]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/blobdiff - lfs/linux
projects / people / pmueller / ipfire-2.x.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
linux: Fix for CVE-2022-0847 aka Dirty Pipe
[people/pmueller/ipfire-2.x.git] / lfs / linux
diff --git a/lfs/linux b/lfs/linux
index 640f1b986f3a9575deee97cee749f0aedb4cf0e1..0f8f2c1842859950dff387c320ac6db98b950f79 100644 (file)
--- a/lfs/linux
+++ b/lfs/linux
@@ -1,7 +1,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2007-2021  IPFire Team  <info@ipfire.org>                     #
+# Copyright (C) 2007-2022  IPFire Team  <info@ipfire.org>                     #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -24,8 +24,8 @@
 
 include Config
 
-VER         = 5.15.6
-ARM_PATCHES = 5.15-ipfire2
+VER         = 5.15.23
+ARM_PATCHES = 5.15-ipfire5
 
 THISAPP    = linux-$(VER)
 DL_FILE    = linux-$(VER).tar.xz
@@ -38,10 +38,6 @@ HEADERS_ARCH  = $(BUILD_PLATFORM)
 KERNEL_ARCH   = $(BUILD_ARCH)
 KERNEL_TARGET = bzImage
 
-ifeq "$(BUILD_ARCH)" "i586"
-       KERNEL_ARCH = i386
-endif
-
 ifeq "$(BUILD_ARCH)" "aarch64"
        HEADERS_ARCH = arm64
        KERNEL_ARCH  = arm64
@@ -77,8 +73,8 @@ objects =$(DL_FILE) \
 $(DL_FILE)                                     = $(URL_IPFIRE)/$(DL_FILE)
 arm-multi-patches-$(ARM_PATCHES).patch.xz      = $(URL_IPFIRE)/arm-multi-patches-$(ARM_PATCHES).patch.xz
 
-$(DL_FILE)_MD5                                 = b4e333919e9fddfdd46308cc38ceda1d
-arm-multi-patches-$(ARM_PATCHES).patch.xz_MD5  = 9cab549a71b19b07e0c5c103ccf3c321
+$(DL_FILE)_MD5                                 = 5e4405eabbf6b365fd5c9252f666ca60
+arm-multi-patches-$(ARM_PATCHES).patch.xz_MD5  = 5b588bcdf9d21cc7e8ce57c94b775195
 
 install : $(TARGET)
 
@@ -114,7 +110,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
        ln -svf linux-$(VER) $(DIR_SRC)/linux
 
        # Layer7-patch
-       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-5.15-layer7.patch
+       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-5.15.17-layer7.patch
 
        # DVB Patches
        cd $(DIR_APP) && patch -Np2 < $(DIR_SRC)/src/patches/v4l-dvb_fix_tua6034_pll.patch
@@ -145,6 +141,9 @@ ifeq "$(BUILD_ARCH)" "aarch64"
 endif
        cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-3.14.79-amba-fix.patch
 
+       # Fix for CVE-2022-0847 aka Dirty Pipe
+       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/kernel-5.15-CVE-2022-0847.patch
+
 ifeq "$(KCFG)" "-headers"
        # Install the header files
        cd $(DIR_APP) && make ARCH=$(HEADERS_ARCH) $(EXTRAMAKE) headers
Peter's tree of IPFire 2.x