Commit Graph

14452 Commits

Author SHA1 Message Date
Tim Steinbach
921dffb59e linux/hardened/patches/5.4: 5.4.101-hardened1 -> 5.4.103-hardened1 2021-03-09 10:50:15 -05:00
Tim Steinbach
48644e1496 linux/hardened/patches/5.10: 5.10.19-hardened1 -> 5.10.21-hardened1 2021-03-09 10:50:15 -05:00
Tim Steinbach
61ca55c170 linux/hardened/patches/4.19: 4.19.177-hardened1 -> 4.19.179-hardened1 2021-03-09 10:50:15 -05:00
Tim Steinbach
1361d73395 linux/hardened/patches/4.14: 4.14.222-hardened1 -> 4.14.224-hardened1 2021-03-09 10:50:15 -05:00
Tim Steinbach
7e71fcdba4 linux-rt_5_4: 5.4.93-rt51 -> 5.4.102-rt53 2021-03-09 10:50:15 -05:00
Tim Steinbach
6fb3bd79be linux: 5.11.4 -> 5.11.5 2021-03-09 10:50:15 -05:00
Tim Steinbach
e3a6b728a3 linux/hardened/patches/5.4: 5.4.100-hardened1 -> 5.4.101-hardened1 2021-03-09 10:50:15 -05:00
Tim Steinbach
0221fe13da linux/hardened/patches/5.10: 5.10.18-hardened1 -> 5.10.19-hardened1 2021-03-09 10:50:15 -05:00
Tim Steinbach
4fb927e50e linux_latest-libre: 17873 -> 17920 2021-03-09 10:50:15 -05:00
Tim Steinbach
6e5bce6b5a linux: 5.4.100 -> 5.4.103 2021-03-09 10:50:15 -05:00
Tim Steinbach
861b11a390 linux: 5.11.2 -> 5.11.4 2021-03-09 10:50:15 -05:00
Tim Steinbach
8a706422fa linux: 5.10.18 -> 5.10.21 2021-03-09 10:50:15 -05:00
Tim Steinbach
57455d7566 linux: 4.9.258 -> 4.9.260 2021-03-09 10:50:15 -05:00
Tim Steinbach
cecaeca80b linux: 4.4.258 -> 4.4.260 2021-03-09 10:50:15 -05:00
Tim Steinbach
929d751e5b linux: 4.19.177 -> 4.19.179 2021-03-09 10:50:15 -05:00
Tim Steinbach
196b232131 linux: 4.14.222 -> 4.14.224 2021-03-09 10:50:15 -05:00
Linus Heckemann
c762b1eaab
Merge pull request #90065 from wizeman/u/fix-config-merge
linux: make sure all config options have the same value
2021-03-08 21:34:59 +01:00
Maxine Aubrey
6cb28a7a47
bolt: 0.9 -> 0.9.1 2021-03-08 19:44:05 +01:00
Tim Steinbach
ecce29eba2
kernel: RANDOM_TRUST_CPU for >= 4.19 2021-03-08 11:49:08 -05:00
Rouven Czerwinski
368bdd13f6 linux: enable RANDOM_TRUST_CPU
Allows the RDRAND instruction to seed the kernel RNG. This should lead
to faster CRNG initialization, since the kernel can use the processors
capabilities directly. This is default enabled in Debian [1] and Fedora
[2] as well.

[1]: https://salsa.debian.org/kernel-team/linux/-/blob/debian/5.10.13-1/debian/config/config#L459
[2]: https://src.fedoraproject.org/rpms/kernel/blob/rawhide/f/kernel-x86_64-fedora.config#_4907
2021-03-08 09:34:22 -05:00
Sandro
1d80a52b4c
Merge pull request #115369 from lourkeur/hammer-114876
android-udev-rules: 20201003 -> 20210302
2021-03-08 00:21:17 +01:00
R. RyanTM
2b4c7c6cf3 android-udev-rules: 20201003 -> 20210302 2021-03-07 23:58:46 +01:00
Ricardo M. Correia
d81067f3f3 linux: fix fallout from conflicting kernel configs
The parent commit forbids conflicting kernel config options.

Fix the hardened kernels by allowing options in common-config.nix to
be overridden by conflicting ones in hardened/config.nix.

I'm explicitly avoiding using a higher priority (e.g. using mkForce)
in hardened/config.nix so that the user can easily override the
options in that file.
2021-03-07 20:55:55 +01:00
Jörg Thalheim
e7c8a73390
Merge pull request #108879 from kreisys/nixos-rebuild-no-systemctl
nixos-rebuild: Remove ambient systemctl dependency
2021-03-07 14:09:39 +00:00
Sandro
61b42c2d0f
Merge pull request #115281 from helsinki-systems/upd/targetcli 2021-03-07 02:40:11 +01:00
ajs124
d178471fad targetcli: 2.1.53 -> 2.1.54 2021-03-06 20:00:33 +01:00
Daniel Fox Franke
2f3eab365c nvidia-x11: 460.39 -> 460.56 2021-03-06 12:35:35 -05:00
Sandro
baac2a1b86
Merge pull request #115178 from teto/mptcp-bump
linux_mptcp_95: 0.95 -> 0.95.1
2021-03-06 05:00:56 +01:00
Matthieu Coudron
48e8bf850f linux_mptcp_95: 0.95 -> 0.95.1 2021-03-05 12:16:06 +01:00
WORLDofPEACE
583f1a96b1
Merge pull request #114000 from worldofpeace/plymouth-bgrt
nixos/plymouth: use bgrt theme
2021-03-04 18:32:30 -05:00
Orivej Desh
5da47b15cf linux-rt_5_11: init at 5.11.2-rt9 2021-03-03 11:36:36 +00:00
Orivej Desh
19959cb7ef linux-rt_5_6: remove 2021-03-03 11:36:36 +00:00
Domen Kožar
52041b5d02
remove myself from a bunch of software I no longer use/maintain 2021-03-03 10:50:26 +00:00
Ana Hobden
9c60e2be3d nvmet-cli: init at 0.7
Signed-off-by: Ana Hobden <operator@hoverbear.org>
2021-03-02 16:49:35 -08:00
Sandro
579622089c
Merge pull request #114794 from dottedmag/libxcrypt-pam
linux-pam: Optionally build with libxcrypt
2021-03-02 17:22:54 +01:00
TredwellGit
003fcee3cd linux_5_11: 5.11.1 -> 5.11.2
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.2
2021-03-02 09:52:57 -05:00
Varris
662e3b88ae linux: Enable CONFIG_UNICODE to support casefold
Required to mount filesystems with casefold enabled. Fixes #109432
2021-03-01 12:05:51 -05:00
Misha Gusarov
e3dd2def91 linux-pam: Optionally build with libxcrypt
This enables support for new password hashing functions in PAM.

A part of #112371.
2021-02-28 16:48:56 +00:00
Arthur Gautier
0a5e56aa03 libaio: fixup static compilation
Signed-off-by: Arthur Gautier <baloo@superbaloo.net>
2021-02-27 21:29:19 +00:00
Martin Weinelt
6a0b4ab7be
wpa_supplicant: add CVE-ID for P2P provision discovery proccessing vuln. 2021-02-27 13:11:35 +01:00
Frederik Rietdijk
c456a2512f Merge master into staging-next 2021-02-26 10:25:13 +01:00
R. RyanTM
01d6cbc533 mcelog: 173 -> 175 2021-02-25 22:42:52 -05:00
WORLDofPEACE
dd8805658e plymouth: 0.9.4 -> 2020-12-07
* default to bgrt
* don't use KillMode=none
  https://gitlab.freedesktop.org/plymouth/plymouth/-/issues/123

* multiple outputs
* fix spinfinity logo file
2021-02-25 16:46:03 -05:00
Martin Weinelt
a77380a689
wpa_supplicant: update homepage
The old one still exists but is not getting updated anymore.
2021-02-25 21:26:56 +01:00
Martin Weinelt
0dd3c094ee
wpa_supplicant: fix for security advisory 2021-1
A vulnerability was discovered in how wpa_supplicant processes P2P
(Wi-Fi Direct) provision discovery requests. Under a corner case
condition, an invalid Provision Discovery Request frame could end up
reaching a state where the oldest peer entry needs to be removed. With
a suitably constructed invalid frame, this could result in use
(read+write) of freed memory. This can result in an attacker within
radio range of the device running P2P discovery being able to cause
unexpected behavior, including termination of the wpa_supplicant process
and potentially code execution.

https://w1.fi/security/2021-1/
2021-02-25 20:57:49 +01:00
Joachim F
99ac41b702
Merge pull request #113675 from r-ryantm/auto-update/gradm
gradm: 3.1-201903191516 -> 3.1-202012071814
2021-02-25 17:00:45 +01:00
Tim Steinbach
1d982f3677 linux/hardened/patches/5.4: 5.4.99-hardened1 -> 5.4.100-hardened1 2021-02-25 10:30:55 -05:00
Tim Steinbach
bac5c55497 linux/hardened/patches/5.10: 5.10.17-hardened1 -> 5.10.18-hardened1 2021-02-25 10:30:55 -05:00
Tim Steinbach
df50139ed1 linux/hardened/patches/4.19: 4.19.176-hardened1 -> 4.19.177-hardened1 2021-02-25 10:30:55 -05:00
Tim Steinbach
24b9351862 linux/hardened/patches/4.14: 4.14.221-hardened1 -> 4.14.222-hardened1 2021-02-25 10:30:55 -05:00