/arch/x86/mm/pgtable-xen.c
+@@ -358,7 +358,6 @@ void mm_unpin(struct mm_struct *mm)
+ void mm_pin_all(void)
+ {
+ struct page *page;
+- unsigned long flags;
+
+ if (xen_feature(XENFEAT_writable_page_tables))
+ return;
+@@ -369,12 +368,13 @@ void mm_pin_all(void)
+ * All other CPUs must be at a safe point (e.g., in stop_machine
+ * or offlined entirely).
+ */
+- spin_lock_irqsave(&pgd_lock, flags);
++ BUG_ON(!irqs_disabled());
++ spin_lock(&pgd_lock);
+ list_for_each_entry(page, &pgd_list, lru) {
+ if (!PagePinned(page))
+ __pgd_pin((pgd_t *)page_address(page));
+ }
+- spin_unlock_irqrestore(&pgd_lock, flags);
++ spin_unlock(&pgd_lock);
+ }
+
+ void arch_dup_mmap(struct mm_struct *oldmm, struct mm_struct *mm)
+@@ -460,12 +460,10 @@ static void pgd_ctor(pgd_t *pgd)
+
+ static void pgd_dtor(pgd_t *pgd)
+ {
+- unsigned long flags; /* can be called from interrupt context */
+-
+ if (!SHARED_KERNEL_PMD) {
+- spin_lock_irqsave(&pgd_lock, flags);
++ spin_lock(&pgd_lock);
+ pgd_list_del(pgd);
+- spin_unlock_irqrestore(&pgd_lock, flags);
++ spin_unlock(&pgd_lock);
+ }
+
+ pgd_test_and_unpin(pgd);
+@@ -630,7 +628,6 @@ pgd_t *pgd_alloc(struct mm_struct *mm)
+ {
+ pgd_t *pgd;
+ pmd_t *pmds[PREALLOCATED_PMDS];
+- unsigned long flags;
+
+ pgd = (pgd_t *)__get_free_pages(PGALLOC_GFP, PGD_ORDER);
+
+@@ -650,13 +647,13 @@ pgd_t *pgd_alloc(struct mm_struct *mm)
+ * respect to anything walking the pgd_list, so that they
+ * never see a partially populated pgd.
+ */
+- spin_lock_irqsave(&pgd_lock, flags);
++ spin_lock(&pgd_lock);
+
+ #ifdef CONFIG_X86_PAE
+ /* Protect against save/restore: move below 4GB under pgd_lock. */
+ if (!xen_feature(XENFEAT_pae_pgdir_above_4gb)
+ && xen_create_contiguous_region((unsigned long)pgd, 0, 32)) {
+- spin_unlock_irqrestore(&pgd_lock, flags);
++ spin_unlock(&pgd_lock);
+ goto out_free_pmds;
+ }
+ #endif
+@@ -664,7 +661,7 @@ pgd_t *pgd_alloc(struct mm_struct *mm)
+ pgd_ctor(pgd);
+ pgd_prepopulate_pmd(mm, pgd, pmds);
+
+- spin_unlock_irqrestore(&pgd_lock, flags);
++ spin_unlock(&pgd_lock);
+
+ return pgd;
+
++++++ series.conf ++++++
--- /var/tmp/diff_new_pack.ZA1beI/_old 2012-01-04 00:42:43.000000000 +0100
+++ /var/tmp/diff_new_pack.ZA1beI/_new 2012-01-04 00:42:43.000000000 +0100
@@ -292,6 +292,7 @@
patches.fixes/vm-fix-vm_pgoff-wrap-in-upward-expansion.patch
patches.fixes/mm-avoid-wrapping-vm_pgoff-in-mremap.patch
patches.fixes/validate-size-of-efi-guid-partition-entries.patch
+ patches.fixes/x86-mm-Fix-pgd_lock-deadlock.patch
# bug 697901
patches.fixes/ksm-fix-null-pointer-dereference-in-scan_get_next_rmap_item.patch
@@ -406,6 +407,8 @@
patches.drivers/gro-Reset-dev-pointer-on-reuse.patch
patches.drivers/gro-reset-skb_iif-on-reuse.patch
patches.fixes/limit-sysctl_tcp_mem-and-sysctl_udp_mem-initializers.patch
+ patches.fixes/ipv6-make-fragment-identifications-less-predictable.patch
+ patches.fixes/ipv6-fix-NULL-dereference-in-udp6_ufo_fragment.patch
########################################################
# NFS
@@ -579,6 +582,7 @@
patches.suse/0016-ext4-Implement-richacl-support-in-ext4.patch
patches.fixes/writeback_fix_sb_locking.diff
+ patches.fixes/hfs-fix-hfs_find_init-sb-ext_tree-null-ptr-oops.patch
patches.fixes/debugfs_remove_corruption.diff
patches.fixes/ecryptfs-add-mount-option-to-check-uid-of-device.patch
@@ -680,6 +684,8 @@
patches.fixes/scsi-ibmvscsi-module_alias.patch
+ patches.fixes/ata-pata_it821x-fix-types-array.patch
+
########################################################
# DRM/Video
########################################################
@@ -692,6 +698,7 @@
patches.fixes/drm-radeon-kms-check-AA-resolve-registers-on-r300.patch
patches.fixes/drm-radeon-kms-register-an-i2c-adapter-name-for-the-dp-aux-bus.patch
patches.fixes/drm-radeon-kms-fix-i2c-masks.patch
+ patches.fixes/drm-radeon-kms-fix-up-gpio-i2c-mask-bits-for-r4xx.patch
########################################################
# video4linux
@@ -726,6 +733,14 @@
patches.fixes/phonet-some-signedness-bugs
patches.fixes/rose-prevent-heap-corruption-with-bad-facilities.patch
patches.fixes/rose-add-length-checks-to-CALL_REQUEST-parsing.patch
+ patches.fixes/af_packet-prevent-information-leak
+ patches.fixes/igbvf-remove-extra-struct-page-member
+ patches.fixes/gro-only-reset-frag0-when-skb-can-be-pulled
+ patches.fixes/dccp-handle-invalid-feature-options-length
+ patches.fixes/netfilter-ipt_CLUSTERIP-fix-buffer-overflow
+ patches.fixes/vlan-reset-skb-vlan_tci-field-before-reusing-skb.patch
+ patches.fixes/inet_diag-fix-inet_diag_bc_audit.patch
+ patches.fixes/net_sched-Fix-qdisc_notify.patch
########################################################
# Wireless Networking
@@ -757,6 +772,8 @@
patches.kabi/rt2x00-channel_info.patch
patches.fixes/orinoco-allow-IW_AUTH_MFP-to-pass-through.patch
patches.fixes/orinoco-abort-scan-on-interface-down.patch
+ patches.fixes/batman-adv-bat_socket_read-missing-checks.patch
+ patches.fixes/batman-adv-Only-write-requested-number-of-byte-to-us.patch
########################################################
# ISDN
@@ -787,6 +804,7 @@
# I2C
########################################################
patches.fixes/i2c-algo-bit-call-pre-post_xfer-for-bit_test.patch
+ patches.fixes/i2c-taos-evm-fix-log-messages.patch
########################################################
# Input & Console
@@ -837,6 +855,7 @@
########################################################
patches.fixes/ieee1394-sbp2_long_sysfs_ieee1394_id.patch
patches.fixes/parport-mutex
+ patches.fixes/i8k-avoid-lahf-in-64bit-code.patch
# suse-2.4 compatible crypto loop driver
patches.suse/twofish-2.6
@@ -1003,6 +1022,12 @@
patches.fixes/kvm-macos.patch
patches.fixes/kvm-move-dr-register-access-handling-into-generic-code
+ ########################################################
+ # Crypto
+ ########################################################
+ patches.fixes/crypto-ghash-avoid-null-pointer-dereference-if-no-key-is-set
+
+
########################################################
# Staging tree patches
# new drivers that are going upstream
@@ -1129,6 +1154,7 @@
patches.xen/xen3-stack-unwind
patches.xen/xen3-x86_64-unwind-annotations
patches.xen/xen3-x86_cpufreq_make_trace_power_frequency_cpufreq_driver_independent.patch
+ patches.xen/xen3-x86-mm-Fix-pgd_lock-deadlock.patch
# bugfixes and enhancements
patches.xen/xen-balloon-max-target
++++++ source-timestamp ++++++
--- /var/tmp/diff_new_pack.ZA1beI/_old 2012-01-04 00:42:43.000000000 +0100
+++ /var/tmp/diff_new_pack.ZA1beI/_new 2012-01-04 00:42:43.000000000 +0100
@@ -1,3 +1,3 @@
-2011-10-19 22:16:41 +0200
-GIT Revision: e5de38737cdc6b3c05a1c5214630aac9dd7ca1c4
+2011-12-13 18:27:38 +0100
+GIT Revision: 427d633d184922f18028a7370798315199e94475
GIT Branch: openSUSE-11.3
continue with "q"...
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package kernel-source for openSUSE:11.4
checked in at Wed Jan 4 00:42:31 CET 2012.
--------
--- old-versions/11.4/UPDATES/all/kernel-source/kernel-debug.changes 2011-10-24 17:40:39.000000000 +0200
+++ 11.4/kernel-source/kernel-debug.changes 2011-12-21 17:33:48.000000000 +0100
@@ -1,0 +2,219 @@
+Mon Dec 19 23:39:38 CET 2011 - bpoirier(a)suse.de
+
+- econet: 4 byte infoleak to the network (bnc#681184
+ CVE-2011-1173).
+- commit d3bfb6d
+
+-------------------------------------------------------------------
+Sun Dec 18 23:04:20 CET 2011 - bpoirier(a)suse.de
+
+- ipv6: netfilter: ip6_tables: fix infoleak to userspace
+ (bnc#681185 CVE-2011-1172).
+- commit 869dd96
+
+-------------------------------------------------------------------
+Tue Dec 13 19:45:17 CET 2011 - bpoirier(a)suse.de
+
+- batman-adv: Only write requested number of byte to user buffer
+ (bnc#736149 CVE-2011-4604).
+- batman-adv: bat_socket_read missing checks (bnc#736149
+ CVE-2011-4604).
+- commit 07f855d
+
+-------------------------------------------------------------------
+Thu Dec 8 16:42:33 CET 2011 - bpoirier(a)suse.de
+
+- ipv6: fix NULL dereference in udp6_ufo_fragment() (bnc#707288
+ CVE-2011-2699).
+- commit 2d6bb88
+
+-------------------------------------------------------------------
+Mon Dec 5 16:37:44 CET 2011 - bpoirier(a)suse.de
+
+- netfilter: ip_tables: fix infoleak to userspace (bnc#681181
+ CVE-2011-1171).
+- commit e090058
+
+-------------------------------------------------------------------
+Mon Dec 5 01:09:38 CET 2011 - bpoirier(a)suse.de
+
+- netfilter: arp_tables: fix infoleak to userspace (bnc#681180
+ CVE-2011-1170).
+- commit 8b41f28
+
+-------------------------------------------------------------------
+Fri Dec 2 21:42:53 CET 2011 - bpoirier(a)suse.de
+
+- bridge: netfilter: fix information leak (bnc#676602
+ CVE-2011-1080).
+- commit 62c3d6e
+
+-------------------------------------------------------------------
+Thu Dec 1 15:41:39 CET 2011 - mhocko(a)suse.cz
+
+- Refresh
+ patches.fixes/cgroup_freezer_freeze_stopped_tasks_correctly.patch.
+- commit 22bd277
+
+-------------------------------------------------------------------
+Thu Dec 1 09:34:26 CET 2011 - jbeulich(a)novell.com
+
+- patches.xen/1124-x86-undo-limit-pages.patch: x86: undo_limit_pages()
+ must reset page count.
+- patches.xen/1126-netback-invalidation-index.patch: netback: use correct
+ index for invalidation in netbk_tx_check_mop().
+- patches.xen/xen3-patch-2.6.37: Add barrier emulation to blkback.
+- Refresh other Xen patches.
+- commit 36149a1
+
+-------------------------------------------------------------------
+Thu Dec 1 00:01:12 CET 2011 - bpoirier(a)suse.de
+
+- inet_diag: fix inet_diag_bc_audit() (bnc#700879 CVE-2011-2213).
+- commit 12c0a80
+
+-------------------------------------------------------------------
+Thu Nov 24 10:33:03 CET 2011 - jdelvare(a)suse.de
+
+- patches.fixes/drm-radeon-kms-fix-up-gpio-i2c-mask-bits-for-r4xx.patch: Add missing git-commit.
+- commit 350fcc8
+
+-------------------------------------------------------------------
+Wed Nov 23 17:59:15 CET 2011 - jdelvare(a)suse.de
+
+- hwmon: (max1111) Fix race condition causing NULL pointer
+ exception.
+- hwmon: (it87) Fix label group removal.
+- hwmon: (coretemp) Fix TjMax detection for older CPUs.
+- hwmon: (coretemp) Relax target temperature range check.
+- hwmon: (asus_atk0110) Fix memory leak.
+- i2c/pca954x: Initialize the mux to disconnected state.
+- commit f33e890
+
+-------------------------------------------------------------------
+Wed Nov 23 10:33:26 CET 2011 - jdelvare(a)suse.de
+
+- Move drm-radeon-kms-fix-up-gpio-i2c-mask-bits-for-r4xx.patch to a better place
+- commit 5da68df
+
+-------------------------------------------------------------------
+Tue Nov 22 15:55:49 CET 2011 - jdelvare(a)suse.de
+
+- drm/radeon/kms: fix up gpio i2c mask bits for r4xx (bnc#691052).
+- commit 1b9d079
+
+-------------------------------------------------------------------
+Tue Nov 22 11:16:20 CET 2011 - mhocko(a)suse.cz
+
+- cgroup_freezer: fix freezing groups with stopped tasks
+ (bnc#713933).
+- commit fef1462
+
+-------------------------------------------------------------------
+Mon Nov 21 21:52:19 CET 2011 - bpoirier(a)suse.de
+
+- netfilter: ipt_CLUSTERIP: fix buffer overflow (bnc#702037
+ CVE-2011-2534).
+- commit 6480665
+
+-------------------------------------------------------------------
+Fri Nov 18 23:37:34 CET 2011 - bpoirier(a)suse.de
+
+- dccp: handle invalid feature options length (bnc#692498
+ CVE-2011-1770).
+- commit fa6032a
+
+-------------------------------------------------------------------
+Tue Nov 15 17:45:17 CET 2011 - bpoirier(a)suse.de
+
+- ipv6: make fragment identifications less predictable (bnc#707288
+ CVE-2011-2699).
+- commit 9c1c64f
+
+-------------------------------------------------------------------
+Tue Nov 15 17:05:09 CET 2011 - jbeulich(a)novell.com
+
+- re-introduce machine_to_phys_order for kABI consistency.
+- commit 5dbc86b
+
+-------------------------------------------------------------------
+Tue Nov 15 13:52:02 CET 2011 - jbeulich(a)novell.com
+
+- patches.xen/1101-x86-m2p-nr.patch: x86: replace order-based range
+ checking of M2P table by linear one.
+- Refresh other Xen patches.
+- commit 8dd9722
+
+-------------------------------------------------------------------
+Mon Nov 14 16:46:15 CET 2011 - bpoirier(a)suse.de
+
+- gro: Only reset frag0 when skb can be pulled (bnc#709764
+ CVE-2011-2723).
+- commit e289f56
+
+-------------------------------------------------------------------
+Mon Nov 14 14:02:54 CET 2011 - bpoirier(a)suse.de
+
+- igbvf: Remove extra struct page member
+ (http://article.gmane.org/gmane.linux.network/180760).
+- commit 1ad2feb
+
+-------------------------------------------------------------------
+Fri Nov 11 22:18:34 CET 2011 - bpoirier(a)suse.de
+
+- af_packet: prevent information leak (bnc#710235 CVE-2011-2898).
+- commit 1e4accd
+
+-------------------------------------------------------------------
+Mon Nov 7 05:21:38 CET 2011 - neilb(a)suse.de
+
+- sunrpc: wake up SOFTCONN tasks when a connection error happens
+ (bnc#679059).
+- commit 561328d
+
+-------------------------------------------------------------------
+Fri Nov 4 18:22:55 CET 2011 - jbohac(a)suse.cz
+
+- ip: ip_options_compile() resilient to NULL skb route
+ (bnc#709561, CVE-2011-4087).
+- bridge: reset IPCB in br_parse_ip_options (bnc#709561,
+ CVE-2011-4087).
+- commit af1bd88
+
+-------------------------------------------------------------------
+Thu Nov 3 17:56:46 CET 2011 - mszeredi(a)suse.cz
+
+- patches.fixes/hfs-fix-hfs_find_init-sb-ext_tree-null-ptr-oops.patch:
+ hfs: fix hfs_find_init() sb->ext_tree NULL ptr oops
+ (CVE-2011-2203 bnc#699709).
+- commit 726dc6b
+
+-------------------------------------------------------------------
+Thu Nov 3 16:55:32 CET 2011 - jeffm(a)suse.com
+
+- crypto: ghash - Avoid null pointer dereference if no key is set
+ (CVE-2011-4081 bnc#726788).
+- commit fc6977d
+
++++ 22 more lines (skipped)
++++ between old-versions/11.4/UPDATES/all/kernel-source/kernel-debug.changes
++++ and 11.4/kernel-source/kernel-debug.changes
kernel-default.changes: same change
kernel-desktop.changes: same change
kernel-docs.changes: same change
kernel-ec2.changes: same change
kernel-net.changes: same change
kernel-pae.changes: same change
kernel-ppc64.changes: same change
kernel-ps3.changes: same change
kernel-s390.changes: same change
kernel-source.changes: same change
kernel-syms.changes: same change
kernel-trace.changes: same change
kernel-vanilla.changes: same change
kernel-vmi.changes: same change
kernel-xen.changes: same change
calling whatdependson for 11.4-i586
Old:
----
minmem
needed_space_in_mb
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ kernel-debug.spec ++++++
--- /var/tmp/diff_new_pack.z8ue8i/_old 2012-01-04 00:40:54.000000000 +0100
+++ /var/tmp/diff_new_pack.z8ue8i/_new 2012-01-04 00:40:54.000000000 +0100
@@ -1,7 +1,7 @@
#
# spec file for package kernel-debug
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -56,7 +56,7 @@
Name: kernel-debug
Summary: A Debug Version of the Kernel
Version: 2.6.37.6
-Release: 0.<RELEASE9>
+Release: 0.<RELEASE11>
%if %using_buildservice
%else
%endif
kernel-default.spec: same change
kernel-desktop.spec: same change
kernel-docs.spec: same change
kernel-ec2.spec: same change
++++++ kernel-net.spec ++++++
--- /var/tmp/diff_new_pack.z8ue8i/_old 2012-01-04 00:40:55.000000000 +0100
+++ /var/tmp/diff_new_pack.z8ue8i/_new 2012-01-04 00:40:55.000000000 +0100
@@ -1,7 +1,7 @@
#
# spec file for package kernel-net
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -56,7 +56,7 @@
Name: kernel-net
Summary: Minimal kernel with disk and net support
Version: 2.6.37.6
-Release: 0.<RELEASE4>
+Release: 0.<RELEASE5>
%if %using_buildservice
%else
%endif
++++++ kernel-pae.spec ++++++
--- /var/tmp/diff_new_pack.z8ue8i/_old 2012-01-04 00:40:55.000000000 +0100
+++ /var/tmp/diff_new_pack.z8ue8i/_new 2012-01-04 00:40:55.000000000 +0100
@@ -1,7 +1,7 @@
#
# spec file for package kernel-pae
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -56,7 +56,7 @@
Name: kernel-pae
Summary: Kernel with PAE Support
Version: 2.6.37.6
-Release: 0.<RELEASE9>
+Release: 0.<RELEASE11>
%if %using_buildservice
%else
%endif
++++++ kernel-ppc64.spec ++++++
--- /var/tmp/diff_new_pack.z8ue8i/_old 2012-01-04 00:40:55.000000000 +0100
+++ /var/tmp/diff_new_pack.z8ue8i/_new 2012-01-04 00:40:55.000000000 +0100
@@ -1,7 +1,7 @@
#
# spec file for package kernel-ppc64
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -56,7 +56,7 @@
Name: kernel-ppc64
Summary: Kernel for ppc64 Systems
Version: 2.6.37.6
-Release: 0.<RELEASE4>
+Release: 0.<RELEASE5>
%if %using_buildservice
%else
%endif
kernel-ps3.spec: same change
kernel-s390.spec: same change
++++++ kernel-source.spec ++++++
--- /var/tmp/diff_new_pack.z8ue8i/_old 2012-01-04 00:40:55.000000000 +0100
+++ /var/tmp/diff_new_pack.z8ue8i/_new 2012-01-04 00:40:55.000000000 +0100
@@ -1,7 +1,7 @@
#
# spec file for package kernel-source
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -30,7 +30,7 @@
Name: kernel-source
Summary: The Linux Kernel Sources
Version: 2.6.37.6
-Release: 0.<RELEASE9>
+Release: 0.<RELEASE11>
%if %using_buildservice
%else
%endif
++++++ kernel-syms.spec ++++++
--- /var/tmp/diff_new_pack.z8ue8i/_old 2012-01-04 00:40:55.000000000 +0100
+++ /var/tmp/diff_new_pack.z8ue8i/_new 2012-01-04 00:40:55.000000000 +0100
@@ -1,7 +1,7 @@
#
# spec file for package kernel-syms
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -24,7 +24,7 @@
Name: kernel-syms
Summary: Kernel Symbol Versions (modversions)
Version: 2.6.37.6
-Release: 0.<RELEASE9>
+Release: 0.<RELEASE11>
%if %using_buildservice
%else
%define kernel_source_release %(LC_ALL=C rpm -q kernel-devel%variant-%version --qf "%{RELEASE}" | grep -v 'not installed' || echo 0)
++++++ kernel-trace.spec ++++++
--- /var/tmp/diff_new_pack.z8ue8i/_old 2012-01-04 00:40:55.000000000 +0100
+++ /var/tmp/diff_new_pack.z8ue8i/_new 2012-01-04 00:40:55.000000000 +0100
@@ -1,7 +1,7 @@
#
# spec file for package kernel-trace
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -56,7 +56,7 @@
Name: kernel-trace
Summary: The Standard Kernel with Tracing Features
Version: 2.6.37.6
-Release: 0.<RELEASE9>
+Release: 0.<RELEASE11>
%if %using_buildservice
%else
%endif
kernel-vanilla.spec: same change
kernel-vmi.spec: same change
kernel-xen.spec: same change
++++++ patches.fixes.tar.bz2 ++++++
++++ 1957 lines of diff (skipped)
++++++ patches.kabi.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kabi/1101-x86-m2p-nr.patch new/patches.kabi/1101-x86-m2p-nr.patch
--- old/patches.kabi/1101-x86-m2p-nr.patch 1970-01-01 01:00:00.000000000 +0100
+++ new/patches.kabi/1101-x86-m2p-nr.patch 2011-11-15 17:05:09.000000000 +0100
@@ -0,0 +1,27 @@
+From: jbeulich(a)novell.com
+Subject: re-introduce machine_to_phys_order for kABI consistency
+Patch-mainline: n/a
+
+On 64-bit we can safely expose the symbol, but on 32-bit exposing it
+leaves the problem addressed by the original change un-fixed for any
+consumer.
+
+--- 11.4-2011-10-05.orig/arch/x86/kernel/head-xen.c 2010-11-25 14:57:41.000000000 +0100
++++ 11.4-2011-10-05/arch/x86/kernel/head-xen.c 2011-10-06 10:58:43.000000000 +0200
+@@ -82,6 +82,8 @@ unsigned long *__read_mostly machine_to_
+ EXPORT_SYMBOL(machine_to_phys_mapping);
+ unsigned long __read_mostly machine_to_phys_nr;
+ EXPORT_SYMBOL(machine_to_phys_nr);
++static unsigned int machine_to_phys_order;
++EXPORT_SYMBOL(machine_to_phys_order);
+
+ void __init xen_start_kernel(void)
+ {
+@@ -99,6 +101,7 @@ void __init xen_start_kernel(void)
+ WARN_ON(machine_to_phys_mapping + (machine_to_phys_nr - 1)
+ < machine_to_phys_mapping);
+ #endif
++ machine_to_phys_order = __fls(machine_to_phys_nr - 1);
+
+ if (!xen_feature(XENFEAT_auto_translated_physmap))
+ phys_to_machine_mapping =
++++++ patches.xen.tar.bz2 ++++++
++++ 23171 lines of diff (skipped)
++++++ series.conf ++++++
--- /var/tmp/diff_new_pack.z8ue8i/_old 2012-01-04 00:40:59.000000000 +0100
+++ /var/tmp/diff_new_pack.z8ue8i/_new 2012-01-04 00:40:59.000000000 +0100
@@ -90,6 +90,11 @@
# Bug workarounds for binutils
########################################################
+ ########################################################
+ # Generic cgroup patches
+ ########################################################
+ patches.fixes/cgroup_freezer_freeze_stopped_tasks_correctly.patch
+
########################################################
# Scheduler / Core
########################################################
@@ -255,6 +260,7 @@
patches.fixes/fuse-check-size-of-fuse_notify_inval_entry-message.patch
patches.fixes/memsw-remove-noswapaccount-kernel-parameter.patch
+ patches.fixes/oom-thaw-threads-if-oom-killed-thread-is-frozen-befo.patch
########################################################
# IPC patches
@@ -371,6 +377,9 @@
patches.fixes/bonding-Incorrect-TX-queue-offset.patch
patches.fixes/cdc-phonet-fix-stop-queue-handling.patch
patches.fixes/ip_expire-must-revalidate-route.patch
+ patches.fixes/ipv6-make-fragment-identifications-less-predictable.patch
+ patches.fixes/ipv6-fix-NULL-dereference-in-udp6_ufo_fragment.patch
+ patches.fixes/ipv6-netfilter-ip6_tables-fix-infoleak-to-userspace.patch
########################################################
# NFS
@@ -385,6 +394,7 @@
patches.kabi/NLM-Don-t-hang-forever-on-NLM-unlock-requests-fix.patch
patches.fixes/nfsd-nfs4state-bug-fix
patches.fixes/nfsd-fix-filp-leak.patch
+ patches.fixes/nfs-connect-timeout
########################################################
# lockd + statd
@@ -503,6 +513,7 @@
patches.suse/0015-ext4-Use-IS_POSIXACL-to-check-for-POSIX-ACL-support.patch
patches.suse/0016-ext4-Implement-richacl-support-in-ext4.patch
+ patches.fixes/hfs-fix-hfs_find_init-sb-ext_tree-null-ptr-oops.patch
patches.fixes/debugfs_remove_corruption.diff
patches.fixes/ecryptfs-add-mount-option-to-check-uid-of-device.patch
@@ -610,11 +621,14 @@
patches.fixes/loop-queue_lock-null-pointer-derefence-in-blk_throtl_exit-v3.patch
patches.fixes/scsi-blacklist-traxdata-iomega-drives-avoid-lock-ups
+ patches.fixes/ata-pata_it821x-fix-types-array.patch
+
########################################################
# DRM/Video
########################################################
patches.fixes/drm-radeon-kms-check-AA-resolve-registers-on-r300.patch
patches.fixes/drm-radeon-kms-fix-i2c-masks.patch
+ patches.fixes/drm-radeon-kms-fix-up-gpio-i2c-mask-bits-for-r4xx.patch
########################################################
# video4linux
@@ -646,6 +660,18 @@
patches.fixes/bridge-fix-802.3ad-bonding.patch
patches.fixes/rose-prevent-heap-corruption-with-bad-facilities.patch
patches.fixes/rose-add-length-checks-to-CALL_REQUEST-parsing.patch
+ patches.fixes/bridge-reset-IPCB-in-br_parse_ip_options.patch
+ patches.fixes/ip-ip_options_compile-resilient-to-NULL-skb-route.patch
+ patches.fixes/af_packet-prevent-information-leak
+ patches.fixes/igbvf-remove-extra-struct-page-member
+ patches.fixes/gro-only-reset-frag0-when-skb-can-be-pulled
+ patches.fixes/dccp-handle-invalid-feature-options-length
+ patches.fixes/netfilter-ipt_CLUSTERIP-fix-buffer-overflow
+ patches.fixes/inet_diag-fix-inet_diag_bc_audit.patch
+ patches.fixes/bridge-netfilter-fix-information-leak.patch
+ patches.fixes/netfilter-arp_tables-fix-infoleak-to-userspace.patch
+ patches.fixes/netfilter-ip_tables-fix-infoleak-to-userspace.patch
+ patches.fixes/econet-4-byte-infoleak-to-the-network.patch
########################################################
# Wireless Networking
@@ -656,6 +682,8 @@
patches.fixes/orinoco-allow-IW_AUTH_MFP-to-pass-through.patch
patches.drivers/iwl-cleanup-iwl_good_ack_health.patch
patches.drivers/iwl-fix-ack-health-for-WiFi-BT-combo-devices.patch
+ patches.fixes/batman-adv-bat_socket_read-missing-checks.patch
+ patches.fixes/batman-adv-Only-write-requested-number-of-byte-to-us.patch
########################################################
# ISDN
@@ -684,6 +712,8 @@
# I2C
########################################################
patches.fixes/i2c-algo-bit-call-pre-post_xfer-for-bit_test.patch
+ patches.fixes/i2c-taos-evm-fix-log-messages.patch
+ patches.fixes/i2c-pca954x-initialize-the-mux-to-disconnected-state.patch
########################################################
# Input & Console
@@ -745,6 +775,7 @@
# Other driver fixes
########################################################
patches.fixes/parport-mutex
+ patches.fixes/i8k-avoid-lahf-in-64bit-code.patch
# suse-2.4 compatible crypto loop driver
patches.suse/twofish-2.6
@@ -754,6 +785,12 @@
patches.fixes/ips-use-interruptible-waits.patch
patches.fixes/eeepc-laptop-Use-ACPI-handle-to-identify-rfkill-port.patch
+ patches.fixes/hwmon-asus_atk0110-fix-memory-leak.patch
+ patches.fixes/hwmon-coretemp-relax-temperature-range-checks.patch
+ patches.fixes/hwmon-coretemp-fix-tjmax-detection-for-older-cpus.patch
+ patches.fixes/hwmon-it87-fix-label-group-removal.patch
+ patches.fixes/hwmon-max1111-fix-race-condition-causing-null-pointer-exception.patch
+
########################################################
# Other drivers we have added to the tree
########################################################
@@ -868,6 +905,11 @@
patches.fixes/kvm-ioapic.patch
patches.fixes/kvm-macos.patch
+ ########################################################
+ # Crypto
+ ########################################################
+ patches.fixes/crypto-ghash-avoid-null-pointer-dereference-if-no-key-is-set
+
########################################################
# Staging tree patches
# new drivers that are going upstream
@@ -945,6 +987,9 @@
patches.xen/1090-blktap-locking.patch
patches.xen/1091-xenbus-dev-no-BUG.patch
patches.xen/1098-blkfront-cdrom-ioctl-check.patch
+ patches.xen/1101-x86-m2p-nr.patch
+ patches.xen/1124-x86-undo-limit-pages.patch
+ patches.xen/1126-netback-invalidation-index.patch
# changes outside arch/{i386,x86_64}/xen
patches.xen/xen3-fixup-kconfig
@@ -1030,3 +1075,4 @@
patches.xen/xen-x86_64-dump-user-pgt
patches.xen/xen-x86_64-note-init-p2m
patches.xen/xen-x86_64-unmapped-initrd
+ patches.kabi/1101-x86-m2p-nr.patch
++++++ source-timestamp ++++++
--- /var/tmp/diff_new_pack.z8ue8i/_old 2012-01-04 00:40:59.000000000 +0100
+++ /var/tmp/diff_new_pack.z8ue8i/_new 2012-01-04 00:40:59.000000000 +0100
@@ -1,3 +1,3 @@
-2011-10-19 22:33:27 +0200
-GIT Revision: 449d08f0d885f5830890eaf9b833579ee5938cc8
+2011-12-19 23:39:38 +0100
+GIT Revision: d3bfb6d541fd88f51a6e79389d445c715fefb91e
GIT Branch: openSUSE-11.4
continue with "q"...
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package yast2-mail for openSUSE:12.1:Update:Test checked in at 2012-01-03 17:45:15
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:12.1:Update:Test/yast2-mail (Old)
and /work/SRC/openSUSE:12.1:Update:Test/.yast2-mail.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "yast2-mail", Maintainer is "varkoly(a)suse.com"
Changes:
--------
--- /work/SRC/openSUSE:12.1:Update:Test/yast2-mail/yast2-mail.changes 2012-01-03 17:45:15.000000000 +0100
+++ /work/SRC/openSUSE:12.1:Update:Test/.yast2-mail.new/yast2-mail.changes 2012-01-03 17:45:17.000000000 +0100
@@ -1,0 +2,11 @@
+Fri Nov 4 11:28:24 UTC 2011 - varkoly(a)suse.com
+
+- FATE#311272: Do not rewrite postfix.cf via SuSEconfig
+- FATE#310517: DKIM and DomainKeys support
+
+-------------------------------------------------------------------
+Wed Oct 26 07:33:05 UTC 2011 - varkoly(a)suse.com
+
+- bnc#723742 - SLES11_SP2_LOC : The 'No Outgoing Mail' radio button can't check in Mail server global settings panel!
+
+-------------------------------------------------------------------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ yast2-mail.spec ++++++
--- /var/tmp/diff_new_pack.w86rCs/_old 2012-01-03 17:45:17.000000000 +0100
+++ /var/tmp/diff_new_pack.w86rCs/_new 2012-01-03 17:45:17.000000000 +0100
@@ -1,7 +1,7 @@
#
# spec file for package yast2-mail
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -23,12 +23,12 @@
Release: 0
BuildRoot: %{_tmppath}/%{name}-%{version}-build
-Source0: yast2-mail-%{version}.tar.bz2
+Source0: yast2-mail-2.21.1.tar.bz2
Prefix: /usr
Group: System/YaST
-License: GPLv2+
+License: GPL-2.0+
BuildRequires: perl-XML-Writer update-desktop-files yast2-devtools yast2-testsuite
BuildRequires: yast2-ldap-server yast2-network yast2-perl-bindings yast2-users
BuildRequires: perl-NetxAP
@@ -70,7 +70,7 @@
configuration.
%prep
-%setup -n yast2-mail-%{version}
+%setup -n yast2-mail-2.21.1
%build
%{prefix}/bin/y2tool y2autoconf
@@ -145,6 +145,7 @@
/usr/lib/YaST2/servers_non_y2/ag_smtp_auth
/usr/lib/YaST2/servers_non_y2/CyrusConfParser.pm
/usr/lib/YaST2/servers_non_y2/MasterCFParser.pm
+%attr(0755,root,root) /usr/lib/YaST2/servers_non_y2/setup_dkim_verifying.pl
%dir /etc/openldap/
%dir /etc/openldap/schema/
++++++ yast2-mail-2.21.1.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-mail-2.21.1/Makefile.am new/yast2-mail-2.21.1/Makefile.am
--- old/yast2-mail-2.21.1/Makefile.am 2011-10-04 10:35:18.000000000 +0200
+++ new/yast2-mail-2.21.1/Makefile.am 2011-07-28 10:32:52.000000000 +0200
@@ -20,6 +20,7 @@
IS_DEVTOOLS = $(findstring yast2-devtools,$(RPMNAME))
DEVTOOLS_DIR = $(if $(IS_DEVTOOLS),$(srcdir)/devtools,$(Y2DEVTOOLS_PREFIX)/share/YaST2/data/devtools)
+ALL_PACKAGES = $(DEVTOOLS_DIR)/admin/all-packages
LEGALESE_DIR = $(if $(HAS_YAST_LICENSE),$(DEVTOOLS_DIR)/admin/copyright/yast,$(DEVTOOLS_DIR)/admin/copyright/gpl)
COPYRIGHT_files_gpl = README COPYING
@@ -154,7 +155,7 @@
$(Y2TOOL) create-spec < $$i > $$here/package/$${newname} ; \
done
-package: check-up-to-date check-tagversion check-textdomain package-local
+package: check-up-to-date check-tagversion check-all-packages check-textdomain package-local
TAGVERSION = $(Y2TOOL) tagversion
@@ -184,6 +185,21 @@
check-parse:
@echo "Not running parseycp."
+check-all-packages:
+ @if [ ! -e "$(ALL_PACKAGES)" ]; then \
+ echo ERROR: "Can't find $(ALL_PACKAGES)"; false; \
+ fi
+ @if ! grep -q "^$(RPMNAME)[[:space:]]" $(ALL_PACKAGES); then \
+ echo ERROR: "$(RPMNAME) not in $(ALL_PACKAGES)"; false; \
+ fi
+ @if grep -q "^$(RPMNAME)[[:space:]]\+.*?" $(ALL_PACKAGES); then \
+ echo ERROR: "$(RPMNAME) info in $(ALL_PACKAGES) contains some unknown (?) fields:"; \
+ echo; \
+ grep "^$(RPMNAME)[[:space:]]\+.*?" $(ALL_PACKAGES); \
+ echo; \
+ false; \
+ fi
+
check-textdomain:
$(Y2TOOL) check-textdomain $(srcdir)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-mail-2.21.1/Makefile.in new/yast2-mail-2.21.1/Makefile.in
--- old/yast2-mail-2.21.1/Makefile.in 2011-10-04 10:35:21.000000000 +0200
+++ new/yast2-mail-2.21.1/Makefile.in 2011-07-28 10:32:55.000000000 +0200
@@ -263,6 +263,7 @@
# do we do Makefile.am for devtools? It is a little special...
IS_DEVTOOLS = $(findstring yast2-devtools,$(RPMNAME))
DEVTOOLS_DIR = $(if $(IS_DEVTOOLS),$(srcdir)/devtools,$(Y2DEVTOOLS_PREFIX)/share/YaST2/data/devtools)
+ALL_PACKAGES = $(DEVTOOLS_DIR)/admin/all-packages
LEGALESE_DIR = $(if $(HAS_YAST_LICENSE),$(DEVTOOLS_DIR)/admin/copyright/yast,$(DEVTOOLS_DIR)/admin/copyright/gpl)
COPYRIGHT_files_gpl = README COPYING
COPYRIGHT_files_yast = YAST_LICENSE README COPYING COPYRIGHT.english \
@@ -903,7 +904,7 @@
$(Y2TOOL) create-spec < $$i > $$here/package/$${newname} ; \
done
-package: check-up-to-date check-tagversion check-textdomain package-local
+package: check-up-to-date check-tagversion check-all-packages check-textdomain package-local
check-up-to-date check-cvs-up-to-date check-svn-up-to-date:
if [ -d $(srcdir)/CVS ]; then \
@@ -931,6 +932,21 @@
check-parse:
@echo "Not running parseycp."
+check-all-packages:
+ @if [ ! -e "$(ALL_PACKAGES)" ]; then \
+ echo ERROR: "Can't find $(ALL_PACKAGES)"; false; \
+ fi
+ @if ! grep -q "^$(RPMNAME)[[:space:]]" $(ALL_PACKAGES); then \
+ echo ERROR: "$(RPMNAME) not in $(ALL_PACKAGES)"; false; \
+ fi
+ @if grep -q "^$(RPMNAME)[[:space:]]\+.*?" $(ALL_PACKAGES); then \
+ echo ERROR: "$(RPMNAME) info in $(ALL_PACKAGES) contains some unknown (?) fields:"; \
+ echo; \
+ grep "^$(RPMNAME)[[:space:]]\+.*?" $(ALL_PACKAGES); \
+ echo; \
+ false; \
+ fi
+
check-textdomain:
$(Y2TOOL) check-textdomain $(srcdir)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-mail-2.21.1/agents/Makefile.am new/yast2-mail-2.21.1/agents/Makefile.am
--- old/yast2-mail-2.21.1/agents/Makefile.am 2011-10-04 10:34:51.000000000 +0200
+++ new/yast2-mail-2.21.1/agents/Makefile.am 2011-10-26 09:33:42.000000000 +0200
@@ -1,13 +1,13 @@
#
# Makefile.am for y2c_mail/agents
#
-# $Id: Makefile.am 38214 2007-05-30 18:57:59Z varkoly $
+# $Id: Makefile.am 66587 2011-10-26 07:33:40Z varkoly $
#
agent_SCRIPTS = ag_fetchmailrc \
ag_smtp_auth \
ag_mailtable \
- \
+ setup_dkim_verifying.pl \
ag_mailconfig \
ag_postfix_mastercf \
MasterCFParser.pm \
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-mail-2.21.1/agents/Makefile.in new/yast2-mail-2.21.1/agents/Makefile.in
--- old/yast2-mail-2.21.1/agents/Makefile.in 2011-10-04 10:35:21.000000000 +0200
+++ new/yast2-mail-2.21.1/agents/Makefile.in 2011-11-03 17:15:00.000000000 +0100
@@ -18,7 +18,7 @@
#
# Makefile.am for y2c_mail/agents
#
-# $Id: Makefile.am 38214 2007-05-30 18:57:59Z varkoly $
+# $Id: Makefile.am 66587 2011-10-26 07:33:40Z varkoly $
#
@@ -203,7 +203,7 @@
agent_SCRIPTS = ag_fetchmailrc \
ag_smtp_auth \
ag_mailtable \
- \
+ setup_dkim_verifying.pl \
ag_mailconfig \
ag_postfix_mastercf \
MasterCFParser.pm \
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-mail-2.21.1/agents/setup_dkim_verifying.pl new/yast2-mail-2.21.1/agents/setup_dkim_verifying.pl
--- old/yast2-mail-2.21.1/agents/setup_dkim_verifying.pl 1970-01-01 01:00:00.000000000 +0100
+++ new/yast2-mail-2.21.1/agents/setup_dkim_verifying.pl 2011-07-28 10:22:44.000000000 +0200
@@ -0,0 +1,190 @@
+#!/usr/bin/perl
+
+BEGIN { push @INC, "/usr/lib/YaST2/servers_non_y2"; }
+
+use strict;
+use MasterCFParser;
+my $DOMAIN=`postconf -h mydomain`;
+chomp $DOMAIN;
+
+if( ! "$DOMAIN" ) {
+ print "Bad postfix configuration. mydomain can not be detected";
+ exit 1;
+}
+
+#Generate the key
+if( ! -e "/var/db/dkim/$DOMAIN.pem" ){
+ print "Creating /var/db/dkim/$DOMAIN.pem\n";
+ system( "mkdir -p /var/db/dkim/; amavisd genrsa /var/db/dkim/$DOMAIN.pem;");
+}
+
+#Introduce key into /etc/amavisd.conf
+my $amavisd = "";
+my $enable_dkim_signing = 0;
+open IN, "</etc/amavisd.conf";
+while(<IN>)
+{
+ if( /^\$inet_socket_port/ )
+ {
+ $amavisd .= '$inet_socket_port = [10024,10026];'."\n";
+ next;
+ }
+ if( /^\$enable_dkim_signing/ )
+ {
+ $amavisd .= '$enable_dkim_signing = 1;'."\n";
+ $enable_dkim_signing = 1;
+ next;
+ }
+ if( $enable_dkim_signing )
+ {
+ my $dkim = "dkim_key('$DOMAIN', 'default', '/var/db/dkim/$DOMAIN.pem');";
+ if( ! /$dkim/ )
+ {
+ $amavisd .= "$dkim\n$_";
+ }
+ $enable_dkim_signing = 0;
+ next;
+ }
+ $amavisd .= $_;
+}
+close IN;
+system("cp /etc/amavisd.conf /etc/amavisd.conf.backup");
+open OUT, ">/etc/amavisd.conf";
+print OUT $amavisd;
+close OUT;
+
+#Now we adapt master.cf
+my $msc = new MasterCFParser();
+$msc->readMasterCF();
+
+if( ! $msc->serviceExists( { service => 'submission' , command => 'smtpd' } ))
+{
+ if( $msc->addService( { 'service' => 'submission',
+ 'type' => 'inet',
+ 'private' => 'n',
+ 'unpriv' => '-',
+ 'chroot' => 'n',
+ 'wakeup' => '-',
+ 'maxproc' => '-',
+ 'command' => 'smtpd',
+ 'options' => { 'content_filte' => 'amavis:[127.0.0.1]:10026',
+ 'smtpd_recipient_restrictions' => 'permit_sasl_authenticated,permit_mynetworks,reject' }
+ }) )
+ {
+ print "ERROR in addService()\n";
+ }
+}
+else
+{
+ if( $msc->modifyService( { 'service' => 'submission',
+ 'type' => 'inet',
+ 'private' => 'n',
+ 'unpriv' => '-',
+ 'chroot' => 'n',
+ 'wakeup' => '-',
+ 'maxproc' => '-',
+ 'command' => 'smtpd',
+ 'options' => { 'content_filte' => 'amavis:[127.0.0.1]:10026',
+ 'smtpd_recipient_restrictions' => 'permit_sasl_authenticated,permit_mynetworks,reject' }
+ }) )
+ {
+ print "ERROR in modifyService()\n";
+ }
+}
+
+$msc->writeMasterCF();
+#!/usr/bin/perl
+
+BEGIN { push @INC, "/usr/lib/YaST2/servers_non_y2"; }
+
+use strict;
+use MasterCFParser;
+my $DOMAIN=`postconf -h mydomain`;
+chomp $DOMAIN;
+
+if( ! "$DOMAIN" ) {
+ print "Bad postfix configuration. mydomain can not be detected";
+ exit 1;
+}
+
+#Generate the key
+if( ! -e "/var/db/dkim/$DOMAIN.pem" ){
+ print "Creating /var/db/dkim/$DOMAIN.pem\n";
+ system( "mkdir -p /var/db/dkim/; amavisd genrsa /var/db/dkim/$DOMAIN.pem");
+}
+
+#Introduce key into /etc/amavisd.conf
+my $amavisd = "";
+my $enable_dkim_signing = 0;
+open IN, "</etc/amavisd.conf";
+while(<IN>)
+{
+ if( /^\$inet_socket_port/ )
+ {
+ $amavisd .= '$inet_socket_port = [10024,10026];'."\n";
+ next;
+ }
+ if( /^\$enable_dkim_signing/ )
+ {
+ $amavisd .= '$enable_dkim_signing = 1;'."\n";
+ $enable_dkim_signing = 1;
+ next;
+ }
+ if( $enable_dkim_signing )
+ {
+ my $dkim = "dkim_key('$DOMAIN', 'default', '/var/db/dkim/$DOMAIN.pem');";
+ if( ! /dkim_key\('$DOMAIN', 'default'/ )
+ {
+ $amavisd .= "$dkim\n$_";
+ next;
+ }
+ $enable_dkim_signing = 0;
+ }
+ $amavisd .= $_;
+}
+close IN;
+system("cp /etc/amavisd.conf /etc/amavisd.conf.backup");
+open OUT, ">/etc/amavisd.conf";
+print OUT $amavisd;
+close OUT;
+
+#Now we adapt master.cf
+my $msc = new MasterCFParser();
+$msc->readMasterCF();
+
+if( ! $msc->serviceExists( { service => 'submission' , command => 'smtpd' } ))
+{
+ if( $msc->addService( { 'service' => 'submission',
+ 'type' => 'inet',
+ 'private' => 'n',
+ 'unpriv' => '-',
+ 'chroot' => 'n',
+ 'wakeup' => '-',
+ 'maxproc' => '-',
+ 'command' => 'smtpd',
+ 'options' => { 'content_filte' => 'amavis:[127.0.0.1]:10026',
+ 'smtpd_recipient_restrictions' => 'permit_sasl_authenticated,permit_mynetworks,reject' }
+ }) )
+ {
+ print "ERROR in addService()\n";
+ }
+}
+else
+{
+ if( $msc->modifyService( { 'service' => 'submission',
+ 'type' => 'inet',
+ 'private' => 'n',
+ 'unpriv' => '-',
+ 'chroot' => 'n',
+ 'wakeup' => '-',
+ 'maxproc' => '-',
+ 'command' => 'smtpd',
+ 'options' => { 'content_filte' => 'amavis:[127.0.0.1]:10026',
+ 'smtpd_recipient_restrictions' => 'permit_sasl_authenticated,permit_mynetworks,reject' }
+ }) )
+ {
+ print "ERROR in modifyService()\n";
+ }
+}
+
+$msc->wramavisiteMasterCF();
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-mail-2.21.1/configure new/yast2-mail-2.21.1/configure
--- old/yast2-mail-2.21.1/configure 2011-10-04 10:35:20.000000000 +0200
+++ new/yast2-mail-2.21.1/configure 2011-07-28 10:32:55.000000000 +0200
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.68 for yast2-mail 2.21.1.
+# Generated by GNU Autoconf 2.68 for yast2-mail 2.20.0.
#
# Report bugs to <http://bugs.opensuse.org/>.
#
@@ -559,8 +559,8 @@
# Identity of this package.
PACKAGE_NAME='yast2-mail'
PACKAGE_TARNAME='yast2-mail'
-PACKAGE_VERSION='2.21.1'
-PACKAGE_STRING='yast2-mail 2.21.1'
+PACKAGE_VERSION='2.20.0'
+PACKAGE_STRING='yast2-mail 2.20.0'
PACKAGE_BUGREPORT='http://bugs.opensuse.org/'
PACKAGE_URL=''
@@ -1231,7 +1231,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures yast2-mail 2.21.1 to adapt to many kinds of systems.
+\`configure' configures yast2-mail 2.20.0 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1302,7 +1302,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of yast2-mail 2.21.1:";;
+ short | recursive ) echo "Configuration of yast2-mail 2.20.0:";;
esac
cat <<\_ACEOF
@@ -1382,7 +1382,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-yast2-mail configure 2.21.1
+yast2-mail configure 2.20.0
generated by GNU Autoconf 2.68
Copyright (C) 2010 Free Software Foundation, Inc.
@@ -1399,7 +1399,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by yast2-mail $as_me 2.21.1, which was
+It was created by yast2-mail $as_me 2.20.0, which was
generated by GNU Autoconf 2.68. Invocation command line was
$ $0 $@
@@ -2329,7 +2329,7 @@
# Define the identity of the package.
PACKAGE='yast2-mail'
- VERSION='2.21.1'
+ VERSION='2.20.0'
cat >>confdefs.h <<_ACEOF
@@ -2451,7 +2451,7 @@
-VERSION="2.21.1"
+VERSION="2.20.0"
RPMNAME="yast2-mail"
MAINTAINER="Peter Varkoly <varkoly(a)novell.com>"
@@ -3470,7 +3470,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by yast2-mail $as_me 2.21.1, which was
+This file was extended by yast2-mail $as_me 2.20.0, which was
generated by GNU Autoconf 2.68. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -3523,7 +3523,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-yast2-mail config.status 2.21.1
+yast2-mail config.status 2.20.0
configured by $0, generated by GNU Autoconf 2.68,
with options \\"\$ac_cs_config\\"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-mail-2.21.1/configure.in new/yast2-mail-2.21.1/configure.in
--- old/yast2-mail-2.21.1/configure.in 2011-10-04 10:35:18.000000000 +0200
+++ new/yast2-mail-2.21.1/configure.in 2011-07-28 10:32:52.000000000 +0200
@@ -1,9 +1,9 @@
dnl configure.in for yast2-mail
dnl
-dnl -- This file is generated by y2autoconf 2.21.2 - DO NOT EDIT! --
+dnl -- This file is generated by y2autoconf 2.18.11 - DO NOT EDIT! --
dnl (edit configure.in.in instead)
-AC_INIT(yast2-mail, 2.21.1, http://bugs.opensuse.org/, yast2-mail)
+AC_INIT(yast2-mail, 2.20.0, http://bugs.opensuse.org/, yast2-mail)
dnl Check for presence of file 'RPMNAME'
AC_CONFIG_SRCDIR([RPMNAME])
@@ -18,7 +18,7 @@
AM_INIT_AUTOMAKE(tar-ustar -Wno-portability)
dnl Important YaST2 variables
-VERSION="2.21.1"
+VERSION="2.20.0"
RPMNAME="yast2-mail"
MAINTAINER="Peter Varkoly <varkoly(a)novell.com>"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-mail-2.21.1/src/Mail.ycp new/yast2-mail-2.21.1/src/Mail.ycp
--- old/yast2-mail-2.21.1/src/Mail.ycp 2011-10-04 10:34:51.000000000 +0200
+++ new/yast2-mail-2.21.1/src/Mail.ycp 2011-10-26 09:33:42.000000000 +0200
@@ -11,7 +11,7 @@
* Authors:
* Martin Vidner <mvidner(a)suse.cz>
*
- * $Id: Mail.ycp 63072 2011-01-04 11:19:49Z lslezak $
+ * $Id: Mail.ycp 66587 2011-10-26 07:33:40Z varkoly $
*
* Representation of the configuration of mail.
* Input and output routines.
@@ -79,14 +79,16 @@
/**
* Use a virus scanner (AMaViS).
* amavisd-new (mta-independent) must be installed.
- * It will be installed if amavis_allowed and it is not installed.
+ * It will be installed if is not installed.
*/
global boolean use_amavis = false;
/**
- * Is amavis available on the installation media?
+ * Use a DKIM for outgoing email.
+ * If it is enabled AMaViS will be enabled too.
*/
- global boolean amavis_allowed = true;
+ global boolean use_dkim = false;
+
/**
* Domains for locally delivered mail.
@@ -169,6 +171,12 @@
*/
boolean enable_smtp_auth = false;
+ /**
+ * Sysconfig setting which contains the email address which will
+ * be applied as sender for system mails
+ */
+ global string system_mail_sender = "";
+
/* ---------------------------------------------------------------- */
// constants
@@ -440,11 +448,8 @@
}
// amavis
- string amavis_pkg = "amavisd-new";
- amavis_allowed = PackageSystem::Installed (amavis_pkg) ||
- Mode::commandline ();
- // || PackageSystem::Available (amavis_pkg);
- use_amavis = amavis_allowed && (SCR::Read (.sysconfig.amavis.USE_AMAVIS) == "yes");
+ use_amavis = (SCR::Read (.sysconfig.amavis.USE_AMAVIS) == "yes");
+ use_dkim = use_amavis && (SCR::Read (.sysconfig.amavis.USE_DKIM) == "yes");
// local_domains
string ld_s = "";
@@ -668,8 +673,8 @@
create_config = true;
listen_remote = true;
connection_type = `dialup;
- amavis_allowed = true;
use_amavis = true;
+ use_dkim = true;
// good example?
local_domains = ["branch1.example.com", "branch2.example.com"];
outgoing_mail_server = "mail.example.com";
@@ -1096,7 +1101,7 @@
else if (mta == `postfix)
{
ret = (integer)
- SCR::Execute(.target.bash, "/sbin/SuSEconfig --module postfix");
+ SCR::Execute(.target.bash, "/usr/sbin/SuSEconfig.postfix");
}
else
{
@@ -1129,6 +1134,10 @@
return false;
}
}
+ if (use_dkim)
+ {
+ SCR::Execute(.target.bash, "/usr/lib/YaST2/servers_non_y2/setup_dkim_verifying.pl");
+ }
}
Service::Stop ("fetchmail");
@@ -1287,22 +1296,26 @@
});
mta = settings["mta"]: `other;
- connection_type = settings["connection_type"]: `none;
- listen_remote = settings["listen_remote"]: false;
- use_amavis = settings["use_amavis"]: false;
- local_domains = settings["local_domains"]: [];
+ connection_type = settings["connection_type"]: `none;
+ listen_remote = settings["listen_remote"]: false;
+ use_amavis = settings["use_amavis"]: false;
+ use_dkim = settings["use_dkim"]: false;
+ local_domains = settings["local_domains"]: [];
outgoing_mail_server = settings["outgoing_mail_server"]: "";
- postfix_mda = settings["postfix_mda"]: `local;
- from_header = settings["from_header"]: "";
+ postfix_mda = settings["postfix_mda"]: `local;
+ from_header = settings["from_header"]: "";
masquerade_other_domains = settings["masquerade_other_domains"]: [];
- masquerade_users = settings["masquerade_users"]: [];
- fetchmail = settings["fetchmail"]: [];
+ masquerade_users = settings["masquerade_users"]: [];
+ fetchmail = settings["fetchmail"]: [];
MailAliases::aliases = settings["aliases"]: [];
MailAliases::FilterRootAlias ();
-// MailAliases::merge_aliases = settings["merge_aliases"]: false;
- virtual_users = settings["virtual_users"]: [];
- smtp_use_TLS = settings["smtp_use_TLS"]: "yes";
- smtp_auth = settings["smtp_auth"]: [];
+ virtual_users = settings["virtual_users"]: [];
+ smtp_use_TLS = settings["smtp_use_TLS"]: "yes";
+ smtp_auth = settings["smtp_auth"]: [];
+ system_mail_sender = settings["system_mail_sender"]:"";
+ if( use_dkim ) {
+ use_amavis = true;
+ }
y2debug ("after %1", settings); // may contain passwords
return true;
}
@@ -1319,6 +1332,7 @@
"connection_type": connection_type,
"listen_remote": listen_remote,
"use_amavis": use_amavis,
+ "use_dkim" : use_dkim,
"local_domains": local_domains,
"outgoing_mail_server": outgoing_mail_server,
"from_header": from_header,
@@ -1330,6 +1344,7 @@
"virtual_users": virtual_users,
"smtp_auth": smtp_auth,
"smtp_use_TLS": smtp_use_TLS,
+ "system_mail_sender":system_mail_sender,
];
if (mta == `postfix)
{
@@ -1434,18 +1449,13 @@
summary = summary + ListItem (_("Masquerade Users"), masquerade_users, "user");
// summary header
summary = Summary::AddHeader(summary, _("Accept remote SMTP connections"));
- summary = Summary::AddLine(summary, (listen_remote) ?
- // summary item
- _("Yes") :
- // summary item
- _("No"));
+ summary = Summary::AddLine(summary, (listen_remote) ? _("Yes") : _("No"));
// summary header
summary = Summary::AddHeader(summary, _("Use AMaViS"));
- summary = Summary::AddLine(summary, (use_amavis) ?
- // summary item
- _("Yes") :
- // summary item
- _("No"));
+ summary = Summary::AddLine(summary, (use_amavis) ? _("Yes") : _("No"));
+ // summary header
+ summary = Summary::AddHeader(summary, _("Use DKIM"));
+ summary = Summary::AddLine(summary, (use_dkim) ? _("Yes") : _("No"));
// summary item
summary = summary + ListItem (_("Fetchmail"), fetchmail, "server");
// summary item
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-mail-2.21.1/src/mail-server_dialogs.ycp new/yast2-mail-2.21.1/src/mail-server_dialogs.ycp
--- old/yast2-mail-2.21.1/src/mail-server_dialogs.ycp 2011-10-04 10:34:51.000000000 +0200
+++ new/yast2-mail-2.21.1/src/mail-server_dialogs.ycp 2011-10-26 09:30:57.000000000 +0200
@@ -40,7 +40,6 @@
boolean ldap_server_local = false;
string comment = "";
Ldap::Read();
- Ldap::LDAPInit();
map<string, any> LDAPSettings = (map <string, any>) Ldap::Export();
list args = [];
integer size1 = (integer)SCR::Read(.target.size, "/etc/ssl/servercerts/servercert.pem");
@@ -140,6 +139,11 @@
//write the settings:
Ldap::Write(abort_block);
}
+ else
+ {
+ Ldap::LDAPInit();
+ }
+
MailServer::AdminPassword = Ldap::LDAPAskAndBind(false);
if( MailServer::AdminPassword != nil )
{
@@ -1373,7 +1377,7 @@
{
SMT = "NONE";
}
- MailServer::GlobalSettings["SendingMail","Type"] = UI::QueryWidget(`id(`SendingMailType), `CurrentButton);
+ MailServer::GlobalSettings["SendingMail","Type"] = SMT;
MailServer::GlobalSettings["SendingMail","TLS"] = UI::QueryWidget(`id(`SendingMailTLS), `CurrentButton);
MailServer::GlobalSettings["SendingMail","RelayHost","Name"] = "";
MailServer::GlobalSettings["SendingMail","RelayHost","Auth"] = "0";
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-mail-2.21.1/src/mail.ycp new/yast2-mail-2.21.1/src/mail.ycp
--- old/yast2-mail-2.21.1/src/mail.ycp 2011-10-04 10:34:51.000000000 +0200
+++ new/yast2-mail-2.21.1/src/mail.ycp 2011-10-26 09:33:42.000000000 +0200
@@ -12,12 +12,22 @@
* Peter Varkoly <varkoly(a)novell.com>
* Martin Vidner <mvidner(a)suse.cz>
*
- * $Id: mail.ycp 66159 2011-09-29 10:48:16Z visnov $
+ * $Id: mail.ycp 66587 2011-10-26 07:33:40Z varkoly $
*
* Main file for mail configuration. Uses all other files.
*
*/
+/**
+ * @param flag "<b>permanent</b>", "<b>dialup</b>", or "<b>screenshots</b>"<br>
+ * <dl>
+ * <dt>permanent<dd>preselects permanent connnection
+ * <dt>dialup<dd>preselects dial-up connnection
+ * <dt>screenshots
+ * <dd>uses faked data (see Mail::Fake), enables running the module
+ * as non-root. (Uses Mode::screen_shot().)
+ * </dl>
+ */
{
/***
* <h3>Configuration of the mail</h3>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-mail-2.21.1/src/ui.ycp new/yast2-mail-2.21.1/src/ui.ycp
--- old/yast2-mail-2.21.1/src/ui.ycp 2011-10-04 10:34:51.000000000 +0200
+++ new/yast2-mail-2.21.1/src/ui.ycp 2011-10-26 09:33:42.000000000 +0200
@@ -11,7 +11,7 @@
* Authors:
* Martin Vidner <mvidner(a)suse.cz>
*
- * $Id: ui.ycp 66159 2011-09-29 10:48:16Z visnov $
+ * $Id: ui.ycp 66587 2011-10-26 07:33:40Z varkoly $
*
* All user interface functions.
*
@@ -230,7 +230,8 @@
list widgets = [];
- symbol ct = Mail::connection_type;
+ symbol ct = Mail::connection_type;
+ boolean ama = Mail::use_amavis;
if (preselect_connection_type != nil)
{
ct = preselect_connection_type;
@@ -248,33 +249,26 @@
// Translators: radio button label
`RadioButton (`id (`permanent), `opt (`notify), _("&Permanent"), ct == `permanent),
// Translators: radio button label
- `RadioButton (`id (`dialup), `opt (`notify), _("&Dial-up"), ct == `dialup),
+ `RadioButton (`id (`dialup), `opt (`notify), _("&Dial-up"), ct == `dialup),
// Translators: radio button label
- `RadioButton (`id (`none), `opt (`notify), _("No &connection"), ct == `none),
- // Translators: radio button label
- `RadioButton (`id (`nodaemon), `opt (`notify), _("Do not start Postfix as Daemon"), ct == `nodaemon),
+ `RadioButton (`id (`none), `opt (`notify), _("No &connection"), ct == `none),
+ // Translators: radio button label
+ `RadioButton (`id (`nodaemon), `opt (`notify), _("Do not start Postfix as Daemon"), ct == `nodaemon),
]
)
);
- boolean amavis_allowed = Mail::amavis_allowed;
-
- term amavis_t = nil;
- if (amavis_allowed)
- {
- amavis_t = `Left (WJ_MakeWidget (`use_amavis));
- widgets = add (widgets, `use_amavis);
- }
- else
- {
- amavis_t = `Empty (`id (`use_amavis));
- }
+ term amavis_t = `Left (WJ_MakeWidget (`use_amavis));
+ widgets = add (widgets, `use_amavis);
+ term dkim_t = `Left (WJ_MakeWidget (`use_dkim));
+ widgets = add (widgets, `use_dkim);
contents = `HSquash (
`VBox (
contents,
`VSpacing (1),
- amavis_t
+ amavis_t,
+ dkim_t
)
);
@@ -286,25 +280,38 @@
any ret = nil;
while (true)
{
- ct = (symbol) UI::QueryWidget (`id (`ctg), `CurrentButton);
+ ct = (symbol) UI::QueryWidget (`id (`ctg), `CurrentButton);
if (ct == `permanent || ct == `dialup)
{
UI::ChangeWidget (`id (`use_amavis), `Enabled, true);
+ UI::ChangeWidget (`id (`use_dkim), `Enabled, true);
Wizard::RestoreNextButton();
- //argh, slow
- //Wizard::RestoreNextButton ();
- }
- else if (ct == `nodaemon)
- {
- UI::ChangeWidget (`id (`use_amavis), `Value, false);
- UI::ChangeWidget (`id (`use_amavis), `Enabled, false);
}
+ else if (ct == `nodaemon)
+ {
+ UI::ChangeWidget (`id (`use_amavis), `Value, false);
+ UI::ChangeWidget (`id (`use_amavis), `Enabled, false);
+ UI::ChangeWidget (`id (`use_dkim), `Value, false);
+ UI::ChangeWidget (`id (`use_dkim), `Enabled, false);
+ }
else if (ct == `none)
{
UI::ChangeWidget (`id (`use_amavis), `Value, false);
UI::ChangeWidget (`id (`use_amavis), `Enabled, false);
+ UI::ChangeWidget (`id (`use_dkim), `Value, false);
+ UI::ChangeWidget (`id (`use_dkim), `Enabled, false);
Wizard::SetNextButton(`next, Label::FinishButton() );
}
+ ama = (boolean) UI::QueryWidget (`id (`use_amavis), `Value);
+ if(ama)
+ {
+ UI::ChangeWidget (`id (`use_dkim), `Enabled, true);
+ }
+ else
+ {
+ UI::ChangeWidget (`id (`use_dkim), `Value, false);
+ UI::ChangeWidget (`id (`use_dkim), `Enabled, false);
+ }
ret = UI::UserInput ();
if (ret == `cancel)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-mail-2.21.1/src/widgets.ycp new/yast2-mail-2.21.1/src/widgets.ycp
--- old/yast2-mail-2.21.1/src/widgets.ycp 2011-10-04 10:34:51.000000000 +0200
+++ new/yast2-mail-2.21.1/src/widgets.ycp 2011-10-26 09:33:42.000000000 +0200
@@ -11,7 +11,7 @@
* Authors:
* Martin Vidner <mvidner(a)suse.cz>
*
- * $Id: widgets.ycp 58152 2009-07-24 14:00:39Z varkoly $
+ * $Id: widgets.ycp 66587 2011-10-26 07:33:40Z varkoly $
*/
{
@@ -356,6 +356,23 @@
Mail::use_amavis = am;
}
+/**
+ * @return a variable to be used by a widget
+ */
+define boolean Get_use_dkim () ``{
+ return Mail::use_dkim;
+}
+
+/**
+ * Set a variable acording to widget value
+ * @param id widget id
+ */
+define void Set_use_dkim (symbol id) ``{
+ boolean dkim = (boolean) UI::QueryWidget (`id (id), `Value);
+ Mail::Touch (Mail::use_dkim != dkim);
+ Mail::use_dkim = dkim;
+}
+
/**
* @return a variable to be used by a widget
@@ -715,12 +732,19 @@
"widget": `CheckBox (),
// checkbox label
"label": _("&Enable virus scanning (AMaViS)"),
+ // we need notify option to enable disable dkim
+ "opt" : `opt (`notify),
// help text
"help": _("
-<p>Enabling virus scanning checks incoming and outgoing mail
+<p><b>Enabling virus scanning (AMaViS)</b> checks incoming and outgoing mail
with AMaViS.</p>
")
// help text
++ _("<p>Enabling AMaViS will also enable the following modules: </p>
+<p><b>Spamassassin</b> SPAM scanner</p>
+<p><b>DKIM</b> checks Domain Key signed incomming mails</p>
+<p><b>Clamav</b> open source virus scanner engine</p>")
+ // help text
+ _("
<p>If AMaViS is not installed and you want to use it, it will be installed
automatically.</p>
@@ -728,6 +752,38 @@
"get": Get_use_amavis,
"set": Set_use_amavis,
],
+ `use_dkim: $[
+ "widget": `CheckBox (),
+ // checkbox label
+ "label": _("&Enable DKIM signing for outgoing mails."),
+ // help text
+ "help": _("
+<p><b>Enabling DKIM signig for outgoing mails.</b></p>
+")
+ // help text
++ _("
+<p>Enabling DKIM for outgoing emails requires additional actions. A SSL key
+will be generated for the 'mydomain'-value defined in postfix. A new service
+'submission' will be configured in postfix. After this is set up you can send
+email with this service 'submission' from 'mynetworks' with enabled SASL
+authentication. Only the emails sent by this new service will be signed with
+the domain key.</p>
+") +
+ // help text
+ _("
+<p>The public key of the domain key needs to be offered by a Domain Name
+Service. The public key will be saved as a DNS TXT record
+into <b>/var/db/dkim/[mydomain].public.txt</b> and needs to be deployed to an
+according Domain Name Service. If there is a name service
+running on this server, which is the authoritative server for that domain the
+public key will be added as a TXT record to that domain zone
+automatically.</p>
+") +
+ // help text
+ _("Enabling DKIM support the virus scanning (AMaViS) will be enabled too."),
+ "get": Get_use_dkim,
+ "set": Set_use_dkim,
+ ],
`fm_server: $[
"widget": `TextEntry (),
// Translators: text entry label
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package xorg-x11 for openSUSE:12.1:Update:Test checked in at 2012-01-03 17:44:50
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:12.1:Update:Test/xorg-x11 (Old)
and /work/SRC/openSUSE:12.1:Update:Test/.xorg-x11.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "xorg-x11", Maintainer is "sndirsch(a)suse.com"
Changes:
--------
--- /work/SRC/openSUSE:12.1:Update:Test/xorg-x11/xorg-x11.changes 2012-01-03 17:44:56.000000000 +0100
+++ /work/SRC/openSUSE:12.1:Update:Test/.xorg-x11.new/xorg-x11.changes 2012-01-03 17:44:56.000000000 +0100
@@ -1,0 +2,6 @@
+Mon Jan 2 09:55:04 UTC 2012 - sndirsch(a)suse.com
+
+- Add ntp service to should-start in /etc/init.d/xdm in file
+ xdm.tar.bz2 to prevent conflict between kdm3 and ntp (bnc#728846)
+
+-------------------------------------------------------------------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ xorg-x11.spec ++++++
--- /var/tmp/diff_new_pack.rQlYuX/_old 2012-01-03 17:44:57.000000000 +0100
+++ /var/tmp/diff_new_pack.rQlYuX/_new 2012-01-03 17:44:57.000000000 +0100
@@ -1,7 +1,7 @@
#
# spec file for package xorg-x11
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
++++++ xdm.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/etc/init.d/xdm new/etc/init.d/xdm
--- old/etc/init.d/xdm 2011-09-02 09:27:16.000000000 +0200
+++ new/etc/init.d/xdm 2012-01-02 10:54:48.000000000 +0100
@@ -15,8 +15,8 @@
# Provides: xdm
# Required-Start: $remote_fs dbus
# Required-Stop: $remote_fs
-# Should-Start: ypbind $syslog gpm firstboot kbd resmgr earlyxdm winbind acpid
-# Should-Stop: ypbind $syslog gpm firstboot kbd resmgr earlyxdm winbind acpid
+# Should-Start: ypbind $syslog gpm firstboot kbd resmgr earlyxdm winbind acpid ntp
+# Should-Stop: ypbind $syslog gpm firstboot kbd resmgr earlyxdm winbind acpid ntp
# Default-Start: 5
# Default-Stop:
# Description: X Display Manager
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package pinpoint for openSUSE:12.1:Update:Test checked in at 2012-01-03 17:44:38
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:12.1:Update:Test/pinpoint (Old)
and /work/SRC/openSUSE:12.1:Update:Test/.pinpoint.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pinpoint", Maintainer is ""
Changes:
--------
New Changes file:
--- /dev/null 2010-08-26 16:28:41.000000000 +0200
+++ /work/SRC/openSUSE:12.1:Update:Test/.pinpoint.new/pinpoint.changes 2012-01-03 17:44:39.000000000 +0100
@@ -0,0 +1,44 @@
+-------------------------------------------------------------------
+Mon Jan 2 02:39:42 UTC 2012 - glin(a)suse.com
+
+- Add pinpoint-racy-video-frame.patch to fix the segfault when
+ rendering the video thumbnail on the speaker screen
+ (bnc#739092, bgo#665756)
+
+-------------------------------------------------------------------
+Sun Sep 11 01:51:24 UTC 2011 - gregkh(a)suse.de
+
+- Add pinpoint-speakerview.patch: brings the code to latest git.
+ This adds the speaker view feature (and various bug fixes).
+
+-------------------------------------------------------------------
+Fri Aug 12 19:49:23 UTC 2011 - dimstar(a)opensuse.org
+
+- Change License tag to LGPL-2.1+
+- Better summaries and descriptions
+- Also package AUTHORS.
+
+-------------------------------------------------------------------
+Mon May 23 13:14:57 UTC 2011 - awafaa(a)opensuse.org
+
+- Update to version 0.1.2:
+ + New background scaling type 'stretch'
+ + Handle relative paths fully
+ + Added '.mkv' to list of video extensions
+ + Only treat # at start of line as comments
+ + Improve documentation
+ + Distribute ClutterScript based transitions in tarball
+
+-------------------------------------------------------------------
+Fri May 20 14:32:06 UTC 2011 - awafaa(a)opensuse.org
+
+- Initial package, version 0.1.0:
+ + Initial feature set:
+ - Positioning of text
+ - image backgrounds
+ - video backgrounds
+ - transitions
+ - pdf export
+ - running of commands
+ - editing of commands
+ - live updating when source changes
New:
----
_link
pinpoint-0.1.2.tar.bz2
pinpoint-racy-video-frame.patch
pinpoint-speakerview.patch
pinpoint.changes
pinpoint.spec
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ pinpoint.spec ++++++
#
# spec file for package pinpoint
#
# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: pinpoint
Version: 0.1.2
Release: 3
License: LGPL-2.1+
Summary: Simple Presentation Tool for Excellent Presentations
Url: http://live.gnome.org/Pinpoint
Group: Productivity/Publishing/Presentation
Source: http://ftp.gnome.org/pub/GNOME/sources/pinpoint/0.1/%{name}-%{version}.tar.…
# PATCH-FEATURE-UPSTREAM pinpoint-speakerview.patch -- Taken from git, add the speaker view feature
Patch1: pinpoint-speakerview.patch
# PATCH-FIX-UPSTREAM pinpoint-racy-video-frame.patch bnc#739092,bgo#665756 glin(a)suse.com -- Fix crash when rendering the video thumbnail on the speaker screen
Patch2: pinpoint-racy-video-frame.patch
BuildRequires: pkgconfig(cairo-pdf)
BuildRequires: pkgconfig(clutter-1.0)
BuildRequires: pkgconfig(clutter-gst-1.0)
BuildRequires: pkgconfig(gdk-pixbuf-2.0)
BuildRequires: pkgconfig(gio-2.0)
BuildRequires: pkgconfig(librsvg-2.0)
BuildRequires: pkgconfig(pangocairo)
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
Pinpoint a simple presentation tool that hopes to avoid audience death
by bullet point and instead encourage presentations containing beautiful
images and small amounts of concise text in slides.
%prep
%setup -q
%patch1 -p1
%patch2 -p1
%build
%configure
make %{?_smp_mflags}
%install
%make_install
%clean
%{?buildroot:%__rm -rf %{buildroot}}
%files
%defattr(-,root,root)
%doc AUTHORS COPYING NEWS README
%{_bindir}/pinpoint
%{_datadir}/pinpoint/
%changelog
++++++ _link ++++++
<link project="openSUSE:12.1" package="pinpoint" baserev="c56cd979079aca884ae05d92d2193916">
<patches>
<branch/>
</patches>
</link>
++++++ pinpoint-racy-video-frame.patch ++++++
>From 591e97ad8c787a257db1eebfb8e1cc2098a02014 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <chingpang(a)gmail.com>
Date: Fri, 30 Dec 2011 18:04:37 +0800
Subject: [PATCH] Skip the frames until the previous frame is rendered
Rendering the thumbnail of the video file may takes longer than
15 milliseconds, and pinpoint would crash when there are more than
2 threads to render the frames.
https://bugzilla.gnome.org/show_bug.cgi?id=665756
---
pp-clutter.c | 13 ++++++++++++-
1 files changed, 12 insertions(+), 1 deletions(-)
diff --git a/pp-clutter.c b/pp-clutter.c
index 1136033..f4ad00a 100644
--- a/pp-clutter.c
+++ b/pp-clutter.c
@@ -1638,11 +1638,18 @@ static gboolean update_speaker_screen (ClutterRenderer *renderer)
return FALSE;
point = pp_slidep->data;
+ static gboolean is_updated = TRUE;
static float current_slide_time = 0.0;
static float current_slide_duration = 0.0;
static GList *current_slide = NULL;
float nh, nw;
+ /* Skip this update since the previous one isn't finished */
+ if (!is_updated)
+ return TRUE;
+
+ is_updated = FALSE;
+
if (renderer->reset)
{
current_slide = NULL;
@@ -1708,7 +1715,7 @@ static gboolean update_speaker_screen (ClutterRenderer *renderer)
}
if (!renderer->speaker_mode)
- return TRUE;
+ goto out;
if (point->speaker_notes)
clutter_text_set_text (CLUTTER_TEXT (renderer->speaker_notes),
@@ -1874,6 +1881,10 @@ static gboolean update_speaker_screen (ClutterRenderer *renderer)
nh * 0.35);
clutter_actor_set_width (renderer->speaker_notes,
nw * 0.5);
+
+out:
+ is_updated = TRUE;
+
return TRUE;
}
--
1.7.7
++++++ pinpoint-speakerview.patch ++++++
++++ 3607 lines (skipped)
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package nfs-utils for openSUSE:12.1:Update:Test checked in at 2012-01-03 17:44:21
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:12.1:Update:Test/nfs-utils (Old)
and /work/SRC/openSUSE:12.1:Update:Test/.nfs-utils.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "nfs-utils", Maintainer is "NFBrown(a)suse.com"
Changes:
--------
--- /work/SRC/openSUSE:12.1:Update:Test/nfs-utils/nfs-utils.changes 2012-01-03 17:44:21.000000000 +0100
+++ /work/SRC/openSUSE:12.1:Update:Test/.nfs-utils.new/nfs-utils.changes 2012-01-03 17:44:23.000000000 +0100
@@ -1,0 +2,10 @@
+Tue Jan 3 04:19:14 UTC 2012 - nfbrown(a)suse.com
+
+- conffile.patch - fix parsing of idmapd.conf
+ (bnc#732354)
+- bg-mount-timeout.patch - fix use of 'bg' option
+- IO-possible.patch - Fix bug that causes rpc.idmpa.d to die
+- mount-err.patch - fix interpretion of different error
+ codes when mounting
+
+-------------------------------------------------------------------
New:
----
IO-possible.patch
bg-mount-timeout.patch
conffile.patch
mount-err.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ nfs-utils.spec ++++++
--- /var/tmp/diff_new_pack.1ST1eU/_old 2012-01-03 17:44:23.000000000 +0100
+++ /var/tmp/diff_new_pack.1ST1eU/_new 2012-01-03 17:44:23.000000000 +0100
@@ -1,7 +1,7 @@
#
# spec file for package nfs-utils
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -55,6 +55,10 @@
Patch0: nfs-utils-1.0.7-bind-syntax.patch
Patch1: warn-nfs-udp.patch
Patch2: nfs-utils-page_size.patch
+Patch3: conffile.patch
+Patch4: bg-mount-timeout.patch
+Patch5: IO-possible.patch
+Patch6: mount-err.patch
Suggests: python-base
%description
@@ -135,6 +139,10 @@
%patch0 -p1
%patch1 -p1
%patch2
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
cp %{S:6} .
%build
++++++ IO-possible.patch ++++++
>From 8f065a26d49eabebc3995b8f6966b15ef7553b3e Mon Sep 17 00:00:00 2001
From: Luca Giuzzi <luca.giuzzi(a)gmail.com>
Date: Tue, 4 Oct 2011 13:35:06 -0400
Subject: [PATCH] rpc.idmapd: Dies with 'I/O possible'
We have had problems on some of our machines (all Fedora 14), where
rpc.idmapd used to die with an `I/O possible' message at (basically)
random times. A strace suggested the issue being in nfsopen() where a
signal type is reset before notification is disabled; a signal at just
the right time might be the cause of the problem; see
https://bugzilla.redhat.com/show_bug.cgi?id=684308
Reviewed-by: Jeff Layton <jlayton(a)redhat.com>
Signed-off-by: Steve Dickson <steved(a)redhat.com>
diff --git a/utils/idmapd/idmapd.c b/utils/idmapd/idmapd.c
index 19d9114..e80efb4 100644
--- a/utils/idmapd/idmapd.c
+++ b/utils/idmapd/idmapd.c
@@ -778,8 +778,8 @@ nfsopen(struct idmap_client *ic)
} else {
event_set(&ic->ic_event, ic->ic_fd, EV_READ, nfscb, ic);
event_add(&ic->ic_event, NULL);
- fcntl(ic->ic_dirfd, F_SETSIG, 0);
fcntl(ic->ic_dirfd, F_NOTIFY, 0);
+ fcntl(ic->ic_dirfd, F_SETSIG, 0);
if (verbose > 0)
xlog_warn("Opened %s", ic->ic_path);
}
++++++ bg-mount-timeout.patch ++++++
>From 6fbbb73f08a8f685a323b2d5221f3e8b87ebba68 Mon Sep 17 00:00:00 2001
From: Steve Dickson <steved(a)redhat.com>
Date: Mon, 5 Dec 2011 09:48:46 -0500
Subject: [PATCH] mount.nfs: Background mounts failing on time out errors.
Mounting with the "-o v3,bg,proto=udp" options will
fail, instead of retrying, when the server is down.
The reason being nfs_rewrite_pmap_mount_options()
does not interrupt RPC timeouts correctly.
Signed-off-by: Steve Dickson <steved(a)redhat.com>
diff --git a/utils/mount/stropts.c b/utils/mount/stropts.c
index 4032bf3..d52e21a 100644
--- a/utils/mount/stropts.c
+++ b/utils/mount/stropts.c
@@ -540,6 +540,8 @@ nfs_rewrite_pmap_mount_options(struct mount_options *options)
errno = EOPNOTSUPP;
else if (rpc_createerr.cf_stat == RPC_AUTHERROR)
errno = EACCES;
+ else if (rpc_createerr.cf_stat == RPC_TIMEDOUT)
+ errno = ETIMEDOUT;
else if (rpc_createerr.cf_error.re_errno != 0)
errno = rpc_createerr.cf_error.re_errno;
return 0;
++++++ conffile.patch ++++++
>From d22ef3f525d71b565fcc688557273a6cabeeb71a Mon Sep 17 00:00:00 2001
From: Steve Dickson <steved(a)redhat.com>
Date: Mon, 14 Nov 2011 09:54:47 -0500
Subject: [PATCH] rpc.idmapd: Sections in idmapd.conf are ignored.
In the parsing routine, conf_parse_line(), a string
is not being null terminated which is causing
section of the config file to be ignored.
https://bugzilla.linux-nfs.org/show_bug.cgi?id=205
Signed-off-by: Steve Dickson <steved(a)redhat.com>
diff --git a/support/nfs/conffile.c b/support/nfs/conffile.c
index fa0dc6b..3990578 100644
--- a/support/nfs/conffile.c
+++ b/support/nfs/conffile.c
@@ -256,13 +256,14 @@ conf_parse_line(int trans, char *line, size_t sz)
val++, j++;
if (*val)
i = j;
- section = malloc(i);
+ section = malloc(i+1);
if (!section) {
xlog_warn("conf_parse_line: %d: malloc (%lu) failed", ln,
(unsigned long)i);
return;
}
strncpy(section, line, i);
+ section[i] = '\0';
if (arg)
free(arg);
++++++ mount-err.patch ++++++
>From 9da66f8898a69b77121a4f2ae785e9cd29e94e6c Mon Sep 17 00:00:00 2001
From: Yang Bai <hamo.by(a)gmail.com>
Date: Tue, 18 Oct 2011 11:53:11 -0400
Subject: [PATCH] mount.nfs: Mount should really return from errno test
We should only try next address family if we meet ECONNREFUSED or
EHOSTUNREACH for v4 or ECONNREFUSED or EOPNOTSUPP or EHOSTUNREACH for v3v2.
Before, only a break in swich can not make the program out of for loop.
Signed-off-by: Yang Bai <hamo.by(a)gmail.com>
Signed-off-by: Steve Dickson <steved(a)redhat.com>
diff --git a/utils/mount/stropts.c b/utils/mount/stropts.c
index 314a806..4032bf3 100644
--- a/utils/mount/stropts.c
+++ b/utils/mount/stropts.c
@@ -665,9 +665,10 @@ static int nfs_try_mount_v3v2(struct nfsmount_info *mi)
case EHOSTUNREACH:
continue;
default:
- break;
+ goto out;
}
}
+out:
return ret;
}
@@ -751,9 +752,10 @@ static int nfs_try_mount_v4(struct nfsmount_info *mi)
case EHOSTUNREACH:
continue;
default:
- break;
+ goto out;
}
}
+out:
return ret;
}
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
Hello community,
here is the log from the commit of package gnome-shell for openSUSE:12.1:Update:Test checked in at 2012-01-03 17:43:45
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:12.1:Update:Test/gnome-shell (Old)
and /work/SRC/openSUSE:12.1:Update:Test/.gnome-shell.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gnome-shell", Maintainer is ""
Changes:
--------
--- /work/SRC/openSUSE:12.1:Update:Test/gnome-shell/gnome-shell.changes 2011-11-24 20:14:53.000000000 +0100
+++ /work/SRC/openSUSE:12.1:Update:Test/.gnome-shell.new/gnome-shell.changes 2012-01-03 17:43:46.000000000 +0100
@@ -1,0 +2,6 @@
+Fri Dec 23 02:41:02 UTC 2011 - glin(a)suse.com
+
+- Add gnome-shell-network-private-connections-by-default.patch to
+ create the private connections by default [bnc#731812]
+
+-------------------------------------------------------------------
New:
----
gnome-shell-network-private-connections-by-default.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ gnome-shell.spec ++++++
--- /var/tmp/diff_new_pack.ooXEqv/_old 2012-01-03 17:43:46.000000000 +0100
+++ /var/tmp/diff_new_pack.ooXEqv/_new 2012-01-03 17:43:46.000000000 +0100
@@ -31,6 +31,8 @@
Patch1: gnome-shell-fix-deprecated-call.patch
# PATCH-FIX-UPSTREAM gnome-shell-fix-extension-tool-error-after-creating.patch bgo#661623, bnc#730106 malcolmlewis(a)opensuse.org -- Fix error after creating extension and use gvfs-open (not xdg-open) as gnome-open is deprecated.
Patch2: gnome-shell-fix-extension-tool-error-after-creating.patch
+# PATCH-FIX-OPENSUSE gnome-shell-network-create-private-connections-by-default.patch bnc#731812 glin(a)suse.com -- Create the private connections by default
+Patch3: gnome-shell-network-private-connections-by-default.patch
BuildRequires: intltool
BuildRequires: translation-update-upstream
BuildRequires: update-desktop-files
@@ -117,6 +119,7 @@
%patch0 -p1
%patch1 -p1
%patch2 -p1
+%patch3 -p1
translation-update-upstream
%build
++++++ gnome-shell-network-private-connections-by-default.patch ++++++
based on the patch from https://bugzilla.gnome.org/show_bug.cgi?id=646187#c5
---
js/ui/status/network.js | 18 ++++++++++++------
1 file changed, 12 insertions(+), 6 deletions(-)
--- a/js/ui/status/network.js
+++ b/js/ui/status/network.js
@@ -710,12 +710,14 @@
let connection = new NetworkManager.Connection();
connection._uuid = NetworkManager.utils_uuid_generate();
connection.add_setting(new NetworkManager.SettingWired());
- connection.add_setting(new NetworkManager.SettingConnection({
+ let connectionSetting = new NetworkManager.SettingConnection({
uuid: connection._uuid,
id: this._autoConnectionName,
type: NetworkManager.SETTING_WIRED_SETTING_NAME,
autoconnect: true
- }));
+ });
+ connectionSetting.add_permission('user', GLib.get_user_name(), null);
+ connection.add_setting(connectionSetting);
return connection;
}
};
@@ -863,12 +865,14 @@
let connection = new NetworkManager.Connection;
connection._uuid = NetworkManager.utils_uuid_generate();
connection.add_setting(new NetworkManager.SettingBluetooth);
- connection.add_setting(new NetworkManager.SettingConnection({
+ let connectionSetting = new NetworkManager.SettingConnection({
uuid: connection._uuid,
id: this._autoConnectionName,
type: NetworkManager.SETTING_BLUETOOTH_SETTING_NAME,
autoconnect: false
- }));
+ });
+ connectionSetting.add_permission('user', GLib.get_user_name(), null);
+ connection.add_setting(connectionSetting);
return connection;
},
@@ -1473,12 +1477,14 @@
let connection = new NetworkManager.Connection();
connection.add_setting(new NetworkManager.SettingWireless());
- connection.add_setting(new NetworkManager.SettingConnection({
+ let connectionSetting = new NetworkManager.SettingConnection({
id: name,
autoconnect: true, // NetworkManager will know to ignore this if appropriate
uuid: NetworkManager.utils_uuid_generate(),
type: NetworkManager.SETTING_WIRELESS_SETTING_NAME
- }));
+ });
+ connectionSetting.add_permission('user', GLib.get_user_name(), null);
+ connection.add_setting(connectionSetting);
return connection;
},
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0
03 Jan '12
Hello community,
here is the log from the commit of package NetworkManager-gnome for openSUSE:12.1:Update:Test checked in at 2012-01-03 17:43:05
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:12.1:Update:Test/NetworkManager-gnome (Old)
and /work/SRC/openSUSE:12.1:Update:Test/.NetworkManager-gnome.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "NetworkManager-gnome", Maintainer is "gnome-maintainers(a)suse.de"
Changes:
--------
--- /work/SRC/openSUSE:12.1:Update:Test/NetworkManager-gnome/NetworkManager-gnome.changes 2011-12-19 17:24:51.000000000 +0100
+++ /work/SRC/openSUSE:12.1:Update:Test/.NetworkManager-gnome.new/NetworkManager-gnome.changes 2012-01-03 17:43:07.000000000 +0100
@@ -1,0 +2,6 @@
+Fri Dec 23 04:09:39 UTC 2011 - glin(a)suse.com
+
+- Add NetworkManager-gnome-private-connections-by-default.patch to
+ create the private connections by default (bnc#731812)
+
+-------------------------------------------------------------------
New:
----
NetworkManager-gnome-private-connections-by-default.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ NetworkManager-gnome.spec ++++++
--- /var/tmp/diff_new_pack.n9MU9R/_old 2012-01-03 17:43:07.000000000 +0100
+++ /var/tmp/diff_new_pack.n9MU9R/_new 2012-01-03 17:43:07.000000000 +0100
@@ -51,6 +51,8 @@
Patch4: NetworkManager-gnome-correct-label-name.patch
# PATCH-FIX-OPENSUSE NetworkManager-gnome-hide-ws-page-note.patch bnc#732700 glin(a)suse.com -- Hide the note label when there is no 8021x setting
Patch5: NetworkManager-gnome-hide-ws-page-note.patch
+# PATCH-FIX-OPENSUSE NetworkManager-gnome-private-connections-by-default.patch bnc#731812 glin(a)suse.com -- Create the private connections by default
+Patch6: NetworkManager-gnome-private-connections-by-default.patch
Provides: NetworkManager-client
Requires: NetworkManager >= 0.9.1
# needed for translated country names
@@ -91,6 +93,7 @@
%patch3 -p1
%patch4 -p1
%patch5 -p1
+%patch6 -p1
%build
%configure \
++++++ NetworkManager-gnome-private-connections-by-default.patch ++++++
diff --git a/src/applet-device-cdma.c b/src/applet-device-cdma.c
index 7894df2..7e63ca0 100644
--- a/src/applet-device-cdma.c
+++ b/src/applet-device-cdma.c
@@ -148,6 +148,10 @@ mobile_wizard_done (NMAMobileWizard *wizard,
NULL);
g_free (uuid);
g_free (id);
+ nm_setting_connection_add_permission ((NMSettingConnection *)setting,
+ "user",
+ g_get_user_name(),
+ NULL);
nm_connection_add_setting (connection, setting);
}
diff --git a/src/applet-device-gsm.c b/src/applet-device-gsm.c
index d2740ef..dc1f8ab 100644
--- a/src/applet-device-gsm.c
+++ b/src/applet-device-gsm.c
@@ -174,6 +174,10 @@ mobile_wizard_done (NMAMobileWizard *wizard,
NULL);
g_free (uuid);
g_free (id);
+ nm_setting_connection_add_permission ((NMSettingConnection *)setting,
+ "user",
+ g_get_user_name(),
+ NULL);
nm_connection_add_setting (connection, setting);
}
diff --git a/src/applet-device-wifi.c b/src/applet-device-wifi.c
index 79ac78b..e11945f 100644
--- a/src/applet-device-wifi.c
+++ b/src/applet-device-wifi.c
@@ -467,6 +467,13 @@ _do_new_auto_connection (NMApplet *applet,
nm_connection_add_setting (connection, NM_SETTING (s_8021x));
}
+ s_con = nm_connection_get_setting_connection (connection);
+ if (!s_con) {
+ s_con = (NMSettingConnection *) nm_setting_connection_new ();
+ nm_connection_add_setting (connection, NM_SETTING (s_con));
+ }
+ nm_setting_connection_add_permission (s_con, "user", g_get_user_name(), NULL);
+
/* If it's an 802.1x connection, we need more information, so pop up the
* Dialog Of Doom.
*/
diff --git a/src/applet-device-wimax.c b/src/applet-device-wimax.c
index 5a4a6c2..ed7646c 100644
--- a/src/applet-device-wimax.c
+++ b/src/applet-device-wimax.c
@@ -94,6 +94,7 @@ wimax_new_auto_connection (NMDevice *device,
NM_SETTING_CONNECTION_UUID, uuid,
NULL);
g_free (uuid);
+ nm_setting_connection_add_permission (s_con, "user", g_get_user_name(), NULL);
nm_connection_add_setting (connection, NM_SETTING (s_con));
diff --git a/src/applet-device-wired.c b/src/applet-device-wired.c
index cc53a24..ff6d513 100644
--- a/src/applet-device-wired.c
+++ b/src/applet-device-wired.c
@@ -86,6 +86,7 @@ wired_new_auto_connection (NMDevice *device,
NM_SETTING_CONNECTION_UUID, uuid,
NULL);
g_free (uuid);
+ nm_setting_connection_add_permission (s_con, "user", g_get_user_name(), NULL);
nm_connection_add_setting (connection, NM_SETTING (s_con));
diff --git a/src/connection-editor/ce-page.c b/src/connection-editor/ce-page.c
index 2f59416..47de474 100644
--- a/src/connection-editor/ce-page.c
+++ b/src/connection-editor/ce-page.c
@@ -510,6 +510,7 @@ ce_page_new_connection (const char *format,
g_free (uuid);
g_free (id);
+ nm_setting_connection_add_permission (s_con, "user", g_get_user_name(), NULL);
return connection;
}
diff --git a/src/gnome-bluetooth/bt-widget.c b/src/gnome-bluetooth/bt-widget.c
index dade65c..303c054 100644
--- a/src/gnome-bluetooth/bt-widget.c
+++ b/src/gnome-bluetooth/bt-widget.c
@@ -256,6 +256,10 @@ add_pan_connection (PluginInfo *info)
NULL);
g_free (id);
g_free (uuid);
+ nm_setting_connection_add_permission ((NMSettingConnection *)setting,
+ "user",
+ g_get_user_name(),
+ NULL);
nm_connection_add_setting (connection, setting);
/* The Bluetooth settings */
@@ -421,6 +425,10 @@ dun_new_cdma (NMAMobileWizardAccessMethod *method)
NULL);
g_free (uuid);
g_free (id);
+ nm_setting_connection_add_permission ((NMSettingConnection *)setting,
+ "user",
+ g_get_user_name(),
+ NULL);
nm_connection_add_setting (connection, setting);
return connection;
@@ -470,6 +478,10 @@ dun_new_gsm (NMAMobileWizardAccessMethod *method)
NULL);
g_free (uuid);
g_free (id);
+ nm_setting_connection_add_permission ((NMSettingConnection *)setting,
+ "user",
+ g_get_user_name(),
+ NULL);
nm_connection_add_setting (connection, setting);
return connection;
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
1
0