Commit Graph

232 Commits

Author SHA1 Message Date
Tavi
2a78a4cfc0
Update CVE patchers
for realz

Signed-off-by: Tavi <tavi@divested.dev>
2024-03-27 22:09:10 -04:00
Tavi
dc9ed7c46c
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-21 14:54:23 -04:00
Tavi
dee7abe09d Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-14 14:58:24 -04:00
Tavi
f5a44efdff
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-07 12:13:52 -05:00
Tavi
5aefd27519
Update CVE patchers
Fixes https://github.com/Divested-Mobile/DivestOS-Build/issues/294

Signed-off-by: Tavi <tavi@divested.dev>
2024-03-05 12:42:34 -05:00
Tavi
cd38073ad2
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-04 15:39:53 -05:00
Tavi
fdbd1a090f
Update CVE patchers
I made a pass through removing some obvious wrongly applied patches
but there is likely some more breakage here

Signed-off-by: Tavi <tavi@divested.dev>
2024-03-02 12:31:51 -05:00
Tavi
45e87b4a1c
Update CVE patchers
Potential breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-02-27 03:15:54 -05:00
Tavi
20c8abcbc1
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-02-19 22:35:04 -05:00
Tavi
4e2c426be3
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-01-31 13:33:41 -05:00
Tavi
00f1589cb8
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-01-22 13:27:55 -05:00
Thaddeus
9d230974a2
Update CVE patchers
Signed-off-by: Thaddeus <tad@spotco.us>
2024-01-04 15:51:27 -05:00
Tad
7c46f43fc4
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-12-20 12:28:48 -05:00
Tad
af0cea3572
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-11-16 22:59:28 -05:00
Tad
548aec9c9d
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-11-05 18:58:11 -05:00
Tad
f64285f6fd
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-10-15 21:06:16 -04:00
Tad
d80f272b54
Update CVE patchers
CVE-2023-4128 replaces CVE-2023-4208

Signed-off-by: Tad <tad@spotco.us>
2023-10-02 21:41:34 -04:00
Tad
19f4964036
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-09-21 16:52:35 -04:00
Tad
337ae6012d
Fixup
TODO: regen

Signed-off-by: Tad <tad@spotco.us>
2023-09-17 20:26:44 -04:00
Tad
1b4f6d3bd8
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-09-17 01:30:23 -04:00
Tad
84a84c4742
Picks + Churn
Signed-off-by: Tad <tad@spotco.us>
2023-09-10 21:12:24 -04:00
Tad
0ec3c25d86
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-09-05 20:42:14 -04:00
Tad
fc9032513f
Update CVE patchers
Likely issue CVE-2023-3773/^6.4

Signed-off-by: Tad <tad@spotco.us>
2023-08-27 17:13:53 -04:00
Tad
2142e2e763
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-08-17 17:18:10 -04:00
Tad
974878988b
Fixup
Will regen later

Signed-off-by: Tad <tad@spotco.us>
2023-08-09 00:46:44 -04:00
Tad
eef09ae519
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-08-07 18:07:19 -04:00
Tad
180280b233
Update CVE patchers
TODO: adjust min version of CVE-2023-4132

Signed-off-by: Tad <tad@spotco.us>
2023-08-04 21:00:29 -04:00
Tad
73414e76d2
Update CVE patchers
two lpes

Signed-off-by: Tad <tad@spotco.us>
2023-07-25 12:04:05 -04:00
Tad
b6308caa37
Update CVE patchers
TODO: enable CVE-2023-31084/4.4

Signed-off-by: Tad <tad@spotco.us>
2023-07-15 21:22:18 -04:00
Tad
1c9076fffe
KSM tuning
- Only enable on Linux 3.0 through 4.9
- Always enable defer option
- Only run twice a second, instead of fifty times a second

Signed-off-by: Tad <tad@spotco.us>
2023-07-14 20:27:10 -04:00
Tad
2e2ac4557d
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-06-26 19:41:11 -04:00
Tad
a07133a064
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-06-16 11:03:46 -04:00
Tad
2ee99fe3ef
Update CVE patchers
CVE-2020-36694 appears to be a duplicate of CVE-2021-29650

Signed-off-by: Tad <tad@spotco.us>
2023-06-01 21:12:08 -04:00
Tad
cd0a29d69b
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-05-12 23:28:44 -04:00
Tad
366b4eb5ef
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-05-02 18:01:39 -04:00
Tad
47136145e5
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-04-23 23:20:36 -04:00
Tad
9ba61642de
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-04-17 23:19:28 -04:00
Tad
9a97c7013b
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-04-05 12:43:36 -04:00
Tad
8bcb5c734d
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-03-17 19:27:22 -04:00
Tad
38626e1b0c
Picks + Fixes
Signed-off-by: Tad <tad@spotco.us>
2023-03-14 16:58:27 -04:00
Tad
162b40a39d
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-03-13 18:13:54 -04:00
Tad
0b294c1601
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-03-08 16:01:49 -05:00
Tad
804786aa23
Update CVE patchers
Fixes https://github.com/Divested-Mobile/DivestOS-Build/issues/193

Signed-off-by: Tad <tad@spotco.us>
2023-03-06 19:54:15 -05:00
Tad
a845f59546
Fixup persistent IPv6 privacy address issue + churn
Backports of rfc4941bis from Google/Linaro
and workaround for legacy kernels from GrapheneOS

already has rfc4941bis patch:
fairphone_sdm632
google_gs101
google_gs201
google_msm-4.14
google_msm-4.9
google_redbull
oneplus_sdm845
razer_sdm845
xiaomi_sdm845

Signed-off-by: Tad <tad@spotco.us>
2023-02-11 20:26:24 -05:00
Tad
0e9599af6d
Fixup
Signed-off-by: Tad <tad@spotco.us>
2023-02-09 22:46:42 -05:00
Tad
fa067a3f89
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-02-06 23:06:34 -05:00
Tad
1511176a07
Update CVE patchers
Maybe some breakage

Signed-off-by: Tad <tad@spotco.us>
2023-01-28 20:33:44 -05:00
Tad
da1df44c8f
GrapheneOS kernel hardening patches update
Maybe some compile breakage

Signed-off-by: Tad <tad@spotco.us>
2023-01-24 19:03:01 -05:00
Tad
5ce2d33162
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-01-18 14:13:33 -05:00
Tad
14f40e024f
Update CVE patchers
This adds loose versioning applying 4.14 patches to 4.9

Signed-off-by: Tad <tad@spotco.us>
2023-01-13 13:23:12 -05:00