diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2023-11-21 21:15:30 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2023-11-22 13:30:37 +0100 |
| commit | 151fc86d2595ab8bd3bf28eb38280bfb40db2dd7 (patch) | |
| tree | e2e85adc990264ebc6dacb776b7bff08eb80b8ab /patches/source/linux-5.15.139/build-all-kernels.sh | |
| parent | 4989eb7599ec6d777838c4fbc5644255dae0e963 (diff) | |
| download | current-151fc86d2595ab8bd3bf28eb38280bfb40db2dd7.tar.gz current-151fc86d2595ab8bd3bf28eb38280bfb40db2dd7.tar.xz | |
Tue Nov 21 21:15:30 UTC 202320231121211530_15.0
patches/packages/kernel-firmware-20231120_9552083-noarch-1.txz: Upgraded.
Updated to the latest kernel firmware.
patches/packages/linux-5.15.139/*: Upgraded.
These updates fix various bugs and security issues.
Be sure to upgrade your initrd after upgrading the kernel packages.
If you use lilo to boot your machine, be sure lilo.conf points to the correct
kernel and initrd and run lilo as root to update the bootloader.
If you use elilo to boot your machine, you should run eliloconfig to copy the
kernel and initrd to the EFI System Partition.
For more information, see:
Fixed in 5.15.116:
https://www.cve.org/CVERecord?id=CVE-2023-35788
https://www.cve.org/CVERecord?id=CVE-2022-45887
https://www.cve.org/CVERecord?id=CVE-2022-45886
https://www.cve.org/CVERecord?id=CVE-2023-3212
https://www.cve.org/CVERecord?id=CVE-2022-45919
Fixed in 5.15.117:
https://www.cve.org/CVERecord?id=CVE-2023-2124
https://www.cve.org/CVERecord?id=CVE-2023-34255
Fixed in 5.15.118:
https://www.cve.org/CVERecord?id=CVE-2023-3609
https://www.cve.org/CVERecord?id=CVE-2023-3117
https://www.cve.org/CVERecord?id=CVE-2023-3390
https://www.cve.org/CVERecord?id=CVE-2023-3338
Fixed in 5.15.119:
https://www.cve.org/CVERecord?id=CVE-2023-3610
Fixed in 5.15.121:
https://www.cve.org/CVERecord?id=CVE-2023-31248
https://www.cve.org/CVERecord?id=CVE-2023-38432
https://www.cve.org/CVERecord?id=CVE-2023-3866
https://www.cve.org/CVERecord?id=CVE-2023-2898
https://www.cve.org/CVERecord?id=CVE-2023-44466
https://www.cve.org/CVERecord?id=CVE-2023-4132
https://www.cve.org/CVERecord?id=CVE-2023-3611
https://www.cve.org/CVERecord?id=CVE-2022-48502
https://www.cve.org/CVERecord?id=CVE-2023-3865
https://www.cve.org/CVERecord?id=CVE-2023-35001
https://www.cve.org/CVERecord?id=CVE-2023-3776
https://www.cve.org/CVERecord?id=CVE-2023-3863
Fixed in 5.15.122:
https://www.cve.org/CVERecord?id=CVE-2023-20593
Fixed in 5.15.123:
https://www.cve.org/CVERecord?id=CVE-2023-3777
https://www.cve.org/CVERecord?id=CVE-2023-4004
Fixed in 5.15.124:
https://www.cve.org/CVERecord?id=CVE-2023-4015
https://www.cve.org/CVERecord?id=CVE-2023-4147
https://www.cve.org/CVERecord?id=CVE-2023-1206
Fixed in 5.15.125:
https://www.cve.org/CVERecord?id=CVE-2022-40982
https://www.cve.org/CVERecord?id=CVE-2023-20569
Fixed in 5.15.126:
https://www.cve.org/CVERecord?id=CVE-2023-20588
https://www.cve.org/CVERecord?id=CVE-2023-4128
https://www.cve.org/CVERecord?id=CVE-2023-4208
https://www.cve.org/CVERecord?id=CVE-2023-4206
https://www.cve.org/CVERecord?id=CVE-2023-4207
https://www.cve.org/CVERecord?id=CVE-2023-40283
Fixed in 5.15.128:
https://www.cve.org/CVERecord?id=CVE-2023-4569
https://www.cve.org/CVERecord?id=CVE-2023-39194
https://www.cve.org/CVERecord?id=CVE-2023-4273
https://www.cve.org/CVERecord?id=CVE-2023-3772
Fixed in 5.15.132:
https://www.cve.org/CVERecord?id=CVE-2023-4921
https://www.cve.org/CVERecord?id=CVE-2023-4623
https://www.cve.org/CVERecord?id=CVE-2023-42753
https://www.cve.org/CVERecord?id=CVE-2023-42752
https://www.cve.org/CVERecord?id=CVE-2023-39189
https://www.cve.org/CVERecord?id=CVE-2023-4881
https://www.cve.org/CVERecord?id=CVE-2023-45871
https://www.cve.org/CVERecord?id=CVE-2023-39193
https://www.cve.org/CVERecord?id=CVE-2023-39192
Fixed in 5.15.133:
https://www.cve.org/CVERecord?id=CVE-2023-42755
Fixed in 5.15.134:
https://www.cve.org/CVERecord?id=CVE-2023-42754
https://www.cve.org/CVERecord?id=CVE-2023-4563
https://www.cve.org/CVERecord?id=CVE-2023-4244
https://www.cve.org/CVERecord?id=CVE-2023-5197
Fixed in 5.15.135:
https://www.cve.org/CVERecord?id=CVE-2023-34324
https://www.cve.org/CVERecord?id=CVE-2023-31085
https://www.cve.org/CVERecord?id=CVE-2023-5158
Fixed in 5.15.136:
https://www.cve.org/CVERecord?id=CVE-2023-35827
Fixed in 5.15.137:
https://www.cve.org/CVERecord?id=CVE-2023-46813
https://www.cve.org/CVERecord?id=CVE-2023-5717
https://www.cve.org/CVERecord?id=CVE-2023-5178
(* Security fix *)
patches/packages/mozilla-firefox-115.5.0esr-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
Thanks to zuriel for the taskbar icon fix on Wayland. :-)
For more information, see:
https://www.mozilla.org/en-US/firefox/115.5.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2023-50/
https://www.cve.org/CVERecord?id=CVE-2023-6204
https://www.cve.org/CVERecord?id=CVE-2023-6205
https://www.cve.org/CVERecord?id=CVE-2023-6206
https://www.cve.org/CVERecord?id=CVE-2023-6207
https://www.cve.org/CVERecord?id=CVE-2023-6208
https://www.cve.org/CVERecord?id=CVE-2023-6209
https://www.cve.org/CVERecord?id=CVE-2023-6212
(* Security fix *)
Diffstat (limited to 'patches/source/linux-5.15.139/build-all-kernels.sh')
| -rwxr-xr-x | patches/source/linux-5.15.139/build-all-kernels.sh | 175 |
1 files changed, 175 insertions, 0 deletions
diff --git a/patches/source/linux-5.15.139/build-all-kernels.sh b/patches/source/linux-5.15.139/build-all-kernels.sh new file mode 100755 index 000000000..0ac96bdf6 --- /dev/null +++ b/patches/source/linux-5.15.139/build-all-kernels.sh @@ -0,0 +1,175 @@ +#!/bin/sh + +# Copyright 2018, 2021, 2022 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# This script uses the SlackBuild scripts present here to build a +# complete set of kernel packages for the currently running architecture. +# It needs to be run once on 64-bit (uname -m = x86_64) and once on IA32 +# (uname -m = i586 or i686). + +cd $(dirname $0) ; CWD=$(pwd) + +BUILD=${BUILD:-1} +if [ -z "$VERSION" ]; then + # Get the filename of the newest kernel tarball: + KERNEL_SOURCE_FILE="$(/bin/ls -t linux-*.tar.?z | head -n 1 )" + if echo $KERNEL_SOURCE_FILE | grep -q rc ; then # need to get rc versions a bit differently + VERSION=$(/bin/ls -t linux-*.tar.?z | head -n 1 | rev | cut -f 3- -d . | cut -f 1,2 -d - | rev) + else # normal release version + VERSION=$(/bin/ls -t linux-*.tar.?z | head -n 1 | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + fi +fi +TMP=${TMP:-/tmp} + +# By default, install the packages as we build them and update the initrd. +INSTALL_PACKAGES=${INSTALL_PACKAGES:-YES} + +# Clean kernels before building them. Not doing so quit working some time +# after 4.19.x. +export KERNEL_CLEAN=YES + +# A list of recipes for build may be passed in the $RECIPES variable, otherwise +# we have defaults based on uname -m: +if [ -z "$RECIPES" ]; then + if uname -m | grep -wq x86_64 ; then + RECIPES="x86_64" + elif uname -m | grep -wq i.86 ; then + RECIPES="IA32_NO_SMP IA32_SMP" + else + echo "Error: no build recipes available for $(uname -m)" + exit 1 + fi +fi + +# Main build loop: +for recipe in $RECIPES ; do + + # Build recipes are defined here. These will select the appropriate .config + # files and package naming scheme, and define the output location. + if [ "$recipe" = "x86_64" ]; then + # Recipe for x86_64: + export CONFIG_SUFFIX=".x64" + unset LOCALVERSION + OUTPUT=${OUTPUT:-${TMP}/output-x86_64-${VERSION}} + elif [ "$recipe" = "IA32_SMP" ]; then + # Recipe for IA32_SMP: + unset CONFIG_SUFFIX + LOCALVERSION="-smp" + OUTPUT=${OUTPUT:-${TMP}/output-ia32-${VERSION}} + elif [ "$recipe" = "IA32_NO_SMP" ]; then + # Recipe for IA32_NO_SMP: + unset CONFIG_SUFFIX + unset LOCALVERSION + OUTPUT=${OUTPUT:-${TMP}/output-ia32-${VERSION}} + else + echo "Error: recipe ${recipe} not implemented" + exit 1 + fi + + echo + echo "*************************************************" + echo "* Building kernels for recipe ${recipe}..." + echo "*************************************************" + echo + + # Build kernel-source package: + KERNEL_SOURCE_PACKAGE_NAME=$(PRINT_PACKAGE_NAME=YES KERNEL_CONFIG="config-generic${LOCALVERSION}-${VERSION}${LOCALVERSION}${CONFIG_SUFFIX}" VERSION=$VERSION BUILD=$BUILD ./kernel-source.SlackBuild) + KERNEL_CONFIG="config-generic${LOCALVERSION}-${VERSION}${LOCALVERSION}${CONFIG_SUFFIX}" VERSION=$VERSION BUILD=$BUILD ./kernel-source.SlackBuild + mkdir -p $OUTPUT + mv ${TMP}/${KERNEL_SOURCE_PACKAGE_NAME} $OUTPUT || exit 1 + if [ "${INSTALL_PACKAGES}" = "YES" ]; then + installpkg ${OUTPUT}/${KERNEL_SOURCE_PACKAGE_NAME} || exit 1 + fi + + # Build kernel-huge package: + # We will build in the just-built kernel tree. First, let's put back the + # symlinks: + ( cd $TMP/package-kernel-source + sh install/doinst.sh + ) + KERNEL_HUGE_PACKAGE_NAME=$(PRINT_PACKAGE_NAME=YES KERNEL_NAME=huge KERNEL_SOURCE=$TMP/package-kernel-source/usr/src/linux KERNEL_CONFIG=./kernel-configs/config-huge${LOCALVERSION}-${VERSION}${LOCALVERSION}${CONFIG_SUFFIX} CONFIG_SUFFIX=${CONFIG_SUFFIX} KERNEL_OUTPUT_DIRECTORY=$OUTPUT/kernels/huge$(echo ${LOCALVERSION} | tr -d -).s BUILD=$BUILD ./kernel-generic.SlackBuild) + KERNEL_NAME=huge KERNEL_SOURCE=$TMP/package-kernel-source/usr/src/linux KERNEL_CONFIG=./kernel-configs/config-huge${LOCALVERSION}-${VERSION}${LOCALVERSION}${CONFIG_SUFFIX} CONFIG_SUFFIX=${CONFIG_SUFFIX} KERNEL_OUTPUT_DIRECTORY=$OUTPUT/kernels/huge$(echo ${LOCALVERSION} | tr -d -).s BUILD=$BUILD ./kernel-generic.SlackBuild + if [ -r ${TMP}/${KERNEL_HUGE_PACKAGE_NAME} ]; then + mv ${TMP}/${KERNEL_HUGE_PACKAGE_NAME} $OUTPUT + else + echo "kernel-source build failed." + exit 1 + fi + if [ "${INSTALL_PACKAGES}" = "YES" ]; then + installpkg ${OUTPUT}/${KERNEL_HUGE_PACKAGE_NAME} || exit 1 + fi + + # Build kernel-generic package: + KERNEL_GENERIC_PACKAGE_NAME=$(PRINT_PACKAGE_NAME=YES KERNEL_NAME=generic KERNEL_SOURCE=$TMP/package-kernel-source/usr/src/linux KERNEL_CONFIG=./kernel-configs/config-generic${LOCALVERSION}-${VERSION}${LOCALVERSION}${CONFIG_SUFFIX} CONFIG_SUFFIX=${CONFIG_SUFFIX} KERNEL_OUTPUT_DIRECTORY=$OUTPUT/kernels/generic$(echo ${LOCALVERSION} | tr -d -).s BUILD=$BUILD ./kernel-generic.SlackBuild) + KERNEL_NAME=generic KERNEL_SOURCE=$TMP/package-kernel-source/usr/src/linux KERNEL_CONFIG=./kernel-configs/config-generic${LOCALVERSION}-${VERSION}${LOCALVERSION}${CONFIG_SUFFIX} CONFIG_SUFFIX=${CONFIG_SUFFIX} KERNEL_OUTPUT_DIRECTORY=$OUTPUT/kernels/generic$(echo ${LOCALVERSION} | tr -d -).s BUILD=$BUILD ./kernel-generic.SlackBuild + if [ -r ${TMP}/${KERNEL_GENERIC_PACKAGE_NAME} ]; then + mv ${TMP}/${KERNEL_GENERIC_PACKAGE_NAME} $OUTPUT + else + echo "kernel-generic build failed." + exit 1 + fi + if [ "${INSTALL_PACKAGES}" = "YES" ]; then + installpkg ${OUTPUT}/${KERNEL_GENERIC_PACKAGE_NAME} || exit 1 + fi + + # Build kernel-modules (for the just built generic kernel, but most of them + # will also work with the huge kernel): + KERNEL_MODULES_PACKAGE_NAME=$(PRINT_PACKAGE_NAME=YES KERNEL_SOURCE=$TMP/package-kernel-source/usr/src/linux KERNEL_CONFIG=$TMP/package-kernel-source/usr/src/linux/.config BUILD=$BUILD ./kernel-modules.SlackBuild) + KERNEL_SOURCE=$TMP/package-kernel-source/usr/src/linux KERNEL_CONFIG=$TMP/package-kernel-source/usr/src/linux/.config BUILD=$BUILD ./kernel-modules.SlackBuild + if [ -r ${TMP}/${KERNEL_MODULES_PACKAGE_NAME} ]; then + mv ${TMP}/${KERNEL_MODULES_PACKAGE_NAME} $OUTPUT + else + echo "kernel-modules build failed." + exit 1 + fi + if [ "${INSTALL_PACKAGES}" = "YES" ]; then + installpkg ${OUTPUT}/${KERNEL_MODULES_PACKAGE_NAME} || exit 1 + fi + + # Build kernel-headers: + KERNEL_HEADERS_PACKAGE_NAME=$(PRINT_PACKAGE_NAME=YES KERNEL_SOURCE=$TMP/package-kernel-source/usr/src/linux BUILD=$BUILD ./kernel-headers.SlackBuild) + KERNEL_SOURCE=$TMP/package-kernel-source/usr/src/linux BUILD=$BUILD ./kernel-headers.SlackBuild + if [ -r ${TMP}/${KERNEL_HEADERS_PACKAGE_NAME} ]; then + mv ${TMP}/${KERNEL_HEADERS_PACKAGE_NAME} $OUTPUT + else + echo "kernel-headers build failed." + exit 1 + fi + if [ "${INSTALL_PACKAGES}" = "YES" ]; then + upgradepkg --reinstall --install-new ${OUTPUT}/${KERNEL_HEADERS_PACKAGE_NAME} || exit 1 + fi + + # Update initrd: + if [ "${INSTALL_PACKAGES}" = "YES" ]; then + INITRD_VERSION="$(grep "Kernel Configuration" $TMP/package-kernel-source/usr/src/linux/.config | cut -f 3 -d ' ')" + INITRD_LOCALVERSION="$(cat $TMP/package-kernel-source/usr/src/linux/.config 2> /dev/null | grep CONFIG_LOCALVERSION= | cut -f 2 -d = | tr -d \")" + if [ -r /etc/mkinitrd.conf ]; then + mkinitrd -F /etc/mkinitrd.conf -k ${INITRD_VERSION}${INITRD_LOCALVERSION} + else # try this? + sh /usr/share/mkinitrd/mkinitrd_command_generator.sh -k ${INITRD_VERSION}${INITRD_LOCALVERSION} | sed "s/-c -k/-k/g" | bash + fi + fi + + echo + echo "${recipe} kernel packages done!" + echo + +done |