diff --git a/SPECS-SIGNED/kernel-signed-aarch64/kernel-signed-aarch64.spec b/SPECS-SIGNED/kernel-signed-aarch64/kernel-signed-aarch64.spec index c079589f7ba..e654d3dfee8 100644 --- a/SPECS-SIGNED/kernel-signed-aarch64/kernel-signed-aarch64.spec +++ b/SPECS-SIGNED/kernel-signed-aarch64/kernel-signed-aarch64.spec @@ -2,7 +2,7 @@ Summary: Signed Linux Kernel for aarch64 systems Name: kernel-signed-aarch64 Version: 5.4.51 -Release: 9%{?dist} +Release: 10%{?dist} License: GPLv2 URL: https://github.com/microsoft/WSL2-Linux-Kernel Group: System Environment/Kernel @@ -85,6 +85,8 @@ ln -sf linux-%{uname_r}.cfg /boot/mariner.cfg %config %{_localstatedir}/lib/initramfs/kernel/%{uname_r} %changelog +* Fri Oct 02 2020 Chris Co 5.4.51-10 +- Update release number to match kernel spec * Fri Oct 02 2020 Chris Co 5.4.51-9 - Update release number * Wed Sep 30 2020 Emre Girgin 5.4.51-8 diff --git a/SPECS-SIGNED/kernel-signed-x64/kernel-signed-x64.spec b/SPECS-SIGNED/kernel-signed-x64/kernel-signed-x64.spec index 3347ecc68c2..9139f818f1d 100644 --- a/SPECS-SIGNED/kernel-signed-x64/kernel-signed-x64.spec +++ b/SPECS-SIGNED/kernel-signed-x64/kernel-signed-x64.spec @@ -2,7 +2,7 @@ Summary: Signed Linux Kernel for x86_64 systems Name: kernel-signed-x64 Version: 5.4.51 -Release: 9%{?dist} +Release: 10%{?dist} License: GPLv2 URL: https://github.com/microsoft/WSL2-Linux-Kernel Group: System Environment/Kernel @@ -85,6 +85,8 @@ ln -sf linux-%{uname_r}.cfg /boot/mariner.cfg %config %{_localstatedir}/lib/initramfs/kernel/%{uname_r} %changelog +* Fri Oct 02 2020 Chris Co 5.4.51-10 +- Update release number to match kernel spec * Fri Oct 02 2020 Chris Co 5.4.51-9 - Update release number * Wed Sep 30 2020 Emre Girgin 5.4.51-8 diff --git a/SPECS/kernel/CVE-2010-3865.nopatch b/SPECS/kernel/CVE-2010-3865.nopatch new file mode 100644 index 00000000000..d765b441a21 --- /dev/null +++ b/SPECS/kernel/CVE-2010-3865.nopatch @@ -0,0 +1,3 @@ +CVE-2010-3865 - Already patched in 5.4.51 stable kernel +Upstream commit - 1b1f693d7ad6d193862dcb1118540a030c5e761f +Same commit id in stable branch \ No newline at end of file diff --git a/SPECS/kernel/CVE-2020-10757.nopatch b/SPECS/kernel/CVE-2020-10757.nopatch new file mode 100644 index 00000000000..917369d177e --- /dev/null +++ b/SPECS/kernel/CVE-2020-10757.nopatch @@ -0,0 +1,3 @@ +CVE-2020-10757 - Already patched in 5.4.51 stable kernel +Upstream commit - 5bfea2d9b17f1034a68147a8b03b9789af5700f9 +Stable commit - 5a047df0b5fce377df37de75380321d1c8ca07a0 \ No newline at end of file diff --git a/SPECS/kernel/CVE-2020-11668.nopatch b/SPECS/kernel/CVE-2020-11668.nopatch new file mode 100644 index 00000000000..c9f9f4769f0 --- /dev/null +++ b/SPECS/kernel/CVE-2020-11668.nopatch @@ -0,0 +1,3 @@ +CVE-2020-11668 - Already patched in 5.4.51 stable kernel +Upstream commit - a246b4d547708f33ff4d4b9a7a5dbac741dc89d8 +Stable commit - cb595cb0a1e8e07213337f063cd39a3e80fc43a0 \ No newline at end of file diff --git a/SPECS/kernel/CVE-2020-12653.nopatch b/SPECS/kernel/CVE-2020-12653.nopatch new file mode 100644 index 00000000000..d072485c9ed --- /dev/null +++ b/SPECS/kernel/CVE-2020-12653.nopatch @@ -0,0 +1,3 @@ +CVE-2020-12653 - Already patched in 5.4.51 stable kernel +Upstream commit - b70261a288ea4d2f4ac7cd04be08a9f0f2de4f4d +Stable commit - 3c822e1f31186767d6b7261c3c066f01907ecfca \ No newline at end of file diff --git a/SPECS/kernel/CVE-2020-12654.nopatch b/SPECS/kernel/CVE-2020-12654.nopatch new file mode 100644 index 00000000000..610702f8be2 --- /dev/null +++ b/SPECS/kernel/CVE-2020-12654.nopatch @@ -0,0 +1,3 @@ +CVE-2020-12654 - Already patched in 5.4.51 stable kernel +Upstream commit - 3a9b153c5591548612c3955c9600a98150c81875 +Stable commit - c5b071e3f44d1125694ad4dcf1234fb9a78d0be6 \ No newline at end of file diff --git a/SPECS/kernel/CVE-2020-12657.nopatch b/SPECS/kernel/CVE-2020-12657.nopatch new file mode 100644 index 00000000000..96fe4f98b67 --- /dev/null +++ b/SPECS/kernel/CVE-2020-12657.nopatch @@ -0,0 +1,3 @@ +CVE-2020-12657 - Already patched in 5.4.51 stable kernel +Upstream commit - 2f95fa5c955d0a9987ffdc3a095e2f4e62c5f2a9 +Stable commit - b2ae36d220eddd88f9a1264176e3104d988f72fe \ No newline at end of file diff --git a/SPECS/kernel/CVE-2020-24394.nopatch b/SPECS/kernel/CVE-2020-24394.nopatch new file mode 100644 index 00000000000..846d3e9e0b3 --- /dev/null +++ b/SPECS/kernel/CVE-2020-24394.nopatch @@ -0,0 +1,3 @@ +CVE-2020-24394 - Already patched in 5.4.51 stable kernel +Upstream commit - 22cf8419f1319ff87ec759d0ebdff4cbafaee832 +Stable commit - c506f985d8d151383559c0760bb1ef7466e218d4 \ No newline at end of file diff --git a/SPECS/kernel/CVE-2020-8428.nopatch b/SPECS/kernel/CVE-2020-8428.nopatch new file mode 100644 index 00000000000..164fbde8da6 --- /dev/null +++ b/SPECS/kernel/CVE-2020-8428.nopatch @@ -0,0 +1,3 @@ +CVE-2020-8428 - Already patched in 5.4.51 stable kernel +Upstream commit - d0cb50185ae942b03c4327be322055d622dc79f6 +Stable commit - 454759886d0b463213fad0f1c733469e2c501ab9 \ No newline at end of file diff --git a/SPECS/kernel/kernel.spec b/SPECS/kernel/kernel.spec index ee790c62a7e..b5e82db9483 100644 --- a/SPECS/kernel/kernel.spec +++ b/SPECS/kernel/kernel.spec @@ -2,7 +2,7 @@ Summary: Linux Kernel Name: kernel Version: 5.4.51 -Release: 9%{?dist} +Release: 10%{?dist} License: GPLv2 URL: https://github.com/microsoft/WSL2-Linux-Kernel Group: System Environment/Kernel @@ -35,6 +35,14 @@ Patch1011: CVE-2020-8648.nopatch Patch1012: CVE-2020-8649.nopatch Patch1013: CVE-2020-9383.nopatch Patch1014: CVE-2020-11725.nopatch +Patch1015: CVE-2020-10757.nopatch +Patch1016: CVE-2020-12653.nopatch +Patch1017: CVE-2020-12657.nopatch +Patch1018: CVE-2010-3865.nopatch +Patch1019: CVE-2020-11668.nopatch +Patch1020: CVE-2020-12654.nopatch +Patch1021: CVE-2020-24394.nopatch +Patch1022: CVE-2020-8428.nopatch BuildRequires: bc BuildRequires: diffutils @@ -333,6 +341,9 @@ ln -sf linux-%{uname_r}.cfg /boot/mariner.cfg %{_libdir}/perf/include/bpf/* %changelog +* Fri Oct 02 2020 Chris Co 5.4.51-10 +- Address CVE-2020-10757, CVE-2020-12653, CVE-2020-12657, CVE-2010-3865, +- CVE-2020-11668, CVE-2020-12654, CVE-2020-24394, CVE-2020-8428 * Fri Oct 02 2020 Chris Co 5.4.51-9 - Fix aarch64 build error * Wed Sep 30 2020 Emre Girgin 5.4.51-8