====================================== Sat, 17 Dec 2022 - Debian 11.6 released ====================================== ========================================================================= [Date: Sat, 17 Dec 2022 09:39:35 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel affs-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el affs-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel affs-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel ata-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel ata-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el ata-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf ata-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel ata-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el btrfs-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel btrfs-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el btrfs-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf btrfs-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel btrfs-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel btrfs-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel btrfs-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el btrfs-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x cdrom-core-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel cdrom-core-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el cdrom-core-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf cdrom-core-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel cdrom-core-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel cdrom-core-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel cdrom-core-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el cdrom-core-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x crc-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel crc-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el crc-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf crc-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel crc-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel crc-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel crc-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el crc-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x crypto-dm-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel crypto-dm-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el crypto-dm-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf crypto-dm-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel crypto-dm-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel crypto-dm-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel crypto-dm-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el crypto-dm-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x crypto-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel crypto-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el crypto-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf crypto-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel crypto-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel crypto-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel crypto-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el crypto-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x dasd-extra-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x dasd-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x efi-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf event-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel event-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el event-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf event-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel event-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel event-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel event-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el ext4-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel ext4-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el ext4-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf ext4-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel ext4-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel ext4-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel ext4-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el ext4-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x f2fs-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel f2fs-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el f2fs-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf f2fs-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel f2fs-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel f2fs-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel f2fs-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el f2fs-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x fancontrol-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el fat-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel fat-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el fat-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf fat-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel fat-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel fat-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel fat-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el fat-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x fb-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel fb-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el fb-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf fb-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel fb-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel fb-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el firewire-core-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel firewire-core-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el fuse-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel fuse-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el fuse-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf fuse-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel fuse-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel fuse-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel fuse-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el fuse-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x hypervisor-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el i2c-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel i2c-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el i2c-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf i2c-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el input-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel input-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el input-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf input-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel input-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel input-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel input-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el ipv6-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel isofs-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel isofs-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el isofs-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf isofs-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel isofs-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel isofs-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel isofs-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el isofs-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x jffs2-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel jfs-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel jfs-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el jfs-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf jfs-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel jfs-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel jfs-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel jfs-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el kernel-image-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel kernel-image-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el kernel-image-5.10.0-16-armmp-di | 5.10.127-2 | armhf kernel-image-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel kernel-image-5.10.0-16-marvell-di | 5.10.127-2 | armel kernel-image-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel kernel-image-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el kernel-image-5.10.0-16-s390x-di | 5.10.127-2 | s390x leds-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf leds-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel linux | 5.10.127-2 | source linux-doc | 5.10.127-2 | all linux-doc-5.10 | 5.10.127-2 | all linux-headers-5.10.0-16-4kc-malta | 5.10.127-2 | mipsel linux-headers-5.10.0-16-5kc-malta | 5.10.127-2 | mips64el, mipsel linux-headers-5.10.0-16-686 | 5.10.127-2 | i386 linux-headers-5.10.0-16-686-pae | 5.10.127-2 | i386 linux-headers-5.10.0-16-amd64 | 5.10.127-2 | amd64 linux-headers-5.10.0-16-arm64 | 5.10.127-2 | arm64 linux-headers-5.10.0-16-armmp | 5.10.127-2 | armhf linux-headers-5.10.0-16-armmp-lpae | 5.10.127-2 | armhf linux-headers-5.10.0-16-cloud-amd64 | 5.10.127-2 | amd64 linux-headers-5.10.0-16-cloud-arm64 | 5.10.127-2 | arm64 linux-headers-5.10.0-16-common | 5.10.127-2 | all linux-headers-5.10.0-16-common-rt | 5.10.127-2 | all linux-headers-5.10.0-16-loongson-3 | 5.10.127-2 | mips64el, mipsel linux-headers-5.10.0-16-marvell | 5.10.127-2 | armel linux-headers-5.10.0-16-octeon | 5.10.127-2 | mips64el, mipsel linux-headers-5.10.0-16-powerpc64le | 5.10.127-2 | ppc64el linux-headers-5.10.0-16-rpi | 5.10.127-2 | armel linux-headers-5.10.0-16-rt-686-pae | 5.10.127-2 | i386 linux-headers-5.10.0-16-rt-amd64 | 5.10.127-2 | amd64 linux-headers-5.10.0-16-rt-arm64 | 5.10.127-2 | arm64 linux-headers-5.10.0-16-rt-armmp | 5.10.127-2 | armhf linux-headers-5.10.0-16-s390x | 5.10.127-2 | s390x linux-image-5.10.0-16-4kc-malta | 5.10.127-2 | mipsel linux-image-5.10.0-16-4kc-malta-dbg | 5.10.127-2 | mipsel linux-image-5.10.0-16-5kc-malta | 5.10.127-2 | mips64el, mipsel linux-image-5.10.0-16-5kc-malta-dbg | 5.10.127-2 | mips64el, mipsel linux-image-5.10.0-16-686-dbg | 5.10.127-2 | i386 linux-image-5.10.0-16-686-pae-dbg | 5.10.127-2 | i386 linux-image-5.10.0-16-686-pae-unsigned | 5.10.127-2 | i386 linux-image-5.10.0-16-686-unsigned | 5.10.127-2 | i386 linux-image-5.10.0-16-amd64-dbg | 5.10.127-2 | amd64 linux-image-5.10.0-16-amd64-unsigned | 5.10.127-2 | amd64 linux-image-5.10.0-16-arm64-dbg | 5.10.127-2 | arm64 linux-image-5.10.0-16-arm64-unsigned | 5.10.127-2 | arm64 linux-image-5.10.0-16-armmp | 5.10.127-2 | armhf linux-image-5.10.0-16-armmp-dbg | 5.10.127-2 | armhf linux-image-5.10.0-16-armmp-lpae | 5.10.127-2 | armhf linux-image-5.10.0-16-armmp-lpae-dbg | 5.10.127-2 | armhf linux-image-5.10.0-16-cloud-amd64-dbg | 5.10.127-2 | amd64 linux-image-5.10.0-16-cloud-amd64-unsigned | 5.10.127-2 | amd64 linux-image-5.10.0-16-cloud-arm64-dbg | 5.10.127-2 | arm64 linux-image-5.10.0-16-cloud-arm64-unsigned | 5.10.127-2 | arm64 linux-image-5.10.0-16-loongson-3 | 5.10.127-2 | mips64el, mipsel linux-image-5.10.0-16-loongson-3-dbg | 5.10.127-2 | mips64el, mipsel linux-image-5.10.0-16-marvell | 5.10.127-2 | armel linux-image-5.10.0-16-marvell-dbg | 5.10.127-2 | armel linux-image-5.10.0-16-octeon | 5.10.127-2 | mips64el, mipsel linux-image-5.10.0-16-octeon-dbg | 5.10.127-2 | mips64el, mipsel linux-image-5.10.0-16-powerpc64le | 5.10.127-2 | ppc64el linux-image-5.10.0-16-powerpc64le-dbg | 5.10.127-2 | ppc64el linux-image-5.10.0-16-rpi | 5.10.127-2 | armel linux-image-5.10.0-16-rpi-dbg | 5.10.127-2 | armel linux-image-5.10.0-16-rt-686-pae-dbg | 5.10.127-2 | i386 linux-image-5.10.0-16-rt-686-pae-unsigned | 5.10.127-2 | i386 linux-image-5.10.0-16-rt-amd64-dbg | 5.10.127-2 | amd64 linux-image-5.10.0-16-rt-amd64-unsigned | 5.10.127-2 | amd64 linux-image-5.10.0-16-rt-arm64-dbg | 5.10.127-2 | arm64 linux-image-5.10.0-16-rt-arm64-unsigned | 5.10.127-2 | arm64 linux-image-5.10.0-16-rt-armmp | 5.10.127-2 | armhf linux-image-5.10.0-16-rt-armmp-dbg | 5.10.127-2 | armhf linux-image-5.10.0-16-s390x | 5.10.127-2 | s390x linux-image-5.10.0-16-s390x-dbg | 5.10.127-2 | s390x linux-source | 5.10.127-2 | all linux-source-5.10 | 5.10.127-2 | all linux-support-5.10.0-16 | 5.10.127-2 | all loop-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel loop-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el loop-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf loop-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel loop-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel loop-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel loop-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el loop-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x md-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel md-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el md-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf md-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel md-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel md-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel md-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el md-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x minix-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel minix-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el minix-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel minix-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel minix-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel mmc-core-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel mmc-core-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el mmc-core-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel mmc-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel mmc-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el mmc-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf mmc-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel mouse-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel mouse-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el mouse-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel mouse-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el mtd-core-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel mtd-core-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el mtd-core-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel mtd-core-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel mtd-core-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el mtd-core-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x mtd-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf mtd-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel multipath-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel multipath-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el multipath-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf multipath-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel multipath-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel multipath-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel multipath-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el multipath-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x nbd-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel nbd-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el nbd-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf nbd-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel nbd-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel nbd-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel nbd-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el nbd-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x nfs-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel nic-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel nic-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el nic-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf nic-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel nic-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel nic-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel nic-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el nic-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x nic-shared-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel nic-shared-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el nic-shared-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf nic-shared-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel nic-shared-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel nic-shared-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel nic-shared-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el nic-usb-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel nic-usb-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el nic-usb-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf nic-usb-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel nic-usb-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel nic-usb-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel nic-usb-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el nic-wireless-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel nic-wireless-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el nic-wireless-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf nic-wireless-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel nic-wireless-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel nic-wireless-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el pata-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel pata-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el pata-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf pata-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel pata-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel ppp-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel ppp-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el ppp-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf ppp-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel ppp-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel ppp-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel ppp-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el rtc-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel sata-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel sata-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el sata-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf sata-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel sata-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel sata-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel sata-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el scsi-core-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel scsi-core-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el scsi-core-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf scsi-core-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel scsi-core-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel scsi-core-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel scsi-core-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el scsi-core-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x scsi-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel scsi-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el scsi-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf scsi-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel scsi-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel scsi-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el scsi-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x scsi-nic-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel scsi-nic-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el scsi-nic-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf scsi-nic-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel scsi-nic-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel scsi-nic-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el serial-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el sound-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel sound-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el sound-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel sound-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel speakup-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel squashfs-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel squashfs-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el squashfs-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf squashfs-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel squashfs-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel squashfs-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel squashfs-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el udf-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel udf-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el udf-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf udf-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel udf-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel udf-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel udf-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el udf-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x uinput-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf uinput-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel uinput-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el usb-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel usb-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el usb-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf usb-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel usb-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel usb-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel usb-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el usb-serial-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel usb-serial-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el usb-serial-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf usb-serial-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel usb-serial-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel usb-serial-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel usb-serial-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el usb-storage-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel usb-storage-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el usb-storage-modules-5.10.0-16-armmp-di | 5.10.127-2 | armhf usb-storage-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel usb-storage-modules-5.10.0-16-marvell-di | 5.10.127-2 | armel usb-storage-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel usb-storage-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el xfs-modules-5.10.0-16-4kc-malta-di | 5.10.127-2 | mipsel xfs-modules-5.10.0-16-5kc-malta-di | 5.10.127-2 | mips64el xfs-modules-5.10.0-16-loongson-3-di | 5.10.127-2 | mips64el, mipsel xfs-modules-5.10.0-16-octeon-di | 5.10.127-2 | mips64el, mipsel xfs-modules-5.10.0-16-powerpc64le-di | 5.10.127-2 | ppc64el xfs-modules-5.10.0-16-s390x-di | 5.10.127-2 | s390x ------------------- Reason ------------------- [auto-cruft] old linux ABI ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 17 Dec 2022 09:40:15 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel affs-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el affs-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel affs-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel ata-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel ata-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el ata-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf ata-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel ata-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el btrfs-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel btrfs-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el btrfs-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf btrfs-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel btrfs-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel btrfs-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel btrfs-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el btrfs-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x cdrom-core-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel cdrom-core-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el cdrom-core-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf cdrom-core-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel cdrom-core-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel cdrom-core-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel cdrom-core-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el cdrom-core-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x crc-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel crc-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el crc-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf crc-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel crc-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel crc-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel crc-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el crc-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x crypto-dm-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel crypto-dm-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el crypto-dm-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf crypto-dm-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel crypto-dm-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel crypto-dm-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel crypto-dm-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el crypto-dm-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x crypto-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel crypto-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el crypto-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf crypto-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel crypto-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel crypto-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel crypto-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el crypto-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x dasd-extra-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x dasd-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x efi-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf event-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel event-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el event-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf event-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel event-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel event-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel event-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el ext4-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel ext4-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el ext4-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf ext4-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel ext4-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel ext4-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel ext4-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el ext4-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x f2fs-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel f2fs-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el f2fs-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf f2fs-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel f2fs-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel f2fs-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel f2fs-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el f2fs-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x fancontrol-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el fat-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel fat-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el fat-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf fat-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel fat-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel fat-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel fat-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el fat-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x fb-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel fb-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el fb-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf fb-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel fb-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel fb-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el firewire-core-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel firewire-core-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el fuse-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel fuse-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el fuse-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf fuse-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel fuse-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel fuse-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel fuse-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el fuse-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x hypervisor-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el i2c-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel i2c-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el i2c-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf i2c-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el input-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel input-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el input-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf input-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel input-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel input-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel input-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el ipv6-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel isofs-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel isofs-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el isofs-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf isofs-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel isofs-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel isofs-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel isofs-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el isofs-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x jffs2-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel jfs-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel jfs-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el jfs-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf jfs-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel jfs-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel jfs-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel jfs-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el kernel-image-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel kernel-image-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el kernel-image-5.10.0-19-armmp-di | 5.10.149-2 | armhf kernel-image-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel kernel-image-5.10.0-19-marvell-di | 5.10.149-2 | armel kernel-image-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel kernel-image-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el kernel-image-5.10.0-19-s390x-di | 5.10.149-2 | s390x leds-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf leds-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel linux | 5.10.149-2 | source linux-doc | 5.10.149-2 | all linux-doc-5.10 | 5.10.149-2 | all linux-headers-5.10.0-19-4kc-malta | 5.10.149-2 | mipsel linux-headers-5.10.0-19-5kc-malta | 5.10.149-2 | mips64el, mipsel linux-headers-5.10.0-19-686 | 5.10.149-2 | i386 linux-headers-5.10.0-19-686-pae | 5.10.149-2 | i386 linux-headers-5.10.0-19-amd64 | 5.10.149-2 | amd64 linux-headers-5.10.0-19-arm64 | 5.10.149-2 | arm64 linux-headers-5.10.0-19-armmp | 5.10.149-2 | armhf linux-headers-5.10.0-19-armmp-lpae | 5.10.149-2 | armhf linux-headers-5.10.0-19-cloud-amd64 | 5.10.149-2 | amd64 linux-headers-5.10.0-19-cloud-arm64 | 5.10.149-2 | arm64 linux-headers-5.10.0-19-common | 5.10.149-2 | all linux-headers-5.10.0-19-common-rt | 5.10.149-2 | all linux-headers-5.10.0-19-loongson-3 | 5.10.149-2 | mips64el, mipsel linux-headers-5.10.0-19-marvell | 5.10.149-2 | armel linux-headers-5.10.0-19-octeon | 5.10.149-2 | mips64el, mipsel linux-headers-5.10.0-19-powerpc64le | 5.10.149-2 | ppc64el linux-headers-5.10.0-19-rpi | 5.10.149-2 | armel linux-headers-5.10.0-19-rt-686-pae | 5.10.149-2 | i386 linux-headers-5.10.0-19-rt-amd64 | 5.10.149-2 | amd64 linux-headers-5.10.0-19-rt-arm64 | 5.10.149-2 | arm64 linux-headers-5.10.0-19-rt-armmp | 5.10.149-2 | armhf linux-headers-5.10.0-19-s390x | 5.10.149-2 | s390x linux-image-5.10.0-19-4kc-malta | 5.10.149-2 | mipsel linux-image-5.10.0-19-4kc-malta-dbg | 5.10.149-2 | mipsel linux-image-5.10.0-19-5kc-malta | 5.10.149-2 | mips64el, mipsel linux-image-5.10.0-19-5kc-malta-dbg | 5.10.149-2 | mips64el, mipsel linux-image-5.10.0-19-686-dbg | 5.10.149-2 | i386 linux-image-5.10.0-19-686-pae-dbg | 5.10.149-2 | i386 linux-image-5.10.0-19-686-pae-unsigned | 5.10.149-2 | i386 linux-image-5.10.0-19-686-unsigned | 5.10.149-2 | i386 linux-image-5.10.0-19-amd64-dbg | 5.10.149-2 | amd64 linux-image-5.10.0-19-amd64-unsigned | 5.10.149-2 | amd64 linux-image-5.10.0-19-arm64-dbg | 5.10.149-2 | arm64 linux-image-5.10.0-19-arm64-unsigned | 5.10.149-2 | arm64 linux-image-5.10.0-19-armmp | 5.10.149-2 | armhf linux-image-5.10.0-19-armmp-dbg | 5.10.149-2 | armhf linux-image-5.10.0-19-armmp-lpae | 5.10.149-2 | armhf linux-image-5.10.0-19-armmp-lpae-dbg | 5.10.149-2 | armhf linux-image-5.10.0-19-cloud-amd64-dbg | 5.10.149-2 | amd64 linux-image-5.10.0-19-cloud-amd64-unsigned | 5.10.149-2 | amd64 linux-image-5.10.0-19-cloud-arm64-dbg | 5.10.149-2 | arm64 linux-image-5.10.0-19-cloud-arm64-unsigned | 5.10.149-2 | arm64 linux-image-5.10.0-19-loongson-3 | 5.10.149-2 | mips64el, mipsel linux-image-5.10.0-19-loongson-3-dbg | 5.10.149-2 | mips64el, mipsel linux-image-5.10.0-19-marvell | 5.10.149-2 | armel linux-image-5.10.0-19-marvell-dbg | 5.10.149-2 | armel linux-image-5.10.0-19-octeon | 5.10.149-2 | mips64el, mipsel linux-image-5.10.0-19-octeon-dbg | 5.10.149-2 | mips64el, mipsel linux-image-5.10.0-19-powerpc64le | 5.10.149-2 | ppc64el linux-image-5.10.0-19-powerpc64le-dbg | 5.10.149-2 | ppc64el linux-image-5.10.0-19-rpi | 5.10.149-2 | armel linux-image-5.10.0-19-rpi-dbg | 5.10.149-2 | armel linux-image-5.10.0-19-rt-686-pae-dbg | 5.10.149-2 | i386 linux-image-5.10.0-19-rt-686-pae-unsigned | 5.10.149-2 | i386 linux-image-5.10.0-19-rt-amd64-dbg | 5.10.149-2 | amd64 linux-image-5.10.0-19-rt-amd64-unsigned | 5.10.149-2 | amd64 linux-image-5.10.0-19-rt-arm64-dbg | 5.10.149-2 | arm64 linux-image-5.10.0-19-rt-arm64-unsigned | 5.10.149-2 | arm64 linux-image-5.10.0-19-rt-armmp | 5.10.149-2 | armhf linux-image-5.10.0-19-rt-armmp-dbg | 5.10.149-2 | armhf linux-image-5.10.0-19-s390x | 5.10.149-2 | s390x linux-image-5.10.0-19-s390x-dbg | 5.10.149-2 | s390x linux-source | 5.10.149-2 | all linux-source-5.10 | 5.10.149-2 | all linux-support-5.10.0-19 | 5.10.149-2 | all loop-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel loop-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el loop-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf loop-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel loop-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel loop-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel loop-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el loop-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x md-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel md-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el md-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf md-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel md-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel md-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel md-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el md-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x minix-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel minix-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el minix-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel minix-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel minix-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel mmc-core-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel mmc-core-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el mmc-core-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel mmc-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel mmc-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el mmc-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf mmc-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel mouse-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel mouse-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el mouse-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel mouse-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el mtd-core-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel mtd-core-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el mtd-core-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel mtd-core-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel mtd-core-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el mtd-core-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x mtd-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf mtd-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel multipath-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel multipath-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el multipath-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf multipath-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel multipath-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel multipath-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel multipath-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el multipath-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x nbd-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel nbd-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el nbd-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf nbd-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel nbd-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel nbd-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel nbd-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el nbd-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x nfs-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel nic-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel nic-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el nic-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf nic-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel nic-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel nic-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel nic-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el nic-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x nic-shared-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel nic-shared-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el nic-shared-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf nic-shared-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel nic-shared-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel nic-shared-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel nic-shared-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el nic-usb-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel nic-usb-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el nic-usb-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf nic-usb-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel nic-usb-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel nic-usb-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel nic-usb-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el nic-wireless-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel nic-wireless-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el nic-wireless-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf nic-wireless-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel nic-wireless-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel nic-wireless-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el pata-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel pata-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el pata-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf pata-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel pata-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel ppp-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel ppp-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el ppp-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf ppp-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel ppp-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel ppp-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel ppp-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el rtc-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel sata-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel sata-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el sata-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf sata-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel sata-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel sata-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel sata-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el scsi-core-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel scsi-core-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el scsi-core-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf scsi-core-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel scsi-core-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel scsi-core-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel scsi-core-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el scsi-core-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x scsi-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel scsi-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el scsi-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf scsi-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel scsi-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel scsi-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el scsi-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x scsi-nic-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel scsi-nic-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el scsi-nic-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf scsi-nic-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel scsi-nic-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel scsi-nic-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el serial-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el sound-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel sound-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el sound-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel sound-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel speakup-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel squashfs-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel squashfs-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el squashfs-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf squashfs-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel squashfs-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel squashfs-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel squashfs-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el udf-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel udf-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el udf-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf udf-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel udf-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel udf-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel udf-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el udf-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x uinput-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf uinput-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel uinput-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el usb-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel usb-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el usb-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf usb-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel usb-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel usb-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel usb-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el usb-serial-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel usb-serial-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el usb-serial-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf usb-serial-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel usb-serial-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel usb-serial-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel usb-serial-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el usb-storage-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel usb-storage-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el usb-storage-modules-5.10.0-19-armmp-di | 5.10.149-2 | armhf usb-storage-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel usb-storage-modules-5.10.0-19-marvell-di | 5.10.149-2 | armel usb-storage-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel usb-storage-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el xfs-modules-5.10.0-19-4kc-malta-di | 5.10.149-2 | mipsel xfs-modules-5.10.0-19-5kc-malta-di | 5.10.149-2 | mips64el xfs-modules-5.10.0-19-loongson-3-di | 5.10.149-2 | mips64el, mipsel xfs-modules-5.10.0-19-octeon-di | 5.10.149-2 | mips64el, mipsel xfs-modules-5.10.0-19-powerpc64le-di | 5.10.149-2 | ppc64el xfs-modules-5.10.0-19-s390x-di | 5.10.149-2 | s390x ------------------- Reason ------------------- [auto-cruft] old linux ABI ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 17 Dec 2022 09:41:02 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: acpi-modules-5.10.0-16-686-di | 5.10.127-2 | i386 acpi-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 acpi-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 ata-modules-5.10.0-16-686-di | 5.10.127-2 | i386 ata-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 ata-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 ata-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 btrfs-modules-5.10.0-16-686-di | 5.10.127-2 | i386 btrfs-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 btrfs-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 btrfs-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 cdrom-core-modules-5.10.0-16-686-di | 5.10.127-2 | i386 cdrom-core-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 cdrom-core-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 cdrom-core-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 crc-modules-5.10.0-16-686-di | 5.10.127-2 | i386 crc-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 crc-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 crc-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 crypto-dm-modules-5.10.0-16-686-di | 5.10.127-2 | i386 crypto-dm-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 crypto-dm-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 crypto-dm-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 crypto-modules-5.10.0-16-686-di | 5.10.127-2 | i386 crypto-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 crypto-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 crypto-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 efi-modules-5.10.0-16-686-di | 5.10.127-2 | i386 efi-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 efi-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 efi-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 event-modules-5.10.0-16-686-di | 5.10.127-2 | i386 event-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 event-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 event-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 ext4-modules-5.10.0-16-686-di | 5.10.127-2 | i386 ext4-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 ext4-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 ext4-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 f2fs-modules-5.10.0-16-686-di | 5.10.127-2 | i386 f2fs-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 f2fs-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 f2fs-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 fat-modules-5.10.0-16-686-di | 5.10.127-2 | i386 fat-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 fat-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 fat-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 fb-modules-5.10.0-16-686-di | 5.10.127-2 | i386 fb-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 fb-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 fb-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 firewire-core-modules-5.10.0-16-686-di | 5.10.127-2 | i386 firewire-core-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 firewire-core-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 fuse-modules-5.10.0-16-686-di | 5.10.127-2 | i386 fuse-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 fuse-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 fuse-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 i2c-modules-5.10.0-16-686-di | 5.10.127-2 | i386 i2c-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 i2c-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 i2c-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 input-modules-5.10.0-16-686-di | 5.10.127-2 | i386 input-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 input-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 input-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 isofs-modules-5.10.0-16-686-di | 5.10.127-2 | i386 isofs-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 isofs-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 isofs-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 jfs-modules-5.10.0-16-686-di | 5.10.127-2 | i386 jfs-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 jfs-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 jfs-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 kernel-image-5.10.0-16-686-di | 5.10.127-2 | i386 kernel-image-5.10.0-16-686-pae-di | 5.10.127-2 | i386 kernel-image-5.10.0-16-amd64-di | 5.10.127-2 | amd64 kernel-image-5.10.0-16-arm64-di | 5.10.127-2 | arm64 leds-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 linux-image-5.10.0-16-686 | 5.10.127-2 | i386 linux-image-5.10.0-16-686-pae | 5.10.127-2 | i386 linux-image-5.10.0-16-amd64 | 5.10.127-2 | amd64 linux-image-5.10.0-16-arm64 | 5.10.127-2 | arm64 linux-image-5.10.0-16-cloud-amd64 | 5.10.127-2 | amd64 linux-image-5.10.0-16-cloud-arm64 | 5.10.127-2 | arm64 linux-image-5.10.0-16-rt-686-pae | 5.10.127-2 | i386 linux-image-5.10.0-16-rt-amd64 | 5.10.127-2 | amd64 linux-image-5.10.0-16-rt-arm64 | 5.10.127-2 | arm64 linux-signed-amd64 | 5.10.127+2 | source linux-signed-arm64 | 5.10.127+2 | source linux-signed-i386 | 5.10.127+2 | source loop-modules-5.10.0-16-686-di | 5.10.127-2 | i386 loop-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 loop-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 loop-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 md-modules-5.10.0-16-686-di | 5.10.127-2 | i386 md-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 md-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 md-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 mmc-core-modules-5.10.0-16-686-di | 5.10.127-2 | i386 mmc-core-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 mmc-core-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 mmc-modules-5.10.0-16-686-di | 5.10.127-2 | i386 mmc-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 mmc-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 mmc-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 mouse-modules-5.10.0-16-686-di | 5.10.127-2 | i386 mouse-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 mouse-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 mtd-core-modules-5.10.0-16-686-di | 5.10.127-2 | i386 mtd-core-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 mtd-core-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 mtd-core-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 multipath-modules-5.10.0-16-686-di | 5.10.127-2 | i386 multipath-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 multipath-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 multipath-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 nbd-modules-5.10.0-16-686-di | 5.10.127-2 | i386 nbd-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 nbd-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 nbd-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 nic-modules-5.10.0-16-686-di | 5.10.127-2 | i386 nic-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 nic-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 nic-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 nic-pcmcia-modules-5.10.0-16-686-di | 5.10.127-2 | i386 nic-pcmcia-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 nic-pcmcia-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 nic-shared-modules-5.10.0-16-686-di | 5.10.127-2 | i386 nic-shared-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 nic-shared-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 nic-shared-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 nic-usb-modules-5.10.0-16-686-di | 5.10.127-2 | i386 nic-usb-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 nic-usb-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 nic-usb-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 nic-wireless-modules-5.10.0-16-686-di | 5.10.127-2 | i386 nic-wireless-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 nic-wireless-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 nic-wireless-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 pata-modules-5.10.0-16-686-di | 5.10.127-2 | i386 pata-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 pata-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 pcmcia-modules-5.10.0-16-686-di | 5.10.127-2 | i386 pcmcia-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 pcmcia-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 pcmcia-storage-modules-5.10.0-16-686-di | 5.10.127-2 | i386 pcmcia-storage-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 pcmcia-storage-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 ppp-modules-5.10.0-16-686-di | 5.10.127-2 | i386 ppp-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 ppp-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 ppp-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 rfkill-modules-5.10.0-16-686-di | 5.10.127-2 | i386 rfkill-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 rfkill-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 sata-modules-5.10.0-16-686-di | 5.10.127-2 | i386 sata-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 sata-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 sata-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 scsi-core-modules-5.10.0-16-686-di | 5.10.127-2 | i386 scsi-core-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 scsi-core-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 scsi-core-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 scsi-modules-5.10.0-16-686-di | 5.10.127-2 | i386 scsi-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 scsi-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 scsi-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 scsi-nic-modules-5.10.0-16-686-di | 5.10.127-2 | i386 scsi-nic-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 scsi-nic-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 scsi-nic-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 serial-modules-5.10.0-16-686-di | 5.10.127-2 | i386 serial-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 serial-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 sound-modules-5.10.0-16-686-di | 5.10.127-2 | i386 sound-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 sound-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 speakup-modules-5.10.0-16-686-di | 5.10.127-2 | i386 speakup-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 speakup-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 squashfs-modules-5.10.0-16-686-di | 5.10.127-2 | i386 squashfs-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 squashfs-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 squashfs-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 udf-modules-5.10.0-16-686-di | 5.10.127-2 | i386 udf-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 udf-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 udf-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 uinput-modules-5.10.0-16-686-di | 5.10.127-2 | i386 uinput-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 uinput-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 uinput-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 usb-modules-5.10.0-16-686-di | 5.10.127-2 | i386 usb-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 usb-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 usb-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 usb-serial-modules-5.10.0-16-686-di | 5.10.127-2 | i386 usb-serial-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 usb-serial-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 usb-serial-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 usb-storage-modules-5.10.0-16-686-di | 5.10.127-2 | i386 usb-storage-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 usb-storage-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 usb-storage-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 xfs-modules-5.10.0-16-686-di | 5.10.127-2 | i386 xfs-modules-5.10.0-16-686-pae-di | 5.10.127-2 | i386 xfs-modules-5.10.0-16-amd64-di | 5.10.127-2 | amd64 xfs-modules-5.10.0-16-arm64-di | 5.10.127-2 | arm64 ------------------- Reason ------------------- [auto-cruft] old linux ABI ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 17 Dec 2022 09:41:19 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: acpi-modules-5.10.0-19-686-di | 5.10.149-2 | i386 acpi-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 acpi-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 ata-modules-5.10.0-19-686-di | 5.10.149-2 | i386 ata-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 ata-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 ata-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 btrfs-modules-5.10.0-19-686-di | 5.10.149-2 | i386 btrfs-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 btrfs-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 btrfs-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 cdrom-core-modules-5.10.0-19-686-di | 5.10.149-2 | i386 cdrom-core-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 cdrom-core-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 cdrom-core-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 crc-modules-5.10.0-19-686-di | 5.10.149-2 | i386 crc-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 crc-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 crc-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 crypto-dm-modules-5.10.0-19-686-di | 5.10.149-2 | i386 crypto-dm-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 crypto-dm-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 crypto-dm-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 crypto-modules-5.10.0-19-686-di | 5.10.149-2 | i386 crypto-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 crypto-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 crypto-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 efi-modules-5.10.0-19-686-di | 5.10.149-2 | i386 efi-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 efi-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 efi-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 event-modules-5.10.0-19-686-di | 5.10.149-2 | i386 event-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 event-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 event-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 ext4-modules-5.10.0-19-686-di | 5.10.149-2 | i386 ext4-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 ext4-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 ext4-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 f2fs-modules-5.10.0-19-686-di | 5.10.149-2 | i386 f2fs-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 f2fs-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 f2fs-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 fat-modules-5.10.0-19-686-di | 5.10.149-2 | i386 fat-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 fat-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 fat-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 fb-modules-5.10.0-19-686-di | 5.10.149-2 | i386 fb-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 fb-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 fb-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 firewire-core-modules-5.10.0-19-686-di | 5.10.149-2 | i386 firewire-core-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 firewire-core-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 fuse-modules-5.10.0-19-686-di | 5.10.149-2 | i386 fuse-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 fuse-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 fuse-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 i2c-modules-5.10.0-19-686-di | 5.10.149-2 | i386 i2c-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 i2c-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 i2c-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 input-modules-5.10.0-19-686-di | 5.10.149-2 | i386 input-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 input-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 input-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 isofs-modules-5.10.0-19-686-di | 5.10.149-2 | i386 isofs-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 isofs-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 isofs-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 jfs-modules-5.10.0-19-686-di | 5.10.149-2 | i386 jfs-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 jfs-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 jfs-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 kernel-image-5.10.0-19-686-di | 5.10.149-2 | i386 kernel-image-5.10.0-19-686-pae-di | 5.10.149-2 | i386 kernel-image-5.10.0-19-amd64-di | 5.10.149-2 | amd64 kernel-image-5.10.0-19-arm64-di | 5.10.149-2 | arm64 leds-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 linux-image-5.10.0-19-686 | 5.10.149-2 | i386 linux-image-5.10.0-19-686-pae | 5.10.149-2 | i386 linux-image-5.10.0-19-amd64 | 5.10.149-2 | amd64 linux-image-5.10.0-19-arm64 | 5.10.149-2 | arm64 linux-image-5.10.0-19-cloud-amd64 | 5.10.149-2 | amd64 linux-image-5.10.0-19-cloud-arm64 | 5.10.149-2 | arm64 linux-image-5.10.0-19-rt-686-pae | 5.10.149-2 | i386 linux-image-5.10.0-19-rt-amd64 | 5.10.149-2 | amd64 linux-image-5.10.0-19-rt-arm64 | 5.10.149-2 | arm64 linux-signed-amd64 | 5.10.149+2 | source linux-signed-arm64 | 5.10.149+2 | source linux-signed-i386 | 5.10.149+2 | source loop-modules-5.10.0-19-686-di | 5.10.149-2 | i386 loop-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 loop-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 loop-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 md-modules-5.10.0-19-686-di | 5.10.149-2 | i386 md-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 md-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 md-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 mmc-core-modules-5.10.0-19-686-di | 5.10.149-2 | i386 mmc-core-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 mmc-core-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 mmc-modules-5.10.0-19-686-di | 5.10.149-2 | i386 mmc-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 mmc-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 mmc-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 mouse-modules-5.10.0-19-686-di | 5.10.149-2 | i386 mouse-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 mouse-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 mtd-core-modules-5.10.0-19-686-di | 5.10.149-2 | i386 mtd-core-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 mtd-core-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 mtd-core-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 multipath-modules-5.10.0-19-686-di | 5.10.149-2 | i386 multipath-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 multipath-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 multipath-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 nbd-modules-5.10.0-19-686-di | 5.10.149-2 | i386 nbd-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 nbd-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 nbd-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 nic-modules-5.10.0-19-686-di | 5.10.149-2 | i386 nic-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 nic-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 nic-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 nic-pcmcia-modules-5.10.0-19-686-di | 5.10.149-2 | i386 nic-pcmcia-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 nic-pcmcia-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 nic-shared-modules-5.10.0-19-686-di | 5.10.149-2 | i386 nic-shared-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 nic-shared-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 nic-shared-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 nic-usb-modules-5.10.0-19-686-di | 5.10.149-2 | i386 nic-usb-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 nic-usb-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 nic-usb-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 nic-wireless-modules-5.10.0-19-686-di | 5.10.149-2 | i386 nic-wireless-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 nic-wireless-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 nic-wireless-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 pata-modules-5.10.0-19-686-di | 5.10.149-2 | i386 pata-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 pata-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 pcmcia-modules-5.10.0-19-686-di | 5.10.149-2 | i386 pcmcia-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 pcmcia-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 pcmcia-storage-modules-5.10.0-19-686-di | 5.10.149-2 | i386 pcmcia-storage-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 pcmcia-storage-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 ppp-modules-5.10.0-19-686-di | 5.10.149-2 | i386 ppp-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 ppp-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 ppp-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 rfkill-modules-5.10.0-19-686-di | 5.10.149-2 | i386 rfkill-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 rfkill-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 sata-modules-5.10.0-19-686-di | 5.10.149-2 | i386 sata-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 sata-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 sata-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 scsi-core-modules-5.10.0-19-686-di | 5.10.149-2 | i386 scsi-core-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 scsi-core-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 scsi-core-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 scsi-modules-5.10.0-19-686-di | 5.10.149-2 | i386 scsi-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 scsi-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 scsi-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 scsi-nic-modules-5.10.0-19-686-di | 5.10.149-2 | i386 scsi-nic-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 scsi-nic-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 scsi-nic-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 serial-modules-5.10.0-19-686-di | 5.10.149-2 | i386 serial-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 serial-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 sound-modules-5.10.0-19-686-di | 5.10.149-2 | i386 sound-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 sound-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 speakup-modules-5.10.0-19-686-di | 5.10.149-2 | i386 speakup-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 speakup-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 squashfs-modules-5.10.0-19-686-di | 5.10.149-2 | i386 squashfs-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 squashfs-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 squashfs-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 udf-modules-5.10.0-19-686-di | 5.10.149-2 | i386 udf-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 udf-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 udf-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 uinput-modules-5.10.0-19-686-di | 5.10.149-2 | i386 uinput-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 uinput-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 uinput-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 usb-modules-5.10.0-19-686-di | 5.10.149-2 | i386 usb-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 usb-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 usb-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 usb-serial-modules-5.10.0-19-686-di | 5.10.149-2 | i386 usb-serial-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 usb-serial-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 usb-serial-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 usb-storage-modules-5.10.0-19-686-di | 5.10.149-2 | i386 usb-storage-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 usb-storage-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 usb-storage-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 xfs-modules-5.10.0-19-686-di | 5.10.149-2 | i386 xfs-modules-5.10.0-19-686-pae-di | 5.10.149-2 | i386 xfs-modules-5.10.0-19-amd64-di | 5.10.149-2 | amd64 xfs-modules-5.10.0-19-arm64-di | 5.10.149-2 | arm64 ------------------- Reason ------------------- [auto-cruft] old linux ABI ---------------------------------------------- ========================================================================= asterisk (1:16.28.0~dfsg-0+deb11u1) bullseye-security; urgency=high . * Non-maintainer upload. * Fix CVE-2021-37706, CVE-2021-43299, CVE-2021-43300, CVE-2021-43301, CVE-2021-43302, CVE-2021-43303, CVE-2021-43804, CVE-2021-43845, CVE-2021-46837, CVE-2022-21722, CVE-2022-21723, CVE-2022-23608, CVE-2022-24763, CVE-2022-24764, CVE-2022-24786, CVE-2022-24792, CVE-2022-24793, CVE-2022-26498, CVE-2022-26499, CVE-2022-26651. Multiple security vulnerabilities have been found in Asterisk, an Open Source Private Branch Exchange. Buffer overflows and other programming errors could be exploited for information disclosure or the execution of arbitrary code. asterisk (1:16.23.0~dfsg+~cs6.10.40431411-1) unstable; urgency=medium . * embed project asterisk-opus as component; add patches 2015 2016 to integrate opus module with asterisk; integrate opus module with build rules; have asterisk-modules replace and break asterisk-opus * update copyright info: update coverage * relax to build-depend unversioned on libjansson-dev: required version satisfied in all supported Debian releases * build-depend on libneon27-dev (not libneon27-gnutls-dev, with libneon27-dev only as fallback); drop fallback build-dependencies for libcurl4-openssl-dev libradcli-dev * build-depend on liblua5.2-dev (not liblua5.1-0-dev) * build-depend on libcodec2-dev libfftw3-dev libsndfile1-dev asterisk (1:16.23.0~dfsg+~cs6.10.20220309-2) unstable; urgency=medium . * update debhelper script dh_asterisk: + fix move excess paragraphs from POD section NAME to DESCRIPTION + fix reference man page debhelper(7) (not bogus debhelper(1) + add POD section COPYRIGHT AND LICENSE + simplify POD section SYNOPSIS + drop POD sections OPTIONS (superfluous) and NOTES (bogus) + fix typo in POD section DESCRIPTION + extend POD section DESCRIPTION to mention dh-sequence-asterisk (inspired by POD of dh_perl_openssl) * provide virtual package asterisk-abi-* (not asterisk-*), and have dh_asterisk generate matching package variable ${asterisk:Depends} (not the core less intuitive ${asterisk:ABI}) * generate and install manpage for dh_asterisk; build-depend on perl * cherry-pick bugfix patches upstream; unfuzz remaining patches asterisk (1:16.23.0~dfsg+~cs6.10.20220309-1) unstable; urgency=medium . * finalize and install debhelper script dh_asterisk; have asterisk-dev depend on debhelper perl:any, and provide virtual package dh-sequence-asterisk * relax to generate temporary PJPROJECT tarball sloppily: reproducibility or stable md5sum unneeded * fix avoid insecure hardcoded path below /tmp during build * rename and renumber patches; add file debian/patches/README to source documenting patch naming micro policy * drop vp8 patch, superseded by package asterisk-opus * embed project asterisk-amr as component; drop patch amr * embed project mp3 as component; drop patch mpglib * update copyright info: + fix avoid bdimad files from embedded PJPROJECT when repackaging upstream source: not freely licensed + update coverage * unfuzz patches * integrated embedded project mp3 with build rules * add patches 2011 2012 to integrate module amr with asterisk; update build rules to integrate module amr code files * add patch 2013 to integrate mp3 module with asterisk; update build rules to integrate mp3 module * add/update DEP-3 patch headers * add patch 2014 to avoid non-free PJPROJECT audio device driver bdimad asterisk (1:16.23.0~dfsg+~2.10-1) unstable; urgency=medium . [ upstream ] * new release(s) . [ Jonas Smedegaard ] * update git-buildpackage config: + filter-out any .git* file + use DEP14 branch naming scheme + add usage comment * resolve PJPROJECT version from embedded source * update copyright info: update coverage * drop patches cherry-picked upstream now applied * update and unfuzz patches * fix relax autopkgtest: set allow-stderr * stop set obsolete menuselect option codec_opus_open_source asterisk (1:16.16.1~dfsg+~2.10-2) unstable; urgency=medium . * fix sysV init file to align with mariadb (not mysql); closes: bug#1003925, thanks to Roel van Meer * fix silently broken patch systemd; closes: bug#985314, thanks to Sergio Durigan Junior * unfuzz patches, with shortening quilt options * Trim trailing whitespace. * Use secure URI in Homepage field. * Update renamed lintian tag names in lintian overrides. * Drop transition for old debug package migration. * stop set CFLAGS=-fgnu89-inline, as GCC 5.x was supported upstream since late 2015 (see also bug#777782) * explicitly disable BUILD_NATIVE, and stop set CFLAGS and LDFLAGS in configure (only in make menuselect) * tighten bug closures in changelog, for slightly better readability and to avoid confusing lintian-brush * stop export build flags: they are passed as arguments * let dh_auto_config resolve core configure options * revive upstream optimization flags unless DEB_BUILD_OPTIONS=noopt * support DEB_BUILD_OPTIONS=terse * fix install file CHANGES as upstream changelog, and more detailed ChangeLog only with asterisk-doc * use debhelper compatibility level 13 (not 10); stop install duplicates in package asterisk-doc now that its install path coincide with package asterisk; build-depend on debhelper-compat (not debhelper) * adapt install routines and helper scripts to use multiarch paths; add NEWS entry about this change * fix install phoneprov XML files * explicitly list a few images, contrib scripts and sample website as not-installed * fix install a manpage (not corresponding script) into manpage directory * install main header file only below /usr/include (i.e. drop transitional symlinking done in 2008) * install most possible manpages from upstream-installed locations, to ease detecting missed install files * update copyright info: + use SPDX shortname Apache-2.0 + drop unused License section LGPL-2.1 + fix Files section for codecs/gsm, covering both left-truncating wildcard and an explicit file overriding right-truncating wildcard, to list it _after_ right-truncating wildcard Files sections * fix have asterisk pre-depend on misc:Pre-Depends, needed by systemd calls in maintainer scripts asterisk (1:16.16.1~dfsg+~2.10-1) unstable; urgency=medium . * update copyright info: + use Reference field (not License-Reference); tighten lintian overrides + fix add License fields GPL-2+ GPL-3+ + fix interpret unversioned GPL/LGPL to mean any version + add comment about ambiguous statement for file include/jitterbuf.h + normalize copyright holders lists + fix list all wildcard directories (i.e. right truncation) before wildcard files (i.e. left truncation) + normalize files lists + add coverage for my packaging contributions + update coverage + refine source repackaging hints: stop avoid files no longer included upstream exclude non-DFSG pjproject files + use more SPDX(ish) shortnames + sort License sections alphabetically + fix cover pjproject files; drop non-autoritative file debian/copyright.pjproject + update coverage + declare pjproject source URI * update watch file: + stop force repackaging; stop set compression + set dversionmangle=auto + set pgpmode=auto (and stop set pgpsigurlmangle) + tighten match pattern + update usage comment * embed pjproject: + define as component with git-buildpackage and uscan + build from embedded files + stop include manually prepared embedded tarball + drop obsolete patch autoreconf-pjproject * simplify source helper script copyright-check * drop file README.source from source: packaging no longer non-standard asterisk (1:16.16.1~dfsg-4) unstable; urgency=medium . [ Utkarsh Gupta ] * Set default systemd config to avoid console output to syslog. (Closes: #985314, #971090) asterisk (1:16.16.1~dfsg-3) unstable; urgency=medium . [ Bernhard Schmidt ] * Cherry-Pick app_mp3: Force output to 16 bits in mpg123. Thanks to Jens Bürger (Closes: #996402) . [ Athos Ribeiro ] * Fix missing build of the AMR codec, add autopkgtest (Closes: #986013) . [ Hugh McMaster ] * Cherry-pick an upstream patch to remove the AC_HEADER_STDC macro from configure.ac. The macro is obsolete and a no-op with autoconf 2.70 (Closes: #997136) asterisk (1:16.16.1~dfsg-2) unstable; urgency=high . * CVE-2021-32558 / AST-2021-008 (Closes: #991710) If the IAX2 channel driver receives a packet that contains an unsupported media format it can cause a crash to occur in Asterisk * CVE-2021-32686 / AST-2021-009 (Closes: #991931) pjproject/pjsip: crash when SSL socket destroyed during handshake awstats (7.8-2+deb11u1) bullseye; urgency=medium . * QA upload. * fix cross site scripting (CVE-2022-46391) (Closes: #1025410) barbican (1:11.0.0-3+deb11u1) bullseye-security; urgency=medium . * Add increase_DEFAULT_MAX_SECRET_BYTES.patch. * CVE-2022-3100: access policy bypass via query string injection. Added upstream patch: query_string_were_mistakenly_being_used_in_the_....patch (Closes: #1021139). base-files (11.1+deb11u6) bullseye; urgency=medium . * Change /etc/debian_version to 11.6, for Debian 11.6 point release. batik (1.12-4+deb11u1) bullseye-security; urgency=high . * Team upload. * Fix CVE-2022-41704 and CVE-2022-42890: It was discovered that Apache Batik, an SVG library for Java, allowed attackers to run arbitrary Java code by processing a malicious SVG file. bcel (6.5.0-1+deb11u1) bullseye-security; urgency=high . * Team upload. * Fix CVE-2022-34169: The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. In Debian the vulnerable code is in the bcel source package. (Closes: #1015860) bind9 (1:9.16.33-1~deb11u1) bullseye-security; urgency=high . * New upstream version 9.16.33 - CVE-2022-2795: Processing large delegations may severely degrade resolver performance - CVE-2022-2881: Buffer overread in statistics channel code - CVE-2022-2906: Memory leaks in code handling Diffie-Hellman key exchange via TKEY RRs (OpenSSL 3.0.0+ only) - CVE-2022-3080: BIND 9 resolvers configured to answer from stale cache with zero stale-answer-client-timeout may terminate unexpectedly - CVE-2022-38177: Memory leak in ECDSA DNSSEC verification code - CVE-2022-38178: Memory leaks in EdDSA DNSSEC verification code * Drop libldap2-dev from Build-Depends (Closes: #1008021) * Add runtime dependency on libuv1 >= 1.40.0 (Closes: #1009889) binfmt-support (2.2.1-1+deb11u1) bullseye; urgency=medium . * Run binfmt-support.service after systemd-binfmt.service (thanks, Michael Biebl; closes: #1012154, #1021822). cacti (1.2.16+ds1-2+deb11u1) bullseye-security; urgency=medium . * Add 7f0e16312dd5ce20f93744ef8b9c3b0f1ece2216.patch to fix CVE-2022-46169 (Closes: #1025648) * Add two patches to fix CVE-2022-0730 (Closes: #1008693) * Update configuration template for CVE-2022-46169 chromium (108.0.5359.94-1~deb11u1) bullseye-security; urgency=high . * New upstream security release. - CVE-2022-4262: Type Confusion in V8. Reported by Clement Lecigne of Google's Threat Analysis Group. chromium (108.0.5359.71-2) unstable; urgency=high . * Fix bullseye/mulodic.patch to actually work right on 32-bit platforms. Again. . [ Timothy Pearson ] * Regenerate libaom configuration for ppc64el chromium (108.0.5359.71-2~deb11u1) bullseye-security; urgency=high . * Fix bullseye/mulodic.patch to actually work right on 32-bit platforms. Again. . [ Timothy Pearson ] * Regenerate libaom configuration for ppc64el . chromium (108.0.5359.71-1) unstable; urgency=high . * New upstream stable release. - CVE-2022-4174: Type Confusion in V8. Reported by Zhenghang Xiao (@Kipreyyy). - CVE-2022-4175: Use after free in Camera Capture. Reported by Leecraso and Guang Gong of 360 Alpha Lab. - CVE-2022-4176: Out of bounds write in Lacros Graphics. Reported by @ginggilBesel. - CVE-2022-4177: Use after free in Extensions. Reported by Chaoyuan Peng (@ret2happy). - CVE-2022-4178: Use after free in Mojo. Reported by Sergei Glazunov of Google Project Zero. - CVE-2022-4179: Use after free in Audio. Reported by Sergei Glazunov of Google Project Zero. - CVE-2022-4180: Use after free in Mojo. Reported by Anonymous. - CVE-2022-4181: Use after free in Forms. Reported by Aviv A. - CVE-2022-4182: Inappropriate implementation in Fenced Frames. Reported by Peter Nemeth. - CVE-2022-4183: Insufficient policy enforcement in Popup Blocker. Reported by David Sievers. - CVE-2022-4184: Insufficient policy enforcement in Autofill. Reported by Ahmed ElMasry. - CVE-2022-4185: Inappropriate implementation in Navigation. Reported by James Lee (@Windowsrcer). - CVE-2022-4186: Insufficient validation of untrusted input in Downloads. Reported by Luan Herrera (@lbherrera_). - CVE-2022-4187: Insufficient policy enforcement in DevTools. Reported by Axel Chong. - CVE-2022-4188: Insufficient validation of untrusted input in CORS. Reported by Philipp Beer (TU Wien). - CVE-2022-4189: Insufficient policy enforcement in DevTools. Reported by NDevTK. - CVE-2022-4190: Insufficient data validation in Directory. Reported by Axel Chong. - CVE-2022-4191: Use after free in Sign-In. Reported by Jaehun Jeong(@n3sk) of Theori. - CVE-2022-4192: Use after free in Live Caption. Reported by Samet Bekmezci @sametbekmezci. - CVE-2022-4193: Insufficient policy enforcement in File System API. Reported by Axel Chong. - CVE-2022-4194: Use after free in Accessibility. Reported by Anonymous. - CVE-2022-4195: Insufficient policy enforcement in Safe Browsing. Reported by Eric Lawrence of Microsoft. * d/copyright: - drop multiple ninja executables from upstream tarball. - Stop deleting chrome/test/data/*, since it's all just empty directories except for one BUILD.gn that is required to build. * d/scripts/unbundle: build against the bundled absl_utility. * d/patches: - upstream/fix-missing-cmath.patch: drop, merged upstream. - fixes/angle-wayland.patch: drop, merged upstream. - fixes/fix-arm-vfpv3-d16-libaom.patch: drop, merged upstream. - disable/unrar.patch: refresh due to 7z support added. - ppc64le/workarounds/HACK-third_party-libvpx-use-generic-gnu.patch: refresh for loongarch update. - ppc64le/third_party/use-sysconf-page-size-on-ppc64.patch: drop half of patch as upstream removed duplicate code. - fixes/disable-cxx20.patch: switch clang complication back to the c++17 standard, as c++20 breaks linking. chromium (108.0.5359.71-1) unstable; urgency=high . * New upstream stable release. - CVE-2022-4174: Type Confusion in V8. Reported by Zhenghang Xiao (@Kipreyyy). - CVE-2022-4175: Use after free in Camera Capture. Reported by Leecraso and Guang Gong of 360 Alpha Lab. - CVE-2022-4176: Out of bounds write in Lacros Graphics. Reported by @ginggilBesel. - CVE-2022-4177: Use after free in Extensions. Reported by Chaoyuan Peng (@ret2happy). - CVE-2022-4178: Use after free in Mojo. Reported by Sergei Glazunov of Google Project Zero. - CVE-2022-4179: Use after free in Audio. Reported by Sergei Glazunov of Google Project Zero. - CVE-2022-4180: Use after free in Mojo. Reported by Anonymous. - CVE-2022-4181: Use after free in Forms. Reported by Aviv A. - CVE-2022-4182: Inappropriate implementation in Fenced Frames. Reported by Peter Nemeth. - CVE-2022-4183: Insufficient policy enforcement in Popup Blocker. Reported by David Sievers. - CVE-2022-4184: Insufficient policy enforcement in Autofill. Reported by Ahmed ElMasry. - CVE-2022-4185: Inappropriate implementation in Navigation. Reported by James Lee (@Windowsrcer). - CVE-2022-4186: Insufficient validation of untrusted input in Downloads. Reported by Luan Herrera (@lbherrera_). - CVE-2022-4187: Insufficient policy enforcement in DevTools. Reported by Axel Chong. - CVE-2022-4188: Insufficient validation of untrusted input in CORS. Reported by Philipp Beer (TU Wien). - CVE-2022-4189: Insufficient policy enforcement in DevTools. Reported by NDevTK. - CVE-2022-4190: Insufficient data validation in Directory. Reported by Axel Chong. - CVE-2022-4191: Use after free in Sign-In. Reported by Jaehun Jeong(@n3sk) of Theori. - CVE-2022-4192: Use after free in Live Caption. Reported by Samet Bekmezci @sametbekmezci. - CVE-2022-4193: Insufficient policy enforcement in File System API. Reported by Axel Chong. - CVE-2022-4194: Use after free in Accessibility. Reported by Anonymous. - CVE-2022-4195: Insufficient policy enforcement in Safe Browsing. Reported by Eric Lawrence of Microsoft. * d/copyright: - drop multiple ninja executables from upstream tarball. - Stop deleting chrome/test/data/*, since it's all just empty directories except for one BUILD.gn that is required to build. * d/scripts/unbundle: build against the bundled absl_utility. * d/patches: - upstream/fix-missing-cmath.patch: drop, merged upstream. - fixes/angle-wayland.patch: drop, merged upstream. - fixes/fix-arm-vfpv3-d16-libaom.patch: drop, merged upstream. - disable/unrar.patch: refresh due to 7z support added. - ppc64le/workarounds/HACK-third_party-libvpx-use-generic-gnu.patch: refresh for loongarch update. - ppc64le/third_party/use-sysconf-page-size-on-ppc64.patch: drop half of patch as upstream removed duplicate code. - fixes/disable-cxx20.patch: switch clang complication back to the c++17 standard, as c++20 breaks linking. chromium (107.0.5304.121-1) unstable; urgency=high . * New upstream security release. - CVE-2022-4135: Heap buffer overflow in GPU. Reported by Clement Lecigne of Google's Threat Analysis Group on 2022-11-22 chromium (107.0.5304.121-1~deb11u1) bullseye-security; urgency=high . * New upstream security release. - CVE-2022-4135: Heap buffer overflow in GPU. Reported by Clement Lecigne of Google's Threat Analysis Group on 2022-11-22 . chromium (107.0.5304.110-2) unstable; urgency=high . * Fix bullseye/mulodic.patch to actually work right. Sigh. chromium (107.0.5304.110-2) unstable; urgency=high . * Fix bullseye/mulodic.patch to actually work right. Sigh. chromium (107.0.5304.110-1) unstable; urgency=high . * New upstream security release. - CVE-2022-3885: Use after free in V8. Reported by gzobqq@. - CVE-2022-3886: Use after free in Speech Recognition. - CVE-2022-3887: Use after free in Web Workers. Reported by anonymous. - CVE-2022-3888: Use after free in WebCodecs. Reported by Peter Nemeth. - CVE-2022-3889: Type Confusion in V8. Reported by anonymous. - CVE-2022-3890: Heap buffer overflow in Crashpad. Reported by anonymous. * Clean up old crash dump files on launch (closes: #1015931). chromium (107.0.5304.110-1~deb11u1) bullseye-security; urgency=high . * New upstream security release. - CVE-2022-3885: Use after free in V8. Reported by gzobqq@. - CVE-2022-3886: Use after free in Speech Recognition. - CVE-2022-3887: Use after free in Web Workers. Reported by anonymous. - CVE-2022-3888: Use after free in WebCodecs. Reported by Peter Nemeth. - CVE-2022-3889: Type Confusion in V8. Reported by anonymous. - CVE-2022-3890: Heap buffer overflow in Crashpad. Reported by anonymous. * Clean up old crash dump files on launch (closes: #1015931). * debian/patches: - bullseye/mulodic.patch: (hopefully!) fix FTBFS on bullseye under i386 and armhf. chromium (107.0.5304.87-1) unstable; urgency=high . * New upstream security release. - CVE-2022-3723: Type Confusion in V8. Reported by Jan Vojtěšek, Milánek, and Przemek Gmerek of Avast. * Revert v4l2 enable for arm platforms until a build error is fixed. chromium (107.0.5304.87-1~deb11u1) bullseye-security; urgency=high . * New upstream security release. - CVE-2022-3723: Type Confusion in V8. Reported by Jan Vojtěšek, Milánek, and Przemek Gmerek of Avast. * Revert v4l2 enable for arm platforms until a build error is fixed. chromium (107.0.5304.68-1) unstable; urgency=high . * New upstream stable release. - CVE-2022-3652: Type Confusion in V8. Reported by srodulv and ZNMchtss at S.S.L Team. - CVE-2022-3653: Heap buffer overflow in Vulkan. Reported by SeongHwan Park (SeHwa). - CVE-2022-3654: Use after free in Layout. Reported by Sergei Glazunov of Google Project Zero. - CVE-2022-3655: Heap buffer overflow in Media Galleries. Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute. - CVE-2022-3656: Insufficient data validation in File System. Reported by Ron Masas, Imperva. - CVE-2022-3657: Use after free in Extensions. Reported by Omri Bushari, Talon Cyber Security. - CVE-2022-3658: Use after free in Feedback service on Chrome OS. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute. - CVE-2022-3659: Use after free in Accessibility. Reported by @ginggilBesel. - CVE-2022-3660: Inappropriate implementation in Full screen mode. Reported by Irvan Kurniawan (sourc7). - CVE-2022-3661: Insufficient data validation in Extensions. Reported by Young Min Kim (@ylemkimon), CompSec Lab at Seoul National University. * Disable building against QT5 (for now). https://groups.google.com/a/chromium.org/g/chromium-packagers/c/-2VGexQAK6w * debian/copyright: - delete third_party/dawn/tools/golang binaries. * debian/patches: - upstream/armhf-ftbfs.patch: drop, merged upstream. - upstream/fix-nullptr-qual.patch: drop, merged upstream. - disable/catapult.patch: delete add'l blink reference to catapult. - bullseye/clang13.patch: refresh for minor upstream changes. - ppc64le/workarounds/HACK-third_party-libvpx-use-generic-gnu.patch: refresh - disable/clang-version-check.patch: added to fix build failure. Needs to go upstream. - ppc64le/workarounds/HACK-debian-clang-disable-skia-musttail.patch: drop, upstream skia stopped using clang::musttail. - upstream/re-fix-tflite.patch: re-add a build fix that upstream lost. . [ Timothy Pearson ] * regenerate libaom configuration on ppc64el systems. chromium (107.0.5304.68-1~deb11u1) bullseye-security; urgency=high . * New upstream stable release. - CVE-2022-3652: Type Confusion in V8. Reported by srodulv and ZNMchtss at S.S.L Team. - CVE-2022-3653: Heap buffer overflow in Vulkan. Reported by SeongHwan Park (SeHwa). - CVE-2022-3654: Use after free in Layout. Reported by Sergei Glazunov of Google Project Zero. - CVE-2022-3655: Heap buffer overflow in Media Galleries. Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute. - CVE-2022-3656: Insufficient data validation in File System. Reported by Ron Masas, Imperva. - CVE-2022-3657: Use after free in Extensions. Reported by Omri Bushari, Talon Cyber Security. - CVE-2022-3658: Use after free in Feedback service on Chrome OS. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute. - CVE-2022-3659: Use after free in Accessibility. Reported by @ginggilBesel. - CVE-2022-3660: Inappropriate implementation in Full screen mode. Reported by Irvan Kurniawan (sourc7). - CVE-2022-3661: Insufficient data validation in Extensions. Reported by Young Min Kim (@ylemkimon), CompSec Lab at Seoul National University. * Disable building against QT5 (for now). https://groups.google.com/a/chromium.org/g/chromium-packagers/c/-2VGexQAK6w * debian/copyright: - delete third_party/dawn/tools/golang binaries. * debian/patches: - upstream/armhf-ftbfs.patch: drop, merged upstream. - upstream/fix-nullptr-qual.patch: drop, merged upstream. - disable/catapult.patch: delete add'l blink reference to catapult. - bullseye/clang13.patch: refresh for minor upstream changes. - ppc64le/workarounds/HACK-third_party-libvpx-use-generic-gnu.patch: refresh - disable/clang-version-check.patch: added to fix build failure. Needs to go upstream. - ppc64le/workarounds/HACK-debian-clang-disable-skia-musttail.patch: drop, upstream skia stopped using clang::musttail. - upstream/re-fix-tflite.patch: re-add a build fix that upstream lost. . [ Timothy Pearson ] * regenerate libaom configuration on ppc64el systems. chromium (106.0.5249.119-1) unstable; urgency=high . * New upstream security release. - CVE-2022-3445: Use after free in Skia. Reported by Nan Wang (@eternalsakura13) and Yong Liu of 360 Vulnerability Research Institute on 2022-09-16 - CVE-2022-3446: Heap buffer overflow in WebSQL. Reported by Kaijie Xu (@kaijieguigui) on 2022-09-26 - CVE-2022-3447: Inappropriate implementation in Custom Tabs. Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) on 2022-09-22 - CVE-2022-3448: Use after free in Permissions API. Reported by raven at KunLun lab on 2022-09-13 - CVE-2022-3449: Use after free in Safe Browsing. Reported by asnine on 2022-09-17 - CVE-2022-3450: Use after free in Peer Connection. Reported by Anonymous on 2022-09-30 chromium (106.0.5249.119-1~deb11u1) bullseye-security; urgency=high . * New upstream security release. - CVE-2022-3445: Use after free in Skia. Reported by Nan Wang (@eternalsakura13) and Yong Liu of 360 Vulnerability Research Institute on 2022-09-16 - CVE-2022-3446: Heap buffer overflow in WebSQL. Reported by Kaijie Xu (@kaijieguigui) on 2022-09-26 - CVE-2022-3447: Inappropriate implementation in Custom Tabs. Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) on 2022-09-22 - CVE-2022-3448: Use after free in Permissions API. Reported by raven at KunLun lab on 2022-09-13 - CVE-2022-3449: Use after free in Safe Browsing. Reported by asnine on 2022-09-17 - CVE-2022-3450: Use after free in Peer Connection. Reported by Anonymous on 2022-09-30 . chromium (106.0.5249.103-2) unstable; urgency=low . * Reduce baseline compatibility for ppc64el builds from POWER9 to POWER8. This matches the current Debian build farm. . chromium (106.0.5249.103-1) unstable; urgency=medium . * New upstream release. * Add ppc64el patches maintained by me, and enable builds for ppc64el (closes #1005083). chromium (106.0.5249.103-2) unstable; urgency=low . * Reduce baseline compatibility for ppc64el builds from POWER9 to POWER8. This matches the current Debian build farm. chromium (106.0.5249.103-1) unstable; urgency=medium . * New upstream release. * Add ppc64el patches maintained by me, and enable builds for ppc64el (closes #1005083). chromium (106.0.5249.91-1) unstable; urgency=high . * New upstream security release. - CVE-2022-3370: Use after free in Custom Elements. Reported by Aviv A. - CVE-2022-3373: Out of bounds write in V8. Reported by Tibor Klajnscek. chromium (106.0.5249.91-1~deb11u1) bullseye-security; urgency=high . * New upstream security release. - CVE-2022-3370: Use after free in Custom Elements. Reported by Aviv A. - CVE-2022-3373: Out of bounds write in V8. Reported by Tibor Klajnscek. chromium (106.0.5249.61-1) unstable; urgency=high . * New upstream stable release. - CVE-2022-3304: Use after free in CSS. Reported by Anonymous. - CVE-2022-3201: Insufficient validation of untrusted input in Developer Tools. Reported by NDevTK. - CVE-2022-3305: Use after free in Survey. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute. - CVE-2022-3306: Use after free in Survey. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute. - CVE-2022-3307: Use after free in Media. Reported by Anonymous Telecommunications Corp. Ltd. - CVE-2022-3308: Insufficient policy enforcement in Developer Tools. Reported by Andrea Cappa (zi0Black) @ Shielder. - CVE-2022-3309: Use after free in Assistant. Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab. - CVE-2022-3310: Insufficient policy enforcement in Custom Tabs. Reported by Ashwin Agrawal from Optus, Sydney. - CVE-2022-3311: Use after free in Import. Reported by Samet Bekmezci @sametbekmezci. - CVE-2022-3312: Insufficient validation of untrusted input in VPN. Reported by Andr.Ess. - CVE-2022-3313: Incorrect security UI in Full Screen. Reported by Irvan Kurniawan (sourc7). - CVE-2022-3314: Use after free in Logging. Reported by Anonymous. - CVE-2022-3315: Type confusion in Blink. Reported by Anonymous. - CVE-2022-3316: Insufficient validation of untrusted input in Safe Browsing. Reported by Sven Dysthe (@svn_dy). - CVE-2022-3317: Insufficient validation of untrusted input in Intents. Reported by Hafiizh. - CVE-2022-3318: Use after free in ChromeOS Notifications. Reported by GraVity0. * debian/patches: - disable/angle-perftests.patch: drop most of patch. build_angle_perftests=false is set in d/rules, so no need to patch it and its dependencies. - upstream/browser-finder.patch: drop, merged upstream. - upstream/disk-cache.patch: drop, merged upstream. - upstream/masklayer-geom.patch: drop, merged upstream. - fixes/tflite.patch: drop, merged upstream. - bullseye/clang13.patch: update for upstream switching from one unsupported clang warning flag to another. - disable/catapult.patch: refresh. - disable/installer.patch: drop, as there's no real need to delete chrome/install_static; there's no licensing issues and it's only actually built on windows. - upstream/fix-missing-cmath.patch: added from upstream to fix ftbfs. - upstream/fix-nullptr-qual.patch: added from upstream to fix ftbfs. - fixes/fix-arm-vfpv3-d16-libaom.patch: add to fix a problem that was currently papered over by disabling libaom on arm. This new patch (hopefully) allows libaom to be built for the armhf arch. - disable/libaom-arm.patch: drop now that we've fixed libaom on arm. - system/event.patch: remove some old unused bits that patch gn. * Stop deleting chrome/install_static in d/copyright, and also start deleting third party libraries that we began linking to in v105 as well as tools/gn. * Remove mgilbert as an uploader; thanks for all your work on chromium packaging! chromium (106.0.5249.61-1~deb11u1) bullseye-security; urgency=high . * New upstream stable release. - CVE-2022-3304: Use after free in CSS. Reported by Anonymous. - CVE-2022-3201: Insufficient validation of untrusted input in Developer Tools. Reported by NDevTK. - CVE-2022-3305: Use after free in Survey. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute. - CVE-2022-3306: Use after free in Survey. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute. - CVE-2022-3307: Use after free in Media. Reported by Anonymous Telecommunications Corp. Ltd. - CVE-2022-3308: Insufficient policy enforcement in Developer Tools. Reported by Andrea Cappa (zi0Black) @ Shielder. - CVE-2022-3309: Use after free in Assistant. Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab. - CVE-2022-3310: Insufficient policy enforcement in Custom Tabs. Reported by Ashwin Agrawal from Optus, Sydney. - CVE-2022-3311: Use after free in Import. Reported by Samet Bekmezci @sametbekmezci. - CVE-2022-3312: Insufficient validation of untrusted input in VPN. Reported by Andr.Ess. - CVE-2022-3313: Incorrect security UI in Full Screen. Reported by Irvan Kurniawan (sourc7). - CVE-2022-3314: Use after free in Logging. Reported by Anonymous. - CVE-2022-3315: Type confusion in Blink. Reported by Anonymous. - CVE-2022-3316: Insufficient validation of untrusted input in Safe Browsing. Reported by Sven Dysthe (@svn_dy). - CVE-2022-3317: Insufficient validation of untrusted input in Intents. Reported by Hafiizh. - CVE-2022-3318: Use after free in ChromeOS Notifications. Reported by GraVity0. * debian/patches: - disable/angle-perftests.patch: drop most of patch. build_angle_perftests=false is set in d/rules, so no need to patch it and its dependencies. - upstream/browser-finder.patch: drop, merged upstream. - upstream/disk-cache.patch: drop, merged upstream. - upstream/masklayer-geom.patch: drop, merged upstream. - fixes/tflite.patch: drop, merged upstream. - bullseye/clang13.patch: update for upstream switching from one unsupported clang warning flag to another. - disable/catapult.patch: refresh. - disable/installer.patch: drop, as there's no real need to delete chrome/install_static; there's no licensing issues and it's only actually built on windows. - upstream/fix-missing-cmath.patch: added from upstream to fix ftbfs. - upstream/fix-nullptr-qual.patch: added from upstream to fix ftbfs. - fixes/fix-arm-vfpv3-d16-libaom.patch: add to fix a problem that was currently papered over by disabling libaom on arm. This new patch (hopefully) allows libaom to be built for the armhf arch. - disable/libaom-arm.patch: drop now that we've fixed libaom on arm. - system/event.patch: remove some old unused bits that patch gn. * Stop deleting chrome/install_static in d/copyright, and also start deleting third party libraries that we began linking to in v105 as well as tools/gn. chromium (105.0.5195.125-1) unstable; urgency=high . * New upstream security release. - CVE-2022-3195: Out of bounds write in Storage. Reported by Ziling Chen and Nan Wang(@eternalsakura13) of 360 Vulnerability Research Institute. - CVE-2022-3196: Use after free in PDF. Reported by triplepwns. - CVE-2022-3197: Use after free in PDF. Reported by triplepwns. - CVE-2022-3198: Use after free in PDF. Reported by MerdroidSG. - CVE-2022-3199: Use after free in Frames. Reported by Anonymous. - CVE-2022-3200: Heap buffer overflow in Internals. Reported by Richard Lorenz, SAP. - CVE-2022-3201: Insufficient validation of untrusted input in DevTools. Reported by NDevTK chromium (105.0.5195.125-1~deb11u1) bullseye-security; urgency=high . * New upstream security release. - CVE-2022-3195: Out of bounds write in Storage. Reported by Ziling Chen and Nan Wang(@eternalsakura13) of 360 Vulnerability Research Institute. - CVE-2022-3196: Use after free in PDF. Reported by triplepwns. - CVE-2022-3197: Use after free in PDF. Reported by triplepwns. - CVE-2022-3198: Use after free in PDF. Reported by MerdroidSG. - CVE-2022-3199: Use after free in Frames. Reported by Anonymous. - CVE-2022-3200: Heap buffer overflow in Internals. Reported by Richard Lorenz, SAP. - CVE-2022-3201: Insufficient validation of untrusted input in DevTools. Reported by NDevTK chromium (105.0.5195.102-1) unstable; urgency=high . * New upstream security release. - CVE-2022-3075: Insufficient data validation in Mojo. * Update the cpu check to allow pni instead of sse3 (closes: #1018937). * Enable v4l2 for arm platforms. This also disables VA-API on arm64, so if that breaks things let me know. Thanks Eschenbacher.Stefan@Scheidt-Bachmann.de for the patch (#1011346). * debian/patches: - upstream/armhf-ftbfs.patch: fix FTBFS introduced with v105 on armhf. chromium (105.0.5195.102-1~deb11u1) bullseye-security; urgency=high . * New upstream security release. - CVE-2022-3075: Insufficient data validation in Mojo. * Update the cpu check to allow pni instead of sse3 (closes: #1018937). * debian/patches: - upstream/armhf-ftbfs.patch: fix FTBFS introduced with v105 on armhf. chromium (105.0.5195.52-1) unstable; urgency=high . * New upstream stable release. - CVE-2022-3038: Use after free in Network Service. Reported by Sergei Glazunov of Google Project Zero. - CVE-2022-3039: Use after free in WebSQL. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute. - CVE-2022-3040: Use after free in Layout. Reported by Anonymous. - CVE-2022-3041: Use after free in WebSQL. Reported by Ziling Chen and Nan Wang(@eternalsakura13) of 360 Vulnerability Research Institute. - CVE-2022-3042: Use after free in PhoneHub. Reported by koocola (@alo_cook) and Guang Gong of 360 Vulnerability Research Institute. - CVE-2022-3043: Heap buffer overflow in Screen Capture. Reported by @ginggilBesel. - CVE-2022-3044: Inappropriate implementation in Site Isolation. Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research - CVE-2022-3045: Insufficient validation of untrusted input in V8. Reported by Ben Noordhuis . - CVE-2022-3046: Use after free in Browser Tag. Reported by Rong Jian of VRI. - CVE-2022-3071: Use after free in Tab Strip. Reported by @ginggilBesel. - CVE-2022-3047: Insufficient policy enforcement in Extensions API. Reported by Maurice Dauer. - CVE-2022-3048: Inappropriate implementation in Chrome OS lockscreen. Reported by Andr.Ess. - CVE-2022-3049: Use after free in SplitScreen. Reported by @ginggilBesel. - CVE-2022-3050: Heap buffer overflow in WebUI. Reported by Zhihua Yao of KunLun Lab. - CVE-2022-3051: Heap buffer overflow in Exosphere. Reported by @ginggilBesel. - CVE-2022-3052: Heap buffer overflow in Window Manager. Reported by Khalil Zhani. - CVE-2022-3053: Inappropriate implementation in Pointer Lock. Reported by Jesper van den Ende (Pelican Party Studios). - CVE-2022-3054: Insufficient policy enforcement in DevTools. Reported by Kuilin Li. - CVE-2022-3055: Use after free in Passwords. Reported by Weipeng Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute. - CVE-2022-3056: Insufficient policy enforcement in Content Security Policy. Reported by Anonymous. - CVE-2022-3057: Inappropriate implementation in iframe Sandbox. Reported by Gareth Heyes. - CVE-2022-3058: Use after free in Sign-In Flow. Reported by raven at KunLun lab. * Drop workaround for lack of older clang's -ffile-prefix-map. This should make reproducible builds happy. * debian/copyright: - Update for new libevent location (moved out of base/). - libopenjpeg20 -> libopenjpeg * debian/patches: - debianization/support-i386.patch: refresh. - disable/catapult.patch: refresh. - disable/libaom-arm.patch: refresh. - system/event.patch: update for new libevent location. - system/openjpeg.patch: refresh. - bullseye/clang13.patch: drop part of patch dropped upstream. - upstream/disk-cache.patch: build fix pulled from upstream. - upstream/browser-finder.patch: build fix pulled from upstream. - upstream/masklayer-geom.patch: build fix pulled from upstream. - system/jsoncpp.patch: drop, merged upstream. - fixes/angle-wayland: build fix due to mismatched wayland headers on sid. Only needed until angle updates its copy of wayland. - disable/welcome-page.patch: drop. Upstream fixed the original issue some time ago, and this new version finally cleaned up the workaround. - fixes/connection-message.patch: drop it. I looked at sending this upstream, but the original extension doesn't exist any more, and chromium properly prints an error if a proxy is unreachable. If you can still reproduce the issue (described in http://bugs.debian.org/864539), let me know so I can get it fixed upstream. * debian/scripts/unbundle: upstream tripled the number of (previously vendored) libraries that we can use system versions of. However, the majority of them are either not in bullseye or are too old, so we'll have to wait to use the debian versions for the ones not newly added as build-deps. * Disable optimize_webui, due to a build failure using nodejs from bullseye. I'll reenable this when it either gets fixed or we're done with bullseye security support. * Remove sse3-support dependency and just refuse to run if SSE3 is not present. Breaking via preinst script isn't appropriate for packages that might be installed by default (eg, by Debian Edu). * debian/control: add build-deps for brotli, libdouble-conversion-dev, libwoff-dev, and libxnvctrl-dev (closes: #987292). * Rework default search engine stuff. People did not like the "Your browser is managed" and "Your administrator can change your browser setup remotely" messages, which are admittedly alarming. Instead of using /etc/chromium/policies/recommended/duckduckgo.json, delete that and use /etc/chromium/master_preferences instead. chromium (105.0.5195.52-1~deb11u1) bullseye-security; urgency=high . * New upstream stable release. - CVE-2022-3038: Use after free in Network Service. Reported by Sergei Glazunov of Google Project Zero. - CVE-2022-3039: Use after free in WebSQL. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute. - CVE-2022-3040: Use after free in Layout. Reported by Anonymous. - CVE-2022-3041: Use after free in WebSQL. Reported by Ziling Chen and Nan Wang(@eternalsakura13) of 360 Vulnerability Research Institute. - CVE-2022-3042: Use after free in PhoneHub. Reported by koocola (@alo_cook) and Guang Gong of 360 Vulnerability Research Institute. - CVE-2022-3043: Heap buffer overflow in Screen Capture. Reported by @ginggilBesel. - CVE-2022-3044: Inappropriate implementation in Site Isolation. Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research - CVE-2022-3045: Insufficient validation of untrusted input in V8. Reported by Ben Noordhuis . - CVE-2022-3046: Use after free in Browser Tag. Reported by Rong Jian of VRI. - CVE-2022-3071: Use after free in Tab Strip. Reported by @ginggilBesel. - CVE-2022-3047: Insufficient policy enforcement in Extensions API. Reported by Maurice Dauer. - CVE-2022-3048: Inappropriate implementation in Chrome OS lockscreen. Reported by Andr.Ess. - CVE-2022-3049: Use after free in SplitScreen. Reported by @ginggilBesel. - CVE-2022-3050: Heap buffer overflow in WebUI. Reported by Zhihua Yao of KunLun Lab. - CVE-2022-3051: Heap buffer overflow in Exosphere. Reported by @ginggilBesel. - CVE-2022-3052: Heap buffer overflow in Window Manager. Reported by Khalil Zhani. - CVE-2022-3053: Inappropriate implementation in Pointer Lock. Reported by Jesper van den Ende (Pelican Party Studios). - CVE-2022-3054: Insufficient policy enforcement in DevTools. Reported by Kuilin Li. - CVE-2022-3055: Use after free in Passwords. Reported by Weipeng Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute. - CVE-2022-3056: Insufficient policy enforcement in Content Security Policy. Reported by Anonymous. - CVE-2022-3057: Inappropriate implementation in iframe Sandbox. Reported by Gareth Heyes. - CVE-2022-3058: Use after free in Sign-In Flow. Reported by raven at KunLun lab. * Drop workaround for lack of older clang's -ffile-prefix-map. This should make reproducible builds happy. * debian/copyright: - Update for new libevent location (moved out of base/). - libopenjpeg20 -> libopenjpeg * debian/patches: - debianization/support-i386.patch: refresh. - disable/catapult.patch: refresh. - disable/libaom-arm.patch: refresh. - system/event.patch: update for new libevent location. - system/openjpeg.patch: refresh. - bullseye/clang13.patch: drop part of patch dropped upstream. - upstream/disk-cache.patch: build fix pulled from upstream. - upstream/browser-finder.patch: build fix pulled from upstream. - upstream/masklayer-geom.patch: build fix pulled from upstream. - system/jsoncpp.patch: drop, merged upstream. - fixes/angle-wayland: build fix due to mismatched wayland headers on sid. Only needed until angle updates its copy of wayland. - disable/welcome-page.patch: drop. Upstream fixed the original issue some time ago, and this new version finally cleaned up the workaround. - fixes/connection-message.patch: drop it. I looked at sending this upstream, but the original extension doesn't exist any more, and chromium properly prints an error if a proxy is unreachable. If you can still reproduce the issue (described in http://bugs.debian.org/864539), let me know so I can get it fixed upstream. * debian/scripts/unbundle: upstream tripled the number of (previously vendored) libraries that we can use system versions of. However, the majority of them are either not in bullseye or are too old, so we'll have to wait to use the debian versions for the ones not newly added as build-deps. * Disable optimize_webui, due to a build failure using nodejs from bullseye. I'll reenable this when it either gets fixed or we're done with bullseye security support. * Remove sse3-support dependency and just refuse to run if SSE3 is not present. Breaking via preinst script isn't appropriate for packages that might be installed by default (eg, by Debian Edu). * debian/control: add build-deps for brotli, libdouble-conversion-dev, libwoff-dev, and libxnvctrl-dev (closes: #987292). * Rework default search engine stuff. People did not like the "Your browser is managed" and "Your administrator can change your browser setup remotely" messages, which are admittedly alarming. Instead of using /etc/chromium/policies/recommended/duckduckgo.json, delete that and use /etc/chromium/master_preferences instead. chromium (104.0.5112.101-1) unstable; urgency=high . * New upstream security release. - CVE-2022-2852: Use after free in FedCM. Reported by Sergei Glazunov of Google Project Zero - CVE-2022-2854: Use after free in SwiftShader. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. - CVE-2022-2855: Use after free in ANGLE. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. - CVE-2022-2857: Use after free in Blink. Reported by Anonymous - CVE-2022-2858: Use after free in Sign-In Flow. Reported by raven at KunLun lab - CVE-2022-2853: Heap buffer overflow in Downloads. Reported by Sergei Glazunov of Google Project Zero - CVE-2022-2856: Insufficient validation of untrusted input in Intents Reported by Ashley Shen and Christian Resell of Google Threat Analysis Group - CVE-2022-2859: Use after free in Chrome OS Shell. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab - CVE-2022-2860: Insufficient policy enforcement in Cookies. Reported by Axel Chong - CVE-2022-2861: Inappropriate implementation in Extensions API. Reported by Rong Jian of VRI * Change default search engine to DuckDuckGo for privacy reasons. Set a different search engine under Settings -> Search Engine (closes: #956012). * Drop a bunch of versioned build-deps that have been satisfied since at least oldoldstable. * debian/NEWS.Debian: - Document upstream dropping support for older TLSv1 and TLSv1.1 protocols (closes: #1005808). - Document upstream dropping support for older x86 CPUs without SSE3 instruction support (closes: #1010407). - Document the Google to DuckDuckGo change. - Document upstream's config renaming of AuthServerWhitelist to AuthServerAllowlist (closes: #1013268). chromium (104.0.5112.101-1~deb11u1) bullseye-security; urgency=high . * New upstream security release. - CVE-2022-2852: Use after free in FedCM. Reported by Sergei Glazunov of Google Project Zero - CVE-2022-2854: Use after free in SwiftShader. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. - CVE-2022-2855: Use after free in ANGLE. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. - CVE-2022-2857: Use after free in Blink. Reported by Anonymous - CVE-2022-2858: Use after free in Sign-In Flow. Reported by raven at KunLun lab - CVE-2022-2853: Heap buffer overflow in Downloads. Reported by Sergei Glazunov of Google Project Zero - CVE-2022-2856: Insufficient validation of untrusted input in Intents Reported by Ashley Shen and Christian Resell of Google Threat Analysis Group - CVE-2022-2859: Use after free in Chrome OS Shell. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab - CVE-2022-2860: Insufficient policy enforcement in Cookies. Reported by Axel Chong - CVE-2022-2861: Inappropriate implementation in Extensions API. Reported by Rong Jian of VRI * Change default search engine to DuckDuckGo for privacy reasons. Set a different search engine under Settings -> Search Engine (closes: #956012). * Drop a bunch of versioned build-deps that have been satisfied since at least oldoldstable. * debian/NEWS.Debian: - Document upstream dropping support for older TLSv1 and TLSv1.1 protocols (closes: #1005808). - Document upstream dropping support for older x86 CPUs without SSE3 instruction support (closes: #1010407). - Document the Google to DuckDuckGo change. - Document upstream's config renaming of AuthServerWhitelist to AuthServerAllowlist (closes: #1013268). chromium (104.0.5112.79-1) unstable; urgency=high . * New upstream stable release. - CVE-2022-2603: Use after free in Omnibox. Reported by Anonymous - CVE-2022-2604: Use after free in Safe Browsing. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab - CVE-2022-2605: Out of bounds read in Dawn. Reported by Looben Yang - CVE-2022-2606: Use after free in Managed devices API. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab - CVE-2022-2607: Use after free in Tab Strip. Reported by @ginggilBesel - CVE-2022-2608: Use after free in Overview Mode. Reported by Khalil Zhani - CVE-2022-2609: Use after free in Nearby Share. Reported by koocola (@alo_cook) and Guang Gong of 360 Vulnerability Research Institute - CVE-2022-2610: Insufficient policy enforcement in Background Fetch. Reported by Maurice Dauer - CVE-2022-2611: Inappropriate implementation in Fullscreen API. Reported by Irvan Kurniawan (sourc7) - CVE-2022-2612: Side-channel information leakage in Keyboard input. Reported by Erik Kraft (erik.kraft5@gmx.at), Martin Schwarzl (martin.schwarzl@iaik.tugraz.at) - CVE-2022-2613: Use after free in Input. Reported by Piotr Tworek (Vewd) - CVE-2022-2614: Use after free in Sign-In Flow. Reported by raven at KunLun lab - CVE-2022-2615: Insufficient policy enforcement in Cookies. Reported by Maurice Dauer - CVE-2022-2616: Inappropriate implementation in Extensions API. Reported by Alesandro Ortiz - CVE-2022-2617: Use after free in Extensions API. Reported by @ginggilBesel - CVE-2022-2618: Insufficient validation of untrusted input in Internals. Reported by asnine - CVE-2022-2619: Insufficient validation of untrusted input in Settings. Reported by Oliver Dunk - CVE-2022-2620: Use after free in WebUI. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab - CVE-2022-2621: Use after free in Extensions. Reported by Huyna at Viettel Cyber Security - CVE-2022-2622: Insufficient validation of untrusted input in Safe Browsing. Reported by Imre Rad (@ImreRad) and @j00sean - CVE-2022-2623: Use after free in Offline. Reported by raven at KunLun lab - CVE-2022-2624: Heap buffer overflow in PDF. Reported by YU-CHANG CHEN and CHIH-YEN CHANG, working with DEVCORE Internship Program * debian/patches: - bullseye/nomerge.patch: drop, was only needed for clang-11. - bullseye/clang11.patch: drop clang-11 bits, rename to clang13.patch. - bullseye/blink-constexpr.patch: drop, only needed for clang-11. - bullseye/byteswap-constexpr2.patch: drop, only needed for clang-11. - disable/angle-perftests.patch: refresh - disable/catapult.patch: refresh & drop some no longer needed bits. - fixes/tflite.patch: fix a build error. * debian/copyright: - upstream dropped perfetto/ui/src/gen/. clickhouse (18.16.1+ds-7.2+deb11u1) bullseye; urgency=medium . * Non-maintainer upload by the Security Team. * Add Salsa CI config for bullseye. * Fix CVE-2021-42387, CVE-2021-42388, CVE-2021-43304, CVE-2021-43305 (Closes: #1008216) commons-configuration2 (2.8.0-1~deb11u1) bullseye-security; urgency=high . * Team upload. * Backport version 2.8.0 from Bullseye. * Fix CVE-2022-33980: Apache Commons Configuration performs variable interpolation, allowing properties to be dynamically evaluated and expanded. Starting with version 2.4 and continuing through 2.7, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - "script" - execute expressions using the JVM script execution engine (javax.script) - "dns" - resolve dns records - "url" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. (Closes: #1014960) connman (1.36-2.2+deb11u1) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. * dnsproxy: Simplify udp_server_event() * dnsproxy: Validate input data before using them (CVE-2022-23096, CVE-2022-23097) (Closes: #1004935) * dnsproxy: Avoid 100 % busy loop in TCP server case (CVE-2022-23098) (Closes: #1004935) * dnsproxy: Keep timeout in TCP case even after connection is established (CVE-2022-23098) (Closes: #1004935) * gweb: Fix OOB write in received_data() (CVE-2022-32292) (Closes: #1016976) * wispr: Add reference counter to portal context (CVE-2022-32293) (Closes: #1016976) * wispr: Update portal context references (CVE-2022-32293) (Closes: #1016976) containerd (1.4.13~ds1-1~deb11u3) bullseye; urgency=medium . * CVE-2022-23471: CRI plugin: Fix goroutine leak during Exec core-async-clojure (1.3.610-5+deb11u1) bullseye; urgency=medium . * Team upload. * Skip test assertions which hang in single-cpu env (Closes: #1013662). core-async-clojure (1.3.610-5) unstable; urgency=medium . * Team upload. . [ Louis-Philippe Véronneau ] * d/control: New email for the Clojure Team. * d/*.classpath: fix typo * d/tests: revamp autopkgtests to be actually useful. * d/control: Standards-Version update to 4.6.1. No changes. dbus (1.12.24-0+deb11u1) bullseye-security; urgency=medium . * New upstream stable release 1.12.22 - No longer logs warnings about /proc/self/oom_score_adj with systemd >= 250 (Closes: #1004543) - Improve reproducibility of documentation - Fix a race condition in test/integration/transient-services.sh which affects the autopkgtest (Closes: #1005889) - Fixes for some non-Debian platforms * New upstream stable release 1.12.24 - Fix several denial of service issues where an authenticated attacker can crash the system bus by sending crafted messages (CVE-2022-42010, CVE-2022-42011, CVE-2022-42012) - Use a path-based Unix socket for the session bus, avoiding sandbox escape for Flatpak apps with network access (dbus#416) - Don't crash if asked to watch more than 128 directories for changes - Fix error reporting for a rare out-of-memory condition - Fixes for non-Debian mingw-w64 builds * d/gbp.conf, d/control: Switch branch for bullseye dbus (1.12.22-1) unstable; urgency=medium . * New upstream bug fix release - No longer logs warnings about /proc/self/oom_score_adj with systemd >= 250 (Closes: #1004543) - Improve reproducibility of documentation * Drop patch for #1005889, included upstream dbus (1.12.20-4) unstable; urgency=medium . * Use debhelper 13 instead of dh-exec where possible. We still need to use dh-exec to filter files that are only installed on Linux systems, but we no longer need it for ${DEB_HOST_MULTIARCH} substitution. * d/control: Build-depend on valgrind-if-available. Thanks to Adam Borowski * Add a patch to ensure the dbus-daemon is running for an integration test. Hopefully closes: #1005889 * Update Lintian overrides syntax dbus (1.12.20-3) unstable; urgency=medium . [ Luca Boccassi ] * Split tools and configs into -bin and -common packages. User creation also moves to dbus-common. This is useful for other D-Bus implementations like dbus-broker. . [ Simon McVittie ] * Split dbus-common into -session-bus-common and -system-bus-common. This allows us to install the integration files for session services without having to create the messagebus user or run a system bus, which is useful for CI environments that will run session-service-dependent unit tests in a container where a system bus is not necessary or desired, particularly in situations where creating new uids can be problematic such as unprivileged containers. * dbus: Provide a default-dbus-system-bus virtual package. This allows us to signal what the default implementation of dbus-system-bus is, even when other implementations like dbus-broker also provide the dbus-system-bus virtual package. * Move dbus-daemon, dbus-run-session and creation of /var/lib/dbus/machine-id to a new dbus-daemon package. This decouples the system integration for the well-known system bus (still in the dbus package) from the dbus-daemon. This means that packages that merely want to run a dbus-daemon in a small container or chroot (for example to run integration tests or provide a minimal session bus environment) do not need to pull in adduser, an init system, or the setuid helper used to implement traditional activation. dbus remains Priority: standard, because the majority of systems benefit from having a working D-Bus system bus (in particular to communicate with logind). * d/watch: Watch for any archive extension. Upstream releases switched from tar.gz to tar.xz for the 1.13.x branch. * Silence more Lintian tags for D-Bus vs. dbus in package descriptions. We're careful to say D-Bus when we mean the protocol, and dbus when we mean the reference implementation of the protocol. * d/tests/gnome-desktop-testing: Use set -u so we'll fail on references to unset environment variables * Update Lintian overrides for dbus-tests * Standards-Version: 4.6.0 (no changes required) * d/rules, d/dbus.prerm, d/dbus.postinst: Never restart dbus-daemon. Since debhelper 13.4, there appears to be no way to stop debhelper from restarting services, other than telling it not to start our service and taking responsibility for doing so ourselves. (Workaround for #994204) * d/dbus.postinst: Remove compatibility code for Debian 8 to 9 upgrades * All maintainer scripts: Respect $DPKG_ROOT * d/dbus.maintscript: Remove cleanup of old conffiles. This has been unnecessary since Debian 10 and Ubuntu 18.04. * Don't /etc/dbus-1/s*.conf.dpkg-bak in bus configuration. This was part of the Debian 8 to Debian 9 upgrade path. dcfldd (1.7-3+deb11u1) bullseye; urgency=medium . * debian/patches/010_fix-sha1-big-endian.patch: created to fix SHA1 output on big-endian architectures. dcfldd SHA1 implementation relies on the WORDS_BIGENDIAN defined on big-endian platforms to operate correctly, but it was not defined anywhere, causing wrong results. . Autoconf's AC_C_BIGENDIAN macro defines WORDS_BIGENDIAN when building on those platforms, fixing the issue. . dcfldd SHA1 implementation can perform endianness runtime checks if RUNTIME_ENDIAN is defined. This patch also makes runtime checking the default when configuring the build. . Closes: #1021784 debian-installer (20210731+deb11u7) bullseye; urgency=medium . * Rebuild against linux 5.10.158-2. debian-installer (20210731+deb11u6) bullseye; urgency=medium . * Bump Linux kernel ABI to 5.10.0-20. debian-installer-netboot-images (20210731+deb11u7.b1) bullseye; urgency=medium . * Update to 20210731+deb11u7+b1, from bullseye-proposed-updates. debian-installer-netboot-images (20210731+deb11u6) bullseye; urgency=medium . * Update to 20210731+deb11u6, from bullseye-proposed-updates. debmirror (1:2.35+deb11u1) bullseye; urgency=medium . * Add non-free-firmware to the default sections. distro-info-data (0.51+deb11u3) bullseye; urgency=medium . * Update data to 0.55: - Update Debian ELTS dates to ~10 years of support (Closes: #1014837) - Correct release date of Debian 8 (jessie) to 2015-04-26 - Add dates for Ubuntu 23.04, Lunar Lobster (LP: #1993667) dojo (1.15.4+dfsg1-1+deb11u1) bullseye; urgency=medium . * Team upload * Fix prototype pollution (Closes: #1014785, CVE-2021-23450) dovecot-fts-xapian (1.4.9a-1+deb11u1) bullseye; urgency=medium . * Non-maintainer upload. * Generate dependency on dovecot ABI in use during build. Technique stolen from dovecot-antispam packaging. Thanks to Ron Lee (Closes: #1009794) e17 (0.24.2-8+deb11u1) bullseye-security; urgency=medium . * d/gbp.conf: set debian branch to debian/bullseye * d/p/0005-enlightenment_sys-fix-security-hole-CVE-2022-37706.patch: cherry-pick fix for CVE-2022-37706 efitools (1.9.2-2~deb11u1) bullseye; urgency=medium . * Non-maintainer upload. * Rebuild for bullseye. . efitools (1.9.2-2) unstable; urgency=medium . [ Steve McIntyre ] * Fix occasional FTBFS due to incorrect dependency. Closes: #1010996. Thanks to Adrian Bunk for the patch! . * Team upload evolution (3.38.3-1+deb11u1) bullseye; urgency=medium . * Add a patch from upstream to move Google Contacts addressbooks to CalDAV, as the Google Contacts API has been turned off (Closes: #1004917) evolution-data-server (3.38.3-1+deb11u2) bullseye; urgency=medium . * Cherry-pick patch to make compatible with Gmail OAuth changes (Closes: #1025729) . evolution-data-server (3.38.3-1+deb11u1) bullseye; urgency=medium . * Add patches from upstream to move Google Contacts addressbooks to CalDAV since the Google Contacts API has been turned off (Closes: #997824) evolution-data-server (3.38.3-1+deb11u1) bullseye; urgency=medium . * Add patches from upstream to move Google Contacts addressbooks to CalDAV since the Google Contacts API has been turned off (Closes: #9978240 evolution-ews (3.38.3-1+deb11u1) bullseye; urgency=medium . * Non-maintainer upload. * Backport from upstream: - Fix retrieval of user certificates of contacts (Closes: #1021531, #1021651) expat (2.2.10-2+deb11u5) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. * lib: Fix overeager DTD destruction in XML_ExternalEntityParserCreate (CVE-2022-43680) (Closes: #1022743) * tests: Cover overeager DTD destruction in XML_ExternalEntityParserCreate expat (2.2.10-2+deb11u4) bullseye-security; urgency=high . * Backport security fix for CVE-2022-40674: heap use-after-free issue in doContent() (closes: #1019761). ffmpeg (7:4.3.5-0+deb11u1) bullseye-security; urgency=medium . * New upstream release 4.3.5 * debian/patches: Remove patches integrated upstream fish (3.1.2-3+deb11u1) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. * Prevent certain git commands that may invoke certain external programs in fish_git_prompt (CVE-2022-20001) freecad (0.19.1+dfsg1-2+deb11u1) bullseye-security; urgency=medium . * Non-maintainer upload by the Security Team. * CVE-2021-45844 and CVE-2021-45845: - Fix two external command execution issues in Python scripts that are vunlnerbale to OS command injection when crafted input file is applied g810-led (0.4.2-1+deb11u1) bullseye; urgency=medium . * Control device access with uaccess instead of making everything world-writable. Thanks to Xavi Drudis Ferran for the report! Closes:#1024998. (CVE-2022-46338.) gdal (3.2.2+dfsg-2+deb11u2) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (CVE-2021-45943). gdk-pixbuf (2.42.2+dfsg-1+deb11u1) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. * gif: Check for overflow when compositing or clearing frames (CVE-2021-46829) * Add an assertion that checks for maximum LZW code size * Fix the check for maximum value of LZW initial code size (CVE-2021-44648) (Closes: #1014600) * Replace GIF in testcase which was broken in the LZW code size, not the values of the pixels glibc (2.31-13+deb11u5) bullseye; urgency=medium . * debian/patches/local-require-bmi-in-avx2-ifunc.diff: new patch extracted from an upstream commit, to change the AVX2 ifunc selector to require the BMI2 feature. It happened that the wmemchr and wcslen changes backported in 2.31-13+deb11u4 relied on that commit which got forgotten. Closes: #1019855. golang-github-go-chef-chef (0.0.1+git20161023.60.deb8c38-1.2~deb11u1) bullseye; urgency=medium . * Non-maintainer upload. * Rebuild for bullseye. . golang-github-go-chef-chef (0.0.1+git20161023.60.deb8c38-1.2) unstable; urgency=medium . * Non-maintainer upload. * Add upstream fix for intermittent test failures. (Closes: #848055) graphicsmagick (1.4+really1.3.36+hg16481-2+deb11u1) bullseye-security; urgency=medium . * CVE-2022-1270 grub-efi-amd64-signed (1+2.06+3~deb11u5) bullseye; urgency=high . * Update to grub2 2.06-3~deb11u5 grub-efi-amd64-signed (1+2.06+3~deb11u4) bullseye-security; urgency=high . * Update to grub2 2.06-3~deb11u4 grub-efi-amd64-signed (1+2.06+3~deb11u2) bullseye; urgency=high . * Update to grub2 2.06-3~deb11u2 grub-efi-arm64-signed (1+2.06+3~deb11u5) bullseye; urgency=high . * Update to grub2 2.06-3~deb11u5 grub-efi-arm64-signed (1+2.06+3~deb11u4) bullseye-security; urgency=high . * Update to grub2 2.06-3~deb11u4 grub-efi-arm64-signed (1+2.06+3~deb11u2) bullseye; urgency=high . * Update to grub2 2.06-3~deb11u2 grub-efi-ia32-signed (1+2.06+3~deb11u5) bullseye; urgency=high . * Update to grub2 2.06-3~deb11u5 grub-efi-ia32-signed (1+2.06+3~deb11u4) bullseye-security; urgency=high . * Update to grub2 2.06-3~deb11u4 grub-efi-ia32-signed (1+2.06+3~deb11u2) bullseye; urgency=high . * Update to grub2 2.06-3~deb11u2 grub2 (2.06-3~deb11u5) bullseye; urgency=high . [ Steve McIntyre ] * Include fonts in the memdisk build for EFI images. * Bump Debian SBAT level to 4 - Due to a mistake in the buster upload (2.06-3~deb10u2) that left the CVE-2022-2601 bugs in place, we need to bump SBAT for all of the Debian GRUB binaries. :-( * Fix bug in core file code so errors are handled better. This makes the above font-handling patch work! grub2 (2.06-3~deb11u4) bullseye-security; urgency=high . [ Steve McIntyre ] * Pull in upstream patches to harden font and image handling - CVE-2022-2601, CVE-2022-3775. * Bump SBAT level to 3 for grub-efi packages. grub2 (2.06-3~deb11u2) bullseye; urgency=high . [ Steve McIntyre ] * Don't strip Xen binaries so they work again. Closes: #1017944. Thanks to Valentin Kleibel for the patch. heimdal (7.7.0+dfsg-2+deb11u2) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. * lib/krb5: fix _krb5_get_int64 on 32-bit systems * lib/krb5: krb5_pac_parse mem leak if pac_header_size failure * kdc: Check generate_pac() return code heimdal (7.7.0+dfsg-2+deb11u1) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. * kdc: validate sname in TGS-REQ (CVE-2021-3671) (Closes: #996586) * Address GCC Bug 95189 memcmp wrongly stripped like strcmp * Fix compiler warnings and build issues * spnego: send_reject when no mech selected (CVE-2021-44758) * asn1: Invalid free in ASN.1 codec (CVE-2022-44640) * gsskrb5: Use constant-time memcmp() for arcfour unwrap (CVE-2022-3437) * gsskrb5: Use constant-time memcmp() in unwrap_des3() (CVE-2022-3437) * gsskrb5: Don't pass NULL pointers to memcpy() in DES unwrap (CVE-2022-3437) * gsskrb5: Avoid undefined behaviour in _gssapi_verify_pad() (CVE-2022-3437) * gsskrb5: Check the result of _gsskrb5_get_mech() (CVE-2022-3437) * gsskrb5: Check buffer length against overflow for DES{,3} unwrap (CVE-2022-3437) * gsskrb5: Check for overflow in _gsskrb5_get_mech() (CVE-2022-3437) * gsskrb5: Pass correct length to _gssapi_verify_pad() (CVE-2022-3437) * krb5: PAC parse integer overflows (CVE-2022-42898) * lib/wind: find_normalize read past end of array hydrapaper (2.0.2-1+deb11u1) bullseye; urgency=medium . * debian/comtrol: - Added python3-pil to Depends: field (Closes: #1010697). isc-dhcp (4.4.1-2.3+deb11u1) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. * An option refcount overflow exists in dhcpd (CVE-2022-2928) * DHCP memory leak (CVE-2022-2929) isoquery (3.2.4-1+deb11u1) bullseye; urgency=medium . * Non-maintainer upload. * Add upstream fix for test to match French translation change in iso-codes. (Closes: #991653) jackson-databind (2.12.1-1+deb11u1) bullseye-security; urgency=high . * Team upload. * Fix CVE-2022-42003: In FasterXML jackson-databind resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. * Fix CVE-2022-42004: In FasterXML jackson-databind resource exhaustion can occur because of a lack of a check in BeanDeserializerBase.deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization. * Fix CVE-2020-36518: Java StackOverflow exception and denial of service via a large depth of nested objects. jhead (1:3.04-6+deb11u1) bullseye-security; urgency=medium . * New maintainer. * Add patch fix_cve_2021_34055 to fix CVE-2021-34055 (Closes: #1024272). * Add patch fix_cve_2022_41751 to fix CVE-2022-41751 (Closes: #1022028, #1023303). jtreg6 (6.1+2-1~deb11u1) bullseye; urgency=medium . * Rebuild for bullseye, needed for latest OpenJDK 11.x release jtreg6 (6+1-2) unstable; urgency=medium . * Bump standards version. jtreg6 (6+1-1) unstable; urgency=medium . * Team upload. * New upstream version, packaged as separate source and binary. OpenJDK 17 and 18 now require jtreg 6. OpenJDK 11 still needs jtreg 5.x. * Add myself as uploader. * Bump standards version. krb5 (1.18.3-6+deb11u3) bullseye-security; urgency=high . * Integer overflows in PAC parsing; potentially critical for 32-bit KDCs or when cross-realm acts maliciously; DOS in other conditions; CVE-2022-42898, Closes: #1024267 lava (2020.12-5+deb11u1) bullseye-security; urgency=high . * Fix remote code execution [CVE-2022-42902] (Closes: #1021737) * Add patch to fix building the package for -security lemonldap-ng (2.0.11+ds-4+deb11u2) bullseye; urgency=medium . * Add patch to improve session destroy propagation (Closes: CVE-2022-37186) leptonlib (1.79.0-1.1+deb11u1) bullseye; urgency=medium . * Non-maintainer upload by the LTS Team. * Fix CVE-2022-38266 libapache2-mod-auth-mellon (0.17.0-1+deb11u1) bullseye; urgency=medium . * Upload to fix security issue: - Open redirect in logout endpoint (CVE-2021-3639) libbluray (1:1.2.1-4+deb11u2) bullseye; urgency=medium . * debian/patches: Apply upstream fix for Oracle Java CPU from April 2022 (Closes: #1011716) libconfuse (3.3-2+deb11u1) bullseye; urgency=medium . * Add debian/patches/CVE-2022-40320.patch from upstream to fix a heap-based buffer over-read in cfg_tilde_expand (CVE-2022-40320). Closes: #1019596. libdatetime-timezone-perl (1:2.47-1+2022g) bullseye; urgency=medium . * Update data to Olson database version 2022g. This update contains contemporary changes for Mexico and Greenland. . libdatetime-timezone-perl (1:2.47-1+2022f) bullseye; urgency=medium . * Update to Olson database version 2022f. This update includes contemporary changes for Fiji and Mexico. . libdatetime-timezone-perl (1:2.47-1+2022e) bullseye; urgency=medium . * Update to Olson database version 2022e. This update includes contemporary changes for Jordan and Syria. . libdatetime-timezone-perl (1:2.47-1+2022d) bullseye; urgency=medium . * Update to Olson database version 2022d. This update includes contemporary changes for Palestine. libdatetime-timezone-perl (1:2.47-1+2022f) bullseye; urgency=medium . * Update to Olson database version 2022f. This update includes contemporary changes for Fiji and Mexico. . libdatetime-timezone-perl (1:2.47-1+2022e) bullseye; urgency=medium . * Update to Olson database version 2022e. This update includes contemporary changes for Jordan and Syria. . libdatetime-timezone-perl (1:2.47-1+2022d) bullseye; urgency=medium . * Update to Olson database version 2022d. This update includes contemporary changes for Palestine. libdatetime-timezone-perl (1:2.47-1+2022e) bullseye; urgency=medium . * Update to Olson database version 2022e. This update includes contemporary changes for Jordan and Syria. . libdatetime-timezone-perl (1:2.47-1+2022d) bullseye; urgency=medium . * Update to Olson database version 2022d. This update includes contemporary changes for Palestine. libdatetime-timezone-perl (1:2.47-1+2022d) bullseye; urgency=medium . * Update to Olson database version 2022d. This update includes contemporary changes for Palestine. libgoogle-gson-java (2.8.6-1+deb11u1) bullseye-security; urgency=high . * Team upload. * CVE-2022-25647: A flaw was found in gson, which is vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes. This issue may lead to denial of service attacks. libksba (1.5.0-3+deb11u1) bullseye-security; urgency=high . * 20_Detect-a-possible-overflow-directly-in-the-TLV-parse.patch from upstream 1.6.2 release fixing a integer overflow. CVE-2022-3515 Closes: #1021928 libreoffice (1:7.0.4-4+deb11u4) bullseye-security; urgency=high . * debian/patches/ZDI-CAN-17859.diff: fix ZDI-CAN-17859/CVE-2022-3140 libreoffice (1:7.0.4-4+deb11u4~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. . * debian/source/include-binaries: - include tarballs/libmwaw-0.3.16.tar.xz - include tarballs/mdds-1.6.0.tar.bz2 - include tarballs/liborcus-0.16.1.tar.bz2 - include tarballs/xmlsec1-1.2.30.tar.gz - include tarballs/libnumbertext-1.0.6.tar.xz * debian/rules: - revert clang (>= 1:11) build-dep for buster-backports; doesn't exist in buster and we resort back to gcc . libreoffice (1:7.0.4-4+deb11u4) bullseye-security; urgency=high . * debian/patches/ZDI-CAN-17859.diff: fix ZDI-CAN-17859/CVE-2022-3140 libtasn1-6 (4.16.0-2+deb11u1) bullseye; urgency=medium . * Fix ETYPE_OK out of bounds read. CVE-2021-46848 10_Fix-ETYPE_OK-off-by-one-array-size-check.-Closes-32.patch libvncserver (0.9.13+dfsg-2+deb11u1) bullseye; urgency=medium . [ Mike Gabriel ] * debian/patches: + Trivially rebase patches 0001 and 0002. + Add 0003-rfb-increase-update-buf-size.patch. Allow larger screen sizes. (Closes: #1010449). . [ Thorsten Alteholz ] + CVE-2020-29260: Add CVE-2020-29260.patch. Resolve memory leak in function rfbClientCleanup(). (Closes: #1019228). libxml2 (2.9.10+dfsg-6.7+deb11u3) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix integer overflows with XML_PARSE_HUGE (CVE-2022-40303) (Closes: #1022224) * Fix dict corruption caused by entity reference cycles (CVE-2022-40304) (Closes: #1022225) lighttpd (1.4.59-1+deb11u2) bullseye-security; urgency=medium . * Fix CVE-2022-37797 * Fix CVE-2022-41556 remote resource exhaustion linux (5.10.158-2) bullseye; urgency=medium . * xen/netback: fix build warning linux (5.10.158-1) bullseye; urgency=medium . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.150 - ALSA: oss: Fix potential deadlock at unregistration - ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free() - ALSA: usb-audio: Fix potential memory leaks - ALSA: usb-audio: Fix NULL dererence at error path - ALSA: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530 - ALSA: hda/realtek: Correct pin configs for ASUS G533Z - ALSA: hda/realtek: Add quirk for ASUS GV601R laptop - ALSA: hda/realtek: Add Intel Reference SSID to support headset keys - cifs: destage dirty pages before re-reading them for cache=none - cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message - iio: dac: ad5593r: Fix i2c read protocol requirements - iio: ltc2497: Fix reading conversion results - iio: adc: ad7923: fix channel readings for some variants - iio: pressure: dps310: Refactor startup procedure - iio: pressure: dps310: Reset chip after timeout - usb: add quirks for Lenovo OneLink+ Dock - can: kvaser_usb: Fix use of uninitialized completion - can: kvaser_usb_leaf: Fix overread with an invalid command - can: kvaser_usb_leaf: Fix TX queue out of sync after restart - can: kvaser_usb_leaf: Fix CAN state after restart - fs: dlm: fix race between test_bit() and queue_work() - fs: dlm: handle -EBUSY first in lock arg validation - HID: multitouch: Add memory barriers - quota: Check next/prev free block number after reading from quota file - [arm64,armhf] platform/chrome: cros_ec_proto: Update version on GET_NEXT_EVENT failure - [arm64] regulator: qcom_rpm: Fix circular deferral regression - nvme-pci: set min_align_mask before calculating max_hw_sectors - drm/virtio: Check whether transferred 2D BO is shmem - drm/udl: Restore display mode on resume - block: fix inflight statistics of part0 - mm/mmap: undo ->mmap() when arch_validate_flags() fails - PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge - [x86] powercap: intel_rapl: Use standard Energy Unit for SPR Dram RAPL domain - scsi: qedf: Populate sysfs attributes for vport - fbdev: smscufx: Fix use-after-free in ufx_ops_open() (CVE-2022-41849) - btrfs: fix race between quota enable and quota rescan ioctl - f2fs: increase the limit for reserve_root - f2fs: fix to do sanity check on destination blkaddr during recovery - f2fs: fix to do sanity check on summary info - jbd2: wake up journal waiters in FIFO order, not LIFO - jbd2: fix potential buffer head reference count leak - jbd2: fix potential use-after-free in jbd2_fc_wait_bufs - jbd2: add miss release buffer head in fc_do_one_pass() - ext4: avoid crash when inline data creation follows DIO write - ext4: fix null-ptr-deref in ext4_write_info - ext4: make ext4_lazyinit_thread freezable - ext4: don't increase iversion counter for ea_inodes - ext4: ext4_read_bh_lock() should submit IO if the buffer isn't uptodate - ext4: place buffer head allocation before handle start - ext4: fix miss release buffer head in ext4_fc_write_inode - ext4: fix potential memory leak in ext4_fc_record_modified_inode() - ext4: fix potential memory leak in ext4_fc_record_regions() - ext4: update 'state->fc_regions_size' after successful memory allocation - [amd64] livepatch: fix race between fork and KLP transition - ftrace: Properly unset FTRACE_HASH_FL_MOD - ring-buffer: Allow splice to read previous partially read pages - ring-buffer: Have the shortest_full queue be the shortest not longest - ring-buffer: Check pending waiters when doing wake ups as well - ring-buffer: Add ring_buffer_wake_waiters() - ring-buffer: Fix race between reset page and reading page - tracing: Disable interrupt or preemption before acquiring arch_spinlock_t - [x86] thunderbolt: Explicitly enable lane adapter hotplug events at startup - efi: libstub: drop pointless get_memory_map() call - [arm64,armhf] media: cedrus: Set the platform driver data earlier - [x86] KVM: x86/emulator: Fix handing of POP SS to correctly set interruptibility - [x86] KVM: nVMX: Unconditionally purge queued/injected events on nested "exit" - [x86] KVM: VMX: Drop bits 31:16 when shoving exception error code into VMCS - drm/nouveau/kms/nv140-: Disable interlacing - drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table() - [x86] drm/i915: Fix watermark calculations for gen12+ RC CCS modifier - [x86] drm/i915: Fix watermark calculations for gen12+ MC CCS modifier - smb3: must initialize two ACL struct fields to zero - selinux: use "grep -E" instead of "egrep" - userfaultfd: open userfaultfds with O_RDONLY - [armel,armhf] 9244/1: dump: Fix wrong pg_level in walk_pmd() - [armel,armhf] 9247/1: mm: set readonly for MT_MEMORY_RO with ARM_LPAE - objtool: Preserve special st_shndx indexes in elf_update_symbol - nfsd: Fix a memory leak in an error handling path - wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state() - wifi: mac80211: allow bw change during channel switch in mesh - bpftool: Fix a wrong type cast in btf_dumper_int - [x86] resctrl: Fix to restore to original value when re-enabling hardware prefetch register - Bluetooth: btusb: Fine-tune mt7663 mechanism. - Bluetooth: btusb: fix excessive stack usage - Bluetooth: btusb: mediatek: fix WMT failure during runtime suspend - wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse() - [arm64] spi: qup: add missing clk_disable_unprepare on error in spi_qup_resume() - [arm64] spi: qup: add missing clk_disable_unprepare on error in spi_qup_pm_resume_runtime() - wifi: rtl8xxxu: Fix skb misuse in TX queue selection - [arm64,armhf] spi: meson-spicc: do not rely on busy flag in pow2 clk ops - bpf: btf: fix truncated last_member_type_id in btf_struct_resolve - wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration - wifi: rtl8xxxu: Remove copy-paste leftover in gen2_update_rate_mask - bpf: Ensure correct locking around vulnerable function find_vpid() - Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() failure - wifi: ath11k: fix number of VHT beamformee spatial streams - [x86] microcode/AMD: Track patch allocation size explicitly - [x86] cpu: Include the header of init_ia32_feat_ctl()'s prototype - Bluetooth: hci_core: Fix not handling link timeouts propertly - netfilter: nft_fib: Fix for rpath check with VRF devices - wifi: rtl8xxxu: Fix AIFS written to REG_EDCA_*_PARAM - vhost/vsock: Use kvmalloc/kvfree for larger packets. - mISDN: fix use-after-free bugs in l1oip timer handlers (CVE-2022-3565) - sctp: handle the error returned from sctp_auth_asoc_init_active_key - tcp: fix tcp_cwnd_validate() to not forget is_cwnd_limited - spi: Ensure that sg_table won't be used after being freed - net: rds: don't hold sock lock when cancelling work from rds_tcp_reset_callbacks() - bnx2x: fix potential memory leak in bnx2x_tpa_stop() (CVE-2022-3542) - net/ieee802154: reject zero-sized raw_sendmsg() - once: add DO_ONCE_SLOW() for sleepable contexts - [arm64,armhf] net: mvpp2: fix mvpp2 debugfs leak (CVE-2022-3535) - [arm64] drm: bridge: adv7511: fix CEC power down control register offset - drm/bridge: Avoid uninitialized variable warning - drm/mipi-dsi: Detach devices when removing the host - drm/dp_mst: fix drm_dp_dpcd_read return value checks - [x86] platform/chrome: fix double-free in chromeos_laptop_prepare() - [arm64] platform/chrome: fix memory corruption in ioctl - [x86] platform/x86: msi-laptop: Fix old-ec check for backlight registering - [x86] platform/x86: msi-laptop: Fix resource cleanup - ALSA: hda: beep: Simplify keep-power-at-enable behavior - [armhf] drm/omap: dss: Fix refcount leak bugs - [armhf] ASoC: eureka-tlv320: Hold reference returned from of_find_xxx API - [arm64] drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx - [arm64] drm/msm/dp: correct 1.62G link rate at dp_catalog_ctrl_config_msa() - ASoC: da7219: Fix an error handling path in da7219_register_dai_clks() - [arm*] ALSA: dmaengine: increment buffer pointer atomically - [armhf] mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe() - ALSA: hda/hdmi: Don't skip notification handling during PM operation - [armel,armhf] memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe() - [armhf] memory: of: Fix refcount leak bug in of_get_ddr_timings() - [armhf] memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings() - [armhf] dts: turris-omnia: Fix mpp26 pin name and comment - [arm64] ftrace: fix module PLTs with mcount - [armhf] dts: exynos: fix polarity of VBUS GPIO of Origen - iio: inkern: only release the device node when done with it - iio: ABI: Fix wrong format of differential capacitance channel ABI. - usb: ch9: Add USB 3.2 SSP attributes - usb: common: Parse for USB SSP genXxY - usb: common: add function to get interval expressed in us unit - usb: common: move function's kerneldoc next to its definition - usb: common: debug: Check non-standard control requests - [arm64,armhf] clk: meson: Hold reference returned by of_get_parent() - [arm64] clk: qoriq: Hold reference returned by of_get_parent() - [arm64] clk: tegra: Fix refcount leak in tegra210_clock_init - [arm64] clk: tegra: Fix refcount leak in tegra114_clock_init - [armhf] HSI: omap_ssi: Fix refcount leak in ssi_probe - [armhf] HSI: omap_ssi_port: Fix dma_map_sg error check - [arm64] tty: xilinx_uartps: Fix the ignore_status - RDMA/rxe: Fix "kernel NULL pointer dereference" error - RDMA/rxe: Fix the error caused by qp->sk - ata: fix ata_id_sense_reporting_enabled() and ata_id_has_sense_reporting() - ata: fix ata_id_has_devslp() - ata: fix ata_id_has_ncq_autosense() - ata: fix ata_id_has_dipm() - md: Replace snprintf with scnprintf - md/raid5: Ensure stripe_fill happens on non-read IO with journal - RDMA/cm: Use SLID in the work completion as the DLID in responder side - IB: Set IOVA/LENGTH on IB_MR in core/uverbs layers - xhci: Don't show warning for reinit on known broken suspend - usb: gadget: function: fix dangling pnp_string in f_printer.c - drivers: serial: jsm: fix some leaks in probe - serial: 8250: Add an empty line and remove some useless {} - serial: 8250: Toggle IER bits on only after irq has been set up - [arm64] tty: serial: fsl_lpuart: disable dma rx/tx use flags in lpuart_dma_shutdown - [arm64] phy: qualcomm: call clk_disable_unprepare in the error handling - serial: 8250: Fix restoring termios speed after suspend - scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() - scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername() - [armhf] fsi: core: Check error number after calling ida_simple_get - [x86] mfd: intel_soc_pmic: Fix an error handling path in intel_soc_pmic_i2c_probe() - [mips*] mfd: sm501: Add check for platform_driver_register() - [amd64] dmaengine: ioat: stop mod_timer from resurrecting deleted timer in __cleanup() - [arm64] spmi: pmic-arb: correct duplicate APID to PPID mapping logic - [arm*] clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration - [armhf] clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe - [armhf] clk: ast2600: BCLK comes from EPLL - [powerpc*] pci_dn: Add missing of_node_put() - [powerpc*] powernv: add missing of_node_put() in opal_export_attrs() - [x86] hyperv: Fix 'struct hv_enlightened_vmcs' definition - [powerpc*] 64s: Fix GENERIC_CPU build flags for PPC970 / G5 - [armhf] hwrng: imx-rngc - Moving IRQ handler registering after imx_rngc_irq_mask_clear() - cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset - crypto: akcipher - default implementation for setting a private key - [x86] crypto: ccp - Release dma channels before dmaengine unrgister - [arm64] crypto: inside-secure - Change swab to swab32 - [x86] crypto: qat - fix use of 'dma_map_single' - [x86] crypto: qat - use pre-allocated buffers in datapath - [x86] crypto: qat - fix DMA transfer direction - tracing: kprobe: Fix kprobe event gen test module on exit - tracing: kprobe: Make gen test module work in arm and riscv - [arm64] crypto: cavium - prevent integer overflow loading firmware - [arm64] thermal/drivers/qcom/tsens-v0_1: Fix MSM8939 fourth sensor hw_id - ACPI: APEI: do not add task_work to kernel thread to avoid memory leak - f2fs: fix race condition on setting FI_NO_EXTENT flag - f2fs: fix to avoid REQ_TIME and CP_TIME collision - f2fs: fix to account FS_CP_DATA_IO correctly - rcu: Back off upon fill_page_cache_func() allocation failure - rcu-tasks: Convert RCU_LOCKDEP_WARN() to WARN_ONCE() - [x86] ACPI: video: Add Toshiba Satellite/Portege Z830 quirk - [x86] powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue - [x86] thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash - NFSD: Return nfserr_serverfault if splice_ok but buf->pages have data - NFSD: fix use-after-free on source server when doing inter-server copy - wifi: brcmfmac: fix invalid address access when enabling SCAN log level - bpftool: Clear errno after libcap's checks - openvswitch: Fix double reporting of drops in dropwatch - openvswitch: Fix overreporting of drops in dropwatch - tcp: annotate data-race around tcp_md5sig_pool_populated - wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg() - xfrm: Update ipcomp_scratches with NULL when freed - wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() - regulator: core: Prevent integer underflow - Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create() - Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times - can: bcm: check the result of can_send() in bcm_can_tx() - wifi: rt2x00: don't run Rt5592 IQ calibration on MT7620 - wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620 - wifi: rt2x00: set VGC gain for both chains of MT7620 - wifi: rt2x00: set SoC wmac clock register - wifi: rt2x00: correctly set BBP register 86 for MT7620 - net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory - Bluetooth: L2CAP: Fix user-after-free - r8152: Rate limit overflow messages (CVE-2022-3594) - drm/nouveau/nouveau_bo: fix potential memory leak in nouveau_bo_alloc() - drm: Use size_t type for len variable in drm_copy_field() - drm: Prevent drm_copy_field() to attempt copying a NULL pointer - drm/amd/display: fix overflow on MIN_I64 definition - [arm64,armhf] drm: bridge: dw_hdmi: only trigger hotplug event on link change - [arm*] drm/vc4: vec: Fix timings for VEC modes - drm: panel-orientation-quirks: Add quirk for Anbernic Win600 - [arm64,armhf] platform/chrome: cros_ec: Notify the PM of wake events during resume - [x86] platform/x86: msi-laptop: Change DMI match / alias strings to fix module autoloading - [x86] ASoC: SOF: pci: Change DMI match info to support all Chrome platforms - drm/amdgpu: fix initial connector audio value - [arm64] drm/meson: explicitly remove aggregate driver at module unload time - [arm64] mmc: sdhci-msm: add compatible string check for sdm670 - drm/dp: Don't rewrite link config when setting phy test pattern - drm/amd/display: Remove interface for periodic interrupt 1 - btrfs: scrub: try to fix super block errors - [arm64] clk: zynqmp: Fix stack-out-of-bounds in strncpy` - media: cx88: Fix a null-ptr-deref bug in buffer_prepare() - [arm64] clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate - usb: host: xhci-plat: suspend and resume clocks - usb: host: xhci-plat: suspend/resume clks for brcm - scsi: 3w-9xxx: Avoid disabling device if failing to enable it - nbd: Fix hung when signal interrupts nbd_start_device_ioctl() - blk-throttle: prevent overflow while calculating wait time - ata: libahci_platform: Sanity check the DT child nodes number - bcache: fix set_at_max_writeback_rate() for multiple attached devices - soundwire: cadence: Don't overwrite msg->buf during write commands - soundwire: intel: fix error handling on dai registration issues - HID: roccat: Fix use-after-free in roccat_read() (CVE-2022-41850) - md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d - usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info() - [arm64,armhf] usb: musb: Fix musb_gadget.c rxstate overflow bug - Revert "usb: storage: Add quirk for Samsung Fit flash" - staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv() - nvme: copy firmware_rev on each init - nvmet-tcp: add bounds check on Transfer Tag - usb: idmouse: fix an uninit-value in idmouse_open - [arm*] clk: bcm2835: Make peripheral PLLC critical - [arm64] topology: fix possible overflow in amu_fie_setup() - io_uring: correct pinned_vm accounting - mm: hugetlb: fix UAF in hugetlb_handle_userfault - net: ieee802154: return -EINVAL for unknown addr type - Revert "net/ieee802154: reject zero-sized raw_sendmsg()" - net/ieee802154: don't warn zero-sized raw_sendmsg() - Revert "drm/amdgpu: use dirty framebuffer helper" (Closes: #1022806) - ext4: continue to expand file system when the target size doesn't reach - inet: fully convert sk->sk_rx_dst to RCU rules - [x86] thermal: intel_powerclamp: Use first online CPU as control_cpu - f2fs: fix wrong condition to trigger background checkpoint correctly https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.151 - bpf: Generate BTF_KIND_FLOAT when linking vmlinux - kbuild: Quote OBJCOPY var to avoid a pahole call break the build - kbuild: skip per-CPU BTF generation for pahole v1.18-v1.21 - kbuild: Unify options for BTF generation for vmlinux and modules - kbuild: Add skip_encoding_btf_enum64 option to pahole https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.152 - ocfs2: clear dinode links count in case of error - ocfs2: fix BUG when iput after ocfs2_mknod fails - selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context() - [x86] microcode/AMD: Apply the patch early on every logical thread - [x86] hwmon/coretemp: Handle large core ID value - [armhf] ata: ahci-imx: Fix MODULE_ALIAS - ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS - kvm: Add support for arch compat vm ioctls - [arm64] KVM: arm64: vgic: Fix exit condition in scan_its_table() - media: mceusb: set timeout to at least timeout provided - [arm64] media: venus: dec: Handle the case where find_format fails - block: wbt: Remove unnecessary invoking of wbt_update_limits in wbt_init - blk-wbt: call rq_qos_add() after wb_normal is initialized - [arm64] errata: Remove AES hwcap for COMPAT tasks - r8152: add PID for the Lenovo OneLink+ Dock - btrfs: fix processing of delayed data refs during backref walking - btrfs: fix processing of delayed tree block refs during backref walking - ACPI: extlog: Handle multiple records - tipc: Fix recognition of trial period - tipc: fix an information leak in tipc_topsrv_kern_subscr - i40e: Fix DMA mappings leak - HID: magicmouse: Do not set BTN_MOUSE on double report - sfc: Change VF mac via PF as first preference if available. - net/atm: fix proc_mpc_write incorrect return value - net: phy: dp83867: Extend RX strap quirk for SGMII mode - cifs: Fix xid leak in cifs_copy_file_range() - cifs: Fix xid leak in cifs_flock() - cifs: Fix xid leak in cifs_ses_add_channel() - nvme-hwmon: rework to avoid devm allocation - nvme-hwmon: Return error code when registration fails - nvme-hwmon: consistently ignore errors from nvme_hwmon_init - nvme-hwmon: kmalloc the NVME SMART log buffer - net: sched: cake: fix null pointer access issue when cake_init() fails - net: sched: delete duplicate cleanup of backlog and qlen - net: sched: sfb: fix null pointer access issue when sfb_init() fails - sfc: include vport_id in filter spec hash and equal() - [arm64] net: hns: fix possible memory leak in hnae_ae_register() - net: sched: fix race condition in qdisc_graft() - net: phy: dp83822: disable MDI crossover status change interrupt - [amd64] iommu/vt-d: Allow NVS regions in arch_rmrr_sanity_check() - [amd64] iommu/vt-d: Clean up si_domain in the init_dmars() error path - drm/virtio: Use appropriate atomic state in virtio_gpu_plane_cleanup_fb() - [armhf] dmaengine: mxs-dma: Remove the unused .id_table - [armhf] dmaengine: mxs: use platform_driver_register - tracing: Simplify conditional compilation code in tracing_set_tracer() - tracing: Do not free snapshot if tracer is on cmdline - xen: assume XENFEAT_gnttab_map_avail_bits being set for pv guests - xen/gntdev: Accommodate VMA splitting - [arm64,armhf] mmc: sdhci-tegra: Use actual clock rate for SW tuning correction - fcntl: make F_GETOWN(EX) return 0 on dead owner task - fcntl: fix potential deadlocks for &fown_struct.lock - [arm64] topology: move store_cpu_topology() to shared code - [x86] hv_netvsc: Fix race between VF offering and VF association message from host - ACPI: video: Force backlight native for more TongFang devices - mmc: core: Add SD card quirk for broken discard - blk-wbt: fix that 'rwb->wc' is always set to 1 in wbt_init() - mm: /proc/pid/smaps_rollup: fix no vma's null-deref - udp: Update reuse->has_conns under reuseport_lock. https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.153 - can: j1939: transport: j1939_session_skb_drop_old(): spin_unlock_irqrestore() before kfree_skb() - can: kvaser_usb: Fix possible completions during init_completion - ALSA: Use del_timer_sync() before freeing timer - ALSA: au88x0: use explicitly signed char - ALSA: rme9652: use explicitly signed char - USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM - [arm64,armhf] usb: dwc3: gadget: Stop processing more requests on IMI - [arm64,armhf] usb: dwc3: gadget: Don't set IMI for no_interrupt - usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96 controller - [armhf] mtd: rawnand: marvell: Use correct logic for nand-keep-config - xhci: Add quirk to reset host back to default state at shutdown - xhci: Remove device endpoints from bandwidth list when freeing the device - iio: light: tsl2583: Fix module unloading - iio: temperature: ltc2983: allocate iio channels once - fbdev: smscufx: Fix several use-after-free bugs - fs/binfmt_elf: Fix memory leak in load_elf_binary() - exec: Copy oldsighand->action under spin-lock - mac802154: Fix LQI recording - scsi: qla2xxx: Use transport-defined speed mask for supported_speeds - [arm64] drm/msm/dsi: fix memory corruption with too many bridges - [arm64] drm/msm/hdmi: fix memory corruption with too many bridges - [arm64] drm/msm/dp: fix IRQ lifetime - mmc: core: Fix kernel panic when remove non-standard SDIO card - kernfs: fix use-after-free in __kernfs_remove - [s390x] futex: add missing EX_TABLE entry to __futex_atomic_op() - [s390x] pci: add missing EX_TABLE entries to __pcistg_mio_inuser()/__pcilg_mio_inuser() - Xen/gntdev: don't ignore kernel unmapping error - xen/gntdev: Prevent leaking grants - mm/memory: add non-anonymous page check in the copy_present_page() - mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages - net: ieee802154: fix error return code in dgram_bind() - media: v4l2: Fix v4l2_i2c_subdev_set_name function documentation - [arm64] drm/msm: Fix return type of mdp4_lvds_connector_mode_valid - [arm64] ASoC: qcom: lpass-cpu: mark HDMI TX registers as volatile - [arm64] ASoC: qcom: lpass-cpu: Mark HDMI TX parity register as volatile - ALSA: ac97: fix possible memory leak in snd_ac97_dev_register() - [x86] perf/x86/intel/lbr: Use setup_clear_cpu_cap() instead of clear_cpu_cap() - tipc: fix a null-ptr-deref in tipc_topsrv_accept - [arm64] net: netsec: fix error handling in netsec_register_mdio() - net: hinic: fix incorrect assignment issue in hinic_set_interrupt_cfg() - net: hinic: fix memory leak when reading function table - net: hinic: fix the issue of CMDQ memory leaks - net: hinic: fix the issue of double release MBOX callback of VF - [x86] unwind/orc: Fix unreliable stack dump with gcov - [amd64,arm64] amd-xgbe: fix the SFP compliance codes check for DAC cables - [amd64,arm64] amd-xgbe: add the bit rate quirk for Molex cables - [amd64,arm64] atlantic: fix deadlock at aq_nic_stop - net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed - tcp: minor optimization in tcp_add_backlog() - tcp: fix a signed-integer-overflow bug in tcp_add_backlog() - tcp: fix indefinite deferral of RTO with SACK reneging - can: mcp251x: mcp251x_can_probe(): add missing unregister_candev() in error path - PM: hibernate: Allow hybrid sleep to work with s2idle - media: vivid: s_fbuf: add more sanity checks - media: vivid: dev->bitmap_cap wasn't freed in all cases - media: v4l2-dv-timings: add sanity checks for blanking values - media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced' - media: vivid: set num_in/outputs to 0 if not supported - ipv6: ensure sane device mtu in tunnels - i40e: Fix ethtool rx-flow-hash setting for X722 - i40e: Fix VF hang when reset is triggered on another VF - i40e: Fix flow-type by setting GL_HASH_INSET registers - net: ksz884x: fix missing pci_disable_device() on error in pcidev_init() - PM: domains: Fix handling of unavailable/disabled idle states - [arm64,armhf] net: fec: limit register access on i.MX6UL - openvswitch: switch from WARN to pr_warn - nh: fix scope used to find saddr when adding non gw nh - net/mlx5e: Do not increment ESN when updating IPsec ESN state - net/mlx5: Fix possible use-after-free in async command interface - net/mlx5: Fix crash during sync firmware reset - [arm64] net: enetc: survive memory pressure without crashing - [arm64] Add AMPERE1 to the Spectre-BHB affected list - scsi: sd: Revert "scsi: sd: Remove a local variable" - [arm64] mm: Fix __enable_mmu() for new TGRAN range values - [arm64] kexec: Test page size support with new TGRAN range values - serial: core: move RS485 configuration tasks from drivers into core - serial: Deassert Transmit Enable on probe in driver-specific way https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.154 - serial: 8250: Let drivers request full 16550A feature probing - [x86] KVM: nVMX: Pull KVM L0's desired controls directly from vmcs01 - [x86] KVM: nVMX: Don't propagate vmcs12's PERF_GLOBAL_CTRL settings to vmcs02 - [x86] KVM: x86: Trace re-injected exceptions - [x86] KVM: x86: Treat #DBs from the emulator as fault-like (code and DR7.GD=1) - [x86] topology: Set cpu_die_id only if DIE_TYPE found - [x86] topology: Fix multiple packages shown on a single-package system - [x86] topology: Fix duplicated core ID within a package - [x86] KVM: x86: Protect the unused bits in MSR exiting flags - [x86] KVM: x86: Copy filter arg outside kvm_vm_ioctl_set_msr_filter() - [x86] KVM: x86: Add compat handler for KVM_X86_SET_MSR_FILTER - RDMA/cma: Use output interface for net_dev check - [amd64] IB/hfi1: Correctly move list in sc_disable() - NFSv4: Fix a potential state reclaim deadlock - NFSv4.1: Handle RECLAIM_COMPLETE trunking errors - NFSv4.1: We must always send RECLAIM_COMPLETE after a reboot - nfs4: Fix kmemleak when allocate slot failed - RDMA/core: Fix null-ptr-deref in ib_core_cleanup() - RDMA/qedr: clean up work queue on failure in qedr_alloc_resources() - [arm64,armhf] net: fec: fix improper use of NETDEV_TX_BUSY - [i386] ata: pata_legacy: fix pdc20230_set_piomode() - net: sched: Fix use after free in red_enqueue() - net: tun: fix bugs for oversize packet when napi frags enabled - netfilter: nf_tables: release flow rule object from commit path - ipvs: use explicitly signed chars - ipvs: fix WARNING in __ip_vs_cleanup_batch() - ipvs: fix WARNING in ip_vs_app_net_cleanup() - rose: Fix NULL pointer dereference in rose_send_frame() - mISDN: fix possible memory leak in mISDN_register_device() - btrfs: fix inode list leak during backref walking at resolve_indirect_refs() - btrfs: fix inode list leak during backref walking at find_parent_nodes() - btrfs: fix ulist leaks in error paths of qgroup self tests - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu (CVE-2022-3564) - Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() (CVE-2022-3640) - net: mdio: fix undefined behavior in bit shift for __mdiobus_register - net, neigh: Fix null-ptr-deref in neigh_table_clear() - ipv6: fix WARNING in ip6_route_net_exit_late() - [arm64] drm/msm/hdmi: Remove spurious IRQF_ONESHOT flag - [arm64] drm/msm/hdmi: fix IRQ lifetime - [arm64,armhf] mmc: sdhci-esdhc-imx: Propagate ESDHC_FLAG_HS400* only on 8bit bus - mmc: sdhci-pci: Avoid comma separated statements - mmc: sdhci-pci-core: Disable ES for ASUS BIOS on Jasper Lake - xhci-pci: Set runtime PM as default policy on all xHC 1.2 or later devices - [s390x] boot: add secure boot trailer - media: dvb-frontends/drxk: initialize err to 0 - ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init() - scsi: core: Restrict legal sdev_state transitions via sysfs - HID: saitek: add madcatz variant of MMO7 mouse device ID - drm/amdgpu: set vm_update_mode=0 as default for Sienna Cichlid in SRIOV case - efi/tpm: Pass correct address to memblock_reserve - i2c: piix4: Fix adapter not be removed in piix4_remove() - Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM (CVE-2022-42896) - Bluetooth: L2CAP: Fix attempting to access uninitialized memory (CVE-2022-42895) - block, bfq: protect 'bfqd->queued' by 'bfqd->lock' - ALSA: usb-audio: Add quirks for MacroSilicon MS2100/MS2106 devices - fscrypt: simplify master key locking - fscrypt: stop using keyrings subsystem for fscrypt_master_key - fscrypt: fix keyring memory leak on mount failure - tcp/udp: Fix memory leak in ipv6_renew_options(). (CVE-2022-3524) - [armhf] mtd: rawnand: gpmi: Set WAIT_FOR_READY timeout based on program/erase times - memcg: enable accounting of ipc resources (CVE-2021-3759) - [arm*] binder: fix UAF of alloc->vma in race with munmap() - btrfs: fix type of parameter generation in btrfs_get_dentry - ftrace: Fix use-after-free for dynamic ftrace_ops - tcp/udp: Make early_demux back namespacified. - tracing: kprobe: Fix memory leak in test_gen_kprobe/kretprobe_cmd() - kprobe: reverse kp->flags when arm_kprobe failed - tracing/histogram: Update document for KEYS_MAX size - capabilities: fix potential memleak on error path from vfs_getxattr_alloc() - fuse: add file_modified() to fallocate - efi: random: reduce seed size to 32 bytes - efi: random: Use 'ACPI reclaim' memory for random seed - [x86] perf/x86/intel: Fix pebs event constraints for ICL - [x86] perf/x86/intel: Add Cooper Lake stepping to isolation_ucodes[] - ext4: fix warning in 'ext4_da_release_space' - ext4: fix BUG_ON() when directory entry has invalid rec_len - [x86] KVM: x86: Mask off reserved bits in CPUID.80000006H - [x86] KVM: x86: Mask off reserved bits in CPUID.8000001AH - [x86] KVM: x86: Mask off reserved bits in CPUID.80000008H - [x86] KVM: x86: Mask off reserved bits in CPUID.80000001H - [x86] KVM: x86: emulator: em_sysexit should update ctxt->mode - [x86] KVM: x86: emulator: introduce emulator_recalc_and_set_mode - [x86] KVM: x86: emulator: update the emulation mode after CR0 write - ext4,f2fs: fix readahead of verity data - [arm64,armhf] drm/rockchip: dsi: Force synchronous probe - [x86] drm/i915/sdvo: Filter out invalid outputs more sensibly - [x86] drm/i915/sdvo: Setup DDC fully before output init - wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker() (CVE-2022-3628) - ipc: remove memcg accounting for sops objects in do_semtimedop() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.155 - fuse: fix readdir cache race - [armhf] phy: stm32: fix an error code in probe - wifi: cfg80211: silence a sparse RCU warning - wifi: cfg80211: fix memory leak in query_regdb_file() - bpf, sockmap: Fix the sk->sk_forward_alloc warning of sk_stream_kill_queues - bpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without FILE - [x86] HID: hyperv: fix possible memory leak in mousevsc_probe() - bpf: Support for pointers beyond pkt_end. - bpf: Add helper macro bpf_for_each_reg_in_vstate - bpf: Fix wrong reg type conversion in release_reference() - net: gso: fix panic on frag_list with mixed head alloc types - macsec: delete new rxsc when offload fails - macsec: fix secy->n_rx_sc accounting - macsec: fix detection of RXSCs when toggling offloading - macsec: clear encryption keys from the stack after setting up offload - net: tun: Fix memory leaks of napi_get_frags - bnxt_en: Fix possible crash in bnxt_hwrm_set_coal() - bnxt_en: fix potentially incorrect return value for ndo_rx_flow_steer - capabilities: fix undefined behavior in bit shift for CAP_TO_MASK - [s390x] KVM: s390x: fix SCK locking - [s390x] KVM: s390: pv: don't allow userspace to set the clock under PV - hamradio: fix issue of dev reference count leakage in bpq_device_event() - [arm*] drm/vc4: Fix missing platform_unregister_drivers() call in vc4_drm_register() - tcp: prohibit TCP_REPAIR_OPTIONS if data was already sent - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network - can: af_can: fix NULL pointer dereference in can_rx_register() - [arm64,armhf] net: stmmac: dwmac-meson8b: fix meson8b_devm_clk_prepare_enable() - tipc: fix the msg->req tlv len check in tipc_nl_compat_name_table_dump_header - [arm64] dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove() - [arm64] drivers: net: xgene: disable napi when register irq failed in xgene_enet_open() - net/mlx5: Allow async trigger completion execution on single CPU systems - net/mlx5e: E-Switch, Fix comparing termination table instance - [armhf] net: cpsw: disable napi in cpsw_ndo_open() - net: cxgb3_main: disable napi when bind qsets failed in cxgb_up() - cxgb4vf: shut down the adapter when t4vf_update_port_info() failed in cxgb4vf_open() - net: phy: mscc: macsec: clear encryption keys when freeing a flow - [amd64,arm64] net: atlantic: macsec: clear encryption keys from the stack - ethernet: s2io: disable napi when start nic failed in s2io_card_up() - [armel,armhf] net: mv643xx_eth: disable napi when init rxq or txq failed in mv643xx_eth_open() - net: macvlan: fix memory leaks of macvlan_common_newlink - [arm64] efi: Fix handling of misaligned runtime regions and drop warning - [mips*] jump_label: Fix compat branch range check - [arm64] mmc: sdhci-of-arasan: Fix SDHCI_RESET_ALL for CQHCI - [arm64,armhf] mmc: sdhci-tegra: Fix SDHCI_RESET_ALL for CQHCI - ALSA: hda/hdmi - enable runtime pm for more AMD display audio - ALSA: hda/ca0132: add quirk for EVGA Z390 DARK - ALSA: hda: fix potential memleak in 'add_widget_node' - ALSA: hda/realtek: Add Positivo C6300 model quirk - ALSA: usb-audio: Add quirk entry for M-Audio Micro - ALSA: usb-audio: Add DSD support for Accuphase DAC-60 - vmlinux.lds.h: Fix placement of '.data..decrypted' section - ata: libata-scsi: fix SYNCHRONIZE CACHE (16) command failure - nilfs2: fix deadlock in nilfs_count_free_blocks() - nilfs2: fix use-after-free bug of ns_writer on remount - [x86] drm/i915/dmabuf: fix sg_table handling in map_dma_buf - [x86] platform/x86: hp_wmi: Fix rfkill causing soft blocked wifi - [arm64,armhf] mms: sdhci-esdhc-imx: Fix SDHCI_RESET_ALL for CQHCI - udf: Fix a slab-out-of-bounds write bug in udf_find_entry() - mm/memremap.c: map FS_DAX device memory as decrypted - can: j1939: j1939_send_one(): fix missing CAN header initialization - net: tun: call napi_schedule_prep() to ensure we own a napi - [arm64,armhf] mmc: sdhci-esdhc-imx: Convert the driver to DT-only - [x86] cpu: Restore AMD's DE_CFG MSR after resume - io_uring: kill goto error handling in io_sqpoll_wait_sq() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.156 - drm/amd/display: Remove wrong pipe control lock - NFSv4: Retry LOCK on OLD_STATEID during delegation return - [arm64,armhf] i2c: tegra: Allocate DMA memory for DMA engine - [x86] i2c: i801: add lis3lv02d's I2C address for Vostro 5568 - btrfs: remove pointless and double ulist frees in error paths of qgroup tests - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm - ALSA: hda/realtek: fix speakers and micmute on HP 855 G8 - [x86] mtd: spi-nor: intel-spi: Disable write protection only if asked - [arm64,armhf] mmc: sdhci-esdhc-imx: use the correct host caps for MMC_CAP_8_BIT_DATA - drm/amd/pm: support power source switch on Sienna Cichlid - drm/amd/pm: Read BIF STRAP also for BACO check - drm/amd/pm: disable BACO entry/exit completely on several sienna cichlid cards - drm/amdgpu: disable BACO on special BEIGE_GOBY card - [armhf] spi: stm32: Print summary 'callbacks suppressed' message - ASoC: core: Fix use-after-free in snd_soc_exit() - serial: 8250: Remove serial_rs485 sanitization from em485 - [arm64,armhf] serial: imx: Add missing .thaw_noirq hook - tty: n_gsm: fix sleep-in-atomic-context bug in gsm_control_send - bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb() - ASoC: soc-utils: Remove __exit for snd_soc_util_exit() - sctp: remove the unnecessary sinfo_stream check in sctp_prsctp_prune_unsent - sctp: clear out_curr if all frag chunks of current msg are pruned - block: sed-opal: kmalloc the cmd/resp buffers - [arm64] Fix bit-shifting UB in the MIDR_CPU_MODEL() macro - parport_pc: Avoid FIFO port location truncation - pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map - [arm64,armhf] drm/panel: simple: set bpc field for logic technologies displays - drm/drv: Fix potential memory leak in drm_dev_init() - drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker() - ata: libata-transport: fix double ata_host_put() in ata_tport_add() - ata: libata-transport: fix error handling in ata_tport_add() - ata: libata-transport: fix error handling in ata_tlink_add() - ata: libata-transport: fix error handling in ata_tdev_add() - bpf: Initialize same number of free nodes for each pcpu_freelist - mISDN: fix possible memory leak in mISDN_dsp_element_register() - net: hinic: Fix error handling in hinic_module_init() - net: liquidio: release resources when liquidio driver open failed - mISDN: fix misuse of put_device() in mISDN_register_device() - net: macvlan: Use built-in RCU list checking - net: caif: fix double disconnect client in chnl_net_open() - bnxt_en: Remove debugfs when pci_register_driver failed - xen/pcpu: fix possible memory leak in register_pcpu() - net: ena: Fix error handling in ena_init() - drbd: use after free in drbd_create_device() - [x86] platform/x86/intel: pmc: Don't unconditionally attach Intel PMC when virtualized - cifs: add check for returning value of SMB2_close_init - cifs: Fix wrong return value checking when GETFLAGS - [x86] net: thunderbolt: Fix error handling in tbnet_init() - cifs: add check for returning value of SMB2_set_info_init - ftrace: Fix the possible incorrect kernel message - ftrace: Optimize the allocation for mcount entries - ftrace: Fix null pointer dereference in ftrace_add_mod() - ring_buffer: Do not deactivate non-existant pages - tracing/ring-buffer: Have polling block on watermark - tracing: Fix memory leak in test_gen_synth_cmd() and test_empty_synth_event() - tracing: Fix wild-memory-access in register_synth_event() - tracing: kprobe: Fix potential null-ptr-deref on trace_event_file in kprobe_event_gen_test_exit() - tracing: kprobe: Fix potential null-ptr-deref on trace_array in kprobe_event_gen_test_exit() - ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open() - ALSA: hda/realtek: fix speakers for Samsung Galaxy Book Pro - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360 - [arm64,armhf] Revert "usb: dwc3: disable USB core PHY management" - slimbus: stream: correct presence rate frequencies - speakup: fix a segfault caused by switching consoles - USB: serial: option: add Sierra Wireless EM9191 - USB: serial: option: remove old LARA-R6 PID - USB: serial: option: add u-blox LARA-R6 00B modem - USB: serial: option: add u-blox LARA-L6 modem - USB: serial: option: add Fibocom FM160 0x0111 composition - usb: add NO_LPM quirk for Realforce 87U Keyboard - dm ioctl: fix misbehavior if list_versions races with module loading - serial: 8250: Fall back to non-DMA Rx if IIR_RDI occurs - serial: 8250: Flush DMA Rx on RLSI - [x86] serial: 8250_lpss: Configure DMA also w/o DMA filter - Input: iforce - invert valid length check when fetching device IDs - maccess: Fix writing offset in case of fault in strncpy_from_kernel_nofault() - [s390x] scsi: zfcp: Fix double free of FSF request when qdio send fails - [amd64] iommu/vt-d: Set SRE bit only when hardware has SRS cap - firmware: coreboot: Register bus in module init - mmc: core: properly select voltage range without power cycle - mmc: sdhci-pci-o2micro: fix card detect fail issue caused by CD# debounce timeout - mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put() - docs: update mediator contact information in CoC doc - [x86] misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() - [x86] perf/x86/intel/pt: Fix sampling using single range output - nvme: restrict management ioctls to admin - nvme: ensure subsystem reset is single threaded (CVE-2022-3169) - net: fix a concurrency bug in l2tp_tunnel_register() - ring-buffer: Include dropped pages in counting dirty patches - usbnet: smsc95xx: Fix deadlock on runtime resume - stddef: Introduce struct_group() helper macro - net: use struct_group to copy ip/ipv6 header addresses - scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus() - scsi: scsi_debug: Fix possible UAF in sdebug_add_host_helper() - kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case - Input: i8042 - fix leaking of platform device on module removal - macvlan: enforce a consistent minimal mtu - tcp: cdg: allow tcp_cdg_release() to be called multiple times - kcm: avoid potential race in kcm_tx_work (CVE-2022-3521) - kcm: close race conditions on sk_receive_queue - 9p: trans_fd/p9_conn_cancel: drop client lock earlier - gfs2: Check sb_bsize_shift after reading superblock - gfs2: Switch from strlcpy to strscpy - 9p/trans_fd: always use O_NONBLOCK read/write - mm: fs: initialize fsdata passed to write_begin/write_end interface https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.157 - scsi: scsi_transport_sas: Fix error handling in sas_phy_add() - ata: libata-scsi: simplify __ata_scsi_queuecmd() - ata: libata-core: do not issue non-internal commands once EH is pending - bridge: switchdev: Notify about VLAN protocol changes - bridge: switchdev: Fix memory leaks when changing VLAN protocol - drm/display: Don't assume dual mode adaptors support i2c sub-addressing - nvme: add a bogus subsystem NQN quirk for Micron MTFDKBA2T0TFH - nvme-pci: add NVME_QUIRK_BOGUS_NID for Micron Nitro - iio: ms5611: Simplify IO callback parameters - iio: pressure: ms5611: fixed value compensation bug - ceph: do not update snapshot context when there is no new snapshot - ceph: avoid putting the realm twice when decoding snaps fails - wifi: mac80211: fix memory free error when registering wiphy fail - wifi: mac80211_hwsim: fix debugfs attribute ps with rc table support - audit: fix undefined behavior in bit shift for AUDIT_BIT - wifi: airo: do not assign -1 to unsigned char - wifi: mac80211: Fix ack frame idr leak when mesh has no route - [armhf] spi: stm32: fix stm32_spi_prepare_mbr() that halves spi clk for every run - Revert "net: macsec: report real_dev features when HW offloading is enabled" - [powerpc*] scsi: ibmvfc: Avoid path failures during live migration - scsi: scsi_debug: Make the READ CAPACITY response compliant with ZBC - drm: panel-orientation-quirks: Add quirk for Acer Switch V 10 (SW5-017) - block, bfq: fix null pointer dereference in bfq_bio_bfqg() - [arm64] syscall: Include asm/ptrace.h in syscall_wrapper header. - [mips*] pic32: treat port as signed integer - xfrm: fix "disable_policy" on ipv4 early demux - xfrm: replay: Fix ESN wrap around for GSO - af_key: Fix send_acquire race with pfkey_register - [armhf] sgtl5000: Reset the CHIP_CLK_CTRL reg on remove - ASoC: soc-pcm: Don't zero TDM masks in __soc_pcm_open() - [x86] scsi: storvsc: Fix handling of srb_status and capacity change events - regulator: core: fix kobject release warning and memory leak in regulator_register() - regulator: core: fix UAF in destroy_regulator() - [arm64,armhf] bus: sunxi-rsb: Support atomic transfers - [arm64] tee: optee: fix possible memory leak in optee_register_device() - net: liquidio: simplify if expression - rxrpc: Allow list of in-use local UDP endpoints to be viewed in /proc - rxrpc: Use refcount_t rather than atomic_t - rxrpc: Fix race between conn bundle lookup and bundle removal [ZDI-CAN-15975] - [i386] net: pch_gbe: fix potential memleak in pch_gbe_tx_queue() - 9p/fd: fix issue of list_del corruption in p9_fd_cancel() - netfilter: conntrack: Fix data-races around ct mark - [armhf] dts: imx6q-prti6q: Fix ref/tcxo-clock-frequency properties - net/mlx4: Check retval of mlx4_bitmap_init - net/qla3xxx: fix potential memleak in ql3xxx_send() - [i386] net: pch_gbe: fix pci device refcount leak while module exiting - nfp: fill splittable of devlink_port_attrs correctly - nfp: add port from netdev validation for EEPROM access - macsec: Fix invalid error code set - [x86] Drivers: hv: vmbus: fix double free in the error path of vmbus_add_channel_work() - [x86] Drivers: hv: vmbus: fix possible memory leak in vmbus_device_register() - netfilter: ipset: Limit the maximal range of consecutive elements to add/delete - netfilter: ipset: regression in ip_set_hash_ip.c - net/mlx5: Fix FW tracer timestamp calculation - net/mlx5: Fix handling of entry refcount when command is not issued to FW - tipc: set con sock in tipc_conn_alloc - tipc: add an extra conn_get in tipc_conn_alloc - tipc: check skb_linearize() return value in tipc_disc_rcv() - xfrm: Fix ignored return value in xfrm6_init() - sfc: fix potential memleak in __ef100_hard_start_xmit() - net: sched: allow act_ct to be built without NF_NAT - [armhf] regulator: twl6030: re-add TWL6032_SUBCLASS - bnx2x: fix pci device refcount leak in bnx2x_vf_is_pcie_pending() - netfilter: flowtable_offload: add missing locking - dccp/tcp: Reset saddr on failure after inet6?_hash_connect(). - ipv4: Fix error return code in fib_table_insert() - [s390x] dasd: fix no record found for raw_track_access - net: arcnet: Fix RESET flag handling - arcnet: fix potential memory leak in com20020_probe() - [arm64] net: thunderx: Fix the ACPI memory leak - [arm64] net: enetc: manage ENETC_F_QBV in priv->active_offloads only when enabled - [arm64] net: enetc: cache accesses to &priv->si->hw - [arm64] net: enetc: preserve TX ring priority across reconfiguration - lib/vdso: use "grep -E" instead of "egrep" - [armhf] usb: dwc3: exynos: Fix remove() function - ext4: fix use-after-free in ext4_ext_shift_extents - [arm64] dts: rockchip: lower rk3399-puma-haikou SD controller clock frequency - iio: light: apds9960: fix wrong register for gesture gain - ceph: make ceph_create_session_msg a global symbol - ceph: make iterate_sessions a global symbol - ceph: flush mdlog before umounting - ceph: flush the mdlog before waiting on unsafe reqs - ceph: fix off by one bugs in unsafe_request_wait() - ceph: put the requests/sessions when it fails to alloc memory - ceph: fix possible NULL pointer dereference for req->r_session - ceph: Use kcalloc for allocating multiple elements - ceph: fix NULL pointer dereference for req->r_session - [arm64,armhf] usb: dwc3: gadget: conditionally remove requests - [arm64,armhf] usb: dwc3: gadget: Return -ESHUTDOWN on ep disable - [arm64,armhf] usb: dwc3: gadget: Clear ep descriptor last - nilfs2: fix nilfs_sufile_mark_dirty() not set segment usage as dirty - mm: vmscan: fix extreme overreclaim and swap floods - [x86] KVM: x86: nSVM: leave nested mode on vCPU free - [x86] KVM: x86: remove exit_int_info warning in svm_handle_exit - [x86] ioremap: Fix page aligned size calculation in __ioremap_caller() - [arm*] binder: avoid potential data leakage when copying txn - [arm*] binder: read pre-translated fds from sender buffer - [arm*] binder: defer copies of pre-patched txn data - [arm*] binder: fix pointer cast warning - [arm*] binder: Address corner cases in deferred copy and fixup - [arm*] binder: Gracefully handle BINDER_TYPE_FDA objects with num_fds=0 - Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI mode - [x86] ASoC: Intel: bytcht_es8316: Add quirk for the Nanote UMPC-01 - Input: goodix - try resetting the controller when no config is set - [x86] Input: soc_button_array - add use_low_level_irq module parameter - [x86] Input: soc_button_array - add Acer Switch V 10 to dmi_use_low_level_irq[] - xen-pciback: Allow setting PCI_MSIX_FLAGS_MASKALL too - xen/platform-pci: add missing free_irq() in error path - [x86] platform/x86: asus-wmi: add missing pci_dev_put() in asus_wmi_set_xusb2pr() - [x86] platform/x86: acer-wmi: Enable SW_TABLET_MODE on Switch V 10 (SW5-017) - zonefs: fix zone report size in __zonefs_io_error() - [x86] platform/x86: hp-wmi: Ignore Smart Experience App event - tcp: configurable source port perturb table size - net: usb: qmi_wwan: add Telit 0x103a composition - [arm64,armhf] gpu: host1x: Avoid trying to use GART on Tegra20 - dm integrity: flush the journal on suspend - dm integrity: clear the journal on suspend - genirq/msi: Shutdown managed interrupts with unsatifiable affinities - genirq: Always limit the affinity to online CPUs - [arm64,armhf] irqchip/gic-v3: Always trust the managed affinity provided by the core code - genirq: Take the proposed affinity at face value if force==true - btrfs: free btrfs_path before copying root refs to userspace - btrfs: free btrfs_path before copying fspath to userspace - btrfs: free btrfs_path before copying subvol info to userspace - btrfs: sysfs: normalize the error handling branch in btrfs_init_sysfs() - drm/amdgpu: always register an MMU notifier for userptr - [x86] drm/i915: fix TLB invalidation for Gen12 video and compute engines (CVE-2022-4139) - fuse: lock inode unconditionally in fuse_fallocate() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.158 - btrfs: sink iterator parameter to btrfs_ioctl_logical_to_ino - btrfs: free btrfs_path before copying inodes to userspace - [armhf] spi: spi-imx: Fix spi_bus_clk if requested clock is higher than input clock - btrfs: move QUOTA_ENABLED check to rescan_should_stop from btrfs_qgroup_rescan_worker - drm/display/dp_mst: Fix drm_dp_mst_add_affected_dsc_crtcs() return code - drm/amdgpu: update drm_display_info correctly when the edid is read - drm/amdgpu: Partially revert "drm/amdgpu: update drm_display_info correctly when the edid is read" - btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit() - iio: health: afe4403: Fix oob read in afe4403_read_raw - bpf, perf: Use subprog name when reporting subprog ksymbol - scripts/faddr2line: Fix regression in name resolution on ppc64le - [x86] hwmon: (i5500_temp) fix missing pci_disable_device() - hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails - bpf: Do not copy spin lock field from user in bpf_selem_alloc - of: property: decrement node refcount in of_fwnode_get_reference_args() - ixgbevf: Fix resource leak in ixgbevf_init_module() - i40e: Fix error handling in i40e_init_module() - iavf: remove redundant ret variable - iavf: Fix error handling in iavf_init_module() - e100: switch from 'pci_' to 'dma_' API - e100: Fix possible use after free in e100_xmit_prepare - net/mlx5: Fix uninitialized variable bug in outlen_write() - net/mlx5e: Fix use-after-free when reverting termination table - can: sja1000_isa: sja1000_isa_probe(): add missing free_sja1000dev() - [i386] can: cc770: cc770_isa_probe(): add missing free_cc770dev() - qlcnic: fix sleep-in-atomic-context bugs caused by msleep - [amd64,arm64] aquantia: Do not purge addresses when setting the number of rings - wifi: cfg80211: fix buffer overflow in elem comparison - wifi: cfg80211: don't allow multi-BSSID in S1G - wifi: mac8021: fix possible oob access in ieee80211_get_rate_duration - net: phy: fix null-ptr-deref while probe() failed - net/9p: Fix a potential socket leak in p9_socket_open - tipc: re-fetch skb cb after tipc_msg_validate - afs: Fix fileserver probe RTT handling - net: tun: Fix use-after-free in tun_detach() - packet: do not set TP_STATUS_CSUM_VALID on CHECKSUM_COMPLETE - sctp: fix memory leak in sctp_stream_outq_migrate() - [x86] hwmon: (coretemp) Check for null before removing sysfs attrs - [x86] hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new() - net/mlx5: DR, Fix uninitialized var warning - nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry() - [x86] bugs: Make sure MSR_SPEC_CTRL is updated properly upon resume from S3 - [x86] pinctrl: intel: Save and restore pins in "direct IRQ" mode - net: stmmac: Set MAC's flow control register to reflect current settings - mmc: core: Fix ambiguous TRIM and DISCARD arg - [arm64,armhf] mmc: sdhci-esdhc-imx: correct CQHCI exit halt state check - mmc: sdhci: Fix voltage switch delay - drm/amdgpu: temporarily disable broken Clang builds due to blown stack-frame - [x86] drm/i915: Never return 0 if not all requests retired - tracing: Free buffers when a used dynamic event is removed - io_uring: don't hold uring_lock when calling io_run_task_work* - ASoC: ops: Fix bounds check for _sx controls - [arm64,armhf] pinctrl: single: Fix potential division by zero - [amd64] iommu/vt-d: Fix PCI device refcount leak in has_external_pci() - [amd64] iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init() - ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference (CVE-2022-3435) - ipv4: Fix route deletion when nexthop info is not specified - Revert "tty: n_gsm: avoid call of sleeping functions from atomic context" - [x86] tsx: Add a feature bit for TSX control MSR support - [x86] pm: Add enumeration check before spec MSRs save/restore setup - [arm64,armhf] i2c: imx: Only DMA messages with I2C_M_DMA_SAFE flag set - [amd64,arm64] ACPI: HMAT: remove unnecessary variable initialization - [amd64,arm64] ACPI: HMAT: Fix initiator registration for single-initiator systems - char: tpm: Protect tpm_pm_suspend with locks - block: unhash blkdev part inode when the part is deleted - proc: avoid integer type confusion in get_proc_long (CVE-2022-4378) - proc: proc_skip_spaces() shouldn't think it is working on C strings (CVE-2022-4378) - v4l2: don't fall back to follow_pfn() if pin_user_pages_fast() fails - ipc/sem: Fix dangling sem_array access in semtimedop race . [ Salvatore Bonaccorso ] * Bump ABI to 20 * [rt] Drop "net: arcnet: Fix RESET flag handling" (applied upstream) * [x86] Enable AMD_MEM_ENCRYPT (Closes: #1024697) * xen/netback: Ensure protocol headers don't fall in the non-linear area (XSA-423, CVE-2022-3643) * xen/netback: do some code cleanup * xen/netback: don't call kfree_skb() with interrupts disabled (XSA-424, CVE-2022-42328, CVE-2022-42329) * [rt] Update to 5.10.158-rt77 linux (5.10.149-2) bullseye-security; urgency=high . * Revert "drm/amdgpu: move nbio sdma_doorbell_range() into sdma code for vega" (Closes: #1022025) * Revert "drm/amdgpu: make sure to init common IP before gmc" (Closes: #1022025) linux (5.10.149-1) bullseye-security; urgency=high . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.149 - Revert "fs: check FMODE_LSEEK to control internal pipe splicing" . [ Salvatore Bonaccorso ] * Replace patch for "io_uring/af_unix: defer registered files gc to io_uring release" with queued version linux (5.10.148-1) bullseye-security; urgency=high . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.141 - [s390x] mm: do not trigger write fault when vma does not allow VM_WRITE - kbuild: Fix include path in scripts/Makefile.modpost - Bluetooth: L2CAP: Fix build errors in some archs - HID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report - media: pvrusb2: fix memory leak in pvr_probe - HID: hidraw: fix memory leak in hidraw_release() - net: fix refcount bug in sk_psock_get (2) - fbdev: fb_pm2fb: Avoid potential divide by zero error - ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead - drm/amd/display: Avoid MPC infinite loop - drm/amd/display: For stereo keep "FLIP_ANY_FRAME" - drm/amd/display: clear optc underflow before turn off odm clock - neigh: fix possible DoS due to net iface start/stop loop - [s390x] hypfs: avoid error message under KVM - drm/amd/pm: add missing ->fini_microcode interface for Sienna Cichlid - drm/amd/display: Fix pixel clock programming - drm/amdgpu: Increase tlb flush timeout for sriov - netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to y - lib/vdso: Mark do_hres_timens() and do_coarse_timens() __always_inline() - kprobes: don't call disarm_kprobe() for disabled kprobes - io_uring: disable polling pollfree files - xfs: remove infinite loop when reserving free block pool - xfs: always succeed at setting the reserve pool size - xfs: fix overfilling of reserve pool - xfs: fix soft lockup via spinning in filestream ag selection loop - xfs: revert "xfs: actually bump warning counts when we send warnings" - net: neigh: don't call kfree_skb() under spin_lock_irqsave() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.142 - [arm64] drm/msm/dsi: fix the inconsistent indenting - [arm64] drm/msm/dp: delete DP_RECOVERED_CLOCK_OUT_EN to fix tps4 - [arm64] drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg - [arm64] drm/msm/dsi: Fix number of regulators for SDM660 - [x86] platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask - iio: adc: mcp3911: make use of the sign bit - bpf, cgroup: Fix kernel BUG in purge_effective_progs - ieee802154/adf7242: defer destroy_workqueue call - ALSA: hda: intel-nhlt: remove use of __func__ in dev_dbg - ALSA: hda: intel-nhlt: Correct the handling of fmt_config flexible array - wifi: cfg80211: debugfs: fix return type in ht40allow_map_read() - Revert "xhci: turn off port power in shutdown" - net: sched: tbf: don't call qdisc_put() while holding tree lock - net/sched: fix netdevice reference leaks in attach_default_qdiscs() - sch_cake: Return __NET_XMIT_STOLEN when consuming enqueued skb - tcp: annotate data-race around challenge_timestamp - Revert "sch_cake: Return __NET_XMIT_STOLEN when consuming enqueued skb" - net/smc: Remove redundant refcount increase - [arm64] serial: fsl_lpuart: RS485 RTS polariy is inverse - staging: rtl8712: fix use after free bugs - [powerpc*] align syscall table for ppc32 - vt: Clear selection before changing the font - [arm64] tty: serial: lpuart: disable flow control while waiting for the transmit engine to complete - Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag - iio: ad7292: Prevent regulator double disable - iio: adc: mcp3911: use correct formula for AD conversion - USB: serial: ftdi_sio: add Omron CS1W-CIF31 device id - [arm*] binder: fix UAF of ref->proc caused by race condition (CVE-2022-20421) - [x86] drm/i915/reg: Fix spelling mistake "Unsupport" -> "Unsupported" - clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops - Revert "clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops" - clk: core: Fix runtime PM sequence in clk_core_unprepare() - [arm64,armhf] clk: bcm: rpi: Fix error handling of raspberrypi_fw_get_rate - [arm64,armhf] clk: bcm: rpi: Use correct order for the parameters of devm_kcalloc() - [arm64,armhf] clk: bcm: rpi: Prevent out-of-bounds access - [arm64,armhf] clk: bcm: rpi: Add missing newline - [armel,armhf] hwmon: (gpio-fan) Fix array out of bounds access - [arm64,armhf] gpio: pca953x: Add mutex_lock for regcache sync in PM - [x86] KVM: x86: Mask off unsupported and unknown bits of IA32_ARCH_CAPABILITIES - xen/grants: prevent integer overflow in gnttab_dma_alloc_pages() - mm: pagewalk: Fix race between unmap and page walker - xen-blkback: Advertise feature-persistent as user requested - xen-blkfront: Advertise feature-persistent as user requested - [x86] thunderbolt: Use the actual buffer in tb_async_error() - media: mceusb: Use new usb_control_msg_*() routines - xhci: Add grace period after xHC start to prevent premature runtime suspend. - USB: serial: cp210x: add Decagon UCA device id - USB: serial: option: add support for OPPO R11 diag port - USB: serial: option: add Quectel EM060K modem - USB: serial: option: add support for Cinterion MV32-WA/WB RmNet mode - usb: typec: altmodes/displayport: correct pin assignment for UFP receptacles - [arm*] usb: dwc2: fix wrong order of phy_power_on and phy_init - USB: cdc-acm: Add Icom PMR F3400 support (0c26:0020) - usb-storage: Add ignore-residue quirk for NXP PN7462AU - [s390x] hugetlb: fix prepare_hugepage_range() check for 2 GB hugepages - [s390x] fix nospec table alignments - USB: core: Prevent nested device-reset calls - usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS - driver core: Don't probe devices after bus_type.match() probe deferral - wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected - wifi: mac80211: Fix UAF in ieee80211_scan_rx() - ip: fix triggering of 'icmp redirect' - net: Use u64_stats_fetch_begin_irq() for stats fetch. - net: mac802154: Fix a condition in the receive path - ALSA: hda/realtek: Add speaker AMP init for Samsung laptops with ALC298 - ALSA: seq: oss: Fix data-race for max_midi_devs access - ALSA: seq: Fix data-race at module auto-loading - [x86] drm/i915/glk: ECS Liva Q2 needs GLK HDMI port timing quirk - btrfs: harden identification of a stale device - mmc: core: Fix UHS-I SD 1.8V workaround branch - [arm64,armhf] usb: dwc3: fix PHY disable sequence - [arm64,armhf] usb: dwc3: qcom: fix use-after-free on runtime-PM wakeup - [arm64,armhf] usb: dwc3: disable USB core PHY management - USB: serial: ch341: fix lost character on LCR updates - USB: serial: ch341: fix disabled rx timer on older devices https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.143 - NFSD: Fix verifier returned in stable WRITEs - xen-blkfront: Cache feature_persistent value before advertisement - tty: n_gsm: initialize more members at gsm_alloc_mux() - tty: n_gsm: avoid call of sleeping functions from atomic context - efi: capsule-loader: Fix use-after-free in efi_capsule_write (CVE-2022-40307) - wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in il4965_rs_fill_link_cmd() - fs: only do a memory barrier for the first set_buffer_uptodate() - scsi: qla2xxx: Disable ATIO interrupt coalesce for quad port ISP27XX - scsi: megaraid_sas: Fix double kfree() - drm/gem: Fix GEM handle release errors - drm/amdgpu: Move psp_xgmi_terminate call from amdgpu_xgmi_remove_device to psp_hw_fini - drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup. - drm/radeon: add a force flush to delay work when radeon - [arm64] cacheinfo: Fix incorrect assignment of signed error value to unsigned fw_level - net/core/skbuff: Check the return value of skb_copy_bits() - drm/amdgpu: mmVM_L2_CNTL3 register not initialized correctly - ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() - ALSA: aloop: Fix random zeros in capture data when using jiffies timer - ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() - kprobes: Prohibit probes in gate area - debugfs: add debugfs_lookup_and_remove() - nvmet: fix a use-after-free - [x86] drm/i915: Implement WaEdpLinkRateDataReload - scsi: mpt3sas: Fix use-after-free warning - scsi: lpfc: Add missing destroy_workqueue() in error path - cgroup: Elide write-locking threadgroup_rwsem when updating csses on an empty subtree - cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock - cifs: remove useless parameter 'is_fsctl' from SMB2_ioctl() - smb3: missing inode locks in punch hole - regulator: core: Clean up on enable failure - [arm64] tee: fix compiler warning in tee_shm_register() - RDMA/cma: Fix arguments order in net device validation - [arm64] RDMA/hns: Fix supported page size - [arm64] RDMA/hns: Fix wrong fixed value of qp->rq.wqe_shift - netfilter: br_netfilter: Drop dst references before setting. - netfilter: nf_tables: clean up hook list when offload flags check fails - netfilter: nf_conntrack_irc: Fix forged IP logic (CVE-2022-2663) - ALSA: usb-audio: Inform the delayed registration more properly - ALSA: usb-audio: Register card again for iface over delayed_register option - rxrpc: Fix an insufficiently large sglist in rxkad_verify_packet_2() - afs: Use the operation issue time instead of the reply time for callbacks - sch_sfb: Don't assume the skb is still around after enqueueing to child - tipc: fix shift wrapping bug in map_get() - ice: use bitmap_free instead of devm_kfree - i40e: Fix kernel crash during module removal - xen-netback: only remove 'hotplug-status' when the vif is actually destroyed - ipv6: sr: fix out-of-bounds read when setting HMAC data. - IB/core: Fix a nested dead lock as part of ODP flow - RDMA/mlx5: Set local port to one when accessing counters - nvme-tcp: fix UAF when detecting digest errors - nvme-tcp: fix regression that causes sporadic requests to time out - tcp: fix early ETIMEDOUT after spurious non-SACK RTO - sch_sfb: Also store skb len before calling child enqueue - swiotlb: avoid potential left shift overflow - [amd64] iommu/amd: use full 64-bit value in build_completion_wait() - [arm64] errata: add detection for AMEVCNTR01 incrementing incorrectly https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.144 - [armhf] dts: imx: align SPI NOR node name with dtschema - [amd64] iommu/vt-d: Correctly calculate sagaw value of IOMMU - tracefs: Only clobber mode/uid/gid on remount if asked - Input: goodix - add support for GT1158 - [arm64] drm/msm/rd: Fix FIFO-full deadlock - [amd64] hid: intel-ish-hid: ishtp: Fix ishtp client sending disordered message - tg3: Disable tg3 device on system reboot to avoid triggering AER - ieee802154: cc2520: add rc code in cc2520_tx() - Input: iforce - add support for Boeder Force Feedback Wheel - nvmet-tcp: fix unhandled tcp states in nvmet_tcp_state_change() - drm/amd/amdgpu: skip ucode loading if ucode_size == 0 - [arm*] perf/arm_pmu_platform: fix tests for platform_get_irq() failure - [x86] platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell Dot keymap fixes - mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region() - [x86] Revert "x86/ftrace: Use alternative RET encoding" - [x86] ibt,ftrace: Make function-graph play nice - [x86] ftrace: Use alternative RET encoding - Input: goodix - add compatible string for GT1158 https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.145 - [ppc64el] KVM: PPC: Book3S HV: Context tracking exit guest context before enabling irqs - [ppc64el] KVM: PPC: Tick accounting should defer vtime accounting 'til after IRQ handling - serial: 8250: Fix reporting real baudrate value in c_ospeed field - [powerpc*] pseries/mobility: refactor node lookup during DT update - [powerpc*] pseries/mobility: ignore ibm, platform-facilities updates - [x86] platform/x86/intel: hid: add quirk to support Surface Go 3 - [arm64,armhf] net: dsa: mv88e6xxx: allow use of PHYs on CPU and DSA ports - of: fdt: fix off-by-one error in unflatten_dt_nodes() - [arm64] pinctrl: sunxi: Fix name for A100 R_PIO - NFSv4: Turn off open-by-filehandle and NFS re-export for NFSv4.0 - [arm64] gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type in mpc85xx - [arm64] drm/meson: Correct OSD1 global alpha value - [arm64] drm/meson: Fix OSD1 RGB to YCbCr coefficient - tracing: hold caller_addr to hardirq_{enable,disable}_ip - of/device: Fix up of_dma_configure_id() stub - cifs: revalidate mapping when doing direct writes - cifs: don't send down the destination address to sendmsg for a SOCK_STREAM - video: fbdev: i740fb: Error out if 'pixclock' equals zero (CVE-2022-3061) - Revert "serial: 8250: Fix reporting real baudrate value in c_ospeed field" - [x86] ASoC: nau8824: Fix semaphore unbalance at error paths - [armhf] regulator: pfuze100: Fix the global-out-of-bounds access in pfuze100_regulator_probe() - rxrpc: Fix local destruction being repeated - rxrpc: Fix calc of resend age - wifi: mac80211_hwsim: check length for virtio packets - ALSA: hda/sigmatel: Keep power up while beep is enabled - [arm64,armhf] ALSA: hda/tegra: Align BDL entry to 4KB boundary - net: usb: qmi_wwan: add Quectel RM520N - afs: Return -EAGAIN, not -EREMOTEIO, when a file already locked - [misp64el,mipsel] OCTEON: irq: Fix octeon_irq_force_ciu_mapping() - mksysmap: Fix the mismatch of 'L0' symbols in System.map - video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write (CVE-2022-39842) - cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all() - ALSA: hda/sigmatel: Fix unused variable warning for beep power change https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.146 - drm/amdgpu: move nbio sdma_doorbell_range() into sdma code for vega - drm/amdgpu: indirect register access for nv12 sriov - drm/amdgpu: Separate vf2pf work item init from virt data exchange - drm/amdgpu: make sure to init common IP before gmc - [arm64,armhf] usb: dwc3: gadget: Avoid starting DWC3 gadget during UDC unbind - [arm64,armhf] usb: dwc3: Issue core soft reset before enabling run/stop - [arm64,armhf] usb: dwc3: gadget: Prevent repeat pullup() - [arm64,armhf] usb: dwc3: gadget: Refactor pullup() - [arm64,armhf] usb: dwc3: gadget: Don't modify GEVNTCOUNT in pullup() - [arm64,armhf] usb: dwc3: gadget: Avoid duplicate requests to enable Run/Stop - mmc: core: Fix inconsistent sd3_bus_mode at UHS-I SD voltage switch failure - vfio/type1: Change success value of vaddr_get_pfn() - vfio/type1: Prepare for batched pinning with struct vfio_batch - vfio/type1: Unpin zero pages - USB: core: Fix RST error in hub.c - USB: serial: option: add Quectel BG95 0x0203 composition - USB: serial: option: add Quectel RM520N - ALSA: hda/tegra: set depop delay for tegra - ALSA: hda: add Intel 5 Series / 3400 PCI DID - ALSA: hda/realtek: Add quirk for Huawei WRT-WX9 - ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5570 laptop - ALSA: hda/realtek: Re-arrange quirk table entries - ALSA: hda/realtek: Add pincfg for ASUS G513 HP jack - ALSA: hda/realtek: Add pincfg for ASUS G533Z HP jack - ALSA: hda/realtek: Add quirk for ASUS GA503R laptop - ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5530 laptop - [amd64] iommu/vt-d: Check correct capability for sagaw determination - media: flexcop-usb: fix endpoint type check - [x86] efi: x86: Wipe setup_data on pure EFI boot - efi: libstub: check Shim mode using MokSBStateRT - gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully - [arm64,armhf] can: flexcan: flexcan_mailbox_read() fix return value for drop = true - mm/slub: fix to return errno if kmalloc() fails - KVM: SEV: add cache flush to solve SEV cache incoherency issues (CVE-2022-0171) - xfs: fix up non-directory creation in SGID directories (CVE-2021-4037) - xfs: reorder iunlink remove operation in xfs_ifree - xfs: validate inode fork size against fork format - [arm64] dts: rockchip: Pull up wlan wake# on Gru-Bob - netfilter: nf_conntrack_sip: fix ct_sip_walk_headers - netfilter: nf_conntrack_irc: Tighten matching on DCC message (CVE-2022-2663) - netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find() - iavf: Fix cached head and tail value for iavf_get_tx_pending - ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header - net: let flow have same hash in two directions - net: core: fix flow symmetric hash - net: phy: aquantia: wait for the suspend/resume operations to finish - scsi: mpt3sas: Force PCIe scatterlist allocations to be within same 4 GB region - scsi: mpt3sas: Fix return value check of dma_get_required_mask() - net: bonding: Share lacpdu_mcast_addr definition - net: bonding: Unsync device addresses on ndo_stop - net: team: Unsync device addresses on ndo_stop - [arm64,armhf] drm/panel: simple: Fix innolux_g121i1_l01 bus_format - iavf: Fix bad page state - iavf: Fix set max MTU size with port VLAN and jumbo frames - i40e: Fix VF set max MTU size - i40e: Fix set max_tx_rate when it is lower than 1 Mbps - sfc: fix TX channel offset when using legacy interrupts - sfc: fix null pointer dereference in efx_hard_start_xmit - of: mdio: Add of_node_put() when breaking out of for_each_xx - wireguard: ratelimiter: disable timings test by default - wireguard: netlink: avoid variable-sized memcpy on sockaddr - [arm64] net: enetc: move enetc_set_psfp() out of the common enetc_set_features() - net: socket: remove register_gifconf - net/sched: taprio: avoid disabling offload when it was never enabled - net/sched: taprio: make qdisc_leaf() see the per-netdev-queue pfifo child qdiscs - netfilter: nf_tables: fix nft_counters_enabled underflow at nf_tables_addchain() - netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain() - netfilter: ebtables: fix memory leak when blob is malformed - can: gs_usb: gs_can_open(): fix race dev->can.state condition - net/smc: Stop the CLC flow if no link to map buffers on - net: sunhme: Fix packet reception for len < RX_COPY_THRESHOLD - net: sched: fix possible refcount leak in tc_new_tfilter() - drm/amd/amdgpu: fixing read wrong pf2vf data in SRIOV - serial: Create uart_xmit_advance() - [arm64,armhf] serial: tegra: Use uart_xmit_advance(), fixes icount.tx accounting - [s390x] dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup - vfio/type1: fix vaddr_get_pfns() return in vfio_pin_page_external() - drm/amdgpu: Fix check for RAS support - cifs: use discard iterator to discard unneeded network data more efficiently - cifs: always initialize struct msghdr smb_msg completely - [x86] Drivers: hv: Never allocate anything besides framebuffer from framebuffer memory region - [x86] drm/gma500: Fix BUG: sleeping function called from invalid context errors - drm/amdgpu: use dirty framebuffer helper - drm/amd/display: Limit user regamma to a valid value - drm/amd/display: Mark dml30's UseMinimumDCFCLK() as noinline for stack usage - [arm64] drm/rockchip: Fix return type of cdn_dp_connector_mode_valid - workqueue: don't skip lockdep work dependency in cancel_work_sync() - [arm64,armhf] i2c: imx: If pm_runtime_get_sync() returned 1 device access is possible - [amd64,arm64] devdax: Fix soft-reservation memory description - ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0 - ext4: limit the number of retries after discarding preallocations blocks - ext4: make directory inode spreading reflect flexbg size https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.147 - [x86] thunderbolt: Add support for Intel Maple Ridge - [x86] thunderbolt: Add support for Intel Maple Ridge single port controller - [arm64,armhf] ALSA: hda/tegra: Use clk_bulk helpers - [arm64,armhf] ALSA: hda/tegra: Reset hardware - ALSA: hda/hdmi: let new platforms assign the pcm slot dynamically - ALSA: hda: Fix Nvidia dp infoframe - btrfs: fix hang during unmount when stopping a space reclaim worker - [arm64,x86] usb: typec: ucsi: Remove incorrect warning - [x86] thunderbolt: Explicitly reset plug events delay back to USB4 spec value - net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 - libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205 - mm/page_alloc: fix race condition between build_all_zonelists and page allocation - mm: prevent page_frag_alloc() from corrupting the memory - mm/migrate_device.c: flush TLB while holding PTL - mm: fix madivse_pageout mishandling on non-LRU page - swiotlb: max mapping size takes min align mask into account - [arm64] scsi: hisi_sas: Revert "scsi: hisi_sas: Limit max hw sectors for v3 HW" - [arm64,armhf] soc: sunxi: sram: Actually claim SRAM regions - [arm64,armhf] soc: sunxi: sram: Prevent the driver from being unbound - [arm64,armhf] soc: sunxi_sram: Make use of the helper function devm_platform_ioremap_resource() - [arm64,armhf] soc: sunxi: sram: Fix probe function ordering issues - [arm64,armhf] soc: sunxi: sram: Fix debugfs info for A64 SRAM C - [arm64,armhf] Revert "drm: bridge: analogix/dp: add panel prepare/unprepare in suspend/resume time" - usbnet: Fix memory leak in usbnet_disconnect() - net: sched: act_ct: fix possible refcount leak in tcf_ct_init() - cxgb4: fix missing unlock on ETHOFLD desc collect fail path - nvme: add new line after variable declatation - nvme: Fix IOC_PR_CLEAR and IOC_PR_RELEASE ioctls for nvme devices - net: stmmac: power up/down serdes in stmmac_open/release - [armhf] clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI clocks - [x86] KVM: x86: Hide IA32_PLATFORM_DCA_CAP[31:0] from the guest - [x86] alternative: Fix race in try_get_desc() - ALSA: hda/hdmi: fix warning about PCM count when used with SOF https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.148 - nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level() - nilfs2: fix use-after-free bug of struct nilfs_root - nilfs2: fix leak of nilfs_root in case of writer thread creation failure - nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure - ceph: don't truncate file in atomic_open - docs: update mediator information in CoC docs - xsk: Inherit need_wakeup flag for shared sockets - ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC (CVE-2022-3303) - mm: gup: fix the fast GUP race against THP collapse - [powerpc*] 64s/radix: don't need to broadcast IPI for radix pmd collapse flush - fs: fix UAF/GPF bug in nilfs_mdt_destroy - compiler_attributes.h: move __compiletime_{error|warning} - scsi: qedf: Fix a UAF bug in __qedf_probe() - net/ieee802154: fix uninit value bug in dgram_sendmsg - ALSA: hda/hdmi: Fix the converter reuse for the silent stream - net: atlantic: fix potential memory leak in aq_ndev_close() - drm/amd/display: update gamut remap if plane has changed - drm/amd/display: skip audio setup when audio stream is enabled - mmc: core: Replace with already defined values for readability - mmc: core: Terminate infinite loop in SD-UHS voltage switch - usb: mon: make mmapped memory read only - USB: serial: ftdi_sio: fix 300 bps rate for SIO - [arm64] rpmsg: qcom: glink: replace strncpy() with strscpy_pad() - Revert "clk: ti: Stop using legacy clkctrl names for omap4 and 5" - random: restore O_NONBLOCK support - random: clamp credited irq bits to maximum mixed - ALSA: hda: Fix position reporting on Poulsbo - efi: Correct Macmini DMI match in uefi cert quirk - scsi: stex: Properly zero out the passthrough command structure - USB: serial: qcserial: add new usb-id for Dell branded EM7455 - random: avoid reading two cache lines on irq randomness - random: use expired timer rather than wq for mixing fast pool - wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans() (CVE-2022-41674) - wifi: cfg80211/mac80211: reject bad MBSSID elements - wifi: cfg80211: ensure length byte is present before access - wifi: cfg80211: fix BSS refcounting bugs (CVE-2022-42720) - wifi: cfg80211: avoid nontransmitted BSS list corruption (CVE-2022-42721) - wifi: mac80211_hwsim: avoid mac80211 warning on bad rate - wifi: mac80211: fix crash in beacon protection for P2P-device (CVE-2022-42722) - wifi: cfg80211: update hidden BSSes to avoid WARN_ON - Input: xpad - add supported devices as contributed on github - Input: xpad - fix wireless 360 controller breaking after suspend . [ Aurelien Jarno ] * [arm64] Add support for misalignment fixups for multiword loads from next branch. Enable COMPAT_ALIGNMENT_FIXUPS. . [ Salvatore Bonaccorso ] * [x86] drivers/edac: Enable EDAC_I10NM as module (Closes: #1019248) * Bump ABI to 19 * Refresh "Export symbols needed by Android drivers" * [rt] Update to 5.10.140-rt73 * io_uring/af_unix: defer registered files gc to io_uring release (CVE-2022-2602) * ext4: fix check for block being out of directory size (CVE-2022-1184) . [ Uwe Kleine-König ] * mac80211: mlme: find auth challenge directly * wifi: mac80211: don't parse mbssid in assoc response * wifi: mac80211: fix MBSSID parsing use-after-free (CVE-2022-42719) linux-signed-amd64 (5.10.158+2) bullseye; urgency=medium . * Sign kernel from linux 5.10.158-2 . * xen/netback: fix build warning linux-signed-amd64 (5.10.158+1) bullseye; urgency=medium . * Sign kernel from linux 5.10.158-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.150 - ALSA: oss: Fix potential deadlock at unregistration - ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free() - ALSA: usb-audio: Fix potential memory leaks - ALSA: usb-audio: Fix NULL dererence at error path - ALSA: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530 - ALSA: hda/realtek: Correct pin configs for ASUS G533Z - ALSA: hda/realtek: Add quirk for ASUS GV601R laptop - ALSA: hda/realtek: Add Intel Reference SSID to support headset keys - cifs: destage dirty pages before re-reading them for cache=none - cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message - iio: dac: ad5593r: Fix i2c read protocol requirements - iio: ltc2497: Fix reading conversion results - iio: adc: ad7923: fix channel readings for some variants - iio: pressure: dps310: Refactor startup procedure - iio: pressure: dps310: Reset chip after timeout - usb: add quirks for Lenovo OneLink+ Dock - can: kvaser_usb: Fix use of uninitialized completion - can: kvaser_usb_leaf: Fix overread with an invalid command - can: kvaser_usb_leaf: Fix TX queue out of sync after restart - can: kvaser_usb_leaf: Fix CAN state after restart - fs: dlm: fix race between test_bit() and queue_work() - fs: dlm: handle -EBUSY first in lock arg validation - HID: multitouch: Add memory barriers - quota: Check next/prev free block number after reading from quota file - [arm64,armhf] platform/chrome: cros_ec_proto: Update version on GET_NEXT_EVENT failure - [arm64] regulator: qcom_rpm: Fix circular deferral regression - nvme-pci: set min_align_mask before calculating max_hw_sectors - drm/virtio: Check whether transferred 2D BO is shmem - drm/udl: Restore display mode on resume - block: fix inflight statistics of part0 - mm/mmap: undo ->mmap() when arch_validate_flags() fails - PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge - [x86] powercap: intel_rapl: Use standard Energy Unit for SPR Dram RAPL domain - scsi: qedf: Populate sysfs attributes for vport - fbdev: smscufx: Fix use-after-free in ufx_ops_open() (CVE-2022-41849) - btrfs: fix race between quota enable and quota rescan ioctl - f2fs: increase the limit for reserve_root - f2fs: fix to do sanity check on destination blkaddr during recovery - f2fs: fix to do sanity check on summary info - jbd2: wake up journal waiters in FIFO order, not LIFO - jbd2: fix potential buffer head reference count leak - jbd2: fix potential use-after-free in jbd2_fc_wait_bufs - jbd2: add miss release buffer head in fc_do_one_pass() - ext4: avoid crash when inline data creation follows DIO write - ext4: fix null-ptr-deref in ext4_write_info - ext4: make ext4_lazyinit_thread freezable - ext4: don't increase iversion counter for ea_inodes - ext4: ext4_read_bh_lock() should submit IO if the buffer isn't uptodate - ext4: place buffer head allocation before handle start - ext4: fix miss release buffer head in ext4_fc_write_inode - ext4: fix potential memory leak in ext4_fc_record_modified_inode() - ext4: fix potential memory leak in ext4_fc_record_regions() - ext4: update 'state->fc_regions_size' after successful memory allocation - [amd64] livepatch: fix race between fork and KLP transition - ftrace: Properly unset FTRACE_HASH_FL_MOD - ring-buffer: Allow splice to read previous partially read pages - ring-buffer: Have the shortest_full queue be the shortest not longest - ring-buffer: Check pending waiters when doing wake ups as well - ring-buffer: Add ring_buffer_wake_waiters() - ring-buffer: Fix race between reset page and reading page - tracing: Disable interrupt or preemption before acquiring arch_spinlock_t - [x86] thunderbolt: Explicitly enable lane adapter hotplug events at startup - efi: libstub: drop pointless get_memory_map() call - [arm64,armhf] media: cedrus: Set the platform driver data earlier - [x86] KVM: x86/emulator: Fix handing of POP SS to correctly set interruptibility - [x86] KVM: nVMX: Unconditionally purge queued/injected events on nested "exit" - [x86] KVM: VMX: Drop bits 31:16 when shoving exception error code into VMCS - drm/nouveau/kms/nv140-: Disable interlacing - drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table() - [x86] drm/i915: Fix watermark calculations for gen12+ RC CCS modifier - [x86] drm/i915: Fix watermark calculations for gen12+ MC CCS modifier - smb3: must initialize two ACL struct fields to zero - selinux: use "grep -E" instead of "egrep" - userfaultfd: open userfaultfds with O_RDONLY - [armel,armhf] 9244/1: dump: Fix wrong pg_level in walk_pmd() - [armel,armhf] 9247/1: mm: set readonly for MT_MEMORY_RO with ARM_LPAE - objtool: Preserve special st_shndx indexes in elf_update_symbol - nfsd: Fix a memory leak in an error handling path - wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state() - wifi: mac80211: allow bw change during channel switch in mesh - bpftool: Fix a wrong type cast in btf_dumper_int - [x86] resctrl: Fix to restore to original value when re-enabling hardware prefetch register - Bluetooth: btusb: Fine-tune mt7663 mechanism. - Bluetooth: btusb: fix excessive stack usage - Bluetooth: btusb: mediatek: fix WMT failure during runtime suspend - wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse() - [arm64] spi: qup: add missing clk_disable_unprepare on error in spi_qup_resume() - [arm64] spi: qup: add missing clk_disable_unprepare on error in spi_qup_pm_resume_runtime() - wifi: rtl8xxxu: Fix skb misuse in TX queue selection - [arm64,armhf] spi: meson-spicc: do not rely on busy flag in pow2 clk ops - bpf: btf: fix truncated last_member_type_id in btf_struct_resolve - wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration - wifi: rtl8xxxu: Remove copy-paste leftover in gen2_update_rate_mask - bpf: Ensure correct locking around vulnerable function find_vpid() - Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() failure - wifi: ath11k: fix number of VHT beamformee spatial streams - [x86] microcode/AMD: Track patch allocation size explicitly - [x86] cpu: Include the header of init_ia32_feat_ctl()'s prototype - Bluetooth: hci_core: Fix not handling link timeouts propertly - netfilter: nft_fib: Fix for rpath check with VRF devices - wifi: rtl8xxxu: Fix AIFS written to REG_EDCA_*_PARAM - vhost/vsock: Use kvmalloc/kvfree for larger packets. - mISDN: fix use-after-free bugs in l1oip timer handlers (CVE-2022-3565) - sctp: handle the error returned from sctp_auth_asoc_init_active_key - tcp: fix tcp_cwnd_validate() to not forget is_cwnd_limited - spi: Ensure that sg_table won't be used after being freed - net: rds: don't hold sock lock when cancelling work from rds_tcp_reset_callbacks() - bnx2x: fix potential memory leak in bnx2x_tpa_stop() (CVE-2022-3542) - net/ieee802154: reject zero-sized raw_sendmsg() - once: add DO_ONCE_SLOW() for sleepable contexts - [arm64,armhf] net: mvpp2: fix mvpp2 debugfs leak (CVE-2022-3535) - [arm64] drm: bridge: adv7511: fix CEC power down control register offset - drm/bridge: Avoid uninitialized variable warning - drm/mipi-dsi: Detach devices when removing the host - drm/dp_mst: fix drm_dp_dpcd_read return value checks - [x86] platform/chrome: fix double-free in chromeos_laptop_prepare() - [arm64] platform/chrome: fix memory corruption in ioctl - [x86] platform/x86: msi-laptop: Fix old-ec check for backlight registering - [x86] platform/x86: msi-laptop: Fix resource cleanup - ALSA: hda: beep: Simplify keep-power-at-enable behavior - [armhf] drm/omap: dss: Fix refcount leak bugs - [armhf] ASoC: eureka-tlv320: Hold reference returned from of_find_xxx API - [arm64] drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx - [arm64] drm/msm/dp: correct 1.62G link rate at dp_catalog_ctrl_config_msa() - ASoC: da7219: Fix an error handling path in da7219_register_dai_clks() - [arm*] ALSA: dmaengine: increment buffer pointer atomically - [armhf] mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe() - ALSA: hda/hdmi: Don't skip notification handling during PM operation - [armel,armhf] memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe() - [armhf] memory: of: Fix refcount leak bug in of_get_ddr_timings() - [armhf] memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings() - [armhf] dts: turris-omnia: Fix mpp26 pin name and comment - [arm64] ftrace: fix module PLTs with mcount - [armhf] dts: exynos: fix polarity of VBUS GPIO of Origen - iio: inkern: only release the device node when done with it - iio: ABI: Fix wrong format of differential capacitance channel ABI. - usb: ch9: Add USB 3.2 SSP attributes - usb: common: Parse for USB SSP genXxY - usb: common: add function to get interval expressed in us unit - usb: common: move function's kerneldoc next to its definition - usb: common: debug: Check non-standard control requests - [arm64,armhf] clk: meson: Hold reference returned by of_get_parent() - [arm64] clk: qoriq: Hold reference returned by of_get_parent() - [arm64] clk: tegra: Fix refcount leak in tegra210_clock_init - [arm64] clk: tegra: Fix refcount leak in tegra114_clock_init - [armhf] HSI: omap_ssi: Fix refcount leak in ssi_probe - [armhf] HSI: omap_ssi_port: Fix dma_map_sg error check - [arm64] tty: xilinx_uartps: Fix the ignore_status - RDMA/rxe: Fix "kernel NULL pointer dereference" error - RDMA/rxe: Fix the error caused by qp->sk - ata: fix ata_id_sense_reporting_enabled() and ata_id_has_sense_reporting() - ata: fix ata_id_has_devslp() - ata: fix ata_id_has_ncq_autosense() - ata: fix ata_id_has_dipm() - md: Replace snprintf with scnprintf - md/raid5: Ensure stripe_fill happens on non-read IO with journal - RDMA/cm: Use SLID in the work completion as the DLID in responder side - IB: Set IOVA/LENGTH on IB_MR in core/uverbs layers - xhci: Don't show warning for reinit on known broken suspend - usb: gadget: function: fix dangling pnp_string in f_printer.c - drivers: serial: jsm: fix some leaks in probe - serial: 8250: Add an empty line and remove some useless {} - serial: 8250: Toggle IER bits on only after irq has been set up - [arm64] tty: serial: fsl_lpuart: disable dma rx/tx use flags in lpuart_dma_shutdown - [arm64] phy: qualcomm: call clk_disable_unprepare in the error handling - serial: 8250: Fix restoring termios speed after suspend - scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() - scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername() - [armhf] fsi: core: Check error number after calling ida_simple_get - [x86] mfd: intel_soc_pmic: Fix an error handling path in intel_soc_pmic_i2c_probe() - [mips*] mfd: sm501: Add check for platform_driver_register() - [amd64] dmaengine: ioat: stop mod_timer from resurrecting deleted timer in __cleanup() - [arm64] spmi: pmic-arb: correct duplicate APID to PPID mapping logic - [arm*] clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration - [armhf] clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe - [armhf] clk: ast2600: BCLK comes from EPLL - [powerpc*] pci_dn: Add missing of_node_put() - [powerpc*] powernv: add missing of_node_put() in opal_export_attrs() - [x86] hyperv: Fix 'struct hv_enlightened_vmcs' definition - [powerpc*] 64s: Fix GENERIC_CPU build flags for PPC970 / G5 - [armhf] hwrng: imx-rngc - Moving IRQ handler registering after imx_rngc_irq_mask_clear() - cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset - crypto: akcipher - default implementation for setting a private key - [x86] crypto: ccp - Release dma channels before dmaengine unrgister - [arm64] crypto: inside-secure - Change swab to swab32 - [x86] crypto: qat - fix use of 'dma_map_single' - [x86] crypto: qat - use pre-allocated buffers in datapath - [x86] crypto: qat - fix DMA transfer direction - tracing: kprobe: Fix kprobe event gen test module on exit - tracing: kprobe: Make gen test module work in arm and riscv - [arm64] crypto: cavium - prevent integer overflow loading firmware - [arm64] thermal/drivers/qcom/tsens-v0_1: Fix MSM8939 fourth sensor hw_id - ACPI: APEI: do not add task_work to kernel thread to avoid memory leak - f2fs: fix race condition on setting FI_NO_EXTENT flag - f2fs: fix to avoid REQ_TIME and CP_TIME collision - f2fs: fix to account FS_CP_DATA_IO correctly - rcu: Back off upon fill_page_cache_func() allocation failure - rcu-tasks: Convert RCU_LOCKDEP_WARN() to WARN_ONCE() - [x86] ACPI: video: Add Toshiba Satellite/Portege Z830 quirk - [x86] powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue - [x86] thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash - NFSD: Return nfserr_serverfault if splice_ok but buf->pages have data - NFSD: fix use-after-free on source server when doing inter-server copy - wifi: brcmfmac: fix invalid address access when enabling SCAN log level - bpftool: Clear errno after libcap's checks - openvswitch: Fix double reporting of drops in dropwatch - openvswitch: Fix overreporting of drops in dropwatch - tcp: annotate data-race around tcp_md5sig_pool_populated - wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg() - xfrm: Update ipcomp_scratches with NULL when freed - wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() - regulator: core: Prevent integer underflow - Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create() - Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times - can: bcm: check the result of can_send() in bcm_can_tx() - wifi: rt2x00: don't run Rt5592 IQ calibration on MT7620 - wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620 - wifi: rt2x00: set VGC gain for both chains of MT7620 - wifi: rt2x00: set SoC wmac clock register - wifi: rt2x00: correctly set BBP register 86 for MT7620 - net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory - Bluetooth: L2CAP: Fix user-after-free - r8152: Rate limit overflow messages (CVE-2022-3594) - drm/nouveau/nouveau_bo: fix potential memory leak in nouveau_bo_alloc() - drm: Use size_t type for len variable in drm_copy_field() - drm: Prevent drm_copy_field() to attempt copying a NULL pointer - drm/amd/display: fix overflow on MIN_I64 definition - [arm64,armhf] drm: bridge: dw_hdmi: only trigger hotplug event on link change - [arm*] drm/vc4: vec: Fix timings for VEC modes - drm: panel-orientation-quirks: Add quirk for Anbernic Win600 - [arm64,armhf] platform/chrome: cros_ec: Notify the PM of wake events during resume - [x86] platform/x86: msi-laptop: Change DMI match / alias strings to fix module autoloading - [x86] ASoC: SOF: pci: Change DMI match info to support all Chrome platforms - drm/amdgpu: fix initial connector audio value - [arm64] drm/meson: explicitly remove aggregate driver at module unload time - [arm64] mmc: sdhci-msm: add compatible string check for sdm670 - drm/dp: Don't rewrite link config when setting phy test pattern - drm/amd/display: Remove interface for periodic interrupt 1 - btrfs: scrub: try to fix super block errors - [arm64] clk: zynqmp: Fix stack-out-of-bounds in strncpy` - media: cx88: Fix a null-ptr-deref bug in buffer_prepare() - [arm64] clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate - usb: host: xhci-plat: suspend and resume clocks - usb: host: xhci-plat: suspend/resume clks for brcm - scsi: 3w-9xxx: Avoid disabling device if failing to enable it - nbd: Fix hung when signal interrupts nbd_start_device_ioctl() - blk-throttle: prevent overflow while calculating wait time - ata: libahci_platform: Sanity check the DT child nodes number - bcache: fix set_at_max_writeback_rate() for multiple attached devices - soundwire: cadence: Don't overwrite msg->buf during write commands - soundwire: intel: fix error handling on dai registration issues - HID: roccat: Fix use-after-free in roccat_read() (CVE-2022-41850) - md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d - usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info() - [arm64,armhf] usb: musb: Fix musb_gadget.c rxstate overflow bug - Revert "usb: storage: Add quirk for Samsung Fit flash" - staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv() - nvme: copy firmware_rev on each init - nvmet-tcp: add bounds check on Transfer Tag - usb: idmouse: fix an uninit-value in idmouse_open - [arm*] clk: bcm2835: Make peripheral PLLC critical - [arm64] topology: fix possible overflow in amu_fie_setup() - io_uring: correct pinned_vm accounting - mm: hugetlb: fix UAF in hugetlb_handle_userfault - net: ieee802154: return -EINVAL for unknown addr type - Revert "net/ieee802154: reject zero-sized raw_sendmsg()" - net/ieee802154: don't warn zero-sized raw_sendmsg() - Revert "drm/amdgpu: use dirty framebuffer helper" (Closes: #1022806) - ext4: continue to expand file system when the target size doesn't reach - inet: fully convert sk->sk_rx_dst to RCU rules - [x86] thermal: intel_powerclamp: Use first online CPU as control_cpu - f2fs: fix wrong condition to trigger background checkpoint correctly https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.151 - bpf: Generate BTF_KIND_FLOAT when linking vmlinux - kbuild: Quote OBJCOPY var to avoid a pahole call break the build - kbuild: skip per-CPU BTF generation for pahole v1.18-v1.21 - kbuild: Unify options for BTF generation for vmlinux and modules - kbuild: Add skip_encoding_btf_enum64 option to pahole https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.152 - ocfs2: clear dinode links count in case of error - ocfs2: fix BUG when iput after ocfs2_mknod fails - selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context() - [x86] microcode/AMD: Apply the patch early on every logical thread - [x86] hwmon/coretemp: Handle large core ID value - [armhf] ata: ahci-imx: Fix MODULE_ALIAS - ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS - kvm: Add support for arch compat vm ioctls - [arm64] KVM: arm64: vgic: Fix exit condition in scan_its_table() - media: mceusb: set timeout to at least timeout provided - [arm64] media: venus: dec: Handle the case where find_format fails - block: wbt: Remove unnecessary invoking of wbt_update_limits in wbt_init - blk-wbt: call rq_qos_add() after wb_normal is initialized - [arm64] errata: Remove AES hwcap for COMPAT tasks - r8152: add PID for the Lenovo OneLink+ Dock - btrfs: fix processing of delayed data refs during backref walking - btrfs: fix processing of delayed tree block refs during backref walking - ACPI: extlog: Handle multiple records - tipc: Fix recognition of trial period - tipc: fix an information leak in tipc_topsrv_kern_subscr - i40e: Fix DMA mappings leak - HID: magicmouse: Do not set BTN_MOUSE on double report - sfc: Change VF mac via PF as first preference if available. - net/atm: fix proc_mpc_write incorrect return value - net: phy: dp83867: Extend RX strap quirk for SGMII mode - cifs: Fix xid leak in cifs_copy_file_range() - cifs: Fix xid leak in cifs_flock() - cifs: Fix xid leak in cifs_ses_add_channel() - nvme-hwmon: rework to avoid devm allocation - nvme-hwmon: Return error code when registration fails - nvme-hwmon: consistently ignore errors from nvme_hwmon_init - nvme-hwmon: kmalloc the NVME SMART log buffer - net: sched: cake: fix null pointer access issue when cake_init() fails - net: sched: delete duplicate cleanup of backlog and qlen - net: sched: sfb: fix null pointer access issue when sfb_init() fails - sfc: include vport_id in filter spec hash and equal() - [arm64] net: hns: fix possible memory leak in hnae_ae_register() - net: sched: fix race condition in qdisc_graft() - net: phy: dp83822: disable MDI crossover status change interrupt - [amd64] iommu/vt-d: Allow NVS regions in arch_rmrr_sanity_check() - [amd64] iommu/vt-d: Clean up si_domain in the init_dmars() error path - drm/virtio: Use appropriate atomic state in virtio_gpu_plane_cleanup_fb() - [armhf] dmaengine: mxs-dma: Remove the unused .id_table - [armhf] dmaengine: mxs: use platform_driver_register - tracing: Simplify conditional compilation code in tracing_set_tracer() - tracing: Do not free snapshot if tracer is on cmdline - xen: assume XENFEAT_gnttab_map_avail_bits being set for pv guests - xen/gntdev: Accommodate VMA splitting - [arm64,armhf] mmc: sdhci-tegra: Use actual clock rate for SW tuning correction - fcntl: make F_GETOWN(EX) return 0 on dead owner task - fcntl: fix potential deadlocks for &fown_struct.lock - [arm64] topology: move store_cpu_topology() to shared code - [x86] hv_netvsc: Fix race between VF offering and VF association message from host - ACPI: video: Force backlight native for more TongFang devices - mmc: core: Add SD card quirk for broken discard - blk-wbt: fix that 'rwb->wc' is always set to 1 in wbt_init() - mm: /proc/pid/smaps_rollup: fix no vma's null-deref - udp: Update reuse->has_conns under reuseport_lock. https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.153 - can: j1939: transport: j1939_session_skb_drop_old(): spin_unlock_irqrestore() before kfree_skb() - can: kvaser_usb: Fix possible completions during init_completion - ALSA: Use del_timer_sync() before freeing timer - ALSA: au88x0: use explicitly signed char - ALSA: rme9652: use explicitly signed char - USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM - [arm64,armhf] usb: dwc3: gadget: Stop processing more requests on IMI - [arm64,armhf] usb: dwc3: gadget: Don't set IMI for no_interrupt - usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96 controller - [armhf] mtd: rawnand: marvell: Use correct logic for nand-keep-config - xhci: Add quirk to reset host back to default state at shutdown - xhci: Remove device endpoints from bandwidth list when freeing the device - iio: light: tsl2583: Fix module unloading - iio: temperature: ltc2983: allocate iio channels once - fbdev: smscufx: Fix several use-after-free bugs - fs/binfmt_elf: Fix memory leak in load_elf_binary() - exec: Copy oldsighand->action under spin-lock - mac802154: Fix LQI recording - scsi: qla2xxx: Use transport-defined speed mask for supported_speeds - [arm64] drm/msm/dsi: fix memory corruption with too many bridges - [arm64] drm/msm/hdmi: fix memory corruption with too many bridges - [arm64] drm/msm/dp: fix IRQ lifetime - mmc: core: Fix kernel panic when remove non-standard SDIO card - kernfs: fix use-after-free in __kernfs_remove - [s390x] futex: add missing EX_TABLE entry to __futex_atomic_op() - [s390x] pci: add missing EX_TABLE entries to __pcistg_mio_inuser()/__pcilg_mio_inuser() - Xen/gntdev: don't ignore kernel unmapping error - xen/gntdev: Prevent leaking grants - mm/memory: add non-anonymous page check in the copy_present_page() - mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages - net: ieee802154: fix error return code in dgram_bind() - media: v4l2: Fix v4l2_i2c_subdev_set_name function documentation - [arm64] drm/msm: Fix return type of mdp4_lvds_connector_mode_valid - [arm64] ASoC: qcom: lpass-cpu: mark HDMI TX registers as volatile - [arm64] ASoC: qcom: lpass-cpu: Mark HDMI TX parity register as volatile - ALSA: ac97: fix possible memory leak in snd_ac97_dev_register() - [x86] perf/x86/intel/lbr: Use setup_clear_cpu_cap() instead of clear_cpu_cap() - tipc: fix a null-ptr-deref in tipc_topsrv_accept - [arm64] net: netsec: fix error handling in netsec_register_mdio() - net: hinic: fix incorrect assignment issue in hinic_set_interrupt_cfg() - net: hinic: fix memory leak when reading function table - net: hinic: fix the issue of CMDQ memory leaks - net: hinic: fix the issue of double release MBOX callback of VF - [x86] unwind/orc: Fix unreliable stack dump with gcov - [amd64,arm64] amd-xgbe: fix the SFP compliance codes check for DAC cables - [amd64,arm64] amd-xgbe: add the bit rate quirk for Molex cables - [amd64,arm64] atlantic: fix deadlock at aq_nic_stop - net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed - tcp: minor optimization in tcp_add_backlog() - tcp: fix a signed-integer-overflow bug in tcp_add_backlog() - tcp: fix indefinite deferral of RTO with SACK reneging - can: mcp251x: mcp251x_can_probe(): add missing unregister_candev() in error path - PM: hibernate: Allow hybrid sleep to work with s2idle - media: vivid: s_fbuf: add more sanity checks - media: vivid: dev->bitmap_cap wasn't freed in all cases - media: v4l2-dv-timings: add sanity checks for blanking values - media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced' - media: vivid: set num_in/outputs to 0 if not supported - ipv6: ensure sane device mtu in tunnels - i40e: Fix ethtool rx-flow-hash setting for X722 - i40e: Fix VF hang when reset is triggered on another VF - i40e: Fix flow-type by setting GL_HASH_INSET registers - net: ksz884x: fix missing pci_disable_device() on error in pcidev_init() - PM: domains: Fix handling of unavailable/disabled idle states - [arm64,armhf] net: fec: limit register access on i.MX6UL - openvswitch: switch from WARN to pr_warn - nh: fix scope used to find saddr when adding non gw nh - net/mlx5e: Do not increment ESN when updating IPsec ESN state - net/mlx5: Fix possible use-after-free in async command interface - net/mlx5: Fix crash during sync firmware reset - [arm64] net: enetc: survive memory pressure without crashing - [arm64] Add AMPERE1 to the Spectre-BHB affected list - scsi: sd: Revert "scsi: sd: Remove a local variable" - [arm64] mm: Fix __enable_mmu() for new TGRAN range values - [arm64] kexec: Test page size support with new TGRAN range values - serial: core: move RS485 configuration tasks from drivers into core - serial: Deassert Transmit Enable on probe in driver-specific way https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.154 - serial: 8250: Let drivers request full 16550A feature probing - [x86] KVM: nVMX: Pull KVM L0's desired controls directly from vmcs01 - [x86] KVM: nVMX: Don't propagate vmcs12's PERF_GLOBAL_CTRL settings to vmcs02 - [x86] KVM: x86: Trace re-injected exceptions - [x86] KVM: x86: Treat #DBs from the emulator as fault-like (code and DR7.GD=1) - [x86] topology: Set cpu_die_id only if DIE_TYPE found - [x86] topology: Fix multiple packages shown on a single-package system - [x86] topology: Fix duplicated core ID within a package - [x86] KVM: x86: Protect the unused bits in MSR exiting flags - [x86] KVM: x86: Copy filter arg outside kvm_vm_ioctl_set_msr_filter() - [x86] KVM: x86: Add compat handler for KVM_X86_SET_MSR_FILTER - RDMA/cma: Use output interface for net_dev check - [amd64] IB/hfi1: Correctly move list in sc_disable() - NFSv4: Fix a potential state reclaim deadlock - NFSv4.1: Handle RECLAIM_COMPLETE trunking errors - NFSv4.1: We must always send RECLAIM_COMPLETE after a reboot - nfs4: Fix kmemleak when allocate slot failed - RDMA/core: Fix null-ptr-deref in ib_core_cleanup() - RDMA/qedr: clean up work queue on failure in qedr_alloc_resources() - [arm64,armhf] net: fec: fix improper use of NETDEV_TX_BUSY - [i386] ata: pata_legacy: fix pdc20230_set_piomode() - net: sched: Fix use after free in red_enqueue() - net: tun: fix bugs for oversize packet when napi frags enabled - netfilter: nf_tables: release flow rule object from commit path - ipvs: use explicitly signed chars - ipvs: fix WARNING in __ip_vs_cleanup_batch() - ipvs: fix WARNING in ip_vs_app_net_cleanup() - rose: Fix NULL pointer dereference in rose_send_frame() - mISDN: fix possible memory leak in mISDN_register_device() - btrfs: fix inode list leak during backref walking at resolve_indirect_refs() - btrfs: fix inode list leak during backref walking at find_parent_nodes() - btrfs: fix ulist leaks in error paths of qgroup self tests - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu (CVE-2022-3564) - Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() (CVE-2022-3640) - net: mdio: fix undefined behavior in bit shift for __mdiobus_register - net, neigh: Fix null-ptr-deref in neigh_table_clear() - ipv6: fix WARNING in ip6_route_net_exit_late() - [arm64] drm/msm/hdmi: Remove spurious IRQF_ONESHOT flag - [arm64] drm/msm/hdmi: fix IRQ lifetime - [arm64,armhf] mmc: sdhci-esdhc-imx: Propagate ESDHC_FLAG_HS400* only on 8bit bus - mmc: sdhci-pci: Avoid comma separated statements - mmc: sdhci-pci-core: Disable ES for ASUS BIOS on Jasper Lake - xhci-pci: Set runtime PM as default policy on all xHC 1.2 or later devices - [s390x] boot: add secure boot trailer - media: dvb-frontends/drxk: initialize err to 0 - ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init() - scsi: core: Restrict legal sdev_state transitions via sysfs - HID: saitek: add madcatz variant of MMO7 mouse device ID - drm/amdgpu: set vm_update_mode=0 as default for Sienna Cichlid in SRIOV case - efi/tpm: Pass correct address to memblock_reserve - i2c: piix4: Fix adapter not be removed in piix4_remove() - Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM (CVE-2022-42896) - Bluetooth: L2CAP: Fix attempting to access uninitialized memory (CVE-2022-42895) - block, bfq: protect 'bfqd->queued' by 'bfqd->lock' - ALSA: usb-audio: Add quirks for MacroSilicon MS2100/MS2106 devices - fscrypt: simplify master key locking - fscrypt: stop using keyrings subsystem for fscrypt_master_key - fscrypt: fix keyring memory leak on mount failure - tcp/udp: Fix memory leak in ipv6_renew_options(). (CVE-2022-3524) - [armhf] mtd: rawnand: gpmi: Set WAIT_FOR_READY timeout based on program/erase times - memcg: enable accounting of ipc resources (CVE-2021-3759) - [arm*] binder: fix UAF of alloc->vma in race with munmap() - btrfs: fix type of parameter generation in btrfs_get_dentry - ftrace: Fix use-after-free for dynamic ftrace_ops - tcp/udp: Make early_demux back namespacified. - tracing: kprobe: Fix memory leak in test_gen_kprobe/kretprobe_cmd() - kprobe: reverse kp->flags when arm_kprobe failed - tracing/histogram: Update document for KEYS_MAX size - capabilities: fix potential memleak on error path from vfs_getxattr_alloc() - fuse: add file_modified() to fallocate - efi: random: reduce seed size to 32 bytes - efi: random: Use 'ACPI reclaim' memory for random seed - [x86] perf/x86/intel: Fix pebs event constraints for ICL - [x86] perf/x86/intel: Add Cooper Lake stepping to isolation_ucodes[] - ext4: fix warning in 'ext4_da_release_space' - ext4: fix BUG_ON() when directory entry has invalid rec_len - [x86] KVM: x86: Mask off reserved bits in CPUID.80000006H - [x86] KVM: x86: Mask off reserved bits in CPUID.8000001AH - [x86] KVM: x86: Mask off reserved bits in CPUID.80000008H - [x86] KVM: x86: Mask off reserved bits in CPUID.80000001H - [x86] KVM: x86: emulator: em_sysexit should update ctxt->mode - [x86] KVM: x86: emulator: introduce emulator_recalc_and_set_mode - [x86] KVM: x86: emulator: update the emulation mode after CR0 write - ext4,f2fs: fix readahead of verity data - [arm64,armhf] drm/rockchip: dsi: Force synchronous probe - [x86] drm/i915/sdvo: Filter out invalid outputs more sensibly - [x86] drm/i915/sdvo: Setup DDC fully before output init - wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker() (CVE-2022-3628) - ipc: remove memcg accounting for sops objects in do_semtimedop() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.155 - fuse: fix readdir cache race - [armhf] phy: stm32: fix an error code in probe - wifi: cfg80211: silence a sparse RCU warning - wifi: cfg80211: fix memory leak in query_regdb_file() - bpf, sockmap: Fix the sk->sk_forward_alloc warning of sk_stream_kill_queues - bpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without FILE - [x86] HID: hyperv: fix possible memory leak in mousevsc_probe() - bpf: Support for pointers beyond pkt_end. - bpf: Add helper macro bpf_for_each_reg_in_vstate - bpf: Fix wrong reg type conversion in release_reference() - net: gso: fix panic on frag_list with mixed head alloc types - macsec: delete new rxsc when offload fails - macsec: fix secy->n_rx_sc accounting - macsec: fix detection of RXSCs when toggling offloading - macsec: clear encryption keys from the stack after setting up offload - net: tun: Fix memory leaks of napi_get_frags - bnxt_en: Fix possible crash in bnxt_hwrm_set_coal() - bnxt_en: fix potentially incorrect return value for ndo_rx_flow_steer - capabilities: fix undefined behavior in bit shift for CAP_TO_MASK - [s390x] KVM: s390x: fix SCK locking - [s390x] KVM: s390: pv: don't allow userspace to set the clock under PV - hamradio: fix issue of dev reference count leakage in bpq_device_event() - [arm*] drm/vc4: Fix missing platform_unregister_drivers() call in vc4_drm_register() - tcp: prohibit TCP_REPAIR_OPTIONS if data was already sent - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network - can: af_can: fix NULL pointer dereference in can_rx_register() - [arm64,armhf] net: stmmac: dwmac-meson8b: fix meson8b_devm_clk_prepare_enable() - tipc: fix the msg->req tlv len check in tipc_nl_compat_name_table_dump_header - [arm64] dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove() - [arm64] drivers: net: xgene: disable napi when register irq failed in xgene_enet_open() - net/mlx5: Allow async trigger completion execution on single CPU systems - net/mlx5e: E-Switch, Fix comparing termination table instance - [armhf] net: cpsw: disable napi in cpsw_ndo_open() - net: cxgb3_main: disable napi when bind qsets failed in cxgb_up() - cxgb4vf: shut down the adapter when t4vf_update_port_info() failed in cxgb4vf_open() - net: phy: mscc: macsec: clear encryption keys when freeing a flow - [amd64,arm64] net: atlantic: macsec: clear encryption keys from the stack - ethernet: s2io: disable napi when start nic failed in s2io_card_up() - [armel,armhf] net: mv643xx_eth: disable napi when init rxq or txq failed in mv643xx_eth_open() - net: macvlan: fix memory leaks of macvlan_common_newlink - [arm64] efi: Fix handling of misaligned runtime regions and drop warning - [mips*] jump_label: Fix compat branch range check - [arm64] mmc: sdhci-of-arasan: Fix SDHCI_RESET_ALL for CQHCI - [arm64,armhf] mmc: sdhci-tegra: Fix SDHCI_RESET_ALL for CQHCI - ALSA: hda/hdmi - enable runtime pm for more AMD display audio - ALSA: hda/ca0132: add quirk for EVGA Z390 DARK - ALSA: hda: fix potential memleak in 'add_widget_node' - ALSA: hda/realtek: Add Positivo C6300 model quirk - ALSA: usb-audio: Add quirk entry for M-Audio Micro - ALSA: usb-audio: Add DSD support for Accuphase DAC-60 - vmlinux.lds.h: Fix placement of '.data..decrypted' section - ata: libata-scsi: fix SYNCHRONIZE CACHE (16) command failure - nilfs2: fix deadlock in nilfs_count_free_blocks() - nilfs2: fix use-after-free bug of ns_writer on remount - [x86] drm/i915/dmabuf: fix sg_table handling in map_dma_buf - [x86] platform/x86: hp_wmi: Fix rfkill causing soft blocked wifi - [arm64,armhf] mms: sdhci-esdhc-imx: Fix SDHCI_RESET_ALL for CQHCI - udf: Fix a slab-out-of-bounds write bug in udf_find_entry() - mm/memremap.c: map FS_DAX device memory as decrypted - can: j1939: j1939_send_one(): fix missing CAN header initialization - net: tun: call napi_schedule_prep() to ensure we own a napi - [arm64,armhf] mmc: sdhci-esdhc-imx: Convert the driver to DT-only - [x86] cpu: Restore AMD's DE_CFG MSR after resume - io_uring: kill goto error handling in io_sqpoll_wait_sq() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.156 - drm/amd/display: Remove wrong pipe control lock - NFSv4: Retry LOCK on OLD_STATEID during delegation return - [arm64,armhf] i2c: tegra: Allocate DMA memory for DMA engine - [x86] i2c: i801: add lis3lv02d's I2C address for Vostro 5568 - btrfs: remove pointless and double ulist frees in error paths of qgroup tests - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm - ALSA: hda/realtek: fix speakers and micmute on HP 855 G8 - [x86] mtd: spi-nor: intel-spi: Disable write protection only if asked - [arm64,armhf] mmc: sdhci-esdhc-imx: use the correct host caps for MMC_CAP_8_BIT_DATA - drm/amd/pm: support power source switch on Sienna Cichlid - drm/amd/pm: Read BIF STRAP also for BACO check - drm/amd/pm: disable BACO entry/exit completely on several sienna cichlid cards - drm/amdgpu: disable BACO on special BEIGE_GOBY card - [armhf] spi: stm32: Print summary 'callbacks suppressed' message - ASoC: core: Fix use-after-free in snd_soc_exit() - serial: 8250: Remove serial_rs485 sanitization from em485 - [arm64,armhf] serial: imx: Add missing .thaw_noirq hook - tty: n_gsm: fix sleep-in-atomic-context bug in gsm_control_send - bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb() - ASoC: soc-utils: Remove __exit for snd_soc_util_exit() - sctp: remove the unnecessary sinfo_stream check in sctp_prsctp_prune_unsent - sctp: clear out_curr if all frag chunks of current msg are pruned - block: sed-opal: kmalloc the cmd/resp buffers - [arm64] Fix bit-shifting UB in the MIDR_CPU_MODEL() macro - parport_pc: Avoid FIFO port location truncation - pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map - [arm64,armhf] drm/panel: simple: set bpc field for logic technologies displays - drm/drv: Fix potential memory leak in drm_dev_init() - drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker() - ata: libata-transport: fix double ata_host_put() in ata_tport_add() - ata: libata-transport: fix error handling in ata_tport_add() - ata: libata-transport: fix error handling in ata_tlink_add() - ata: libata-transport: fix error handling in ata_tdev_add() - bpf: Initialize same number of free nodes for each pcpu_freelist - mISDN: fix possible memory leak in mISDN_dsp_element_register() - net: hinic: Fix error handling in hinic_module_init() - net: liquidio: release resources when liquidio driver open failed - mISDN: fix misuse of put_device() in mISDN_register_device() - net: macvlan: Use built-in RCU list checking - net: caif: fix double disconnect client in chnl_net_open() - bnxt_en: Remove debugfs when pci_register_driver failed - xen/pcpu: fix possible memory leak in register_pcpu() - net: ena: Fix error handling in ena_init() - drbd: use after free in drbd_create_device() - [x86] platform/x86/intel: pmc: Don't unconditionally attach Intel PMC when virtualized - cifs: add check for returning value of SMB2_close_init - cifs: Fix wrong return value checking when GETFLAGS - [x86] net: thunderbolt: Fix error handling in tbnet_init() - cifs: add check for returning value of SMB2_set_info_init - ftrace: Fix the possible incorrect kernel message - ftrace: Optimize the allocation for mcount entries - ftrace: Fix null pointer dereference in ftrace_add_mod() - ring_buffer: Do not deactivate non-existant pages - tracing/ring-buffer: Have polling block on watermark - tracing: Fix memory leak in test_gen_synth_cmd() and test_empty_synth_event() - tracing: Fix wild-memory-access in register_synth_event() - tracing: kprobe: Fix potential null-ptr-deref on trace_event_file in kprobe_event_gen_test_exit() - tracing: kprobe: Fix potential null-ptr-deref on trace_array in kprobe_event_gen_test_exit() - ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open() - ALSA: hda/realtek: fix speakers for Samsung Galaxy Book Pro - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360 - [arm64,armhf] Revert "usb: dwc3: disable USB core PHY management" - slimbus: stream: correct presence rate frequencies - speakup: fix a segfault caused by switching consoles - USB: serial: option: add Sierra Wireless EM9191 - USB: serial: option: remove old LARA-R6 PID - USB: serial: option: add u-blox LARA-R6 00B modem - USB: serial: option: add u-blox LARA-L6 modem - USB: serial: option: add Fibocom FM160 0x0111 composition - usb: add NO_LPM quirk for Realforce 87U Keyboard - dm ioctl: fix misbehavior if list_versions races with module loading - serial: 8250: Fall back to non-DMA Rx if IIR_RDI occurs - serial: 8250: Flush DMA Rx on RLSI - [x86] serial: 8250_lpss: Configure DMA also w/o DMA filter - Input: iforce - invert valid length check when fetching device IDs - maccess: Fix writing offset in case of fault in strncpy_from_kernel_nofault() - [s390x] scsi: zfcp: Fix double free of FSF request when qdio send fails - [amd64] iommu/vt-d: Set SRE bit only when hardware has SRS cap - firmware: coreboot: Register bus in module init - mmc: core: properly select voltage range without power cycle - mmc: sdhci-pci-o2micro: fix card detect fail issue caused by CD# debounce timeout - mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put() - docs: update mediator contact information in CoC doc - [x86] misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() - [x86] perf/x86/intel/pt: Fix sampling using single range output - nvme: restrict management ioctls to admin - nvme: ensure subsystem reset is single threaded (CVE-2022-3169) - net: fix a concurrency bug in l2tp_tunnel_register() - ring-buffer: Include dropped pages in counting dirty patches - usbnet: smsc95xx: Fix deadlock on runtime resume - stddef: Introduce struct_group() helper macro - net: use struct_group to copy ip/ipv6 header addresses - scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus() - scsi: scsi_debug: Fix possible UAF in sdebug_add_host_helper() - kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case - Input: i8042 - fix leaking of platform device on module removal - macvlan: enforce a consistent minimal mtu - tcp: cdg: allow tcp_cdg_release() to be called multiple times - kcm: avoid potential race in kcm_tx_work (CVE-2022-3521) - kcm: close race conditions on sk_receive_queue - 9p: trans_fd/p9_conn_cancel: drop client lock earlier - gfs2: Check sb_bsize_shift after reading superblock - gfs2: Switch from strlcpy to strscpy - 9p/trans_fd: always use O_NONBLOCK read/write - mm: fs: initialize fsdata passed to write_begin/write_end interface https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.157 - scsi: scsi_transport_sas: Fix error handling in sas_phy_add() - ata: libata-scsi: simplify __ata_scsi_queuecmd() - ata: libata-core: do not issue non-internal commands once EH is pending - bridge: switchdev: Notify about VLAN protocol changes - bridge: switchdev: Fix memory leaks when changing VLAN protocol - drm/display: Don't assume dual mode adaptors support i2c sub-addressing - nvme: add a bogus subsystem NQN quirk for Micron MTFDKBA2T0TFH - nvme-pci: add NVME_QUIRK_BOGUS_NID for Micron Nitro - iio: ms5611: Simplify IO callback parameters - iio: pressure: ms5611: fixed value compensation bug - ceph: do not update snapshot context when there is no new snapshot - ceph: avoid putting the realm twice when decoding snaps fails - wifi: mac80211: fix memory free error when registering wiphy fail - wifi: mac80211_hwsim: fix debugfs attribute ps with rc table support - audit: fix undefined behavior in bit shift for AUDIT_BIT - wifi: airo: do not assign -1 to unsigned char - wifi: mac80211: Fix ack frame idr leak when mesh has no route - [armhf] spi: stm32: fix stm32_spi_prepare_mbr() that halves spi clk for every run - Revert "net: macsec: report real_dev features when HW offloading is enabled" - [powerpc*] scsi: ibmvfc: Avoid path failures during live migration - scsi: scsi_debug: Make the READ CAPACITY response compliant with ZBC - drm: panel-orientation-quirks: Add quirk for Acer Switch V 10 (SW5-017) - block, bfq: fix null pointer dereference in bfq_bio_bfqg() - [arm64] syscall: Include asm/ptrace.h in syscall_wrapper header. - [mips*] pic32: treat port as signed integer - xfrm: fix "disable_policy" on ipv4 early demux - xfrm: replay: Fix ESN wrap around for GSO - af_key: Fix send_acquire race with pfkey_register - [armhf] sgtl5000: Reset the CHIP_CLK_CTRL reg on remove - ASoC: soc-pcm: Don't zero TDM masks in __soc_pcm_open() - [x86] scsi: storvsc: Fix handling of srb_status and capacity change events - regulator: core: fix kobject release warning and memory leak in regulator_register() - regulator: core: fix UAF in destroy_regulator() - [arm64,armhf] bus: sunxi-rsb: Support atomic transfers - [arm64] tee: optee: fix possible memory leak in optee_register_device() - net: liquidio: simplify if expression - rxrpc: Allow list of in-use local UDP endpoints to be viewed in /proc - rxrpc: Use refcount_t rather than atomic_t - rxrpc: Fix race between conn bundle lookup and bundle removal [ZDI-CAN-15975] - [i386] net: pch_gbe: fix potential memleak in pch_gbe_tx_queue() - 9p/fd: fix issue of list_del corruption in p9_fd_cancel() - netfilter: conntrack: Fix data-races around ct mark - [armhf] dts: imx6q-prti6q: Fix ref/tcxo-clock-frequency properties - net/mlx4: Check retval of mlx4_bitmap_init - net/qla3xxx: fix potential memleak in ql3xxx_send() - [i386] net: pch_gbe: fix pci device refcount leak while module exiting - nfp: fill splittable of devlink_port_attrs correctly - nfp: add port from netdev validation for EEPROM access - macsec: Fix invalid error code set - [x86] Drivers: hv: vmbus: fix double free in the error path of vmbus_add_channel_work() - [x86] Drivers: hv: vmbus: fix possible memory leak in vmbus_device_register() - netfilter: ipset: Limit the maximal range of consecutive elements to add/delete - netfilter: ipset: regression in ip_set_hash_ip.c - net/mlx5: Fix FW tracer timestamp calculation - net/mlx5: Fix handling of entry refcount when command is not issued to FW - tipc: set con sock in tipc_conn_alloc - tipc: add an extra conn_get in tipc_conn_alloc - tipc: check skb_linearize() return value in tipc_disc_rcv() - xfrm: Fix ignored return value in xfrm6_init() - sfc: fix potential memleak in __ef100_hard_start_xmit() - net: sched: allow act_ct to be built without NF_NAT - [armhf] regulator: twl6030: re-add TWL6032_SUBCLASS - bnx2x: fix pci device refcount leak in bnx2x_vf_is_pcie_pending() - netfilter: flowtable_offload: add missing locking - dccp/tcp: Reset saddr on failure after inet6?_hash_connect(). - ipv4: Fix error return code in fib_table_insert() - [s390x] dasd: fix no record found for raw_track_access - net: arcnet: Fix RESET flag handling - arcnet: fix potential memory leak in com20020_probe() - [arm64] net: thunderx: Fix the ACPI memory leak - [arm64] net: enetc: manage ENETC_F_QBV in priv->active_offloads only when enabled - [arm64] net: enetc: cache accesses to &priv->si->hw - [arm64] net: enetc: preserve TX ring priority across reconfiguration - lib/vdso: use "grep -E" instead of "egrep" - [armhf] usb: dwc3: exynos: Fix remove() function - ext4: fix use-after-free in ext4_ext_shift_extents - [arm64] dts: rockchip: lower rk3399-puma-haikou SD controller clock frequency - iio: light: apds9960: fix wrong register for gesture gain - ceph: make ceph_create_session_msg a global symbol - ceph: make iterate_sessions a global symbol - ceph: flush mdlog before umounting - ceph: flush the mdlog before waiting on unsafe reqs - ceph: fix off by one bugs in unsafe_request_wait() - ceph: put the requests/sessions when it fails to alloc memory - ceph: fix possible NULL pointer dereference for req->r_session - ceph: Use kcalloc for allocating multiple elements - ceph: fix NULL pointer dereference for req->r_session - [arm64,armhf] usb: dwc3: gadget: conditionally remove requests - [arm64,armhf] usb: dwc3: gadget: Return -ESHUTDOWN on ep disable - [arm64,armhf] usb: dwc3: gadget: Clear ep descriptor last - nilfs2: fix nilfs_sufile_mark_dirty() not set segment usage as dirty - mm: vmscan: fix extreme overreclaim and swap floods - [x86] KVM: x86: nSVM: leave nested mode on vCPU free - [x86] KVM: x86: remove exit_int_info warning in svm_handle_exit - [x86] ioremap: Fix page aligned size calculation in __ioremap_caller() - [arm*] binder: avoid potential data leakage when copying txn - [arm*] binder: read pre-translated fds from sender buffer - [arm*] binder: defer copies of pre-patched txn data - [arm*] binder: fix pointer cast warning - [arm*] binder: Address corner cases in deferred copy and fixup - [arm*] binder: Gracefully handle BINDER_TYPE_FDA objects with num_fds=0 - Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI mode - [x86] ASoC: Intel: bytcht_es8316: Add quirk for the Nanote UMPC-01 - Input: goodix - try resetting the controller when no config is set - [x86] Input: soc_button_array - add use_low_level_irq module parameter - [x86] Input: soc_button_array - add Acer Switch V 10 to dmi_use_low_level_irq[] - xen-pciback: Allow setting PCI_MSIX_FLAGS_MASKALL too - xen/platform-pci: add missing free_irq() in error path - [x86] platform/x86: asus-wmi: add missing pci_dev_put() in asus_wmi_set_xusb2pr() - [x86] platform/x86: acer-wmi: Enable SW_TABLET_MODE on Switch V 10 (SW5-017) - zonefs: fix zone report size in __zonefs_io_error() - [x86] platform/x86: hp-wmi: Ignore Smart Experience App event - tcp: configurable source port perturb table size - net: usb: qmi_wwan: add Telit 0x103a composition - [arm64,armhf] gpu: host1x: Avoid trying to use GART on Tegra20 - dm integrity: flush the journal on suspend - dm integrity: clear the journal on suspend - genirq/msi: Shutdown managed interrupts with unsatifiable affinities - genirq: Always limit the affinity to online CPUs - [arm64,armhf] irqchip/gic-v3: Always trust the managed affinity provided by the core code - genirq: Take the proposed affinity at face value if force==true - btrfs: free btrfs_path before copying root refs to userspace - btrfs: free btrfs_path before copying fspath to userspace - btrfs: free btrfs_path before copying subvol info to userspace - btrfs: sysfs: normalize the error handling branch in btrfs_init_sysfs() - drm/amdgpu: always register an MMU notifier for userptr - [x86] drm/i915: fix TLB invalidation for Gen12 video and compute engines (CVE-2022-4139) - fuse: lock inode unconditionally in fuse_fallocate() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.158 - btrfs: sink iterator parameter to btrfs_ioctl_logical_to_ino - btrfs: free btrfs_path before copying inodes to userspace - [armhf] spi: spi-imx: Fix spi_bus_clk if requested clock is higher than input clock - btrfs: move QUOTA_ENABLED check to rescan_should_stop from btrfs_qgroup_rescan_worker - drm/display/dp_mst: Fix drm_dp_mst_add_affected_dsc_crtcs() return code - drm/amdgpu: update drm_display_info correctly when the edid is read - drm/amdgpu: Partially revert "drm/amdgpu: update drm_display_info correctly when the edid is read" - btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit() - iio: health: afe4403: Fix oob read in afe4403_read_raw - bpf, perf: Use subprog name when reporting subprog ksymbol - scripts/faddr2line: Fix regression in name resolution on ppc64le - [x86] hwmon: (i5500_temp) fix missing pci_disable_device() - hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails - bpf: Do not copy spin lock field from user in bpf_selem_alloc - of: property: decrement node refcount in of_fwnode_get_reference_args() - ixgbevf: Fix resource leak in ixgbevf_init_module() - i40e: Fix error handling in i40e_init_module() - iavf: remove redundant ret variable - iavf: Fix error handling in iavf_init_module() - e100: switch from 'pci_' to 'dma_' API - e100: Fix possible use after free in e100_xmit_prepare - net/mlx5: Fix uninitialized variable bug in outlen_write() - net/mlx5e: Fix use-after-free when reverting termination table - can: sja1000_isa: sja1000_isa_probe(): add missing free_sja1000dev() - [i386] can: cc770: cc770_isa_probe(): add missing free_cc770dev() - qlcnic: fix sleep-in-atomic-context bugs caused by msleep - [amd64,arm64] aquantia: Do not purge addresses when setting the number of rings - wifi: cfg80211: fix buffer overflow in elem comparison - wifi: cfg80211: don't allow multi-BSSID in S1G - wifi: mac8021: fix possible oob access in ieee80211_get_rate_duration - net: phy: fix null-ptr-deref while probe() failed - net/9p: Fix a potential socket leak in p9_socket_open - tipc: re-fetch skb cb after tipc_msg_validate - afs: Fix fileserver probe RTT handling - net: tun: Fix use-after-free in tun_detach() - packet: do not set TP_STATUS_CSUM_VALID on CHECKSUM_COMPLETE - sctp: fix memory leak in sctp_stream_outq_migrate() - [x86] hwmon: (coretemp) Check for null before removing sysfs attrs - [x86] hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new() - net/mlx5: DR, Fix uninitialized var warning - nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry() - [x86] bugs: Make sure MSR_SPEC_CTRL is updated properly upon resume from S3 - [x86] pinctrl: intel: Save and restore pins in "direct IRQ" mode - net: stmmac: Set MAC's flow control register to reflect current settings - mmc: core: Fix ambiguous TRIM and DISCARD arg - [arm64,armhf] mmc: sdhci-esdhc-imx: correct CQHCI exit halt state check - mmc: sdhci: Fix voltage switch delay - drm/amdgpu: temporarily disable broken Clang builds due to blown stack-frame - [x86] drm/i915: Never return 0 if not all requests retired - tracing: Free buffers when a used dynamic event is removed - io_uring: don't hold uring_lock when calling io_run_task_work* - ASoC: ops: Fix bounds check for _sx controls - [arm64,armhf] pinctrl: single: Fix potential division by zero - [amd64] iommu/vt-d: Fix PCI device refcount leak in has_external_pci() - [amd64] iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init() - ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference (CVE-2022-3435) - ipv4: Fix route deletion when nexthop info is not specified - Revert "tty: n_gsm: avoid call of sleeping functions from atomic context" - [x86] tsx: Add a feature bit for TSX control MSR support - [x86] pm: Add enumeration check before spec MSRs save/restore setup - [arm64,armhf] i2c: imx: Only DMA messages with I2C_M_DMA_SAFE flag set - [amd64,arm64] ACPI: HMAT: remove unnecessary variable initialization - [amd64,arm64] ACPI: HMAT: Fix initiator registration for single-initiator systems - char: tpm: Protect tpm_pm_suspend with locks - block: unhash blkdev part inode when the part is deleted - proc: avoid integer type confusion in get_proc_long (CVE-2022-4378) - proc: proc_skip_spaces() shouldn't think it is working on C strings (CVE-2022-4378) - v4l2: don't fall back to follow_pfn() if pin_user_pages_fast() fails - ipc/sem: Fix dangling sem_array access in semtimedop race . [ Salvatore Bonaccorso ] * Bump ABI to 20 * [rt] Drop "net: arcnet: Fix RESET flag handling" (applied upstream) * [x86] Enable AMD_MEM_ENCRYPT (Closes: #1024697) * xen/netback: Ensure protocol headers don't fall in the non-linear area (XSA-423, CVE-2022-3643) * xen/netback: do some code cleanup * xen/netback: don't call kfree_skb() with interrupts disabled (XSA-424, CVE-2022-42328, CVE-2022-42329) * [rt] Update to 5.10.158-rt77 linux-signed-amd64 (5.10.149+2) bullseye-security; urgency=high . * Sign kernel from linux 5.10.149-2 . * Revert "drm/amdgpu: move nbio sdma_doorbell_range() into sdma code for vega" (Closes: #1022025) * Revert "drm/amdgpu: make sure to init common IP before gmc" (Closes: #1022025) linux-signed-amd64 (5.10.149+1) bullseye-security; urgency=high . * Sign kernel from linux 5.10.149-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.149 - Revert "fs: check FMODE_LSEEK to control internal pipe splicing" . [ Salvatore Bonaccorso ] * Replace patch for "io_uring/af_unix: defer registered files gc to io_uring release" with queued version linux-signed-amd64 (5.10.148+1) bullseye-security; urgency=high . * Sign kernel from linux 5.10.148-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.141 - [s390x] mm: do not trigger write fault when vma does not allow VM_WRITE - kbuild: Fix include path in scripts/Makefile.modpost - Bluetooth: L2CAP: Fix build errors in some archs - HID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report - media: pvrusb2: fix memory leak in pvr_probe - HID: hidraw: fix memory leak in hidraw_release() - net: fix refcount bug in sk_psock_get (2) - fbdev: fb_pm2fb: Avoid potential divide by zero error - ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead - drm/amd/display: Avoid MPC infinite loop - drm/amd/display: For stereo keep "FLIP_ANY_FRAME" - drm/amd/display: clear optc underflow before turn off odm clock - neigh: fix possible DoS due to net iface start/stop loop - [s390x] hypfs: avoid error message under KVM - drm/amd/pm: add missing ->fini_microcode interface for Sienna Cichlid - drm/amd/display: Fix pixel clock programming - drm/amdgpu: Increase tlb flush timeout for sriov - netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to y - lib/vdso: Mark do_hres_timens() and do_coarse_timens() __always_inline() - kprobes: don't call disarm_kprobe() for disabled kprobes - io_uring: disable polling pollfree files - xfs: remove infinite loop when reserving free block pool - xfs: always succeed at setting the reserve pool size - xfs: fix overfilling of reserve pool - xfs: fix soft lockup via spinning in filestream ag selection loop - xfs: revert "xfs: actually bump warning counts when we send warnings" - net: neigh: don't call kfree_skb() under spin_lock_irqsave() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.142 - [arm64] drm/msm/dsi: fix the inconsistent indenting - [arm64] drm/msm/dp: delete DP_RECOVERED_CLOCK_OUT_EN to fix tps4 - [arm64] drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg - [arm64] drm/msm/dsi: Fix number of regulators for SDM660 - [x86] platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask - iio: adc: mcp3911: make use of the sign bit - bpf, cgroup: Fix kernel BUG in purge_effective_progs - ieee802154/adf7242: defer destroy_workqueue call - ALSA: hda: intel-nhlt: remove use of __func__ in dev_dbg - ALSA: hda: intel-nhlt: Correct the handling of fmt_config flexible array - wifi: cfg80211: debugfs: fix return type in ht40allow_map_read() - Revert "xhci: turn off port power in shutdown" - net: sched: tbf: don't call qdisc_put() while holding tree lock - net/sched: fix netdevice reference leaks in attach_default_qdiscs() - sch_cake: Return __NET_XMIT_STOLEN when consuming enqueued skb - tcp: annotate data-race around challenge_timestamp - Revert "sch_cake: Return __NET_XMIT_STOLEN when consuming enqueued skb" - net/smc: Remove redundant refcount increase - [arm64] serial: fsl_lpuart: RS485 RTS polariy is inverse - staging: rtl8712: fix use after free bugs - [powerpc*] align syscall table for ppc32 - vt: Clear selection before changing the font - [arm64] tty: serial: lpuart: disable flow control while waiting for the transmit engine to complete - Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag - iio: ad7292: Prevent regulator double disable - iio: adc: mcp3911: use correct formula for AD conversion - USB: serial: ftdi_sio: add Omron CS1W-CIF31 device id - [arm*] binder: fix UAF of ref->proc caused by race condition (CVE-2022-20421) - [x86] drm/i915/reg: Fix spelling mistake "Unsupport" -> "Unsupported" - clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops - Revert "clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops" - clk: core: Fix runtime PM sequence in clk_core_unprepare() - [arm64,armhf] clk: bcm: rpi: Fix error handling of raspberrypi_fw_get_rate - [arm64,armhf] clk: bcm: rpi: Use correct order for the parameters of devm_kcalloc() - [arm64,armhf] clk: bcm: rpi: Prevent out-of-bounds access - [arm64,armhf] clk: bcm: rpi: Add missing newline - [armel,armhf] hwmon: (gpio-fan) Fix array out of bounds access - [arm64,armhf] gpio: pca953x: Add mutex_lock for regcache sync in PM - [x86] KVM: x86: Mask off unsupported and unknown bits of IA32_ARCH_CAPABILITIES - xen/grants: prevent integer overflow in gnttab_dma_alloc_pages() - mm: pagewalk: Fix race between unmap and page walker - xen-blkback: Advertise feature-persistent as user requested - xen-blkfront: Advertise feature-persistent as user requested - [x86] thunderbolt: Use the actual buffer in tb_async_error() - media: mceusb: Use new usb_control_msg_*() routines - xhci: Add grace period after xHC start to prevent premature runtime suspend. - USB: serial: cp210x: add Decagon UCA device id - USB: serial: option: add support for OPPO R11 diag port - USB: serial: option: add Quectel EM060K modem - USB: serial: option: add support for Cinterion MV32-WA/WB RmNet mode - usb: typec: altmodes/displayport: correct pin assignment for UFP receptacles - [arm*] usb: dwc2: fix wrong order of phy_power_on and phy_init - USB: cdc-acm: Add Icom PMR F3400 support (0c26:0020) - usb-storage: Add ignore-residue quirk for NXP PN7462AU - [s390x] hugetlb: fix prepare_hugepage_range() check for 2 GB hugepages - [s390x] fix nospec table alignments - USB: core: Prevent nested device-reset calls - usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS - driver core: Don't probe devices after bus_type.match() probe deferral - wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected - wifi: mac80211: Fix UAF in ieee80211_scan_rx() - ip: fix triggering of 'icmp redirect' - net: Use u64_stats_fetch_begin_irq() for stats fetch. - net: mac802154: Fix a condition in the receive path - ALSA: hda/realtek: Add speaker AMP init for Samsung laptops with ALC298 - ALSA: seq: oss: Fix data-race for max_midi_devs access - ALSA: seq: Fix data-race at module auto-loading - [x86] drm/i915/glk: ECS Liva Q2 needs GLK HDMI port timing quirk - btrfs: harden identification of a stale device - mmc: core: Fix UHS-I SD 1.8V workaround branch - [arm64,armhf] usb: dwc3: fix PHY disable sequence - [arm64,armhf] usb: dwc3: qcom: fix use-after-free on runtime-PM wakeup - [arm64,armhf] usb: dwc3: disable USB core PHY management - USB: serial: ch341: fix lost character on LCR updates - USB: serial: ch341: fix disabled rx timer on older devices https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.143 - NFSD: Fix verifier returned in stable WRITEs - xen-blkfront: Cache feature_persistent value before advertisement - tty: n_gsm: initialize more members at gsm_alloc_mux() - tty: n_gsm: avoid call of sleeping functions from atomic context - efi: capsule-loader: Fix use-after-free in efi_capsule_write (CVE-2022-40307) - wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in il4965_rs_fill_link_cmd() - fs: only do a memory barrier for the first set_buffer_uptodate() - scsi: qla2xxx: Disable ATIO interrupt coalesce for quad port ISP27XX - scsi: megaraid_sas: Fix double kfree() - drm/gem: Fix GEM handle release errors - drm/amdgpu: Move psp_xgmi_terminate call from amdgpu_xgmi_remove_device to psp_hw_fini - drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup. - drm/radeon: add a force flush to delay work when radeon - [arm64] cacheinfo: Fix incorrect assignment of signed error value to unsigned fw_level - net/core/skbuff: Check the return value of skb_copy_bits() - drm/amdgpu: mmVM_L2_CNTL3 register not initialized correctly - ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() - ALSA: aloop: Fix random zeros in capture data when using jiffies timer - ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() - kprobes: Prohibit probes in gate area - debugfs: add debugfs_lookup_and_remove() - nvmet: fix a use-after-free - [x86] drm/i915: Implement WaEdpLinkRateDataReload - scsi: mpt3sas: Fix use-after-free warning - scsi: lpfc: Add missing destroy_workqueue() in error path - cgroup: Elide write-locking threadgroup_rwsem when updating csses on an empty subtree - cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock - cifs: remove useless parameter 'is_fsctl' from SMB2_ioctl() - smb3: missing inode locks in punch hole - regulator: core: Clean up on enable failure - [arm64] tee: fix compiler warning in tee_shm_register() - RDMA/cma: Fix arguments order in net device validation - [arm64] RDMA/hns: Fix supported page size - [arm64] RDMA/hns: Fix wrong fixed value of qp->rq.wqe_shift - netfilter: br_netfilter: Drop dst references before setting. - netfilter: nf_tables: clean up hook list when offload flags check fails - netfilter: nf_conntrack_irc: Fix forged IP logic (CVE-2022-2663) - ALSA: usb-audio: Inform the delayed registration more properly - ALSA: usb-audio: Register card again for iface over delayed_register option - rxrpc: Fix an insufficiently large sglist in rxkad_verify_packet_2() - afs: Use the operation issue time instead of the reply time for callbacks - sch_sfb: Don't assume the skb is still around after enqueueing to child - tipc: fix shift wrapping bug in map_get() - ice: use bitmap_free instead of devm_kfree - i40e: Fix kernel crash during module removal - xen-netback: only remove 'hotplug-status' when the vif is actually destroyed - ipv6: sr: fix out-of-bounds read when setting HMAC data. - IB/core: Fix a nested dead lock as part of ODP flow - RDMA/mlx5: Set local port to one when accessing counters - nvme-tcp: fix UAF when detecting digest errors - nvme-tcp: fix regression that causes sporadic requests to time out - tcp: fix early ETIMEDOUT after spurious non-SACK RTO - sch_sfb: Also store skb len before calling child enqueue - swiotlb: avoid potential left shift overflow - [amd64] iommu/amd: use full 64-bit value in build_completion_wait() - [arm64] errata: add detection for AMEVCNTR01 incrementing incorrectly https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.144 - [armhf] dts: imx: align SPI NOR node name with dtschema - [amd64] iommu/vt-d: Correctly calculate sagaw value of IOMMU - tracefs: Only clobber mode/uid/gid on remount if asked - Input: goodix - add support for GT1158 - [arm64] drm/msm/rd: Fix FIFO-full deadlock - [amd64] hid: intel-ish-hid: ishtp: Fix ishtp client sending disordered message - tg3: Disable tg3 device on system reboot to avoid triggering AER - ieee802154: cc2520: add rc code in cc2520_tx() - Input: iforce - add support for Boeder Force Feedback Wheel - nvmet-tcp: fix unhandled tcp states in nvmet_tcp_state_change() - drm/amd/amdgpu: skip ucode loading if ucode_size == 0 - [arm*] perf/arm_pmu_platform: fix tests for platform_get_irq() failure - [x86] platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell Dot keymap fixes - mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region() - [x86] Revert "x86/ftrace: Use alternative RET encoding" - [x86] ibt,ftrace: Make function-graph play nice - [x86] ftrace: Use alternative RET encoding - Input: goodix - add compatible string for GT1158 https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.145 - [ppc64el] KVM: PPC: Book3S HV: Context tracking exit guest context before enabling irqs - [ppc64el] KVM: PPC: Tick accounting should defer vtime accounting 'til after IRQ handling - serial: 8250: Fix reporting real baudrate value in c_ospeed field - [powerpc*] pseries/mobility: refactor node lookup during DT update - [powerpc*] pseries/mobility: ignore ibm, platform-facilities updates - [x86] platform/x86/intel: hid: add quirk to support Surface Go 3 - [arm64,armhf] net: dsa: mv88e6xxx: allow use of PHYs on CPU and DSA ports - of: fdt: fix off-by-one error in unflatten_dt_nodes() - [arm64] pinctrl: sunxi: Fix name for A100 R_PIO - NFSv4: Turn off open-by-filehandle and NFS re-export for NFSv4.0 - [arm64] gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type in mpc85xx - [arm64] drm/meson: Correct OSD1 global alpha value - [arm64] drm/meson: Fix OSD1 RGB to YCbCr coefficient - tracing: hold caller_addr to hardirq_{enable,disable}_ip - of/device: Fix up of_dma_configure_id() stub - cifs: revalidate mapping when doing direct writes - cifs: don't send down the destination address to sendmsg for a SOCK_STREAM - video: fbdev: i740fb: Error out if 'pixclock' equals zero (CVE-2022-3061) - Revert "serial: 8250: Fix reporting real baudrate value in c_ospeed field" - [x86] ASoC: nau8824: Fix semaphore unbalance at error paths - [armhf] regulator: pfuze100: Fix the global-out-of-bounds access in pfuze100_regulator_probe() - rxrpc: Fix local destruction being repeated - rxrpc: Fix calc of resend age - wifi: mac80211_hwsim: check length for virtio packets - ALSA: hda/sigmatel: Keep power up while beep is enabled - [arm64,armhf] ALSA: hda/tegra: Align BDL entry to 4KB boundary - net: usb: qmi_wwan: add Quectel RM520N - afs: Return -EAGAIN, not -EREMOTEIO, when a file already locked - [misp64el,mipsel] OCTEON: irq: Fix octeon_irq_force_ciu_mapping() - mksysmap: Fix the mismatch of 'L0' symbols in System.map - video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write (CVE-2022-39842) - cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all() - ALSA: hda/sigmatel: Fix unused variable warning for beep power change https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.146 - drm/amdgpu: move nbio sdma_doorbell_range() into sdma code for vega - drm/amdgpu: indirect register access for nv12 sriov - drm/amdgpu: Separate vf2pf work item init from virt data exchange - drm/amdgpu: make sure to init common IP before gmc - [arm64,armhf] usb: dwc3: gadget: Avoid starting DWC3 gadget during UDC unbind - [arm64,armhf] usb: dwc3: Issue core soft reset before enabling run/stop - [arm64,armhf] usb: dwc3: gadget: Prevent repeat pullup() - [arm64,armhf] usb: dwc3: gadget: Refactor pullup() - [arm64,armhf] usb: dwc3: gadget: Don't modify GEVNTCOUNT in pullup() - [arm64,armhf] usb: dwc3: gadget: Avoid duplicate requests to enable Run/Stop - mmc: core: Fix inconsistent sd3_bus_mode at UHS-I SD voltage switch failure - vfio/type1: Change success value of vaddr_get_pfn() - vfio/type1: Prepare for batched pinning with struct vfio_batch - vfio/type1: Unpin zero pages - USB: core: Fix RST error in hub.c - USB: serial: option: add Quectel BG95 0x0203 composition - USB: serial: option: add Quectel RM520N - ALSA: hda/tegra: set depop delay for tegra - ALSA: hda: add Intel 5 Series / 3400 PCI DID - ALSA: hda/realtek: Add quirk for Huawei WRT-WX9 - ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5570 laptop - ALSA: hda/realtek: Re-arrange quirk table entries - ALSA: hda/realtek: Add pincfg for ASUS G513 HP jack - ALSA: hda/realtek: Add pincfg for ASUS G533Z HP jack - ALSA: hda/realtek: Add quirk for ASUS GA503R laptop - ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5530 laptop - [amd64] iommu/vt-d: Check correct capability for sagaw determination - media: flexcop-usb: fix endpoint type check - [x86] efi: x86: Wipe setup_data on pure EFI boot - efi: libstub: check Shim mode using MokSBStateRT - gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully - [arm64,armhf] can: flexcan: flexcan_mailbox_read() fix return value for drop = true - mm/slub: fix to return errno if kmalloc() fails - KVM: SEV: add cache flush to solve SEV cache incoherency issues (CVE-2022-0171) - xfs: fix up non-directory creation in SGID directories (CVE-2021-4037) - xfs: reorder iunlink remove operation in xfs_ifree - xfs: validate inode fork size against fork format - [arm64] dts: rockchip: Pull up wlan wake# on Gru-Bob - netfilter: nf_conntrack_sip: fix ct_sip_walk_headers - netfilter: nf_conntrack_irc: Tighten matching on DCC message (CVE-2022-2663) - netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find() - iavf: Fix cached head and tail value for iavf_get_tx_pending - ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header - net: let flow have same hash in two directions - net: core: fix flow symmetric hash - net: phy: aquantia: wait for the suspend/resume operations to finish - scsi: mpt3sas: Force PCIe scatterlist allocations to be within same 4 GB region - scsi: mpt3sas: Fix return value check of dma_get_required_mask() - net: bonding: Share lacpdu_mcast_addr definition - net: bonding: Unsync device addresses on ndo_stop - net: team: Unsync device addresses on ndo_stop - [arm64,armhf] drm/panel: simple: Fix innolux_g121i1_l01 bus_format - iavf: Fix bad page state - iavf: Fix set max MTU size with port VLAN and jumbo frames - i40e: Fix VF set max MTU size - i40e: Fix set max_tx_rate when it is lower than 1 Mbps - sfc: fix TX channel offset when using legacy interrupts - sfc: fix null pointer dereference in efx_hard_start_xmit - of: mdio: Add of_node_put() when breaking out of for_each_xx - wireguard: ratelimiter: disable timings test by default - wireguard: netlink: avoid variable-sized memcpy on sockaddr - [arm64] net: enetc: move enetc_set_psfp() out of the common enetc_set_features() - net: socket: remove register_gifconf - net/sched: taprio: avoid disabling offload when it was never enabled - net/sched: taprio: make qdisc_leaf() see the per-netdev-queue pfifo child qdiscs - netfilter: nf_tables: fix nft_counters_enabled underflow at nf_tables_addchain() - netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain() - netfilter: ebtables: fix memory leak when blob is malformed - can: gs_usb: gs_can_open(): fix race dev->can.state condition - net/smc: Stop the CLC flow if no link to map buffers on - net: sunhme: Fix packet reception for len < RX_COPY_THRESHOLD - net: sched: fix possible refcount leak in tc_new_tfilter() - drm/amd/amdgpu: fixing read wrong pf2vf data in SRIOV - serial: Create uart_xmit_advance() - [arm64,armhf] serial: tegra: Use uart_xmit_advance(), fixes icount.tx accounting - [s390x] dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup - vfio/type1: fix vaddr_get_pfns() return in vfio_pin_page_external() - drm/amdgpu: Fix check for RAS support - cifs: use discard iterator to discard unneeded network data more efficiently - cifs: always initialize struct msghdr smb_msg completely - [x86] Drivers: hv: Never allocate anything besides framebuffer from framebuffer memory region - [x86] drm/gma500: Fix BUG: sleeping function called from invalid context errors - drm/amdgpu: use dirty framebuffer helper - drm/amd/display: Limit user regamma to a valid value - drm/amd/display: Mark dml30's UseMinimumDCFCLK() as noinline for stack usage - [arm64] drm/rockchip: Fix return type of cdn_dp_connector_mode_valid - workqueue: don't skip lockdep work dependency in cancel_work_sync() - [arm64,armhf] i2c: imx: If pm_runtime_get_sync() returned 1 device access is possible - [amd64,arm64] devdax: Fix soft-reservation memory description - ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0 - ext4: limit the number of retries after discarding preallocations blocks - ext4: make directory inode spreading reflect flexbg size https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.147 - [x86] thunderbolt: Add support for Intel Maple Ridge - [x86] thunderbolt: Add support for Intel Maple Ridge single port controller - [arm64,armhf] ALSA: hda/tegra: Use clk_bulk helpers - [arm64,armhf] ALSA: hda/tegra: Reset hardware - ALSA: hda/hdmi: let new platforms assign the pcm slot dynamically - ALSA: hda: Fix Nvidia dp infoframe - btrfs: fix hang during unmount when stopping a space reclaim worker - [arm64,x86] usb: typec: ucsi: Remove incorrect warning - [x86] thunderbolt: Explicitly reset plug events delay back to USB4 spec value - net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 - libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205 - mm/page_alloc: fix race condition between build_all_zonelists and page allocation - mm: prevent page_frag_alloc() from corrupting the memory - mm/migrate_device.c: flush TLB while holding PTL - mm: fix madivse_pageout mishandling on non-LRU page - swiotlb: max mapping size takes min align mask into account - [arm64] scsi: hisi_sas: Revert "scsi: hisi_sas: Limit max hw sectors for v3 HW" - [arm64,armhf] soc: sunxi: sram: Actually claim SRAM regions - [arm64,armhf] soc: sunxi: sram: Prevent the driver from being unbound - [arm64,armhf] soc: sunxi_sram: Make use of the helper function devm_platform_ioremap_resource() - [arm64,armhf] soc: sunxi: sram: Fix probe function ordering issues - [arm64,armhf] soc: sunxi: sram: Fix debugfs info for A64 SRAM C - [arm64,armhf] Revert "drm: bridge: analogix/dp: add panel prepare/unprepare in suspend/resume time" - usbnet: Fix memory leak in usbnet_disconnect() - net: sched: act_ct: fix possible refcount leak in tcf_ct_init() - cxgb4: fix missing unlock on ETHOFLD desc collect fail path - nvme: add new line after variable declatation - nvme: Fix IOC_PR_CLEAR and IOC_PR_RELEASE ioctls for nvme devices - net: stmmac: power up/down serdes in stmmac_open/release - [armhf] clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI clocks - [x86] KVM: x86: Hide IA32_PLATFORM_DCA_CAP[31:0] from the guest - [x86] alternative: Fix race in try_get_desc() - ALSA: hda/hdmi: fix warning about PCM count when used with SOF https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.148 - nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level() - nilfs2: fix use-after-free bug of struct nilfs_root - nilfs2: fix leak of nilfs_root in case of writer thread creation failure - nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure - ceph: don't truncate file in atomic_open - docs: update mediator information in CoC docs - xsk: Inherit need_wakeup flag for shared sockets - ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC (CVE-2022-3303) - mm: gup: fix the fast GUP race against THP collapse - [powerpc*] 64s/radix: don't need to broadcast IPI for radix pmd collapse flush - fs: fix UAF/GPF bug in nilfs_mdt_destroy - compiler_attributes.h: move __compiletime_{error|warning} - scsi: qedf: Fix a UAF bug in __qedf_probe() - net/ieee802154: fix uninit value bug in dgram_sendmsg - ALSA: hda/hdmi: Fix the converter reuse for the silent stream - net: atlantic: fix potential memory leak in aq_ndev_close() - drm/amd/display: update gamut remap if plane has changed - drm/amd/display: skip audio setup when audio stream is enabled - mmc: core: Replace with already defined values for readability - mmc: core: Terminate infinite loop in SD-UHS voltage switch - usb: mon: make mmapped memory read only - USB: serial: ftdi_sio: fix 300 bps rate for SIO - [arm64] rpmsg: qcom: glink: replace strncpy() with strscpy_pad() - Revert "clk: ti: Stop using legacy clkctrl names for omap4 and 5" - random: restore O_NONBLOCK support - random: clamp credited irq bits to maximum mixed - ALSA: hda: Fix position reporting on Poulsbo - efi: Correct Macmini DMI match in uefi cert quirk - scsi: stex: Properly zero out the passthrough command structure - USB: serial: qcserial: add new usb-id for Dell branded EM7455 - random: avoid reading two cache lines on irq randomness - random: use expired timer rather than wq for mixing fast pool - wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans() (CVE-2022-41674) - wifi: cfg80211/mac80211: reject bad MBSSID elements - wifi: cfg80211: ensure length byte is present before access - wifi: cfg80211: fix BSS refcounting bugs (CVE-2022-42720) - wifi: cfg80211: avoid nontransmitted BSS list corruption (CVE-2022-42721) - wifi: mac80211_hwsim: avoid mac80211 warning on bad rate - wifi: mac80211: fix crash in beacon protection for P2P-device (CVE-2022-42722) - wifi: cfg80211: update hidden BSSes to avoid WARN_ON - Input: xpad - add supported devices as contributed on github - Input: xpad - fix wireless 360 controller breaking after suspend . [ Aurelien Jarno ] * [arm64] Add support for misalignment fixups for multiword loads from next branch. Enable COMPAT_ALIGNMENT_FIXUPS. . [ Salvatore Bonaccorso ] * [x86] drivers/edac: Enable EDAC_I10NM as module (Closes: #1019248) * Bump ABI to 19 * Refresh "Export symbols needed by Android drivers" * [rt] Update to 5.10.140-rt73 * io_uring/af_unix: defer registered files gc to io_uring release (CVE-2022-2602) * ext4: fix check for block being out of directory size (CVE-2022-1184) . [ Uwe Kleine-König ] * mac80211: mlme: find auth challenge directly * wifi: mac80211: don't parse mbssid in assoc response * wifi: mac80211: fix MBSSID parsing use-after-free (CVE-2022-42719) linux-signed-arm64 (5.10.158+2) bullseye; urgency=medium . * Sign kernel from linux 5.10.158-2 . * xen/netback: fix build warning linux-signed-arm64 (5.10.158+1) bullseye; urgency=medium . * Sign kernel from linux 5.10.158-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.150 - ALSA: oss: Fix potential deadlock at unregistration - ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free() - ALSA: usb-audio: Fix potential memory leaks - ALSA: usb-audio: Fix NULL dererence at error path - ALSA: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530 - ALSA: hda/realtek: Correct pin configs for ASUS G533Z - ALSA: hda/realtek: Add quirk for ASUS GV601R laptop - ALSA: hda/realtek: Add Intel Reference SSID to support headset keys - cifs: destage dirty pages before re-reading them for cache=none - cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message - iio: dac: ad5593r: Fix i2c read protocol requirements - iio: ltc2497: Fix reading conversion results - iio: adc: ad7923: fix channel readings for some variants - iio: pressure: dps310: Refactor startup procedure - iio: pressure: dps310: Reset chip after timeout - usb: add quirks for Lenovo OneLink+ Dock - can: kvaser_usb: Fix use of uninitialized completion - can: kvaser_usb_leaf: Fix overread with an invalid command - can: kvaser_usb_leaf: Fix TX queue out of sync after restart - can: kvaser_usb_leaf: Fix CAN state after restart - fs: dlm: fix race between test_bit() and queue_work() - fs: dlm: handle -EBUSY first in lock arg validation - HID: multitouch: Add memory barriers - quota: Check next/prev free block number after reading from quota file - [arm64,armhf] platform/chrome: cros_ec_proto: Update version on GET_NEXT_EVENT failure - [arm64] regulator: qcom_rpm: Fix circular deferral regression - nvme-pci: set min_align_mask before calculating max_hw_sectors - drm/virtio: Check whether transferred 2D BO is shmem - drm/udl: Restore display mode on resume - block: fix inflight statistics of part0 - mm/mmap: undo ->mmap() when arch_validate_flags() fails - PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge - [x86] powercap: intel_rapl: Use standard Energy Unit for SPR Dram RAPL domain - scsi: qedf: Populate sysfs attributes for vport - fbdev: smscufx: Fix use-after-free in ufx_ops_open() (CVE-2022-41849) - btrfs: fix race between quota enable and quota rescan ioctl - f2fs: increase the limit for reserve_root - f2fs: fix to do sanity check on destination blkaddr during recovery - f2fs: fix to do sanity check on summary info - jbd2: wake up journal waiters in FIFO order, not LIFO - jbd2: fix potential buffer head reference count leak - jbd2: fix potential use-after-free in jbd2_fc_wait_bufs - jbd2: add miss release buffer head in fc_do_one_pass() - ext4: avoid crash when inline data creation follows DIO write - ext4: fix null-ptr-deref in ext4_write_info - ext4: make ext4_lazyinit_thread freezable - ext4: don't increase iversion counter for ea_inodes - ext4: ext4_read_bh_lock() should submit IO if the buffer isn't uptodate - ext4: place buffer head allocation before handle start - ext4: fix miss release buffer head in ext4_fc_write_inode - ext4: fix potential memory leak in ext4_fc_record_modified_inode() - ext4: fix potential memory leak in ext4_fc_record_regions() - ext4: update 'state->fc_regions_size' after successful memory allocation - [amd64] livepatch: fix race between fork and KLP transition - ftrace: Properly unset FTRACE_HASH_FL_MOD - ring-buffer: Allow splice to read previous partially read pages - ring-buffer: Have the shortest_full queue be the shortest not longest - ring-buffer: Check pending waiters when doing wake ups as well - ring-buffer: Add ring_buffer_wake_waiters() - ring-buffer: Fix race between reset page and reading page - tracing: Disable interrupt or preemption before acquiring arch_spinlock_t - [x86] thunderbolt: Explicitly enable lane adapter hotplug events at startup - efi: libstub: drop pointless get_memory_map() call - [arm64,armhf] media: cedrus: Set the platform driver data earlier - [x86] KVM: x86/emulator: Fix handing of POP SS to correctly set interruptibility - [x86] KVM: nVMX: Unconditionally purge queued/injected events on nested "exit" - [x86] KVM: VMX: Drop bits 31:16 when shoving exception error code into VMCS - drm/nouveau/kms/nv140-: Disable interlacing - drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table() - [x86] drm/i915: Fix watermark calculations for gen12+ RC CCS modifier - [x86] drm/i915: Fix watermark calculations for gen12+ MC CCS modifier - smb3: must initialize two ACL struct fields to zero - selinux: use "grep -E" instead of "egrep" - userfaultfd: open userfaultfds with O_RDONLY - [armel,armhf] 9244/1: dump: Fix wrong pg_level in walk_pmd() - [armel,armhf] 9247/1: mm: set readonly for MT_MEMORY_RO with ARM_LPAE - objtool: Preserve special st_shndx indexes in elf_update_symbol - nfsd: Fix a memory leak in an error handling path - wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state() - wifi: mac80211: allow bw change during channel switch in mesh - bpftool: Fix a wrong type cast in btf_dumper_int - [x86] resctrl: Fix to restore to original value when re-enabling hardware prefetch register - Bluetooth: btusb: Fine-tune mt7663 mechanism. - Bluetooth: btusb: fix excessive stack usage - Bluetooth: btusb: mediatek: fix WMT failure during runtime suspend - wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse() - [arm64] spi: qup: add missing clk_disable_unprepare on error in spi_qup_resume() - [arm64] spi: qup: add missing clk_disable_unprepare on error in spi_qup_pm_resume_runtime() - wifi: rtl8xxxu: Fix skb misuse in TX queue selection - [arm64,armhf] spi: meson-spicc: do not rely on busy flag in pow2 clk ops - bpf: btf: fix truncated last_member_type_id in btf_struct_resolve - wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration - wifi: rtl8xxxu: Remove copy-paste leftover in gen2_update_rate_mask - bpf: Ensure correct locking around vulnerable function find_vpid() - Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() failure - wifi: ath11k: fix number of VHT beamformee spatial streams - [x86] microcode/AMD: Track patch allocation size explicitly - [x86] cpu: Include the header of init_ia32_feat_ctl()'s prototype - Bluetooth: hci_core: Fix not handling link timeouts propertly - netfilter: nft_fib: Fix for rpath check with VRF devices - wifi: rtl8xxxu: Fix AIFS written to REG_EDCA_*_PARAM - vhost/vsock: Use kvmalloc/kvfree for larger packets. - mISDN: fix use-after-free bugs in l1oip timer handlers (CVE-2022-3565) - sctp: handle the error returned from sctp_auth_asoc_init_active_key - tcp: fix tcp_cwnd_validate() to not forget is_cwnd_limited - spi: Ensure that sg_table won't be used after being freed - net: rds: don't hold sock lock when cancelling work from rds_tcp_reset_callbacks() - bnx2x: fix potential memory leak in bnx2x_tpa_stop() (CVE-2022-3542) - net/ieee802154: reject zero-sized raw_sendmsg() - once: add DO_ONCE_SLOW() for sleepable contexts - [arm64,armhf] net: mvpp2: fix mvpp2 debugfs leak (CVE-2022-3535) - [arm64] drm: bridge: adv7511: fix CEC power down control register offset - drm/bridge: Avoid uninitialized variable warning - drm/mipi-dsi: Detach devices when removing the host - drm/dp_mst: fix drm_dp_dpcd_read return value checks - [x86] platform/chrome: fix double-free in chromeos_laptop_prepare() - [arm64] platform/chrome: fix memory corruption in ioctl - [x86] platform/x86: msi-laptop: Fix old-ec check for backlight registering - [x86] platform/x86: msi-laptop: Fix resource cleanup - ALSA: hda: beep: Simplify keep-power-at-enable behavior - [armhf] drm/omap: dss: Fix refcount leak bugs - [armhf] ASoC: eureka-tlv320: Hold reference returned from of_find_xxx API - [arm64] drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx - [arm64] drm/msm/dp: correct 1.62G link rate at dp_catalog_ctrl_config_msa() - ASoC: da7219: Fix an error handling path in da7219_register_dai_clks() - [arm*] ALSA: dmaengine: increment buffer pointer atomically - [armhf] mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe() - ALSA: hda/hdmi: Don't skip notification handling during PM operation - [armel,armhf] memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe() - [armhf] memory: of: Fix refcount leak bug in of_get_ddr_timings() - [armhf] memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings() - [armhf] dts: turris-omnia: Fix mpp26 pin name and comment - [arm64] ftrace: fix module PLTs with mcount - [armhf] dts: exynos: fix polarity of VBUS GPIO of Origen - iio: inkern: only release the device node when done with it - iio: ABI: Fix wrong format of differential capacitance channel ABI. - usb: ch9: Add USB 3.2 SSP attributes - usb: common: Parse for USB SSP genXxY - usb: common: add function to get interval expressed in us unit - usb: common: move function's kerneldoc next to its definition - usb: common: debug: Check non-standard control requests - [arm64,armhf] clk: meson: Hold reference returned by of_get_parent() - [arm64] clk: qoriq: Hold reference returned by of_get_parent() - [arm64] clk: tegra: Fix refcount leak in tegra210_clock_init - [arm64] clk: tegra: Fix refcount leak in tegra114_clock_init - [armhf] HSI: omap_ssi: Fix refcount leak in ssi_probe - [armhf] HSI: omap_ssi_port: Fix dma_map_sg error check - [arm64] tty: xilinx_uartps: Fix the ignore_status - RDMA/rxe: Fix "kernel NULL pointer dereference" error - RDMA/rxe: Fix the error caused by qp->sk - ata: fix ata_id_sense_reporting_enabled() and ata_id_has_sense_reporting() - ata: fix ata_id_has_devslp() - ata: fix ata_id_has_ncq_autosense() - ata: fix ata_id_has_dipm() - md: Replace snprintf with scnprintf - md/raid5: Ensure stripe_fill happens on non-read IO with journal - RDMA/cm: Use SLID in the work completion as the DLID in responder side - IB: Set IOVA/LENGTH on IB_MR in core/uverbs layers - xhci: Don't show warning for reinit on known broken suspend - usb: gadget: function: fix dangling pnp_string in f_printer.c - drivers: serial: jsm: fix some leaks in probe - serial: 8250: Add an empty line and remove some useless {} - serial: 8250: Toggle IER bits on only after irq has been set up - [arm64] tty: serial: fsl_lpuart: disable dma rx/tx use flags in lpuart_dma_shutdown - [arm64] phy: qualcomm: call clk_disable_unprepare in the error handling - serial: 8250: Fix restoring termios speed after suspend - scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() - scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername() - [armhf] fsi: core: Check error number after calling ida_simple_get - [x86] mfd: intel_soc_pmic: Fix an error handling path in intel_soc_pmic_i2c_probe() - [mips*] mfd: sm501: Add check for platform_driver_register() - [amd64] dmaengine: ioat: stop mod_timer from resurrecting deleted timer in __cleanup() - [arm64] spmi: pmic-arb: correct duplicate APID to PPID mapping logic - [arm*] clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration - [armhf] clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe - [armhf] clk: ast2600: BCLK comes from EPLL - [powerpc*] pci_dn: Add missing of_node_put() - [powerpc*] powernv: add missing of_node_put() in opal_export_attrs() - [x86] hyperv: Fix 'struct hv_enlightened_vmcs' definition - [powerpc*] 64s: Fix GENERIC_CPU build flags for PPC970 / G5 - [armhf] hwrng: imx-rngc - Moving IRQ handler registering after imx_rngc_irq_mask_clear() - cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset - crypto: akcipher - default implementation for setting a private key - [x86] crypto: ccp - Release dma channels before dmaengine unrgister - [arm64] crypto: inside-secure - Change swab to swab32 - [x86] crypto: qat - fix use of 'dma_map_single' - [x86] crypto: qat - use pre-allocated buffers in datapath - [x86] crypto: qat - fix DMA transfer direction - tracing: kprobe: Fix kprobe event gen test module on exit - tracing: kprobe: Make gen test module work in arm and riscv - [arm64] crypto: cavium - prevent integer overflow loading firmware - [arm64] thermal/drivers/qcom/tsens-v0_1: Fix MSM8939 fourth sensor hw_id - ACPI: APEI: do not add task_work to kernel thread to avoid memory leak - f2fs: fix race condition on setting FI_NO_EXTENT flag - f2fs: fix to avoid REQ_TIME and CP_TIME collision - f2fs: fix to account FS_CP_DATA_IO correctly - rcu: Back off upon fill_page_cache_func() allocation failure - rcu-tasks: Convert RCU_LOCKDEP_WARN() to WARN_ONCE() - [x86] ACPI: video: Add Toshiba Satellite/Portege Z830 quirk - [x86] powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue - [x86] thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash - NFSD: Return nfserr_serverfault if splice_ok but buf->pages have data - NFSD: fix use-after-free on source server when doing inter-server copy - wifi: brcmfmac: fix invalid address access when enabling SCAN log level - bpftool: Clear errno after libcap's checks - openvswitch: Fix double reporting of drops in dropwatch - openvswitch: Fix overreporting of drops in dropwatch - tcp: annotate data-race around tcp_md5sig_pool_populated - wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg() - xfrm: Update ipcomp_scratches with NULL when freed - wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() - regulator: core: Prevent integer underflow - Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create() - Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times - can: bcm: check the result of can_send() in bcm_can_tx() - wifi: rt2x00: don't run Rt5592 IQ calibration on MT7620 - wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620 - wifi: rt2x00: set VGC gain for both chains of MT7620 - wifi: rt2x00: set SoC wmac clock register - wifi: rt2x00: correctly set BBP register 86 for MT7620 - net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory - Bluetooth: L2CAP: Fix user-after-free - r8152: Rate limit overflow messages (CVE-2022-3594) - drm/nouveau/nouveau_bo: fix potential memory leak in nouveau_bo_alloc() - drm: Use size_t type for len variable in drm_copy_field() - drm: Prevent drm_copy_field() to attempt copying a NULL pointer - drm/amd/display: fix overflow on MIN_I64 definition - [arm64,armhf] drm: bridge: dw_hdmi: only trigger hotplug event on link change - [arm*] drm/vc4: vec: Fix timings for VEC modes - drm: panel-orientation-quirks: Add quirk for Anbernic Win600 - [arm64,armhf] platform/chrome: cros_ec: Notify the PM of wake events during resume - [x86] platform/x86: msi-laptop: Change DMI match / alias strings to fix module autoloading - [x86] ASoC: SOF: pci: Change DMI match info to support all Chrome platforms - drm/amdgpu: fix initial connector audio value - [arm64] drm/meson: explicitly remove aggregate driver at module unload time - [arm64] mmc: sdhci-msm: add compatible string check for sdm670 - drm/dp: Don't rewrite link config when setting phy test pattern - drm/amd/display: Remove interface for periodic interrupt 1 - btrfs: scrub: try to fix super block errors - [arm64] clk: zynqmp: Fix stack-out-of-bounds in strncpy` - media: cx88: Fix a null-ptr-deref bug in buffer_prepare() - [arm64] clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate - usb: host: xhci-plat: suspend and resume clocks - usb: host: xhci-plat: suspend/resume clks for brcm - scsi: 3w-9xxx: Avoid disabling device if failing to enable it - nbd: Fix hung when signal interrupts nbd_start_device_ioctl() - blk-throttle: prevent overflow while calculating wait time - ata: libahci_platform: Sanity check the DT child nodes number - bcache: fix set_at_max_writeback_rate() for multiple attached devices - soundwire: cadence: Don't overwrite msg->buf during write commands - soundwire: intel: fix error handling on dai registration issues - HID: roccat: Fix use-after-free in roccat_read() (CVE-2022-41850) - md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d - usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info() - [arm64,armhf] usb: musb: Fix musb_gadget.c rxstate overflow bug - Revert "usb: storage: Add quirk for Samsung Fit flash" - staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv() - nvme: copy firmware_rev on each init - nvmet-tcp: add bounds check on Transfer Tag - usb: idmouse: fix an uninit-value in idmouse_open - [arm*] clk: bcm2835: Make peripheral PLLC critical - [arm64] topology: fix possible overflow in amu_fie_setup() - io_uring: correct pinned_vm accounting - mm: hugetlb: fix UAF in hugetlb_handle_userfault - net: ieee802154: return -EINVAL for unknown addr type - Revert "net/ieee802154: reject zero-sized raw_sendmsg()" - net/ieee802154: don't warn zero-sized raw_sendmsg() - Revert "drm/amdgpu: use dirty framebuffer helper" (Closes: #1022806) - ext4: continue to expand file system when the target size doesn't reach - inet: fully convert sk->sk_rx_dst to RCU rules - [x86] thermal: intel_powerclamp: Use first online CPU as control_cpu - f2fs: fix wrong condition to trigger background checkpoint correctly https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.151 - bpf: Generate BTF_KIND_FLOAT when linking vmlinux - kbuild: Quote OBJCOPY var to avoid a pahole call break the build - kbuild: skip per-CPU BTF generation for pahole v1.18-v1.21 - kbuild: Unify options for BTF generation for vmlinux and modules - kbuild: Add skip_encoding_btf_enum64 option to pahole https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.152 - ocfs2: clear dinode links count in case of error - ocfs2: fix BUG when iput after ocfs2_mknod fails - selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context() - [x86] microcode/AMD: Apply the patch early on every logical thread - [x86] hwmon/coretemp: Handle large core ID value - [armhf] ata: ahci-imx: Fix MODULE_ALIAS - ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS - kvm: Add support for arch compat vm ioctls - [arm64] KVM: arm64: vgic: Fix exit condition in scan_its_table() - media: mceusb: set timeout to at least timeout provided - [arm64] media: venus: dec: Handle the case where find_format fails - block: wbt: Remove unnecessary invoking of wbt_update_limits in wbt_init - blk-wbt: call rq_qos_add() after wb_normal is initialized - [arm64] errata: Remove AES hwcap for COMPAT tasks - r8152: add PID for the Lenovo OneLink+ Dock - btrfs: fix processing of delayed data refs during backref walking - btrfs: fix processing of delayed tree block refs during backref walking - ACPI: extlog: Handle multiple records - tipc: Fix recognition of trial period - tipc: fix an information leak in tipc_topsrv_kern_subscr - i40e: Fix DMA mappings leak - HID: magicmouse: Do not set BTN_MOUSE on double report - sfc: Change VF mac via PF as first preference if available. - net/atm: fix proc_mpc_write incorrect return value - net: phy: dp83867: Extend RX strap quirk for SGMII mode - cifs: Fix xid leak in cifs_copy_file_range() - cifs: Fix xid leak in cifs_flock() - cifs: Fix xid leak in cifs_ses_add_channel() - nvme-hwmon: rework to avoid devm allocation - nvme-hwmon: Return error code when registration fails - nvme-hwmon: consistently ignore errors from nvme_hwmon_init - nvme-hwmon: kmalloc the NVME SMART log buffer - net: sched: cake: fix null pointer access issue when cake_init() fails - net: sched: delete duplicate cleanup of backlog and qlen - net: sched: sfb: fix null pointer access issue when sfb_init() fails - sfc: include vport_id in filter spec hash and equal() - [arm64] net: hns: fix possible memory leak in hnae_ae_register() - net: sched: fix race condition in qdisc_graft() - net: phy: dp83822: disable MDI crossover status change interrupt - [amd64] iommu/vt-d: Allow NVS regions in arch_rmrr_sanity_check() - [amd64] iommu/vt-d: Clean up si_domain in the init_dmars() error path - drm/virtio: Use appropriate atomic state in virtio_gpu_plane_cleanup_fb() - [armhf] dmaengine: mxs-dma: Remove the unused .id_table - [armhf] dmaengine: mxs: use platform_driver_register - tracing: Simplify conditional compilation code in tracing_set_tracer() - tracing: Do not free snapshot if tracer is on cmdline - xen: assume XENFEAT_gnttab_map_avail_bits being set for pv guests - xen/gntdev: Accommodate VMA splitting - [arm64,armhf] mmc: sdhci-tegra: Use actual clock rate for SW tuning correction - fcntl: make F_GETOWN(EX) return 0 on dead owner task - fcntl: fix potential deadlocks for &fown_struct.lock - [arm64] topology: move store_cpu_topology() to shared code - [x86] hv_netvsc: Fix race between VF offering and VF association message from host - ACPI: video: Force backlight native for more TongFang devices - mmc: core: Add SD card quirk for broken discard - blk-wbt: fix that 'rwb->wc' is always set to 1 in wbt_init() - mm: /proc/pid/smaps_rollup: fix no vma's null-deref - udp: Update reuse->has_conns under reuseport_lock. https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.153 - can: j1939: transport: j1939_session_skb_drop_old(): spin_unlock_irqrestore() before kfree_skb() - can: kvaser_usb: Fix possible completions during init_completion - ALSA: Use del_timer_sync() before freeing timer - ALSA: au88x0: use explicitly signed char - ALSA: rme9652: use explicitly signed char - USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM - [arm64,armhf] usb: dwc3: gadget: Stop processing more requests on IMI - [arm64,armhf] usb: dwc3: gadget: Don't set IMI for no_interrupt - usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96 controller - [armhf] mtd: rawnand: marvell: Use correct logic for nand-keep-config - xhci: Add quirk to reset host back to default state at shutdown - xhci: Remove device endpoints from bandwidth list when freeing the device - iio: light: tsl2583: Fix module unloading - iio: temperature: ltc2983: allocate iio channels once - fbdev: smscufx: Fix several use-after-free bugs - fs/binfmt_elf: Fix memory leak in load_elf_binary() - exec: Copy oldsighand->action under spin-lock - mac802154: Fix LQI recording - scsi: qla2xxx: Use transport-defined speed mask for supported_speeds - [arm64] drm/msm/dsi: fix memory corruption with too many bridges - [arm64] drm/msm/hdmi: fix memory corruption with too many bridges - [arm64] drm/msm/dp: fix IRQ lifetime - mmc: core: Fix kernel panic when remove non-standard SDIO card - kernfs: fix use-after-free in __kernfs_remove - [s390x] futex: add missing EX_TABLE entry to __futex_atomic_op() - [s390x] pci: add missing EX_TABLE entries to __pcistg_mio_inuser()/__pcilg_mio_inuser() - Xen/gntdev: don't ignore kernel unmapping error - xen/gntdev: Prevent leaking grants - mm/memory: add non-anonymous page check in the copy_present_page() - mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages - net: ieee802154: fix error return code in dgram_bind() - media: v4l2: Fix v4l2_i2c_subdev_set_name function documentation - [arm64] drm/msm: Fix return type of mdp4_lvds_connector_mode_valid - [arm64] ASoC: qcom: lpass-cpu: mark HDMI TX registers as volatile - [arm64] ASoC: qcom: lpass-cpu: Mark HDMI TX parity register as volatile - ALSA: ac97: fix possible memory leak in snd_ac97_dev_register() - [x86] perf/x86/intel/lbr: Use setup_clear_cpu_cap() instead of clear_cpu_cap() - tipc: fix a null-ptr-deref in tipc_topsrv_accept - [arm64] net: netsec: fix error handling in netsec_register_mdio() - net: hinic: fix incorrect assignment issue in hinic_set_interrupt_cfg() - net: hinic: fix memory leak when reading function table - net: hinic: fix the issue of CMDQ memory leaks - net: hinic: fix the issue of double release MBOX callback of VF - [x86] unwind/orc: Fix unreliable stack dump with gcov - [amd64,arm64] amd-xgbe: fix the SFP compliance codes check for DAC cables - [amd64,arm64] amd-xgbe: add the bit rate quirk for Molex cables - [amd64,arm64] atlantic: fix deadlock at aq_nic_stop - net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed - tcp: minor optimization in tcp_add_backlog() - tcp: fix a signed-integer-overflow bug in tcp_add_backlog() - tcp: fix indefinite deferral of RTO with SACK reneging - can: mcp251x: mcp251x_can_probe(): add missing unregister_candev() in error path - PM: hibernate: Allow hybrid sleep to work with s2idle - media: vivid: s_fbuf: add more sanity checks - media: vivid: dev->bitmap_cap wasn't freed in all cases - media: v4l2-dv-timings: add sanity checks for blanking values - media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced' - media: vivid: set num_in/outputs to 0 if not supported - ipv6: ensure sane device mtu in tunnels - i40e: Fix ethtool rx-flow-hash setting for X722 - i40e: Fix VF hang when reset is triggered on another VF - i40e: Fix flow-type by setting GL_HASH_INSET registers - net: ksz884x: fix missing pci_disable_device() on error in pcidev_init() - PM: domains: Fix handling of unavailable/disabled idle states - [arm64,armhf] net: fec: limit register access on i.MX6UL - openvswitch: switch from WARN to pr_warn - nh: fix scope used to find saddr when adding non gw nh - net/mlx5e: Do not increment ESN when updating IPsec ESN state - net/mlx5: Fix possible use-after-free in async command interface - net/mlx5: Fix crash during sync firmware reset - [arm64] net: enetc: survive memory pressure without crashing - [arm64] Add AMPERE1 to the Spectre-BHB affected list - scsi: sd: Revert "scsi: sd: Remove a local variable" - [arm64] mm: Fix __enable_mmu() for new TGRAN range values - [arm64] kexec: Test page size support with new TGRAN range values - serial: core: move RS485 configuration tasks from drivers into core - serial: Deassert Transmit Enable on probe in driver-specific way https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.154 - serial: 8250: Let drivers request full 16550A feature probing - [x86] KVM: nVMX: Pull KVM L0's desired controls directly from vmcs01 - [x86] KVM: nVMX: Don't propagate vmcs12's PERF_GLOBAL_CTRL settings to vmcs02 - [x86] KVM: x86: Trace re-injected exceptions - [x86] KVM: x86: Treat #DBs from the emulator as fault-like (code and DR7.GD=1) - [x86] topology: Set cpu_die_id only if DIE_TYPE found - [x86] topology: Fix multiple packages shown on a single-package system - [x86] topology: Fix duplicated core ID within a package - [x86] KVM: x86: Protect the unused bits in MSR exiting flags - [x86] KVM: x86: Copy filter arg outside kvm_vm_ioctl_set_msr_filter() - [x86] KVM: x86: Add compat handler for KVM_X86_SET_MSR_FILTER - RDMA/cma: Use output interface for net_dev check - [amd64] IB/hfi1: Correctly move list in sc_disable() - NFSv4: Fix a potential state reclaim deadlock - NFSv4.1: Handle RECLAIM_COMPLETE trunking errors - NFSv4.1: We must always send RECLAIM_COMPLETE after a reboot - nfs4: Fix kmemleak when allocate slot failed - RDMA/core: Fix null-ptr-deref in ib_core_cleanup() - RDMA/qedr: clean up work queue on failure in qedr_alloc_resources() - [arm64,armhf] net: fec: fix improper use of NETDEV_TX_BUSY - [i386] ata: pata_legacy: fix pdc20230_set_piomode() - net: sched: Fix use after free in red_enqueue() - net: tun: fix bugs for oversize packet when napi frags enabled - netfilter: nf_tables: release flow rule object from commit path - ipvs: use explicitly signed chars - ipvs: fix WARNING in __ip_vs_cleanup_batch() - ipvs: fix WARNING in ip_vs_app_net_cleanup() - rose: Fix NULL pointer dereference in rose_send_frame() - mISDN: fix possible memory leak in mISDN_register_device() - btrfs: fix inode list leak during backref walking at resolve_indirect_refs() - btrfs: fix inode list leak during backref walking at find_parent_nodes() - btrfs: fix ulist leaks in error paths of qgroup self tests - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu (CVE-2022-3564) - Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() (CVE-2022-3640) - net: mdio: fix undefined behavior in bit shift for __mdiobus_register - net, neigh: Fix null-ptr-deref in neigh_table_clear() - ipv6: fix WARNING in ip6_route_net_exit_late() - [arm64] drm/msm/hdmi: Remove spurious IRQF_ONESHOT flag - [arm64] drm/msm/hdmi: fix IRQ lifetime - [arm64,armhf] mmc: sdhci-esdhc-imx: Propagate ESDHC_FLAG_HS400* only on 8bit bus - mmc: sdhci-pci: Avoid comma separated statements - mmc: sdhci-pci-core: Disable ES for ASUS BIOS on Jasper Lake - xhci-pci: Set runtime PM as default policy on all xHC 1.2 or later devices - [s390x] boot: add secure boot trailer - media: dvb-frontends/drxk: initialize err to 0 - ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init() - scsi: core: Restrict legal sdev_state transitions via sysfs - HID: saitek: add madcatz variant of MMO7 mouse device ID - drm/amdgpu: set vm_update_mode=0 as default for Sienna Cichlid in SRIOV case - efi/tpm: Pass correct address to memblock_reserve - i2c: piix4: Fix adapter not be removed in piix4_remove() - Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM (CVE-2022-42896) - Bluetooth: L2CAP: Fix attempting to access uninitialized memory (CVE-2022-42895) - block, bfq: protect 'bfqd->queued' by 'bfqd->lock' - ALSA: usb-audio: Add quirks for MacroSilicon MS2100/MS2106 devices - fscrypt: simplify master key locking - fscrypt: stop using keyrings subsystem for fscrypt_master_key - fscrypt: fix keyring memory leak on mount failure - tcp/udp: Fix memory leak in ipv6_renew_options(). (CVE-2022-3524) - [armhf] mtd: rawnand: gpmi: Set WAIT_FOR_READY timeout based on program/erase times - memcg: enable accounting of ipc resources (CVE-2021-3759) - [arm*] binder: fix UAF of alloc->vma in race with munmap() - btrfs: fix type of parameter generation in btrfs_get_dentry - ftrace: Fix use-after-free for dynamic ftrace_ops - tcp/udp: Make early_demux back namespacified. - tracing: kprobe: Fix memory leak in test_gen_kprobe/kretprobe_cmd() - kprobe: reverse kp->flags when arm_kprobe failed - tracing/histogram: Update document for KEYS_MAX size - capabilities: fix potential memleak on error path from vfs_getxattr_alloc() - fuse: add file_modified() to fallocate - efi: random: reduce seed size to 32 bytes - efi: random: Use 'ACPI reclaim' memory for random seed - [x86] perf/x86/intel: Fix pebs event constraints for ICL - [x86] perf/x86/intel: Add Cooper Lake stepping to isolation_ucodes[] - ext4: fix warning in 'ext4_da_release_space' - ext4: fix BUG_ON() when directory entry has invalid rec_len - [x86] KVM: x86: Mask off reserved bits in CPUID.80000006H - [x86] KVM: x86: Mask off reserved bits in CPUID.8000001AH - [x86] KVM: x86: Mask off reserved bits in CPUID.80000008H - [x86] KVM: x86: Mask off reserved bits in CPUID.80000001H - [x86] KVM: x86: emulator: em_sysexit should update ctxt->mode - [x86] KVM: x86: emulator: introduce emulator_recalc_and_set_mode - [x86] KVM: x86: emulator: update the emulation mode after CR0 write - ext4,f2fs: fix readahead of verity data - [arm64,armhf] drm/rockchip: dsi: Force synchronous probe - [x86] drm/i915/sdvo: Filter out invalid outputs more sensibly - [x86] drm/i915/sdvo: Setup DDC fully before output init - wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker() (CVE-2022-3628) - ipc: remove memcg accounting for sops objects in do_semtimedop() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.155 - fuse: fix readdir cache race - [armhf] phy: stm32: fix an error code in probe - wifi: cfg80211: silence a sparse RCU warning - wifi: cfg80211: fix memory leak in query_regdb_file() - bpf, sockmap: Fix the sk->sk_forward_alloc warning of sk_stream_kill_queues - bpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without FILE - [x86] HID: hyperv: fix possible memory leak in mousevsc_probe() - bpf: Support for pointers beyond pkt_end. - bpf: Add helper macro bpf_for_each_reg_in_vstate - bpf: Fix wrong reg type conversion in release_reference() - net: gso: fix panic on frag_list with mixed head alloc types - macsec: delete new rxsc when offload fails - macsec: fix secy->n_rx_sc accounting - macsec: fix detection of RXSCs when toggling offloading - macsec: clear encryption keys from the stack after setting up offload - net: tun: Fix memory leaks of napi_get_frags - bnxt_en: Fix possible crash in bnxt_hwrm_set_coal() - bnxt_en: fix potentially incorrect return value for ndo_rx_flow_steer - capabilities: fix undefined behavior in bit shift for CAP_TO_MASK - [s390x] KVM: s390x: fix SCK locking - [s390x] KVM: s390: pv: don't allow userspace to set the clock under PV - hamradio: fix issue of dev reference count leakage in bpq_device_event() - [arm*] drm/vc4: Fix missing platform_unregister_drivers() call in vc4_drm_register() - tcp: prohibit TCP_REPAIR_OPTIONS if data was already sent - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network - can: af_can: fix NULL pointer dereference in can_rx_register() - [arm64,armhf] net: stmmac: dwmac-meson8b: fix meson8b_devm_clk_prepare_enable() - tipc: fix the msg->req tlv len check in tipc_nl_compat_name_table_dump_header - [arm64] dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove() - [arm64] drivers: net: xgene: disable napi when register irq failed in xgene_enet_open() - net/mlx5: Allow async trigger completion execution on single CPU systems - net/mlx5e: E-Switch, Fix comparing termination table instance - [armhf] net: cpsw: disable napi in cpsw_ndo_open() - net: cxgb3_main: disable napi when bind qsets failed in cxgb_up() - cxgb4vf: shut down the adapter when t4vf_update_port_info() failed in cxgb4vf_open() - net: phy: mscc: macsec: clear encryption keys when freeing a flow - [amd64,arm64] net: atlantic: macsec: clear encryption keys from the stack - ethernet: s2io: disable napi when start nic failed in s2io_card_up() - [armel,armhf] net: mv643xx_eth: disable napi when init rxq or txq failed in mv643xx_eth_open() - net: macvlan: fix memory leaks of macvlan_common_newlink - [arm64] efi: Fix handling of misaligned runtime regions and drop warning - [mips*] jump_label: Fix compat branch range check - [arm64] mmc: sdhci-of-arasan: Fix SDHCI_RESET_ALL for CQHCI - [arm64,armhf] mmc: sdhci-tegra: Fix SDHCI_RESET_ALL for CQHCI - ALSA: hda/hdmi - enable runtime pm for more AMD display audio - ALSA: hda/ca0132: add quirk for EVGA Z390 DARK - ALSA: hda: fix potential memleak in 'add_widget_node' - ALSA: hda/realtek: Add Positivo C6300 model quirk - ALSA: usb-audio: Add quirk entry for M-Audio Micro - ALSA: usb-audio: Add DSD support for Accuphase DAC-60 - vmlinux.lds.h: Fix placement of '.data..decrypted' section - ata: libata-scsi: fix SYNCHRONIZE CACHE (16) command failure - nilfs2: fix deadlock in nilfs_count_free_blocks() - nilfs2: fix use-after-free bug of ns_writer on remount - [x86] drm/i915/dmabuf: fix sg_table handling in map_dma_buf - [x86] platform/x86: hp_wmi: Fix rfkill causing soft blocked wifi - [arm64,armhf] mms: sdhci-esdhc-imx: Fix SDHCI_RESET_ALL for CQHCI - udf: Fix a slab-out-of-bounds write bug in udf_find_entry() - mm/memremap.c: map FS_DAX device memory as decrypted - can: j1939: j1939_send_one(): fix missing CAN header initialization - net: tun: call napi_schedule_prep() to ensure we own a napi - [arm64,armhf] mmc: sdhci-esdhc-imx: Convert the driver to DT-only - [x86] cpu: Restore AMD's DE_CFG MSR after resume - io_uring: kill goto error handling in io_sqpoll_wait_sq() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.156 - drm/amd/display: Remove wrong pipe control lock - NFSv4: Retry LOCK on OLD_STATEID during delegation return - [arm64,armhf] i2c: tegra: Allocate DMA memory for DMA engine - [x86] i2c: i801: add lis3lv02d's I2C address for Vostro 5568 - btrfs: remove pointless and double ulist frees in error paths of qgroup tests - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm - ALSA: hda/realtek: fix speakers and micmute on HP 855 G8 - [x86] mtd: spi-nor: intel-spi: Disable write protection only if asked - [arm64,armhf] mmc: sdhci-esdhc-imx: use the correct host caps for MMC_CAP_8_BIT_DATA - drm/amd/pm: support power source switch on Sienna Cichlid - drm/amd/pm: Read BIF STRAP also for BACO check - drm/amd/pm: disable BACO entry/exit completely on several sienna cichlid cards - drm/amdgpu: disable BACO on special BEIGE_GOBY card - [armhf] spi: stm32: Print summary 'callbacks suppressed' message - ASoC: core: Fix use-after-free in snd_soc_exit() - serial: 8250: Remove serial_rs485 sanitization from em485 - [arm64,armhf] serial: imx: Add missing .thaw_noirq hook - tty: n_gsm: fix sleep-in-atomic-context bug in gsm_control_send - bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb() - ASoC: soc-utils: Remove __exit for snd_soc_util_exit() - sctp: remove the unnecessary sinfo_stream check in sctp_prsctp_prune_unsent - sctp: clear out_curr if all frag chunks of current msg are pruned - block: sed-opal: kmalloc the cmd/resp buffers - [arm64] Fix bit-shifting UB in the MIDR_CPU_MODEL() macro - parport_pc: Avoid FIFO port location truncation - pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map - [arm64,armhf] drm/panel: simple: set bpc field for logic technologies displays - drm/drv: Fix potential memory leak in drm_dev_init() - drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker() - ata: libata-transport: fix double ata_host_put() in ata_tport_add() - ata: libata-transport: fix error handling in ata_tport_add() - ata: libata-transport: fix error handling in ata_tlink_add() - ata: libata-transport: fix error handling in ata_tdev_add() - bpf: Initialize same number of free nodes for each pcpu_freelist - mISDN: fix possible memory leak in mISDN_dsp_element_register() - net: hinic: Fix error handling in hinic_module_init() - net: liquidio: release resources when liquidio driver open failed - mISDN: fix misuse of put_device() in mISDN_register_device() - net: macvlan: Use built-in RCU list checking - net: caif: fix double disconnect client in chnl_net_open() - bnxt_en: Remove debugfs when pci_register_driver failed - xen/pcpu: fix possible memory leak in register_pcpu() - net: ena: Fix error handling in ena_init() - drbd: use after free in drbd_create_device() - [x86] platform/x86/intel: pmc: Don't unconditionally attach Intel PMC when virtualized - cifs: add check for returning value of SMB2_close_init - cifs: Fix wrong return value checking when GETFLAGS - [x86] net: thunderbolt: Fix error handling in tbnet_init() - cifs: add check for returning value of SMB2_set_info_init - ftrace: Fix the possible incorrect kernel message - ftrace: Optimize the allocation for mcount entries - ftrace: Fix null pointer dereference in ftrace_add_mod() - ring_buffer: Do not deactivate non-existant pages - tracing/ring-buffer: Have polling block on watermark - tracing: Fix memory leak in test_gen_synth_cmd() and test_empty_synth_event() - tracing: Fix wild-memory-access in register_synth_event() - tracing: kprobe: Fix potential null-ptr-deref on trace_event_file in kprobe_event_gen_test_exit() - tracing: kprobe: Fix potential null-ptr-deref on trace_array in kprobe_event_gen_test_exit() - ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open() - ALSA: hda/realtek: fix speakers for Samsung Galaxy Book Pro - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360 - [arm64,armhf] Revert "usb: dwc3: disable USB core PHY management" - slimbus: stream: correct presence rate frequencies - speakup: fix a segfault caused by switching consoles - USB: serial: option: add Sierra Wireless EM9191 - USB: serial: option: remove old LARA-R6 PID - USB: serial: option: add u-blox LARA-R6 00B modem - USB: serial: option: add u-blox LARA-L6 modem - USB: serial: option: add Fibocom FM160 0x0111 composition - usb: add NO_LPM quirk for Realforce 87U Keyboard - dm ioctl: fix misbehavior if list_versions races with module loading - serial: 8250: Fall back to non-DMA Rx if IIR_RDI occurs - serial: 8250: Flush DMA Rx on RLSI - [x86] serial: 8250_lpss: Configure DMA also w/o DMA filter - Input: iforce - invert valid length check when fetching device IDs - maccess: Fix writing offset in case of fault in strncpy_from_kernel_nofault() - [s390x] scsi: zfcp: Fix double free of FSF request when qdio send fails - [amd64] iommu/vt-d: Set SRE bit only when hardware has SRS cap - firmware: coreboot: Register bus in module init - mmc: core: properly select voltage range without power cycle - mmc: sdhci-pci-o2micro: fix card detect fail issue caused by CD# debounce timeout - mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put() - docs: update mediator contact information in CoC doc - [x86] misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() - [x86] perf/x86/intel/pt: Fix sampling using single range output - nvme: restrict management ioctls to admin - nvme: ensure subsystem reset is single threaded (CVE-2022-3169) - net: fix a concurrency bug in l2tp_tunnel_register() - ring-buffer: Include dropped pages in counting dirty patches - usbnet: smsc95xx: Fix deadlock on runtime resume - stddef: Introduce struct_group() helper macro - net: use struct_group to copy ip/ipv6 header addresses - scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus() - scsi: scsi_debug: Fix possible UAF in sdebug_add_host_helper() - kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case - Input: i8042 - fix leaking of platform device on module removal - macvlan: enforce a consistent minimal mtu - tcp: cdg: allow tcp_cdg_release() to be called multiple times - kcm: avoid potential race in kcm_tx_work (CVE-2022-3521) - kcm: close race conditions on sk_receive_queue - 9p: trans_fd/p9_conn_cancel: drop client lock earlier - gfs2: Check sb_bsize_shift after reading superblock - gfs2: Switch from strlcpy to strscpy - 9p/trans_fd: always use O_NONBLOCK read/write - mm: fs: initialize fsdata passed to write_begin/write_end interface https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.157 - scsi: scsi_transport_sas: Fix error handling in sas_phy_add() - ata: libata-scsi: simplify __ata_scsi_queuecmd() - ata: libata-core: do not issue non-internal commands once EH is pending - bridge: switchdev: Notify about VLAN protocol changes - bridge: switchdev: Fix memory leaks when changing VLAN protocol - drm/display: Don't assume dual mode adaptors support i2c sub-addressing - nvme: add a bogus subsystem NQN quirk for Micron MTFDKBA2T0TFH - nvme-pci: add NVME_QUIRK_BOGUS_NID for Micron Nitro - iio: ms5611: Simplify IO callback parameters - iio: pressure: ms5611: fixed value compensation bug - ceph: do not update snapshot context when there is no new snapshot - ceph: avoid putting the realm twice when decoding snaps fails - wifi: mac80211: fix memory free error when registering wiphy fail - wifi: mac80211_hwsim: fix debugfs attribute ps with rc table support - audit: fix undefined behavior in bit shift for AUDIT_BIT - wifi: airo: do not assign -1 to unsigned char - wifi: mac80211: Fix ack frame idr leak when mesh has no route - [armhf] spi: stm32: fix stm32_spi_prepare_mbr() that halves spi clk for every run - Revert "net: macsec: report real_dev features when HW offloading is enabled" - [powerpc*] scsi: ibmvfc: Avoid path failures during live migration - scsi: scsi_debug: Make the READ CAPACITY response compliant with ZBC - drm: panel-orientation-quirks: Add quirk for Acer Switch V 10 (SW5-017) - block, bfq: fix null pointer dereference in bfq_bio_bfqg() - [arm64] syscall: Include asm/ptrace.h in syscall_wrapper header. - [mips*] pic32: treat port as signed integer - xfrm: fix "disable_policy" on ipv4 early demux - xfrm: replay: Fix ESN wrap around for GSO - af_key: Fix send_acquire race with pfkey_register - [armhf] sgtl5000: Reset the CHIP_CLK_CTRL reg on remove - ASoC: soc-pcm: Don't zero TDM masks in __soc_pcm_open() - [x86] scsi: storvsc: Fix handling of srb_status and capacity change events - regulator: core: fix kobject release warning and memory leak in regulator_register() - regulator: core: fix UAF in destroy_regulator() - [arm64,armhf] bus: sunxi-rsb: Support atomic transfers - [arm64] tee: optee: fix possible memory leak in optee_register_device() - net: liquidio: simplify if expression - rxrpc: Allow list of in-use local UDP endpoints to be viewed in /proc - rxrpc: Use refcount_t rather than atomic_t - rxrpc: Fix race between conn bundle lookup and bundle removal [ZDI-CAN-15975] - [i386] net: pch_gbe: fix potential memleak in pch_gbe_tx_queue() - 9p/fd: fix issue of list_del corruption in p9_fd_cancel() - netfilter: conntrack: Fix data-races around ct mark - [armhf] dts: imx6q-prti6q: Fix ref/tcxo-clock-frequency properties - net/mlx4: Check retval of mlx4_bitmap_init - net/qla3xxx: fix potential memleak in ql3xxx_send() - [i386] net: pch_gbe: fix pci device refcount leak while module exiting - nfp: fill splittable of devlink_port_attrs correctly - nfp: add port from netdev validation for EEPROM access - macsec: Fix invalid error code set - [x86] Drivers: hv: vmbus: fix double free in the error path of vmbus_add_channel_work() - [x86] Drivers: hv: vmbus: fix possible memory leak in vmbus_device_register() - netfilter: ipset: Limit the maximal range of consecutive elements to add/delete - netfilter: ipset: regression in ip_set_hash_ip.c - net/mlx5: Fix FW tracer timestamp calculation - net/mlx5: Fix handling of entry refcount when command is not issued to FW - tipc: set con sock in tipc_conn_alloc - tipc: add an extra conn_get in tipc_conn_alloc - tipc: check skb_linearize() return value in tipc_disc_rcv() - xfrm: Fix ignored return value in xfrm6_init() - sfc: fix potential memleak in __ef100_hard_start_xmit() - net: sched: allow act_ct to be built without NF_NAT - [armhf] regulator: twl6030: re-add TWL6032_SUBCLASS - bnx2x: fix pci device refcount leak in bnx2x_vf_is_pcie_pending() - netfilter: flowtable_offload: add missing locking - dccp/tcp: Reset saddr on failure after inet6?_hash_connect(). - ipv4: Fix error return code in fib_table_insert() - [s390x] dasd: fix no record found for raw_track_access - net: arcnet: Fix RESET flag handling - arcnet: fix potential memory leak in com20020_probe() - [arm64] net: thunderx: Fix the ACPI memory leak - [arm64] net: enetc: manage ENETC_F_QBV in priv->active_offloads only when enabled - [arm64] net: enetc: cache accesses to &priv->si->hw - [arm64] net: enetc: preserve TX ring priority across reconfiguration - lib/vdso: use "grep -E" instead of "egrep" - [armhf] usb: dwc3: exynos: Fix remove() function - ext4: fix use-after-free in ext4_ext_shift_extents - [arm64] dts: rockchip: lower rk3399-puma-haikou SD controller clock frequency - iio: light: apds9960: fix wrong register for gesture gain - ceph: make ceph_create_session_msg a global symbol - ceph: make iterate_sessions a global symbol - ceph: flush mdlog before umounting - ceph: flush the mdlog before waiting on unsafe reqs - ceph: fix off by one bugs in unsafe_request_wait() - ceph: put the requests/sessions when it fails to alloc memory - ceph: fix possible NULL pointer dereference for req->r_session - ceph: Use kcalloc for allocating multiple elements - ceph: fix NULL pointer dereference for req->r_session - [arm64,armhf] usb: dwc3: gadget: conditionally remove requests - [arm64,armhf] usb: dwc3: gadget: Return -ESHUTDOWN on ep disable - [arm64,armhf] usb: dwc3: gadget: Clear ep descriptor last - nilfs2: fix nilfs_sufile_mark_dirty() not set segment usage as dirty - mm: vmscan: fix extreme overreclaim and swap floods - [x86] KVM: x86: nSVM: leave nested mode on vCPU free - [x86] KVM: x86: remove exit_int_info warning in svm_handle_exit - [x86] ioremap: Fix page aligned size calculation in __ioremap_caller() - [arm*] binder: avoid potential data leakage when copying txn - [arm*] binder: read pre-translated fds from sender buffer - [arm*] binder: defer copies of pre-patched txn data - [arm*] binder: fix pointer cast warning - [arm*] binder: Address corner cases in deferred copy and fixup - [arm*] binder: Gracefully handle BINDER_TYPE_FDA objects with num_fds=0 - Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI mode - [x86] ASoC: Intel: bytcht_es8316: Add quirk for the Nanote UMPC-01 - Input: goodix - try resetting the controller when no config is set - [x86] Input: soc_button_array - add use_low_level_irq module parameter - [x86] Input: soc_button_array - add Acer Switch V 10 to dmi_use_low_level_irq[] - xen-pciback: Allow setting PCI_MSIX_FLAGS_MASKALL too - xen/platform-pci: add missing free_irq() in error path - [x86] platform/x86: asus-wmi: add missing pci_dev_put() in asus_wmi_set_xusb2pr() - [x86] platform/x86: acer-wmi: Enable SW_TABLET_MODE on Switch V 10 (SW5-017) - zonefs: fix zone report size in __zonefs_io_error() - [x86] platform/x86: hp-wmi: Ignore Smart Experience App event - tcp: configurable source port perturb table size - net: usb: qmi_wwan: add Telit 0x103a composition - [arm64,armhf] gpu: host1x: Avoid trying to use GART on Tegra20 - dm integrity: flush the journal on suspend - dm integrity: clear the journal on suspend - genirq/msi: Shutdown managed interrupts with unsatifiable affinities - genirq: Always limit the affinity to online CPUs - [arm64,armhf] irqchip/gic-v3: Always trust the managed affinity provided by the core code - genirq: Take the proposed affinity at face value if force==true - btrfs: free btrfs_path before copying root refs to userspace - btrfs: free btrfs_path before copying fspath to userspace - btrfs: free btrfs_path before copying subvol info to userspace - btrfs: sysfs: normalize the error handling branch in btrfs_init_sysfs() - drm/amdgpu: always register an MMU notifier for userptr - [x86] drm/i915: fix TLB invalidation for Gen12 video and compute engines (CVE-2022-4139) - fuse: lock inode unconditionally in fuse_fallocate() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.158 - btrfs: sink iterator parameter to btrfs_ioctl_logical_to_ino - btrfs: free btrfs_path before copying inodes to userspace - [armhf] spi: spi-imx: Fix spi_bus_clk if requested clock is higher than input clock - btrfs: move QUOTA_ENABLED check to rescan_should_stop from btrfs_qgroup_rescan_worker - drm/display/dp_mst: Fix drm_dp_mst_add_affected_dsc_crtcs() return code - drm/amdgpu: update drm_display_info correctly when the edid is read - drm/amdgpu: Partially revert "drm/amdgpu: update drm_display_info correctly when the edid is read" - btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit() - iio: health: afe4403: Fix oob read in afe4403_read_raw - bpf, perf: Use subprog name when reporting subprog ksymbol - scripts/faddr2line: Fix regression in name resolution on ppc64le - [x86] hwmon: (i5500_temp) fix missing pci_disable_device() - hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails - bpf: Do not copy spin lock field from user in bpf_selem_alloc - of: property: decrement node refcount in of_fwnode_get_reference_args() - ixgbevf: Fix resource leak in ixgbevf_init_module() - i40e: Fix error handling in i40e_init_module() - iavf: remove redundant ret variable - iavf: Fix error handling in iavf_init_module() - e100: switch from 'pci_' to 'dma_' API - e100: Fix possible use after free in e100_xmit_prepare - net/mlx5: Fix uninitialized variable bug in outlen_write() - net/mlx5e: Fix use-after-free when reverting termination table - can: sja1000_isa: sja1000_isa_probe(): add missing free_sja1000dev() - [i386] can: cc770: cc770_isa_probe(): add missing free_cc770dev() - qlcnic: fix sleep-in-atomic-context bugs caused by msleep - [amd64,arm64] aquantia: Do not purge addresses when setting the number of rings - wifi: cfg80211: fix buffer overflow in elem comparison - wifi: cfg80211: don't allow multi-BSSID in S1G - wifi: mac8021: fix possible oob access in ieee80211_get_rate_duration - net: phy: fix null-ptr-deref while probe() failed - net/9p: Fix a potential socket leak in p9_socket_open - tipc: re-fetch skb cb after tipc_msg_validate - afs: Fix fileserver probe RTT handling - net: tun: Fix use-after-free in tun_detach() - packet: do not set TP_STATUS_CSUM_VALID on CHECKSUM_COMPLETE - sctp: fix memory leak in sctp_stream_outq_migrate() - [x86] hwmon: (coretemp) Check for null before removing sysfs attrs - [x86] hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new() - net/mlx5: DR, Fix uninitialized var warning - nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry() - [x86] bugs: Make sure MSR_SPEC_CTRL is updated properly upon resume from S3 - [x86] pinctrl: intel: Save and restore pins in "direct IRQ" mode - net: stmmac: Set MAC's flow control register to reflect current settings - mmc: core: Fix ambiguous TRIM and DISCARD arg - [arm64,armhf] mmc: sdhci-esdhc-imx: correct CQHCI exit halt state check - mmc: sdhci: Fix voltage switch delay - drm/amdgpu: temporarily disable broken Clang builds due to blown stack-frame - [x86] drm/i915: Never return 0 if not all requests retired - tracing: Free buffers when a used dynamic event is removed - io_uring: don't hold uring_lock when calling io_run_task_work* - ASoC: ops: Fix bounds check for _sx controls - [arm64,armhf] pinctrl: single: Fix potential division by zero - [amd64] iommu/vt-d: Fix PCI device refcount leak in has_external_pci() - [amd64] iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init() - ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference (CVE-2022-3435) - ipv4: Fix route deletion when nexthop info is not specified - Revert "tty: n_gsm: avoid call of sleeping functions from atomic context" - [x86] tsx: Add a feature bit for TSX control MSR support - [x86] pm: Add enumeration check before spec MSRs save/restore setup - [arm64,armhf] i2c: imx: Only DMA messages with I2C_M_DMA_SAFE flag set - [amd64,arm64] ACPI: HMAT: remove unnecessary variable initialization - [amd64,arm64] ACPI: HMAT: Fix initiator registration for single-initiator systems - char: tpm: Protect tpm_pm_suspend with locks - block: unhash blkdev part inode when the part is deleted - proc: avoid integer type confusion in get_proc_long (CVE-2022-4378) - proc: proc_skip_spaces() shouldn't think it is working on C strings (CVE-2022-4378) - v4l2: don't fall back to follow_pfn() if pin_user_pages_fast() fails - ipc/sem: Fix dangling sem_array access in semtimedop race . [ Salvatore Bonaccorso ] * Bump ABI to 20 * [rt] Drop "net: arcnet: Fix RESET flag handling" (applied upstream) * [x86] Enable AMD_MEM_ENCRYPT (Closes: #1024697) * xen/netback: Ensure protocol headers don't fall in the non-linear area (XSA-423, CVE-2022-3643) * xen/netback: do some code cleanup * xen/netback: don't call kfree_skb() with interrupts disabled (XSA-424, CVE-2022-42328, CVE-2022-42329) * [rt] Update to 5.10.158-rt77 linux-signed-arm64 (5.10.149+2) bullseye-security; urgency=high . * Sign kernel from linux 5.10.149-2 . * Revert "drm/amdgpu: move nbio sdma_doorbell_range() into sdma code for vega" (Closes: #1022025) * Revert "drm/amdgpu: make sure to init common IP before gmc" (Closes: #1022025) linux-signed-arm64 (5.10.149+1) bullseye-security; urgency=high . * Sign kernel from linux 5.10.149-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.149 - Revert "fs: check FMODE_LSEEK to control internal pipe splicing" . [ Salvatore Bonaccorso ] * Replace patch for "io_uring/af_unix: defer registered files gc to io_uring release" with queued version linux-signed-i386 (5.10.158+2) bullseye; urgency=medium . * Sign kernel from linux 5.10.158-2 . * xen/netback: fix build warning linux-signed-i386 (5.10.158+1) bullseye; urgency=medium . * Sign kernel from linux 5.10.158-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.150 - ALSA: oss: Fix potential deadlock at unregistration - ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free() - ALSA: usb-audio: Fix potential memory leaks - ALSA: usb-audio: Fix NULL dererence at error path - ALSA: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530 - ALSA: hda/realtek: Correct pin configs for ASUS G533Z - ALSA: hda/realtek: Add quirk for ASUS GV601R laptop - ALSA: hda/realtek: Add Intel Reference SSID to support headset keys - cifs: destage dirty pages before re-reading them for cache=none - cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message - iio: dac: ad5593r: Fix i2c read protocol requirements - iio: ltc2497: Fix reading conversion results - iio: adc: ad7923: fix channel readings for some variants - iio: pressure: dps310: Refactor startup procedure - iio: pressure: dps310: Reset chip after timeout - usb: add quirks for Lenovo OneLink+ Dock - can: kvaser_usb: Fix use of uninitialized completion - can: kvaser_usb_leaf: Fix overread with an invalid command - can: kvaser_usb_leaf: Fix TX queue out of sync after restart - can: kvaser_usb_leaf: Fix CAN state after restart - fs: dlm: fix race between test_bit() and queue_work() - fs: dlm: handle -EBUSY first in lock arg validation - HID: multitouch: Add memory barriers - quota: Check next/prev free block number after reading from quota file - [arm64,armhf] platform/chrome: cros_ec_proto: Update version on GET_NEXT_EVENT failure - [arm64] regulator: qcom_rpm: Fix circular deferral regression - nvme-pci: set min_align_mask before calculating max_hw_sectors - drm/virtio: Check whether transferred 2D BO is shmem - drm/udl: Restore display mode on resume - block: fix inflight statistics of part0 - mm/mmap: undo ->mmap() when arch_validate_flags() fails - PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge - [x86] powercap: intel_rapl: Use standard Energy Unit for SPR Dram RAPL domain - scsi: qedf: Populate sysfs attributes for vport - fbdev: smscufx: Fix use-after-free in ufx_ops_open() (CVE-2022-41849) - btrfs: fix race between quota enable and quota rescan ioctl - f2fs: increase the limit for reserve_root - f2fs: fix to do sanity check on destination blkaddr during recovery - f2fs: fix to do sanity check on summary info - jbd2: wake up journal waiters in FIFO order, not LIFO - jbd2: fix potential buffer head reference count leak - jbd2: fix potential use-after-free in jbd2_fc_wait_bufs - jbd2: add miss release buffer head in fc_do_one_pass() - ext4: avoid crash when inline data creation follows DIO write - ext4: fix null-ptr-deref in ext4_write_info - ext4: make ext4_lazyinit_thread freezable - ext4: don't increase iversion counter for ea_inodes - ext4: ext4_read_bh_lock() should submit IO if the buffer isn't uptodate - ext4: place buffer head allocation before handle start - ext4: fix miss release buffer head in ext4_fc_write_inode - ext4: fix potential memory leak in ext4_fc_record_modified_inode() - ext4: fix potential memory leak in ext4_fc_record_regions() - ext4: update 'state->fc_regions_size' after successful memory allocation - [amd64] livepatch: fix race between fork and KLP transition - ftrace: Properly unset FTRACE_HASH_FL_MOD - ring-buffer: Allow splice to read previous partially read pages - ring-buffer: Have the shortest_full queue be the shortest not longest - ring-buffer: Check pending waiters when doing wake ups as well - ring-buffer: Add ring_buffer_wake_waiters() - ring-buffer: Fix race between reset page and reading page - tracing: Disable interrupt or preemption before acquiring arch_spinlock_t - [x86] thunderbolt: Explicitly enable lane adapter hotplug events at startup - efi: libstub: drop pointless get_memory_map() call - [arm64,armhf] media: cedrus: Set the platform driver data earlier - [x86] KVM: x86/emulator: Fix handing of POP SS to correctly set interruptibility - [x86] KVM: nVMX: Unconditionally purge queued/injected events on nested "exit" - [x86] KVM: VMX: Drop bits 31:16 when shoving exception error code into VMCS - drm/nouveau/kms/nv140-: Disable interlacing - drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table() - [x86] drm/i915: Fix watermark calculations for gen12+ RC CCS modifier - [x86] drm/i915: Fix watermark calculations for gen12+ MC CCS modifier - smb3: must initialize two ACL struct fields to zero - selinux: use "grep -E" instead of "egrep" - userfaultfd: open userfaultfds with O_RDONLY - [armel,armhf] 9244/1: dump: Fix wrong pg_level in walk_pmd() - [armel,armhf] 9247/1: mm: set readonly for MT_MEMORY_RO with ARM_LPAE - objtool: Preserve special st_shndx indexes in elf_update_symbol - nfsd: Fix a memory leak in an error handling path - wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state() - wifi: mac80211: allow bw change during channel switch in mesh - bpftool: Fix a wrong type cast in btf_dumper_int - [x86] resctrl: Fix to restore to original value when re-enabling hardware prefetch register - Bluetooth: btusb: Fine-tune mt7663 mechanism. - Bluetooth: btusb: fix excessive stack usage - Bluetooth: btusb: mediatek: fix WMT failure during runtime suspend - wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse() - [arm64] spi: qup: add missing clk_disable_unprepare on error in spi_qup_resume() - [arm64] spi: qup: add missing clk_disable_unprepare on error in spi_qup_pm_resume_runtime() - wifi: rtl8xxxu: Fix skb misuse in TX queue selection - [arm64,armhf] spi: meson-spicc: do not rely on busy flag in pow2 clk ops - bpf: btf: fix truncated last_member_type_id in btf_struct_resolve - wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration - wifi: rtl8xxxu: Remove copy-paste leftover in gen2_update_rate_mask - bpf: Ensure correct locking around vulnerable function find_vpid() - Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() failure - wifi: ath11k: fix number of VHT beamformee spatial streams - [x86] microcode/AMD: Track patch allocation size explicitly - [x86] cpu: Include the header of init_ia32_feat_ctl()'s prototype - Bluetooth: hci_core: Fix not handling link timeouts propertly - netfilter: nft_fib: Fix for rpath check with VRF devices - wifi: rtl8xxxu: Fix AIFS written to REG_EDCA_*_PARAM - vhost/vsock: Use kvmalloc/kvfree for larger packets. - mISDN: fix use-after-free bugs in l1oip timer handlers (CVE-2022-3565) - sctp: handle the error returned from sctp_auth_asoc_init_active_key - tcp: fix tcp_cwnd_validate() to not forget is_cwnd_limited - spi: Ensure that sg_table won't be used after being freed - net: rds: don't hold sock lock when cancelling work from rds_tcp_reset_callbacks() - bnx2x: fix potential memory leak in bnx2x_tpa_stop() (CVE-2022-3542) - net/ieee802154: reject zero-sized raw_sendmsg() - once: add DO_ONCE_SLOW() for sleepable contexts - [arm64,armhf] net: mvpp2: fix mvpp2 debugfs leak (CVE-2022-3535) - [arm64] drm: bridge: adv7511: fix CEC power down control register offset - drm/bridge: Avoid uninitialized variable warning - drm/mipi-dsi: Detach devices when removing the host - drm/dp_mst: fix drm_dp_dpcd_read return value checks - [x86] platform/chrome: fix double-free in chromeos_laptop_prepare() - [arm64] platform/chrome: fix memory corruption in ioctl - [x86] platform/x86: msi-laptop: Fix old-ec check for backlight registering - [x86] platform/x86: msi-laptop: Fix resource cleanup - ALSA: hda: beep: Simplify keep-power-at-enable behavior - [armhf] drm/omap: dss: Fix refcount leak bugs - [armhf] ASoC: eureka-tlv320: Hold reference returned from of_find_xxx API - [arm64] drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx - [arm64] drm/msm/dp: correct 1.62G link rate at dp_catalog_ctrl_config_msa() - ASoC: da7219: Fix an error handling path in da7219_register_dai_clks() - [arm*] ALSA: dmaengine: increment buffer pointer atomically - [armhf] mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe() - ALSA: hda/hdmi: Don't skip notification handling during PM operation - [armel,armhf] memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe() - [armhf] memory: of: Fix refcount leak bug in of_get_ddr_timings() - [armhf] memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings() - [armhf] dts: turris-omnia: Fix mpp26 pin name and comment - [arm64] ftrace: fix module PLTs with mcount - [armhf] dts: exynos: fix polarity of VBUS GPIO of Origen - iio: inkern: only release the device node when done with it - iio: ABI: Fix wrong format of differential capacitance channel ABI. - usb: ch9: Add USB 3.2 SSP attributes - usb: common: Parse for USB SSP genXxY - usb: common: add function to get interval expressed in us unit - usb: common: move function's kerneldoc next to its definition - usb: common: debug: Check non-standard control requests - [arm64,armhf] clk: meson: Hold reference returned by of_get_parent() - [arm64] clk: qoriq: Hold reference returned by of_get_parent() - [arm64] clk: tegra: Fix refcount leak in tegra210_clock_init - [arm64] clk: tegra: Fix refcount leak in tegra114_clock_init - [armhf] HSI: omap_ssi: Fix refcount leak in ssi_probe - [armhf] HSI: omap_ssi_port: Fix dma_map_sg error check - [arm64] tty: xilinx_uartps: Fix the ignore_status - RDMA/rxe: Fix "kernel NULL pointer dereference" error - RDMA/rxe: Fix the error caused by qp->sk - ata: fix ata_id_sense_reporting_enabled() and ata_id_has_sense_reporting() - ata: fix ata_id_has_devslp() - ata: fix ata_id_has_ncq_autosense() - ata: fix ata_id_has_dipm() - md: Replace snprintf with scnprintf - md/raid5: Ensure stripe_fill happens on non-read IO with journal - RDMA/cm: Use SLID in the work completion as the DLID in responder side - IB: Set IOVA/LENGTH on IB_MR in core/uverbs layers - xhci: Don't show warning for reinit on known broken suspend - usb: gadget: function: fix dangling pnp_string in f_printer.c - drivers: serial: jsm: fix some leaks in probe - serial: 8250: Add an empty line and remove some useless {} - serial: 8250: Toggle IER bits on only after irq has been set up - [arm64] tty: serial: fsl_lpuart: disable dma rx/tx use flags in lpuart_dma_shutdown - [arm64] phy: qualcomm: call clk_disable_unprepare in the error handling - serial: 8250: Fix restoring termios speed after suspend - scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() - scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername() - [armhf] fsi: core: Check error number after calling ida_simple_get - [x86] mfd: intel_soc_pmic: Fix an error handling path in intel_soc_pmic_i2c_probe() - [mips*] mfd: sm501: Add check for platform_driver_register() - [amd64] dmaengine: ioat: stop mod_timer from resurrecting deleted timer in __cleanup() - [arm64] spmi: pmic-arb: correct duplicate APID to PPID mapping logic - [arm*] clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration - [armhf] clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe - [armhf] clk: ast2600: BCLK comes from EPLL - [powerpc*] pci_dn: Add missing of_node_put() - [powerpc*] powernv: add missing of_node_put() in opal_export_attrs() - [x86] hyperv: Fix 'struct hv_enlightened_vmcs' definition - [powerpc*] 64s: Fix GENERIC_CPU build flags for PPC970 / G5 - [armhf] hwrng: imx-rngc - Moving IRQ handler registering after imx_rngc_irq_mask_clear() - cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset - crypto: akcipher - default implementation for setting a private key - [x86] crypto: ccp - Release dma channels before dmaengine unrgister - [arm64] crypto: inside-secure - Change swab to swab32 - [x86] crypto: qat - fix use of 'dma_map_single' - [x86] crypto: qat - use pre-allocated buffers in datapath - [x86] crypto: qat - fix DMA transfer direction - tracing: kprobe: Fix kprobe event gen test module on exit - tracing: kprobe: Make gen test module work in arm and riscv - [arm64] crypto: cavium - prevent integer overflow loading firmware - [arm64] thermal/drivers/qcom/tsens-v0_1: Fix MSM8939 fourth sensor hw_id - ACPI: APEI: do not add task_work to kernel thread to avoid memory leak - f2fs: fix race condition on setting FI_NO_EXTENT flag - f2fs: fix to avoid REQ_TIME and CP_TIME collision - f2fs: fix to account FS_CP_DATA_IO correctly - rcu: Back off upon fill_page_cache_func() allocation failure - rcu-tasks: Convert RCU_LOCKDEP_WARN() to WARN_ONCE() - [x86] ACPI: video: Add Toshiba Satellite/Portege Z830 quirk - [x86] powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue - [x86] thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash - NFSD: Return nfserr_serverfault if splice_ok but buf->pages have data - NFSD: fix use-after-free on source server when doing inter-server copy - wifi: brcmfmac: fix invalid address access when enabling SCAN log level - bpftool: Clear errno after libcap's checks - openvswitch: Fix double reporting of drops in dropwatch - openvswitch: Fix overreporting of drops in dropwatch - tcp: annotate data-race around tcp_md5sig_pool_populated - wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg() - xfrm: Update ipcomp_scratches with NULL when freed - wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() - regulator: core: Prevent integer underflow - Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create() - Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times - can: bcm: check the result of can_send() in bcm_can_tx() - wifi: rt2x00: don't run Rt5592 IQ calibration on MT7620 - wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620 - wifi: rt2x00: set VGC gain for both chains of MT7620 - wifi: rt2x00: set SoC wmac clock register - wifi: rt2x00: correctly set BBP register 86 for MT7620 - net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory - Bluetooth: L2CAP: Fix user-after-free - r8152: Rate limit overflow messages (CVE-2022-3594) - drm/nouveau/nouveau_bo: fix potential memory leak in nouveau_bo_alloc() - drm: Use size_t type for len variable in drm_copy_field() - drm: Prevent drm_copy_field() to attempt copying a NULL pointer - drm/amd/display: fix overflow on MIN_I64 definition - [arm64,armhf] drm: bridge: dw_hdmi: only trigger hotplug event on link change - [arm*] drm/vc4: vec: Fix timings for VEC modes - drm: panel-orientation-quirks: Add quirk for Anbernic Win600 - [arm64,armhf] platform/chrome: cros_ec: Notify the PM of wake events during resume - [x86] platform/x86: msi-laptop: Change DMI match / alias strings to fix module autoloading - [x86] ASoC: SOF: pci: Change DMI match info to support all Chrome platforms - drm/amdgpu: fix initial connector audio value - [arm64] drm/meson: explicitly remove aggregate driver at module unload time - [arm64] mmc: sdhci-msm: add compatible string check for sdm670 - drm/dp: Don't rewrite link config when setting phy test pattern - drm/amd/display: Remove interface for periodic interrupt 1 - btrfs: scrub: try to fix super block errors - [arm64] clk: zynqmp: Fix stack-out-of-bounds in strncpy` - media: cx88: Fix a null-ptr-deref bug in buffer_prepare() - [arm64] clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate - usb: host: xhci-plat: suspend and resume clocks - usb: host: xhci-plat: suspend/resume clks for brcm - scsi: 3w-9xxx: Avoid disabling device if failing to enable it - nbd: Fix hung when signal interrupts nbd_start_device_ioctl() - blk-throttle: prevent overflow while calculating wait time - ata: libahci_platform: Sanity check the DT child nodes number - bcache: fix set_at_max_writeback_rate() for multiple attached devices - soundwire: cadence: Don't overwrite msg->buf during write commands - soundwire: intel: fix error handling on dai registration issues - HID: roccat: Fix use-after-free in roccat_read() (CVE-2022-41850) - md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d - usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info() - [arm64,armhf] usb: musb: Fix musb_gadget.c rxstate overflow bug - Revert "usb: storage: Add quirk for Samsung Fit flash" - staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv() - nvme: copy firmware_rev on each init - nvmet-tcp: add bounds check on Transfer Tag - usb: idmouse: fix an uninit-value in idmouse_open - [arm*] clk: bcm2835: Make peripheral PLLC critical - [arm64] topology: fix possible overflow in amu_fie_setup() - io_uring: correct pinned_vm accounting - mm: hugetlb: fix UAF in hugetlb_handle_userfault - net: ieee802154: return -EINVAL for unknown addr type - Revert "net/ieee802154: reject zero-sized raw_sendmsg()" - net/ieee802154: don't warn zero-sized raw_sendmsg() - Revert "drm/amdgpu: use dirty framebuffer helper" (Closes: #1022806) - ext4: continue to expand file system when the target size doesn't reach - inet: fully convert sk->sk_rx_dst to RCU rules - [x86] thermal: intel_powerclamp: Use first online CPU as control_cpu - f2fs: fix wrong condition to trigger background checkpoint correctly https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.151 - bpf: Generate BTF_KIND_FLOAT when linking vmlinux - kbuild: Quote OBJCOPY var to avoid a pahole call break the build - kbuild: skip per-CPU BTF generation for pahole v1.18-v1.21 - kbuild: Unify options for BTF generation for vmlinux and modules - kbuild: Add skip_encoding_btf_enum64 option to pahole https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.152 - ocfs2: clear dinode links count in case of error - ocfs2: fix BUG when iput after ocfs2_mknod fails - selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context() - [x86] microcode/AMD: Apply the patch early on every logical thread - [x86] hwmon/coretemp: Handle large core ID value - [armhf] ata: ahci-imx: Fix MODULE_ALIAS - ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS - kvm: Add support for arch compat vm ioctls - [arm64] KVM: arm64: vgic: Fix exit condition in scan_its_table() - media: mceusb: set timeout to at least timeout provided - [arm64] media: venus: dec: Handle the case where find_format fails - block: wbt: Remove unnecessary invoking of wbt_update_limits in wbt_init - blk-wbt: call rq_qos_add() after wb_normal is initialized - [arm64] errata: Remove AES hwcap for COMPAT tasks - r8152: add PID for the Lenovo OneLink+ Dock - btrfs: fix processing of delayed data refs during backref walking - btrfs: fix processing of delayed tree block refs during backref walking - ACPI: extlog: Handle multiple records - tipc: Fix recognition of trial period - tipc: fix an information leak in tipc_topsrv_kern_subscr - i40e: Fix DMA mappings leak - HID: magicmouse: Do not set BTN_MOUSE on double report - sfc: Change VF mac via PF as first preference if available. - net/atm: fix proc_mpc_write incorrect return value - net: phy: dp83867: Extend RX strap quirk for SGMII mode - cifs: Fix xid leak in cifs_copy_file_range() - cifs: Fix xid leak in cifs_flock() - cifs: Fix xid leak in cifs_ses_add_channel() - nvme-hwmon: rework to avoid devm allocation - nvme-hwmon: Return error code when registration fails - nvme-hwmon: consistently ignore errors from nvme_hwmon_init - nvme-hwmon: kmalloc the NVME SMART log buffer - net: sched: cake: fix null pointer access issue when cake_init() fails - net: sched: delete duplicate cleanup of backlog and qlen - net: sched: sfb: fix null pointer access issue when sfb_init() fails - sfc: include vport_id in filter spec hash and equal() - [arm64] net: hns: fix possible memory leak in hnae_ae_register() - net: sched: fix race condition in qdisc_graft() - net: phy: dp83822: disable MDI crossover status change interrupt - [amd64] iommu/vt-d: Allow NVS regions in arch_rmrr_sanity_check() - [amd64] iommu/vt-d: Clean up si_domain in the init_dmars() error path - drm/virtio: Use appropriate atomic state in virtio_gpu_plane_cleanup_fb() - [armhf] dmaengine: mxs-dma: Remove the unused .id_table - [armhf] dmaengine: mxs: use platform_driver_register - tracing: Simplify conditional compilation code in tracing_set_tracer() - tracing: Do not free snapshot if tracer is on cmdline - xen: assume XENFEAT_gnttab_map_avail_bits being set for pv guests - xen/gntdev: Accommodate VMA splitting - [arm64,armhf] mmc: sdhci-tegra: Use actual clock rate for SW tuning correction - fcntl: make F_GETOWN(EX) return 0 on dead owner task - fcntl: fix potential deadlocks for &fown_struct.lock - [arm64] topology: move store_cpu_topology() to shared code - [x86] hv_netvsc: Fix race between VF offering and VF association message from host - ACPI: video: Force backlight native for more TongFang devices - mmc: core: Add SD card quirk for broken discard - blk-wbt: fix that 'rwb->wc' is always set to 1 in wbt_init() - mm: /proc/pid/smaps_rollup: fix no vma's null-deref - udp: Update reuse->has_conns under reuseport_lock. https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.153 - can: j1939: transport: j1939_session_skb_drop_old(): spin_unlock_irqrestore() before kfree_skb() - can: kvaser_usb: Fix possible completions during init_completion - ALSA: Use del_timer_sync() before freeing timer - ALSA: au88x0: use explicitly signed char - ALSA: rme9652: use explicitly signed char - USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM - [arm64,armhf] usb: dwc3: gadget: Stop processing more requests on IMI - [arm64,armhf] usb: dwc3: gadget: Don't set IMI for no_interrupt - usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96 controller - [armhf] mtd: rawnand: marvell: Use correct logic for nand-keep-config - xhci: Add quirk to reset host back to default state at shutdown - xhci: Remove device endpoints from bandwidth list when freeing the device - iio: light: tsl2583: Fix module unloading - iio: temperature: ltc2983: allocate iio channels once - fbdev: smscufx: Fix several use-after-free bugs - fs/binfmt_elf: Fix memory leak in load_elf_binary() - exec: Copy oldsighand->action under spin-lock - mac802154: Fix LQI recording - scsi: qla2xxx: Use transport-defined speed mask for supported_speeds - [arm64] drm/msm/dsi: fix memory corruption with too many bridges - [arm64] drm/msm/hdmi: fix memory corruption with too many bridges - [arm64] drm/msm/dp: fix IRQ lifetime - mmc: core: Fix kernel panic when remove non-standard SDIO card - kernfs: fix use-after-free in __kernfs_remove - [s390x] futex: add missing EX_TABLE entry to __futex_atomic_op() - [s390x] pci: add missing EX_TABLE entries to __pcistg_mio_inuser()/__pcilg_mio_inuser() - Xen/gntdev: don't ignore kernel unmapping error - xen/gntdev: Prevent leaking grants - mm/memory: add non-anonymous page check in the copy_present_page() - mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages - net: ieee802154: fix error return code in dgram_bind() - media: v4l2: Fix v4l2_i2c_subdev_set_name function documentation - [arm64] drm/msm: Fix return type of mdp4_lvds_connector_mode_valid - [arm64] ASoC: qcom: lpass-cpu: mark HDMI TX registers as volatile - [arm64] ASoC: qcom: lpass-cpu: Mark HDMI TX parity register as volatile - ALSA: ac97: fix possible memory leak in snd_ac97_dev_register() - [x86] perf/x86/intel/lbr: Use setup_clear_cpu_cap() instead of clear_cpu_cap() - tipc: fix a null-ptr-deref in tipc_topsrv_accept - [arm64] net: netsec: fix error handling in netsec_register_mdio() - net: hinic: fix incorrect assignment issue in hinic_set_interrupt_cfg() - net: hinic: fix memory leak when reading function table - net: hinic: fix the issue of CMDQ memory leaks - net: hinic: fix the issue of double release MBOX callback of VF - [x86] unwind/orc: Fix unreliable stack dump with gcov - [amd64,arm64] amd-xgbe: fix the SFP compliance codes check for DAC cables - [amd64,arm64] amd-xgbe: add the bit rate quirk for Molex cables - [amd64,arm64] atlantic: fix deadlock at aq_nic_stop - net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed - tcp: minor optimization in tcp_add_backlog() - tcp: fix a signed-integer-overflow bug in tcp_add_backlog() - tcp: fix indefinite deferral of RTO with SACK reneging - can: mcp251x: mcp251x_can_probe(): add missing unregister_candev() in error path - PM: hibernate: Allow hybrid sleep to work with s2idle - media: vivid: s_fbuf: add more sanity checks - media: vivid: dev->bitmap_cap wasn't freed in all cases - media: v4l2-dv-timings: add sanity checks for blanking values - media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced' - media: vivid: set num_in/outputs to 0 if not supported - ipv6: ensure sane device mtu in tunnels - i40e: Fix ethtool rx-flow-hash setting for X722 - i40e: Fix VF hang when reset is triggered on another VF - i40e: Fix flow-type by setting GL_HASH_INSET registers - net: ksz884x: fix missing pci_disable_device() on error in pcidev_init() - PM: domains: Fix handling of unavailable/disabled idle states - [arm64,armhf] net: fec: limit register access on i.MX6UL - openvswitch: switch from WARN to pr_warn - nh: fix scope used to find saddr when adding non gw nh - net/mlx5e: Do not increment ESN when updating IPsec ESN state - net/mlx5: Fix possible use-after-free in async command interface - net/mlx5: Fix crash during sync firmware reset - [arm64] net: enetc: survive memory pressure without crashing - [arm64] Add AMPERE1 to the Spectre-BHB affected list - scsi: sd: Revert "scsi: sd: Remove a local variable" - [arm64] mm: Fix __enable_mmu() for new TGRAN range values - [arm64] kexec: Test page size support with new TGRAN range values - serial: core: move RS485 configuration tasks from drivers into core - serial: Deassert Transmit Enable on probe in driver-specific way https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.154 - serial: 8250: Let drivers request full 16550A feature probing - [x86] KVM: nVMX: Pull KVM L0's desired controls directly from vmcs01 - [x86] KVM: nVMX: Don't propagate vmcs12's PERF_GLOBAL_CTRL settings to vmcs02 - [x86] KVM: x86: Trace re-injected exceptions - [x86] KVM: x86: Treat #DBs from the emulator as fault-like (code and DR7.GD=1) - [x86] topology: Set cpu_die_id only if DIE_TYPE found - [x86] topology: Fix multiple packages shown on a single-package system - [x86] topology: Fix duplicated core ID within a package - [x86] KVM: x86: Protect the unused bits in MSR exiting flags - [x86] KVM: x86: Copy filter arg outside kvm_vm_ioctl_set_msr_filter() - [x86] KVM: x86: Add compat handler for KVM_X86_SET_MSR_FILTER - RDMA/cma: Use output interface for net_dev check - [amd64] IB/hfi1: Correctly move list in sc_disable() - NFSv4: Fix a potential state reclaim deadlock - NFSv4.1: Handle RECLAIM_COMPLETE trunking errors - NFSv4.1: We must always send RECLAIM_COMPLETE after a reboot - nfs4: Fix kmemleak when allocate slot failed - RDMA/core: Fix null-ptr-deref in ib_core_cleanup() - RDMA/qedr: clean up work queue on failure in qedr_alloc_resources() - [arm64,armhf] net: fec: fix improper use of NETDEV_TX_BUSY - [i386] ata: pata_legacy: fix pdc20230_set_piomode() - net: sched: Fix use after free in red_enqueue() - net: tun: fix bugs for oversize packet when napi frags enabled - netfilter: nf_tables: release flow rule object from commit path - ipvs: use explicitly signed chars - ipvs: fix WARNING in __ip_vs_cleanup_batch() - ipvs: fix WARNING in ip_vs_app_net_cleanup() - rose: Fix NULL pointer dereference in rose_send_frame() - mISDN: fix possible memory leak in mISDN_register_device() - btrfs: fix inode list leak during backref walking at resolve_indirect_refs() - btrfs: fix inode list leak during backref walking at find_parent_nodes() - btrfs: fix ulist leaks in error paths of qgroup self tests - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu (CVE-2022-3564) - Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() (CVE-2022-3640) - net: mdio: fix undefined behavior in bit shift for __mdiobus_register - net, neigh: Fix null-ptr-deref in neigh_table_clear() - ipv6: fix WARNING in ip6_route_net_exit_late() - [arm64] drm/msm/hdmi: Remove spurious IRQF_ONESHOT flag - [arm64] drm/msm/hdmi: fix IRQ lifetime - [arm64,armhf] mmc: sdhci-esdhc-imx: Propagate ESDHC_FLAG_HS400* only on 8bit bus - mmc: sdhci-pci: Avoid comma separated statements - mmc: sdhci-pci-core: Disable ES for ASUS BIOS on Jasper Lake - xhci-pci: Set runtime PM as default policy on all xHC 1.2 or later devices - [s390x] boot: add secure boot trailer - media: dvb-frontends/drxk: initialize err to 0 - ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init() - scsi: core: Restrict legal sdev_state transitions via sysfs - HID: saitek: add madcatz variant of MMO7 mouse device ID - drm/amdgpu: set vm_update_mode=0 as default for Sienna Cichlid in SRIOV case - efi/tpm: Pass correct address to memblock_reserve - i2c: piix4: Fix adapter not be removed in piix4_remove() - Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM (CVE-2022-42896) - Bluetooth: L2CAP: Fix attempting to access uninitialized memory (CVE-2022-42895) - block, bfq: protect 'bfqd->queued' by 'bfqd->lock' - ALSA: usb-audio: Add quirks for MacroSilicon MS2100/MS2106 devices - fscrypt: simplify master key locking - fscrypt: stop using keyrings subsystem for fscrypt_master_key - fscrypt: fix keyring memory leak on mount failure - tcp/udp: Fix memory leak in ipv6_renew_options(). (CVE-2022-3524) - [armhf] mtd: rawnand: gpmi: Set WAIT_FOR_READY timeout based on program/erase times - memcg: enable accounting of ipc resources (CVE-2021-3759) - [arm*] binder: fix UAF of alloc->vma in race with munmap() - btrfs: fix type of parameter generation in btrfs_get_dentry - ftrace: Fix use-after-free for dynamic ftrace_ops - tcp/udp: Make early_demux back namespacified. - tracing: kprobe: Fix memory leak in test_gen_kprobe/kretprobe_cmd() - kprobe: reverse kp->flags when arm_kprobe failed - tracing/histogram: Update document for KEYS_MAX size - capabilities: fix potential memleak on error path from vfs_getxattr_alloc() - fuse: add file_modified() to fallocate - efi: random: reduce seed size to 32 bytes - efi: random: Use 'ACPI reclaim' memory for random seed - [x86] perf/x86/intel: Fix pebs event constraints for ICL - [x86] perf/x86/intel: Add Cooper Lake stepping to isolation_ucodes[] - ext4: fix warning in 'ext4_da_release_space' - ext4: fix BUG_ON() when directory entry has invalid rec_len - [x86] KVM: x86: Mask off reserved bits in CPUID.80000006H - [x86] KVM: x86: Mask off reserved bits in CPUID.8000001AH - [x86] KVM: x86: Mask off reserved bits in CPUID.80000008H - [x86] KVM: x86: Mask off reserved bits in CPUID.80000001H - [x86] KVM: x86: emulator: em_sysexit should update ctxt->mode - [x86] KVM: x86: emulator: introduce emulator_recalc_and_set_mode - [x86] KVM: x86: emulator: update the emulation mode after CR0 write - ext4,f2fs: fix readahead of verity data - [arm64,armhf] drm/rockchip: dsi: Force synchronous probe - [x86] drm/i915/sdvo: Filter out invalid outputs more sensibly - [x86] drm/i915/sdvo: Setup DDC fully before output init - wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker() (CVE-2022-3628) - ipc: remove memcg accounting for sops objects in do_semtimedop() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.155 - fuse: fix readdir cache race - [armhf] phy: stm32: fix an error code in probe - wifi: cfg80211: silence a sparse RCU warning - wifi: cfg80211: fix memory leak in query_regdb_file() - bpf, sockmap: Fix the sk->sk_forward_alloc warning of sk_stream_kill_queues - bpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without FILE - [x86] HID: hyperv: fix possible memory leak in mousevsc_probe() - bpf: Support for pointers beyond pkt_end. - bpf: Add helper macro bpf_for_each_reg_in_vstate - bpf: Fix wrong reg type conversion in release_reference() - net: gso: fix panic on frag_list with mixed head alloc types - macsec: delete new rxsc when offload fails - macsec: fix secy->n_rx_sc accounting - macsec: fix detection of RXSCs when toggling offloading - macsec: clear encryption keys from the stack after setting up offload - net: tun: Fix memory leaks of napi_get_frags - bnxt_en: Fix possible crash in bnxt_hwrm_set_coal() - bnxt_en: fix potentially incorrect return value for ndo_rx_flow_steer - capabilities: fix undefined behavior in bit shift for CAP_TO_MASK - [s390x] KVM: s390x: fix SCK locking - [s390x] KVM: s390: pv: don't allow userspace to set the clock under PV - hamradio: fix issue of dev reference count leakage in bpq_device_event() - [arm*] drm/vc4: Fix missing platform_unregister_drivers() call in vc4_drm_register() - tcp: prohibit TCP_REPAIR_OPTIONS if data was already sent - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network - can: af_can: fix NULL pointer dereference in can_rx_register() - [arm64,armhf] net: stmmac: dwmac-meson8b: fix meson8b_devm_clk_prepare_enable() - tipc: fix the msg->req tlv len check in tipc_nl_compat_name_table_dump_header - [arm64] dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove() - [arm64] drivers: net: xgene: disable napi when register irq failed in xgene_enet_open() - net/mlx5: Allow async trigger completion execution on single CPU systems - net/mlx5e: E-Switch, Fix comparing termination table instance - [armhf] net: cpsw: disable napi in cpsw_ndo_open() - net: cxgb3_main: disable napi when bind qsets failed in cxgb_up() - cxgb4vf: shut down the adapter when t4vf_update_port_info() failed in cxgb4vf_open() - net: phy: mscc: macsec: clear encryption keys when freeing a flow - [amd64,arm64] net: atlantic: macsec: clear encryption keys from the stack - ethernet: s2io: disable napi when start nic failed in s2io_card_up() - [armel,armhf] net: mv643xx_eth: disable napi when init rxq or txq failed in mv643xx_eth_open() - net: macvlan: fix memory leaks of macvlan_common_newlink - [arm64] efi: Fix handling of misaligned runtime regions and drop warning - [mips*] jump_label: Fix compat branch range check - [arm64] mmc: sdhci-of-arasan: Fix SDHCI_RESET_ALL for CQHCI - [arm64,armhf] mmc: sdhci-tegra: Fix SDHCI_RESET_ALL for CQHCI - ALSA: hda/hdmi - enable runtime pm for more AMD display audio - ALSA: hda/ca0132: add quirk for EVGA Z390 DARK - ALSA: hda: fix potential memleak in 'add_widget_node' - ALSA: hda/realtek: Add Positivo C6300 model quirk - ALSA: usb-audio: Add quirk entry for M-Audio Micro - ALSA: usb-audio: Add DSD support for Accuphase DAC-60 - vmlinux.lds.h: Fix placement of '.data..decrypted' section - ata: libata-scsi: fix SYNCHRONIZE CACHE (16) command failure - nilfs2: fix deadlock in nilfs_count_free_blocks() - nilfs2: fix use-after-free bug of ns_writer on remount - [x86] drm/i915/dmabuf: fix sg_table handling in map_dma_buf - [x86] platform/x86: hp_wmi: Fix rfkill causing soft blocked wifi - [arm64,armhf] mms: sdhci-esdhc-imx: Fix SDHCI_RESET_ALL for CQHCI - udf: Fix a slab-out-of-bounds write bug in udf_find_entry() - mm/memremap.c: map FS_DAX device memory as decrypted - can: j1939: j1939_send_one(): fix missing CAN header initialization - net: tun: call napi_schedule_prep() to ensure we own a napi - [arm64,armhf] mmc: sdhci-esdhc-imx: Convert the driver to DT-only - [x86] cpu: Restore AMD's DE_CFG MSR after resume - io_uring: kill goto error handling in io_sqpoll_wait_sq() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.156 - drm/amd/display: Remove wrong pipe control lock - NFSv4: Retry LOCK on OLD_STATEID during delegation return - [arm64,armhf] i2c: tegra: Allocate DMA memory for DMA engine - [x86] i2c: i801: add lis3lv02d's I2C address for Vostro 5568 - btrfs: remove pointless and double ulist frees in error paths of qgroup tests - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm - ALSA: hda/realtek: fix speakers and micmute on HP 855 G8 - [x86] mtd: spi-nor: intel-spi: Disable write protection only if asked - [arm64,armhf] mmc: sdhci-esdhc-imx: use the correct host caps for MMC_CAP_8_BIT_DATA - drm/amd/pm: support power source switch on Sienna Cichlid - drm/amd/pm: Read BIF STRAP also for BACO check - drm/amd/pm: disable BACO entry/exit completely on several sienna cichlid cards - drm/amdgpu: disable BACO on special BEIGE_GOBY card - [armhf] spi: stm32: Print summary 'callbacks suppressed' message - ASoC: core: Fix use-after-free in snd_soc_exit() - serial: 8250: Remove serial_rs485 sanitization from em485 - [arm64,armhf] serial: imx: Add missing .thaw_noirq hook - tty: n_gsm: fix sleep-in-atomic-context bug in gsm_control_send - bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb() - ASoC: soc-utils: Remove __exit for snd_soc_util_exit() - sctp: remove the unnecessary sinfo_stream check in sctp_prsctp_prune_unsent - sctp: clear out_curr if all frag chunks of current msg are pruned - block: sed-opal: kmalloc the cmd/resp buffers - [arm64] Fix bit-shifting UB in the MIDR_CPU_MODEL() macro - parport_pc: Avoid FIFO port location truncation - pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map - [arm64,armhf] drm/panel: simple: set bpc field for logic technologies displays - drm/drv: Fix potential memory leak in drm_dev_init() - drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker() - ata: libata-transport: fix double ata_host_put() in ata_tport_add() - ata: libata-transport: fix error handling in ata_tport_add() - ata: libata-transport: fix error handling in ata_tlink_add() - ata: libata-transport: fix error handling in ata_tdev_add() - bpf: Initialize same number of free nodes for each pcpu_freelist - mISDN: fix possible memory leak in mISDN_dsp_element_register() - net: hinic: Fix error handling in hinic_module_init() - net: liquidio: release resources when liquidio driver open failed - mISDN: fix misuse of put_device() in mISDN_register_device() - net: macvlan: Use built-in RCU list checking - net: caif: fix double disconnect client in chnl_net_open() - bnxt_en: Remove debugfs when pci_register_driver failed - xen/pcpu: fix possible memory leak in register_pcpu() - net: ena: Fix error handling in ena_init() - drbd: use after free in drbd_create_device() - [x86] platform/x86/intel: pmc: Don't unconditionally attach Intel PMC when virtualized - cifs: add check for returning value of SMB2_close_init - cifs: Fix wrong return value checking when GETFLAGS - [x86] net: thunderbolt: Fix error handling in tbnet_init() - cifs: add check for returning value of SMB2_set_info_init - ftrace: Fix the possible incorrect kernel message - ftrace: Optimize the allocation for mcount entries - ftrace: Fix null pointer dereference in ftrace_add_mod() - ring_buffer: Do not deactivate non-existant pages - tracing/ring-buffer: Have polling block on watermark - tracing: Fix memory leak in test_gen_synth_cmd() and test_empty_synth_event() - tracing: Fix wild-memory-access in register_synth_event() - tracing: kprobe: Fix potential null-ptr-deref on trace_event_file in kprobe_event_gen_test_exit() - tracing: kprobe: Fix potential null-ptr-deref on trace_array in kprobe_event_gen_test_exit() - ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open() - ALSA: hda/realtek: fix speakers for Samsung Galaxy Book Pro - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360 - [arm64,armhf] Revert "usb: dwc3: disable USB core PHY management" - slimbus: stream: correct presence rate frequencies - speakup: fix a segfault caused by switching consoles - USB: serial: option: add Sierra Wireless EM9191 - USB: serial: option: remove old LARA-R6 PID - USB: serial: option: add u-blox LARA-R6 00B modem - USB: serial: option: add u-blox LARA-L6 modem - USB: serial: option: add Fibocom FM160 0x0111 composition - usb: add NO_LPM quirk for Realforce 87U Keyboard - dm ioctl: fix misbehavior if list_versions races with module loading - serial: 8250: Fall back to non-DMA Rx if IIR_RDI occurs - serial: 8250: Flush DMA Rx on RLSI - [x86] serial: 8250_lpss: Configure DMA also w/o DMA filter - Input: iforce - invert valid length check when fetching device IDs - maccess: Fix writing offset in case of fault in strncpy_from_kernel_nofault() - [s390x] scsi: zfcp: Fix double free of FSF request when qdio send fails - [amd64] iommu/vt-d: Set SRE bit only when hardware has SRS cap - firmware: coreboot: Register bus in module init - mmc: core: properly select voltage range without power cycle - mmc: sdhci-pci-o2micro: fix card detect fail issue caused by CD# debounce timeout - mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put() - docs: update mediator contact information in CoC doc - [x86] misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() - [x86] perf/x86/intel/pt: Fix sampling using single range output - nvme: restrict management ioctls to admin - nvme: ensure subsystem reset is single threaded (CVE-2022-3169) - net: fix a concurrency bug in l2tp_tunnel_register() - ring-buffer: Include dropped pages in counting dirty patches - usbnet: smsc95xx: Fix deadlock on runtime resume - stddef: Introduce struct_group() helper macro - net: use struct_group to copy ip/ipv6 header addresses - scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus() - scsi: scsi_debug: Fix possible UAF in sdebug_add_host_helper() - kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case - Input: i8042 - fix leaking of platform device on module removal - macvlan: enforce a consistent minimal mtu - tcp: cdg: allow tcp_cdg_release() to be called multiple times - kcm: avoid potential race in kcm_tx_work (CVE-2022-3521) - kcm: close race conditions on sk_receive_queue - 9p: trans_fd/p9_conn_cancel: drop client lock earlier - gfs2: Check sb_bsize_shift after reading superblock - gfs2: Switch from strlcpy to strscpy - 9p/trans_fd: always use O_NONBLOCK read/write - mm: fs: initialize fsdata passed to write_begin/write_end interface https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.157 - scsi: scsi_transport_sas: Fix error handling in sas_phy_add() - ata: libata-scsi: simplify __ata_scsi_queuecmd() - ata: libata-core: do not issue non-internal commands once EH is pending - bridge: switchdev: Notify about VLAN protocol changes - bridge: switchdev: Fix memory leaks when changing VLAN protocol - drm/display: Don't assume dual mode adaptors support i2c sub-addressing - nvme: add a bogus subsystem NQN quirk for Micron MTFDKBA2T0TFH - nvme-pci: add NVME_QUIRK_BOGUS_NID for Micron Nitro - iio: ms5611: Simplify IO callback parameters - iio: pressure: ms5611: fixed value compensation bug - ceph: do not update snapshot context when there is no new snapshot - ceph: avoid putting the realm twice when decoding snaps fails - wifi: mac80211: fix memory free error when registering wiphy fail - wifi: mac80211_hwsim: fix debugfs attribute ps with rc table support - audit: fix undefined behavior in bit shift for AUDIT_BIT - wifi: airo: do not assign -1 to unsigned char - wifi: mac80211: Fix ack frame idr leak when mesh has no route - [armhf] spi: stm32: fix stm32_spi_prepare_mbr() that halves spi clk for every run - Revert "net: macsec: report real_dev features when HW offloading is enabled" - [powerpc*] scsi: ibmvfc: Avoid path failures during live migration - scsi: scsi_debug: Make the READ CAPACITY response compliant with ZBC - drm: panel-orientation-quirks: Add quirk for Acer Switch V 10 (SW5-017) - block, bfq: fix null pointer dereference in bfq_bio_bfqg() - [arm64] syscall: Include asm/ptrace.h in syscall_wrapper header. - [mips*] pic32: treat port as signed integer - xfrm: fix "disable_policy" on ipv4 early demux - xfrm: replay: Fix ESN wrap around for GSO - af_key: Fix send_acquire race with pfkey_register - [armhf] sgtl5000: Reset the CHIP_CLK_CTRL reg on remove - ASoC: soc-pcm: Don't zero TDM masks in __soc_pcm_open() - [x86] scsi: storvsc: Fix handling of srb_status and capacity change events - regulator: core: fix kobject release warning and memory leak in regulator_register() - regulator: core: fix UAF in destroy_regulator() - [arm64,armhf] bus: sunxi-rsb: Support atomic transfers - [arm64] tee: optee: fix possible memory leak in optee_register_device() - net: liquidio: simplify if expression - rxrpc: Allow list of in-use local UDP endpoints to be viewed in /proc - rxrpc: Use refcount_t rather than atomic_t - rxrpc: Fix race between conn bundle lookup and bundle removal [ZDI-CAN-15975] - [i386] net: pch_gbe: fix potential memleak in pch_gbe_tx_queue() - 9p/fd: fix issue of list_del corruption in p9_fd_cancel() - netfilter: conntrack: Fix data-races around ct mark - [armhf] dts: imx6q-prti6q: Fix ref/tcxo-clock-frequency properties - net/mlx4: Check retval of mlx4_bitmap_init - net/qla3xxx: fix potential memleak in ql3xxx_send() - [i386] net: pch_gbe: fix pci device refcount leak while module exiting - nfp: fill splittable of devlink_port_attrs correctly - nfp: add port from netdev validation for EEPROM access - macsec: Fix invalid error code set - [x86] Drivers: hv: vmbus: fix double free in the error path of vmbus_add_channel_work() - [x86] Drivers: hv: vmbus: fix possible memory leak in vmbus_device_register() - netfilter: ipset: Limit the maximal range of consecutive elements to add/delete - netfilter: ipset: regression in ip_set_hash_ip.c - net/mlx5: Fix FW tracer timestamp calculation - net/mlx5: Fix handling of entry refcount when command is not issued to FW - tipc: set con sock in tipc_conn_alloc - tipc: add an extra conn_get in tipc_conn_alloc - tipc: check skb_linearize() return value in tipc_disc_rcv() - xfrm: Fix ignored return value in xfrm6_init() - sfc: fix potential memleak in __ef100_hard_start_xmit() - net: sched: allow act_ct to be built without NF_NAT - [armhf] regulator: twl6030: re-add TWL6032_SUBCLASS - bnx2x: fix pci device refcount leak in bnx2x_vf_is_pcie_pending() - netfilter: flowtable_offload: add missing locking - dccp/tcp: Reset saddr on failure after inet6?_hash_connect(). - ipv4: Fix error return code in fib_table_insert() - [s390x] dasd: fix no record found for raw_track_access - net: arcnet: Fix RESET flag handling - arcnet: fix potential memory leak in com20020_probe() - [arm64] net: thunderx: Fix the ACPI memory leak - [arm64] net: enetc: manage ENETC_F_QBV in priv->active_offloads only when enabled - [arm64] net: enetc: cache accesses to &priv->si->hw - [arm64] net: enetc: preserve TX ring priority across reconfiguration - lib/vdso: use "grep -E" instead of "egrep" - [armhf] usb: dwc3: exynos: Fix remove() function - ext4: fix use-after-free in ext4_ext_shift_extents - [arm64] dts: rockchip: lower rk3399-puma-haikou SD controller clock frequency - iio: light: apds9960: fix wrong register for gesture gain - ceph: make ceph_create_session_msg a global symbol - ceph: make iterate_sessions a global symbol - ceph: flush mdlog before umounting - ceph: flush the mdlog before waiting on unsafe reqs - ceph: fix off by one bugs in unsafe_request_wait() - ceph: put the requests/sessions when it fails to alloc memory - ceph: fix possible NULL pointer dereference for req->r_session - ceph: Use kcalloc for allocating multiple elements - ceph: fix NULL pointer dereference for req->r_session - [arm64,armhf] usb: dwc3: gadget: conditionally remove requests - [arm64,armhf] usb: dwc3: gadget: Return -ESHUTDOWN on ep disable - [arm64,armhf] usb: dwc3: gadget: Clear ep descriptor last - nilfs2: fix nilfs_sufile_mark_dirty() not set segment usage as dirty - mm: vmscan: fix extreme overreclaim and swap floods - [x86] KVM: x86: nSVM: leave nested mode on vCPU free - [x86] KVM: x86: remove exit_int_info warning in svm_handle_exit - [x86] ioremap: Fix page aligned size calculation in __ioremap_caller() - [arm*] binder: avoid potential data leakage when copying txn - [arm*] binder: read pre-translated fds from sender buffer - [arm*] binder: defer copies of pre-patched txn data - [arm*] binder: fix pointer cast warning - [arm*] binder: Address corner cases in deferred copy and fixup - [arm*] binder: Gracefully handle BINDER_TYPE_FDA objects with num_fds=0 - Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI mode - [x86] ASoC: Intel: bytcht_es8316: Add quirk for the Nanote UMPC-01 - Input: goodix - try resetting the controller when no config is set - [x86] Input: soc_button_array - add use_low_level_irq module parameter - [x86] Input: soc_button_array - add Acer Switch V 10 to dmi_use_low_level_irq[] - xen-pciback: Allow setting PCI_MSIX_FLAGS_MASKALL too - xen/platform-pci: add missing free_irq() in error path - [x86] platform/x86: asus-wmi: add missing pci_dev_put() in asus_wmi_set_xusb2pr() - [x86] platform/x86: acer-wmi: Enable SW_TABLET_MODE on Switch V 10 (SW5-017) - zonefs: fix zone report size in __zonefs_io_error() - [x86] platform/x86: hp-wmi: Ignore Smart Experience App event - tcp: configurable source port perturb table size - net: usb: qmi_wwan: add Telit 0x103a composition - [arm64,armhf] gpu: host1x: Avoid trying to use GART on Tegra20 - dm integrity: flush the journal on suspend - dm integrity: clear the journal on suspend - genirq/msi: Shutdown managed interrupts with unsatifiable affinities - genirq: Always limit the affinity to online CPUs - [arm64,armhf] irqchip/gic-v3: Always trust the managed affinity provided by the core code - genirq: Take the proposed affinity at face value if force==true - btrfs: free btrfs_path before copying root refs to userspace - btrfs: free btrfs_path before copying fspath to userspace - btrfs: free btrfs_path before copying subvol info to userspace - btrfs: sysfs: normalize the error handling branch in btrfs_init_sysfs() - drm/amdgpu: always register an MMU notifier for userptr - [x86] drm/i915: fix TLB invalidation for Gen12 video and compute engines (CVE-2022-4139) - fuse: lock inode unconditionally in fuse_fallocate() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.158 - btrfs: sink iterator parameter to btrfs_ioctl_logical_to_ino - btrfs: free btrfs_path before copying inodes to userspace - [armhf] spi: spi-imx: Fix spi_bus_clk if requested clock is higher than input clock - btrfs: move QUOTA_ENABLED check to rescan_should_stop from btrfs_qgroup_rescan_worker - drm/display/dp_mst: Fix drm_dp_mst_add_affected_dsc_crtcs() return code - drm/amdgpu: update drm_display_info correctly when the edid is read - drm/amdgpu: Partially revert "drm/amdgpu: update drm_display_info correctly when the edid is read" - btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit() - iio: health: afe4403: Fix oob read in afe4403_read_raw - bpf, perf: Use subprog name when reporting subprog ksymbol - scripts/faddr2line: Fix regression in name resolution on ppc64le - [x86] hwmon: (i5500_temp) fix missing pci_disable_device() - hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails - bpf: Do not copy spin lock field from user in bpf_selem_alloc - of: property: decrement node refcount in of_fwnode_get_reference_args() - ixgbevf: Fix resource leak in ixgbevf_init_module() - i40e: Fix error handling in i40e_init_module() - iavf: remove redundant ret variable - iavf: Fix error handling in iavf_init_module() - e100: switch from 'pci_' to 'dma_' API - e100: Fix possible use after free in e100_xmit_prepare - net/mlx5: Fix uninitialized variable bug in outlen_write() - net/mlx5e: Fix use-after-free when reverting termination table - can: sja1000_isa: sja1000_isa_probe(): add missing free_sja1000dev() - [i386] can: cc770: cc770_isa_probe(): add missing free_cc770dev() - qlcnic: fix sleep-in-atomic-context bugs caused by msleep - [amd64,arm64] aquantia: Do not purge addresses when setting the number of rings - wifi: cfg80211: fix buffer overflow in elem comparison - wifi: cfg80211: don't allow multi-BSSID in S1G - wifi: mac8021: fix possible oob access in ieee80211_get_rate_duration - net: phy: fix null-ptr-deref while probe() failed - net/9p: Fix a potential socket leak in p9_socket_open - tipc: re-fetch skb cb after tipc_msg_validate - afs: Fix fileserver probe RTT handling - net: tun: Fix use-after-free in tun_detach() - packet: do not set TP_STATUS_CSUM_VALID on CHECKSUM_COMPLETE - sctp: fix memory leak in sctp_stream_outq_migrate() - [x86] hwmon: (coretemp) Check for null before removing sysfs attrs - [x86] hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new() - net/mlx5: DR, Fix uninitialized var warning - nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry() - [x86] bugs: Make sure MSR_SPEC_CTRL is updated properly upon resume from S3 - [x86] pinctrl: intel: Save and restore pins in "direct IRQ" mode - net: stmmac: Set MAC's flow control register to reflect current settings - mmc: core: Fix ambiguous TRIM and DISCARD arg - [arm64,armhf] mmc: sdhci-esdhc-imx: correct CQHCI exit halt state check - mmc: sdhci: Fix voltage switch delay - drm/amdgpu: temporarily disable broken Clang builds due to blown stack-frame - [x86] drm/i915: Never return 0 if not all requests retired - tracing: Free buffers when a used dynamic event is removed - io_uring: don't hold uring_lock when calling io_run_task_work* - ASoC: ops: Fix bounds check for _sx controls - [arm64,armhf] pinctrl: single: Fix potential division by zero - [amd64] iommu/vt-d: Fix PCI device refcount leak in has_external_pci() - [amd64] iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init() - ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference (CVE-2022-3435) - ipv4: Fix route deletion when nexthop info is not specified - Revert "tty: n_gsm: avoid call of sleeping functions from atomic context" - [x86] tsx: Add a feature bit for TSX control MSR support - [x86] pm: Add enumeration check before spec MSRs save/restore setup - [arm64,armhf] i2c: imx: Only DMA messages with I2C_M_DMA_SAFE flag set - [amd64,arm64] ACPI: HMAT: remove unnecessary variable initialization - [amd64,arm64] ACPI: HMAT: Fix initiator registration for single-initiator systems - char: tpm: Protect tpm_pm_suspend with locks - block: unhash blkdev part inode when the part is deleted - proc: avoid integer type confusion in get_proc_long (CVE-2022-4378) - proc: proc_skip_spaces() shouldn't think it is working on C strings (CVE-2022-4378) - v4l2: don't fall back to follow_pfn() if pin_user_pages_fast() fails - ipc/sem: Fix dangling sem_array access in semtimedop race . [ Salvatore Bonaccorso ] * Bump ABI to 20 * [rt] Drop "net: arcnet: Fix RESET flag handling" (applied upstream) * [x86] Enable AMD_MEM_ENCRYPT (Closes: #1024697) * xen/netback: Ensure protocol headers don't fall in the non-linear area (XSA-423, CVE-2022-3643) * xen/netback: do some code cleanup * xen/netback: don't call kfree_skb() with interrupts disabled (XSA-424, CVE-2022-42328, CVE-2022-42329) * [rt] Update to 5.10.158-rt77 linux-signed-i386 (5.10.149+2) bullseye-security; urgency=high . * Sign kernel from linux 5.10.149-2 . * Revert "drm/amdgpu: move nbio sdma_doorbell_range() into sdma code for vega" (Closes: #1022025) * Revert "drm/amdgpu: make sure to init common IP before gmc" (Closes: #1022025) linux-signed-i386 (5.10.149+1) bullseye-security; urgency=high . * Sign kernel from linux 5.10.149-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.149 - Revert "fs: check FMODE_LSEEK to control internal pipe splicing" . [ Salvatore Bonaccorso ] * Replace patch for "io_uring/af_unix: defer registered files gc to io_uring release" with queued version linux-signed-i386 (5.10.148+1) bullseye-security; urgency=high . * Sign kernel from linux 5.10.148-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.141 - [s390x] mm: do not trigger write fault when vma does not allow VM_WRITE - kbuild: Fix include path in scripts/Makefile.modpost - Bluetooth: L2CAP: Fix build errors in some archs - HID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report - media: pvrusb2: fix memory leak in pvr_probe - HID: hidraw: fix memory leak in hidraw_release() - net: fix refcount bug in sk_psock_get (2) - fbdev: fb_pm2fb: Avoid potential divide by zero error - ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead - drm/amd/display: Avoid MPC infinite loop - drm/amd/display: For stereo keep "FLIP_ANY_FRAME" - drm/amd/display: clear optc underflow before turn off odm clock - neigh: fix possible DoS due to net iface start/stop loop - [s390x] hypfs: avoid error message under KVM - drm/amd/pm: add missing ->fini_microcode interface for Sienna Cichlid - drm/amd/display: Fix pixel clock programming - drm/amdgpu: Increase tlb flush timeout for sriov - netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to y - lib/vdso: Mark do_hres_timens() and do_coarse_timens() __always_inline() - kprobes: don't call disarm_kprobe() for disabled kprobes - io_uring: disable polling pollfree files - xfs: remove infinite loop when reserving free block pool - xfs: always succeed at setting the reserve pool size - xfs: fix overfilling of reserve pool - xfs: fix soft lockup via spinning in filestream ag selection loop - xfs: revert "xfs: actually bump warning counts when we send warnings" - net: neigh: don't call kfree_skb() under spin_lock_irqsave() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.142 - [arm64] drm/msm/dsi: fix the inconsistent indenting - [arm64] drm/msm/dp: delete DP_RECOVERED_CLOCK_OUT_EN to fix tps4 - [arm64] drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg - [arm64] drm/msm/dsi: Fix number of regulators for SDM660 - [x86] platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask - iio: adc: mcp3911: make use of the sign bit - bpf, cgroup: Fix kernel BUG in purge_effective_progs - ieee802154/adf7242: defer destroy_workqueue call - ALSA: hda: intel-nhlt: remove use of __func__ in dev_dbg - ALSA: hda: intel-nhlt: Correct the handling of fmt_config flexible array - wifi: cfg80211: debugfs: fix return type in ht40allow_map_read() - Revert "xhci: turn off port power in shutdown" - net: sched: tbf: don't call qdisc_put() while holding tree lock - net/sched: fix netdevice reference leaks in attach_default_qdiscs() - sch_cake: Return __NET_XMIT_STOLEN when consuming enqueued skb - tcp: annotate data-race around challenge_timestamp - Revert "sch_cake: Return __NET_XMIT_STOLEN when consuming enqueued skb" - net/smc: Remove redundant refcount increase - [arm64] serial: fsl_lpuart: RS485 RTS polariy is inverse - staging: rtl8712: fix use after free bugs - [powerpc*] align syscall table for ppc32 - vt: Clear selection before changing the font - [arm64] tty: serial: lpuart: disable flow control while waiting for the transmit engine to complete - Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag - iio: ad7292: Prevent regulator double disable - iio: adc: mcp3911: use correct formula for AD conversion - USB: serial: ftdi_sio: add Omron CS1W-CIF31 device id - [arm*] binder: fix UAF of ref->proc caused by race condition (CVE-2022-20421) - [x86] drm/i915/reg: Fix spelling mistake "Unsupport" -> "Unsupported" - clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops - Revert "clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops" - clk: core: Fix runtime PM sequence in clk_core_unprepare() - [arm64,armhf] clk: bcm: rpi: Fix error handling of raspberrypi_fw_get_rate - [arm64,armhf] clk: bcm: rpi: Use correct order for the parameters of devm_kcalloc() - [arm64,armhf] clk: bcm: rpi: Prevent out-of-bounds access - [arm64,armhf] clk: bcm: rpi: Add missing newline - [armel,armhf] hwmon: (gpio-fan) Fix array out of bounds access - [arm64,armhf] gpio: pca953x: Add mutex_lock for regcache sync in PM - [x86] KVM: x86: Mask off unsupported and unknown bits of IA32_ARCH_CAPABILITIES - xen/grants: prevent integer overflow in gnttab_dma_alloc_pages() - mm: pagewalk: Fix race between unmap and page walker - xen-blkback: Advertise feature-persistent as user requested - xen-blkfront: Advertise feature-persistent as user requested - [x86] thunderbolt: Use the actual buffer in tb_async_error() - media: mceusb: Use new usb_control_msg_*() routines - xhci: Add grace period after xHC start to prevent premature runtime suspend. - USB: serial: cp210x: add Decagon UCA device id - USB: serial: option: add support for OPPO R11 diag port - USB: serial: option: add Quectel EM060K modem - USB: serial: option: add support for Cinterion MV32-WA/WB RmNet mode - usb: typec: altmodes/displayport: correct pin assignment for UFP receptacles - [arm*] usb: dwc2: fix wrong order of phy_power_on and phy_init - USB: cdc-acm: Add Icom PMR F3400 support (0c26:0020) - usb-storage: Add ignore-residue quirk for NXP PN7462AU - [s390x] hugetlb: fix prepare_hugepage_range() check for 2 GB hugepages - [s390x] fix nospec table alignments - USB: core: Prevent nested device-reset calls - usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS - driver core: Don't probe devices after bus_type.match() probe deferral - wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected - wifi: mac80211: Fix UAF in ieee80211_scan_rx() - ip: fix triggering of 'icmp redirect' - net: Use u64_stats_fetch_begin_irq() for stats fetch. - net: mac802154: Fix a condition in the receive path - ALSA: hda/realtek: Add speaker AMP init for Samsung laptops with ALC298 - ALSA: seq: oss: Fix data-race for max_midi_devs access - ALSA: seq: Fix data-race at module auto-loading - [x86] drm/i915/glk: ECS Liva Q2 needs GLK HDMI port timing quirk - btrfs: harden identification of a stale device - mmc: core: Fix UHS-I SD 1.8V workaround branch - [arm64,armhf] usb: dwc3: fix PHY disable sequence - [arm64,armhf] usb: dwc3: qcom: fix use-after-free on runtime-PM wakeup - [arm64,armhf] usb: dwc3: disable USB core PHY management - USB: serial: ch341: fix lost character on LCR updates - USB: serial: ch341: fix disabled rx timer on older devices https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.143 - NFSD: Fix verifier returned in stable WRITEs - xen-blkfront: Cache feature_persistent value before advertisement - tty: n_gsm: initialize more members at gsm_alloc_mux() - tty: n_gsm: avoid call of sleeping functions from atomic context - efi: capsule-loader: Fix use-after-free in efi_capsule_write (CVE-2022-40307) - wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in il4965_rs_fill_link_cmd() - fs: only do a memory barrier for the first set_buffer_uptodate() - scsi: qla2xxx: Disable ATIO interrupt coalesce for quad port ISP27XX - scsi: megaraid_sas: Fix double kfree() - drm/gem: Fix GEM handle release errors - drm/amdgpu: Move psp_xgmi_terminate call from amdgpu_xgmi_remove_device to psp_hw_fini - drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup. - drm/radeon: add a force flush to delay work when radeon - [arm64] cacheinfo: Fix incorrect assignment of signed error value to unsigned fw_level - net/core/skbuff: Check the return value of skb_copy_bits() - drm/amdgpu: mmVM_L2_CNTL3 register not initialized correctly - ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() - ALSA: aloop: Fix random zeros in capture data when using jiffies timer - ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() - kprobes: Prohibit probes in gate area - debugfs: add debugfs_lookup_and_remove() - nvmet: fix a use-after-free - [x86] drm/i915: Implement WaEdpLinkRateDataReload - scsi: mpt3sas: Fix use-after-free warning - scsi: lpfc: Add missing destroy_workqueue() in error path - cgroup: Elide write-locking threadgroup_rwsem when updating csses on an empty subtree - cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock - cifs: remove useless parameter 'is_fsctl' from SMB2_ioctl() - smb3: missing inode locks in punch hole - regulator: core: Clean up on enable failure - [arm64] tee: fix compiler warning in tee_shm_register() - RDMA/cma: Fix arguments order in net device validation - [arm64] RDMA/hns: Fix supported page size - [arm64] RDMA/hns: Fix wrong fixed value of qp->rq.wqe_shift - netfilter: br_netfilter: Drop dst references before setting. - netfilter: nf_tables: clean up hook list when offload flags check fails - netfilter: nf_conntrack_irc: Fix forged IP logic (CVE-2022-2663) - ALSA: usb-audio: Inform the delayed registration more properly - ALSA: usb-audio: Register card again for iface over delayed_register option - rxrpc: Fix an insufficiently large sglist in rxkad_verify_packet_2() - afs: Use the operation issue time instead of the reply time for callbacks - sch_sfb: Don't assume the skb is still around after enqueueing to child - tipc: fix shift wrapping bug in map_get() - ice: use bitmap_free instead of devm_kfree - i40e: Fix kernel crash during module removal - xen-netback: only remove 'hotplug-status' when the vif is actually destroyed - ipv6: sr: fix out-of-bounds read when setting HMAC data. - IB/core: Fix a nested dead lock as part of ODP flow - RDMA/mlx5: Set local port to one when accessing counters - nvme-tcp: fix UAF when detecting digest errors - nvme-tcp: fix regression that causes sporadic requests to time out - tcp: fix early ETIMEDOUT after spurious non-SACK RTO - sch_sfb: Also store skb len before calling child enqueue - swiotlb: avoid potential left shift overflow - [amd64] iommu/amd: use full 64-bit value in build_completion_wait() - [arm64] errata: add detection for AMEVCNTR01 incrementing incorrectly https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.144 - [armhf] dts: imx: align SPI NOR node name with dtschema - [amd64] iommu/vt-d: Correctly calculate sagaw value of IOMMU - tracefs: Only clobber mode/uid/gid on remount if asked - Input: goodix - add support for GT1158 - [arm64] drm/msm/rd: Fix FIFO-full deadlock - [amd64] hid: intel-ish-hid: ishtp: Fix ishtp client sending disordered message - tg3: Disable tg3 device on system reboot to avoid triggering AER - ieee802154: cc2520: add rc code in cc2520_tx() - Input: iforce - add support for Boeder Force Feedback Wheel - nvmet-tcp: fix unhandled tcp states in nvmet_tcp_state_change() - drm/amd/amdgpu: skip ucode loading if ucode_size == 0 - [arm*] perf/arm_pmu_platform: fix tests for platform_get_irq() failure - [x86] platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell Dot keymap fixes - mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region() - [x86] Revert "x86/ftrace: Use alternative RET encoding" - [x86] ibt,ftrace: Make function-graph play nice - [x86] ftrace: Use alternative RET encoding - Input: goodix - add compatible string for GT1158 https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.145 - [ppc64el] KVM: PPC: Book3S HV: Context tracking exit guest context before enabling irqs - [ppc64el] KVM: PPC: Tick accounting should defer vtime accounting 'til after IRQ handling - serial: 8250: Fix reporting real baudrate value in c_ospeed field - [powerpc*] pseries/mobility: refactor node lookup during DT update - [powerpc*] pseries/mobility: ignore ibm, platform-facilities updates - [x86] platform/x86/intel: hid: add quirk to support Surface Go 3 - [arm64,armhf] net: dsa: mv88e6xxx: allow use of PHYs on CPU and DSA ports - of: fdt: fix off-by-one error in unflatten_dt_nodes() - [arm64] pinctrl: sunxi: Fix name for A100 R_PIO - NFSv4: Turn off open-by-filehandle and NFS re-export for NFSv4.0 - [arm64] gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type in mpc85xx - [arm64] drm/meson: Correct OSD1 global alpha value - [arm64] drm/meson: Fix OSD1 RGB to YCbCr coefficient - tracing: hold caller_addr to hardirq_{enable,disable}_ip - of/device: Fix up of_dma_configure_id() stub - cifs: revalidate mapping when doing direct writes - cifs: don't send down the destination address to sendmsg for a SOCK_STREAM - video: fbdev: i740fb: Error out if 'pixclock' equals zero (CVE-2022-3061) - Revert "serial: 8250: Fix reporting real baudrate value in c_ospeed field" - [x86] ASoC: nau8824: Fix semaphore unbalance at error paths - [armhf] regulator: pfuze100: Fix the global-out-of-bounds access in pfuze100_regulator_probe() - rxrpc: Fix local destruction being repeated - rxrpc: Fix calc of resend age - wifi: mac80211_hwsim: check length for virtio packets - ALSA: hda/sigmatel: Keep power up while beep is enabled - [arm64,armhf] ALSA: hda/tegra: Align BDL entry to 4KB boundary - net: usb: qmi_wwan: add Quectel RM520N - afs: Return -EAGAIN, not -EREMOTEIO, when a file already locked - [misp64el,mipsel] OCTEON: irq: Fix octeon_irq_force_ciu_mapping() - mksysmap: Fix the mismatch of 'L0' symbols in System.map - video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write (CVE-2022-39842) - cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all() - ALSA: hda/sigmatel: Fix unused variable warning for beep power change https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.146 - drm/amdgpu: move nbio sdma_doorbell_range() into sdma code for vega - drm/amdgpu: indirect register access for nv12 sriov - drm/amdgpu: Separate vf2pf work item init from virt data exchange - drm/amdgpu: make sure to init common IP before gmc - [arm64,armhf] usb: dwc3: gadget: Avoid starting DWC3 gadget during UDC unbind - [arm64,armhf] usb: dwc3: Issue core soft reset before enabling run/stop - [arm64,armhf] usb: dwc3: gadget: Prevent repeat pullup() - [arm64,armhf] usb: dwc3: gadget: Refactor pullup() - [arm64,armhf] usb: dwc3: gadget: Don't modify GEVNTCOUNT in pullup() - [arm64,armhf] usb: dwc3: gadget: Avoid duplicate requests to enable Run/Stop - mmc: core: Fix inconsistent sd3_bus_mode at UHS-I SD voltage switch failure - vfio/type1: Change success value of vaddr_get_pfn() - vfio/type1: Prepare for batched pinning with struct vfio_batch - vfio/type1: Unpin zero pages - USB: core: Fix RST error in hub.c - USB: serial: option: add Quectel BG95 0x0203 composition - USB: serial: option: add Quectel RM520N - ALSA: hda/tegra: set depop delay for tegra - ALSA: hda: add Intel 5 Series / 3400 PCI DID - ALSA: hda/realtek: Add quirk for Huawei WRT-WX9 - ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5570 laptop - ALSA: hda/realtek: Re-arrange quirk table entries - ALSA: hda/realtek: Add pincfg for ASUS G513 HP jack - ALSA: hda/realtek: Add pincfg for ASUS G533Z HP jack - ALSA: hda/realtek: Add quirk for ASUS GA503R laptop - ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5530 laptop - [amd64] iommu/vt-d: Check correct capability for sagaw determination - media: flexcop-usb: fix endpoint type check - [x86] efi: x86: Wipe setup_data on pure EFI boot - efi: libstub: check Shim mode using MokSBStateRT - gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully - [arm64,armhf] can: flexcan: flexcan_mailbox_read() fix return value for drop = true - mm/slub: fix to return errno if kmalloc() fails - KVM: SEV: add cache flush to solve SEV cache incoherency issues (CVE-2022-0171) - xfs: fix up non-directory creation in SGID directories (CVE-2021-4037) - xfs: reorder iunlink remove operation in xfs_ifree - xfs: validate inode fork size against fork format - [arm64] dts: rockchip: Pull up wlan wake# on Gru-Bob - netfilter: nf_conntrack_sip: fix ct_sip_walk_headers - netfilter: nf_conntrack_irc: Tighten matching on DCC message (CVE-2022-2663) - netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find() - iavf: Fix cached head and tail value for iavf_get_tx_pending - ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header - net: let flow have same hash in two directions - net: core: fix flow symmetric hash - net: phy: aquantia: wait for the suspend/resume operations to finish - scsi: mpt3sas: Force PCIe scatterlist allocations to be within same 4 GB region - scsi: mpt3sas: Fix return value check of dma_get_required_mask() - net: bonding: Share lacpdu_mcast_addr definition - net: bonding: Unsync device addresses on ndo_stop - net: team: Unsync device addresses on ndo_stop - [arm64,armhf] drm/panel: simple: Fix innolux_g121i1_l01 bus_format - iavf: Fix bad page state - iavf: Fix set max MTU size with port VLAN and jumbo frames - i40e: Fix VF set max MTU size - i40e: Fix set max_tx_rate when it is lower than 1 Mbps - sfc: fix TX channel offset when using legacy interrupts - sfc: fix null pointer dereference in efx_hard_start_xmit - of: mdio: Add of_node_put() when breaking out of for_each_xx - wireguard: ratelimiter: disable timings test by default - wireguard: netlink: avoid variable-sized memcpy on sockaddr - [arm64] net: enetc: move enetc_set_psfp() out of the common enetc_set_features() - net: socket: remove register_gifconf - net/sched: taprio: avoid disabling offload when it was never enabled - net/sched: taprio: make qdisc_leaf() see the per-netdev-queue pfifo child qdiscs - netfilter: nf_tables: fix nft_counters_enabled underflow at nf_tables_addchain() - netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain() - netfilter: ebtables: fix memory leak when blob is malformed - can: gs_usb: gs_can_open(): fix race dev->can.state condition - net/smc: Stop the CLC flow if no link to map buffers on - net: sunhme: Fix packet reception for len < RX_COPY_THRESHOLD - net: sched: fix possible refcount leak in tc_new_tfilter() - drm/amd/amdgpu: fixing read wrong pf2vf data in SRIOV - serial: Create uart_xmit_advance() - [arm64,armhf] serial: tegra: Use uart_xmit_advance(), fixes icount.tx accounting - [s390x] dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup - vfio/type1: fix vaddr_get_pfns() return in vfio_pin_page_external() - drm/amdgpu: Fix check for RAS support - cifs: use discard iterator to discard unneeded network data more efficiently - cifs: always initialize struct msghdr smb_msg completely - [x86] Drivers: hv: Never allocate anything besides framebuffer from framebuffer memory region - [x86] drm/gma500: Fix BUG: sleeping function called from invalid context errors - drm/amdgpu: use dirty framebuffer helper - drm/amd/display: Limit user regamma to a valid value - drm/amd/display: Mark dml30's UseMinimumDCFCLK() as noinline for stack usage - [arm64] drm/rockchip: Fix return type of cdn_dp_connector_mode_valid - workqueue: don't skip lockdep work dependency in cancel_work_sync() - [arm64,armhf] i2c: imx: If pm_runtime_get_sync() returned 1 device access is possible - [amd64,arm64] devdax: Fix soft-reservation memory description - ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0 - ext4: limit the number of retries after discarding preallocations blocks - ext4: make directory inode spreading reflect flexbg size https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.147 - [x86] thunderbolt: Add support for Intel Maple Ridge - [x86] thunderbolt: Add support for Intel Maple Ridge single port controller - [arm64,armhf] ALSA: hda/tegra: Use clk_bulk helpers - [arm64,armhf] ALSA: hda/tegra: Reset hardware - ALSA: hda/hdmi: let new platforms assign the pcm slot dynamically - ALSA: hda: Fix Nvidia dp infoframe - btrfs: fix hang during unmount when stopping a space reclaim worker - [arm64,x86] usb: typec: ucsi: Remove incorrect warning - [x86] thunderbolt: Explicitly reset plug events delay back to USB4 spec value - net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 - libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205 - mm/page_alloc: fix race condition between build_all_zonelists and page allocation - mm: prevent page_frag_alloc() from corrupting the memory - mm/migrate_device.c: flush TLB while holding PTL - mm: fix madivse_pageout mishandling on non-LRU page - swiotlb: max mapping size takes min align mask into account - [arm64] scsi: hisi_sas: Revert "scsi: hisi_sas: Limit max hw sectors for v3 HW" - [arm64,armhf] soc: sunxi: sram: Actually claim SRAM regions - [arm64,armhf] soc: sunxi: sram: Prevent the driver from being unbound - [arm64,armhf] soc: sunxi_sram: Make use of the helper function devm_platform_ioremap_resource() - [arm64,armhf] soc: sunxi: sram: Fix probe function ordering issues - [arm64,armhf] soc: sunxi: sram: Fix debugfs info for A64 SRAM C - [arm64,armhf] Revert "drm: bridge: analogix/dp: add panel prepare/unprepare in suspend/resume time" - usbnet: Fix memory leak in usbnet_disconnect() - net: sched: act_ct: fix possible refcount leak in tcf_ct_init() - cxgb4: fix missing unlock on ETHOFLD desc collect fail path - nvme: add new line after variable declatation - nvme: Fix IOC_PR_CLEAR and IOC_PR_RELEASE ioctls for nvme devices - net: stmmac: power up/down serdes in stmmac_open/release - [armhf] clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI clocks - [x86] KVM: x86: Hide IA32_PLATFORM_DCA_CAP[31:0] from the guest - [x86] alternative: Fix race in try_get_desc() - ALSA: hda/hdmi: fix warning about PCM count when used with SOF https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.148 - nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level() - nilfs2: fix use-after-free bug of struct nilfs_root - nilfs2: fix leak of nilfs_root in case of writer thread creation failure - nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure - ceph: don't truncate file in atomic_open - docs: update mediator information in CoC docs - xsk: Inherit need_wakeup flag for shared sockets - ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC (CVE-2022-3303) - mm: gup: fix the fast GUP race against THP collapse - [powerpc*] 64s/radix: don't need to broadcast IPI for radix pmd collapse flush - fs: fix UAF/GPF bug in nilfs_mdt_destroy - compiler_attributes.h: move __compiletime_{error|warning} - scsi: qedf: Fix a UAF bug in __qedf_probe() - net/ieee802154: fix uninit value bug in dgram_sendmsg - ALSA: hda/hdmi: Fix the converter reuse for the silent stream - net: atlantic: fix potential memory leak in aq_ndev_close() - drm/amd/display: update gamut remap if plane has changed - drm/amd/display: skip audio setup when audio stream is enabled - mmc: core: Replace with already defined values for readability - mmc: core: Terminate infinite loop in SD-UHS voltage switch - usb: mon: make mmapped memory read only - USB: serial: ftdi_sio: fix 300 bps rate for SIO - [arm64] rpmsg: qcom: glink: replace strncpy() with strscpy_pad() - Revert "clk: ti: Stop using legacy clkctrl names for omap4 and 5" - random: restore O_NONBLOCK support - random: clamp credited irq bits to maximum mixed - ALSA: hda: Fix position reporting on Poulsbo - efi: Correct Macmini DMI match in uefi cert quirk - scsi: stex: Properly zero out the passthrough command structure - USB: serial: qcserial: add new usb-id for Dell branded EM7455 - random: avoid reading two cache lines on irq randomness - random: use expired timer rather than wq for mixing fast pool - wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans() (CVE-2022-41674) - wifi: cfg80211/mac80211: reject bad MBSSID elements - wifi: cfg80211: ensure length byte is present before access - wifi: cfg80211: fix BSS refcounting bugs (CVE-2022-42720) - wifi: cfg80211: avoid nontransmitted BSS list corruption (CVE-2022-42721) - wifi: mac80211_hwsim: avoid mac80211 warning on bad rate - wifi: mac80211: fix crash in beacon protection for P2P-device (CVE-2022-42722) - wifi: cfg80211: update hidden BSSes to avoid WARN_ON - Input: xpad - add supported devices as contributed on github - Input: xpad - fix wireless 360 controller breaking after suspend . [ Aurelien Jarno ] * [arm64] Add support for misalignment fixups for multiword loads from next branch. Enable COMPAT_ALIGNMENT_FIXUPS. . [ Salvatore Bonaccorso ] * [x86] drivers/edac: Enable EDAC_I10NM as module (Closes: #1019248) * Bump ABI to 19 * Refresh "Export symbols needed by Android drivers" * [rt] Update to 5.10.140-rt73 * io_uring/af_unix: defer registered files gc to io_uring release (CVE-2022-2602) * ext4: fix check for block being out of directory size (CVE-2022-1184) . [ Uwe Kleine-König ] * mac80211: mlme: find auth challenge directly * wifi: mac80211: don't parse mbssid in assoc response * wifi: mac80211: fix MBSSID parsing use-after-free (CVE-2022-42719) mariadb-10.5 (1:10.5.18-0+deb11u1) bullseye; urgency=medium . * New upstream version 10.5.18. * New upstream version 10.5.17. Includes security fixes for - CVE-2018-25032 - CVE-2022-32081 - CVE-2022-32082 - CVE-2022-32084 - CVE-2022-32089 - CVE-2022-32091 * New upstream version 10.5.16. Includes security fixes for - CVE-2021-46669 - CVE-2022-27376 - CVE-2022-27377 - CVE-2022-27378 - CVE-2022-27379 - CVE-2022-27380 - CVE-2022-27381 - CVE-2022-27382 - CVE-2022-27383 - CVE-2022-27384 - CVE-2022-27386 - CVE-2022-27387 - CVE-2022-27444 - CVE-2022-27445 - CVE-2022-27446 - CVE-2022-27447 - CVE-2022-27448 - CVE-2022-27449 - CVE-2022-27451 - CVE-2022-27452 - CVE-2022-27455 - CVE-2022-27456 - CVE-2022-27457 - CVE-2022-27458 - CVE-2022-32083 - CVE-2022-32085 - CVE-2022-32086 - CVE-2022-32087 - CVE-2022-32088 maven-shared-utils (3.3.0-1+deb11u1) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. . [Markus Koschany ] * Fix CVE-2022-29599: Apache Maven maven-shared-utils, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks. (Closes: #1012314) mediawiki (1:1.35.8-1~deb11u1) bullseye-security; urgency=medium . [ Kunal Mehta ] * New upstream version 1.35.8, fixing CVE-2021-44854 CVE-2021-44855, CVE-2021-44856, CVE-2022-28201, CVE-2022-28202, CVE-2022-28203, CVE-2022-34911, CVE-2022-34912, CVE-2022-41765, CVE-2022-41767. * The bundled guzzle library was updated, fixing CVE-2022-29248, CVE-2022-31042, CVE-2022-31043, CVE-2022-31090, CVE-2022-31091. * Drop patches merged upstream mediawiki (1:1.35.7-1) unstable; urgency=medium . [ Taavi Väänänen ] * New upstream release 1.35.7, fixing CVE-2022-27776 and CVE-2022-29248 in the embedded guzzlehttp/guzzle library. . [ Kunal Mehta ] * Officially switch to team maintenance, add Taavi to uploaders mediawiki (1:1.35.6-1) unstable; urgency=medium . * Team upload. * New upstream version 1.35.6, fixing CVE-2022-28201, CVE-2022-28202, CVE-2022-28203. This version is not affected by CVE-2022-28204. * Update php extension recommends from composer.json mediawiki (1:1.35.5-2) unstable; urgency=medium . [ Lucas Werkmeister ] * Remove PHP 5 support from mediawiki.conf . [ Kunal Mehta ] * Make it easier to debug autopkgtest failures * Increase PHP's max_execution_time for autopkgtests to 300s, thanks to Paul Gevers and Bryce Harrington for input and helping test. mediawiki (1:1.35.5-1) unstable; urgency=high . [ Kunal Mehta ] * New upstream version 1.35.5, fixing CVE-2021-44854, CVE-2021-44855, CVE-2021-44856, CVE-2021-44857, CVE-2021-44858, CVE-2021-45038. . [ Debian Janitor ] * Remove constraints unnecessary since buster mod-wsgi (4.7.1-3+deb11u1) bullseye; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2022-2255 (Closes: #1016476) drop X-Client-IP header when is not a trusted header mplayer (2:1.4+ds1-1+deb11u1) bullseye; urgency=medium . * Backport the following commits: d19ea1ce173e95c31b0e8acbe471ea26c292be2b (CVE-2022-38850) 58db9292a414ebf13a2cacdb3ffa967fb9036935 (CVE-2022-38851) 2f6e69e59e2614acdde5505b049c48f80a3d0eb7 (CVE-2022-38855) 92e0d0b1a04dfdd4ac741e0d07005e3ece2c92ca (CVE-2022-38858) 62fe0c63cf4fba91efd29bbc85309280e1a99a47 (CVE-2022-38860) 2622e7fbe3605a2f3b4f74900197fefeedc0d2e1 (CVE-2022-38861) b5e745b4bfab2835103a060094fae3c6cc1ba17d (CVE-2022-38863) 36546389ef9fb6b0e0540c5c3f212534c34b0e94 (CVE-2022-38864) 33d9295663c37a37216633d7e3f07e7155da6144 (CVE-2022-38865) 373517da3bb5781726565eb3114a2697b13f00f2 (CVE-2022-38866) mujs (1.1.0-1+deb11u2) bullseye-security; urgency=medium . * Fix CVE-2022-44789, CVE-2022-30974, and CVE-2022-30975 via upstream patches mutt (2.0.5-4.1+deb11u2) bullseye; urgency=medium . * Non-maintainer upload. * Fix gpgme crash when listing keys in a public key block (Closes: #1024427) * Fix public key block listing for old versions of gpgme * Add a check for key->uids in create_recipient_set nano (5.4-2+deb11u2) bullseye; urgency=medium . * The "No a l'ampliació del port" release. * Add three additional patches from Benno Schulenberg, with two crash fixes and one data-loss fix. nftables (0.9.8-3.1+deb11u1) bullseye; urgency=medium . * d/p/rule_fix_for_potential_off-by-one_in_cmd_add_loc.patch It fixes an off-by-one error in the check for NFT_NLATTR_LOC_MAX which leads to double free or corruption (out) error. Thanks to Sven Auhagen for suggesting the fix (closes: #1017359). * d/control: add myself to uploaders. nginx (1.18.0-6.1+deb11u3) bullseye-security; urgency=medium . * CVE-2022-41741 / CVE-2022-41742 node-hawk (8.0.1+dfsg-2+deb11u1) bullseye; urgency=medium . * Team upload * Parse URLs using stdlib (Closes: CVE-2022-29167) node-hawk (8.0.1+dfsg-2) unstable; urgency=medium . * Team upload . [ Debian Janitor ] * Set upstream metadata fields: Security-Contact. . [ Yadd ] * Update standards version to 4.6.1, no changes needed. * Fix debian/watch * Drop dependency to nodejs node-loader-utils (2.0.0-1+deb11u1) bullseye; urgency=medium . * Team upload * Fix prototype pollution (Closes: CVE-2022-37601) * Fix ReDos (Closes: CVE-2022-37599, CVE-2022-37603) node-minimatch (3.0.4+~3.0.3-1+deb11u2) bullseye; urgency=medium . * Team upload * Fix regression in CVE-2022-3517 patch node-minimatch (3.0.4+~3.0.3-1+deb11u1) bullseye; urgency=medium . * Team upload * Improve redos protection (Closes: CVE-2022-3517) node-qs (6.9.4+ds-1+deb11u1) bullseye; urgency=medium . * Team upload * Fix prototype pollution (Closes: CVE-2022-24999) node-xmldom (0.5.0-1+deb11u2) bullseye; urgency=medium . * Team upload * Prevent inserting DOM nodes when they are not well-formed (Closes: #1024736, CVE-2022-39353) node-xmldom (0.5.0-1+deb11u1) bullseye; urgency=medium . * Team upload * Fix prototype pollution (Closes: #1021618, CVE-2022-37616) ntfs-3g (1:2017.3.23AR.3-4+deb11u3) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. * Rejected zero-sized runs (CVE-2022-40284) * Avoided merging runlists with no runs (CVE-2022-40284) nvidia-graphics-drivers (470.161.03-1) bullseye; urgency=medium . * New upstream production branch release 470.161.03 (2022-11-22). * Fixed CVE-2022-34670, CVE-2022-34674, CVE-2022-34675, CVE-2022-34677, CVE-2022-34679, CVE-2022-34680, CVE-2022-34682, CVE-2022-42254, CVE-2022-42255, CVE-2022-42256, CVE-2022-42257, CVE-2022-42258, CVE-2022-42259, CVE-2022-42260, CVE-2022-42261, CVE-2022-42262, CVE-2022-42263, CVE-2022-42264. (Closes: #1025279) https://nvidia.custhelp.com/app/answers/detail/a_id/5415 - Fixed a bug that caused the Xorg server to crash if an NvFBC capture session is started while video memory is full. * Improved compatibility with recent Linux kernels. (Closes: #1024852) * New upstream Tesla release (amd64 only) 470.141.10 (2022-10-19). . [ Andreas Beckmann ] * Refresh patches. * Add missing #includes to fix kernel module build for ppc64el. * Rename the internally used ARCH variable which might clash on externally set values. * Use substitutions for ${nvidia-kernel} and friends (510.108.03-1). * Try to compile a kernel module at package build time (510.108.03-1). * Upload to bullseye. . nvidia-graphics-drivers (470.141.03-3) UNRELEASED; urgency=medium . * Backport get_task_ioprio changes from 510.85.02, acpi changes from 510.85.02 and 515.65.01, drm_frambuffer.h changes from 515.76 to fix kernel module build for Linux 6.0. (Closes: #1021974, #1022738) . nvidia-graphics-drivers (470.141.03-2) unstable; urgency=medium . * Add support for unversioned Tesla packages (tesla 510.85.02-1). (Closes: #1020697) * Switch *-source to a modern module-assistant based template. * Drop support for kernel-package and make-kpkg, gone since stretch. nvidia-graphics-drivers (470.141.03-2) unstable; urgency=medium . * Add support for unversioned Tesla packages (510.85.02-2). (Closes: #1020697) * Switch *-source to a modern module-assistant based template. * Drop support for kernel-package and make-kpkg, gone since stretch. nvidia-graphics-drivers (470.141.03-1) unstable; urgency=medium . * New upstream production branch release 470.141.03 (2022-08-02). * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016614) https://nvidia.custhelp.com/app/answers/detail/a_id/5383 - Added support for the following GPU: GeForce RTX 3050 OEM. * Improved compatibility with recent Linux kernels. (Closes: #1016736) . [ Andreas Beckmann ] * Replace obsolete pci_*() functions with their dma_*() counterparts in ppc64el specific code paths to fix kernel module build for ppc64el. * Refresh patches. * Update nv-readme.ids. * More generic handling of architectures with gsp firmware. * Drop references to kernel-package and make-kpkg, gone since stretch. * Overhaul build-module-packages.sh. * Add module-assistant based autopkgtest for the *-source package. * Simplify changelog management for the *-source package. * Copy the Source stanza from d/control to the module control file. nvidia-graphics-drivers-legacy-390xx (390.157-1~deb11u1) bullseye; urgency=medium . * Rebuild for bullseye. . nvidia-graphics-drivers-legacy-390xx (390.157-1) unstable; urgency=medium . * New upstream legacy branch release 390.157 (2022-11-22). * Fixed CVE-2022-34670, CVE-2022-34674, CVE-2022-34675, CVE-2022-34677, CVE-2022-34680, CVE-2022-42257, CVE-2022-42258, CVE-2022-42259. https://nvidia.custhelp.com/app/answers/detail/a_id/5415 (Closes: #1025281) * Improved compatibility with recent Linux kernels. . [ Andreas Beckmann ] * Refresh patches. * Rename the internally used ARCH variable which might clash on externally set values. * Use substitutions for ${nvidia-kernel} and friends (510.108.03-1). * Try to compile a kernel module at package build time (510.108.03-1). . nvidia-graphics-drivers-legacy-390xx (390.154-2) unstable; urgency=medium . * Backport nv_install_notifier changes from 418.30, acpi changes from 430.09, 510.85.02 and 515.65.01, drm_frambuffer.h changes from 515.76 to fix kernel module build for Linux 6.0. nvidia-graphics-drivers-legacy-390xx (390.154-2) unstable; urgency=medium . * Backport nv_install_notifier changes from 418.30, acpi changes from 430.09, 510.85.02 and 515.65.01, drm_frambuffer.h changes from 515.76 to fix kernel module build for Linux 6.0. nvidia-graphics-drivers-legacy-390xx (390.154-1) unstable; urgency=medium . * New upstream legacy branch release 390.154 (2022-08-02). * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016616) https://nvidia.custhelp.com/app/answers/detail/a_id/5383 * Improved compatibility with recent Linux kernels. . [ Andreas Beckmann ] * Refresh patches. * Minor packaging sync and cleanup (470.129.06-6). * Drop references to kernel-package and make-kpkg, gone since stretch (470.141.03-1). * Overhaul build-module-packages.sh (470.141.03-1). * Add module-assistant based autopkgtest for the *-source package (470.141.03-1). * Simplify changelog management for the *-source package (470.141.03-1). * Copy the Source stanza from d/control to the module control file (470.141.03-1). * Update lintian overrides. nvidia-graphics-drivers-tesla-450 (450.216.04-1~deb11u1) bullseye; urgency=medium . * Rebuild for bullseye. . nvidia-graphics-drivers-tesla-450 (450.216.04-1) unstable; urgency=medium . * New upstream Tesla release 450.203.03 (2022-11-22). * Fixed CVE-2022-34670, CVE-2022-34674, CVE-2022-34675, CVE-2022-34677, CVE-2022-34679, CVE-2022-34680, CVE-2022-34682, CVE-2022-42254, CVE-2022-42256, CVE-2022-42257, CVE-2022-42258, CVE-2022-42259, CVE-2022-42260, CVE-2022-42261, CVE-2022-42262, CVE-2022-42263, CVE-2022-42264. (Closes: #1025283) https://nvidia.custhelp.com/app/answers/detail/a_id/5415 - Improved performance on GPUs which are experiencing a high number of correctable ECC memory errors. * Improved compatibility with recent Linux kernels. * New upstream Tesla release (amd64 only) 450.203.08 (2022-10-19). . [ Andreas Beckmann ] * Refresh patches. * Add missing #includes to fix kernel module build for ppc64el. * Rename the internally used ARCH variable which might clash on externally set values. * Use substitutions for ${nvidia-kernel} and friends (510.108.03-1). * Try to compile a kernel module at package build time (510.108.03-1). . nvidia-graphics-drivers-tesla-450 (450.203.03-2) unstable; urgency=medium . * Backport acpi changes from 510.85.02 and 515.65.01, drm_frambuffer.h changes from 515.76 to fix kernel module build for Linux 6.0. * Add support for unversioned Tesla packages (tesla 510.85.02-1). nvidia-graphics-drivers-tesla-450 (450.203.03-2) unstable; urgency=medium . * Backport acpi changes from 510.85.02 and 515.65.01, drm_frambuffer.h changes from 515.76 to fix kernel module build for Linux 6.0. * Add support for unversioned Tesla packages (tesla 510.85.02-1). nvidia-graphics-drivers-tesla-450 (450.203.03-1) unstable; urgency=medium . * New upstream Tesla release 450.203.03 (2022-08-02). * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016618) https://nvidia.custhelp.com/app/answers/detail/a_id/5383 * Improved compatibility with recent Linux kernels. . [ Andreas Beckmann ] * Replace obsolete pci_*() functions with their dma_*() counterparts in ppc64el specific code paths to fix kernel module build for ppc64el. * Refresh patches. * Drop references to kernel-package and make-kpkg, gone since stretch (470.141.03-1). * Overhaul build-module-packages.sh (470.141.03-1). * Add module-assistant based autopkgtest for the *-source package (470.141.03-1). * Simplify changelog management for the *-source package (470.141.03-1). * Copy the Source stanza from d/control to the module control file (470.141.03-1). nvidia-graphics-drivers-tesla-470 (470.161.03-1~deb11u1) bullseye; urgency=medium . * Rebuild for bullseye. . nvidia-graphics-drivers-tesla-470 (470.161.03-1) unstable; urgency=medium . * New upstream production branch release 470.161.03 (2022-11-22). * Fixed CVE-2022-34670, CVE-2022-34674, CVE-2022-34675, CVE-2022-34677, CVE-2022-34679, CVE-2022-34680, CVE-2022-34682, CVE-2022-42254, CVE-2022-42255, CVE-2022-42256, CVE-2022-42257, CVE-2022-42258, CVE-2022-42259, CVE-2022-42260, CVE-2022-42261, CVE-2022-42262, CVE-2022-42263, CVE-2022-42264. (Closes: #1025285) https://nvidia.custhelp.com/app/answers/detail/a_id/5415 - Fixed a bug that caused the Xorg server to crash if an NvFBC capture session is started while video memory is full. * Improved compatibility with recent Linux kernels. * New upstream Tesla release (amd64 only) 470.141.10 (2022-10-19). . [ Andreas Beckmann ] * Refresh patches. * Add missing #includes to fix kernel module build for ppc64el. * Rename the internally used ARCH variable which might clash on externally set values. * Use substitutions for ${nvidia-kernel} and friends (510.108.03-1). * Try to compile a kernel module at package build time (510.108.03-1). . nvidia-graphics-drivers (470.161.03-1) bullseye; urgency=medium . * New upstream production branch release 470.161.03 (2022-11-22). * Fixed CVE-2022-34670, CVE-2022-34674, CVE-2022-34675, CVE-2022-34677, CVE-2022-34679, CVE-2022-34680, CVE-2022-34682, CVE-2022-42254, CVE-2022-42255, CVE-2022-42256, CVE-2022-42257, CVE-2022-42258, CVE-2022-42259, CVE-2022-42260, CVE-2022-42261, CVE-2022-42262, CVE-2022-42263, CVE-2022-42264. (Closes: #1025279) https://nvidia.custhelp.com/app/answers/detail/a_id/5415 - Fixed a bug that caused the Xorg server to crash if an NvFBC capture session is started while video memory is full. * Improved compatibility with recent Linux kernels. (Closes: #1024852) * New upstream Tesla release (amd64 only) 470.141.10 (2022-10-19). . [ Andreas Beckmann ] * Refresh patches. * Add missing #includes to fix kernel module build for ppc64el. * Rename the internally used ARCH variable which might clash on externally set values. * Use substitutions for ${nvidia-kernel} and friends (510.108.03-1). * Try to compile a kernel module at package build time (510.108.03-1). * Upload to bullseye. . nvidia-graphics-drivers-tesla-470 (470.141.03-3) unstable; urgency=medium . * Backport get_task_ioprio changes from 510.85.02, acpi changes from 510.85.02 and 515.65.01, drm_frambuffer.h changes from 515.76 to fix kernel module build for Linux 6.0. (Closes: #1021974, #1022738) . nvidia-graphics-drivers-tesla-470 (470.141.03-2) unstable; urgency=medium . * Rebuild as Tesla 470 driver. . nvidia-graphics-drivers (470.141.03-2) unstable; urgency=medium . * Add support for unversioned Tesla packages (tesla 510.85.02-1). (Closes: #1020697) * Switch *-source to a modern module-assistant based template. * Drop support for kernel-package and make-kpkg, gone since stretch. nvidia-graphics-drivers-tesla-470 (470.141.03-3) unstable; urgency=medium . * Backport get_task_ioprio changes from 510.85.02, acpi changes from 510.85.02 and 515.65.01, drm_frambuffer.h changes from 515.76 to fix kernel module build for Linux 6.0. (Closes: #1021974) nvidia-graphics-drivers-tesla-470 (470.141.03-2) unstable; urgency=medium . * Rebuild as Tesla 470 driver. . nvidia-graphics-drivers (470.141.03-2) unstable; urgency=medium . * Add support for unversioned Tesla packages (510.85.02-2). (Closes: #1020697) * Switch *-source to a modern module-assistant based template. * Drop support for kernel-package and make-kpkg, gone since stretch. . nvidia-graphics-drivers-tesla-470 (470.141.03-1~deb11u1) bullseye; urgency=medium . * Rebuild for bullseye. nvidia-graphics-drivers-tesla-470 (470.141.03-1) unstable; urgency=medium . * New upstream Tesla release 470.141.03 (2022-08-02). * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016620) https://nvidia.custhelp.com/app/answers/detail/a_id/5383 - Added support for the following GPU: GeForce RTX 3050 OEM. * Improved compatibility with recent Linux kernels. . [ Andreas Beckmann ] * Re-enable autopkgtest on ppc64el, fixed in Linux 5.19. omnievents (1:2.6.2-5.1+deb11u1) bullseye; urgency=medium . * debian/control: Added 'libjs-jquery' as a dependency of 'omnievents-doc' to fix broken symlinks that prevent reading part of the documentation. . Closes: #989339 onionshare (2.2-3+deb11u1) bullseye; urgency=medium . * Backport upstream fix for CVE-2022-21690 * Backport upstream fix for CVE-2022-21689 openexr (2.5.4-2+deb11u1) bullseye-security; urgency=high . * Non-maintainer upload. * Fix CVE-2021-3598, CVE-2021-3605, CVE-2021-3933, CVE-2021-3941, CVE-2021-23215, CVE-2021-26260 and CVE-2021-45942. Multiple security vulnerabilities have been found in OpenEXR, command-line tools and a library for the OpenEXR image format. Buffer overflows or out-of-bound reads could lead to a denial of service (application crash) if a malformed image file is processed. (Closes: #992703, #990450, #990899, #1014828, #1014828) openvpn-auth-radius (2.1-7+deb11u1) bullseye; urgency=medium . * Add patch to support verify-client-cert directive in openvpn 2.4 (Closes: #954264) pcs (0.10.8-1+deb11u1) bullseye-security; urgency=high . * d/patches: add fixes for CVE-2022-1049 and CVE-2022-2735 (Closes: #1018930) php-twig (2.14.3-1+deb11u2) bullseye-security; urgency=medium . [ David Prevot ] * Backport security fix from 3.4.3 [CVE-2022-39261] Fix possibility to load a template outside a configured directory when using the filesystem loader. (Closes: #1020991) php7.4 (7.4.33-1+deb11u1) bullseye-security; urgency=high . * New upstream version 7.4.33 + CVE-2022-37454: buffer overflow in hash_update() on long parameter + CVE-2022-31630: OOB read due to insufficient input validation in imageloadfont() pixman (0.40.0-1.1~deb11u1) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. * Rebuild for bullseye-security. . pixman (0.40.0-1.1) unstable; urgency=medium . * Non-maintainer upload. * Avoid integer overflow leading to out-of-bounds write (CVE-2022-44638) (Closes: #1023427) poppler (20.09.0-3.1+deb11u1) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. * Hints::readTables: bail out if we run out of file when reading (CVE-2022-27337) (Closes: #1010695) * JBIG2Stream: Fix crash on broken file (CVE-2022-38784) (Closes: #1018971) postfix (3.5.17-0+deb11u1) bullseye; urgency=medium . [Scott Kitterman] . * Delete debian/patches/postfix-dup-postconf.patch, earlier backport now upstream (from 3.5.14) . [Wietse Venema] . * 3.5.14 - Bugfix (introduced: 20210708): duplicate bounce_notice_recipient entries in postconf output. The fix to send SMTP session transcripts to bounce_notice_recipient was incomplete. Reported by Vincent Lefevre. File: smtpd/smtpd.c. . - Bugfix (introduced: Postfix 3.0): the proxymap daemon did not automatically authorize proxied maps inside pipemap (example: pipemap:{proxy:maptype:mapname, ...}) or inside unionmap. Problem reported by Mirko Vogt. Files: proxymap/proxymap.c. . - Bugfix (introduced: Postfix 2.5): off-by-one error while writing a string terminator. This code had passed all memory corruption tests, presumably because it wrote over an alignment padding byte, or over an adjacent character byte that was never read. Reported by Robert Siemer. Files: *qmgr/qmgr_feedback.c. . - Cleanup: added missing _maps parameter names to the proxy_read_maps default value, based on output from the mantools/missing-proxy-read-maps script. File: global/mail_params.h. . * 3.5.15 - Bitrot: Glibc 2.34 implements closefrom(). File: util/sys_defs.h. . - Bitrot: Berkeley DB 18 is like Berkeley DB 6. Yasuhiro Kimura. File: util/dict_db.c. . * 3.5.16 - Cleanup: added missing _checks, _reply_footer, _reply_filter, _command_filter, and _delivery_status_filter parameter names to the proxy_read_maps default value. Files: global/mail_params.h, mantools/missing-proxy-read-maps. . - Bugfix: in an internal client module, "host or service not found" was a fatal error, causing the milter_default_action setting to be ignored. It is now a non-fatal error. The same client is used by many Postfix clients (smtpd_proxy, dovecot auth, tcp_table, memcache, socketmap, and so on). Problem reported by Christian Degenkolb. File: util/inet_connect.c. . - Cleanup (problem introduced: Postfix 3.0): with dynamic map loading enabled, an attempt to create a map with "postmap regexp:path" would result in a bogus error message "Is the postfix-regexp package installed?" instead of "unsupported map type for this operation". This happened with all built-in map types (static, cidr, etc.) that have no 'bulk create' support. Problem reported by Greg Klanderman. File: global/dynamicmaps.c. . - Cleanup (problem introduced: Postfix 2.7): milter_header_checks maps are now opened before the cleanup server enters the chroot jail. Problem reported by Jesper Dybdal. Files: cleanup/cleanup.h, cleanup/cleanup_init.c, cleanup/cleanup_milter.c, cleanup/cleanup_state.c. . * 3.5.17 - Cleanup: Postfix 3.5.0 introduced debug logging noise in map_search_create(). Files: global/map_search.c. . - Workaround: in a TLS server disable Postfix's 1-element internal session cache, to work around an OpenSSL 3.0 regression that broke TLS handshakes. It is rarely useful. Report by Spil Oss, fix by Viktor Dukhovni. File: tls/tls_server.c. . - Cleanup: Postfix 3.3.0 introduced an uninitialized verify_append() request status in case of a null original recipient address. File: global/verify.c. . - Cleanup: Postfix 3.5.16 introduced a missing msg_panic() argument (in code that never executes). File: cleanup/cleanup_milter.c. postfix (3.5.13-1) unstable; urgency=medium . [Wietse Venema] . * 3.5.13 . [Aaron Thompson] . * Support non-default instance config directories. . [Scott Kitterman] . * Refresh patches postgresql-13 (13.9-0+deb11u1) bullseye; urgency=medium . * New upstream version. powerline-gitstatus (1.3.2-0+deb11u1) bullseye; urgency=medium . * New upstream version 1.3.2 - Fix command injection via malicious repository config (CVE-2022-42906) powerline-gitstatus (1.3.1-4) unstable; urgency=medium . [ Jérôme Charaoui ] * Refresh default colorscheme patch to fix FTBFS powerline-gitstatus (1.3.1-3) unstable; urgency=medium . [ Ondřej Nový ] * d/control: Update Maintainer field with new Debian Python Team contact address. * d/control: Update Vcs-* fields with new Debian Python Team Salsa layout. pypy3 (7.3.5+dfsg-2+deb11u2) bullseye-security; urgency=medium . * Patch: Resolve CVE-2022-37454, a buffer overflow in SHA-3 (Keccak). pysha3 (1.0.2-4.1+deb11u1) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix a buffer overflow issue in SHA-3 CVE-2022-37454 (Closes: #1023030). pysubnettree (0.33-1+deb11u1) bullseye; urgency=medium . * Fix moving/copying files in debian/rules so as not to leave a mix of rebuilt and non-rebuilt files in the binary and update clean rule (Closes: #1005044) python-django (2:2.2.28-1~deb11u1) bullseye-security; urgency=medium . * New upstream security release: . - CVE-2022-28346: Prevent a potential SQL injection in QuerySet.annotate(), aggregate() and extra(). These methods were subject to SQL injection in column aliases. (Closes: #1009677) . - CVE-2022-28347: Prevent a SQL injection attack via QuerySet.explain(**options) when using the PostgreSQL database. QuerySet.explain() method was subject to SQL injection in option names. (Closes: #1009677) . * Incorporates changes from previous 2.2.27 security release: . - CVE-2022-22818: Prevent a possible XSS vulnerability via the {% debug %} template tag. This tag didn't correctly encode the current context, posing an XSS attack vector. In order to avoid this vulnerability, {% debug %} no longer outputs information when the DEBUG setting is False, and it ensures all context variables are correctly escaped when the DEBUG setting is True. (Closes: #1004752) . - CVE-2022-23833: Prevent a denial-of-service opportunity in file uploads. Passing certain inputs to multipart forms could result in an infinite loop when parsing files. (Closes: #1004752) . * Additionally backport the following patches from upstream: . - CVE-2022-34265: Prevent an issue with the Trunc() and Extract() database functions which were potentially subject to SQL injection if untrusted data was used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list were unaffected by this vulnerability. (Closes: #1014541) . - CVE-2022-36359: Fix a reflected file download (RFD) attack that could be exploited if the application sets the Content-Disposition header of a FileResponse derived from user-supplied input. . - CVE-2022-41323: Prevent a potential denial-of-service vulnerability in internationalised URLs that was exploitable via the "locale" parameter. This is now escaped to avoid this possibility. snapd (2.49-1+deb11u2) bullseye-security; urgency=high . * SECURITY UPDATE: Local privilege escalation - snap-confine: Fix race condition in snap-confine when preparing a private tmp mount namespace for a snap - CVE-2022-3328 speech-dispatcher (0.10.2-2+deb11u2) bullseye; urgency=medium . * patches/buffer_size: Reduce espeak buffer size to avoid synth artifacts. spf-engine (2.9.2-1+deb11u1) bullseye; urgency=medium . * Add d/p/0002-fix-leftover-import.patch from upstream to fix pyspf-milter failing to start due to an invalid import statement (Closes: #1008828) squid (4.13-10+deb11u2) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. * Exposure of Sensitive Information in Cache Manager (CVE-2022-41317) (Closes: #1020587) * Buffer Over Read in SSPI and SMB Authentication (CVE-2022-41318) (Closes: #1020586) strongswan (5.9.1-1+deb11u3) bullseye-security; urgency=medium . * d/p/0009-credential-manager-Do-online-revocation-checks-only- added. Fix CVE-2022-40617, denial of service due to revocation plugin potentially using untrusted OCSP URIs and CRL distribution in certificates (Closes: #1021271) tinyexr (1.0.0+dfsg-1+deb11u1) bullseye; urgency=medium . * Fix vulnerabilities. - CVE-2022-34300: Heap overflow in DecodePixelData - CVE-2022-38529: Heap overflow in rleUncompress tinygltf (2.5.0+dfsg-3+deb11u1) bullseye-security; urgency=medium . * CVE-2022-3008: Disable unsafe file path expansion (Closes: #1019357) tinyxml (2.6.2-4+deb11u1) bullseye; urgency=medium . * Import fix for CVE-2021-42260. - Add CVE-2021-42260.patch tomcat9 (9.0.43-2~deb11u4) bullseye-security; urgency=high . * Team upload. * Fix CVE-2021-43980: The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing (but extremely hard to trigger) concurrency bug that could cause client connections to share an Http11Processor instance resulting in responses, or part responses, to be received by the wrong client. * Fix CVE-2022-23181: The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is using. This issue is only exploitable when Tomcat is configured to persist sessions using the FileStore. * Fix CVE-2022-29885: The documentation of Apache Tomcat for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide confidentiality and integrity protection, it does not protect against all risks associated with running over any untrusted network, particularly DoS risks. tzdata (2021a-1+deb11u8) bullseye; urgency=medium . * Cherry-pick patches from upstream: - 14-fiji-dst.patch: Fiji no longer observes DST. - 15-mexico-dst.patch: Mexico will no longer observe DST except near the US border. Chihuahua moves to year-round -06 on 2022-10-30. tzdata (2021a-1+deb11u7) bullseye; urgency=medium . * Cherry-pick patches from upstream: - 12-syria-dst.patch: Syria is abandoning the DST regime and is changing to permanent +03, so it will not fall back from +03 to +02 on 2022-10-28. - 13-jordan-dst.patch: Jordan is abandoning the DST regime and are changing to permanent +03, so it will not fall back from +03 to +02 on 2022-10-28. tzdata (2021a-1+deb11u6) bullseye; urgency=medium . * Cherry-pick patches from upstream: - 10-no-leap-second-2022-12-31.patch: update leap-seconds.list, new expiration date on 28 June 2023. - 11-palestine-dst3.patch: Palestine transitions are now Saturdays at 02:00. This means 2022 falls back 10-29 at 02:00, not 10-28 at 01:00. virglrenderer (0.8.2-5+deb11u1) bullseye; urgency=medium . * Non-maintainer upload by the LTS Security Team. * Cherry-pick upstream fix for CVE-2022-0135. (Closes: #1009073) vlc (3.0.18-0+deb11u1) bullseye-security; urgency=medium . * New upstream version 3.0.18 - Fix buffer overflow in the vnc module (CVE-2022-41325) * debian/: Remove sndio module The sndio version in bullseye is no longer detected. vlc (3.0.18~rc2-1) unstable; urgency=medium . * New upstream version 3.0.18~rc2 * debian/control: Remove patches included upstream vlc (3.0.17.4-5) unstable; urgency=medium . * debian/rules: - Revert "Disable libva support" - Do not pass any libva flags (Closes: #1021032) (LP: #1991457) vlc (3.0.17.4-4) unstable; urgency=medium . * debian/control: Bump Standards-Version * debian/: Disable libva support vlc's libva support and ffmpeg 5.0 are not compatible. vlc (3.0.17.4-3) unstable; urgency=medium . * debian/control: Move vlc-plugin-pipewire to Suggests The pipewire plugin fails to recognize some configurations where pipewire is available but not used as sound server. * debian/patches: Fix build with caca 0.99.beta20 vlc (3.0.17.4-2) unstable; urgency=medium . * debian/patches: Apply upstream patches to fix build with dav1d 1.0.0 (Closes: #1008609) * debian/control: Recommend vlc-plugin-pipewire vlc (3.0.17.4-1) unstable; urgency=medium . * New upstream version 3.0.17.4 webkit2gtk (2.38.2-1~deb11u1) bullseye-security; urgency=medium . * Rebuild for bullseye-security. * gcc 10 segfaults when building webkit in amd64 (see #1008098) so use clang instead. Keep using gcc in other architectures because clang has problems in at least i386, arm64 and mipsel (see #1010329 and #1016811). - debian/rules: Tell CMake to use clang. - debian/control.in: Build depend on clang. * Build libsoup2 packages only. - debian/rules: Set ENABLE_SOUP3=NO, ENABLE_GTK4=NO and USE_PREBUILT_DOCS=YES. - debian/control.in: Remove build dependency on ccache. webkit2gtk (2.38.1-1) unstable; urgency=medium . * New upstream release. * Refresh all patches. webkit2gtk (2.38.0-3) unstable; urgency=high . * debian/patches/fix-nonunified-build.patch: - Fix non-unified GTK4 build. webkit2gtk (2.38.0-2) unstable; urgency=high . * The WebKitGTK security advisory WSA-2022-0009 lists the following security fixes in the latest versions of WebKitGTK: - CVE-2022-32891 (fixed in 2.36.5). - CVE-2022-32886 and CVE-2022-32912 (fixed in 2.36.8). * debian/rules: - Build with -DENABLE_UNIFIED_BUILDS=OFF on mips, mipsel and sh4, we are having problems to build webkit due to lack of memory (#1020642). webkit2gtk (2.38.0-1) unstable; urgency=high . * New upstream release (Closes: #986218). * debian/rules: - Add USE_PREBUILT_DOCS variable to allow using the prebuilt documentation included in the upstream tarball when gi-docgen is missing. * Bring all changes from the 2.37 (experimental) branch. * debian/gbp.conf: - Update upstream branch name. * Generate debian/control from debian/control.in and control-common.in depending on whether we're making the soup2 (4.0 API), soup3 (4.1 API) and/or gtk4 (5.0 API) builds. * debian/rules: - Add new target to generate debian/control. - Enable the GTK4 build (Closes: #1016765). - ENABLE_GTKDOC is now ENABLE_DOCUMENTATION. - Make CCACHE_DIR and CCACHE_NOHASHDIR global variables so they also apply to the install target. This fixes a FTBFS if the home dir is not writable (as is the case with buildds) * debian/control.in: - Remove build dependency on libnotify-dev (no longer used by WebKit). - Replace build dependency on gtk-doc-tools with gi-docgen. * The documentation has been renamed from webkitdomgtk to webkit2gtk-web-extension and from jsc-glib to javascriptcoregtk. - Update debian/libwebkit2gtk-4.0-doc.doc-base.* and debian/libwebkit2gtk-4.0-doc.links. * Refresh all patches. * debian/source/lintian-overrides: - Update source-is-missing overrides. * debian/copyright: - Update copyright information of all files. * debian/libwebkit2gtk-4.0-37.symbols: - Update symbols. webkit2gtk (2.38.0-1~deb11u1) bullseye-security; urgency=high . * Rebuild for bullseye-security. * gcc 10 segfaults when building webkit in some architectures (see #1008098) so use clang instead. The exceptions are i386 and mipsel, where gcc works fine but clang is the buggy one (see #1010329). - debian/rules: Tell CMake to use clang. - debian/control.in: Build depend on clang. * Build libsoup2 packages only. - debian/rules: Set ENABLE_SOUP3=NO, ENABLE_GTK4=NO and USE_PREBUILT_DOCS=YES. - debian/control.in: Remove build dependency on ccache. webkit2gtk (2.37.91-1) experimental; urgency=medium . * New upstream development release (Closes: #986218). webkit2gtk (2.37.90-1) experimental; urgency=medium . * New upstream development release. * Generate debian/control from debian/control.in and control-common.in depending on whether we're making the soup2 (4.0 API), soup3 (4.1 API) and/or gtk4 (5.0 API) builds. - debian/rules: Add new target to generate debian/control. * debian/rules: - Enable wpe on Ubuntu now that the MIR has been accepted (thanks, Sebastien Bacher) (#1016585). - Enable the GTK4 build (Closes: #1016765). * debian/control.in: - Remove build dependency on libnotify-dev (no longer used by WebKit). * debian/patches/fix-ftbfs-cloop.patch: - Drop this patch. * debian/source/lintian-overrides: - Update source-is-missing overrides. * debian/copyright: - Remove obsolete entries. webkit2gtk (2.37.1-2) experimental; urgency=medium . * debian/rules: - Make CCACHE_DIR and CCACHE_NOHASHDIR global variables so they also apply to the install target. This fixes a FTBFS if the home dir is not writable (as is the case with buildds) webkit2gtk (2.37.1-1) experimental; urgency=medium . * New upstream development release. * debian/watch, debian/gbp.conf: - Update for 2.37.x packages in experimental. * Refresh all patches. * debian/patches/fix-ftbfs-cloop.patch: - Fix FTBFS in i386 and other architectures. * debian/libwebkit2gtk-4.0-37.symbols: - Update symbols. * debian/control: - Replace build dependency on gtk-doc-tools with gi-docgen. * debian/rules: - ENABLE_GTKDOC is now ENABLE_DOCUMENTATION. * debian/source/lintian-overrides: - Update source-is-missing overrides. * debian/copyright: - Update copyright information of all files. * The documentation has been renamed from webkitdomgtk to webkit2gtk-web-extension and from jsc-glib to javascriptcoregtk. - Update debian/libwebkit2gtk-4.0-doc.doc-base.* and debian/libwebkit2gtk-4.0-doc.links. webkit2gtk (2.36.7-1) unstable; urgency=high . * New upstream release. wordpress (5.7.8+dfsg1-0+deb11u2) bullseye-security; urgency=high . * Rebuild with bullseye dependencies Closes: #1024249 wordpress (5.7.8+dfsg1-0+deb11u1) bullseye-security; urgency=high . * WordPress 5.7.6 backport of patches from 5.9.2 Closes: #1007005 * WordPress 5.7.7 backport of patches from 6.0.2 Closes: #1018863 - Possible link SQL injection within the Link API - XSS in Plugins screen - Output escaping issue within the_meta() * Wordpress 5.7.8 backport of patches from 6.0.3 Closes: #1022575 - Stored XSS via wp-mail.php (post by email) - Open redirect in `wp_nonce_ays` - Sender’s email address is exposed in wp-mail.php - Media Library – Reflected XSS via SQLi - CSRF in wp-trackback.php - Stored XSS via the Customizer - Stored XSS in WordPress Core via Comment Editing - Data exposure via the REST Terms/Tags Endpoint - Content from multipart emails leaked - SQL Injection due to improper sanitization in `WP_Date_Query` - RSS Widget: Stored XSS issue - Stored XSS in the search block - Feature Image Block: XSS issue - RSS Block: Stored XSS issue - Fix widget block XSS wpewebkit (2.38.2-1~deb11u1) bullseye-security; urgency=high . * Rebuild for bullseye-security. * gcc 10 segfaults when building webkit in amd64 (see #1008098) so use clang instead. Keep using gcc in other architectures because clang has problems in at least i386, arm64 and mipsel (see #1010329 and #1016811). - debian/rules: Tell CMake to use clang. - debian/control.in: Build depend on clang. * Use libsoup2 instead of libsoup3: - debian/rules: Set USE_SOUP_VERSION=2. wpewebkit (2.38.1-1) unstable; urgency=medium . * New upstream release. wpewebkit (2.38.0-1) unstable; urgency=high . * New upstream release. * The WPE WebKit security advisory WSA-2022-0009 lists the following security fixes in the latest versions of WPE WebKit: - CVE-2022-32891 (fixed in 2.36.5). - CVE-2022-32886 and CVE-2022-32912 (fixed in 2.36.8). * Refresh all patches. * Update copyright information of all files. * debian/gbp.conf: - Update upstream branch name. * debian/source/lintian-overrides: - Update source-is-missing overrides. * debian/control.in: - Replace build dependency on gtk-doc-tools with gi-docgen, gobject-introspection and libgirepository1.0-dev. * debian/not-installed: - Don't install the generated g-i files, at the moment we're only using them to build the documentation. * debian/libwpewebkit-1.0-doc.doc-base.*: - Replace the old doc-base files with wpe-webkit, wpe-javascriptcore and wpe-web-extension. Note that we are always shipping the 1.1 API docs now, but the package name is still named 1.0-doc to make backports easier. * debian/libwpewebkit-1.0-doc.{install,links}: - Install the docs in /usr/share/gtk-doc and link them from /usr/share/doc. * debian/rules: - Add USE_PREBUILT_DOCS variable to allow using the prebuilt documentation included in the upstream tarball when gi-docgen is missing. wpewebkit (2.38.0-1~deb11u1) bullseye-security; urgency=high . * Rebuild for bullseye-security. * gcc 10 segfaults when building webkit (see #1008098) so use clang instead. - debian/rules: tell CMake to user clang in all arches except i386 and mipsel (see #1010329) - debian/control.in: Build depend on clang. * Use libsoup2 instead of libsoup3: - debian/rules: Set USE_SOUP_VERSION=2. wpewebkit (2.36.7-1) unstable; urgency=high . * New upstream release. * The WPE WebKit security advisory WSA-2022-0008 lists the following security fixes in the latest versions of WPE WebKit - CVE identifiers: CVE-2022-32792 (fixed in 2.36.7). x2gothinclient (1.5.0.1-6+deb11u1) bullseye; urgency=medium . * debian/control: + Add 'Provides: lightdm-greeter' to x2gothinclient-minidesktop bin:pkg. The X2Go TCE minidesktop implementation utilizes lightdm via its autologin feature. (Closes: #1003418). xen (4.14.5+86-g1c354767d5-1) bullseye-security; urgency=medium . * Update to new upstream version 4.14.5+86-g1c354767d5, which also contains security fixes for the following issues: (Closes: #1021668) - Xenstore: guests can let run xenstored out of memory XSA-326 CVE-2022-42311 CVE-2022-42312 CVE-2022-42313 CVE-2022-42314 CVE-2022-42315 CVE-2022-42316 CVE-2022-42317 CVE-2022-42318 - insufficient TLB flush for x86 PV guests in shadow mode XSA-408 CVE-2022-33745 - Arm: unbounded memory consumption for 2nd-level page tables XSA-409 CVE-2022-33747 - P2M pool freeing may take excessively long XSA-410 CVE-2022-33746 - lock order inversion in transitive grant copy handling XSA-411 CVE-2022-33748 - Xenstore: Guests can crash xenstored XSA-414 CVE-2022-42309 - Xenstore: Guests can create orphaned Xenstore nodes XSA-415 CVE-2022-42310 - Xenstore: Guests can cause Xenstore to not free temporary memory XSA-416 CVE-2022-42319 - Xenstore: Guests can get access to Xenstore nodes of deleted domains XSA-417 CVE-2022-42320 - Xenstore: Guests can crash xenstored via exhausting the stack XSA-418 CVE-2022-42321 - Xenstore: Cooperating guests can create arbitrary numbers of nodes XSA-419 CVE-2022-42322 CVE-2022-42323 - Oxenstored 32->31 bit integer truncation issues XSA-420 CVE-2022-42324 - Xenstore: Guests can create arbitrary number of nodes via transactions XSA-421 CVE-2022-42325 CVE-2022-42326 * The upstream Xen changes now also contain the first mentioned patch of XSA-403 ("Linux disk/nic frontends data leaks") for stable branch lines. For more information, please refer to the XSA-403 advisory text. * Note that the following XSA are not listed, because... - XSA-412 only applies to Xen 4.16 and newer - XSA-413 applies to XAPI which is not included in Debian * Correct a typo in the previous changelog entry. xfce4-settings (4.16.0-1+deb11u1) bullseye-security; urgency=medium . * d/gbp.conf: follow bullseye-security branch. Gbp-dch: ignore * d/patches: 0002-mime-settings-Properly-quote-command-parameters added. Fix argument injection in xfce4-mime-helper (CVE-2022-45062) (Closes: #1023732) xfig (1:3.2.8-3+deb11u1) bullseye; urgency=medium . * 10_CVE-2021-40241: Avoid buffer overflow in LANG (CVE-2021-40241) (Closes: #992395). xorg-server (2:1.20.11-1+deb11u3) bullseye-security; urgency=medium . * xkb: proof GetCountedString against request length attacks (CVE-2022-3550) * xkb: fix some possible memleaks in XkbGetKbdByName (CVE-2022-3551) ====================================== Sat, 10 Sep 2022 - Debian 11.5 released ====================================== ========================================================================= [Date: Sat, 10 Sep 2022 08:50:11 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: evenement | 3.0.1-2.1 | source php-evenement | 3.0.1-2.1 | all Closed bugs: 1006447 ------------------- Reason ------------------- RoM; unmaintained; only needed for already-removed movim ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 08:50:34 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: php-cocur-slugify | 4.0.0-2 | source, all Closed bugs: 1019065 ------------------- Reason ------------------- RoM; unmaintained; only needed for already-removed movim ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 08:50:54 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: php-defuse-php-encryption | 2.2.1-1.1 | source, all Closed bugs: 1019066 ------------------- Reason ------------------- RoM; unmaintained; only needed for already-removed movim ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 08:51:39 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: php-dflydev-fig-cookies | 2.0.0-1.1 | source, all Closed bugs: 1019067 ------------------- Reason ------------------- RoM; unmaintained; only needed for already-removed movim ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 08:52:06 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: php-embed | 3.3.9-1.1 | source, all Closed bugs: 1019068 ------------------- Reason ------------------- RoM; unmaintained; only needed for already-removed movim ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 08:52:24 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: php-fabiang-sasl | 1.0.1-1 | source, all Closed bugs: 1019069 ------------------- Reason ------------------- RoM; unmaintained; only needed for already-removed movim ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 08:52:44 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: php-markdown | 1.8.0-1.1 | source, all Closed bugs: 1019070 ------------------- Reason ------------------- RoM; unmaintained; only needed for already-removed movim ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 08:53:02 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: php-raintpl | 3.1.0+dfsg-1.1 | source, all Closed bugs: 1019071 ------------------- Reason ------------------- RoM; unmaintained; only needed for already-removed movim ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 08:53:21 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: php-react-child-process | 0.6.1-1 | source, all Closed bugs: 1019072 ------------------- Reason ------------------- RoM; unmaintained; only needed for already-removed movim ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 08:53:46 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: php-react-http | 0.8.6-1 | source, all Closed bugs: 1019073 ------------------- Reason ------------------- RoM; unmaintained; only needed for already-removed movim ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 08:54:06 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: php-respect-validation | 1.1.29-2.1 | source, all Closed bugs: 1019074 ------------------- Reason ------------------- RoM; unmaintained; only needed for already-removed movim ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 08:55:38 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: php-robmorgan-phinx | 0.9.2-3 | source, all Closed bugs: 1019075 ------------------- Reason ------------------- RoM; unmaintained; only needed for already-removed movim ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 08:55:57 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: php-ratchet-pawl | 0.3.4-1.1 | all ratchet-pawl | 0.3.4-1.1 | source Closed bugs: 1019076 ------------------- Reason ------------------- RoM; unmaintained; only needed for already-removed movim ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 08:56:19 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: php-ratchet-rfc6455 | 0.2.4-2.1 | all ratchet-rfc6455 | 0.2.4-2.1 | source Closed bugs: 1019077 ------------------- Reason ------------------- RoM; unmaintained; only needed for already-removed movim ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 08:56:35 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: php-cboden-ratchet | 0.4.2-1 | all ratchetphp | 0.4.2-1 | source Closed bugs: 1019078 ------------------- Reason ------------------- RoM; unmaintained; only needed for already-removed movim ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 08:56:56 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: php-react-cache | 0.5.0-1.1 | all reactphp-cache | 0.5.0-1.1 | source Closed bugs: 1019079 ------------------- Reason ------------------- RoM; unmaintained; only needed for already-removed movim ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 08:57:15 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: php-react-dns | 1.2.0-1 | all reactphp-dns | 1.2.0-1 | source Closed bugs: 1019080 ------------------- Reason ------------------- RoM; unmaintained; only needed for already-removed movim ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 08:57:41 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: php-react-event-loop | 1.0.0-1.1 | all reactphp-event-loop | 1.0.0-1.1 | source Closed bugs: 1019081 ------------------- Reason ------------------- RoM; unmaintained; only needed for already-removed movim ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 08:57:59 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: php-react-promise-stream | 1.1.1-3.1 | all reactphp-promise-stream | 1.1.1-3.1 | source Closed bugs: 1019082 ------------------- Reason ------------------- RoM; unmaintained; only needed for already-removed movim ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 08:58:16 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: php-react-promise-timer | 1.5.0-2.1 | all reactphp-promise-timer | 1.5.0-2.1 | source Closed bugs: 1019083 ------------------- Reason ------------------- RoM; unmaintained; only needed for already-removed movim ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 08:58:33 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: php-react-socket | 1.4.0-1 | all reactphp-socket | 1.4.0-1 | source Closed bugs: 1019084 ------------------- Reason ------------------- RoM; unmaintained; only needed for already-removed movim ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 08:58:49 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: php-react-stream | 1.1.0-1 | all reactphp-stream | 1.1.0-1 | source Closed bugs: 1019085 ------------------- Reason ------------------- RoM; unmaintained; only needed for already-removed movim ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 09:13:27 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: librust-cbindgen+clap-dev | 0.20.0-1~deb11u1 | amd64, arm64, armhf, i386, mips64el, mipsel, ppc64el, s390x librust-cbindgen-dev | 0.20.0-1~deb11u1 | amd64, arm64, armhf, i386, mips64el, mipsel, ppc64el, s390x ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by rust-cbindgen) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 09:14:19 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: libstd-rust-mozilla-1.51 | 1.51.0+dfsg1-1~deb11u1 | amd64, arm64, armhf, i386, mips64el, mipsel, ppc64el ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by rustc-mozilla) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 09:21:35 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel affs-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el affs-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel affs-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel ata-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel ata-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el ata-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf ata-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel ata-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el btrfs-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel btrfs-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el btrfs-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf btrfs-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel btrfs-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel btrfs-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel btrfs-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el btrfs-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x cdrom-core-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel cdrom-core-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el cdrom-core-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf cdrom-core-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel cdrom-core-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel cdrom-core-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel cdrom-core-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el cdrom-core-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x crc-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel crc-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el crc-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf crc-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel crc-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel crc-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel crc-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el crc-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x crypto-dm-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel crypto-dm-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el crypto-dm-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf crypto-dm-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel crypto-dm-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel crypto-dm-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel crypto-dm-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el crypto-dm-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x crypto-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel crypto-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el crypto-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf crypto-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel crypto-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel crypto-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel crypto-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el crypto-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x dasd-extra-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x dasd-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x efi-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf event-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel event-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el event-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf event-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel event-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel event-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel event-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el ext4-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel ext4-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el ext4-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf ext4-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel ext4-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel ext4-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel ext4-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el ext4-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x f2fs-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel f2fs-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el f2fs-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf f2fs-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel f2fs-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel f2fs-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel f2fs-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el f2fs-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x fancontrol-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el fat-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel fat-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el fat-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf fat-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel fat-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel fat-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel fat-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el fat-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x fb-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel fb-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el fb-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf fb-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel fb-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel fb-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el firewire-core-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel firewire-core-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el fuse-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel fuse-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el fuse-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf fuse-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel fuse-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel fuse-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel fuse-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el fuse-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x hypervisor-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el i2c-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel i2c-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el i2c-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf i2c-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el input-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel input-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el input-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf input-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel input-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel input-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel input-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el ipv6-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel isofs-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel isofs-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el isofs-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf isofs-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel isofs-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel isofs-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel isofs-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el isofs-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x jffs2-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel jfs-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel jfs-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el jfs-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf jfs-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel jfs-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel jfs-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel jfs-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el kernel-image-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel kernel-image-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el kernel-image-5.10.0-13-armmp-di | 5.10.106-1 | armhf kernel-image-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel kernel-image-5.10.0-13-marvell-di | 5.10.106-1 | armel kernel-image-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel kernel-image-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el kernel-image-5.10.0-13-s390x-di | 5.10.106-1 | s390x leds-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf leds-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel linux-headers-5.10.0-13-4kc-malta | 5.10.106-1 | mipsel linux-headers-5.10.0-13-5kc-malta | 5.10.106-1 | mips64el, mipsel linux-headers-5.10.0-13-686 | 5.10.106-1 | i386 linux-headers-5.10.0-13-686-pae | 5.10.106-1 | i386 linux-headers-5.10.0-13-amd64 | 5.10.106-1 | amd64 linux-headers-5.10.0-13-arm64 | 5.10.106-1 | arm64 linux-headers-5.10.0-13-armmp | 5.10.106-1 | armhf linux-headers-5.10.0-13-armmp-lpae | 5.10.106-1 | armhf linux-headers-5.10.0-13-cloud-amd64 | 5.10.106-1 | amd64 linux-headers-5.10.0-13-cloud-arm64 | 5.10.106-1 | arm64 linux-headers-5.10.0-13-common | 5.10.106-1 | all linux-headers-5.10.0-13-common-rt | 5.10.106-1 | all linux-headers-5.10.0-13-loongson-3 | 5.10.106-1 | mips64el, mipsel linux-headers-5.10.0-13-marvell | 5.10.106-1 | armel linux-headers-5.10.0-13-octeon | 5.10.106-1 | mips64el, mipsel linux-headers-5.10.0-13-powerpc64le | 5.10.106-1 | ppc64el linux-headers-5.10.0-13-rpi | 5.10.106-1 | armel linux-headers-5.10.0-13-rt-686-pae | 5.10.106-1 | i386 linux-headers-5.10.0-13-rt-amd64 | 5.10.106-1 | amd64 linux-headers-5.10.0-13-rt-arm64 | 5.10.106-1 | arm64 linux-headers-5.10.0-13-rt-armmp | 5.10.106-1 | armhf linux-headers-5.10.0-13-s390x | 5.10.106-1 | s390x linux-image-5.10.0-13-4kc-malta | 5.10.106-1 | mipsel linux-image-5.10.0-13-4kc-malta-dbg | 5.10.106-1 | mipsel linux-image-5.10.0-13-5kc-malta | 5.10.106-1 | mips64el, mipsel linux-image-5.10.0-13-5kc-malta-dbg | 5.10.106-1 | mips64el, mipsel linux-image-5.10.0-13-686-dbg | 5.10.106-1 | i386 linux-image-5.10.0-13-686-pae-dbg | 5.10.106-1 | i386 linux-image-5.10.0-13-686-pae-unsigned | 5.10.106-1 | i386 linux-image-5.10.0-13-686-unsigned | 5.10.106-1 | i386 linux-image-5.10.0-13-amd64-dbg | 5.10.106-1 | amd64 linux-image-5.10.0-13-amd64-unsigned | 5.10.106-1 | amd64 linux-image-5.10.0-13-arm64-dbg | 5.10.106-1 | arm64 linux-image-5.10.0-13-arm64-unsigned | 5.10.106-1 | arm64 linux-image-5.10.0-13-armmp | 5.10.106-1 | armhf linux-image-5.10.0-13-armmp-dbg | 5.10.106-1 | armhf linux-image-5.10.0-13-armmp-lpae | 5.10.106-1 | armhf linux-image-5.10.0-13-armmp-lpae-dbg | 5.10.106-1 | armhf linux-image-5.10.0-13-cloud-amd64-dbg | 5.10.106-1 | amd64 linux-image-5.10.0-13-cloud-amd64-unsigned | 5.10.106-1 | amd64 linux-image-5.10.0-13-cloud-arm64-dbg | 5.10.106-1 | arm64 linux-image-5.10.0-13-cloud-arm64-unsigned | 5.10.106-1 | arm64 linux-image-5.10.0-13-loongson-3 | 5.10.106-1 | mips64el, mipsel linux-image-5.10.0-13-loongson-3-dbg | 5.10.106-1 | mips64el, mipsel linux-image-5.10.0-13-marvell | 5.10.106-1 | armel linux-image-5.10.0-13-marvell-dbg | 5.10.106-1 | armel linux-image-5.10.0-13-octeon | 5.10.106-1 | mips64el, mipsel linux-image-5.10.0-13-octeon-dbg | 5.10.106-1 | mips64el, mipsel linux-image-5.10.0-13-powerpc64le | 5.10.106-1 | ppc64el linux-image-5.10.0-13-powerpc64le-dbg | 5.10.106-1 | ppc64el linux-image-5.10.0-13-rpi | 5.10.106-1 | armel linux-image-5.10.0-13-rpi-dbg | 5.10.106-1 | armel linux-image-5.10.0-13-rt-686-pae-dbg | 5.10.106-1 | i386 linux-image-5.10.0-13-rt-686-pae-unsigned | 5.10.106-1 | i386 linux-image-5.10.0-13-rt-amd64-dbg | 5.10.106-1 | amd64 linux-image-5.10.0-13-rt-amd64-unsigned | 5.10.106-1 | amd64 linux-image-5.10.0-13-rt-arm64-dbg | 5.10.106-1 | arm64 linux-image-5.10.0-13-rt-arm64-unsigned | 5.10.106-1 | arm64 linux-image-5.10.0-13-rt-armmp | 5.10.106-1 | armhf linux-image-5.10.0-13-rt-armmp-dbg | 5.10.106-1 | armhf linux-image-5.10.0-13-s390x | 5.10.106-1 | s390x linux-image-5.10.0-13-s390x-dbg | 5.10.106-1 | s390x linux-support-5.10.0-13 | 5.10.106-1 | all loop-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel loop-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el loop-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf loop-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel loop-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel loop-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel loop-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el loop-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x md-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel md-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el md-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf md-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel md-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel md-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel md-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el md-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x minix-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel minix-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el minix-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel minix-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel minix-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel mmc-core-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel mmc-core-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el mmc-core-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel mmc-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel mmc-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el mmc-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf mmc-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel mouse-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel mouse-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el mouse-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel mouse-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el mtd-core-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel mtd-core-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el mtd-core-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel mtd-core-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel mtd-core-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el mtd-core-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x mtd-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf mtd-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel multipath-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel multipath-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el multipath-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf multipath-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel multipath-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel multipath-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel multipath-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el multipath-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x nbd-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel nbd-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el nbd-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf nbd-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel nbd-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel nbd-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel nbd-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el nbd-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x nfs-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel nic-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel nic-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el nic-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf nic-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel nic-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel nic-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel nic-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el nic-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x nic-shared-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel nic-shared-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el nic-shared-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf nic-shared-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel nic-shared-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel nic-shared-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel nic-shared-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el nic-usb-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel nic-usb-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el nic-usb-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf nic-usb-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel nic-usb-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel nic-usb-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel nic-usb-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el nic-wireless-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel nic-wireless-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el nic-wireless-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf nic-wireless-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel nic-wireless-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel nic-wireless-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el pata-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel pata-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el pata-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf pata-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel pata-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel ppp-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel ppp-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el ppp-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf ppp-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel ppp-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel ppp-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel ppp-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el rtc-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel sata-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel sata-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el sata-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf sata-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel sata-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel sata-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel sata-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el scsi-core-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel scsi-core-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el scsi-core-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf scsi-core-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel scsi-core-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel scsi-core-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel scsi-core-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el scsi-core-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x scsi-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel scsi-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el scsi-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf scsi-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel scsi-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel scsi-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el scsi-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x scsi-nic-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel scsi-nic-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el scsi-nic-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf scsi-nic-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel scsi-nic-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel scsi-nic-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el serial-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el sound-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel sound-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el sound-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel sound-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel speakup-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel squashfs-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel squashfs-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el squashfs-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf squashfs-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel squashfs-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel squashfs-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel squashfs-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el udf-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel udf-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el udf-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf udf-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel udf-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel udf-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel udf-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el udf-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x uinput-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf uinput-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel uinput-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el usb-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel usb-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el usb-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf usb-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel usb-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel usb-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel usb-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el usb-serial-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel usb-serial-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el usb-serial-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf usb-serial-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel usb-serial-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel usb-serial-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel usb-serial-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el usb-storage-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel usb-storage-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el usb-storage-modules-5.10.0-13-armmp-di | 5.10.106-1 | armhf usb-storage-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel usb-storage-modules-5.10.0-13-marvell-di | 5.10.106-1 | armel usb-storage-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel usb-storage-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el xfs-modules-5.10.0-13-4kc-malta-di | 5.10.106-1 | mipsel xfs-modules-5.10.0-13-5kc-malta-di | 5.10.106-1 | mips64el xfs-modules-5.10.0-13-loongson-3-di | 5.10.106-1 | mips64el, mipsel xfs-modules-5.10.0-13-octeon-di | 5.10.106-1 | mips64el, mipsel xfs-modules-5.10.0-13-powerpc64le-di | 5.10.106-1 | ppc64el xfs-modules-5.10.0-13-s390x-di | 5.10.106-1 | s390x ------------------- Reason ------------------- [auto-cruft] NBS ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 09:22:55 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: affs-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel affs-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el affs-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel affs-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel ata-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel ata-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el ata-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf ata-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel ata-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el btrfs-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel btrfs-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el btrfs-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf btrfs-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel btrfs-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel btrfs-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel btrfs-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el btrfs-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x cdrom-core-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel cdrom-core-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el cdrom-core-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf cdrom-core-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel cdrom-core-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel cdrom-core-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel cdrom-core-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el cdrom-core-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x crc-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel crc-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el crc-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf crc-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel crc-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel crc-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel crc-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el crc-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x crypto-dm-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel crypto-dm-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el crypto-dm-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf crypto-dm-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel crypto-dm-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel crypto-dm-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel crypto-dm-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el crypto-dm-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x crypto-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel crypto-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el crypto-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf crypto-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel crypto-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel crypto-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel crypto-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el crypto-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x dasd-extra-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x dasd-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x efi-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf event-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel event-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el event-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf event-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel event-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel event-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel event-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el ext4-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel ext4-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el ext4-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf ext4-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel ext4-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel ext4-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel ext4-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el ext4-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x f2fs-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel f2fs-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el f2fs-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf f2fs-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel f2fs-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel f2fs-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel f2fs-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el f2fs-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x fancontrol-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el fat-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel fat-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el fat-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf fat-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel fat-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel fat-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel fat-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el fat-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x fb-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel fb-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el fb-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf fb-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel fb-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel fb-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el firewire-core-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel firewire-core-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el fuse-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel fuse-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el fuse-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf fuse-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel fuse-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel fuse-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel fuse-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el fuse-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x hypervisor-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el i2c-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel i2c-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el i2c-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf i2c-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el input-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel input-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el input-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf input-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel input-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel input-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel input-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el ipv6-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel isofs-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel isofs-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el isofs-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf isofs-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel isofs-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel isofs-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel isofs-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el isofs-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x jffs2-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel jfs-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel jfs-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el jfs-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf jfs-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel jfs-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel jfs-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel jfs-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el kernel-image-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel kernel-image-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el kernel-image-5.10.0-17-armmp-di | 5.10.136-1 | armhf kernel-image-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel kernel-image-5.10.0-17-marvell-di | 5.10.136-1 | armel kernel-image-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel kernel-image-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el kernel-image-5.10.0-17-s390x-di | 5.10.136-1 | s390x leds-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf leds-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel linux-doc | 5.10.136-1 | all linux-doc-5.10 | 5.10.136-1 | all linux-headers-5.10.0-17-4kc-malta | 5.10.136-1 | mipsel linux-headers-5.10.0-17-5kc-malta | 5.10.136-1 | mips64el, mipsel linux-headers-5.10.0-17-686 | 5.10.136-1 | i386 linux-headers-5.10.0-17-686-pae | 5.10.136-1 | i386 linux-headers-5.10.0-17-amd64 | 5.10.136-1 | amd64 linux-headers-5.10.0-17-arm64 | 5.10.136-1 | arm64 linux-headers-5.10.0-17-armmp | 5.10.136-1 | armhf linux-headers-5.10.0-17-armmp-lpae | 5.10.136-1 | armhf linux-headers-5.10.0-17-cloud-amd64 | 5.10.136-1 | amd64 linux-headers-5.10.0-17-cloud-arm64 | 5.10.136-1 | arm64 linux-headers-5.10.0-17-common | 5.10.136-1 | all linux-headers-5.10.0-17-common-rt | 5.10.136-1 | all linux-headers-5.10.0-17-loongson-3 | 5.10.136-1 | mips64el, mipsel linux-headers-5.10.0-17-marvell | 5.10.136-1 | armel linux-headers-5.10.0-17-octeon | 5.10.136-1 | mips64el, mipsel linux-headers-5.10.0-17-powerpc64le | 5.10.136-1 | ppc64el linux-headers-5.10.0-17-rpi | 5.10.136-1 | armel linux-headers-5.10.0-17-rt-686-pae | 5.10.136-1 | i386 linux-headers-5.10.0-17-rt-amd64 | 5.10.136-1 | amd64 linux-headers-5.10.0-17-rt-arm64 | 5.10.136-1 | arm64 linux-headers-5.10.0-17-rt-armmp | 5.10.136-1 | armhf linux-headers-5.10.0-17-s390x | 5.10.136-1 | s390x linux-image-5.10.0-17-4kc-malta | 5.10.136-1 | mipsel linux-image-5.10.0-17-4kc-malta-dbg | 5.10.136-1 | mipsel linux-image-5.10.0-17-5kc-malta | 5.10.136-1 | mips64el, mipsel linux-image-5.10.0-17-5kc-malta-dbg | 5.10.136-1 | mips64el, mipsel linux-image-5.10.0-17-686-dbg | 5.10.136-1 | i386 linux-image-5.10.0-17-686-pae-dbg | 5.10.136-1 | i386 linux-image-5.10.0-17-686-pae-unsigned | 5.10.136-1 | i386 linux-image-5.10.0-17-686-unsigned | 5.10.136-1 | i386 linux-image-5.10.0-17-amd64-dbg | 5.10.136-1 | amd64 linux-image-5.10.0-17-amd64-unsigned | 5.10.136-1 | amd64 linux-image-5.10.0-17-arm64-dbg | 5.10.136-1 | arm64 linux-image-5.10.0-17-arm64-unsigned | 5.10.136-1 | arm64 linux-image-5.10.0-17-armmp | 5.10.136-1 | armhf linux-image-5.10.0-17-armmp-dbg | 5.10.136-1 | armhf linux-image-5.10.0-17-armmp-lpae | 5.10.136-1 | armhf linux-image-5.10.0-17-armmp-lpae-dbg | 5.10.136-1 | armhf linux-image-5.10.0-17-cloud-amd64-dbg | 5.10.136-1 | amd64 linux-image-5.10.0-17-cloud-amd64-unsigned | 5.10.136-1 | amd64 linux-image-5.10.0-17-cloud-arm64-dbg | 5.10.136-1 | arm64 linux-image-5.10.0-17-cloud-arm64-unsigned | 5.10.136-1 | arm64 linux-image-5.10.0-17-loongson-3 | 5.10.136-1 | mips64el, mipsel linux-image-5.10.0-17-loongson-3-dbg | 5.10.136-1 | mips64el, mipsel linux-image-5.10.0-17-marvell | 5.10.136-1 | armel linux-image-5.10.0-17-marvell-dbg | 5.10.136-1 | armel linux-image-5.10.0-17-octeon | 5.10.136-1 | mips64el, mipsel linux-image-5.10.0-17-octeon-dbg | 5.10.136-1 | mips64el, mipsel linux-image-5.10.0-17-powerpc64le | 5.10.136-1 | ppc64el linux-image-5.10.0-17-powerpc64le-dbg | 5.10.136-1 | ppc64el linux-image-5.10.0-17-rpi | 5.10.136-1 | armel linux-image-5.10.0-17-rpi-dbg | 5.10.136-1 | armel linux-image-5.10.0-17-rt-686-pae-dbg | 5.10.136-1 | i386 linux-image-5.10.0-17-rt-686-pae-unsigned | 5.10.136-1 | i386 linux-image-5.10.0-17-rt-amd64-dbg | 5.10.136-1 | amd64 linux-image-5.10.0-17-rt-amd64-unsigned | 5.10.136-1 | amd64 linux-image-5.10.0-17-rt-arm64-dbg | 5.10.136-1 | arm64 linux-image-5.10.0-17-rt-arm64-unsigned | 5.10.136-1 | arm64 linux-image-5.10.0-17-rt-armmp | 5.10.136-1 | armhf linux-image-5.10.0-17-rt-armmp-dbg | 5.10.136-1 | armhf linux-image-5.10.0-17-s390x | 5.10.136-1 | s390x linux-image-5.10.0-17-s390x-dbg | 5.10.136-1 | s390x linux-source | 5.10.136-1 | all linux-source-5.10 | 5.10.136-1 | all linux-support-5.10.0-17 | 5.10.136-1 | all loop-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel loop-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el loop-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf loop-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel loop-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel loop-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel loop-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el loop-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x md-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel md-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el md-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf md-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel md-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel md-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel md-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el md-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x minix-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel minix-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el minix-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel minix-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel minix-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel mmc-core-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel mmc-core-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el mmc-core-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel mmc-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel mmc-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el mmc-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf mmc-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel mouse-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel mouse-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el mouse-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel mouse-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el mtd-core-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel mtd-core-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el mtd-core-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel mtd-core-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel mtd-core-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el mtd-core-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x mtd-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf mtd-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel multipath-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel multipath-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el multipath-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf multipath-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel multipath-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel multipath-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel multipath-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el multipath-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x nbd-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel nbd-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el nbd-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf nbd-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel nbd-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel nbd-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel nbd-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el nbd-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x nfs-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel nic-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel nic-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el nic-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf nic-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel nic-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel nic-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel nic-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el nic-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x nic-shared-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel nic-shared-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el nic-shared-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf nic-shared-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel nic-shared-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel nic-shared-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel nic-shared-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el nic-usb-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel nic-usb-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el nic-usb-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf nic-usb-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel nic-usb-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel nic-usb-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel nic-usb-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el nic-wireless-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel nic-wireless-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el nic-wireless-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf nic-wireless-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel nic-wireless-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel nic-wireless-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el pata-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel pata-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el pata-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf pata-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel pata-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel ppp-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel ppp-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el ppp-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf ppp-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel ppp-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel ppp-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel ppp-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el rtc-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel sata-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel sata-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el sata-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf sata-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel sata-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel sata-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel sata-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el scsi-core-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel scsi-core-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el scsi-core-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf scsi-core-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel scsi-core-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel scsi-core-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel scsi-core-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el scsi-core-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x scsi-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel scsi-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el scsi-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf scsi-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel scsi-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel scsi-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el scsi-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x scsi-nic-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel scsi-nic-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el scsi-nic-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf scsi-nic-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel scsi-nic-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel scsi-nic-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el serial-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el sound-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel sound-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el sound-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel sound-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel speakup-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel squashfs-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel squashfs-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el squashfs-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf squashfs-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel squashfs-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel squashfs-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel squashfs-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el udf-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel udf-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el udf-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf udf-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel udf-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel udf-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel udf-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el udf-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x uinput-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf uinput-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel uinput-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el usb-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel usb-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el usb-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf usb-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel usb-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel usb-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel usb-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el usb-serial-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel usb-serial-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el usb-serial-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf usb-serial-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel usb-serial-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel usb-serial-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel usb-serial-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el usb-storage-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel usb-storage-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el usb-storage-modules-5.10.0-17-armmp-di | 5.10.136-1 | armhf usb-storage-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel usb-storage-modules-5.10.0-17-marvell-di | 5.10.136-1 | armel usb-storage-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel usb-storage-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el xfs-modules-5.10.0-17-4kc-malta-di | 5.10.136-1 | mipsel xfs-modules-5.10.0-17-5kc-malta-di | 5.10.136-1 | mips64el xfs-modules-5.10.0-17-loongson-3-di | 5.10.136-1 | mips64el, mipsel xfs-modules-5.10.0-17-octeon-di | 5.10.136-1 | mips64el, mipsel xfs-modules-5.10.0-17-powerpc64le-di | 5.10.136-1 | ppc64el xfs-modules-5.10.0-17-s390x-di | 5.10.136-1 | s390x ------------------- Reason ------------------- [auto-cruft] NBS ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 09:24:13 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: acpi-modules-5.10.0-13-686-di | 5.10.106-1 | i386 acpi-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 acpi-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 ata-modules-5.10.0-13-686-di | 5.10.106-1 | i386 ata-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 ata-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 ata-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 btrfs-modules-5.10.0-13-686-di | 5.10.106-1 | i386 btrfs-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 btrfs-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 btrfs-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 cdrom-core-modules-5.10.0-13-686-di | 5.10.106-1 | i386 cdrom-core-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 cdrom-core-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 cdrom-core-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 crc-modules-5.10.0-13-686-di | 5.10.106-1 | i386 crc-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 crc-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 crc-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 crypto-dm-modules-5.10.0-13-686-di | 5.10.106-1 | i386 crypto-dm-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 crypto-dm-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 crypto-dm-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 crypto-modules-5.10.0-13-686-di | 5.10.106-1 | i386 crypto-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 crypto-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 crypto-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 efi-modules-5.10.0-13-686-di | 5.10.106-1 | i386 efi-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 efi-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 efi-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 event-modules-5.10.0-13-686-di | 5.10.106-1 | i386 event-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 event-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 event-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 ext4-modules-5.10.0-13-686-di | 5.10.106-1 | i386 ext4-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 ext4-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 ext4-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 f2fs-modules-5.10.0-13-686-di | 5.10.106-1 | i386 f2fs-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 f2fs-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 f2fs-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 fat-modules-5.10.0-13-686-di | 5.10.106-1 | i386 fat-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 fat-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 fat-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 fb-modules-5.10.0-13-686-di | 5.10.106-1 | i386 fb-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 fb-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 fb-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 firewire-core-modules-5.10.0-13-686-di | 5.10.106-1 | i386 firewire-core-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 firewire-core-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 fuse-modules-5.10.0-13-686-di | 5.10.106-1 | i386 fuse-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 fuse-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 fuse-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 i2c-modules-5.10.0-13-686-di | 5.10.106-1 | i386 i2c-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 i2c-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 i2c-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 input-modules-5.10.0-13-686-di | 5.10.106-1 | i386 input-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 input-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 input-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 isofs-modules-5.10.0-13-686-di | 5.10.106-1 | i386 isofs-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 isofs-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 isofs-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 jfs-modules-5.10.0-13-686-di | 5.10.106-1 | i386 jfs-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 jfs-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 jfs-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 kernel-image-5.10.0-13-686-di | 5.10.106-1 | i386 kernel-image-5.10.0-13-686-pae-di | 5.10.106-1 | i386 kernel-image-5.10.0-13-amd64-di | 5.10.106-1 | amd64 kernel-image-5.10.0-13-arm64-di | 5.10.106-1 | arm64 leds-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 linux-image-5.10.0-13-686 | 5.10.106-1 | i386 linux-image-5.10.0-13-686-pae | 5.10.106-1 | i386 linux-image-5.10.0-13-amd64 | 5.10.106-1 | amd64 linux-image-5.10.0-13-arm64 | 5.10.106-1 | arm64 linux-image-5.10.0-13-cloud-amd64 | 5.10.106-1 | amd64 linux-image-5.10.0-13-cloud-arm64 | 5.10.106-1 | arm64 linux-image-5.10.0-13-rt-686-pae | 5.10.106-1 | i386 linux-image-5.10.0-13-rt-amd64 | 5.10.106-1 | amd64 linux-image-5.10.0-13-rt-arm64 | 5.10.106-1 | arm64 linux-signed-amd64 | 5.10.106+1 | source linux-signed-arm64 | 5.10.106+1 | source linux-signed-i386 | 5.10.106+1 | source loop-modules-5.10.0-13-686-di | 5.10.106-1 | i386 loop-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 loop-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 loop-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 md-modules-5.10.0-13-686-di | 5.10.106-1 | i386 md-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 md-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 md-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 mmc-core-modules-5.10.0-13-686-di | 5.10.106-1 | i386 mmc-core-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 mmc-core-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 mmc-modules-5.10.0-13-686-di | 5.10.106-1 | i386 mmc-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 mmc-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 mmc-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 mouse-modules-5.10.0-13-686-di | 5.10.106-1 | i386 mouse-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 mouse-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 mtd-core-modules-5.10.0-13-686-di | 5.10.106-1 | i386 mtd-core-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 mtd-core-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 mtd-core-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 multipath-modules-5.10.0-13-686-di | 5.10.106-1 | i386 multipath-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 multipath-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 multipath-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 nbd-modules-5.10.0-13-686-di | 5.10.106-1 | i386 nbd-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 nbd-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 nbd-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 nic-modules-5.10.0-13-686-di | 5.10.106-1 | i386 nic-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 nic-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 nic-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 nic-pcmcia-modules-5.10.0-13-686-di | 5.10.106-1 | i386 nic-pcmcia-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 nic-pcmcia-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 nic-shared-modules-5.10.0-13-686-di | 5.10.106-1 | i386 nic-shared-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 nic-shared-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 nic-shared-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 nic-usb-modules-5.10.0-13-686-di | 5.10.106-1 | i386 nic-usb-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 nic-usb-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 nic-usb-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 nic-wireless-modules-5.10.0-13-686-di | 5.10.106-1 | i386 nic-wireless-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 nic-wireless-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 nic-wireless-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 pata-modules-5.10.0-13-686-di | 5.10.106-1 | i386 pata-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 pata-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 pcmcia-modules-5.10.0-13-686-di | 5.10.106-1 | i386 pcmcia-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 pcmcia-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 pcmcia-storage-modules-5.10.0-13-686-di | 5.10.106-1 | i386 pcmcia-storage-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 pcmcia-storage-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 ppp-modules-5.10.0-13-686-di | 5.10.106-1 | i386 ppp-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 ppp-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 ppp-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 rfkill-modules-5.10.0-13-686-di | 5.10.106-1 | i386 rfkill-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 rfkill-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 sata-modules-5.10.0-13-686-di | 5.10.106-1 | i386 sata-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 sata-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 sata-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 scsi-core-modules-5.10.0-13-686-di | 5.10.106-1 | i386 scsi-core-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 scsi-core-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 scsi-core-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 scsi-modules-5.10.0-13-686-di | 5.10.106-1 | i386 scsi-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 scsi-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 scsi-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 scsi-nic-modules-5.10.0-13-686-di | 5.10.106-1 | i386 scsi-nic-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 scsi-nic-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 scsi-nic-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 serial-modules-5.10.0-13-686-di | 5.10.106-1 | i386 serial-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 serial-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 sound-modules-5.10.0-13-686-di | 5.10.106-1 | i386 sound-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 sound-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 speakup-modules-5.10.0-13-686-di | 5.10.106-1 | i386 speakup-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 speakup-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 squashfs-modules-5.10.0-13-686-di | 5.10.106-1 | i386 squashfs-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 squashfs-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 squashfs-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 udf-modules-5.10.0-13-686-di | 5.10.106-1 | i386 udf-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 udf-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 udf-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 uinput-modules-5.10.0-13-686-di | 5.10.106-1 | i386 uinput-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 uinput-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 uinput-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 usb-modules-5.10.0-13-686-di | 5.10.106-1 | i386 usb-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 usb-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 usb-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 usb-serial-modules-5.10.0-13-686-di | 5.10.106-1 | i386 usb-serial-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 usb-serial-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 usb-serial-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 usb-storage-modules-5.10.0-13-686-di | 5.10.106-1 | i386 usb-storage-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 usb-storage-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 usb-storage-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 xfs-modules-5.10.0-13-686-di | 5.10.106-1 | i386 xfs-modules-5.10.0-13-686-pae-di | 5.10.106-1 | i386 xfs-modules-5.10.0-13-amd64-di | 5.10.106-1 | amd64 xfs-modules-5.10.0-13-arm64-di | 5.10.106-1 | arm64 ------------------- Reason ------------------- [auto-cruft] old linux ABI ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 09:24:26 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: acpi-modules-5.10.0-17-686-di | 5.10.136-1 | i386 acpi-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 acpi-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 ata-modules-5.10.0-17-686-di | 5.10.136-1 | i386 ata-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 ata-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 ata-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 btrfs-modules-5.10.0-17-686-di | 5.10.136-1 | i386 btrfs-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 btrfs-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 btrfs-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 cdrom-core-modules-5.10.0-17-686-di | 5.10.136-1 | i386 cdrom-core-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 cdrom-core-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 cdrom-core-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 crc-modules-5.10.0-17-686-di | 5.10.136-1 | i386 crc-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 crc-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 crc-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 crypto-dm-modules-5.10.0-17-686-di | 5.10.136-1 | i386 crypto-dm-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 crypto-dm-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 crypto-dm-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 crypto-modules-5.10.0-17-686-di | 5.10.136-1 | i386 crypto-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 crypto-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 crypto-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 efi-modules-5.10.0-17-686-di | 5.10.136-1 | i386 efi-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 efi-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 efi-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 event-modules-5.10.0-17-686-di | 5.10.136-1 | i386 event-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 event-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 event-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 ext4-modules-5.10.0-17-686-di | 5.10.136-1 | i386 ext4-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 ext4-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 ext4-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 f2fs-modules-5.10.0-17-686-di | 5.10.136-1 | i386 f2fs-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 f2fs-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 f2fs-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 fat-modules-5.10.0-17-686-di | 5.10.136-1 | i386 fat-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 fat-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 fat-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 fb-modules-5.10.0-17-686-di | 5.10.136-1 | i386 fb-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 fb-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 fb-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 firewire-core-modules-5.10.0-17-686-di | 5.10.136-1 | i386 firewire-core-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 firewire-core-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 fuse-modules-5.10.0-17-686-di | 5.10.136-1 | i386 fuse-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 fuse-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 fuse-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 i2c-modules-5.10.0-17-686-di | 5.10.136-1 | i386 i2c-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 i2c-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 i2c-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 input-modules-5.10.0-17-686-di | 5.10.136-1 | i386 input-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 input-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 input-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 isofs-modules-5.10.0-17-686-di | 5.10.136-1 | i386 isofs-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 isofs-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 isofs-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 jfs-modules-5.10.0-17-686-di | 5.10.136-1 | i386 jfs-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 jfs-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 jfs-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 kernel-image-5.10.0-17-686-di | 5.10.136-1 | i386 kernel-image-5.10.0-17-686-pae-di | 5.10.136-1 | i386 kernel-image-5.10.0-17-amd64-di | 5.10.136-1 | amd64 kernel-image-5.10.0-17-arm64-di | 5.10.136-1 | arm64 leds-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 linux-image-5.10.0-17-686 | 5.10.136-1 | i386 linux-image-5.10.0-17-686-pae | 5.10.136-1 | i386 linux-image-5.10.0-17-amd64 | 5.10.136-1 | amd64 linux-image-5.10.0-17-arm64 | 5.10.136-1 | arm64 linux-image-5.10.0-17-cloud-amd64 | 5.10.136-1 | amd64 linux-image-5.10.0-17-cloud-arm64 | 5.10.136-1 | arm64 linux-image-5.10.0-17-rt-686-pae | 5.10.136-1 | i386 linux-image-5.10.0-17-rt-amd64 | 5.10.136-1 | amd64 linux-image-5.10.0-17-rt-arm64 | 5.10.136-1 | arm64 linux-signed-amd64 | 5.10.136+1 | source linux-signed-arm64 | 5.10.136+1 | source linux-signed-i386 | 5.10.136+1 | source loop-modules-5.10.0-17-686-di | 5.10.136-1 | i386 loop-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 loop-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 loop-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 md-modules-5.10.0-17-686-di | 5.10.136-1 | i386 md-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 md-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 md-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 mmc-core-modules-5.10.0-17-686-di | 5.10.136-1 | i386 mmc-core-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 mmc-core-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 mmc-modules-5.10.0-17-686-di | 5.10.136-1 | i386 mmc-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 mmc-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 mmc-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 mouse-modules-5.10.0-17-686-di | 5.10.136-1 | i386 mouse-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 mouse-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 mtd-core-modules-5.10.0-17-686-di | 5.10.136-1 | i386 mtd-core-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 mtd-core-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 mtd-core-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 multipath-modules-5.10.0-17-686-di | 5.10.136-1 | i386 multipath-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 multipath-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 multipath-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 nbd-modules-5.10.0-17-686-di | 5.10.136-1 | i386 nbd-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 nbd-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 nbd-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 nic-modules-5.10.0-17-686-di | 5.10.136-1 | i386 nic-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 nic-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 nic-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 nic-pcmcia-modules-5.10.0-17-686-di | 5.10.136-1 | i386 nic-pcmcia-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 nic-pcmcia-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 nic-shared-modules-5.10.0-17-686-di | 5.10.136-1 | i386 nic-shared-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 nic-shared-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 nic-shared-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 nic-usb-modules-5.10.0-17-686-di | 5.10.136-1 | i386 nic-usb-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 nic-usb-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 nic-usb-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 nic-wireless-modules-5.10.0-17-686-di | 5.10.136-1 | i386 nic-wireless-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 nic-wireless-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 nic-wireless-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 pata-modules-5.10.0-17-686-di | 5.10.136-1 | i386 pata-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 pata-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 pcmcia-modules-5.10.0-17-686-di | 5.10.136-1 | i386 pcmcia-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 pcmcia-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 pcmcia-storage-modules-5.10.0-17-686-di | 5.10.136-1 | i386 pcmcia-storage-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 pcmcia-storage-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 ppp-modules-5.10.0-17-686-di | 5.10.136-1 | i386 ppp-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 ppp-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 ppp-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 rfkill-modules-5.10.0-17-686-di | 5.10.136-1 | i386 rfkill-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 rfkill-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 sata-modules-5.10.0-17-686-di | 5.10.136-1 | i386 sata-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 sata-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 sata-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 scsi-core-modules-5.10.0-17-686-di | 5.10.136-1 | i386 scsi-core-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 scsi-core-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 scsi-core-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 scsi-modules-5.10.0-17-686-di | 5.10.136-1 | i386 scsi-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 scsi-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 scsi-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 scsi-nic-modules-5.10.0-17-686-di | 5.10.136-1 | i386 scsi-nic-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 scsi-nic-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 scsi-nic-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 serial-modules-5.10.0-17-686-di | 5.10.136-1 | i386 serial-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 serial-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 sound-modules-5.10.0-17-686-di | 5.10.136-1 | i386 sound-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 sound-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 speakup-modules-5.10.0-17-686-di | 5.10.136-1 | i386 speakup-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 speakup-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 squashfs-modules-5.10.0-17-686-di | 5.10.136-1 | i386 squashfs-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 squashfs-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 squashfs-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 udf-modules-5.10.0-17-686-di | 5.10.136-1 | i386 udf-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 udf-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 udf-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 uinput-modules-5.10.0-17-686-di | 5.10.136-1 | i386 uinput-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 uinput-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 uinput-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 usb-modules-5.10.0-17-686-di | 5.10.136-1 | i386 usb-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 usb-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 usb-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 usb-serial-modules-5.10.0-17-686-di | 5.10.136-1 | i386 usb-serial-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 usb-serial-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 usb-serial-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 usb-storage-modules-5.10.0-17-686-di | 5.10.136-1 | i386 usb-storage-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 usb-storage-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 usb-storage-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 xfs-modules-5.10.0-17-686-di | 5.10.136-1 | i386 xfs-modules-5.10.0-17-686-pae-di | 5.10.136-1 | i386 xfs-modules-5.10.0-17-amd64-di | 5.10.136-1 | amd64 xfs-modules-5.10.0-17-arm64-di | 5.10.136-1 | arm64 ------------------- Reason ------------------- [auto-cruft] old linux ABI ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 09:26:52 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: librust-cbindgen+clap-dev | 0.20.0-1~deb11u1 | armel librust-cbindgen-dev | 0.20.0-1~deb11u1 | armel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by rust-cbindgen - based on source metadata) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 09:27:45 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: libstd-rust-mozilla-dev-wasm32 | 1.51.0+dfsg1-1~deb11u1 | all ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by rustc-mozilla - based on source metadata) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 09:28:21 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: libstd-rust-mozilla-1.51 | 1.51.0+dfsg1-1~deb11u1 | armel ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by rustc-mozilla - based on source metadata) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 10 Sep 2022 09:28:42 -0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: lightning | 1:78.14.0-1~deb11u1 | all ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by thunderbird - based on source metadata) ---------------------------------------------- ========================================================================= avahi (0.8-5+deb11u1) bullseye; urgency=medium . [ Simon McVittie ] * Add patch to fix display of URLs containing '&' in avahi-discover. Otherwise, a TXT entry containing a URL with '&' will cause an error. . [ Michael Biebl ] * Do not disable timeout cleanup on watch cleanup. This was causing timeouts to never be removed from the linked list that tracks them, resulting in both memory and CPU usage to grow larger over time. Thanks to Gustavo Noronha Silva. (Closes: #993051) * Fix NULL pointer crashes when trying to resolve badly-formatted hostnames. Fixes a local DoS in avahi-daemon that can be triggered by trying to resolve badly-formatted hostnames on the /run/avahi-daemon/socket interface. (CVE-2021-3502, Closes: #986018) base-files (11.1+deb11u5) bullseye; urgency=medium . * Change /etc/debian_version to 11.5, for Debian 11.5 point release. blender (2.83.5+dfsg-5+deb11u1) bullseye-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2022-0546 out-of-bounds heap access due to missing checks in the image loader could result in denial of service, memory corruption or potentially code execution * CVE-2022-0545 integer overflow while processing 2d images might result in a write-what-where vulnerability or an out-of-bounds read vulnerability which could leak sensitive information or achieve code execution * CVE-2022-0544 Crafted DDS image files could create an integer underflow in the DDS loader which leads to an out-of-bounds read and might leak sensitive information. booth (1.0-237-gdd88847-2+deb11u1) bullseye-security; urgency=high . * d/patches: add patch for CVE-2022-2553 cargo-mozilla (0.57.0-7~deb11u1) bullseye; urgency=medium . * Non-maintainer upload. * Backport to bullseye as cargo-mozilla. * Build-dep on rustc-mozilla. * Don't build the doc package. * Vendor libgit2 1.3.0, the system one is too old. * Build-dep on libpcre3-dev, for libgit2. * Disable build::close_output_during_drain test as it hangs in bullseye. cargo-mozilla (0.57.0-7~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Backport to buster. * Bump rustc-mozilla build-dep. cargo-mozilla (0.47.0-3~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Backport to buster. * Vendor libgit2 1.0.1, the system one is too old. * Build-dep on rustc-mozilla. * Build-dep on libpcre3-dev, for libgit2. * Fix tests that now have execution time in the output. * Rename to cargo-mozilla to avoid disruption in the rustc/cargo ecosystem, and don't build the doc package. chromium (104.0.5112.79-1~deb11u1) bullseye-security; urgency=high . * Build with Clang 13 instead of the bullseye default of Clang 11. * New upstream stable release. - CVE-2022-2603: Use after free in Omnibox. Reported by Anonymous - CVE-2022-2604: Use after free in Safe Browsing. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab - CVE-2022-2605: Out of bounds read in Dawn. Reported by Looben Yang - CVE-2022-2606: Use after free in Managed devices API. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab - CVE-2022-2607: Use after free in Tab Strip. Reported by @ginggilBesel - CVE-2022-2608: Use after free in Overview Mode. Reported by Khalil Zhani - CVE-2022-2609: Use after free in Nearby Share. Reported by koocola (@alo_cook) and Guang Gong of 360 Vulnerability Research Institute - CVE-2022-2610: Insufficient policy enforcement in Background Fetch. Reported by Maurice Dauer - CVE-2022-2611: Inappropriate implementation in Fullscreen API. Reported by Irvan Kurniawan (sourc7) - CVE-2022-2612: Side-channel information leakage in Keyboard input. Reported by Erik Kraft (erik.kraft5@gmx.at), Martin Schwarzl (martin.schwarzl@iaik.tugraz.at) - CVE-2022-2613: Use after free in Input. Reported by Piotr Tworek (Vewd) - CVE-2022-2614: Use after free in Sign-In Flow. Reported by raven at KunLun lab - CVE-2022-2615: Insufficient policy enforcement in Cookies. Reported by Maurice Dauer - CVE-2022-2616: Inappropriate implementation in Extensions API. Reported by Alesandro Ortiz - CVE-2022-2617: Use after free in Extensions API. Reported by @ginggilBesel - CVE-2022-2618: Insufficient validation of untrusted input in Internals. Reported by asnine - CVE-2022-2619: Insufficient validation of untrusted input in Settings. Reported by Oliver Dunk - CVE-2022-2620: Use after free in WebUI. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab - CVE-2022-2621: Use after free in Extensions. Reported by Huyna at Viettel Cyber Security - CVE-2022-2622: Insufficient validation of untrusted input in Safe Browsing. Reported by Imre Rad (@ImreRad) and @j00sean - CVE-2022-2623: Use after free in Offline. Reported by raven at KunLun lab - CVE-2022-2624: Heap buffer overflow in PDF. Reported by YU-CHANG CHEN and CHIH-YEN CHANG, working with DEVCORE Internship Program * debian/patches: - bullseye/nomerge.patch: drop, was only needed for clang-11. - bullseye/clang11.patch: drop clang-11 bits, rename to clang13.patch. - bullseye/blink-constexpr.patch: drop, only needed for clang-11. - bullseye/byteswap-constexpr2.patch: drop, only needed for clang-11. - disable/angle-perftests.patch: refresh - disable/catapult.patch: refresh & drop some no longer needed bits. - fixes/tflite.patch: fix a build error. * debian/copyright: - upstream dropped perfetto/ui/src/gen/. chromium (103.0.5060.134-1) unstable; urgency=high . * New upstream security release. - CVE-2022-2477 : Use after free in Guest View. Reported by anonymous - CVE-2022-2478 : Use after free in PDF. Reported by triplepwns - CVE-2022-2479 : Insufficient validation of untrusted input in File. Reported by anonymous - CVE-2022-2480 : Use after free in Service Worker API. Reported by Sergei Glazunov of Google Project Zero - CVE-2022-2481: Use after free in Views. Reported by YoungJoo Lee(@ashuu_lee) of CompSecLab at Seoul National University - CVE-2022-2163: Use after free in Cast UI and Toolbar. Reported by Chaoyuan Peng (@ret2happy) chromium (103.0.5060.134-1~deb11u1) bullseye-security; urgency=high . * New upstream security release. - CVE-2022-2477 : Use after free in Guest View. Reported by anonymous - CVE-2022-2478 : Use after free in PDF. Reported by triplepwns - CVE-2022-2479 : Insufficient validation of untrusted input in File. Reported by anonymous - CVE-2022-2480 : Use after free in Service Worker API. Reported by Sergei Glazunov of Google Project Zero - CVE-2022-2481: Use after free in Views. Reported by YoungJoo Lee(@ashuu_lee) of CompSecLab at Seoul National University - CVE-2022-2163: Use after free in Cast UI and Toolbar. Reported by Chaoyuan Peng (@ret2happy) chromium (103.0.5060.114-1) unstable; urgency=high . * New upstream security release. - CVE-2022-2294: Heap buffer overflow in WebRTC. Reported by Jan Vojtesek from the Avast Threat Intelligence team - CVE-2022-2295: Type Confusion in V8. Reported by avaue and Buff3tts at S.S.L. - CVE-2022-2296: Use after free in Chrome OS Shell. Reported by Khalil Zhani chromium (103.0.5060.114-1~deb11u1) bullseye-security; urgency=high . * New upstream security release. - CVE-2022-2294: Heap buffer overflow in WebRTC. Reported by Jan Vojtesek from the Avast Threat Intelligence team - CVE-2022-2295: Type Confusion in V8. Reported by avaue and Buff3tts at S.S.L. - CVE-2022-2296: Use after free in Chrome OS Shell. Reported by Khalil Zhani chromium (103.0.5060.53-1) unstable; urgency=high . * New upstream stable release. - CVE-2022-2156: Use after free in Base. Reported by Mark Brand of Google Project Zero - CVE-2022-2157: Use after free in Interest groups. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab - CVE-2022-2158: Type Confusion in V8. Reported by Bohan Liu (@P4nda20371774) of Tencent Security Xuanwu Lab - CVE-2022-2160: Insufficient policy enforcement in DevTools. Reported by David Erceg - CVE-2022-2161: Use after free in WebApp Provider. Reported by Zhihua Yao of KunLun Lab - CVE-2022-2162: Insufficient policy enforcement in File System API. Reported by Abdelhamid Naceri (halov) - CVE-2022-2163: Use after free in Cast UI and Toolbar. Reported by Chaoyuan Peng (@ret2happy) - CVE-2022-2164: Inappropriate implementation in Extensions API. Reported by José Miguel Moreno Computer Security Lab (COSEC) at UC3M - CVE-2022-2165: Insufficient data validation in URL formatting. Reported by Rayyan Bijoora * debian/patches: - upstream/dawn-version-fix.patch: drop merged upstream. - upstream/blink-ftbfs.patch: drop, merged upstream. - upstream/libxml.patch: drop, merged upstream. - upstream/nested-nested-nested-nested-nested-nested-regex-patterns.patch: drop, merged upstream. - upstream/byteswap-constexpr.patch: drop, merged upstream. - bullseye/byteswap-constexpr2.patch: sys_byteswap.h moved directories. - disable/angle-perftests.patch: simple refresh. - disable/catapult.patch: simple refresh. - bullseye/clang11.patch: minor update for some code dropped upstream. - system/openjpeg.patch: update for libopenjp2-7-dev's 2.4 -> 2.5 path change. clamav (0.103.7+dfsg-0+deb11u1) bullseye; urgency=medium . * Import 0.103.7 - Update symbol file. clamav (0.103.6+dfsg-1) unstable; urgency=medium . * Import 0.103.6 - CVE-2022-20770 (Possible infinite loop vulnerability in the CHM file parser). - CVE-2022-20796 (Possible NULL-pointer dereference crash in the scan verdict cache check). - CVE-2022-20771 (Possible infinite loop vulnerability in the TIFF file parser). - CVE-2022-20785 (Possible memory leak in the HTML file parser/ Javascript normalizer). - CVE-2022-20792 (Possible multi-byte heap buffer overflow write vulnerability in the signature database load module. - Update symbol file. commons-daemon (1.0.15-8+deb11u1) bullseye; urgency=medium . * Non-maintainer upload. * Apply patch from Graeme Vetterlein to find current OpenJDK. (Closes: #935336) commons-daemon (1.0.15-8+deb10u1) buster; urgency=medium . * Non-maintainer upload. * Apply patch from unstable to fix JVM detection. (Closes: #935336) curl (7.74.0-1.3+deb11u3) bullseye; urgency=medium . * cookie: reject cookies with "control bytes" (CVE-2022-35252) (Closes: #1018831) * test8: verify that "ctrl-byte cookies" are ignored curl (7.74.0-1.3+deb11u2) bullseye-security; urgency=high . * Non-maintainer upload. * CVE-2021-22898: curl suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server, resulting in potentially revealing sensitive internal information to the server using a clear-text network protocol. * CVE-2021-22924: libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn't include the 'issuer cert' which a transfer can setto qualify how to verify the server certificate. * CVE-2021-22945: When sending data to an MQTT server, libcurl could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*. * CVE-2021-22946: A user can tell curl to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response. This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network. * CVE-2021-22947: When curl connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. curl would then upgrade to TLS but not flush the in-queue of cached responses but instead continue using and trustingthe responses it got *before* the TLS handshake as if they were authenticated.Using this flaw, it allows a Man-In-The-Middle attacker to first inject the fake responses, then pass-through the TLS traffic from the legitimate server and trick curl into sending data back to the user thinking the attacker's injected data comes from the TLS-protected server. * CVE-2022-22576: An improper authentication vulnerability exists in curl which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only). * CVE-2022-27774: An insufficiently protected credentials vulnerability exists in curl that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers. * CVE-2022-27775: An information disclosure vulnerability exists in curl. By using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead. * CVE-2022-27776: A insufficiently protected credentials vulnerability in curl might leak authentication or cookie header data on HTTP redirects to the same host but another port number. * CVE-2022-27781: libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation. * CVE-2022-27782: libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily. * CVE-2022-32205: A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error. This denial state might remain for as long as the same cookies are kept, match and haven't expired. Due to cookie matching rules, a server on `foo.example.com` can set cookies that also would match for `bar.example.com`, making it it possible for a "sister server" to effectively cause a denial of service for a sibling site on the same second level domain using this method. * CVE-2022-32206: curl supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors. * CVE-2022-32207: When curl saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended. * CVE-2022-32208: When curl does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client. dbus-broker (26-1+deb11u2) bullseye; urgency=medium . * Backport patch to fix assertion failure when disconnecting peer groups * Backport patch to fix memory leak * Backport patches to fix null pointer dereference (CVE-2022-31213) debian-installer (20210731+deb11u5) bullseye; urgency=medium . * Bump Linux kernel ABI to 5.10.0-18. debian-installer-netboot-images (20210731+deb11u5) bullseye; urgency=medium . * Update to 20210731+deb11u5, from bullseye-proposed-updates. debian-security-support (1:11+2022.08.23) bullseye; urgency=medium . * Update security-support-limited from 1:12+2022.08.19 from unstable, - add khtml. Closes: #1004293. - add openjdk-17 and point to the bullseye release notes (as discussed in #975016). - for golang, point to the bullseye manual instead the buster one. - drop mozjs52 and mozjs60 as they were only present in buster. - drop libv8-3.14, mozjs, mozjs24, swftools and webkitgtk as they were only present in stretch and earlier. debootstrap (1.0.123+deb11u1) bullseye; urgency=medium . * Non-maintainer upload. * setup_merged_usr: create skip flag when merged-usr is disabled on bookworm+ * Add usr-is-merged to the required set on testing/unstable dlt-daemon (2.18.6-1+deb11u1) bullseye; urgency=medium . * Non-maintainer upload. * CVE-2022-31291: Double free in dlt_config_file_set_section(). (Closes: #1014534) dnsproxy (1.16-0.1+deb11u1) bullseye; urgency=medium . * debian/dnsproxy.conf: Change the default listening IP address to localhost. This address is used by the daemon to bind a UDP port when it starts. Currently, the default listening address is "192.168.168.1", and if this address is not available on the machine, this will cause a dpkg error when trying to install dnsproxy. Thanks to Marco d'Itri (Closes: #802918). dovecot (1:2.3.13+dfsg1-2+deb11u1) bullseye; urgency=medium . * [4b5dac8] d/patches: cherry-pick fix for CVE-2022-30550 (Closes: #1016351) * [597ba7f] salsa-ci: build with bullseye dpdk (20.11.6-1~deb11u1) bullseye-security; urgency=high . [ Henning Schild ] * dpdk: add Depends: procps . [ Luca Boccassi ] * New upstream release 20.11.6; for a full list of changes see: http://doc.dpdk.org/guides-20.11/rel_notes/release_20_11.html Fixes CVE-2022-2132 and CVE-2022-28199. dpdk (20.11.5-1) unstable; urgency=medium . * New upstream release 20.11.5; for a full list of changes see: http://doc.dpdk.org/guides-20.11/rel_notes/release_20_11.html * Drop config-ppc-fix-build-with-GCC-10.patch, merged upstream * librte-ethdev21.symbols: add new internal symbol dpkg (1.20.12) bullseye; urgency=medium . [ Guillem Jover ] * dpkg: Fix conffile removal-on-upgrade handling. Closes: #995387 * dpkg: Fix memory leak in remove-on-upgrade handling. * dpkg-fsys-usrunmess: Move forced reconfiguration to the last step. See #991190. * dpkg-fsys-usrunmess: Install a local policy-rc.d to ignore service restarts. Closes: #991190 * dpkg-fsys-usrunmess: Do not fail when removing lingering directories. * dpkg-fsys-usrunmess: Fix typo in debug message. * dpkg-fsys-usrunmess: Explicitly set user/group and mode for created dirs. Closes: #1008478 * dpkg-fsys-usrunmess: Set a known umask before starting. See #1008478. * dpkg-fsys-usrunmess: Special case untracked kernel module files. Closes: #1008316 * dpkg-fsys-usrunmess: Handle /lib/modules itself also being untracked. Closes: #1008764 * Architecture support: - Add support for ARCv2 CPU. Based on a patch by Alexey Brodkin . Closes: #980963 * Perl modules: - Dpkg::Shlibs::Objdump: Fix apply_relocations to work with versioned symbols. Closes: #1000421 * Localization: - Fix missing newline in Dutch man pages translation. epiphany-browser (3.38.2-1+deb11u3) bullseye-security; urgency=medium . * CVE-2022-29536: buffer overflow write on pages with a long title, when shortening it and adding ellipsis (Closes: #1009959). fig2dev (1:3.2.8-3+deb11u1) bullseye; urgency=medium . * Rebuild testsuite during build and in autopkgtest. * 34_epsimport: Stop misplacement of embedded eps images. * Adapt salsa CI pipeline to bullseye release. * 35_CVE-2021-37529: Allow long names for non-existing images. * 36_CVE-2021-37530: Avoid a segfault for non-existing image names. firefox-esr (91.13.0esr-1~deb11u1) bullseye-security; urgency=medium . * New upstream release. * Fixes for mfsa2022-35, also known as: CVE-2022-38472, CVE-2022-38473, CVE-2022-38478. firefox-esr (91.12.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2022-29, also known as: CVE-2022-36319, CVE-2022-36318. firefox-esr (91.12.0esr-1~deb11u1) bullseye-security; urgency=medium . * New upstream release. * Fixes for mfsa2022-29, also known as: CVE-2022-36319, CVE-2022-36318. firefox-esr (91.12.0esr-1~deb10u1) buster-security; urgency=medium . * New upstream release. * Fixes for mfsa2022-29, also known as: CVE-2022-36319, CVE-2022-36318. firefox-esr (91.11.0esr-1) unstable; urgency=medium . * New upstream release. * Fixes for mfsa2022-25, also known as: CVE-2022-34479, CVE-2022-34470, CVE-2022-34468, CVE-2022-34481, CVE-2022-31744, CVE-2022-34472, CVE-2022-2200, CVE-2022-34484. . * build/moz.configure/bindgen.configure, gfx/webrender_bindings/webrender_ffi.h: Work around build failure with newer cbindgen. bz#1773259 foxtrotgps (1.2.2+bzr331-1~deb11u1) bullseye; urgency=medium . * Non-maintainer upload. * Rebuild for bullseye. . foxtrotgps (1.2.2+bzr331-1) unstable; urgency=medium . * New upstream snapshot. - Fixes crash due to not unreferencing threads (see LP#1876744) gif2apng (1.9+srconly-3+deb11u1) bullseye; urgency=medium . * Non-maintainer upload. * CVE-2021-45909, Closes: #1002668: heap based buffer overflow in the DecodeLZW * CVE-2021-45910, Closes: #1002667: heap-based buffer overflow within the main function * CVE-2021-45911, Closes: #1002687: heap based buffer overflow in processing of delays in the main function glibc (2.31-13+deb11u4) bullseye; urgency=medium . [ Aurelien Jarno ] * debian/debhelper.in/libc-dev.NEWS: New file to explain how to update programs to use the TI-RPC library instead of the Sun RPC one. Closes: #1014735. * debian/patches/git-updates.diff: update from upstream stable branch: - Fix an off-by-one buffer overflow/underflow in getcwd() (CVE-2021-3999). - Fix an overflow bug in the SSE2 and AVX2 implementations of wmemchr. - Fix an overflow bug in the SSE4.1 and AVX2 implementations of wcslen and wcsncat. - Fix an overflow bug in the AVX2 and EVEX implementation of wcsncmp. - Add a few EVEX optimized string functions to fix a performance issue (up to 40%) with Skylake-X processors. - Make grantpt usable after multi-threaded fork. Closes: #1015740. - debian/patches/hurd-i386/git-posix_openpt.diff: rebase. * debian/rules.d/build.mk: pass --with-default-link=no to configure to ensure that libio vtable protection is enabled. gnutls28 (3.7.1-5+deb11u2) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix double free during gnutls_pkcs7_verify (CVE-2022-2509) golang-github-pkg-term (1.1.0-4~deb11u1) bullseye; urgency=medium . * Non-maintainer upload. * Rebuild for bullseye. . golang-github-pkg-term (1.1.0-4) unstable; urgency=medium . * Team Upload . [ Aloïs Micard ] * d/control: - Update my uploader email. - Bump Standards-Version. . [ Stephen Gelman ] * Fix building on newer linux kernels (Closes: #1002231) gri (2.12.27-1.1~deb11u1) bullseye; urgency=medium . * Non-maintainer upload. * Rebuild for bullseye. . gri (2.12.27-1.1) unstable; urgency=medium . * Non-maintainer upload. * Use ps2pdf instead of convert for converting from ps to pdf. (Closes: #991057) grub-efi-amd64-signed (1+2.06+3~deb11u1) bullseye; urgency=medium . * Update to grub2 2.06-3~deb11u1 grub-efi-amd64-signed (1+2.06+3~deb10u1) buster; urgency=medium . * Update to grub2 2.06-3~deb10u1 grub-efi-amd64-signed (1+2.06+2) unstable; urgency=medium . * Update to grub2 2.06-2 grub-efi-arm64-signed (1+2.06+3~deb11u1) bullseye; urgency=medium . * Update to grub2 2.06-3~deb11u1 grub-efi-arm64-signed (1+2.06+3~deb10u1) buster; urgency=medium . * Update to grub2 2.06-3~deb10u1 grub-efi-arm64-signed (1+2.06+2) unstable; urgency=medium . * Update to grub2 2.06-2 grub-efi-ia32-signed (1+2.06+3~deb11u1) bullseye; urgency=medium . * Update to grub2 2.06-3~deb11u1 grub-efi-ia32-signed (1+2.06+3~deb10u1) buster; urgency=medium . * Update to grub2 2.06-3~deb10u1 grub-efi-ia32-signed (1+2.06+2) unstable; urgency=medium . * Update to grub2 2.06-2 grub2 (2.06-3~deb11u1) bullseye; urgency=medium . [ Steve McIntyre ] * Rebuild for bullseye. * Updated the 2.06-3 changelog to mention closure of CVE-2022-28736 * Re-enable os-prober by default, don't make that change in a stable update. grub2 (2.06-3~deb10u1) buster; urgency=medium . [ Steve McIntyre ] * Switch to upstream 2.06 release, and rebuild for buster. - Tweak build-deps etc. for the rebuild. * Updated the 2.06-3 changelog to mention closure of CVE-2022-28736 * Re-enable os-prober by default, don't make that change in a stable update. grub2 (2.06-2) unstable; urgency=medium . * Update to minilzo-2.10, fixing build failures on armel, mips64el, mipsel, and ppc64el. grub2 (2.06-1) unstable; urgency=medium . * Use "command -v" in maintainer scripts rather than "which". * New upstream release. - Switch to the upstream shim_lock verifier, dropping several more manual checks for UEFI Secure Boot. * Cherry-pick from upstream: - fs/xfs: Fix unreadable filesystem with v4 superblock - tests/ahci: Change "ide-drive" deprecated QEMU device name to "ide-hd" (closes: #997100) * Remove dir_to_symlink maintainer script code, which was only needed for upgrades from before jessie. gsasl (1.10.0-4+deb11u1) bullseye-security; urgency=medium . * 01-fix-gssapi-server-oob.patch: Add to fix OOB in GSS-API server code. * debian/patches/series: Update. gst-plugins-good1.0 (1.18.4-2+deb11u1) bullseye-security; urgency=medium . * debian/patches/0001-avidemux-Fix-integer-overflow-resulting-in-heap-corr.patch: + Fix heap-based buffer overflow in the avi demuxer when handling certain AVI files (CVE-2022-1921). * debian/patches/0001-matroskademux-Avoid-integer-overflow-resulting-in-he.patch: + Fix potential heap overwrite in the mkv demuxer when handling certain Matroska files (CVE-2022-1920). * debian/patches/0001-qtdemux-Fix-integer-overflows-in-zlib-decompression-.patch: + Fix potential heap overwrite in the qt demuxer when handling certain QuickTime/MP4 files (CVE-2022-2122). * debian/patches/0001-matroskademux-Fix-integer-overflows-in-zlib-bz2-etc-.patch: + Fix potential heap overwrite in the mkv demuxer when handling certain Matroska/WebM files (CVE-2022-1922, CVE-2022-1923, CVE-2022-1924, CVE-2022-1925). http-parser (2.9.4-4+deb11u1) bullseye; urgency=medium . * unset F_CHUNKED on new Transfer-Encoding. Closes: #1016690 [CVE-2020-8287] ifenslave (2.13~deb11u1) bullseye; urgency=medium . * Rebuild for bullseye * Revert "Bump Standards-Version to 4.6.0 (no changed needed)" . ifenslave (2.13) unstable; urgency=medium . * QA upload. . [ Guillem Jover ] * Fix MAC address setting messed up by udev for bond interfaces. (Closes: #949062) * Use ifquery instead of example contrib script ifstate. (Closes: #991930) * Fix ifquery redirections. * Bump Standards-Version to 4.6.0 (no changed needed). * Remove long supported Linux version requirements from Description. . [ Sami Haahtinen ] * Use correct argument in setup_slave_device(). (Closes: #968368) . [ Oleander Reis ] * Handle slave definitions of interfaces with no bond settings. (Closes: #990428) * Delete bond interfaces on ifdown -a. (Closes: #992102) inetutils (2:2.0-1+deb11u1) bullseye; urgency=medium . * telnet: Add checks for option reply parsing limits causing buffer overflow induced crashes due to long option values. Fixes CVE-2019-0053. Closes: #945861 * Add patch from upstream to fix infinite loop causing a stack exhaustion induced crash in telnet client due to malicious server commands. Closes: #945861 * Fix inetutils-ftp security bug trusting FTP PASV responses. Fixes CVE-2021-40491. Closes: #993476 * Fix remote DoS vulnerability in inetutils-telnetd, caused by a crash by a NULL pointer dereference when sending the byte sequences «0xff 0xf7» or «0xff 0xf8». Found by Pierre Kim and Alexandre Torres. Patch adapted by Erik Auerswald . Fixes CVE-2022-39028. intel-microcode (3.20220510.1~deb11u1) bullseye-security; urgency=medium . * Backport to Debian bullseye (no relevant changes) * Update upstream changelog with INTEL-00615 information * Mitigates INTEL-00615: CVE-2022-21151, CVE-2022-21166, CVE-2022-21127, CVE-2022-21125, CVE-2022-21123 . intel-microcode (3.20220510.1) unstable; urgency=medium . * New upstream microcode datafile 20220510 * Fixes INTEL-SA-000617, CVE-2022-21151: Processor optimization removal or modification of security-critical code may allow an authenticated user to potentially enable information disclosure via local access (closes: #1010947) * Fixes several errata (functional issues) on Xeon Scalable, Atom C3000, Atom E3900 * New Microcodes: sig 0x00090672, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992 sig 0x00090675, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992 sig 0x000906a3, pf_mask 0x80, 2022-03-24, rev 0x041c, size 212992 sig 0x000906a4, pf_mask 0x80, 2022-03-24, rev 0x041c, size 212992 sig 0x000b06f2, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992 sig 0x000b06f5, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992 * Updated Microcodes: sig 0x00030679, pf_mask 0x0f, 2019-07-10, rev 0x090d, size 52224 sig 0x000406e3, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 106496 sig 0x00050653, pf_mask 0x97, 2021-11-13, rev 0x100015d, size 34816 sig 0x00050654, pf_mask 0xb7, 2021-11-13, rev 0x2006d05, size 43008 sig 0x00050656, pf_mask 0xbf, 2021-12-10, rev 0x4003302, size 37888 sig 0x00050657, pf_mask 0xbf, 2021-12-10, rev 0x5003302, size 37888 sig 0x0005065b, pf_mask 0xbf, 2021-11-19, rev 0x7002501, size 29696 sig 0x000506c9, pf_mask 0x03, 2021-11-16, rev 0x0048, size 17408 sig 0x000506e3, pf_mask 0x36, 2021-11-12, rev 0x00f0, size 109568 sig 0x000506f1, pf_mask 0x01, 2021-12-02, rev 0x0038, size 11264 sig 0x000606a6, pf_mask 0x87, 2022-03-30, rev 0xd000363, size 294912 sig 0x000706a1, pf_mask 0x01, 2021-11-22, rev 0x003a, size 75776 sig 0x000706a8, pf_mask 0x01, 2021-11-22, rev 0x001e, size 75776 sig 0x000706e5, pf_mask 0x80, 2022-03-09, rev 0x00b0, size 112640 sig 0x000806a1, pf_mask 0x10, 2022-03-26, rev 0x0031, size 34816 sig 0x000806c1, pf_mask 0x80, 2022-02-01, rev 0x00a4, size 109568 sig 0x000806c2, pf_mask 0xc2, 2021-12-07, rev 0x0026, size 97280 sig 0x000806d1, pf_mask 0xc2, 2021-12-07, rev 0x003e, size 102400 sig 0x000806e9, pf_mask 0x10, 2021-11-12, rev 0x00f0, size 105472 sig 0x000806e9, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 105472 sig 0x000806ea, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 105472 sig 0x000806eb, pf_mask 0xd0, 2021-11-15, rev 0x00f0, size 105472 sig 0x000806ec, pf_mask 0x94, 2021-11-17, rev 0x00f0, size 105472 sig 0x00090661, pf_mask 0x01, 2022-02-03, rev 0x0016, size 20480 sig 0x000906c0, pf_mask 0x01, 2022-02-19, rev 0x24000023, size 20480 sig 0x000906e9, pf_mask 0x2a, 2021-11-12, rev 0x00f0, size 108544 sig 0x000906ea, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 104448 sig 0x000906eb, pf_mask 0x02, 2021-11-12, rev 0x00f0, size 105472 sig 0x000906ec, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 104448 sig 0x000906ed, pf_mask 0x22, 2021-11-16, rev 0x00f0, size 104448 sig 0x000a0652, pf_mask 0x20, 2021-11-16, rev 0x00f0, size 96256 sig 0x000a0653, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 97280 sig 0x000a0655, pf_mask 0x22, 2021-11-16, rev 0x00f0, size 96256 sig 0x000a0660, pf_mask 0x80, 2021-11-15, rev 0x00f0, size 96256 sig 0x000a0661, pf_mask 0x80, 2021-11-16, rev 0x00f0, size 96256 sig 0x000a0671, pf_mask 0x02, 2022-03-09, rev 0x0053, size 103424 * source: update symlinks to reflect id of the latest release, 20220510 . intel-microcode (3.20220419.1) unstable; urgency=medium . * New upstream microcode datafile 20220419 * Fixes errata APLI-11 in Atom E3900 series processors * Updated Microcodes: sig 0x000506ca, pf_mask 0x03, 2021-11-16, rev 0x0028, size 16384 * source: update symlinks to reflect id of the latest release, 20220419 intel-microcode (3.20220510.1~deb10u1) buster-security; urgency=medium . * Backport to Debian buster (no relevant changes) * Update upstream changelog with INTEL-00615 information * Mitigates INTEL-00615: CVE-2022-21151, CVE-2022-21166, CVE-2022-21127, CVE-2022-21125, CVE-2022-21123 . intel-microcode (3.20220510.1) unstable; urgency=medium . * New upstream microcode datafile 20220510 * Fixes INTEL-SA-000617, CVE-2022-21151: Processor optimization removal or modification of security-critical code may allow an authenticated user to potentially enable information disclosure via local access (closes: #1010947) * Fixes several errata (functional issues) on Xeon Scalable, Atom C3000, Atom E3900 * New Microcodes: sig 0x00090672, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992 sig 0x00090675, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992 sig 0x000906a3, pf_mask 0x80, 2022-03-24, rev 0x041c, size 212992 sig 0x000906a4, pf_mask 0x80, 2022-03-24, rev 0x041c, size 212992 sig 0x000b06f2, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992 sig 0x000b06f5, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992 * Updated Microcodes: sig 0x00030679, pf_mask 0x0f, 2019-07-10, rev 0x090d, size 52224 sig 0x000406e3, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 106496 sig 0x00050653, pf_mask 0x97, 2021-11-13, rev 0x100015d, size 34816 sig 0x00050654, pf_mask 0xb7, 2021-11-13, rev 0x2006d05, size 43008 sig 0x00050656, pf_mask 0xbf, 2021-12-10, rev 0x4003302, size 37888 sig 0x00050657, pf_mask 0xbf, 2021-12-10, rev 0x5003302, size 37888 sig 0x0005065b, pf_mask 0xbf, 2021-11-19, rev 0x7002501, size 29696 sig 0x000506c9, pf_mask 0x03, 2021-11-16, rev 0x0048, size 17408 sig 0x000506e3, pf_mask 0x36, 2021-11-12, rev 0x00f0, size 109568 sig 0x000506f1, pf_mask 0x01, 2021-12-02, rev 0x0038, size 11264 sig 0x000606a6, pf_mask 0x87, 2022-03-30, rev 0xd000363, size 294912 sig 0x000706a1, pf_mask 0x01, 2021-11-22, rev 0x003a, size 75776 sig 0x000706a8, pf_mask 0x01, 2021-11-22, rev 0x001e, size 75776 sig 0x000706e5, pf_mask 0x80, 2022-03-09, rev 0x00b0, size 112640 sig 0x000806a1, pf_mask 0x10, 2022-03-26, rev 0x0031, size 34816 sig 0x000806c1, pf_mask 0x80, 2022-02-01, rev 0x00a4, size 109568 sig 0x000806c2, pf_mask 0xc2, 2021-12-07, rev 0x0026, size 97280 sig 0x000806d1, pf_mask 0xc2, 2021-12-07, rev 0x003e, size 102400 sig 0x000806e9, pf_mask 0x10, 2021-11-12, rev 0x00f0, size 105472 sig 0x000806e9, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 105472 sig 0x000806ea, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 105472 sig 0x000806eb, pf_mask 0xd0, 2021-11-15, rev 0x00f0, size 105472 sig 0x000806ec, pf_mask 0x94, 2021-11-17, rev 0x00f0, size 105472 sig 0x00090661, pf_mask 0x01, 2022-02-03, rev 0x0016, size 20480 sig 0x000906c0, pf_mask 0x01, 2022-02-19, rev 0x24000023, size 20480 sig 0x000906e9, pf_mask 0x2a, 2021-11-12, rev 0x00f0, size 108544 sig 0x000906ea, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 104448 sig 0x000906eb, pf_mask 0x02, 2021-11-12, rev 0x00f0, size 105472 sig 0x000906ec, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 104448 sig 0x000906ed, pf_mask 0x22, 2021-11-16, rev 0x00f0, size 104448 sig 0x000a0652, pf_mask 0x20, 2021-11-16, rev 0x00f0, size 96256 sig 0x000a0653, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 97280 sig 0x000a0655, pf_mask 0x22, 2021-11-16, rev 0x00f0, size 96256 sig 0x000a0660, pf_mask 0x80, 2021-11-15, rev 0x00f0, size 96256 sig 0x000a0661, pf_mask 0x80, 2021-11-16, rev 0x00f0, size 96256 sig 0x000a0671, pf_mask 0x02, 2022-03-09, rev 0x0053, size 103424 * source: update symlinks to reflect id of the latest release, 20220510 . intel-microcode (3.20220419.1) unstable; urgency=medium . * New upstream microcode datafile 20220419 * Fixes errata APLI-11 in Atom E3900 series processors * Updated Microcodes: sig 0x000506ca, pf_mask 0x03, 2021-11-16, rev 0x0028, size 16384 * source: update symlinks to reflect id of the latest release, 20220419 intel-microcode (3.20220207.1) unstable; urgency=medium . * upstream changelog: new upstream datafile 20220207 * Mitigates (*only* when loaded from UEFI firmware through the FIT) CVE-2021-0146, INTEL-SA-00528: VT-d privilege escalation through debug port, on Pentium, Celeron and Atom processors with signatures 0x506c9, 0x506ca, 0x506f1, 0x706a1, 0x706a8 https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/57#issuecomment-1036363145 * Mitigates CVE-2021-0127, INTEL-SA-00532: an unexpected code breakpoint may cause a system hang, on many processors. * Mitigates CVE-2021-0145, INTEL-SA-00561: information disclosure due to improper sanitization of shared resources (fast-store forward predictor), on many processors. * Mitigates CVE-2021-33120, INTEL-SA-00589: out-of-bounds read on some Atom Processors may allow information disclosure or denial of service via network access. * Fixes critical errata (functional issues) on many processors * Adds a MSR switch to enable RAPL filtering (default off, once enabled it can only be disabled by poweroff or reboot). Useful to protect SGX and other threads from side-channel info leak. Improves the mitigation for CVE-2020-8694, CVE-2020-8695, INTEL-SA-00389 on many processors. * Disables TSX in more processor models. * Fixes issue with WBINDV on multi-socket (server) systems which could cause resets and unpredictable system behavior. * Adds a MSR switch to 10th and 11th-gen (Ice Lake, Tiger Lake, Rocket Lake) processors, to control a fix for (hopefully rare) unpredictable processor behavior when HyperThreading is enabled. This MSR switch is enabled by default on *server* processors. On other processors, it needs to be explicitly enabled by an updated UEFI/BIOS (with added configuration logic). An updated operating system kernel might also be able to enable it. When enabled, this fix can impact performance. * Updated Microcodes: sig 0x000306f2, pf_mask 0x6f, 2021-08-11, rev 0x0049, size 38912 sig 0x000306f4, pf_mask 0x80, 2021-05-24, rev 0x001a, size 23552 sig 0x000406e3, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 105472 sig 0x00050653, pf_mask 0x97, 2021-05-26, rev 0x100015c, size 34816 sig 0x00050654, pf_mask 0xb7, 2021-06-16, rev 0x2006c0a, size 43008 sig 0x00050656, pf_mask 0xbf, 2021-08-13, rev 0x400320a, size 35840 sig 0x00050657, pf_mask 0xbf, 2021-08-13, rev 0x500320a, size 36864 sig 0x0005065b, pf_mask 0xbf, 2021-06-04, rev 0x7002402, size 28672 sig 0x00050663, pf_mask 0x10, 2021-06-12, rev 0x700001c, size 28672 sig 0x00050664, pf_mask 0x10, 2021-06-12, rev 0xf00001a, size 27648 sig 0x00050665, pf_mask 0x10, 2021-09-18, rev 0xe000014, size 23552 sig 0x000506c9, pf_mask 0x03, 2021-05-10, rev 0x0046, size 17408 sig 0x000506ca, pf_mask 0x03, 2021-05-10, rev 0x0024, size 16384 sig 0x000506e3, pf_mask 0x36, 2021-04-29, rev 0x00ec, size 108544 sig 0x000506f1, pf_mask 0x01, 2021-05-10, rev 0x0036, size 11264 sig 0x000606a6, pf_mask 0x87, 2021-12-03, rev 0xd000331, size 291840 sig 0x000706a1, pf_mask 0x01, 2021-05-10, rev 0x0038, size 74752 sig 0x000706a8, pf_mask 0x01, 2021-05-10, rev 0x001c, size 75776 sig 0x000706e5, pf_mask 0x80, 2021-05-26, rev 0x00a8, size 110592 sig 0x000806a1, pf_mask 0x10, 2021-09-02, rev 0x002d, size 34816 sig 0x000806c1, pf_mask 0x80, 2021-08-06, rev 0x009a, size 109568 sig 0x000806c2, pf_mask 0xc2, 2021-07-16, rev 0x0022, size 96256 sig 0x000806d1, pf_mask 0xc2, 2021-07-16, rev 0x003c, size 101376 sig 0x000806e9, pf_mask 0x10, 2021-04-28, rev 0x00ec, size 104448 sig 0x000806e9, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 104448 sig 0x000806ea, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 103424 sig 0x000806eb, pf_mask 0xd0, 2021-04-28, rev 0x00ec, size 104448 sig 0x000806ec, pf_mask 0x94, 2021-04-28, rev 0x00ec, size 104448 sig 0x00090661, pf_mask 0x01, 2021-09-21, rev 0x0015, size 20480 sig 0x000906c0, pf_mask 0x01, 2021-08-09, rev 0x2400001f, size 20480 sig 0x000906e9, pf_mask 0x2a, 2021-04-29, rev 0x00ec, size 106496 sig 0x000906ea, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 102400 sig 0x000906eb, pf_mask 0x02, 2021-04-28, rev 0x00ec, size 104448 sig 0x000906ec, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424 sig 0x000906ed, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424 sig 0x000a0652, pf_mask 0x20, 2021-04-28, rev 0x00ec, size 93184 sig 0x000a0653, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 94208 sig 0x000a0655, pf_mask 0x22, 2021-04-28, rev 0x00ee, size 94208 sig 0x000a0660, pf_mask 0x80, 2021-04-28, rev 0x00ea, size 94208 sig 0x000a0661, pf_mask 0x80, 2021-04-29, rev 0x00ec, size 93184 sig 0x000a0671, pf_mask 0x02, 2021-08-29, rev 0x0050, size 102400 * Removed Microcodes: sig 0x00080664, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 sig 0x00080665, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 * update .gitignore and debian/.gitignore. Add some missing items from .gitignore and debian/.gitignore. * ucode-blacklist: do not late-load 0x406e3 and 0x506e3. When the BIOS microcode is older than revision 0x7f (and perhaps in some other cases as well), the latest microcode updates for 0x406e3 and 0x506e3 must be applied using the early update method. Otherwise, the system might hang. Also: there must not be any other intermediate microcode update attempts [other than the one done by the BIOS itself], either. It must go from the BIOS microcode update directly to the latest microcode update. * source: update symlinks to reflect id of the latest release, 20220207 jetty9 (9.4.39-3+deb11u1) bullseye-security; urgency=high . * Team upload. * Fix CVE-2022-2047: In Eclipse Jetty the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. This can lead to failures in a Proxy scenario. * Fix CVE-2022-2048: In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no enough resources left to process good requests. kicad (5.1.9+dfsg1-1+deb11u1) bullseye-security; urgency=medium . * Non-maintainer upload by the Security Team. * Security Updates: - CVE-2022-23803, CVE-2022-23804, CVE-2022-23946, CVE-2022-23947: Resolve buffer overflows in the Gerber Viewer. An attacker could provide a malicious Gerber or excellon file to trigger to cause code execution on opening the file. knot (3.0.5-1+deb11u1) bullseye; urgency=medium . [ Daniel Gröber ] * d/patches: Add patch fixing IXFR to AXFR fallback with dnsmasq (Closes: #995576) krb5 (1.18.3-6+deb11u2) bullseye; urgency=medium . * Use SHA256 as Pkinit CMS Digest, Closes: #1017995 ldap-account-manager (8.0.1-0+deb11u1) bullseye-security; urgency=high . * new upstream release . ldap-account-manager (8.0-1) unstable; urgency=medium . * new upstream release * Unauthenticated Arbitrary Object Instantiation / Unauthenticated Remote Code Execution (GHSA-r387-grjx-qgvw, CVE-2022-31084) * Incorrect Default Permissions (GHSA-q8g5-45m4-q95p, CVE-2022-31087) * Incorrect Regular Expressions (GHSA-q9pc-x84w-982x, CVE-2022-31086) * Unauthenticated LDAP Injection (GHSA-wxf8-9x99-6gp4, CVE-2022-31088) * Reflected XSS (Internet Explorer only) (GHSA-6m3q-5c84-6h6j, CVE-2022-31085) . ldap-account-manager (7.9.1-1) unstable; urgency=medium . * new upstream release * Fix CVE-2022-24851 . ldap-account-manager (7.9-1) unstable; urgency=medium . * new upstream release * Fix "FTBFS: error: unknown option '--skip-rebase'" by checking if argument is supported (Closes: #1005424) * Fix "ldap-account-manager.postinst uses a2query without requiring apache2 package" by adding sanity checks (Closes: #1006232) . ldap-account-manager (7.8-1) unstable; urgency=medium . * new upstream release . ldap-account-manager (7.7-1) unstable; urgency=medium . * new upstream release . ldap-account-manager (7.6-1) unstable; urgency=medium . * new upstream release * Fix "[src:ldap-account-manager] ldap-account-manager: embedded copy of normalize.css" by switching to https://github.com/csstools/normalize.css (Closes: #898787) . ldap-account-manager (7.5-1) unstable; urgency=medium . * new upstream release * Fix "node-uglify is deprecated in favor of uglifyjs" by using uglifyjs (Closes: #979896) ldap-account-manager (7.9.1-1) unstable; urgency=medium . * new upstream release * Fix CVE-2022-24851 ldap-account-manager (7.9-1) unstable; urgency=medium . * new upstream release * Fix "FTBFS: error: unknown option '--skip-rebase'" by checking if argument is supported (Closes: #1005424) * Fix "ldap-account-manager.postinst uses a2query without requiring apache2 package" by adding sanity checks (Closes: #1006232) . ldap-account-manager (7.8-1) unstable; urgency=medium . * new upstream release ldap-account-manager (7.7-1) unstable; urgency=medium . * new upstream release . ldap-account-manager (7.6-1) unstable; urgency=medium . * new upstream release * Fix "[src:ldap-account-manager] ldap-account-manager: embedded copy of normalize.css" by switching to https://github.com/csstools/normalize.css (Closes: #898787) ldap-account-manager (7.5-1) unstable; urgency=medium . * new upstream release * Fix "node-uglify is deprecated in favor of uglifyjs" by using uglifyjs (Closes: #979896) ldb (2:2.2.3-2~deb11u2) bullseye-security; urgency=medium . * d/control: add myself to Uploaders * ldb-memory-bug-15096-CVE-2022-32745-4.13-v3.patch: only the lib/ldb/* bits from the larger upstream patchset as found at https://bugzilla.samba.org/show_bug.cgi?id=15096 , as part of the fix for CVE-2022-32745 * d/*.symbols*: add new symbols and versions libayatana-appindicator (0.5.5-2+deb11u2) bullseye; urgency=medium . * debian/control: + Amend version for bullseye in dev:pkg dependencies. libayatana-appindicator (0.5.5-2+deb11u1) bullseye; urgency=medium . * debian/: + Provide libappindicator compat files for runtime. This re-adds support for 3rd party apps that have been built against Canonical's libappindicator rather than libayatana-appindicator. (Closes: #996201). * debian/control: + Add missing libayatana-indicator*-dev dependency to dev:pkgs. + Add B:/R: rules so that libayatana-appindicator will finally replace libappindicator. + Add version to B:/R:. Add Provides: field for libappindicator compatibility. (Closes: #996201). libdatetime-timezone-perl (1:2.47-1+2022b) bullseye; urgency=medium . * Update to Olson database version 2022b. This update includes contemporary changes for Chile and Iran. libhttp-daemon-perl (6.12-1+deb11u1) bullseye; urgency=high . * Non-maintainer upload by the ELTS Team. * CVE-2022-31081 (Closes: #1014808) improved Content-Length: handling in HTTP-header libpgjava (42.2.15-1+deb11u1) bullseye-security; urgency=high . * Team upload. * Fix CVE-2022-26520: An attacker (who controls the jdbc URL or properties) can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties. * Fix CVE-2022-21724: The JDBC driver did not verify if certain classes implemented the expected interface before instantiating the class. This can lead to code execution loaded via arbitrary classes. libreoffice (1:7.0.4-4+deb11u3) bullseye; urgency=medium . * debian/patches/fix-e_book_client_connect_direct_sync-sig.diff: as name says (closes: #1016420) libreoffice (1:7.0.4-4+deb11u2) stable; urgency=medium . * debian/patches/hrk-euro.diff: add EUR to .hr i18n; add HRK<->EUR conversion rate to Calc and the Euro Wizard * debian/patches/b0404f80577de9ff69e58390c6f6ef949fdb0139.patch: fix CVE-2021-25636 * debian/patches/0001-CVE-2022-26305-compare-authors-using-Thumbprint.patch, debian/patches/0002-CVE-2022-26307-make-hash-encoding-match-decoding.patch debian/patches/0003-CVE-2022-26306-add-Initialization-Vectors-to-passwor.patch debian/patches/0004-CVE-2022-2630-6-7-add-infobar-to-prompt-to-refresh-t.patch: fix CVE-2022-2630{5,6,7} libtirpc (1.3.1-1+deb11u1) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix DoS vulnerability in libtirpc (CVE-2021-46828) (Closes: #1015873) libxslt (1.1.34-4+deb11u1) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix use-after-free in xsltApplyTemplates (CVE-2021-30560) linux (5.10.140-1) bullseye; urgency=medium . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.137 - Makefile: link with -z noexecstack --no-warn-rwx-segments - [x86] link vdso and boot with -z noexecstack --no-warn-rwx-segments - Revert "pNFS: nfs3_set_ds_client should set NFS_CS_NOPING" - scsi: Revert "scsi: qla2xxx: Fix disk failure to rediscover" - ALSA: bcd2000: Fix a UAF bug on the error path of probing - ALSA: hda/realtek: Add quirk for Clevo NV45PZ - ALSA: hda/realtek: Add quirk for HP Spectre x360 15-eb0xxx - wifi: mac80211_hwsim: fix race condition in pending packet - wifi: mac80211_hwsim: add back erroneously removed cast - wifi: mac80211_hwsim: use 32-bit skb cookie - add barriers to buffer_uptodate and set_buffer_uptodate - HID: wacom: Only report rotation for art pen - HID: wacom: Don't register pad_input for touch switch - [x86] KVM: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending case - [x86] KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending case - [x86] KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 - [s390x] KVM: s390: pv: don't present the ecall interrupt twice - [x86] KVM: nVMX: Let userspace set nVMX MSR to any _host_ supported value - [x86] KVM: x86: Mark TSS busy during LTR emulation _after_ all fault checks - [x86] KVM: x86: Set error code to segment selector on LLDT/LTR non-canonical #GP - [x86] KVM: x86: Tag kvm_mmu_x86_module_init() with __init - mm: Add kvrealloc() - xfs: only set IOMAP_F_SHARED when providing a srcmap to a write - xfs: fix I_DONTCACHE - mm/mremap: hold the rmap lock in write mode when moving page table entries. - ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model - ALSA: hda/cirrus - support for iMac 12,1 model - ALSA: hda/realtek: Add quirk for another Asus K42JZ model - ALSA: hda/realtek: Add a quirk for HP OMEN 15 (8786) mute LED - tty: vt: initialize unicode screen buffer - vfs: Check the truncate maximum size in inode_newsize_ok() - fs: Add missing umask strip in vfs_tmpfile - thermal: sysfs: Fix cooling_device_stats_setup() error code path - fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters - fbcon: Fix accelerated fbdev scrolling while logo is still shown - usbnet: Fix linkwatch use-after-free on disconnect - ovl: drop WARN_ON() dentry is NULL in ovl_encode_fh() - drm/gem: Properly annotate WW context on drm_gem_lock_reservations() error - [arm*] drm/vc4: hdmi: Disable audio if dmas property is present but empty - drm/nouveau: fix another off-by-one in nvbios_addr - drm/nouveau: Don't pm_runtime_put_sync(), only pm_runtime_put_autosuspend() - drm/nouveau/acpi: Don't print error when we get -EINPROGRESS from pm_runtime - drm/amdgpu: Check BO's requested pinning domains against its preferred_domains - iio: light: isl29028: Fix the warning in isl29028_remove() - scsi: sg: Allow waiting for commands to complete on removed device - scsi: qla2xxx: Fix incorrect display of max frame size - scsi: qla2xxx: Zero undefined mailbox IN registers - fuse: limit nsec - [arm64] serial: mvebu-uart: uart2 error bits clearing - md-raid: destroy the bitmap after destroying the thread - md-raid10: fix KASAN warning - PCI: Add defines for normal and subtractive PCI bridges - [powerpc*] powernv: Avoid crashing if rng is NULL - [mips64el,mipsel] cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK - usb: typec: ucsi: Acknowledge the GET_ERROR_STATUS command completion - USB: HCD: Fix URB giveback issue in tasklet function - [arm64,armhf] usb: dwc3: gadget: refactor dwc3_repare_one_trb - [arm64,armhf] usb: dwc3: gadget: fix high speed multiplier setting - netfilter: nf_tables: fix null deref due to zeroed list head - epoll: autoremove wakers even more aggressively - [x86] Handle idle=nomwait cmdline properly for x86_idle - [arm64] Do not forget syscall when starting a new thread. - [arm64] fix oops in concurrently setting insn_emulation sysctls - genirq: Don't return error on missing optional irq_request_resources() - [mips64el,mipsel] irqchip/mips-gic: Only register IPI domain when SMP is enabled - genirq: GENERIC_IRQ_IPI depends on SMP - [mips64el,mipsel] irqchip/mips-gic: Check the return value of ioremap() in gic_of_init() - wait: Fix __wait_event_hrtimeout for RT/DL tasks - [armhf] OMAP2+: display: Fix refcount leak bug - ACPI: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI quirks - ACPI: EC: Drop the EC_FLAGS_IGNORE_DSDT_GPE quirk - ACPI: PM: save NVS memory for Lenovo G40-45 - ACPI: LPSS: Fix missing check in register_device_clock() - [arm64] dts: allwinner: a64: orangepi-win: Fix LED node name - PM: hibernate: defer device probing when resuming from hibernation - selinux: Add boundary check in put_entry() - [armel,armhf] findbit: fix overflowing offset - [arm64,armhf] meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init - ACPI: processor/idle: Annotate more functions to live in cpuidle section - Input: atmel_mxt_ts - fix up inverted RESET handler - [arm64] soc: amlogic: Fix refcount leak in meson-secure-pwrc.c - [x86] pmem: Fix platform-device leak in error path - [armhf] dts: ast2500-evb: fix board compatible - [armhf] dts: ast2600-evb: fix board compatible - [arm64] cpufeature: Allow different PMU versions in ID_DFR0_EL1 - locking/lockdep: Fix lockdep_init_map_*() confusion - [arm64] soc: fsl: guts: machine variable might be unset - block: fix infinite loop for invalid zone append - [armhf] OMAP2+: Fix refcount leak in omapdss_init_of - [armhf] OMAP2+: Fix refcount leak in omap3xxx_prm_late_init - [arm64] regulator: qcom_smd: Fix pm8916_pldo range - [arm64] ACPI: APEI: Fix _EINJ vs EFI_MEMORY_SP - [arm64] bus: hisi_lpc: fix missing platform_device_put() in hisi_lpc_acpi_probe() - erofs: avoid consecutive detection for Highmem memory - blk-mq: don't create hctx debugfs dir until q->debugfs_dir is created - hwmon: (drivetemp) Add module alias - block: remove the request_queue to argument request based tracepoints - blktrace: Trace remapped requests correctly - regulator: of: Fix refcount leak bug in of_get_regulation_constraints() - nohz/full, sched/rt: Fix missed tick-reenabling bug in dequeue_task_rt() - dm: return early from dm_pr_call() if DM device is suspended - ath10k: do not enforce interrupt trigger type - wifi: rtlwifi: fix error codes in rtl_debugfs_set_write_h2c() - ath11k: fix netdev open race - drm/mipi-dbi: align max_chunk to 2 in spi_transfer - ath11k: Fix incorrect debug_mask mappings - drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers() - virtio-gpu: fix a missing check to avoid NULL dereference - [arm64] drm: adv7511: override i2c address of cec before accessing it - net: fix sk_wmem_schedule() and sk_rmem_schedule() errors - i2c: Fix a potential use after free - media: tw686x: Register the irq at the end of probe - ath9k: fix use-after-free in ath9k_hif_usb_rx_cb (CVE-2022-1679) - wifi: iwlegacy: 4965: fix potential off-by-one overflow in il4965_rs_fill_link_cmd() - drm/radeon: fix incorrrect SPDX-License-Identifiers - [amd64] crypto: ccp - During shutdown, check SEV data pointer before using - [arm64] drm: bridge: adv7511: Add check for mipi_dsi_driver_register - media: hdpvr: fix error value returns in hdpvr_read - [arm64,armhf] media: v4l2-mem2mem: prevent pollerr when last_buffer_dequeued is set - media: tw686x: Fix memory leak in tw686x_video_init - [arm*] drm/vc4: plane: Remove subpixel positioning check - [arm*] drm/vc4: plane: Fix margin calculations for the right/bottom edges - [arm*] drm/vc4: dsi: Correct DSI divider calculations - [arm*] drm/vc4: dsi: Correct pixel order for DSI0 - [arm*] drm/vc4: drv: Remove the DSI pointer in vc4_drv - [arm*] drm/vc4: dsi: Use snprintf for the PHY clocks instead of an array - [arm*] drm/vc4: dsi: Introduce a variant structure - [arm*] drm/vc4: dsi: Register dsi0 as the correct vc4 encoder type - [arm*] drm/vc4: dsi: Fix dsi0 interrupt support - [arm*] drm/vc4: dsi: Add correct stop condition to vc4_dsi_encoder_disable iteration - [arm*] drm/vc4: hdmi: Remove firmware logic for MAI threshold setting - [arm*] drm/vc4: hdmi: Avoid full hdmi audio fifo writes - [arm*] drm/vc4: hdmi: Don't access the connector state in reset if kmalloc fails - [arm*] drm/vc4: hdmi: Limit the BCM2711 to the max without scrambling - [arm*] drm/vc4: hdmi: Fix timings for interlaced modes - [arm*] drm/vc4: hdmi: Correct HDMI timing registers for interlaced modes - [arm64,armhf] drm/rockchip: vop: Don't crash for invalid duplicate_state() - [arm64,armhf] drm/rockchip: Fix an error handling path rockchip_dp_probe() - lib: bitmap: order includes alphabetically - lib: bitmap: provide devm_bitmap_alloc() and devm_bitmap_zalloc() - hinic: Use the bitmap API when applicable - net: hinic: fix bug that ethtool get wrong stats - net: hinic: avoid kernel hung in hinic_get_stats64() - [arm64] drm/msm/mdp5: Fix global state lock backoff - mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg - mediatek: mt76: mac80211: Fix missing of_node_put() in mt76_led_init() - tcp: make retransmitted SKB fit into the send window - bpf: Fix subprog names in stack traces. - fs: check FMODE_LSEEK to control internal pipe splicing - wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi() - [i386] can: pch_can: do not report txerr and rxerr during bus-off - can: sja1000: do not report txerr and rxerr during bus-off - [armhf] can: sun4i_can: do not report txerr and rxerr during bus-off - can: kvaser_usb_hydra: do not report txerr and rxerr during bus-off - can: kvaser_usb_leaf: do not report txerr and rxerr during bus-off - can: usb_8dev: do not report txerr and rxerr during bus-off - can: error: specify the values of data[5..7] of CAN error frames - [i386] can: pch_can: pch_can_error(): initialize errc before using it - Bluetooth: hci_intel: Add check for platform_driver_register - wifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()` - wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue - wifi: libertas: Fix possible refcount leak in if_usb_probe() - [arm64,armhf] media: cedrus: hevc: Add check for invalid timestamp - net/mlx5e: Remove WARN_ON when trying to offload an unsupported TLS cipher/version - net/mlx5e: Fix the value of MLX5E_MAX_RQ_NUM_MTTS - [arm64] crypto: inside-secure - Add missing MODULE_DEVICE_TABLE for of - inet: add READ_ONCE(sk->sk_bound_dev_if) in INET_MATCH() - tcp: sk->sk_bound_dev_if once in inet_request_bound_dev_if() - ipv6: add READ_ONCE(sk->sk_bound_dev_if) in INET6_MATCH() - tcp: Fix data-races around sysctl_tcp_l3mdev_accept. - net: allow unbound socket for packets in VRF when tcp_l3mdev_accept set - iavf: Fix max_rate limiting - net: rose: fix netdev reference changes - dccp: put dccp_qpolicy_full() and dccp_qpolicy_push() in the same lock - wireguard: ratelimiter: use hrtimer in selftest - wireguard: allowedips: don't corrupt stack when detecting overflow - HID: cp2112: prevent a buffer overflow in cp2112_xfer() - mtd: partitions: Fix refcount leak in parse_redboot_of - [arm64,armhf] usb: xhci: tegra: Fix error check - netfilter: xtables: Bring SPDX identifier back - [arm64,armhf] platform/chrome: cros_ec: Always expose last resume result - KVM: Don't set Accessed/Dirty bits for ZERO_PAGE - mwifiex: Ignore BTCOEX events from the 88W8897 firmware - mwifiex: fix sleep in atomic context bugs caused by dev_coredumpv - misc: rtsx: Fix an error handling path in rtsx_pci_probe() - driver core: fix potential deadlock in __driver_attach - usb: host: xhci: use snprintf() in xhci_decode_trb() - [arm64,armhf] PCI: dwc: Add unroll iATU space support to dw_pcie_disable_atu() - [arm64,armhf] PCI: dwc: Always enable CDM check if "snps,enable-cdm-check" exists - soundwire: bus_type: fix remove and shutdown support - [arm64] KVM: arm64: Don't return from void function - [x86] intel_th: Fix a resource leak in an error handling path - [x86] intel_th: msu-sink: Potential dereference of null pointer - [x86] intel_th: msu: Fix vmalloced buffers - [x86] staging: rtl8192u: Fix sleep in atomic context bug in dm_fsync_timer_callback - [arm64] mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch - mmc: block: Add single read for 4k sector cards - [s390x] KVM: s390: pv: leak the topmost page table when destroy fails - PCI/portdrv: Don't disable AER reporting in get_port_device_capability() - [arm64] PCI: qcom: Set up rev 2.1.0 PARF_PHY before enabling clocks - scsi: smartpqi: Fix DMA direction for RAID requests - [armhf] usb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc() - [arm64,armhf] usb: dwc3: core: Deprecate GCTL.CORESOFTRESET - [arm64,armhf] usb: dwc3: core: Do not perform GCTL_CORE_SOFTRESET during bootup - [arm64,armhf] usb: dwc3: qcom: fix missing optional irq warnings - RDMA/qedr: Improve error logs for rdma_alloc_tid error return - RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr() - [arm64] RDMA/hns: Fix incorrect clearing of interrupt status register - [amd64] RDMA/hfi1: fix potential memory leak in setup_base_ctxt() - gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data() - [mips64el,mipsel] mmc: cavium-octeon: Add of_node_put() when breaking out of loop - HID: alps: Declare U1_UNICORN_LEGACY support - USB: serial: fix tty-port initialized comments - [armhf,i386] platform/olpc: Fix uninitialized data in debugfs write - RDMA/srpt: Duplicate port name members - RDMA/srpt: Introduce a reference count in struct srpt_device - RDMA/srpt: Fix a use-after-free - mm/mmap.c: fix missing call to vm_unacct_memory in mmap_region - RDMA/mlx5: Add missing check for return value in get namespace flow - RDMA/rxe: Fix error unwind in rxe_create_qp() - null_blk: fix ida error handling in null_add_dev() - nvme: use command_id instead of req->tag in trace_nvme_complete_rq() - jbd2: fix outstanding credits assert in jbd2_journal_commit_transaction() - ext4: recover csum seed of tmp_inode after migrating to extents - jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted - opp: Fix error check in dev_pm_opp_attach_genpd() - serial: 8250: Export ICR access helpers for internal use - serial: 8250_dw: Store LSR into lsr_saved_flags in dw8250_tx_wait_empty() - profiling: fix shift too large makes kernel panic - tty: n_gsm: Delete gsmtty open SABM frame when config requester - tty: n_gsm: fix user open not possible at responder until initiator open - tty: n_gsm: fix wrong queuing behavior in gsm_dlci_data_output() - tty: n_gsm: fix non flow control frames during mux flow off - tty: n_gsm: fix packet re-transmission without open control channel - tty: n_gsm: fix race condition in gsmld_write() - [arm64] ASoC: qcom: Fix missing of_node_put() in asoc_qcom_lpass_cpu_platform_probe() - vfio: Remove extra put/gets around vfio_device->group - vfio: Simplify the lifetime logic for vfio_device - vfio: Split creation of a vfio_device into init and register ops - tty: n_gsm: fix wrong T1 retry count handling - tty: n_gsm: fix DM command - tty: n_gsm: fix missing corner cases in gsmld_poll() - kfifo: fix kfifo_to_user() return type - lib/smp_processor_id: fix imbalanced instrumentation_end() call - [arm64] mfd: max77620: Fix refcount leak in max77620_initialise_fps - [arm64] iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of loop - [s390x] dump: fix old lowcore virtual vs physical address confusion - fuse: Remove the control interface for virtio-fs - [armhf] ASoC: audio-graph-card: Add of_node_put() in fail path - [arm64] watchdog: armada_37xx_wdt: check the return value of devm_ioremap() in armada_37xx_wdt_probe() - [arm64,armhf] video: fbdev: amba-clcd: Fix refcount leak bugs - video: fbdev: sis: fix typos in SiS_GetModeID() - [powerpc*] pci: Prefer PCI domain assignment via DT 'linux,pci-domain' and alias - f2fs: don't set GC_FAILURE_PIN for background GC - f2fs: write checkpoint during FG_GC - f2fs: fix to remove F2FS_COMPR_FL and tag F2FS_NOCOMP_FL at the same time - [powerpc*] xive: Fix refcount leak in xive_get_max_prio - kprobes: Forbid probing on trampoline and BPF code areas - [powerpc*] pci: Fix PHB numbering when using opal-phbid - sched/deadline: Merge dl_task_can_attach() and dl_cpu_busy() - sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed - [amd64] x86/numa: Use cpumask_available instead of hardcoded NULL check - video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock() - sched: Fix the check of nr_running at queue wakelist - video: fbdev: vt8623fb: Check the size of screen before memset_io() - video: fbdev: arkfb: Check the size of screen before memset_io() - video: fbdev: s3fb: Check the size of screen before memset_io() - [s390x] scsi: zfcp: Fix missing auto port scan and thus missing target ports - scsi: qla2xxx: Fix discovery issues in FC-AL topology - scsi: qla2xxx: Turn off multi-queue for 8G adapters - scsi: qla2xxx: Fix erroneous mailbox timeout after PCI error injection - scsi: qla2xxx: Fix losing FCP-2 targets on long port disable with I/Os - scsi: qla2xxx: Fix losing FCP-2 targets during port perturbation tests - [x86] bugs: Enable STIBP for IBPB mitigated RETBleed - [x86] ftrace/x86: Add back ftrace_expected assignment - __follow_mount_rcu(): verify that mount_lock remains unchanged - spmi: trace: fix stack-out-of-bound access in SPMI tracing functions - [x86] drm/i915/dg1: Update DMC_DEBUG3 register - HID: Ignore battery for Elan touchscreen on HP Spectre X360 15-df0xxx - HID: hid-input: add Surface Go battery quirk - [arm*] drm/vc4: drv: Adopt the dma configuration from the HVS or V3D component - usbnet: smsc95xx: Don't clear read-only PHY interrupt - usbnet: smsc95xx: Avoid link settings race on interrupt reception - [x86] intel_th: pci: Add Meteor Lake-P support - [x86] intel_th: pci: Add Raptor Lake-S PCH support - [x86] intel_th: pci: Add Raptor Lake-S CPU support - [x86] KVM: set_msr_mce: Permit guests to ignore single-bit ECC errors - [x86] KVM: x86: Signal #GP, not -EPERM, on bad WRMSR(MCi_CTL/STATUS) - [amd64] iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE) - PCI/AER: Write AER Capability only when we control it - PCI/ERR: Bind RCEC devices to the Root Port driver - PCI/ERR: Rename reset_link() to reset_subordinates() - PCI/ERR: Simplify by using pci_upstream_bridge() - PCI/ERR: Simplify by computing pci_pcie_type() once - PCI/ERR: Use "bridge" for clarity in pcie_do_recovery() - PCI/ERR: Avoid negated conditional for clarity - PCI/ERR: Add pci_walk_bridge() to pcie_do_recovery() - PCI/ERR: Recover from RCEC AER errors - PCI/AER: Iterate over error counters instead of error strings - serial: 8250: Dissociate 4MHz Titan ports from Oxford ports - serial: 8250: Correct the clock for OxSemi PCIe devices - serial: 8250_pci: Refactor the loop in pci_ite887x_init() - serial: 8250_pci: Replace dev_*() by pci_*() macros - serial: 8250: Fold EndRun device support into OxSemi Tornado code - dm writecache: set a default MAX_WRITEBACK_JOBS - dm thin: fix use-after-free crash in dm_sm_register_threshold_callback - timekeeping: contribute wall clock to rng on time change - btrfs: reject log replay if there is unsupported RO compat flag - btrfs: reset block group chunk force if we have to wait - [amd64,arm64] ACPI: CPPC: Do not prevent CPPC from working in the future - [x86] KVM: VMX: Drop guest CPUID check for VMXE in vmx_set_cr4() - [x86] KVM: VMX: Drop explicit 'nested' check from vmx_set_cr4() - [x86] KVM: SVM: Drop VMXE check from svm_set_cr4() - [x86] KVM: x86: Move vendor CR4 validity check to dedicated kvm_x86_ops hook - [x86] KVM: nVMX: Inject #UD if VMXON is attempted with incompatible CR0/CR4 - [x86] KVM: x86/pmu: preserve IA32_PERF_CAPABILITIES across CPUID refresh - [x86] KVM: x86/pmu: Use binary search to check filtered events - [x86] KVM: x86/pmu: Use different raw event masks for AMD and Intel - [x86] KVM: x86/pmu: Introduce the ctrl_mask value for fixed counter - [x86] KVM: VMX: Mark all PERF_GLOBAL_(OVF)_CTRL bits reserved if there's no vPMU - [x86] KVM: x86/pmu: Ignore pmu->global_ctrl check if vPMU doesn't support global_ctrl - xen-blkback: fix persistent grants negotiation - xen-blkback: Apply 'feature_persistent' parameter when connect - xen-blkfront: Apply 'feature_persistent' parameter when connect - KEYS: asymmetric: enforce SM2 signature use pkey algo - tpm: eventlog: Fix section mismatch for DEBUG_SECTION_MISMATCH - tracing: Use a struct alignof to determine trace event field alignment - ext4: check if directory block is within i_size (CVE-2022-1184) - ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h - ext4: fix warning in ext4_iomap_begin as race between bmap and write - ext4: make sure ext4_append() always allocates new block - ext4: fix use-after-free in ext4_xattr_set_entry - ext4: update s_overhead_clusters in the superblock during an on-line resize - ext4: fix extent status tree race in writeback error recovery path - ext4: correct max_inline_xattr_value_size computing - ext4: correct the misjudgment in ext4_iget_extra_inode - dm raid: fix address sanitizer warning in raid_resume - dm raid: fix address sanitizer warning in raid_status - KVM: Add infrastructure and macro to mark VM as bugged - [x86] KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC irq (CVE-2022-2153) - [x86] KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast() (CVE-2022-2153) - mac80211: fix a memory leak where sta_info is not freed - tcp: fix over estimation in sk_forced_mem_schedule() - Revert "mwifiex: fix sleep in atomic context bugs caused by dev_coredumpv" - [arm*] drm/vc4: change vc4_dma_range_matches from a global to static - Revert "net: usb: ax88179_178a needs FLAG_SEND_ZLP" - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression - [x86] kvm: x86/pmu: Fix the compare function used by the pmu event filter - [arm64] tee: add overflow check in register_shm_helper() - net/9p: Initialize the iounit field during fid creation - net_sched: cls_route: disallow handle of 0 - sched/fair: Fix fault in reweight_entity - btrfs: only write the sectors in the vertical stripe which has data stripes - btrfs: raid56: don't trust any cached sector in __raid56_parity_recover() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.138 - ALSA: info: Fix llseek return value when using callback - ALSA: hda/realtek: Add quirk for Clevo NS50PU, NS70PU - [x86] mm: Use proper mask when setting PUD mapping - rds: add missing barrier to release_refill - ata: libata-eh: Add missing command name - [arm64] mmc: meson-gx: Fix an error handling path in meson_mmc_probe() - btrfs: fix lost error handling when looking up extended ref on log replay - tracing: Have filter accept "common_cpu" to be consistent - ALSA: usb-audio: More comprehensive mixer map for ASUS ROG Zenith II - can: ems_usb: fix clang's -Wunaligned-access warning - apparmor: fix quiet_denied for file rules - apparmor: fix absroot causing audited secids to begin with = - apparmor: Fix failed mount permission check error message - apparmor: fix aa_label_asxprint return check - apparmor: fix setting unconfined mode on a loaded profile - apparmor: fix overlapping attachment computation - apparmor: fix reference count leak in aa_pivotroot() - apparmor: Fix memleak in aa_simple_write_to_buffer() - Documentation: ACPI: EINJ: Fix obsolete example - NFSv4.1: Don't decrease the value of seq_nr_highest_sent - NFSv4.1: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly - NFSv4: Fix races in the legacy idmapper upcall - NFSv4.1: RECLAIM_COMPLETE must handle EACCES - NFSv4/pnfs: Fix a use-after-free bug in open - bpf: Acquire map uref in .init_seq_private for array map iterator - bpf: Acquire map uref in .init_seq_private for hash map iterator - bpf: Acquire map uref in .init_seq_private for sock local storage map iterator - bpf: Acquire map uref in .init_seq_private for sock{map,hash} iterator - bpf: Check the validity of max_rdwr_access for sock local storage map iterator - can: mcp251x: Fix race condition on receive interrupt - [amd64,arm64] net: atlantic: fix aq_vec index out of range error - sunrpc: fix expiry of auth creds - SUNRPC: Reinitialise the backchannel request buffers before reuse - virtio_net: fix memory leak inside XPD_TX with mergeable - devlink: Fix use-after-free after a failed reload - [arm64] pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed - [arm64,armhf] pinctrl: sunxi: Add I/O bias setting for H6 R-PIO - ACPI: property: Return type of acpi_add_nondev_subnodes() should be bool - geneve: do not use RT_TOS for IPv6 flowlabel - ipv6: do not use RT_TOS for IPv6 flowlabel - [x86] plip: avoid rcu debug splat - vsock: Fix memory leak in vsock_connect() - vsock: Set socket state back to SS_UNCONNECTED in vsock_connect_timeout() - dt-bindings: arm: qcom: fix MSM8916 MTP compatibles - dt-bindings: clock: qcom,gcc-msm8996: add more GCC clock sources - ceph: use correct index when encoding client supported features - ceph: don't leak snap_rwsem in handle_cap_grant - nfp: ethtool: fix the display error of `ethtool -m DEVNAME` - xen/xenbus: fix return type in xenbus_file_read() - atm: idt77252: fix use-after-free bugs caused by tst_timer - geneve: fix TOS inheriting for ipv4 - [arm64] dpaa2-eth: trace the allocated address instead of page struct - iavf: Fix adminq error handling - netfilter: nf_tables: really skip inactive sets when allocating name - netfilter: nf_tables: validate NFTA_SET_ELEM_OBJREF based on NFT_SET_OBJECT flag - netfilter: nf_tables: check NFT_SET_CONCAT flag if field_count is specified - [powerpc*] pci: Fix get_phb_number() locking - [arm64,armhf] spi: meson-spicc: add local pow2 clock ops to preserve rate between messages - [arm64,armhf] net: dsa: mv88e6060: prevent crash on an unused port - [arm64] net: dsa: felix: fix ethtool 256-511 and 512-1023 TX packet counters - net: genl: fix error path memory leak in policy dumping - ice: Ignore EEXIST when setting promisc mode - [arm64,armhf] i2c: imx: Make sure to unregister adapter on remove() - regulator: pca9450: Remove restrictions for regulator-name - i40e: Fix to stop tx_timeout recovery if GLOBR fails - [arm64,armhf] fec: Fix timer capture timing in `fec_ptp_enable_pps()` - [x86] stmmac: intel: Add a missing clk_disable_unprepare() call in intel_eth_pci_remove() - igb: Add lock to avoid data race - kbuild: fix the modules order between drivers and libs - locking/atomic: Make test_and_*_bit() ordered on failure - [x86] ASoC: SOF: intel: move sof_intel_dsp_desc() forward - [arm64] drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors() - audit: log nftables configuration change events once per table - netfilter: nftables: add helper function to set the base sequence number - netfilter: add helper function to set up the nfnetlink header and use it - [armhf] drm/sun4i: dsi: Prevent underflow when computing packet sizes - PCI: Add ACS quirk for Broadcom BCM5750x NICs - [arm64,armhf] platform/chrome: cros_ec_proto: don't show MKBP version if unsupported - usb: gadget: uvc: call uvc uvcg_warn on completed status instead of uvcg_info - [arm64,armhf] irqchip/tegra: Fix overflow implicit truncation warnings - [arm64] drm/meson: Fix overflow implicit truncation warnings - [armhf] clk: ti: Stop using legacy clkctrl names for omap4 and 5 - [arm*] usb: dwc2: gadget: remove D+ pull-up while no vbus with usb-role-switch - [x86] vboxguest: Do not use devm for irq - uacce: Handle parent device removal or parent driver module rmmod - zram: do not lookup algorithm in backends table - [arm64] clk: qcom: clk-alpha-pll: fix clk_trion_pll_configure description - scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input - gadgetfs: ep_io - wait until IRQ finishes - [x86] pinctrl: intel: Check against matching data instead of ACPI companion - [powerpc*] cxl: Fix a memory leak in an error handling path - [arm64] PCI/ACPI: Guard ARM64-specific mcfg_quirks - RDMA/rxe: Limit the number of calls to each tasklet - md: Notify sysfs sync_completed in md_reap_sync_thread() - nvmet-tcp: fix lockdep complaint on nvmet_tcp_wq flush during queue teardown - drivers:md:fix a potential use-after-free bug - ext4: avoid remove directory when directory is corrupted - ext4: avoid resizing to a partial cluster size - lib/list_debug.c: Detect uninitialized lists - vfio: Clear the caps->buf to NULL after free - [mips64el,mipsel] cavium-octeon: Fix missing of_node_put() in octeon2_usb_clocks_start - modules: Ensure natural alignment for .altinstructions and __bug_table sections - watchdog: export lockup_detector_reconfigure - ALSA: core: Add async signal helpers - ALSA: timer: Use deferred fasync helper - ALSA: control: Use deferred fasync helper - f2fs: fix to avoid use f2fs_bug_on() in f2fs_new_node_page() - f2fs: fix to do sanity check on segment type in build_sit_entries() - smb3: check xattr value length earlier - [powerpc*] 64: Init jump labels before parse_early_param() - netfilter: nftables: fix a warning message in nf_tables_commit_audit_collect() - netfilter: nf_tables: fix audit memory leak in nf_tables_commit - tracing/probes: Have kprobes and uprobes use $COMM too - can: j1939: j1939_sk_queue_activate_next_locked(): replace WARN_ON_ONCE with netdev_warn_once() - can: j1939: j1939_session_destroy(): fix memory leak of skbs - PCI/ERR: Retain status from error notification - qrtr: Convert qrtr_ports from IDR to XArray - bpf: Fix KASAN use-after-free Read in compute_effective_progs - [arm64] tee: fix memory leak in tee_shm_register() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.139 https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.140 - audit: fix potential double free on error path from fsnotify_add_inode_mark - pinctrl: amd: Don't save/restore interrupt status and wake status bits - xfs: prevent a WARN_ONCE() in xfs_ioc_attr_list() - xfs: reject crazy array sizes being fed to XFS_IOC_GETBMAP* - fs: remove __sync_filesystem - vfs: make sync_filesystem return errors from ->sync_fs - xfs: return errors in xfs_fs_sync_fs - xfs: only bother with sync_filesystem during readonly remount - kernel/sched: Remove dl_boosted flag comment - xfrm: fix refcount leak in __xfrm_policy_check() - xfrm: clone missing x->lastused in xfrm_do_migrate - af_key: Do not call xfrm_probe_algs in parallel (CVE-2022-3028) - xfrm: policy: fix metadata dst->dev xmit null pointer dereference - NFS: Don't allocate nfs_fattr on the stack in __nfs42_ssc_open() - NFSv4.2 fix problems with __nfs42_ssc_open - SUNRPC: RPC level errors should set task->tk_rpc_status - mm/huge_memory.c: use helper function migration_entry_to_page() - mm/smaps: don't access young/dirty bit if pte unpresent - rose: check NULL rose_loopback_neigh->loopback - ice: xsk: Force rings to be sized to power of 2 - ice: xsk: prohibit usage of non-balanced queue id - net/mlx5e: Properly disable vlan strip on non-UL reps - bonding: 802.3ad: fix no transmission of LACPDUs - net: ipvtap - add __init/__exit annotations to module init/exit funcs - netfilter: ebtables: reject blobs that don't provide all entry points - bnxt_en: fix NQ resource accounting during vf creation on 57500 chips - netfilter: nft_payload: report ERANGE for too long offset and length - netfilter: nft_payload: do not truncate csum_offset and csum_type - netfilter: nf_tables: do not leave chain stats enabled on error - netfilter: nft_osf: restrict osf to ipv4, ipv6 and inet families - netfilter: nft_tunnel: restrict it to netdev family - netfilter: nftables: remove redundant assignment of variable err - netfilter: nf_tables: consolidate rule verdict trace call - netfilter: nft_cmp: optimize comparison for 16-bytes - netfilter: bitwise: improve error goto labels - netfilter: nf_tables: upfront validation of data via nft_data_init() - netfilter: nf_tables: disallow jump to implicit chain from set element - netfilter: nf_tables: disallow binding to already bound chain (CVE-2022-39190) - tcp: tweak len/truesize ratio for coalesce candidates - net: Fix data-races around sysctl_[rw]mem(_offset)?. - net: Fix data-races around sysctl_[rw]mem_(max|default). - net: Fix data-races around weight_p and dev_weight_[rt]x_bias. - net: Fix data-races around netdev_max_backlog. - net: Fix data-races around netdev_tstamp_prequeue. - ratelimit: Fix data-races in ___ratelimit(). - bpf: Folding omem_charge() into sk_storage_charge() - net: Fix data-races around sysctl_optmem_max. - net: Fix a data-race around sysctl_tstamp_allow_data. - net: Fix a data-race around sysctl_net_busy_poll. - net: Fix a data-race around sysctl_net_busy_read. - net: Fix a data-race around netdev_budget. - net: Fix a data-race around netdev_budget_usecs. - net: Fix data-races around sysctl_fb_tunnels_only_for_init_net. - net: Fix data-races around sysctl_devconf_inherit_init_net. - net: Fix a data-race around sysctl_somaxconn. - ixgbe: stop resetting SYSTIME in ixgbe_ptp_start_cyclecounter - rxrpc: Fix locking in rxrpc's sendmsg - btrfs: fix silent failure when deleting root reference - btrfs: replace: drop assert for suspended replace - btrfs: add info when mount fails due to stale replace target - btrfs: check if root is readonly while setting security xattr - [x86] perf/x86/lbr: Enable the branch type for the Arch LBR by default - [amd64] x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry - [x86] bugs: Add "unknown" reporting for MMIO Stale Data - loop: Check for overflow while configuring loop - asm-generic: sections: refactor memory_intersects - [s390x] fix double free of GS and RI CBs on fork() failure - [x86] ACPI: processor: Remove freq Qos request for all CPUs - xen/privcmd: fix error exit of privcmd_ioctl_dm_op() - mm/hugetlb: fix hugetlb not supporting softdirty tracking - Revert "md-raid: destroy the bitmap after destroying the thread" - md: call __md_stop_writes in md_stop - [arm64] Fix match_list for erratum 1286807 on Arm Cortex-A76 - Documentation/ABI: Mention retbleed vulnerability info file for sysfs - blk-mq: fix io hung due to missing commit_rqs - [x86] perf/x86/intel/uncore: Fix broken read_counter() for SNB IMC PMU - [x86] scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq - bpf: Don't use tnum_range on array range checking for poke descriptors (CVE-2022-2905) . [ Salvatore Bonaccorso ] * Bump ABI to 18 * certs: Rotate to use the "Debian Secure Boot Signer 2022 - linux" certificate (Closes: #1018752) * [x86] nospec: Unwreck the RSB stuffing * [x86] nospec: Fix i386 RSB stuffing (Closes: #1017425) * mm: Force TLB flush for PFNMAP mappings before unlink_file_vma() (CVE-2022-39188) * Revert "PCI/portdrv: Don't disable AER reporting in get_port_device_capability()" * bpf: Don't redirect packets with invalid pkt_len * mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse * net/af_packet: check len when min_header_len equals to 0 linux (5.10.136-1) bullseye-security; urgency=high . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.128 - MAINTAINERS: add Amir as xfs maintainer for 5.10.y - drm: remove drm_fb_helper_modinit - tick/nohz: unexport __init-annotated tick_nohz_full_setup() - bcache: memset on stack variables in bch_btree_check() and bch_sectors_dirty_init() - xfs: use kmem_cache_free() for kmem_cache objects - xfs: punch out data fork delalloc blocks on COW writeback failure - xfs: Fix the free logic of state in xfs_attr_node_hasname - xfs: remove all COW fork extents when remounting readonly - xfs: check sb_meta_uuid for dabuf buffer recovery - [powerpc*] ftrace: Remove ftrace init tramp once kernel init is complete - [arm64] net: mscc: ocelot: allow unregistered IP multicast flooding https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.129 - drm/amdgpu: To flush tlb for MMHUB of RAVEN series - ipv6: take care of disable_policy when restoring routes - nvme-pci: add NVME_QUIRK_BOGUS_NID for ADATA XPG SX6000LNP (AKA SPECTRIX S40G) - nvdimm: Fix badblocks clear off-by-one error - [powerpc*] bpf: Fix use of user_pt_regs in uapi - dm raid: fix accesses beyond end of raid member array - [s390x] archrandom: simplify back to earlier design and initialize earlier - SUNRPC: Fix READ_PLUS crasher (Closes: #1014793) - net: usb: ax88179_178a: Fix packet receiving - virtio-net: fix race between ndo_open() and virtio_device_ready() - [armhf] net: dsa: bcm_sf2: force pause link settings - net: tun: unlink NAPI from device on destruction - net: tun: stop NAPI when detaching queues - net: dp83822: disable false carrier interrupt - net: dp83822: disable rx error interrupt - RDMA/qedr: Fix reporting QP timeout attribute - RDMA/cm: Fix memory leak in ib_cm_insert_listen - linux/dim: Fix divide by 0 in RDMA DIM - usbnet: fix memory allocation in helpers - net: ipv6: unexport __init-annotated seg6_hmac_net_init() - NFSD: restore EINVAL error translation in nfsd_commit() - netfilter: nft_dynset: restore set element counter when failing to update - net/sched: act_api: Notify user space if any actions were flushed before error - net: bonding: fix possible NULL deref in rlb code - net: bonding: fix use-after-free after 802.3ad slave unbind - tipc: move bc link creation back to tipc_node_create - epic100: fix use after free on rmmod - io_uring: ensure that send/sendmsg and recv/recvmsg check sqe->ioprio - tunnels: do not assume mac header is set in skb_tunnel_check_pmtu() - net: tun: avoid disabling NAPI twice - xfs: use current->journal_info for detecting transaction recursion - xfs: rename variable mp to parsing_mp - xfs: Skip repetitive warnings about mount options - xfs: ensure xfs_errortag_random_default matches XFS_ERRTAG_MAX - xfs: fix xfs_trans slab cache name - xfs: update superblock counters correctly for !lazysbcount - xfs: fix xfs_reflink_unshare usage of filemap_write_and_wait_range - tcp: add a missing nf_reset_ct() in 3WHS handling - xen/gntdev: Avoid blocking in unmap_grant_pages() - [arm64] drivers: cpufreq: Add missing of_node_put() in qoriq-cpufreq.c - sit: use min - ipv6/sit: fix ipip6_tunnel_get_prl return value - hwmon: (ibmaem) don't call platform_device_del() if platform_device_add() fails - net: usb: qmi_wwan: add Telit 0x1060 composition - net: usb: qmi_wwan: add Telit 0x1070 composition https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.130 - mm/slub: add missing TID updates on slab deactivation - ALSA: hda/realtek: Add quirk for Clevo L140PU - can: bcm: use call_rcu() instead of costly synchronize_rcu() - can: gs_usb: gs_usb_open/close(): fix memory leak - bpf: Fix incorrect verifier simulation around jmp32's jeq/jne - bpf: Fix insufficient bounds propagation from adjust_scalar_min_max_vals - usbnet: fix memory leak in error case - netfilter: nft_set_pipapo: release elements in clone from abort path - [amd64] iommu/vt-d: Fix PCI bus rescan device hot add - PM: runtime: Redefine pm_runtime_release_supplier() - memregion: Fix memregion_free() fallback definition - video: of_display_timing.h: include errno.h - [powerpc*] powernv: delay rng platform device creation until later in boot - can: kvaser_usb: replace run-time checks with struct kvaser_usb_driver_info - can: kvaser_usb: kvaser_usb_leaf: fix CAN clock frequency regression - can: kvaser_usb: kvaser_usb_leaf: fix bittiming limits - xfs: remove incorrect ASSERT in xfs_rename - [armhf] meson: Fix refcount leak in meson_smp_prepare_cpus - [armhf] pinctrl: sunxi: a83t: Fix NAND function name for some pins - [arm64] dts: imx8mp-evk: correct mmc pad settings - [arm64] dts: imx8mp-evk: correct the uart2 pinctl value - [arm64] dts: imx8mp-evk: correct gpio-led pad settings - [arm64] dts: imx8mp-evk: correct I2C3 pad settings - [arm64,armhf] pinctrl: sunxi: sunxi_pconf_set: use correct offset - [arm64] dts: qcom: msm8992-*: Fix vdd_lvs1_2-supply typo - xsk: Clear page contiguity bit when unmapping pool - i40e: Fix dropped jumbo frames statistics - r8169: fix accessing unset transport header - [armhf] dmaengine: imx-sdma: Allow imx8m for imx7 FW revs - misc: rtsx_usb: fix use of dma mapped buffer for usb bulk transfer - misc: rtsx_usb: use separate command and response buffers - misc: rtsx_usb: set return value in rsp_buf alloc err path - dt-bindings: dma: allwinner,sun50i-a64-dma: Fix min/max typo - ida: don't use BUG_ON() for debugging - [arm64,armhf] dmaengine: pl330: Fix lockdep warning about non-static key - [armhf] dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate - [armhf] dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.131 - [armhf] Revert "mtd: rawnand: gpmi: Fix setting busy timeout setting" https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.132 - [x86] ALSA: hda - Add fixup for Dell Latitidue E5430 - [x86] ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model - [x86] ALSA: hda/realtek: Fix headset mic for Acer SF313-51 - [x86] ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671 - [x86] ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc221 - [x86] ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop - xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue - fix race between exit_itimers() and /proc/pid/timers - mm: split huge PUD on wp_huge_pud fallback - tracing/histograms: Fix memory leak problem - net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale pointer - ip: fix dflt addr selection for connected nexthop - [armhf] 9213/1: Print message about disabled Spectre workarounds only once - [armel,armhf] 9214/1: alignment: advance IT state after emulating Thumb instruction - wifi: mac80211: fix queue selection for mesh/OCB interfaces - cgroup: Use separate src/dst nodes when preloading css_sets for migration - btrfs: return -EAGAIN for NOWAIT dio reads/writes on compressed and inline extents - [arm64,armhf] drm/panfrost: Put mapping instead of shmem obj on panfrost_mmu_map_fault_addr() error - [arm64,armhf] drm/panfrost: Fix shrinker list corruption by madvise IOCTL - fs/remap: constrain dedupe of EOF blocks - nilfs2: fix incorrect masking of permission flags for symlinks - sh: convert nommu io{re,un}map() to static inline functions - Revert "evm: Fix memleak in init_desc" - ext4: fix race condition between ext4_write and ext4_convert_inline_data - [armhf] dts: imx6qdl-ts7970: Fix ngpio typo and count - [armhf] 9209/1: Spectre-BHB: avoid pr_info() every time a CPU comes out of idle - [armel,armhf] 9210/1: Mark the FDT_FIXED sections as shareable - net/mlx5e: Fix capability check for updating vnic env counters - [x86] drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector() - ima: Fix a potential integer overflow in ima_appraise_measurement - [arm64,armhf] ASoC: sgtl5000: Fix noise on shutdown/remove - [x86] ASoC: Intel: Skylake: Correct the ssp rate discovery in skl_get_ssp_clks() - [x86] ASoC: Intel: Skylake: Correct the handling of fmt_config flexible array - sysctl: Fix data races in proc_dointvec(). - sysctl: Fix data races in proc_douintvec(). - sysctl: Fix data races in proc_dointvec_minmax(). - sysctl: Fix data races in proc_douintvec_minmax(). - sysctl: Fix data races in proc_doulongvec_minmax(). - sysctl: Fix data races in proc_dointvec_jiffies(). - tcp: Fix a data-race around sysctl_tcp_max_orphans. - inetpeer: Fix data-races around sysctl. - net: Fix data-races around sysctl_mem. - cipso: Fix data-races around sysctl. - icmp: Fix data-races around sysctl. - ipv4: Fix a data-race around sysctl_fib_sync_mem. - [armhf] dts: sunxi: Fix SPI NOR campatible on Orange Pi Zero - [x86] drm/i915/gt: Serialize TLB invalidates with GT resets - sysctl: Fix data-races in proc_dointvec_ms_jiffies(). - icmp: Fix a data-race around sysctl_icmp_ratelimit. - icmp: Fix a data-race around sysctl_icmp_ratemask. - raw: Fix a data-race around sysctl_raw_l3mdev_accept. - ipv4: Fix data-races around sysctl_ip_dynaddr. - nexthop: Fix data-races around nexthop_compat_mode. - [armhf] net: ftgmac100: Hold reference returned by of_get_child_by_name() - ima: force signature verification when CONFIG_KEXEC_SIG is configured - ima: Fix potential memory leak in ima_init_crypto() - sfc: fix use after free when disabling sriov - seg6: fix skb checksum evaluation in SRH encapsulation/insertion - seg6: fix skb checksum in SRv6 End.B6 and End.B6.Encaps behaviors - seg6: bpf: fix skb checksum in bpf_push_seg6_encap() - sfc: fix kernel panic when creating VF - net: atlantic: remove deep parameter on suspend/resume functions - net: atlantic: remove aq_nic_deinit() when resume - [x86] KVM: x86: Fully initialize 'struct kvm_lapic_irq' in kvm_pv_kick_cpu_op() - net/tls: Check for errors in tls_device_init - mm: sysctl: fix missing numa_stat when !CONFIG_HUGETLB_PAGE - virtio_mmio: Add missing PM calls to freeze/restore - virtio_mmio: Restore guest page size on resume - netfilter: br_netfilter: do not skip all hooks with 0 priority - [arm64] scsi: hisi_sas: Limit max hw sectors for v3 HW - [powerpc*] cpufreq: pmac32-cpufreq: Fix refcount leak bug - [x86] platform/x86: hp-wmi: Ignore Sanitization Mode event - net: tipc: fix possible refcount leak in tipc_sk_create() - nvme-tcp: always fail a request when sending it failed - nvme: fix regression when disconnect a recovering ctrl - net: sfp: fix memory leak in sfp_probe() - ASoC: ops: Fix off by one in range control validation - [armhf] pinctrl: aspeed: Fix potential NULL dereference in aspeed_pinmux_set_mux() - [x86] ASoC: SOF: Intel: hda-loader: Clarify the cl_dsp_init() flow - ASoC: dapm: Initialise kcontrol data for mux/demux controls - [amd64] Clear .brk area at early boot - [armhf] dts: stm32: use the correct clock source for CEC on stm32mp151 - Revert "can: xilinx_can: Limit CANFD brp to 2" - nvme-pci: phison e16 has bogus namespace ids - signal handling: don't use BUG_ON() for debugging - USB: serial: ftdi_sio: add Belimo device ids - usb: typec: add missing uevent when partner support PD - [arm64,armhf] usb: dwc3: gadget: Fix event pending check - [armhf] tty: serial: samsung_tty: set dma burst_size to 1 - vt: fix memory overlapping when deleting chars in the buffer - serial: 8250: fix return error code in serial8250_request_std_resource() - [armhf] serial: stm32: Clear prev values before setting RTS delays - [arm*] serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle - serial: 8250: Fix PM usage_count for console handover - [x86] pat: Fix x86_has_pat_wp() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.133 - [amd64] Preparation for mitigating RETbleed: + KVM/VMX: Use TEST %REG,%REG instead of CMP $0,%REG in vmenter.S + KVM/nVMX: Use __vmx_vcpu_run in nested_vmx_check_vmentry_hw + objtool: Refactor ORC section generation + objtool: Add 'alt_group' struct + objtool: Support stack layout changes in alternatives + objtool: Support retpoline jump detection for vmlinux.o + objtool: Assume only ELF functions do sibling calls + objtool: Combine UNWIND_HINT_RET_OFFSET and UNWIND_HINT_FUNC + x86/xen: Support objtool validation in xen-asm.S + x86/xen: Support objtool vmlinux.o validation in xen-head.S + x86/alternative: Merge include files + x86/alternative: Support not-feature + x86/alternative: Support ALTERNATIVE_TERNARY + x86/alternative: Use ALTERNATIVE_TERNARY() in _static_cpu_has() + x86/insn: Rename insn_decode() to insn_decode_from_regs() + x86/insn: Add a __ignore_sync_check__ marker + x86/insn: Add an insn_decode() API + x86/insn-eval: Handle return values from the decoder + x86/alternative: Use insn_decode() + x86: Add insn_decode_kernel() + x86/alternatives: Optimize optimize_nops() + x86/retpoline: Simplify retpolines + objtool: Correctly handle retpoline thunk calls + objtool: Handle per arch retpoline naming + objtool: Rework the elf_rebuild_reloc_section() logic + objtool: Add elf_create_reloc() helper + objtool: Create reloc sections implicitly + objtool: Extract elf_strtab_concat() + objtool: Extract elf_symbol_add() + objtool: Add elf_create_undef_symbol() + objtool: Keep track of retpoline call sites + objtool: Cache instruction relocs + objtool: Skip magical retpoline .altinstr_replacement + objtool/x86: Rewrite retpoline thunk calls + objtool: Support asm jump tables + x86/alternative: Optimize single-byte NOPs at an arbitrary position + objtool: Fix .symtab_shndx handling for elf_create_undef_symbol() + objtool: Only rewrite unconditional retpoline thunk calls + objtool/x86: Ignore __x86_indirect_alt_* symbols + objtool: Don't make .altinstructions writable + objtool: Teach get_alt_entry() about more relocation types + objtool: print out the symbol type when complaining about it + objtool: Remove reloc symbol type checks in get_alt_entry() + objtool: Make .altinstructions section entry size consistent + objtool: Introduce CFI hash + objtool: Handle __sanitize_cov*() tail calls + objtool: Classify symbols + objtool: Explicitly avoid self modifying code in .altinstr_replacement + objtool,x86: Replace alternatives with .retpoline_sites + x86/retpoline: Remove unused replacement symbols + x86/asm: Fix register order + x86/asm: Fixup odd GEN-for-each-reg.h usage + x86/retpoline: Move the retpoline thunk declarations to nospec-branch.h + x86/retpoline: Create a retpoline thunk array + x86/alternative: Implement .retpoline_sites support + x86/alternative: Handle Jcc __x86_indirect_thunk_\reg + x86/alternative: Try inline spectre_v2=retpoline,amd + x86/alternative: Add debug prints to apply_retpolines() + bpf,x86: Simplify computing label offsets + bpf,x86: Respect X86_FEATURE_RETPOLINE* + x86/lib/atomic64_386_32: Rename things - [amd64] Mitigate straight-line speculation: + x86: Prepare asm files for straight-line-speculation + x86: Prepare inline-asm for straight-line-speculation + x86/alternative: Relax text_poke_bp() constraint + objtool: Add straight-line-speculation validation + x86: Add straight-line-speculation mitigation + tools arch: Update arch/x86/lib/mem{cpy,set}_64.S copies used in 'perf bench mem memcpy' + kvm/emulate: Fix SETcc emulation function offsets with SLS + objtool: Default ignore INT3 for unreachable + crypto: x86/poly1305 - Fixup SLS + objtool: Fix SLS validation for kcov tail-call replacement - objtool: Fix code relocs vs weak symbols - objtool: Fix type of reloc::addend - objtool: Fix symbol creation - x86/entry: Remove skip_r11rcx - objtool: Fix objtool regression on x32 systems - x86/realmode: build with -D__DISABLE_EXPORTS - [amd64] Add mitigations for RETbleed on AMD/Hygon (CVE-2022-29900) and Intel (CVE-2022-29901) processors: + x86/kvm/vmx: Make noinstr clean + x86/cpufeatures: Move RETPOLINE flags to word 11 + x86/retpoline: Cleanup some #ifdefery + x86/retpoline: Swizzle retpoline thunk + Makefile: Set retpoline cflags based on CONFIG_CC_IS_{CLANG,GCC} + x86/retpoline: Use -mfunction-return + x86: Undo return-thunk damage + x86,objtool: Create .return_sites + objtool: skip non-text sections when adding return-thunk sites + x86,static_call: Use alternative RET encoding + x86/ftrace: Use alternative RET encoding + x86/bpf: Use alternative RET encoding + x86/kvm: Fix SETcc emulation for return thunks + x86/vsyscall_emu/64: Don't use RET in vsyscall emulation + x86/sev: Avoid using __x86_return_thunk + x86: Use return-thunk in asm code + objtool: Treat .text.__x86.* as noinstr + x86: Add magic AMD return-thunk + x86/bugs: Report AMD retbleed vulnerability + x86/bugs: Add AMD retbleed= boot parameter + x86/bugs: Enable STIBP for JMP2RET + x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value + x86/entry: Add kernel IBRS implementation + x86/bugs: Optimize SPEC_CTRL MSR writes + x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS + x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation() + x86/bugs: Report Intel retbleed vulnerability + intel_idle: Disable IBRS during long idle + objtool: Update Retpoline validation + x86/xen: Rename SYS* entry points + x86/bugs: Add retbleed=ibpb + x86/bugs: Do IBPB fallback check only once + objtool: Add entry UNRET validation + x86/cpu/amd: Add Spectral Chicken + x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n + x86/speculation: Fix firmware entry SPEC_CTRL handling + x86/speculation: Fix SPEC_CTRL write on SMT state change + x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit + x86/speculation: Remove x86_spec_ctrl_mask + objtool: Re-add UNWIND_HINT_{SAVE_RESTORE} + KVM: VMX: Flatten __vmx_vcpu_run() + KVM: VMX: Convert launched argument to flags + KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS + KVM: VMX: Fix IBRS handling after vmexit + x86/speculation: Fill RSB on vmexit for IBRS + x86/common: Stamp out the stepping madness + x86/cpu/amd: Enumerate BTC_NO + x86/retbleed: Add fine grained Kconfig knobs + x86/bugs: Add Cannon lake to RETBleed affected CPU list + x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported + x86/kexec: Disable RET on kexec + x86/speculation: Disable RRSBA behavior - x86/static_call: Serialize __static_call_fixup() properly - tools/insn: Restore the relative include paths for cross building - x86, kvm: use proper ASM macros for kvm_vcpu_is_preempted - x86/xen: Fix initialisation in hypercall_page after rethunk - x86/ftrace: Add UNWIND_HINT_FUNC annotation for ftrace_stub - x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit - x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current - efi/x86: use naked RET on mixed mode call wrapper - x86/kvm: fix FASTOP_SIZE when return thunks are enabled - KVM: emulate: do not adjust size of fastop and setcc subroutines - tools arch x86: Sync the msr-index.h copy with the kernel sources - tools headers cpufeatures: Sync with the kernel sources - x86/bugs: Remove apostrophe typo - um: Add missing apply_returns() - x86: Use -mindirect-branch-cs-prefix for RETPOLINE builds - kvm: fix objtool relocation warning - objtool: Fix elf_create_undef_symbol() endianness - tools arch: Update arch/x86/lib/mem{cpy,set}_64.S copies used in 'perf bench mem memcpy' - again - tools headers: Remove broken definition of __LITTLE_ENDIAN https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.134 - [armhf] pinctrl: stm32: fix optional IRQ support to gpios - lockdown: Fix kexec lockdown bypass with ima policy (CVE-2022-21505) - io_uring: Use original task for req identity in io_identity_cow() - xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE - docs: net: explain struct net_device lifetime - net: make free_netdev() more lenient with unregistering devices - net: make sure devices go through netdev_wait_all_refs - net: move net_set_todo inside rollback_registered() - net: inline rollback_registered() - net: move rollback_registered_many() - net: inline rollback_registered_many() - [amd64] PCI: hv: Fix multi-MSI to allow more than one MSI vector - [amd64] PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI - [amd64] PCI: hv: Reuse existing IRTE allocation in compose_msi_msg() - [amd64] PCI: hv: Fix interrupt mapping for multi-MSI - [arm64] serial: mvebu-uart: correctly report configured baudrate value - xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in xfrm_bundle_lookup() (CVE-2022-36879) - perf/core: Fix data race between perf_event_set_output() and perf_mmap_close() - drm/amdgpu/display: add quirk handling for stutter mode - igc: Reinstate IGC_REMOVED logic and implement it properly - ip: Fix data-races around sysctl_ip_no_pmtu_disc. - ip: Fix data-races around sysctl_ip_fwd_use_pmtu. - ip: Fix data-races around sysctl_ip_fwd_update_priority. - ip: Fix data-races around sysctl_ip_nonlocal_bind. - ip: Fix a data-race around sysctl_ip_autobind_reuse. - ip: Fix a data-race around sysctl_fwmark_reflect. - tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept. - tcp: Fix data-races around sysctl_tcp_mtu_probing. - tcp: Fix data-races around sysctl_tcp_base_mss. - tcp: Fix data-races around sysctl_tcp_min_snd_mss. - tcp: Fix a data-race around sysctl_tcp_mtu_probe_floor. - tcp: Fix a data-race around sysctl_tcp_probe_threshold. - tcp: Fix a data-race around sysctl_tcp_probe_interval. - net: stmmac: fix unbalanced ptp clock issue in suspend/resume flow - net: stmmac: fix dma queue left shift overflow issue - igmp: Fix data-races around sysctl_igmp_llm_reports. - igmp: Fix a data-race around sysctl_igmp_max_memberships. - igmp: Fix data-races around sysctl_igmp_max_msf. - tcp: Fix data-races around keepalive sysctl knobs. - tcp: Fix data-races around sysctl_tcp_syncookies. - tcp: Fix data-races around sysctl_tcp_reordering. - tcp: Fix data-races around some timeout sysctl knobs. - tcp: Fix a data-race around sysctl_tcp_notsent_lowat. - tcp: Fix a data-race around sysctl_tcp_tw_reuse. - tcp: Fix data-races around sysctl_max_syn_backlog. - tcp: Fix data-races around sysctl_tcp_fastopen. - tcp: Fix data-races around sysctl_tcp_fastopen_blackhole_timeout. - iavf: Fix handling of dummy receive descriptors - i40e: Fix erroneous adapter reinitialization during recovery process - ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero - [arm64,armhf] gpio: pca953x: only use single read/write for No AI mode - [arm64,armhf] gpio: pca953x: use the correct range when do regmap sync - [arm64,armhf] gpio: pca953x: use the correct register address when regcache sync during init - be2net: Fix buffer overflow in be_get_module_eeprom - ipv4: Fix a data-race around sysctl_fib_multipath_use_neigh. - ip: Fix data-races around sysctl_ip_prot_sock. - udp: Fix a data-race around sysctl_udp_l3mdev_accept. - tcp: Fix data-races around sysctl knobs related to SYN option. - tcp: Fix a data-race around sysctl_tcp_early_retrans. - tcp: Fix data-races around sysctl_tcp_recovery. - tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts. - tcp: Fix data-races around sysctl_tcp_slow_start_after_idle. - tcp: Fix a data-race around sysctl_tcp_retrans_collapse. - tcp: Fix a data-race around sysctl_tcp_stdurg. - tcp: Fix a data-race around sysctl_tcp_rfc1337. - tcp: Fix data-races around sysctl_tcp_max_reordering. - [arm*] spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for non DMA transfers - KVM: Don't null dereference ops->destroy - mm/mempolicy: fix uninit-value in mpol_rebind_policy() - bpf: Make sure mac_header was set before using it - sched/deadline: Fix BUG_ON condition for deboosted tasks - [x86] bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts - dlm: fix pending remove if msg allocation fails - bitfield.h: Fix "type of reg too small for mask" test - ALSA: memalloc: Align buffer allocations in page size - Bluetooth: Add bt_skb_sendmsg helper - Bluetooth: Add bt_skb_sendmmsg helper - Bluetooth: SCO: Replace use of memcpy_from_msg with bt_skb_sendmsg - Bluetooth: RFCOMM: Replace use of memcpy_from_msg with bt_skb_sendmmsg - Bluetooth: Fix passing NULL to PTR_ERR - Bluetooth: SCO: Fix sco_send_frame returning skb->len - Bluetooth: Fix bt_skb_sendmmsg not allocating partial chunks - [x86] amd: Use IBPB for firmware calls - [x86] alternative: Report missing return thunk details - watchqueue: make sure to serialize 'wqueue->defunct' properly - tty: drivers/tty/, stop using tty_schedule_flip() - tty: the rest, stop using tty_schedule_flip() - tty: drop tty_schedule_flip() - tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push() - tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - net: usb: ax88179_178a needs FLAG_SEND_ZLP - watch-queue: remove spurious double semicolon https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.135 - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put - Revert "ocfs2: mount shared volume without ha stack" - [s390x] archrandom: prevent CPACF trng invocations in interrupt context - watch_queue: Fix missing rcu annotation - watch_queue: Fix missing locking in add_watch_to_object() - tcp: Fix data-races around sysctl_tcp_dsack. - tcp: Fix a data-race around sysctl_tcp_app_win. - tcp: Fix a data-race around sysctl_tcp_adv_win_scale. - tcp: Fix a data-race around sysctl_tcp_frto. - tcp: Fix a data-race around sysctl_tcp_nometrics_save. - tcp: Fix data-races around sysctl_tcp_no_ssthresh_metrics_save. - ice: check (DD | EOF) bits on Rx descriptor rather than (EOP | RS) - ice: do not setup vlan for loopback VSI - Revert "tcp: change pingpong threshold to 3" - tcp: Fix data-races around sysctl_tcp_moderate_rcvbuf. - tcp: Fix a data-race around sysctl_tcp_limit_output_bytes. - tcp: Fix a data-race around sysctl_tcp_challenge_ack_limit. - net: ping6: Fix memleak in ipv6_renew_options(). - ipv6/addrconf: fix a null-ptr-deref bug for ip6_ptr - igmp: Fix data-races around sysctl_igmp_qrv. - net: sungem_phy: Add of_node_put() for reference returned by of_get_parent() - tcp: Fix a data-race around sysctl_tcp_min_tso_segs. - tcp: Fix a data-race around sysctl_tcp_min_rtt_wlen. - tcp: Fix a data-race around sysctl_tcp_autocorking. - tcp: Fix a data-race around sysctl_tcp_invalid_ratelimit. - Documentation: fix sctp_wmem in ip-sysctl.rst - macsec: fix NULL deref in macsec_add_rxsa - macsec: fix error message in macsec_add_rxsa and _txsa - macsec: limit replay window size with XPN - macsec: always read MACSEC_SA_ATTR_PN as a u64 - net: macsec: fix potential resource leak in macsec_add_rxsa() and macsec_add_txsa() - tcp: Fix a data-race around sysctl_tcp_comp_sack_delay_ns. - tcp: Fix a data-race around sysctl_tcp_comp_sack_slack_ns. - tcp: Fix a data-race around sysctl_tcp_comp_sack_nr. - tcp: Fix data-races around sysctl_tcp_reflect_tos. - i40e: Fix interface init with MSI interrupts (no MSI-X) - sctp: fix sleep in atomic context bug in timer handlers - netfilter: nf_queue: do not allow packet truncation below transport header offset (CVE-2022-36946) - virtio-net: fix the race between refill work and close - sfc: disable softirqs for ptp TX - sctp: leave the err path free in sctp_stream_init to sctp_stream_free - page_alloc: fix invalid watermark check on a negative value - mt7601u: add USB device ID for some versions of XiaoDu WiFi Dongle. - [arm*] 9216/1: Fix MAX_DMA_ADDRESS overflow - docs/kernel-parameters: Update descriptions for "mitigations=" param with retbleed - xfs: refactor xfs_file_fsync - xfs: xfs_log_force_lsn isn't passed a LSN - xfs: prevent UAF in xfs_log_item_in_current_chkpt - xfs: fix log intent recovery ENOSPC shutdowns when inactivating inodes - xfs: force the log offline when log intent item recovery fails - xfs: hold buffer across unpin and potential shutdown processing - xfs: remove dead stale buf unpin handling code - xfs: logging the on disk inode LSN can make it go backwards - xfs: Enforce attr3 buffer recovery order - [x86] bugs: Do not enable IBPB at firmware entry when IBPB is not available - bpf: Consolidate shared test timing code - bpf: Add PROG_TEST_RUN support for sk_lookup programs https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.136 - [x86] speculation: Make all RETbleed mitigations 64-bit only - ath9k_htc: fix NULL pointer dereference at ath9k_htc_rxep() - ath9k_htc: fix NULL pointer dereference at ath9k_htc_tx_get_packet() - tun: avoid double free in tun_free_netdev - [x86] ACPI: video: Force backlight native for some TongFang devices - [x86] ACPI: video: Shortening quirk list by identifying Clevo by board_name only - ACPI: APEI: Better fix to avoid spamming the console with old error logs - [arm64] crypto: arm64/poly1305 - fix a read out-of-bound - Bluetooth: hci_bcm: Add BCM4349B1 variant - Bluetooth: hci_bcm: Add DT compatible for CYW55572 - Bluetooth: btusb: Add support of IMC Networks PID 0x3568 - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04CA:0x4007 - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04C5:0x1675 - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0CB8:0xC558 - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3587 - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3586 - [x86] Add mitigations for Post-Barrier Return Stack Buffer Prediction (PBRSB) issue (CVE-2022-26373): + x86/speculation: Add RSB VM Exit protections + x86/speculation: Add LFENCE to RSB fill sequence . [ Salvatore Bonaccorso ] * Bump ABI to 17 * [rt] Update to 5.10.131-rt72 * posix-cpu-timers: Cleanup CPU timers before freeing them during exec (CVE-2022-2585) * netfilter: nf_tables: do not allow SET_ID to refer to another table (CVE-2022-2586) * netfilter: nf_tables: do not allow CHAIN_ID to refer to another table * netfilter: nf_tables: do not allow RULE_ID to refer to another chain * net_sched: cls_route: remove from list when handle is 0 (CVE-2022-2588) linux (5.10.127-2) bullseye-security; urgency=high . * [amd64,arm64,armhf] wireguard: Clear keys after suspend despite CONFIG_ANDROID=y * netfilter: nf_tables: stricter validation of element data (CVE-2022-34918) * net: rose: fix UAF bugs caused by timer handler (CVE-2022-2318) * net: rose: fix UAF bug caused by rose_t0timer_expiry * xen/{blk,net}front: fix leaking data in shared pages (CVE-2022-26365, CVE-2022-33740) * xen/{blk,net}front: force data bouncing when backend is untrusted (CVE-2022-33741, CVE-2022-33742) * xen-netfront: restore __skb_queue_tail() positioning in xennet_get_responses() (CVE-2022-33743) * [arm64,armhf] xen/arm: Fix race in RB-tree based P2M accounting (CVE-2022-33744) * fbdev: fbmem: Fix logo center image dx issue * fbdev: Fix potential out-of-bounds writes (CVE-2021-33655): - fbmem: Check virtual screen sizes in fb_set_var() - fbcon: Disallow setting font bigger than screen size - fbcon: Prevent that screen size is smaller than font size linux (5.10.127-2~bpo10+1) buster-backports; urgency=high . * Rebuild for buster-backports: - Change ABI number to 0.deb10.16 . linux (5.10.127-2) bullseye-security; urgency=high . * [amd64,arm64,armhf] wireguard: Clear keys after suspend despite CONFIG_ANDROID=y * netfilter: nf_tables: stricter validation of element data (CVE-2022-34918) * net: rose: fix UAF bugs caused by timer handler (CVE-2022-2318) * net: rose: fix UAF bug caused by rose_t0timer_expiry * xen/{blk,net}front: fix leaking data in shared pages (CVE-2022-26365, CVE-2022-33740) * xen/{blk,net}front: force data bouncing when backend is untrusted (CVE-2022-33741, CVE-2022-33742) * xen-netfront: restore __skb_queue_tail() positioning in xennet_get_responses() (CVE-2022-33743) * [arm64,armhf] xen/arm: Fix race in RB-tree based P2M accounting (CVE-2022-33744) * fbdev: fbmem: Fix logo center image dx issue * fbdev: Fix potential out-of-bounds writes (CVE-2021-33655): - fbmem: Check virtual screen sizes in fb_set_var() - fbcon: Disallow setting font bigger than screen size - fbcon: Prevent that screen size is smaller than font size . linux (5.10.127-1) bullseye; urgency=medium . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.121 - ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15 9520 laptop - ALSA: hda/realtek - Fix microphone noise on ASUS TUF B550M-PLUS - ALSA: usb-audio: Cancel pending work at closing a MIDI substream - USB: serial: option: add Quectel BG95 modem - USB: new quirk for Dell Gen 2 devices - usb: dwc3: gadget: Move null pinter check to proper place - usb: core: hcd: Add support for deferring roothub registration - cifs: when extending a file with falloc we should make files not-sparse - xhci: Allow host runtime PM as default for Intel Alder Lake N xHCI - Fonts: Make font size unsigned in font_desc - [x86] MCE/AMD: Fix memory leak when threshold_create_bank() fails - [w86] perf/x86/intel: Fix event constraints for ICL - ptrace/xtensa: Replace PT_SINGLESTEP with TIF_SINGLESTEP - ptrace: Reimplement PTRACE_KILL by always sending SIGKILL - btrfs: add "0x" prefix for unsupported optional features - btrfs: repair super block num_devices automatically - [amd64] iommu/vt-d: Add RPLS to quirk list to skip TE disabling - drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes - mwifiex: add mutex lock for call in mwifiex_dfs_chan_sw_work_queue - b43legacy: Fix assigning negative value to unsigned variable - b43: Fix assigning negative value to unsigned variable - ipw2x00: Fix potential NULL dereference in libipw_xmit() - ipv6: fix locking issues with loops over idev->addr_list - fbcon: Consistently protect deferred_takeover with console_lock() - [x86] platform/uv: Update TSC sync state for UV5 - ACPICA: Avoid cache flush inside virtual machines - drm/komeda: return early if drm_universal_plane_init() fails. - rcu-tasks: Fix race in schedule and flush work - rcu: Make TASKS_RUDE_RCU select IRQ_WORK - sfc: ef10: Fix assigning negative value to unsigned variable - ALSA: jack: Access input_dev under mutex - spi: spi-rspi: Remove setting {src,dst}_{addr,addr_width} based on DMA direction - drm/amd/pm: fix double free in si_parse_power_table() - ath9k: fix QCA9561 PA bias level - media: venus: hfi: avoid null dereference in deinit - media: pci: cx23885: Fix the error handling in cx23885_initdev() - media: cx25821: Fix the warning when removing the module - md/bitmap: don't set sb values if can't pass sanity check - mmc: jz4740: Apply DMA engine limits to maximum segment size - drivers: mmc: sdhci_am654: Add the quirk to set TESTCD bit - scsi: megaraid: Fix error check return value of register_chrdev() - scsi: ufs: Use pm_runtime_resume_and_get() instead of pm_runtime_get_sync() - scsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp() - ath11k: disable spectral scan during spectral deinit - ASoC: Intel: bytcr_rt5640: Add quirk for the HP Pro Tablet 408 - drm/plane: Move range check for format_count earlier - drm/amd/pm: fix the compile warning - ath10k: skip ath10k_halt during suspend for driver state RESTARTING - [arm64] compat: Do not treat syscall number as ESR_ELx for a bad syscall - drm: msm: fix error check return value of irq_of_parse_and_map() - ipv6: Don't send rs packets to the interface of ARPHRD_TUNNEL - net/mlx5: fs, delete the FTE when there are no rules attached to it - ASoC: dapm: Don't fold register value changes into notifications - mlxsw: spectrum_dcb: Do not warn about priority changes - mlxsw: Treat LLDP packets as control - drm/amdgpu/ucode: Remove firmware load type check in amdgpu_ucode_free_bo - HID: bigben: fix slab-out-of-bounds Write in bigben_probe - ASoC: tscs454: Add endianness flag in snd_soc_component_driver - net: remove two BUG() from skb_checksum_help() - [s390x] preempt: disable __preempt_count_add() optimization for PROFILE_ALL_BRANCHES - perf/amd/ibs: Cascade pmu init functions' return value - spi: stm32-qspi: Fix wait_cmd timeout in APM mode - dma-debug: change allocation mode from GFP_NOWAIT to GFP_ATIOMIC - ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default - ipmi:ssif: Check for NULL msg when handling events and messages - ipmi: Fix pr_fmt to avoid compilation issues - rtlwifi: Use pr_warn instead of WARN_ONCE - media: rga: fix possible memory leak in rga_probe - media: coda: limit frame interval enumeration to supported encoder frame sizes - media: imon: reorganize serialization - media: cec-adap.c: fix is_configuring state - nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags - ASoC: rt5645: Fix errorenous cleanup order - nbd: Fix hung on disconnect request if socket is closed before - net: phy: micrel: Allow probing without .driver_data - media: exynos4-is: Fix compile warning - ASoC: max98357a: remove dependency on GPIOLIB - ASoC: rt1015p: remove dependency on GPIOLIB - can: mcp251xfd: silence clang's -Wunaligned-access warning - [x86] microcode: Add explicit CPU vendor dependency - rxrpc: Return an error to sendmsg if call failed - rxrpc, afs: Fix selection of abort codes - eth: tg3: silence the GCC 12 array-bounds warning - gfs2: use i_lock spin_lock for inode qadata - IB/rdmavt: add missing locks in rvt_ruc_loopback - [arm64] dts: qcom: msm8994: Fix BLSP[12]_DMA channels count - PM / devfreq: rk3399_dmc: Disable edev on remove() - crypto: ccree - use fine grained DMA mapping dir - soc: ti: ti_sci_pm_domains: Check for null return of devm_kcalloc - fs: jfs: fix possible NULL pointer dereference in dbFree() - [powerpc*] fadump: Fix fadump to work with a different endian capture kernel - fat: add ratelimit to fat*_ent_bread() - pinctrl: renesas: rzn1: Fix possible null-ptr-deref in sh_pfc_map_resources() - ARM: versatile: Add missing of_node_put in dcscb_init - ARM: dts: exynos: add atmel,24c128 fallback to Samsung EEPROM - ARM: hisi: Add missing of_node_put after of_find_compatible_node - PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() - tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate - [powerpc*] powernv/vas: Assign real address to rx_fifo in vas_rx_win_attr - [powerpc*] xics: fix refcount leak in icp_opal_init() - [powerpc*] powernv: fix missing of_node_put in uv_init() - macintosh/via-pmu: Fix build failure when CONFIG_INPUT is disabled - [powerpc*] iommu: Add missing of_node_put in iommu_init_early_dart - [amd64] RDMA/hfi1: Prevent panic when SDMA is disabled - drm: fix EDID struct for old ARM OABI format - dt-bindings: display: sitronix, st7735r: Fix backlight in example - ath11k: acquire ab->base_lock in unassign when finding the peer by addr - ath9k: fix ar9003_get_eepmisc - drm/edid: fix invalid EDID extension block filtering - drm/bridge: adv7511: clean up CEC adapter when probe fails - spi: qcom-qspi: Add minItems to interconnect-names - ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe - ASoC: mediatek: Fix missing of_node_put in mt2701_wm8960_machine_probe - [x86] delay: Fix the wrong asm constraint in delay_loop() - drm/ingenic: Reset pixclock rate when parent clock rate changes - drm/mediatek: Fix mtk_cec_mask() - [arm*] drm/vc4: hvs: Reset muxes at probe time - [arm*] drm/vc4: txp: Don't set TXP_VSTART_AT_EOF - [arm*] drm/vc4: txp: Force alpha to be 0xff if it's disabled - bpf: Fix excessive memory allocation in stack_map_alloc() - nl80211: show SSID for P2P_GO interfaces - drm/komeda: Fix an undefined behavior bug in komeda_plane_add() - drm: mali-dp: potential dereference of null pointer - spi: spi-ti-qspi: Fix return value handling of wait_for_completion_timeout - scftorture: Fix distribution of short handler delays - net: dsa: mt7530: 1G can also support 1000BASE-X link mode - NFC: NULL out the dev->rfkill to prevent UAF - efi: Add missing prototype for efi_capsule_setup_info - target: remove an incorrect unmap zeroes data deduction - drbd: fix duplicate array initializer - EDAC/dmc520: Don't print an error for each unconfigured interrupt line - mtd: rawnand: denali: Use managed device resources - HID: hid-led: fix maximum brightness for Dream Cheeky - HID: elan: Fix potential double free in elan_input_configured - drm/bridge: Fix error handling in analogix_dp_probe - sched/fair: Fix cfs_rq_clock_pelt() for throttled cfs_rq - spi: img-spfi: Fix pm_runtime_get_sync() error checking - cpufreq: Fix possible race in cpufreq online error path - ath9k_htc: fix potential out of bounds access with invalid rxstatus->rs_keyix - media: hantro: Empty encoder capture buffers by default - drm/panel: simple: Add missing bus flags for Innolux G070Y2-L01 - ALSA: pcm: Check for null pointer of pointer substream before dereferencing it - inotify: show inotify mask flags in proc fdinfo - fsnotify: fix wrong lockdep annotations - of: overlay: do not break notify on NOTIFY_{OK|STOP} - drm/msm/dpu: adjust display_v_end for eDP and DP - scsi: ufs: qcom: Fix ufs_qcom_resume() - scsi: ufs: core: Exclude UECxx from SFR dump list - mtd: spi-nor: core: Check written SR value in spi_nor_write_16bit_sr_and_check() - [x86] pm: Fix false positive kmemleak report in msr_build_context() - mtd: rawnand: cadence: fix possible null-ptr-deref in cadence_nand_dt_probe() - [x86] speculation: Add missing prototype for unpriv_ebpf_notify() - ASoC: rk3328: fix disabling mclk on pclk probe failure - perf tools: Add missing headers needed by util/data.h - drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume - drm/msm/dp: stop event kernel thread when DP unbind - drm/msm/dp: fix error check return value of irq_of_parse_and_map() - drm/msm/dsi: fix error checks and return values for DSI xmit functions - drm/msm/hdmi: check return value after calling platform_get_resource_byname() - drm/msm/hdmi: fix error check return value of irq_of_parse_and_map() - drm/msm: add missing include to msm_drv.c - drm/panel: panel-simple: Fix proper bpc for AM-1280800N3TZQW-T00H - drm/rockchip: vop: fix possible null-ptr-deref in vop_bind() - perf tools: Use Python devtools for version autodetection rather than runtime - virtio_blk: fix the discard_granularity and discard_alignment queue limits - [x86] Fix return value of __setup handlers - irqchip/exiu: Fix acknowledgment of edge triggered interrupts - irqchip/aspeed-i2c-ic: Fix irq_of_parse_and_map() return value - irqchip/aspeed-scu-ic: Fix irq_of_parse_and_map() return value - [x86] mm: Cleanup the control_va_addr_alignment() __setup handler - [arm64] fix types in copy_highpage() - regulator: core: Fix enable_count imbalance with EXCLUSIVE_GET - drm/msm/dp: fix event thread stuck in wait_event after kthread_stop() - drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detected - drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is detected - drm/msm: return an error pointer in msm_gem_prime_get_sg_table() - media: uvcvideo: Fix missing check to determine if element is found in list - iomap: iomap_write_failed fix - spi: spi-fsl-qspi: check return value after calling platform_get_resource_byname() - Revert "cpufreq: Fix possible race in cpufreq online error path" - regulator: qcom_smd: Fix up PM8950 regulator configuration - perf/amd/ibs: Use interrupt regs ip for stack unwinding - ath11k: Don't check arvif->is_started before sending management frames - ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe - ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe - regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt - ASoC: samsung: Use dev_err_probe() helper - ASoC: samsung: Fix refcount leak in aries_audio_probe - scripts/faddr2line: Fix overlapping text section failures - media: aspeed: Fix an error handling path in aspeed_video_probe() - media: exynos4-is: Fix PM disable depth imbalance in fimc_is_probe - media: st-delta: Fix PM disable depth imbalance in delta_probe - media: exynos4-is: Change clk_disable to clk_disable_unprepare - media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init - media: vsp1: Fix offset calculation for plane cropping - Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout - Bluetooth: Interleave with allowlist scan - Bluetooth: L2CAP: Rudimentary typo fixes - Bluetooth: LL privacy allow RPA - Bluetooth: use inclusive language in HCI role comments - Bluetooth: use inclusive language when filtering devices - Bluetooth: use hdev lock for accept_list and reject_list in conn req - nvme: set dma alignment to dword - lsm,selinux: pass flowi_common instead of flowi to the LSM hooks - sctp: read sk->sk_bound_dev_if once in sctp_rcv() - net: hinic: add missing destroy_workqueue in hinic_pf_to_mgmt_init - ASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_* - media: ov7670: remove ov7670_power_off from ov7670_remove - media: staging: media: rkvdec: Make use of the helper function devm_platform_ioremap_resource() - media: rkvdec: h264: Fix dpb_valid implementation - media: rkvdec: h264: Fix bit depth wrap in pps packet - ext4: reject the 'commit' option on ext2 filesystems - drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init - drm: msm: fix possible memory leak in mdp5_crtc_cursor_set() - [x86] sev: Annotate stack change in the #VC handler - drm/msm/dpu: handle pm_runtime_get_sync() errors in bind path - [x86] drm/i915: Fix CFI violation with show_dynamic_id() - thermal/drivers/bcm2711: Don't clamp temperature at zero - thermal/drivers/broadcom: Fix potential NULL dereference in sr_thermal_probe - thermal/drivers/core: Use a char pointer for the cooling device name - thermal/core: Fix memory leak in __thermal_cooling_device_register() - thermal/drivers/imx_sc_thermal: Fix refcount leak in imx_sc_thermal_probe - ASoC: wm2000: fix missing clk_disable_unprepare() on error in wm2000_anc_transition() - NFC: hci: fix sleep in atomic context bugs in nfc_hci_hcp_message_tx - ASoC: max98090: Move check for invalid values before casting in max98090_put_enab_tlv() - net: stmmac: selftests: Use kcalloc() instead of kzalloc() - net: stmmac: fix out-of-bounds access in a selftest - hv_netvsc: Fix potential dereference of NULL pointer - rxrpc: Fix listen() setting the bar too high for the prealloc rings - rxrpc: Don't try to resend the request if we're receiving the reply - rxrpc: Fix overlapping ACK accounting - rxrpc: Don't let ack.previousPacket regress - rxrpc: Fix decision on when to generate an IDLE ACK - net: huawei: hinic: Use devm_kcalloc() instead of devm_kzalloc() - hinic: Avoid some over memory allocation - net/smc: postpone sk_refcnt increment in connect() - arm64: dts: rockchip: Move drive-impedance-ohm to emmc phy on rk3399 - memory: samsung: exynos5422-dmc: Avoid some over memory allocation - ARM: dts: suniv: F1C100: fix watchdog compatible - soc: qcom: smp2p: Fix missing of_node_put() in smp2p_parse_ipc - soc: qcom: smsm: Fix missing of_node_put() in smsm_parse_ipc - PCI: cadence: Fix find_first_zero_bit() limit - PCI: rockchip: Fix find_first_zero_bit() limit - PCI: dwc: Fix setting error return on MSI DMA mapping failure - ARM: dts: ci4x10: Adapt to changes in imx6qdl.dtsi regarding fec clocks - soc: qcom: llcc: Add MODULE_DEVICE_TABLE() - [x86] KVM: nVMX: Leave most VM-Exit info fields unmodified on failed VM-Entry - [x86] KVM: nVMX: Clear IDT vectoring on nested VM-Exit for double/triple fault - platform/chrome: cros_ec: fix error handling in cros_ec_register() - ARM: dts: imx6dl-colibri: Fix I2C pinmuxing - platform/chrome: Re-introduce cros_ec_cmd_xfer and use it for ioctls - can: xilinx_can: mark bit timing constants as const - ARM: dts: stm32: Fix PHY post-reset delay on Avenger96 - ARM: dts: bcm2835-rpi-zero-w: Fix GPIO line name for Wifi/BT - ARM: dts: bcm2837-rpi-cm3-io3: Fix GPIO line names for SMPS I2C - ARM: dts: bcm2837-rpi-3-b-plus: Fix GPIO line name of power LED - ARM: dts: bcm2835-rpi-b: Fix GPIO line names - misc: ocxl: fix possible double free in ocxl_file_register_afu - crypto: marvell/cesa - ECB does not IV - gpiolib: of: Introduce hook for missing gpio-ranges - pinctrl: bcm2835: implement hook for missing gpio-ranges - arm: mediatek: select arch timer for mt7629 - powerpc/fadump: fix PT_LOAD segment for boot memory area - mfd: ipaq-micro: Fix error check return value of platform_get_irq() - scsi: fcoe: Fix Wstringop-overflow warnings in fcoe_wwn_from_mac() - firmware: arm_scmi: Fix list protocols enumeration in the base protocol - nvdimm: Fix firmware activation deadlock scenarios - nvdimm: Allow overwrite in the presence of disabled dimms - pinctrl: mvebu: Fix irq_of_parse_and_map() return value - drivers/base/node.c: fix compaction sysfs file leak - dax: fix cache flush on PMD-mapped pages - drivers/base/memory: fix an unlikely reference counting issue in __add_memory_block() - powerpc/8xx: export 'cpm_setbrg' for modules - pinctrl: renesas: core: Fix possible null-ptr-deref in sh_pfc_map_resources() - powerpc/idle: Fix return value of __setup() handler - powerpc/4xx/cpm: Fix return value of __setup() handler - ASoC: atmel-pdmic: Remove endianness flag on pdmic component - ASoC: atmel-classd: Remove endianness flag on class d component - proc: fix dentry/inode overinstantiating under /proc/${pid}/net - ipc/mqueue: use get_tree_nodev() in mqueue_get_tree() - PCI: imx6: Fix PERST# start-up sequence - tty: fix deadlock caused by calling printk() under tty_port->lock - crypto: sun8i-ss - rework handling of IV - crypto: sun8i-ss - handle zero sized sg - crypto: cryptd - Protect per-CPU resource by disabling BH. - Input: sparcspkr - fix refcount leak in bbc_beep_probe - PCI/AER: Clear MULTI_ERR_COR/UNCOR_RCV bits - hwrng: omap3-rom - fix using wrong clk_disable() in omap_rom_rng_runtime_resume() - [powerpc*] 64: Only WARN if __pa()/__va() called with bad addresses - [powerpc*] perf: Fix the threshold compare group constraint for power9 - macintosh: via-pmu and via-cuda need RTC_LIB - powerpc/fsl_rio: Fix refcount leak in fsl_rio_setup - mfd: davinci_voicecodec: Fix possible null-ptr-deref davinci_vc_probe() - mailbox: forward the hrtimer if not queued and under a lock - [amd64] RDMA/hfi1: Prevent use of lock before it is initialized - Input: stmfts - do not leave device disabled in stmfts_input_open - OPP: call of_node_put() on error path in _bandwidth_supported() - f2fs: fix dereference of stale list iterator after loop body - iommu/mediatek: Add list_del in mtk_iommu_remove - i2c: at91: use dma safe buffers - cpufreq: mediatek: add missing platform_driver_unregister() on error in mtk_cpufreq_driver_init - cpufreq: mediatek: Use module_init and add module_exit - cpufreq: mediatek: Unregister platform device on exit - [mips*] Loongson: Use hwmon_device_register_with_groups() to register hwmon - i2c: at91: Initialize dma_buf in at91_twi_xfer() - dmaengine: idxd: Fix the error handling path in idxd_cdev_register() - NFS: Do not report EINTR/ERESTARTSYS as mapping errors - NFS: fsync() should report filesystem errors over EINTR/ERESTARTSYS - NFS: Do not report flush errors in nfs_write_end() - NFS: Don't report errors from nfs_pageio_complete() more than once - NFSv4/pNFS: Do not fail I/O when we fail to allocate the pNFS layout - video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup - dmaengine: stm32-mdma: remove GISR1 register - dmaengine: stm32-mdma: rework interrupt handler - dmaengine: stm32-mdma: fix chan initialization in stm32_mdma_irq_handler() - iommu/amd: Increase timeout waiting for GA log enablement - i2c: npcm: Fix timeout calculation - i2c: npcm: Correct register access width - i2c: npcm: Handle spurious interrupts - i2c: rcar: fix PM ref counts in probe error paths - perf c2c: Use stdio interface if slang is not supported - perf jevents: Fix event syntax error caused by ExtSel - f2fs: fix to avoid f2fs_bug_on() in dec_valid_node_count() - f2fs: fix to do sanity check on block address in f2fs_do_zero_range() - f2fs: fix to clear dirty inode in f2fs_evict_inode() - f2fs: fix deadloop in foreground GC - f2fs: don't need inode lock for system hidden quota - f2fs: fix to do sanity check on total_data_blocks - f2fs: fix fallocate to use file_modified to update permissions consistently - f2fs: fix to do sanity check for inline inode - wifi: mac80211: fix use-after-free in chanctx code - iwlwifi: mvm: fix assert 1F04 upon reconfig - fs-writeback: writeback_sb_inodes:Recalculate 'wrote' according skipped pages - efi: Do not import certificates from UEFI Secure Boot for T2 Macs - bfq: Split shared queues on move between cgroups - bfq: Update cgroup information before merging bio - bfq: Track whether bfq_group is still online - ext4: fix use-after-free in ext4_rename_dir_prepare - ext4: fix warning in ext4_handle_inode_extension - ext4: fix bug_on in ext4_writepages - ext4: filter out EXT4_FC_REPLAY from on-disk superblock field s_state - ext4: fix bug_on in __es_tree_search - ext4: verify dir block before splitting it (CVE-2022-1184) - ext4: avoid cycles in directory h-tree (CVE-2022-1184) - ACPI: property: Release subnode properties with data nodes - tracing: Fix potential double free in create_var_ref() - PCI/PM: Fix bridge_d3_blacklist[] Elo i2 overwrite of Gigabyte X299 - PCI: qcom: Fix runtime PM imbalance on probe errors - PCI: qcom: Fix unbalanced PHY init on probe errors - mm, compaction: fast_find_migrateblock() should return pfn in the target zone - [s390x] perf: obtain sie_block from the right address - dlm: fix plock invalid read - dlm: fix missing lkb refcount handling - ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock - scsi: dc395x: Fix a missing check on list iterator - scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled - drm/amdgpu/cs: make commands with 0 chunks illegal behaviour. - drm/etnaviv: check for reaped mapping in etnaviv_iommu_unmap_gem - drm/nouveau/clk: Fix an incorrect NULL check on list iterator - drm/nouveau/kms/nv50-: atom: fix an incorrect NULL check on list iterator - drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX - [x86] drm/i915/dsi: fix VBT send packet port selection for ICL+ - md: fix an incorrect NULL check in does_sb_need_changing - md: fix an incorrect NULL check in md_reload_sb - mtd: cfi_cmdset_0002: Move and rename chip_check/chip_ready/chip_good_for_write - mtd: cfi_cmdset_0002: Use chip_ready() for write on S29GL064N - media: coda: Fix reported H264 profile - media: coda: Add more H264 levels for CODA960 - [amd64] RDMA/hfi1: Fix potential integer multiplication overflow errors - csky: patch_text: Fixup last cpu should be master - irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375, A38x, A39x - irqchip: irq-xtensa-mx: fix initial IRQ affinity - cfg80211: declare MODULE_FIRMWARE for regulatory.db - mac80211: upgrade passive scan to active scan on DFS channels after beacon rx - um: chan_user: Fix winch_tramp() return value - um: Fix out-of-bounds read in LDT setup - kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add] - ftrace: Clean up hash direct_functions on register failures - iommu/msm: Fix an incorrect NULL check on list iterator - nodemask.h: fix compilation error with GCC12 - hugetlb: fix huge_pmd_unshare address update - xtensa/simdisk: fix proc_read_simdisk() - rtl818x: Prevent using not initialized queues - ASoC: rt5514: Fix event generation for "DSP Voice Wake Up" control - carl9170: tx: fix an incorrect use of list iterator - stm: ltdc: fix two incorrect NULL checks on list iterator - bcache: improve multithreaded bch_btree_check() - bcache: improve multithreaded bch_sectors_dirty_init() - bcache: remove incremental dirty sector counting for bch_sectors_dirty_init() - bcache: avoid journal no-space deadlock by reserving 1 journal bucket - serial: pch: don't overwrite xmit->buf[0] by x_char - tilcdc: tilcdc_external: fix an incorrect NULL check on list iterator - gma500: fix an incorrect NULL check on list iterator - arm64: dts: qcom: ipq8074: fix the sleep clock frequency - phy: qcom-qmp: fix struct clk leak on probe errors - ARM: dts: s5pv210: Remove spi-cs-high on panel in Aries - ARM: pxa: maybe fix gpio lookup tables - SMB3: EBADF/EIO errors in rename/open caused by race condition in smb2_compound_op - docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0 - dt-bindings: gpio: altera: correct interrupt-cells - vdpasim: allow to enable a vq repeatedly - blk-iolatency: Fix inflight count imbalances and IO hangs on offline - coresight: core: Fix coresight device probe failure issue - phy: qcom-qmp: fix reset-controller leak on probe errors - net: ipa: fix page free in ipa_endpoint_trans_release() - net: ipa: fix page free in ipa_endpoint_replenish_one() - xfs: set inode size after creating symlink - xfs: sync lazy sb accounting on quiesce of read-only mounts - xfs: fix chown leaking delalloc quota blocks when fssetxattr fails - xfs: fix incorrect root dquot corruption error when switching group/project quota types - xfs: restore shutdown check in mapped write fault path - xfs: force log and push AIL to clear pinned inodes when aborting mount - xfs: consider shutdown in bmapbt cursor delete assert - xfs: assert in xfs_btree_del_cursor should take into account error - kseltest/cgroup: Make test_stress.sh work if run interactively - thermal/core: fix a UAF bug in __thermal_cooling_device_register() - thermal/core: Fix memory leak in the error path - bfq: Avoid merging queues with different parents - bfq: Drop pointless unlock-lock pair - bfq: Remove pointless bfq_init_rq() calls - bfq: Get rid of __bio_blkcg() usage - bfq: Make sure bfqg for which we are queueing requests is online - block: fix bio_clone_blkg_association() to associate with proper blkcg_gq - Revert "random: use static branch for crng_ready()" - RDMA/rxe: Generate a completion for unsupported/invalid opcode - [mips*] IP27: Remove incorrect `cpu_has_fpu' override - [mips*] IP30: Remove incorrect `cpu_has_fpu' override - ext4: only allow test_dummy_encryption when supported - md: bcache: check the return value of kzalloc() in detached_dev_do_request() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.122 - pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards - staging: greybus: codecs: fix type confusion of list iterator variable - iio: adc: ad7124: Remove shift from scan_type - tty: goldfish: Use tty_port_destroy() to destroy port - tty: serial: owl: Fix missing clk_disable_unprepare() in owl_uart_probe - tty: n_tty: Restore EOF push handling behavior - tty: serial: fsl_lpuart: fix potential bug when using both of_alias_get_id and ida_simple_get - usb: usbip: fix a refcount leak in stub_probe() - usb: usbip: add missing device lock on tweak configuration cmd - USB: storage: karma: fix rio_karma_init return - usb: musb: Fix missing of_node_put() in omap2430_probe - staging: fieldbus: Fix the error handling path in anybuss_host_common_probe() - pwm: lp3943: Fix duty calculation in case period was clamped - rpmsg: qcom_smd: Fix irq_of_parse_and_map() return value - usb: dwc3: pci: Fix pm_runtime_get_sync() error checking - misc: fastrpc: fix an incorrect NULL check on list iterator - firmware: stratix10-svc: fix a missing check on list iterator - usb: typec: mux: Check dev_set_name() return value - iio: adc: stmpe-adc: Fix wait_for_completion_timeout return value check - iio: proximity: vl53l0x: Fix return value check of wait_for_completion_timeout - iio: adc: sc27xx: fix read big scale voltage not right - iio: adc: sc27xx: Fine tune the scale calibration values - rpmsg: qcom_smd: Fix returning 0 if irq_of_parse_and_map() fails - phy: qcom-qmp: fix pipe-clock imbalance on power-on failure - serial: sifive: Report actual baud base rather than fixed 115200 - coresight: cpu-debug: Replace mutex with mutex_trylock on panic notifier - extcon: ptn5150: Add queue work sync before driver release - soc: rockchip: Fix refcount leak in rockchip_grf_init - rtc: mt6397: check return value after calling platform_get_resource() - serial: meson: acquire port->lock in startup() - serial: 8250_fintek: Check SER_RS485_RTS_* only with RS485 - serial: digicolor-usart: Don't allow CS5-6 - serial: rda-uart: Don't allow CS5-6 - serial: txx9: Don't allow CS5-6 - serial: sh-sci: Don't allow CS5-6 - serial: sifive: Sanitize CSIZE and c_iflag - serial: st-asc: Sanitize CSIZE and correct PARENB for CS7 - serial: stm32-usart: Correct CSIZE, bits, and parity - firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle - bus: ti-sysc: Fix warnings for unbind for serial - driver: base: fix UAF when driver_attach failed - driver core: fix deadlock in __device_attach - watchdog: rti-wdt: Fix pm_runtime_get_sync() error checking - watchdog: ts4800_wdt: Fix refcount leak in ts4800_wdt_probe - ASoC: fsl_sai: Fix FSL_SAI_xDR/xFR definition - clocksource/drivers/oxnas-rps: Fix irq_of_parse_and_map() return value - [s390x] crypto: fix scatterwalk_unmap() callers in AES-GCM - net: sched: fixed barrier to prevent skbuff sticking in qdisc backlog - net: ethernet: mtk_eth_soc: out of bounds read in mtk_hwlro_get_fdir_entry() - net: ethernet: ti: am65-cpsw-nuss: Fix some refcount leaks - net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register - modpost: fix removing numeric suffixes - jffs2: fix memory leak in jffs2_do_fill_super - ubi: fastmap: Fix high cpu usage of ubi_bgt by making sure wl_pool not empty - ubi: ubi_create_volume: Fix use-after-free when volume creation failed - bpf: Fix probe read error in ___bpf_prog_run() - net/smc: fixes for converting from "struct smc_cdc_tx_pend **" to "struct smc_wr_tx_pend_priv *" - nfp: only report pause frame configuration for physical device - sfc: fix considering that all channels have TX queues - sfc: fix wrong tx channel offset with efx_separate_tx_channels - net/mlx5: Don't use already freed action pointer - net/mlx5: correct ECE offset in query qp output - net/mlx5e: Update netdev features after changing XDP state - net: sched: add barrier to fix packet stuck problem for lockless qdisc - tcp: tcp_rtx_synack() can be called from process context - gpio: pca953x: use the correct register address to do regcache sync - afs: Fix infinite loop found by xfstest generic/676 - scsi: sd: Fix potential NULL pointer dereference - tipc: check attribute length for bearer name - driver core: Fix wait_for_device_probe() & deferred_probe_timeout interaction - perf c2c: Fix sorting in percent_rmt_hitm_cmp() - dmaengine: idxd: set DMA_INTERRUPT cap bit - mips: cpc: Fix refcount leak in mips_cpc_default_phys_base - bootconfig: Make the bootconfig.o as a normal object file - tracing: Fix sleeping function called from invalid context on RT kernel - tracing: Avoid adding tracer option before update_tracer_options - iommu/arm-smmu: fix possible null-ptr-deref in arm_smmu_device_probe() - iommu/arm-smmu-v3: check return value after calling platform_get_resource() - f2fs: remove WARN_ON in f2fs_is_valid_blkaddr - i2c: cadence: Increase timeout per message if necessary - dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type - NFSv4: Don't hold the layoutget locks across multiple RPC calls - video: fbdev: hyperv_fb: Allow resolutions with size > 64 MB for Gen1 - video: fbdev: pxa3xx-gcu: release the resources correctly in pxa3xx_gcu_probe/remove() - xprtrdma: treat all calls not a bcall when bc_serv is NULL - netfilter: nat: really support inet nat without l3 address - netfilter: nf_tables: delete flowtable hooks via transaction list - powerpc/kasan: Force thread size increase with KASAN - netfilter: nf_tables: always initialize flowtable hook list in transaction - ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probe - netfilter: nf_tables: release new hooks on unsupported flowtable flags - netfilter: nf_tables: memleak flow rule from commit path - netfilter: nf_tables: bail out early if hardware offload is not supported - xen: unexport __init-annotated xen_xlate_map_ballooned_pages() - af_unix: Fix a data-race in unix_dgram_peer_wake_me(). - bpf, arm64: Clear prog->jited_len along prog->jited - net: dsa: lantiq_gswip: Fix refcount leak in gswip_gphy_fw_list - net/mlx4_en: Fix wrong return value on ioctl EEPROM query failure - SUNRPC: Fix the calculation of xdr->end in xdr_get_next_encode_buffer() - net: mdio: unexport __init-annotated mdio_bus_init() - net: xfrm: unexport __init-annotated xfrm4_protocol_init() - net: ipv6: unexport __init-annotated seg6_hmac_init() - net/mlx5: Rearm the FW tracer after each tracer event - net/mlx5: fs, fail conflicting actions - ip_gre: test csum_start instead of transport header - net: altera: Fix refcount leak in altera_tse_mdio_create - drm: imx: fix compiler warning with gcc-12 - iio: dummy: iio_simple_dummy: check the return value of kstrdup() - staging: rtl8712: fix a potential memory leak in r871xu_drv_init() - iio: st_sensors: Add a local lock for protecting odr - tty: synclink_gt: Fix null-pointer-dereference in slgt_clean() - tty: Fix a possible resource leak in icom_probe - drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop() - drivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop() - USB: host: isp116x: check return value after calling platform_get_resource() - drivers: tty: serial: Fix deadlock in sa1100_set_termios() - drivers: usb: host: Fix deadlock in oxu_bus_suspend() - USB: hcd-pci: Fully suspend across freeze/thaw cycle - sysrq: do not omit current cpu when showing backtrace of all active CPUs - usb: dwc2: gadget: don't reset gadget's driver->bus - misc: rtsx: set NULL intfdata when probe fails - extcon: Modify extcon device to be created after driver data is set - clocksource/drivers/sp804: Avoid error on multiple instances - staging: rtl8712: fix uninit-value in usb_read8() and friends - staging: rtl8712: fix uninit-value in r871xu_drv_init() - serial: msm_serial: disable interrupts in __msm_console_write() - kernfs: Separate kernfs_pr_cont_buf and rename_lock. - watchdog: wdat_wdt: Stop watchdog when rebooting the system - md: protect md_unregister_thread from reentrancy - scsi: myrb: Fix up null pointer access on myrb_cleanup() - Revert "net: af_key: add check for pfkey_broadcast in function pfkey_process" - ceph: allow ceph.dir.rctime xattr to be updatable - drm/radeon: fix a possible null pointer dereference - modpost: fix undefined behavior of is_arm_mapping_symbol() - [x86] cpu: Elide KCSAN for cpu_has() and friends - jump_label,noinstr: Avoid instrumentation for JUMP_LABEL=n builds - nbd: call genl_unregister_family() first in nbd_cleanup() - nbd: fix race between nbd_alloc_config() and module removal - nbd: fix io hung while disconnecting device - [s390x] gmap: voluntarily schedule during key setting - cifs: version operations for smb20 unneeded when legacy support disabled - nodemask: Fix return values to be unsigned - vringh: Fix loop descriptors check in the indirect cases - scripts/gdb: change kernel config dumping method - ALSA: hda/conexant - Fix loopback issue with CX20632 - ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo Yoga DuetITL 2021 - cifs: return errors during session setup during reconnects - cifs: fix reconnect on smb3 mount types - ata: libata-transport: fix {dma|pio|xfer}_mode sysfs files - mmc: block: Fix CQE recovery reset success - net: phy: dp83867: retrigger SGMII AN when link change - nfc: st21nfca: fix incorrect validating logic in EVT_TRANSACTION - nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling - nfc: st21nfca: fix incorrect sizing calculations in EVT_TRANSACTION - ixgbe: fix bcast packets Rx on VF after promisc removal - ixgbe: fix unexpected VLAN Rx in promisc mode on VF - Input: bcm5974 - set missing URB_NO_TRANSFER_DMA_MAP urb flag - drm/bridge: analogix_dp: Support PSR-exit to disable transition - drm/atomic: Force bridge self-refresh-exit on CRTC switch - [powerpc*] 32: Fix overread/overwrite of thread_struct via ptrace (CVE-2022-32981) - [powerpc*] mm: Switch obsolete dssall to .long - interconnect: qcom: sc7180: Drop IP0 interconnects - interconnect: Restore sync state by ignoring ipa-virt in provider count - md/raid0: Ignore RAID0 layout if the second zone has only one device - PCI: qcom: Fix pipe clock imbalance - zonefs: fix handling of explicit_open option on mount - dmaengine: idxd: add missing callback function to support DMA_INTERRUPT - tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.123 - [x86] Mitigate Processor MMIO Stale Data vulnerabilities (CVE-2022-21123, CVE-2022-21125, CVE-2022-21166): + Documentation: Add documentation for Processor MMIO Stale Data + x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug + x86/speculation: Add a common function for MD_CLEAR mitigation update + x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data + x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations + x86/speculation/mmio: Enable CPU Fill buffer clearing on idle + x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data + x86/speculation/srbds: Update SRBDS mitigation selection + x86/speculation/mmio: Reuse SRBDS mitigation for SBDS + KVM: x86/speculation: Disable Fill buffer clear within guests + x86/speculation/mmio: Print SMT warning https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.124 - 9p: missing chunk of "fs/9p: Don't update file type when updating file attributes" - nfsd: Replace use of rwsem with errseq_t - bpf: Fix incorrect memory charge cost calculation in stack_map_alloc() - ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo() - quota: Prevent memory allocation recursion while holding dq_lock - [armhf] ASoC: es8328: Fix event generation for deemphasis control - Input: soc_button_array - also add Lenovo Yoga Tablet2 1051F to dmi_use_low_level_irq - scsi: vmw_pvscsi: Expand vcpuHint to 16 bits - scsi: lpfc: Fix port stuck in bypassed state after LIP in PT2PT topology - scsi: lpfc: Allow reduced polling rate for nvme_admin_async_event cmd completion - scsi: ipr: Fix missing/incorrect resource cleanup in error case - scsi: pmcraid: Fix missing resource cleanup in error case - ALSA: hda/realtek - Add HW8326 support - virtio-mmio: fix missing put_device() when vm_cmdline_parent registration failed - ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg - random: credit cpu and bootloader seeds by default - pNFS: Don't keep retrying if the server replied NFS4ERR_LAYOUTUNAVAILABLE - pNFS: Avoid a live lock condition in pnfs_update_layout() - [x86] clocksource: hyper-v: unexport __init-annotated hv_init_clocksource() - i40e: Fix adding ADQ filter to TC0 - i40e: Fix calculating the number of queue pairs - i40e: Fix call trace in setup_tx_descriptors - [x86] Drivers: hv: vmbus: Release cpu lock in error case - [x86] drm/i915/reset: Fix error_state_read ptr + offset use - nvme: use sysfs_emit instead of sprintf - nvme: add device name to warning in uuid_show() - net: ax25: Fix deadlock caused by skb_recv_datagram in ax25_recvmsg - [arm64] ftrace: fix branch range checks - [arm64] ftrace: consistently handle PLTs. - block: Fix handling of offline queues in blk_mq_alloc_request_hctx() - faddr2line: Fix overlapping text section failures, the sequel - [arm64,armhf] irqchip/gic-v3: Fix error handling in gic_populate_ppi_partitions - [arm64,armhf] irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions - i2c: designware: Use standard optional ref clock implementation - [x86] mei: me: add raptor lake point S DID - [x86] comedi: vmk80xx: fix expression for tx buffer size - USB: serial: option: add support for Cinterion MV31 with new baseline - USB: serial: io_ti: add Agilent E5805A support - [arm*] usb: dwc2: Fix memory leak in dwc2_hcd_init - serial: 8250: Store to lsr_save_flags after lsr read - dm mirror log: round up region bitmap size to BITS_PER_LONG - drm/amd/display: Cap OLED brightness per max frame-average luminance - ext4: fix bug_on ext4_mb_use_inode_pa - ext4: make variable "count" signed - ext4: add reserved GDT blocks check - [arm64] KVM: arm64: Don't read a HW interrupt pending state in user context - [x86] KVM: x86: Account a variety of miscellaneous allocations - [x86] KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak - ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine - virtio-pci: Remove wrong address verification in vp_del_vqs() - dma-direct: don't over-decrypt memory - net/sched: act_police: more accurate MTU policing - net: openvswitch: fix misuse of the cached connection on tuple changes - Revert "PCI: Make pci_enable_ptm() private" - igc: Enable PCIe PTM - [arm64] clk: imx8mp: fix usb_root_clk parent https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.125 - [s390x] mm: use non-quiescing sske for KVM switch to keyed guest - zonefs: fix zonefs_iomap_begin() for reads - usb: gadget: u_ether: fix regression in setting fixed MAC address - tcp: add some entropy in __inet_hash_connect() - tcp: use different parts of the port_offset for index and offset (CVE-2022-1012) - tcp: add small random increments to the source port (CVE-2022-1012) - tcp: dynamically allocate the perturb table used by source ports (CVE-2022-1012) - tcp: increase source port perturb table to 2^16 (CVE-2022-1012, CVE-2022-32296) - tcp: drop the hash_32() part from the index calculation (CVE-2022-1012) - serial: core: Initialize rs485 RTS polarity already on probe - [arm64] mm: Don't invalidate FROM_DEVICE buffers at start of DMA transfer - io_uring: add missing item types for various requests https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.126 - io_uring: use separate list entry for iopoll requests https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.127 - vt: drop old FONT ioctls - random: schedule mix_interrupt_randomness() less often - random: quiet urandom warning ratelimit suppression message - ALSA: hda/via: Fix missing beep setup - ALSA: hda/conexant: Fix missing beep setup - ALSA: hda/realtek: Add mute LED quirk for HP Omen laptop - ALSA: hda/realtek - ALC897 headset MIC no sound - ALSA: hda/realtek: Apply fixup for Lenovo Yoga Duet 7 properly - ALSA: hda/realtek: Add quirk for Clevo PD70PNT - ALSA: hda/realtek: Add quirk for Clevo NS50PU - net: openvswitch: fix parsing of nw_proto for IPv6 fragments - btrfs: add error messages to all unrecognized mount options - mmc: sdhci-pci-o2micro: Fix card detect by dealing with debouncing - [armhf] mtd: rawnand: gpmi: Fix setting busy timeout setting - ata: libata: add qc->flags in ata_qc_complete_template tracepoint - dm era: commit metadata in postsuspend after worker stops - dm mirror log: clear log bits up to BITS_PER_LONG boundary - USB: serial: option: add Telit LE910Cx 0x1250 composition - USB: serial: option: add Quectel EM05-G modem - USB: serial: option: add Quectel RM500K module support - [arm64] drm/msm: Fix double pm_runtime_disable() call - netfilter: nftables: add nft_parse_register_load() and use it - netfilter: nftables: add nft_parse_register_store() and use it - netfilter: use get_random_u32 instead of prandom - scsi: scsi_debug: Fix zone transition to full condition - [arm64] drm/msm: use for_each_sgtable_sg to iterate over scatterlist - bpf: Fix request_sock leak in sk lookup helpers - [arm64,armhf] drm/sun4i: Fix crash during suspend after component bind failure - [amd64] bpf, x86: Fix tail call count offset calculation on bpf2bpf call - phy: aquantia: Fix AN when higher speeds than 1G are not advertised - tipc: simplify the finalize work queue - tipc: fix use-after-free Read in tipc_named_reinit - igb: fix a use-after-free issue in igb_clean_tx_ring - bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers - net/sched: sch_netem: Fix arithmetic in netem_dump() for 32-bit platforms - [arm64] drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf - [arm64] drm/msm/dp: check core_initialized before disable interrupts at dp_display_unbind() - [arm64] drm/msm/dp: fixes wrong connection state caused by failure of link train - [arm64] drm/msm/dp: deinitialize mainlink if link training failed - [arm64] drm/msm/dp: promote irq_hpd handle to handle link training correctly - [arm64] drm/msm/dp: fix connect/disconnect handled at irq_hpd - erspan: do not assume transport header is always set - x86/xen: Remove undefined behavior in setup_features() - afs: Fix dynamic root getattr - ice: ethtool: advertise 1000M speeds properly - regmap-irq: Fix a bug in regmap_irq_enable() for type_in_mask chips - igb: Make DMA faster when CPU is active on the PCIe link - virtio_net: fix xdp_rxq_info bug after suspend/resume - nvme: centralize setting the timeout in nvme_alloc_request - nvme: split nvme_alloc_request() - nvme: mark nvme_setup_passsthru() inline - nvme: don't check nvme_req flags for new req - nvme-pci: allocate nvme_command within driver pdu - nvme-pci: add NO APST quirk for Kioxia device - nvme: move the Samsung X5 quirk entry to the core quirks - [s390x] cpumf: Handle events cycles and instructions identical - iio: mma8452: fix probe fail when device tree compatible is used. - iio: adc: vf610: fix conversion mode sysfs node name - xhci: turn off port power in shutdown - xhci-pci: Allow host runtime PM as default for Intel Raptor Lake xHCI - xhci-pci: Allow host runtime PM as default for Intel Meteor Lake xHCI - [arm64,armhf] usb: chipidea: udc: check request status before setting device address - f2fs: attach inline_data after setting compression - iio:accel:bma180: rearrange iio trigger get and register - iio:accel:mxc4005: rearrange iio trigger get and register - iio: accel: mma8452: ignore the return value of reset operation - iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up() - iio: imu: inv_icm42600: Fix broken icm42600 (chip id 0 value) - iio: adc: axp288: Override TS pin bias current for some models - iio: adc: adi-axi-adc: Fix refcount leak in adi_axi_adc_attach_client - [powerpc*] Enable execve syscall exit tracepoint - [powerpc*] rtas: Allow ibm,platform-dump RTAS call with null buffer address - [powerpc*] powernv: wire up rng during setup_arch - [armhf] exynos: Fix refcount leak in exynos_map_pmu - modpost: fix section mismatch check for exported init/exit sections - random: update comment from copy_to_user() -> copy_to_iter() - [powerpc*] pseries: wire up rng during setup_arch() . [ Salvatore Bonaccorso ] * [rt] Update to 5.10.120-rt70 * [rt] Drop "crypto: cryptd - add a lock instead preempt_disable/local_bh_disable" patch * Bump ABI to 16 . [ Ben Hutchings ] * random: Enable RANDOM_TRUST_BOOTLOADER. This can be reverted using the kernel parameter: random.trust_bootloader=off * [armel,armhf] crypto: Enable optimised implementations (see #922204): - Enable CRYPTO_SHA256_ARM, CRYPTO_SHA512_ARM as modules - [armhf] Enable SHA1_ARM_NEON, CRYPTO_SHA1_ARM_CE, CRYPTO_SHA2_ARM_CE, CRYPTO_AES_ARM_BS, CRYPTO_AES_ARM_CE, CRYPTO_GHASH_ARM_CE, CRYPTO_CRCT10DIF_ARM_CE, CRYPTO_CRC32_ARM_CE as modules linux-signed-amd64 (5.10.140+1) bullseye; urgency=medium . * Sign kernel from linux 5.10.140-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.137 - Makefile: link with -z noexecstack --no-warn-rwx-segments - [x86] link vdso and boot with -z noexecstack --no-warn-rwx-segments - Revert "pNFS: nfs3_set_ds_client should set NFS_CS_NOPING" - scsi: Revert "scsi: qla2xxx: Fix disk failure to rediscover" - ALSA: bcd2000: Fix a UAF bug on the error path of probing - ALSA: hda/realtek: Add quirk for Clevo NV45PZ - ALSA: hda/realtek: Add quirk for HP Spectre x360 15-eb0xxx - wifi: mac80211_hwsim: fix race condition in pending packet - wifi: mac80211_hwsim: add back erroneously removed cast - wifi: mac80211_hwsim: use 32-bit skb cookie - add barriers to buffer_uptodate and set_buffer_uptodate - HID: wacom: Only report rotation for art pen - HID: wacom: Don't register pad_input for touch switch - [x86] KVM: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending case - [x86] KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending case - [x86] KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 - [s390x] KVM: s390: pv: don't present the ecall interrupt twice - [x86] KVM: nVMX: Let userspace set nVMX MSR to any _host_ supported value - [x86] KVM: x86: Mark TSS busy during LTR emulation _after_ all fault checks - [x86] KVM: x86: Set error code to segment selector on LLDT/LTR non-canonical #GP - [x86] KVM: x86: Tag kvm_mmu_x86_module_init() with __init - mm: Add kvrealloc() - xfs: only set IOMAP_F_SHARED when providing a srcmap to a write - xfs: fix I_DONTCACHE - mm/mremap: hold the rmap lock in write mode when moving page table entries. - ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model - ALSA: hda/cirrus - support for iMac 12,1 model - ALSA: hda/realtek: Add quirk for another Asus K42JZ model - ALSA: hda/realtek: Add a quirk for HP OMEN 15 (8786) mute LED - tty: vt: initialize unicode screen buffer - vfs: Check the truncate maximum size in inode_newsize_ok() - fs: Add missing umask strip in vfs_tmpfile - thermal: sysfs: Fix cooling_device_stats_setup() error code path - fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters - fbcon: Fix accelerated fbdev scrolling while logo is still shown - usbnet: Fix linkwatch use-after-free on disconnect - ovl: drop WARN_ON() dentry is NULL in ovl_encode_fh() - drm/gem: Properly annotate WW context on drm_gem_lock_reservations() error - [arm*] drm/vc4: hdmi: Disable audio if dmas property is present but empty - drm/nouveau: fix another off-by-one in nvbios_addr - drm/nouveau: Don't pm_runtime_put_sync(), only pm_runtime_put_autosuspend() - drm/nouveau/acpi: Don't print error when we get -EINPROGRESS from pm_runtime - drm/amdgpu: Check BO's requested pinning domains against its preferred_domains - iio: light: isl29028: Fix the warning in isl29028_remove() - scsi: sg: Allow waiting for commands to complete on removed device - scsi: qla2xxx: Fix incorrect display of max frame size - scsi: qla2xxx: Zero undefined mailbox IN registers - fuse: limit nsec - [arm64] serial: mvebu-uart: uart2 error bits clearing - md-raid: destroy the bitmap after destroying the thread - md-raid10: fix KASAN warning - PCI: Add defines for normal and subtractive PCI bridges - [powerpc*] powernv: Avoid crashing if rng is NULL - [mips64el,mipsel] cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK - usb: typec: ucsi: Acknowledge the GET_ERROR_STATUS command completion - USB: HCD: Fix URB giveback issue in tasklet function - [arm64,armhf] usb: dwc3: gadget: refactor dwc3_repare_one_trb - [arm64,armhf] usb: dwc3: gadget: fix high speed multiplier setting - netfilter: nf_tables: fix null deref due to zeroed list head - epoll: autoremove wakers even more aggressively - [x86] Handle idle=nomwait cmdline properly for x86_idle - [arm64] Do not forget syscall when starting a new thread. - [arm64] fix oops in concurrently setting insn_emulation sysctls - genirq: Don't return error on missing optional irq_request_resources() - [mips64el,mipsel] irqchip/mips-gic: Only register IPI domain when SMP is enabled - genirq: GENERIC_IRQ_IPI depends on SMP - [mips64el,mipsel] irqchip/mips-gic: Check the return value of ioremap() in gic_of_init() - wait: Fix __wait_event_hrtimeout for RT/DL tasks - [armhf] OMAP2+: display: Fix refcount leak bug - ACPI: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI quirks - ACPI: EC: Drop the EC_FLAGS_IGNORE_DSDT_GPE quirk - ACPI: PM: save NVS memory for Lenovo G40-45 - ACPI: LPSS: Fix missing check in register_device_clock() - [arm64] dts: allwinner: a64: orangepi-win: Fix LED node name - PM: hibernate: defer device probing when resuming from hibernation - selinux: Add boundary check in put_entry() - [armel,armhf] findbit: fix overflowing offset - [arm64,armhf] meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init - ACPI: processor/idle: Annotate more functions to live in cpuidle section - Input: atmel_mxt_ts - fix up inverted RESET handler - [arm64] soc: amlogic: Fix refcount leak in meson-secure-pwrc.c - [x86] pmem: Fix platform-device leak in error path - [armhf] dts: ast2500-evb: fix board compatible - [armhf] dts: ast2600-evb: fix board compatible - [arm64] cpufeature: Allow different PMU versions in ID_DFR0_EL1 - locking/lockdep: Fix lockdep_init_map_*() confusion - [arm64] soc: fsl: guts: machine variable might be unset - block: fix infinite loop for invalid zone append - [armhf] OMAP2+: Fix refcount leak in omapdss_init_of - [armhf] OMAP2+: Fix refcount leak in omap3xxx_prm_late_init - [arm64] regulator: qcom_smd: Fix pm8916_pldo range - [arm64] ACPI: APEI: Fix _EINJ vs EFI_MEMORY_SP - [arm64] bus: hisi_lpc: fix missing platform_device_put() in hisi_lpc_acpi_probe() - erofs: avoid consecutive detection for Highmem memory - blk-mq: don't create hctx debugfs dir until q->debugfs_dir is created - hwmon: (drivetemp) Add module alias - block: remove the request_queue to argument request based tracepoints - blktrace: Trace remapped requests correctly - regulator: of: Fix refcount leak bug in of_get_regulation_constraints() - nohz/full, sched/rt: Fix missed tick-reenabling bug in dequeue_task_rt() - dm: return early from dm_pr_call() if DM device is suspended - ath10k: do not enforce interrupt trigger type - wifi: rtlwifi: fix error codes in rtl_debugfs_set_write_h2c() - ath11k: fix netdev open race - drm/mipi-dbi: align max_chunk to 2 in spi_transfer - ath11k: Fix incorrect debug_mask mappings - drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers() - virtio-gpu: fix a missing check to avoid NULL dereference - [arm64] drm: adv7511: override i2c address of cec before accessing it - net: fix sk_wmem_schedule() and sk_rmem_schedule() errors - i2c: Fix a potential use after free - media: tw686x: Register the irq at the end of probe - ath9k: fix use-after-free in ath9k_hif_usb_rx_cb (CVE-2022-1679) - wifi: iwlegacy: 4965: fix potential off-by-one overflow in il4965_rs_fill_link_cmd() - drm/radeon: fix incorrrect SPDX-License-Identifiers - [amd64] crypto: ccp - During shutdown, check SEV data pointer before using - [arm64] drm: bridge: adv7511: Add check for mipi_dsi_driver_register - media: hdpvr: fix error value returns in hdpvr_read - [arm64,armhf] media: v4l2-mem2mem: prevent pollerr when last_buffer_dequeued is set - media: tw686x: Fix memory leak in tw686x_video_init - [arm*] drm/vc4: plane: Remove subpixel positioning check - [arm*] drm/vc4: plane: Fix margin calculations for the right/bottom edges - [arm*] drm/vc4: dsi: Correct DSI divider calculations - [arm*] drm/vc4: dsi: Correct pixel order for DSI0 - [arm*] drm/vc4: drv: Remove the DSI pointer in vc4_drv - [arm*] drm/vc4: dsi: Use snprintf for the PHY clocks instead of an array - [arm*] drm/vc4: dsi: Introduce a variant structure - [arm*] drm/vc4: dsi: Register dsi0 as the correct vc4 encoder type - [arm*] drm/vc4: dsi: Fix dsi0 interrupt support - [arm*] drm/vc4: dsi: Add correct stop condition to vc4_dsi_encoder_disable iteration - [arm*] drm/vc4: hdmi: Remove firmware logic for MAI threshold setting - [arm*] drm/vc4: hdmi: Avoid full hdmi audio fifo writes - [arm*] drm/vc4: hdmi: Don't access the connector state in reset if kmalloc fails - [arm*] drm/vc4: hdmi: Limit the BCM2711 to the max without scrambling - [arm*] drm/vc4: hdmi: Fix timings for interlaced modes - [arm*] drm/vc4: hdmi: Correct HDMI timing registers for interlaced modes - [arm64,armhf] drm/rockchip: vop: Don't crash for invalid duplicate_state() - [arm64,armhf] drm/rockchip: Fix an error handling path rockchip_dp_probe() - lib: bitmap: order includes alphabetically - lib: bitmap: provide devm_bitmap_alloc() and devm_bitmap_zalloc() - hinic: Use the bitmap API when applicable - net: hinic: fix bug that ethtool get wrong stats - net: hinic: avoid kernel hung in hinic_get_stats64() - [arm64] drm/msm/mdp5: Fix global state lock backoff - mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg - mediatek: mt76: mac80211: Fix missing of_node_put() in mt76_led_init() - tcp: make retransmitted SKB fit into the send window - bpf: Fix subprog names in stack traces. - fs: check FMODE_LSEEK to control internal pipe splicing - wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi() - [i386] can: pch_can: do not report txerr and rxerr during bus-off - can: sja1000: do not report txerr and rxerr during bus-off - [armhf] can: sun4i_can: do not report txerr and rxerr during bus-off - can: kvaser_usb_hydra: do not report txerr and rxerr during bus-off - can: kvaser_usb_leaf: do not report txerr and rxerr during bus-off - can: usb_8dev: do not report txerr and rxerr during bus-off - can: error: specify the values of data[5..7] of CAN error frames - [i386] can: pch_can: pch_can_error(): initialize errc before using it - Bluetooth: hci_intel: Add check for platform_driver_register - wifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()` - wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue - wifi: libertas: Fix possible refcount leak in if_usb_probe() - [arm64,armhf] media: cedrus: hevc: Add check for invalid timestamp - net/mlx5e: Remove WARN_ON when trying to offload an unsupported TLS cipher/version - net/mlx5e: Fix the value of MLX5E_MAX_RQ_NUM_MTTS - [arm64] crypto: inside-secure - Add missing MODULE_DEVICE_TABLE for of - inet: add READ_ONCE(sk->sk_bound_dev_if) in INET_MATCH() - tcp: sk->sk_bound_dev_if once in inet_request_bound_dev_if() - ipv6: add READ_ONCE(sk->sk_bound_dev_if) in INET6_MATCH() - tcp: Fix data-races around sysctl_tcp_l3mdev_accept. - net: allow unbound socket for packets in VRF when tcp_l3mdev_accept set - iavf: Fix max_rate limiting - net: rose: fix netdev reference changes - dccp: put dccp_qpolicy_full() and dccp_qpolicy_push() in the same lock - wireguard: ratelimiter: use hrtimer in selftest - wireguard: allowedips: don't corrupt stack when detecting overflow - HID: cp2112: prevent a buffer overflow in cp2112_xfer() - mtd: partitions: Fix refcount leak in parse_redboot_of - [arm64,armhf] usb: xhci: tegra: Fix error check - netfilter: xtables: Bring SPDX identifier back - [arm64,armhf] platform/chrome: cros_ec: Always expose last resume result - KVM: Don't set Accessed/Dirty bits for ZERO_PAGE - mwifiex: Ignore BTCOEX events from the 88W8897 firmware - mwifiex: fix sleep in atomic context bugs caused by dev_coredumpv - misc: rtsx: Fix an error handling path in rtsx_pci_probe() - driver core: fix potential deadlock in __driver_attach - usb: host: xhci: use snprintf() in xhci_decode_trb() - [arm64,armhf] PCI: dwc: Add unroll iATU space support to dw_pcie_disable_atu() - [arm64,armhf] PCI: dwc: Always enable CDM check if "snps,enable-cdm-check" exists - soundwire: bus_type: fix remove and shutdown support - [arm64] KVM: arm64: Don't return from void function - [x86] intel_th: Fix a resource leak in an error handling path - [x86] intel_th: msu-sink: Potential dereference of null pointer - [x86] intel_th: msu: Fix vmalloced buffers - [x86] staging: rtl8192u: Fix sleep in atomic context bug in dm_fsync_timer_callback - [arm64] mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch - mmc: block: Add single read for 4k sector cards - [s390x] KVM: s390: pv: leak the topmost page table when destroy fails - PCI/portdrv: Don't disable AER reporting in get_port_device_capability() - [arm64] PCI: qcom: Set up rev 2.1.0 PARF_PHY before enabling clocks - scsi: smartpqi: Fix DMA direction for RAID requests - [armhf] usb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc() - [arm64,armhf] usb: dwc3: core: Deprecate GCTL.CORESOFTRESET - [arm64,armhf] usb: dwc3: core: Do not perform GCTL_CORE_SOFTRESET during bootup - [arm64,armhf] usb: dwc3: qcom: fix missing optional irq warnings - RDMA/qedr: Improve error logs for rdma_alloc_tid error return - RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr() - [arm64] RDMA/hns: Fix incorrect clearing of interrupt status register - [amd64] RDMA/hfi1: fix potential memory leak in setup_base_ctxt() - gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data() - [mips64el,mipsel] mmc: cavium-octeon: Add of_node_put() when breaking out of loop - HID: alps: Declare U1_UNICORN_LEGACY support - USB: serial: fix tty-port initialized comments - [armhf,i386] platform/olpc: Fix uninitialized data in debugfs write - RDMA/srpt: Duplicate port name members - RDMA/srpt: Introduce a reference count in struct srpt_device - RDMA/srpt: Fix a use-after-free - mm/mmap.c: fix missing call to vm_unacct_memory in mmap_region - RDMA/mlx5: Add missing check for return value in get namespace flow - RDMA/rxe: Fix error unwind in rxe_create_qp() - null_blk: fix ida error handling in null_add_dev() - nvme: use command_id instead of req->tag in trace_nvme_complete_rq() - jbd2: fix outstanding credits assert in jbd2_journal_commit_transaction() - ext4: recover csum seed of tmp_inode after migrating to extents - jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted - opp: Fix error check in dev_pm_opp_attach_genpd() - serial: 8250: Export ICR access helpers for internal use - serial: 8250_dw: Store LSR into lsr_saved_flags in dw8250_tx_wait_empty() - profiling: fix shift too large makes kernel panic - tty: n_gsm: Delete gsmtty open SABM frame when config requester - tty: n_gsm: fix user open not possible at responder until initiator open - tty: n_gsm: fix wrong queuing behavior in gsm_dlci_data_output() - tty: n_gsm: fix non flow control frames during mux flow off - tty: n_gsm: fix packet re-transmission without open control channel - tty: n_gsm: fix race condition in gsmld_write() - [arm64] ASoC: qcom: Fix missing of_node_put() in asoc_qcom_lpass_cpu_platform_probe() - vfio: Remove extra put/gets around vfio_device->group - vfio: Simplify the lifetime logic for vfio_device - vfio: Split creation of a vfio_device into init and register ops - tty: n_gsm: fix wrong T1 retry count handling - tty: n_gsm: fix DM command - tty: n_gsm: fix missing corner cases in gsmld_poll() - kfifo: fix kfifo_to_user() return type - lib/smp_processor_id: fix imbalanced instrumentation_end() call - [arm64] mfd: max77620: Fix refcount leak in max77620_initialise_fps - [arm64] iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of loop - [s390x] dump: fix old lowcore virtual vs physical address confusion - fuse: Remove the control interface for virtio-fs - [armhf] ASoC: audio-graph-card: Add of_node_put() in fail path - [arm64] watchdog: armada_37xx_wdt: check the return value of devm_ioremap() in armada_37xx_wdt_probe() - [arm64,armhf] video: fbdev: amba-clcd: Fix refcount leak bugs - video: fbdev: sis: fix typos in SiS_GetModeID() - [powerpc*] pci: Prefer PCI domain assignment via DT 'linux,pci-domain' and alias - f2fs: don't set GC_FAILURE_PIN for background GC - f2fs: write checkpoint during FG_GC - f2fs: fix to remove F2FS_COMPR_FL and tag F2FS_NOCOMP_FL at the same time - [powerpc*] xive: Fix refcount leak in xive_get_max_prio - kprobes: Forbid probing on trampoline and BPF code areas - [powerpc*] pci: Fix PHB numbering when using opal-phbid - sched/deadline: Merge dl_task_can_attach() and dl_cpu_busy() - sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed - [amd64] x86/numa: Use cpumask_available instead of hardcoded NULL check - video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock() - sched: Fix the check of nr_running at queue wakelist - video: fbdev: vt8623fb: Check the size of screen before memset_io() - video: fbdev: arkfb: Check the size of screen before memset_io() - video: fbdev: s3fb: Check the size of screen before memset_io() - [s390x] scsi: zfcp: Fix missing auto port scan and thus missing target ports - scsi: qla2xxx: Fix discovery issues in FC-AL topology - scsi: qla2xxx: Turn off multi-queue for 8G adapters - scsi: qla2xxx: Fix erroneous mailbox timeout after PCI error injection - scsi: qla2xxx: Fix losing FCP-2 targets on long port disable with I/Os - scsi: qla2xxx: Fix losing FCP-2 targets during port perturbation tests - [x86] bugs: Enable STIBP for IBPB mitigated RETBleed - [x86] ftrace/x86: Add back ftrace_expected assignment - __follow_mount_rcu(): verify that mount_lock remains unchanged - spmi: trace: fix stack-out-of-bound access in SPMI tracing functions - [x86] drm/i915/dg1: Update DMC_DEBUG3 register - HID: Ignore battery for Elan touchscreen on HP Spectre X360 15-df0xxx - HID: hid-input: add Surface Go battery quirk - [arm*] drm/vc4: drv: Adopt the dma configuration from the HVS or V3D component - usbnet: smsc95xx: Don't clear read-only PHY interrupt - usbnet: smsc95xx: Avoid link settings race on interrupt reception - [x86] intel_th: pci: Add Meteor Lake-P support - [x86] intel_th: pci: Add Raptor Lake-S PCH support - [x86] intel_th: pci: Add Raptor Lake-S CPU support - [x86] KVM: set_msr_mce: Permit guests to ignore single-bit ECC errors - [x86] KVM: x86: Signal #GP, not -EPERM, on bad WRMSR(MCi_CTL/STATUS) - [amd64] iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE) - PCI/AER: Write AER Capability only when we control it - PCI/ERR: Bind RCEC devices to the Root Port driver - PCI/ERR: Rename reset_link() to reset_subordinates() - PCI/ERR: Simplify by using pci_upstream_bridge() - PCI/ERR: Simplify by computing pci_pcie_type() once - PCI/ERR: Use "bridge" for clarity in pcie_do_recovery() - PCI/ERR: Avoid negated conditional for clarity - PCI/ERR: Add pci_walk_bridge() to pcie_do_recovery() - PCI/ERR: Recover from RCEC AER errors - PCI/AER: Iterate over error counters instead of error strings - serial: 8250: Dissociate 4MHz Titan ports from Oxford ports - serial: 8250: Correct the clock for OxSemi PCIe devices - serial: 8250_pci: Refactor the loop in pci_ite887x_init() - serial: 8250_pci: Replace dev_*() by pci_*() macros - serial: 8250: Fold EndRun device support into OxSemi Tornado code - dm writecache: set a default MAX_WRITEBACK_JOBS - dm thin: fix use-after-free crash in dm_sm_register_threshold_callback - timekeeping: contribute wall clock to rng on time change - btrfs: reject log replay if there is unsupported RO compat flag - btrfs: reset block group chunk force if we have to wait - [amd64,arm64] ACPI: CPPC: Do not prevent CPPC from working in the future - [x86] KVM: VMX: Drop guest CPUID check for VMXE in vmx_set_cr4() - [x86] KVM: VMX: Drop explicit 'nested' check from vmx_set_cr4() - [x86] KVM: SVM: Drop VMXE check from svm_set_cr4() - [x86] KVM: x86: Move vendor CR4 validity check to dedicated kvm_x86_ops hook - [x86] KVM: nVMX: Inject #UD if VMXON is attempted with incompatible CR0/CR4 - [x86] KVM: x86/pmu: preserve IA32_PERF_CAPABILITIES across CPUID refresh - [x86] KVM: x86/pmu: Use binary search to check filtered events - [x86] KVM: x86/pmu: Use different raw event masks for AMD and Intel - [x86] KVM: x86/pmu: Introduce the ctrl_mask value for fixed counter - [x86] KVM: VMX: Mark all PERF_GLOBAL_(OVF)_CTRL bits reserved if there's no vPMU - [x86] KVM: x86/pmu: Ignore pmu->global_ctrl check if vPMU doesn't support global_ctrl - xen-blkback: fix persistent grants negotiation - xen-blkback: Apply 'feature_persistent' parameter when connect - xen-blkfront: Apply 'feature_persistent' parameter when connect - KEYS: asymmetric: enforce SM2 signature use pkey algo - tpm: eventlog: Fix section mismatch for DEBUG_SECTION_MISMATCH - tracing: Use a struct alignof to determine trace event field alignment - ext4: check if directory block is within i_size (CVE-2022-1184) - ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h - ext4: fix warning in ext4_iomap_begin as race between bmap and write - ext4: make sure ext4_append() always allocates new block - ext4: fix use-after-free in ext4_xattr_set_entry - ext4: update s_overhead_clusters in the superblock during an on-line resize - ext4: fix extent status tree race in writeback error recovery path - ext4: correct max_inline_xattr_value_size computing - ext4: correct the misjudgment in ext4_iget_extra_inode - dm raid: fix address sanitizer warning in raid_resume - dm raid: fix address sanitizer warning in raid_status - KVM: Add infrastructure and macro to mark VM as bugged - [x86] KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC irq (CVE-2022-2153) - [x86] KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast() (CVE-2022-2153) - mac80211: fix a memory leak where sta_info is not freed - tcp: fix over estimation in sk_forced_mem_schedule() - Revert "mwifiex: fix sleep in atomic context bugs caused by dev_coredumpv" - [arm*] drm/vc4: change vc4_dma_range_matches from a global to static - Revert "net: usb: ax88179_178a needs FLAG_SEND_ZLP" - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression - [x86] kvm: x86/pmu: Fix the compare function used by the pmu event filter - [arm64] tee: add overflow check in register_shm_helper() - net/9p: Initialize the iounit field during fid creation - net_sched: cls_route: disallow handle of 0 - sched/fair: Fix fault in reweight_entity - btrfs: only write the sectors in the vertical stripe which has data stripes - btrfs: raid56: don't trust any cached sector in __raid56_parity_recover() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.138 - ALSA: info: Fix llseek return value when using callback - ALSA: hda/realtek: Add quirk for Clevo NS50PU, NS70PU - [x86] mm: Use proper mask when setting PUD mapping - rds: add missing barrier to release_refill - ata: libata-eh: Add missing command name - [arm64] mmc: meson-gx: Fix an error handling path in meson_mmc_probe() - btrfs: fix lost error handling when looking up extended ref on log replay - tracing: Have filter accept "common_cpu" to be consistent - ALSA: usb-audio: More comprehensive mixer map for ASUS ROG Zenith II - can: ems_usb: fix clang's -Wunaligned-access warning - apparmor: fix quiet_denied for file rules - apparmor: fix absroot causing audited secids to begin with = - apparmor: Fix failed mount permission check error message - apparmor: fix aa_label_asxprint return check - apparmor: fix setting unconfined mode on a loaded profile - apparmor: fix overlapping attachment computation - apparmor: fix reference count leak in aa_pivotroot() - apparmor: Fix memleak in aa_simple_write_to_buffer() - Documentation: ACPI: EINJ: Fix obsolete example - NFSv4.1: Don't decrease the value of seq_nr_highest_sent - NFSv4.1: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly - NFSv4: Fix races in the legacy idmapper upcall - NFSv4.1: RECLAIM_COMPLETE must handle EACCES - NFSv4/pnfs: Fix a use-after-free bug in open - bpf: Acquire map uref in .init_seq_private for array map iterator - bpf: Acquire map uref in .init_seq_private for hash map iterator - bpf: Acquire map uref in .init_seq_private for sock local storage map iterator - bpf: Acquire map uref in .init_seq_private for sock{map,hash} iterator - bpf: Check the validity of max_rdwr_access for sock local storage map iterator - can: mcp251x: Fix race condition on receive interrupt - [amd64,arm64] net: atlantic: fix aq_vec index out of range error - sunrpc: fix expiry of auth creds - SUNRPC: Reinitialise the backchannel request buffers before reuse - virtio_net: fix memory leak inside XPD_TX with mergeable - devlink: Fix use-after-free after a failed reload - [arm64] pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed - [arm64,armhf] pinctrl: sunxi: Add I/O bias setting for H6 R-PIO - ACPI: property: Return type of acpi_add_nondev_subnodes() should be bool - geneve: do not use RT_TOS for IPv6 flowlabel - ipv6: do not use RT_TOS for IPv6 flowlabel - [x86] plip: avoid rcu debug splat - vsock: Fix memory leak in vsock_connect() - vsock: Set socket state back to SS_UNCONNECTED in vsock_connect_timeout() - dt-bindings: arm: qcom: fix MSM8916 MTP compatibles - dt-bindings: clock: qcom,gcc-msm8996: add more GCC clock sources - ceph: use correct index when encoding client supported features - ceph: don't leak snap_rwsem in handle_cap_grant - nfp: ethtool: fix the display error of `ethtool -m DEVNAME` - xen/xenbus: fix return type in xenbus_file_read() - atm: idt77252: fix use-after-free bugs caused by tst_timer - geneve: fix TOS inheriting for ipv4 - [arm64] dpaa2-eth: trace the allocated address instead of page struct - iavf: Fix adminq error handling - netfilter: nf_tables: really skip inactive sets when allocating name - netfilter: nf_tables: validate NFTA_SET_ELEM_OBJREF based on NFT_SET_OBJECT flag - netfilter: nf_tables: check NFT_SET_CONCAT flag if field_count is specified - [powerpc*] pci: Fix get_phb_number() locking - [arm64,armhf] spi: meson-spicc: add local pow2 clock ops to preserve rate between messages - [arm64,armhf] net: dsa: mv88e6060: prevent crash on an unused port - [arm64] net: dsa: felix: fix ethtool 256-511 and 512-1023 TX packet counters - net: genl: fix error path memory leak in policy dumping - ice: Ignore EEXIST when setting promisc mode - [arm64,armhf] i2c: imx: Make sure to unregister adapter on remove() - regulator: pca9450: Remove restrictions for regulator-name - i40e: Fix to stop tx_timeout recovery if GLOBR fails - [arm64,armhf] fec: Fix timer capture timing in `fec_ptp_enable_pps()` - [x86] stmmac: intel: Add a missing clk_disable_unprepare() call in intel_eth_pci_remove() - igb: Add lock to avoid data race - kbuild: fix the modules order between drivers and libs - locking/atomic: Make test_and_*_bit() ordered on failure - [x86] ASoC: SOF: intel: move sof_intel_dsp_desc() forward - [arm64] drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors() - audit: log nftables configuration change events once per table - netfilter: nftables: add helper function to set the base sequence number - netfilter: add helper function to set up the nfnetlink header and use it - [armhf] drm/sun4i: dsi: Prevent underflow when computing packet sizes - PCI: Add ACS quirk for Broadcom BCM5750x NICs - [arm64,armhf] platform/chrome: cros_ec_proto: don't show MKBP version if unsupported - usb: gadget: uvc: call uvc uvcg_warn on completed status instead of uvcg_info - [arm64,armhf] irqchip/tegra: Fix overflow implicit truncation warnings - [arm64] drm/meson: Fix overflow implicit truncation warnings - [armhf] clk: ti: Stop using legacy clkctrl names for omap4 and 5 - [arm*] usb: dwc2: gadget: remove D+ pull-up while no vbus with usb-role-switch - [x86] vboxguest: Do not use devm for irq - uacce: Handle parent device removal or parent driver module rmmod - zram: do not lookup algorithm in backends table - [arm64] clk: qcom: clk-alpha-pll: fix clk_trion_pll_configure description - scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input - gadgetfs: ep_io - wait until IRQ finishes - [x86] pinctrl: intel: Check against matching data instead of ACPI companion - [powerpc*] cxl: Fix a memory leak in an error handling path - [arm64] PCI/ACPI: Guard ARM64-specific mcfg_quirks - RDMA/rxe: Limit the number of calls to each tasklet - md: Notify sysfs sync_completed in md_reap_sync_thread() - nvmet-tcp: fix lockdep complaint on nvmet_tcp_wq flush during queue teardown - drivers:md:fix a potential use-after-free bug - ext4: avoid remove directory when directory is corrupted - ext4: avoid resizing to a partial cluster size - lib/list_debug.c: Detect uninitialized lists - vfio: Clear the caps->buf to NULL after free - [mips64el,mipsel] cavium-octeon: Fix missing of_node_put() in octeon2_usb_clocks_start - modules: Ensure natural alignment for .altinstructions and __bug_table sections - watchdog: export lockup_detector_reconfigure - ALSA: core: Add async signal helpers - ALSA: timer: Use deferred fasync helper - ALSA: control: Use deferred fasync helper - f2fs: fix to avoid use f2fs_bug_on() in f2fs_new_node_page() - f2fs: fix to do sanity check on segment type in build_sit_entries() - smb3: check xattr value length earlier - [powerpc*] 64: Init jump labels before parse_early_param() - netfilter: nftables: fix a warning message in nf_tables_commit_audit_collect() - netfilter: nf_tables: fix audit memory leak in nf_tables_commit - tracing/probes: Have kprobes and uprobes use $COMM too - can: j1939: j1939_sk_queue_activate_next_locked(): replace WARN_ON_ONCE with netdev_warn_once() - can: j1939: j1939_session_destroy(): fix memory leak of skbs - PCI/ERR: Retain status from error notification - qrtr: Convert qrtr_ports from IDR to XArray - bpf: Fix KASAN use-after-free Read in compute_effective_progs - [arm64] tee: fix memory leak in tee_shm_register() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.139 https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.140 - audit: fix potential double free on error path from fsnotify_add_inode_mark - pinctrl: amd: Don't save/restore interrupt status and wake status bits - xfs: prevent a WARN_ONCE() in xfs_ioc_attr_list() - xfs: reject crazy array sizes being fed to XFS_IOC_GETBMAP* - fs: remove __sync_filesystem - vfs: make sync_filesystem return errors from ->sync_fs - xfs: return errors in xfs_fs_sync_fs - xfs: only bother with sync_filesystem during readonly remount - kernel/sched: Remove dl_boosted flag comment - xfrm: fix refcount leak in __xfrm_policy_check() - xfrm: clone missing x->lastused in xfrm_do_migrate - af_key: Do not call xfrm_probe_algs in parallel (CVE-2022-3028) - xfrm: policy: fix metadata dst->dev xmit null pointer dereference - NFS: Don't allocate nfs_fattr on the stack in __nfs42_ssc_open() - NFSv4.2 fix problems with __nfs42_ssc_open - SUNRPC: RPC level errors should set task->tk_rpc_status - mm/huge_memory.c: use helper function migration_entry_to_page() - mm/smaps: don't access young/dirty bit if pte unpresent - rose: check NULL rose_loopback_neigh->loopback - ice: xsk: Force rings to be sized to power of 2 - ice: xsk: prohibit usage of non-balanced queue id - net/mlx5e: Properly disable vlan strip on non-UL reps - bonding: 802.3ad: fix no transmission of LACPDUs - net: ipvtap - add __init/__exit annotations to module init/exit funcs - netfilter: ebtables: reject blobs that don't provide all entry points - bnxt_en: fix NQ resource accounting during vf creation on 57500 chips - netfilter: nft_payload: report ERANGE for too long offset and length - netfilter: nft_payload: do not truncate csum_offset and csum_type - netfilter: nf_tables: do not leave chain stats enabled on error - netfilter: nft_osf: restrict osf to ipv4, ipv6 and inet families - netfilter: nft_tunnel: restrict it to netdev family - netfilter: nftables: remove redundant assignment of variable err - netfilter: nf_tables: consolidate rule verdict trace call - netfilter: nft_cmp: optimize comparison for 16-bytes - netfilter: bitwise: improve error goto labels - netfilter: nf_tables: upfront validation of data via nft_data_init() - netfilter: nf_tables: disallow jump to implicit chain from set element - netfilter: nf_tables: disallow binding to already bound chain (CVE-2022-39190) - tcp: tweak len/truesize ratio for coalesce candidates - net: Fix data-races around sysctl_[rw]mem(_offset)?. - net: Fix data-races around sysctl_[rw]mem_(max|default). - net: Fix data-races around weight_p and dev_weight_[rt]x_bias. - net: Fix data-races around netdev_max_backlog. - net: Fix data-races around netdev_tstamp_prequeue. - ratelimit: Fix data-races in ___ratelimit(). - bpf: Folding omem_charge() into sk_storage_charge() - net: Fix data-races around sysctl_optmem_max. - net: Fix a data-race around sysctl_tstamp_allow_data. - net: Fix a data-race around sysctl_net_busy_poll. - net: Fix a data-race around sysctl_net_busy_read. - net: Fix a data-race around netdev_budget. - net: Fix a data-race around netdev_budget_usecs. - net: Fix data-races around sysctl_fb_tunnels_only_for_init_net. - net: Fix data-races around sysctl_devconf_inherit_init_net. - net: Fix a data-race around sysctl_somaxconn. - ixgbe: stop resetting SYSTIME in ixgbe_ptp_start_cyclecounter - rxrpc: Fix locking in rxrpc's sendmsg - btrfs: fix silent failure when deleting root reference - btrfs: replace: drop assert for suspended replace - btrfs: add info when mount fails due to stale replace target - btrfs: check if root is readonly while setting security xattr - [x86] perf/x86/lbr: Enable the branch type for the Arch LBR by default - [amd64] x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry - [x86] bugs: Add "unknown" reporting for MMIO Stale Data - loop: Check for overflow while configuring loop - asm-generic: sections: refactor memory_intersects - [s390x] fix double free of GS and RI CBs on fork() failure - [x86] ACPI: processor: Remove freq Qos request for all CPUs - xen/privcmd: fix error exit of privcmd_ioctl_dm_op() - mm/hugetlb: fix hugetlb not supporting softdirty tracking - Revert "md-raid: destroy the bitmap after destroying the thread" - md: call __md_stop_writes in md_stop - [arm64] Fix match_list for erratum 1286807 on Arm Cortex-A76 - Documentation/ABI: Mention retbleed vulnerability info file for sysfs - blk-mq: fix io hung due to missing commit_rqs - [x86] perf/x86/intel/uncore: Fix broken read_counter() for SNB IMC PMU - [x86] scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq - bpf: Don't use tnum_range on array range checking for poke descriptors (CVE-2022-2905) . [ Salvatore Bonaccorso ] * Bump ABI to 18 * certs: Rotate to use the "Debian Secure Boot Signer 2022 - linux" certificate (Closes: #1018752) * [x86] nospec: Unwreck the RSB stuffing * [x86] nospec: Fix i386 RSB stuffing (Closes: #1017425) * mm: Force TLB flush for PFNMAP mappings before unlink_file_vma() (CVE-2022-39188) * Revert "PCI/portdrv: Don't disable AER reporting in get_port_device_capability()" * bpf: Don't redirect packets with invalid pkt_len * mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse * net/af_packet: check len when min_header_len equals to 0 linux-signed-amd64 (5.10.136+1) bullseye-security; urgency=high . * Sign kernel from linux 5.10.136-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.128 - MAINTAINERS: add Amir as xfs maintainer for 5.10.y - drm: remove drm_fb_helper_modinit - tick/nohz: unexport __init-annotated tick_nohz_full_setup() - bcache: memset on stack variables in bch_btree_check() and bch_sectors_dirty_init() - xfs: use kmem_cache_free() for kmem_cache objects - xfs: punch out data fork delalloc blocks on COW writeback failure - xfs: Fix the free logic of state in xfs_attr_node_hasname - xfs: remove all COW fork extents when remounting readonly - xfs: check sb_meta_uuid for dabuf buffer recovery - [powerpc*] ftrace: Remove ftrace init tramp once kernel init is complete - [arm64] net: mscc: ocelot: allow unregistered IP multicast flooding https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.129 - drm/amdgpu: To flush tlb for MMHUB of RAVEN series - ipv6: take care of disable_policy when restoring routes - nvme-pci: add NVME_QUIRK_BOGUS_NID for ADATA XPG SX6000LNP (AKA SPECTRIX S40G) - nvdimm: Fix badblocks clear off-by-one error - [powerpc*] bpf: Fix use of user_pt_regs in uapi - dm raid: fix accesses beyond end of raid member array - [s390x] archrandom: simplify back to earlier design and initialize earlier - SUNRPC: Fix READ_PLUS crasher (Closes: #1014793) - net: usb: ax88179_178a: Fix packet receiving - virtio-net: fix race between ndo_open() and virtio_device_ready() - [armhf] net: dsa: bcm_sf2: force pause link settings - net: tun: unlink NAPI from device on destruction - net: tun: stop NAPI when detaching queues - net: dp83822: disable false carrier interrupt - net: dp83822: disable rx error interrupt - RDMA/qedr: Fix reporting QP timeout attribute - RDMA/cm: Fix memory leak in ib_cm_insert_listen - linux/dim: Fix divide by 0 in RDMA DIM - usbnet: fix memory allocation in helpers - net: ipv6: unexport __init-annotated seg6_hmac_net_init() - NFSD: restore EINVAL error translation in nfsd_commit() - netfilter: nft_dynset: restore set element counter when failing to update - net/sched: act_api: Notify user space if any actions were flushed before error - net: bonding: fix possible NULL deref in rlb code - net: bonding: fix use-after-free after 802.3ad slave unbind - tipc: move bc link creation back to tipc_node_create - epic100: fix use after free on rmmod - io_uring: ensure that send/sendmsg and recv/recvmsg check sqe->ioprio - tunnels: do not assume mac header is set in skb_tunnel_check_pmtu() - net: tun: avoid disabling NAPI twice - xfs: use current->journal_info for detecting transaction recursion - xfs: rename variable mp to parsing_mp - xfs: Skip repetitive warnings about mount options - xfs: ensure xfs_errortag_random_default matches XFS_ERRTAG_MAX - xfs: fix xfs_trans slab cache name - xfs: update superblock counters correctly for !lazysbcount - xfs: fix xfs_reflink_unshare usage of filemap_write_and_wait_range - tcp: add a missing nf_reset_ct() in 3WHS handling - xen/gntdev: Avoid blocking in unmap_grant_pages() - [arm64] drivers: cpufreq: Add missing of_node_put() in qoriq-cpufreq.c - sit: use min - ipv6/sit: fix ipip6_tunnel_get_prl return value - hwmon: (ibmaem) don't call platform_device_del() if platform_device_add() fails - net: usb: qmi_wwan: add Telit 0x1060 composition - net: usb: qmi_wwan: add Telit 0x1070 composition https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.130 - mm/slub: add missing TID updates on slab deactivation - ALSA: hda/realtek: Add quirk for Clevo L140PU - can: bcm: use call_rcu() instead of costly synchronize_rcu() - can: gs_usb: gs_usb_open/close(): fix memory leak - bpf: Fix incorrect verifier simulation around jmp32's jeq/jne - bpf: Fix insufficient bounds propagation from adjust_scalar_min_max_vals - usbnet: fix memory leak in error case - netfilter: nft_set_pipapo: release elements in clone from abort path - [amd64] iommu/vt-d: Fix PCI bus rescan device hot add - PM: runtime: Redefine pm_runtime_release_supplier() - memregion: Fix memregion_free() fallback definition - video: of_display_timing.h: include errno.h - [powerpc*] powernv: delay rng platform device creation until later in boot - can: kvaser_usb: replace run-time checks with struct kvaser_usb_driver_info - can: kvaser_usb: kvaser_usb_leaf: fix CAN clock frequency regression - can: kvaser_usb: kvaser_usb_leaf: fix bittiming limits - xfs: remove incorrect ASSERT in xfs_rename - [armhf] meson: Fix refcount leak in meson_smp_prepare_cpus - [armhf] pinctrl: sunxi: a83t: Fix NAND function name for some pins - [arm64] dts: imx8mp-evk: correct mmc pad settings - [arm64] dts: imx8mp-evk: correct the uart2 pinctl value - [arm64] dts: imx8mp-evk: correct gpio-led pad settings - [arm64] dts: imx8mp-evk: correct I2C3 pad settings - [arm64,armhf] pinctrl: sunxi: sunxi_pconf_set: use correct offset - [arm64] dts: qcom: msm8992-*: Fix vdd_lvs1_2-supply typo - xsk: Clear page contiguity bit when unmapping pool - i40e: Fix dropped jumbo frames statistics - r8169: fix accessing unset transport header - [armhf] dmaengine: imx-sdma: Allow imx8m for imx7 FW revs - misc: rtsx_usb: fix use of dma mapped buffer for usb bulk transfer - misc: rtsx_usb: use separate command and response buffers - misc: rtsx_usb: set return value in rsp_buf alloc err path - dt-bindings: dma: allwinner,sun50i-a64-dma: Fix min/max typo - ida: don't use BUG_ON() for debugging - [arm64,armhf] dmaengine: pl330: Fix lockdep warning about non-static key - [armhf] dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate - [armhf] dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.131 - [armhf] Revert "mtd: rawnand: gpmi: Fix setting busy timeout setting" https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.132 - [x86] ALSA: hda - Add fixup for Dell Latitidue E5430 - [x86] ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model - [x86] ALSA: hda/realtek: Fix headset mic for Acer SF313-51 - [x86] ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671 - [x86] ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc221 - [x86] ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop - xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue - fix race between exit_itimers() and /proc/pid/timers - mm: split huge PUD on wp_huge_pud fallback - tracing/histograms: Fix memory leak problem - net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale pointer - ip: fix dflt addr selection for connected nexthop - [armhf] 9213/1: Print message about disabled Spectre workarounds only once - [armel,armhf] 9214/1: alignment: advance IT state after emulating Thumb instruction - wifi: mac80211: fix queue selection for mesh/OCB interfaces - cgroup: Use separate src/dst nodes when preloading css_sets for migration - btrfs: return -EAGAIN for NOWAIT dio reads/writes on compressed and inline extents - [arm64,armhf] drm/panfrost: Put mapping instead of shmem obj on panfrost_mmu_map_fault_addr() error - [arm64,armhf] drm/panfrost: Fix shrinker list corruption by madvise IOCTL - fs/remap: constrain dedupe of EOF blocks - nilfs2: fix incorrect masking of permission flags for symlinks - sh: convert nommu io{re,un}map() to static inline functions - Revert "evm: Fix memleak in init_desc" - ext4: fix race condition between ext4_write and ext4_convert_inline_data - [armhf] dts: imx6qdl-ts7970: Fix ngpio typo and count - [armhf] 9209/1: Spectre-BHB: avoid pr_info() every time a CPU comes out of idle - [armel,armhf] 9210/1: Mark the FDT_FIXED sections as shareable - net/mlx5e: Fix capability check for updating vnic env counters - [x86] drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector() - ima: Fix a potential integer overflow in ima_appraise_measurement - [arm64,armhf] ASoC: sgtl5000: Fix noise on shutdown/remove - [x86] ASoC: Intel: Skylake: Correct the ssp rate discovery in skl_get_ssp_clks() - [x86] ASoC: Intel: Skylake: Correct the handling of fmt_config flexible array - sysctl: Fix data races in proc_dointvec(). - sysctl: Fix data races in proc_douintvec(). - sysctl: Fix data races in proc_dointvec_minmax(). - sysctl: Fix data races in proc_douintvec_minmax(). - sysctl: Fix data races in proc_doulongvec_minmax(). - sysctl: Fix data races in proc_dointvec_jiffies(). - tcp: Fix a data-race around sysctl_tcp_max_orphans. - inetpeer: Fix data-races around sysctl. - net: Fix data-races around sysctl_mem. - cipso: Fix data-races around sysctl. - icmp: Fix data-races around sysctl. - ipv4: Fix a data-race around sysctl_fib_sync_mem. - [armhf] dts: sunxi: Fix SPI NOR campatible on Orange Pi Zero - [x86] drm/i915/gt: Serialize TLB invalidates with GT resets - sysctl: Fix data-races in proc_dointvec_ms_jiffies(). - icmp: Fix a data-race around sysctl_icmp_ratelimit. - icmp: Fix a data-race around sysctl_icmp_ratemask. - raw: Fix a data-race around sysctl_raw_l3mdev_accept. - ipv4: Fix data-races around sysctl_ip_dynaddr. - nexthop: Fix data-races around nexthop_compat_mode. - [armhf] net: ftgmac100: Hold reference returned by of_get_child_by_name() - ima: force signature verification when CONFIG_KEXEC_SIG is configured - ima: Fix potential memory leak in ima_init_crypto() - sfc: fix use after free when disabling sriov - seg6: fix skb checksum evaluation in SRH encapsulation/insertion - seg6: fix skb checksum in SRv6 End.B6 and End.B6.Encaps behaviors - seg6: bpf: fix skb checksum in bpf_push_seg6_encap() - sfc: fix kernel panic when creating VF - net: atlantic: remove deep parameter on suspend/resume functions - net: atlantic: remove aq_nic_deinit() when resume - [x86] KVM: x86: Fully initialize 'struct kvm_lapic_irq' in kvm_pv_kick_cpu_op() - net/tls: Check for errors in tls_device_init - mm: sysctl: fix missing numa_stat when !CONFIG_HUGETLB_PAGE - virtio_mmio: Add missing PM calls to freeze/restore - virtio_mmio: Restore guest page size on resume - netfilter: br_netfilter: do not skip all hooks with 0 priority - [arm64] scsi: hisi_sas: Limit max hw sectors for v3 HW - [powerpc*] cpufreq: pmac32-cpufreq: Fix refcount leak bug - [x86] platform/x86: hp-wmi: Ignore Sanitization Mode event - net: tipc: fix possible refcount leak in tipc_sk_create() - nvme-tcp: always fail a request when sending it failed - nvme: fix regression when disconnect a recovering ctrl - net: sfp: fix memory leak in sfp_probe() - ASoC: ops: Fix off by one in range control validation - [armhf] pinctrl: aspeed: Fix potential NULL dereference in aspeed_pinmux_set_mux() - [x86] ASoC: SOF: Intel: hda-loader: Clarify the cl_dsp_init() flow - ASoC: dapm: Initialise kcontrol data for mux/demux controls - [amd64] Clear .brk area at early boot - [armhf] dts: stm32: use the correct clock source for CEC on stm32mp151 - Revert "can: xilinx_can: Limit CANFD brp to 2" - nvme-pci: phison e16 has bogus namespace ids - signal handling: don't use BUG_ON() for debugging - USB: serial: ftdi_sio: add Belimo device ids - usb: typec: add missing uevent when partner support PD - [arm64,armhf] usb: dwc3: gadget: Fix event pending check - [armhf] tty: serial: samsung_tty: set dma burst_size to 1 - vt: fix memory overlapping when deleting chars in the buffer - serial: 8250: fix return error code in serial8250_request_std_resource() - [armhf] serial: stm32: Clear prev values before setting RTS delays - [arm*] serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle - serial: 8250: Fix PM usage_count for console handover - [x86] pat: Fix x86_has_pat_wp() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.133 - [amd64] Preparation for mitigating RETbleed: + KVM/VMX: Use TEST %REG,%REG instead of CMP $0,%REG in vmenter.S + KVM/nVMX: Use __vmx_vcpu_run in nested_vmx_check_vmentry_hw + objtool: Refactor ORC section generation + objtool: Add 'alt_group' struct + objtool: Support stack layout changes in alternatives + objtool: Support retpoline jump detection for vmlinux.o + objtool: Assume only ELF functions do sibling calls + objtool: Combine UNWIND_HINT_RET_OFFSET and UNWIND_HINT_FUNC + x86/xen: Support objtool validation in xen-asm.S + x86/xen: Support objtool vmlinux.o validation in xen-head.S + x86/alternative: Merge include files + x86/alternative: Support not-feature + x86/alternative: Support ALTERNATIVE_TERNARY + x86/alternative: Use ALTERNATIVE_TERNARY() in _static_cpu_has() + x86/insn: Rename insn_decode() to insn_decode_from_regs() + x86/insn: Add a __ignore_sync_check__ marker + x86/insn: Add an insn_decode() API + x86/insn-eval: Handle return values from the decoder + x86/alternative: Use insn_decode() + x86: Add insn_decode_kernel() + x86/alternatives: Optimize optimize_nops() + x86/retpoline: Simplify retpolines + objtool: Correctly handle retpoline thunk calls + objtool: Handle per arch retpoline naming + objtool: Rework the elf_rebuild_reloc_section() logic + objtool: Add elf_create_reloc() helper + objtool: Create reloc sections implicitly + objtool: Extract elf_strtab_concat() + objtool: Extract elf_symbol_add() + objtool: Add elf_create_undef_symbol() + objtool: Keep track of retpoline call sites + objtool: Cache instruction relocs + objtool: Skip magical retpoline .altinstr_replacement + objtool/x86: Rewrite retpoline thunk calls + objtool: Support asm jump tables + x86/alternative: Optimize single-byte NOPs at an arbitrary position + objtool: Fix .symtab_shndx handling for elf_create_undef_symbol() + objtool: Only rewrite unconditional retpoline thunk calls + objtool/x86: Ignore __x86_indirect_alt_* symbols + objtool: Don't make .altinstructions writable + objtool: Teach get_alt_entry() about more relocation types + objtool: print out the symbol type when complaining about it + objtool: Remove reloc symbol type checks in get_alt_entry() + objtool: Make .altinstructions section entry size consistent + objtool: Introduce CFI hash + objtool: Handle __sanitize_cov*() tail calls + objtool: Classify symbols + objtool: Explicitly avoid self modifying code in .altinstr_replacement + objtool,x86: Replace alternatives with .retpoline_sites + x86/retpoline: Remove unused replacement symbols + x86/asm: Fix register order + x86/asm: Fixup odd GEN-for-each-reg.h usage + x86/retpoline: Move the retpoline thunk declarations to nospec-branch.h + x86/retpoline: Create a retpoline thunk array + x86/alternative: Implement .retpoline_sites support + x86/alternative: Handle Jcc __x86_indirect_thunk_\reg + x86/alternative: Try inline spectre_v2=retpoline,amd + x86/alternative: Add debug prints to apply_retpolines() + bpf,x86: Simplify computing label offsets + bpf,x86: Respect X86_FEATURE_RETPOLINE* + x86/lib/atomic64_386_32: Rename things - [amd64] Mitigate straight-line speculation: + x86: Prepare asm files for straight-line-speculation + x86: Prepare inline-asm for straight-line-speculation + x86/alternative: Relax text_poke_bp() constraint + objtool: Add straight-line-speculation validation + x86: Add straight-line-speculation mitigation + tools arch: Update arch/x86/lib/mem{cpy,set}_64.S copies used in 'perf bench mem memcpy' + kvm/emulate: Fix SETcc emulation function offsets with SLS + objtool: Default ignore INT3 for unreachable + crypto: x86/poly1305 - Fixup SLS + objtool: Fix SLS validation for kcov tail-call replacement - objtool: Fix code relocs vs weak symbols - objtool: Fix type of reloc::addend - objtool: Fix symbol creation - x86/entry: Remove skip_r11rcx - objtool: Fix objtool regression on x32 systems - x86/realmode: build with -D__DISABLE_EXPORTS - [amd64] Add mitigations for RETbleed on AMD/Hygon (CVE-2022-29900) and Intel (CVE-2022-29901) processors: + x86/kvm/vmx: Make noinstr clean + x86/cpufeatures: Move RETPOLINE flags to word 11 + x86/retpoline: Cleanup some #ifdefery + x86/retpoline: Swizzle retpoline thunk + Makefile: Set retpoline cflags based on CONFIG_CC_IS_{CLANG,GCC} + x86/retpoline: Use -mfunction-return + x86: Undo return-thunk damage + x86,objtool: Create .return_sites + objtool: skip non-text sections when adding return-thunk sites + x86,static_call: Use alternative RET encoding + x86/ftrace: Use alternative RET encoding + x86/bpf: Use alternative RET encoding + x86/kvm: Fix SETcc emulation for return thunks + x86/vsyscall_emu/64: Don't use RET in vsyscall emulation + x86/sev: Avoid using __x86_return_thunk + x86: Use return-thunk in asm code + objtool: Treat .text.__x86.* as noinstr + x86: Add magic AMD return-thunk + x86/bugs: Report AMD retbleed vulnerability + x86/bugs: Add AMD retbleed= boot parameter + x86/bugs: Enable STIBP for JMP2RET + x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value + x86/entry: Add kernel IBRS implementation + x86/bugs: Optimize SPEC_CTRL MSR writes + x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS + x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation() + x86/bugs: Report Intel retbleed vulnerability + intel_idle: Disable IBRS during long idle + objtool: Update Retpoline validation + x86/xen: Rename SYS* entry points + x86/bugs: Add retbleed=ibpb + x86/bugs: Do IBPB fallback check only once + objtool: Add entry UNRET validation + x86/cpu/amd: Add Spectral Chicken + x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n + x86/speculation: Fix firmware entry SPEC_CTRL handling + x86/speculation: Fix SPEC_CTRL write on SMT state change + x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit + x86/speculation: Remove x86_spec_ctrl_mask + objtool: Re-add UNWIND_HINT_{SAVE_RESTORE} + KVM: VMX: Flatten __vmx_vcpu_run() + KVM: VMX: Convert launched argument to flags + KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS + KVM: VMX: Fix IBRS handling after vmexit + x86/speculation: Fill RSB on vmexit for IBRS + x86/common: Stamp out the stepping madness + x86/cpu/amd: Enumerate BTC_NO + x86/retbleed: Add fine grained Kconfig knobs + x86/bugs: Add Cannon lake to RETBleed affected CPU list + x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported + x86/kexec: Disable RET on kexec + x86/speculation: Disable RRSBA behavior - x86/static_call: Serialize __static_call_fixup() properly - tools/insn: Restore the relative include paths for cross building - x86, kvm: use proper ASM macros for kvm_vcpu_is_preempted - x86/xen: Fix initialisation in hypercall_page after rethunk - x86/ftrace: Add UNWIND_HINT_FUNC annotation for ftrace_stub - x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit - x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current - efi/x86: use naked RET on mixed mode call wrapper - x86/kvm: fix FASTOP_SIZE when return thunks are enabled - KVM: emulate: do not adjust size of fastop and setcc subroutines - tools arch x86: Sync the msr-index.h copy with the kernel sources - tools headers cpufeatures: Sync with the kernel sources - x86/bugs: Remove apostrophe typo - um: Add missing apply_returns() - x86: Use -mindirect-branch-cs-prefix for RETPOLINE builds - kvm: fix objtool relocation warning - objtool: Fix elf_create_undef_symbol() endianness - tools arch: Update arch/x86/lib/mem{cpy,set}_64.S copies used in 'perf bench mem memcpy' - again - tools headers: Remove broken definition of __LITTLE_ENDIAN https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.134 - [armhf] pinctrl: stm32: fix optional IRQ support to gpios - lockdown: Fix kexec lockdown bypass with ima policy (CVE-2022-21505) - io_uring: Use original task for req identity in io_identity_cow() - xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE - docs: net: explain struct net_device lifetime - net: make free_netdev() more lenient with unregistering devices - net: make sure devices go through netdev_wait_all_refs - net: move net_set_todo inside rollback_registered() - net: inline rollback_registered() - net: move rollback_registered_many() - net: inline rollback_registered_many() - [amd64] PCI: hv: Fix multi-MSI to allow more than one MSI vector - [amd64] PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI - [amd64] PCI: hv: Reuse existing IRTE allocation in compose_msi_msg() - [amd64] PCI: hv: Fix interrupt mapping for multi-MSI - [arm64] serial: mvebu-uart: correctly report configured baudrate value - xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in xfrm_bundle_lookup() (CVE-2022-36879) - perf/core: Fix data race between perf_event_set_output() and perf_mmap_close() - drm/amdgpu/display: add quirk handling for stutter mode - igc: Reinstate IGC_REMOVED logic and implement it properly - ip: Fix data-races around sysctl_ip_no_pmtu_disc. - ip: Fix data-races around sysctl_ip_fwd_use_pmtu. - ip: Fix data-races around sysctl_ip_fwd_update_priority. - ip: Fix data-races around sysctl_ip_nonlocal_bind. - ip: Fix a data-race around sysctl_ip_autobind_reuse. - ip: Fix a data-race around sysctl_fwmark_reflect. - tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept. - tcp: Fix data-races around sysctl_tcp_mtu_probing. - tcp: Fix data-races around sysctl_tcp_base_mss. - tcp: Fix data-races around sysctl_tcp_min_snd_mss. - tcp: Fix a data-race around sysctl_tcp_mtu_probe_floor. - tcp: Fix a data-race around sysctl_tcp_probe_threshold. - tcp: Fix a data-race around sysctl_tcp_probe_interval. - net: stmmac: fix unbalanced ptp clock issue in suspend/resume flow - net: stmmac: fix dma queue left shift overflow issue - igmp: Fix data-races around sysctl_igmp_llm_reports. - igmp: Fix a data-race around sysctl_igmp_max_memberships. - igmp: Fix data-races around sysctl_igmp_max_msf. - tcp: Fix data-races around keepalive sysctl knobs. - tcp: Fix data-races around sysctl_tcp_syncookies. - tcp: Fix data-races around sysctl_tcp_reordering. - tcp: Fix data-races around some timeout sysctl knobs. - tcp: Fix a data-race around sysctl_tcp_notsent_lowat. - tcp: Fix a data-race around sysctl_tcp_tw_reuse. - tcp: Fix data-races around sysctl_max_syn_backlog. - tcp: Fix data-races around sysctl_tcp_fastopen. - tcp: Fix data-races around sysctl_tcp_fastopen_blackhole_timeout. - iavf: Fix handling of dummy receive descriptors - i40e: Fix erroneous adapter reinitialization during recovery process - ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero - [arm64,armhf] gpio: pca953x: only use single read/write for No AI mode - [arm64,armhf] gpio: pca953x: use the correct range when do regmap sync - [arm64,armhf] gpio: pca953x: use the correct register address when regcache sync during init - be2net: Fix buffer overflow in be_get_module_eeprom - ipv4: Fix a data-race around sysctl_fib_multipath_use_neigh. - ip: Fix data-races around sysctl_ip_prot_sock. - udp: Fix a data-race around sysctl_udp_l3mdev_accept. - tcp: Fix data-races around sysctl knobs related to SYN option. - tcp: Fix a data-race around sysctl_tcp_early_retrans. - tcp: Fix data-races around sysctl_tcp_recovery. - tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts. - tcp: Fix data-races around sysctl_tcp_slow_start_after_idle. - tcp: Fix a data-race around sysctl_tcp_retrans_collapse. - tcp: Fix a data-race around sysctl_tcp_stdurg. - tcp: Fix a data-race around sysctl_tcp_rfc1337. - tcp: Fix data-races around sysctl_tcp_max_reordering. - [arm*] spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for non DMA transfers - KVM: Don't null dereference ops->destroy - mm/mempolicy: fix uninit-value in mpol_rebind_policy() - bpf: Make sure mac_header was set before using it - sched/deadline: Fix BUG_ON condition for deboosted tasks - [x86] bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts - dlm: fix pending remove if msg allocation fails - bitfield.h: Fix "type of reg too small for mask" test - ALSA: memalloc: Align buffer allocations in page size - Bluetooth: Add bt_skb_sendmsg helper - Bluetooth: Add bt_skb_sendmmsg helper - Bluetooth: SCO: Replace use of memcpy_from_msg with bt_skb_sendmsg - Bluetooth: RFCOMM: Replace use of memcpy_from_msg with bt_skb_sendmmsg - Bluetooth: Fix passing NULL to PTR_ERR - Bluetooth: SCO: Fix sco_send_frame returning skb->len - Bluetooth: Fix bt_skb_sendmmsg not allocating partial chunks - [x86] amd: Use IBPB for firmware calls - [x86] alternative: Report missing return thunk details - watchqueue: make sure to serialize 'wqueue->defunct' properly - tty: drivers/tty/, stop using tty_schedule_flip() - tty: the rest, stop using tty_schedule_flip() - tty: drop tty_schedule_flip() - tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push() - tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - net: usb: ax88179_178a needs FLAG_SEND_ZLP - watch-queue: remove spurious double semicolon https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.135 - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put - Revert "ocfs2: mount shared volume without ha stack" - [s390x] archrandom: prevent CPACF trng invocations in interrupt context - watch_queue: Fix missing rcu annotation - watch_queue: Fix missing locking in add_watch_to_object() - tcp: Fix data-races around sysctl_tcp_dsack. - tcp: Fix a data-race around sysctl_tcp_app_win. - tcp: Fix a data-race around sysctl_tcp_adv_win_scale. - tcp: Fix a data-race around sysctl_tcp_frto. - tcp: Fix a data-race around sysctl_tcp_nometrics_save. - tcp: Fix data-races around sysctl_tcp_no_ssthresh_metrics_save. - ice: check (DD | EOF) bits on Rx descriptor rather than (EOP | RS) - ice: do not setup vlan for loopback VSI - Revert "tcp: change pingpong threshold to 3" - tcp: Fix data-races around sysctl_tcp_moderate_rcvbuf. - tcp: Fix a data-race around sysctl_tcp_limit_output_bytes. - tcp: Fix a data-race around sysctl_tcp_challenge_ack_limit. - net: ping6: Fix memleak in ipv6_renew_options(). - ipv6/addrconf: fix a null-ptr-deref bug for ip6_ptr - igmp: Fix data-races around sysctl_igmp_qrv. - net: sungem_phy: Add of_node_put() for reference returned by of_get_parent() - tcp: Fix a data-race around sysctl_tcp_min_tso_segs. - tcp: Fix a data-race around sysctl_tcp_min_rtt_wlen. - tcp: Fix a data-race around sysctl_tcp_autocorking. - tcp: Fix a data-race around sysctl_tcp_invalid_ratelimit. - Documentation: fix sctp_wmem in ip-sysctl.rst - macsec: fix NULL deref in macsec_add_rxsa - macsec: fix error message in macsec_add_rxsa and _txsa - macsec: limit replay window size with XPN - macsec: always read MACSEC_SA_ATTR_PN as a u64 - net: macsec: fix potential resource leak in macsec_add_rxsa() and macsec_add_txsa() - tcp: Fix a data-race around sysctl_tcp_comp_sack_delay_ns. - tcp: Fix a data-race around sysctl_tcp_comp_sack_slack_ns. - tcp: Fix a data-race around sysctl_tcp_comp_sack_nr. - tcp: Fix data-races around sysctl_tcp_reflect_tos. - i40e: Fix interface init with MSI interrupts (no MSI-X) - sctp: fix sleep in atomic context bug in timer handlers - netfilter: nf_queue: do not allow packet truncation below transport header offset (CVE-2022-36946) - virtio-net: fix the race between refill work and close - sfc: disable softirqs for ptp TX - sctp: leave the err path free in sctp_stream_init to sctp_stream_free - page_alloc: fix invalid watermark check on a negative value - mt7601u: add USB device ID for some versions of XiaoDu WiFi Dongle. - [arm*] 9216/1: Fix MAX_DMA_ADDRESS overflow - docs/kernel-parameters: Update descriptions for "mitigations=" param with retbleed - xfs: refactor xfs_file_fsync - xfs: xfs_log_force_lsn isn't passed a LSN - xfs: prevent UAF in xfs_log_item_in_current_chkpt - xfs: fix log intent recovery ENOSPC shutdowns when inactivating inodes - xfs: force the log offline when log intent item recovery fails - xfs: hold buffer across unpin and potential shutdown processing - xfs: remove dead stale buf unpin handling code - xfs: logging the on disk inode LSN can make it go backwards - xfs: Enforce attr3 buffer recovery order - [x86] bugs: Do not enable IBPB at firmware entry when IBPB is not available - bpf: Consolidate shared test timing code - bpf: Add PROG_TEST_RUN support for sk_lookup programs https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.136 - [x86] speculation: Make all RETbleed mitigations 64-bit only - ath9k_htc: fix NULL pointer dereference at ath9k_htc_rxep() - ath9k_htc: fix NULL pointer dereference at ath9k_htc_tx_get_packet() - tun: avoid double free in tun_free_netdev - [x86] ACPI: video: Force backlight native for some TongFang devices - [x86] ACPI: video: Shortening quirk list by identifying Clevo by board_name only - ACPI: APEI: Better fix to avoid spamming the console with old error logs - [arm64] crypto: arm64/poly1305 - fix a read out-of-bound - Bluetooth: hci_bcm: Add BCM4349B1 variant - Bluetooth: hci_bcm: Add DT compatible for CYW55572 - Bluetooth: btusb: Add support of IMC Networks PID 0x3568 - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04CA:0x4007 - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04C5:0x1675 - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0CB8:0xC558 - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3587 - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3586 - [x86] Add mitigations for Post-Barrier Return Stack Buffer Prediction (PBRSB) issue (CVE-2022-26373): + x86/speculation: Add RSB VM Exit protections + x86/speculation: Add LFENCE to RSB fill sequence . [ Salvatore Bonaccorso ] * Bump ABI to 17 * [rt] Update to 5.10.131-rt72 * posix-cpu-timers: Cleanup CPU timers before freeing them during exec (CVE-2022-2585) * netfilter: nf_tables: do not allow SET_ID to refer to another table (CVE-2022-2586) * netfilter: nf_tables: do not allow CHAIN_ID to refer to another table * netfilter: nf_tables: do not allow RULE_ID to refer to another chain * net_sched: cls_route: remove from list when handle is 0 (CVE-2022-2588) linux-signed-amd64 (5.10.127+2) bullseye-security; urgency=high . * Sign kernel from linux 5.10.127-2 . * [amd64,arm64,armhf] wireguard: Clear keys after suspend despite CONFIG_ANDROID=y * netfilter: nf_tables: stricter validation of element data (CVE-2022-34918) * net: rose: fix UAF bugs caused by timer handler (CVE-2022-2318) * net: rose: fix UAF bug caused by rose_t0timer_expiry * xen/{blk,net}front: fix leaking data in shared pages (CVE-2022-26365, CVE-2022-33740) * xen/{blk,net}front: force data bouncing when backend is untrusted (CVE-2022-33741, CVE-2022-33742) * xen-netfront: restore __skb_queue_tail() positioning in xennet_get_responses() (CVE-2022-33743) * [arm64,armhf] xen/arm: Fix race in RB-tree based P2M accounting (CVE-2022-33744) * fbdev: fbmem: Fix logo center image dx issue * fbdev: Fix potential out-of-bounds writes (CVE-2021-33655): - fbmem: Check virtual screen sizes in fb_set_var() - fbcon: Disallow setting font bigger than screen size - fbcon: Prevent that screen size is smaller than font size linux-signed-amd64 (5.10.127+2~bpo10+1) buster-backports; urgency=high . * Sign kernel from linux 5.10.127-2~bpo10+1 . * Rebuild for buster-backports: - Change ABI number to 0.deb10.16 linux-signed-arm64 (5.10.140+1) bullseye; urgency=medium . * Sign kernel from linux 5.10.140-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.137 - Makefile: link with -z noexecstack --no-warn-rwx-segments - [x86] link vdso and boot with -z noexecstack --no-warn-rwx-segments - Revert "pNFS: nfs3_set_ds_client should set NFS_CS_NOPING" - scsi: Revert "scsi: qla2xxx: Fix disk failure to rediscover" - ALSA: bcd2000: Fix a UAF bug on the error path of probing - ALSA: hda/realtek: Add quirk for Clevo NV45PZ - ALSA: hda/realtek: Add quirk for HP Spectre x360 15-eb0xxx - wifi: mac80211_hwsim: fix race condition in pending packet - wifi: mac80211_hwsim: add back erroneously removed cast - wifi: mac80211_hwsim: use 32-bit skb cookie - add barriers to buffer_uptodate and set_buffer_uptodate - HID: wacom: Only report rotation for art pen - HID: wacom: Don't register pad_input for touch switch - [x86] KVM: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending case - [x86] KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending case - [x86] KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 - [s390x] KVM: s390: pv: don't present the ecall interrupt twice - [x86] KVM: nVMX: Let userspace set nVMX MSR to any _host_ supported value - [x86] KVM: x86: Mark TSS busy during LTR emulation _after_ all fault checks - [x86] KVM: x86: Set error code to segment selector on LLDT/LTR non-canonical #GP - [x86] KVM: x86: Tag kvm_mmu_x86_module_init() with __init - mm: Add kvrealloc() - xfs: only set IOMAP_F_SHARED when providing a srcmap to a write - xfs: fix I_DONTCACHE - mm/mremap: hold the rmap lock in write mode when moving page table entries. - ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model - ALSA: hda/cirrus - support for iMac 12,1 model - ALSA: hda/realtek: Add quirk for another Asus K42JZ model - ALSA: hda/realtek: Add a quirk for HP OMEN 15 (8786) mute LED - tty: vt: initialize unicode screen buffer - vfs: Check the truncate maximum size in inode_newsize_ok() - fs: Add missing umask strip in vfs_tmpfile - thermal: sysfs: Fix cooling_device_stats_setup() error code path - fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters - fbcon: Fix accelerated fbdev scrolling while logo is still shown - usbnet: Fix linkwatch use-after-free on disconnect - ovl: drop WARN_ON() dentry is NULL in ovl_encode_fh() - drm/gem: Properly annotate WW context on drm_gem_lock_reservations() error - [arm*] drm/vc4: hdmi: Disable audio if dmas property is present but empty - drm/nouveau: fix another off-by-one in nvbios_addr - drm/nouveau: Don't pm_runtime_put_sync(), only pm_runtime_put_autosuspend() - drm/nouveau/acpi: Don't print error when we get -EINPROGRESS from pm_runtime - drm/amdgpu: Check BO's requested pinning domains against its preferred_domains - iio: light: isl29028: Fix the warning in isl29028_remove() - scsi: sg: Allow waiting for commands to complete on removed device - scsi: qla2xxx: Fix incorrect display of max frame size - scsi: qla2xxx: Zero undefined mailbox IN registers - fuse: limit nsec - [arm64] serial: mvebu-uart: uart2 error bits clearing - md-raid: destroy the bitmap after destroying the thread - md-raid10: fix KASAN warning - PCI: Add defines for normal and subtractive PCI bridges - [powerpc*] powernv: Avoid crashing if rng is NULL - [mips64el,mipsel] cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK - usb: typec: ucsi: Acknowledge the GET_ERROR_STATUS command completion - USB: HCD: Fix URB giveback issue in tasklet function - [arm64,armhf] usb: dwc3: gadget: refactor dwc3_repare_one_trb - [arm64,armhf] usb: dwc3: gadget: fix high speed multiplier setting - netfilter: nf_tables: fix null deref due to zeroed list head - epoll: autoremove wakers even more aggressively - [x86] Handle idle=nomwait cmdline properly for x86_idle - [arm64] Do not forget syscall when starting a new thread. - [arm64] fix oops in concurrently setting insn_emulation sysctls - genirq: Don't return error on missing optional irq_request_resources() - [mips64el,mipsel] irqchip/mips-gic: Only register IPI domain when SMP is enabled - genirq: GENERIC_IRQ_IPI depends on SMP - [mips64el,mipsel] irqchip/mips-gic: Check the return value of ioremap() in gic_of_init() - wait: Fix __wait_event_hrtimeout for RT/DL tasks - [armhf] OMAP2+: display: Fix refcount leak bug - ACPI: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI quirks - ACPI: EC: Drop the EC_FLAGS_IGNORE_DSDT_GPE quirk - ACPI: PM: save NVS memory for Lenovo G40-45 - ACPI: LPSS: Fix missing check in register_device_clock() - [arm64] dts: allwinner: a64: orangepi-win: Fix LED node name - PM: hibernate: defer device probing when resuming from hibernation - selinux: Add boundary check in put_entry() - [armel,armhf] findbit: fix overflowing offset - [arm64,armhf] meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init - ACPI: processor/idle: Annotate more functions to live in cpuidle section - Input: atmel_mxt_ts - fix up inverted RESET handler - [arm64] soc: amlogic: Fix refcount leak in meson-secure-pwrc.c - [x86] pmem: Fix platform-device leak in error path - [armhf] dts: ast2500-evb: fix board compatible - [armhf] dts: ast2600-evb: fix board compatible - [arm64] cpufeature: Allow different PMU versions in ID_DFR0_EL1 - locking/lockdep: Fix lockdep_init_map_*() confusion - [arm64] soc: fsl: guts: machine variable might be unset - block: fix infinite loop for invalid zone append - [armhf] OMAP2+: Fix refcount leak in omapdss_init_of - [armhf] OMAP2+: Fix refcount leak in omap3xxx_prm_late_init - [arm64] regulator: qcom_smd: Fix pm8916_pldo range - [arm64] ACPI: APEI: Fix _EINJ vs EFI_MEMORY_SP - [arm64] bus: hisi_lpc: fix missing platform_device_put() in hisi_lpc_acpi_probe() - erofs: avoid consecutive detection for Highmem memory - blk-mq: don't create hctx debugfs dir until q->debugfs_dir is created - hwmon: (drivetemp) Add module alias - block: remove the request_queue to argument request based tracepoints - blktrace: Trace remapped requests correctly - regulator: of: Fix refcount leak bug in of_get_regulation_constraints() - nohz/full, sched/rt: Fix missed tick-reenabling bug in dequeue_task_rt() - dm: return early from dm_pr_call() if DM device is suspended - ath10k: do not enforce interrupt trigger type - wifi: rtlwifi: fix error codes in rtl_debugfs_set_write_h2c() - ath11k: fix netdev open race - drm/mipi-dbi: align max_chunk to 2 in spi_transfer - ath11k: Fix incorrect debug_mask mappings - drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers() - virtio-gpu: fix a missing check to avoid NULL dereference - [arm64] drm: adv7511: override i2c address of cec before accessing it - net: fix sk_wmem_schedule() and sk_rmem_schedule() errors - i2c: Fix a potential use after free - media: tw686x: Register the irq at the end of probe - ath9k: fix use-after-free in ath9k_hif_usb_rx_cb (CVE-2022-1679) - wifi: iwlegacy: 4965: fix potential off-by-one overflow in il4965_rs_fill_link_cmd() - drm/radeon: fix incorrrect SPDX-License-Identifiers - [amd64] crypto: ccp - During shutdown, check SEV data pointer before using - [arm64] drm: bridge: adv7511: Add check for mipi_dsi_driver_register - media: hdpvr: fix error value returns in hdpvr_read - [arm64,armhf] media: v4l2-mem2mem: prevent pollerr when last_buffer_dequeued is set - media: tw686x: Fix memory leak in tw686x_video_init - [arm*] drm/vc4: plane: Remove subpixel positioning check - [arm*] drm/vc4: plane: Fix margin calculations for the right/bottom edges - [arm*] drm/vc4: dsi: Correct DSI divider calculations - [arm*] drm/vc4: dsi: Correct pixel order for DSI0 - [arm*] drm/vc4: drv: Remove the DSI pointer in vc4_drv - [arm*] drm/vc4: dsi: Use snprintf for the PHY clocks instead of an array - [arm*] drm/vc4: dsi: Introduce a variant structure - [arm*] drm/vc4: dsi: Register dsi0 as the correct vc4 encoder type - [arm*] drm/vc4: dsi: Fix dsi0 interrupt support - [arm*] drm/vc4: dsi: Add correct stop condition to vc4_dsi_encoder_disable iteration - [arm*] drm/vc4: hdmi: Remove firmware logic for MAI threshold setting - [arm*] drm/vc4: hdmi: Avoid full hdmi audio fifo writes - [arm*] drm/vc4: hdmi: Don't access the connector state in reset if kmalloc fails - [arm*] drm/vc4: hdmi: Limit the BCM2711 to the max without scrambling - [arm*] drm/vc4: hdmi: Fix timings for interlaced modes - [arm*] drm/vc4: hdmi: Correct HDMI timing registers for interlaced modes - [arm64,armhf] drm/rockchip: vop: Don't crash for invalid duplicate_state() - [arm64,armhf] drm/rockchip: Fix an error handling path rockchip_dp_probe() - lib: bitmap: order includes alphabetically - lib: bitmap: provide devm_bitmap_alloc() and devm_bitmap_zalloc() - hinic: Use the bitmap API when applicable - net: hinic: fix bug that ethtool get wrong stats - net: hinic: avoid kernel hung in hinic_get_stats64() - [arm64] drm/msm/mdp5: Fix global state lock backoff - mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg - mediatek: mt76: mac80211: Fix missing of_node_put() in mt76_led_init() - tcp: make retransmitted SKB fit into the send window - bpf: Fix subprog names in stack traces. - fs: check FMODE_LSEEK to control internal pipe splicing - wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi() - [i386] can: pch_can: do not report txerr and rxerr during bus-off - can: sja1000: do not report txerr and rxerr during bus-off - [armhf] can: sun4i_can: do not report txerr and rxerr during bus-off - can: kvaser_usb_hydra: do not report txerr and rxerr during bus-off - can: kvaser_usb_leaf: do not report txerr and rxerr during bus-off - can: usb_8dev: do not report txerr and rxerr during bus-off - can: error: specify the values of data[5..7] of CAN error frames - [i386] can: pch_can: pch_can_error(): initialize errc before using it - Bluetooth: hci_intel: Add check for platform_driver_register - wifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()` - wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue - wifi: libertas: Fix possible refcount leak in if_usb_probe() - [arm64,armhf] media: cedrus: hevc: Add check for invalid timestamp - net/mlx5e: Remove WARN_ON when trying to offload an unsupported TLS cipher/version - net/mlx5e: Fix the value of MLX5E_MAX_RQ_NUM_MTTS - [arm64] crypto: inside-secure - Add missing MODULE_DEVICE_TABLE for of - inet: add READ_ONCE(sk->sk_bound_dev_if) in INET_MATCH() - tcp: sk->sk_bound_dev_if once in inet_request_bound_dev_if() - ipv6: add READ_ONCE(sk->sk_bound_dev_if) in INET6_MATCH() - tcp: Fix data-races around sysctl_tcp_l3mdev_accept. - net: allow unbound socket for packets in VRF when tcp_l3mdev_accept set - iavf: Fix max_rate limiting - net: rose: fix netdev reference changes - dccp: put dccp_qpolicy_full() and dccp_qpolicy_push() in the same lock - wireguard: ratelimiter: use hrtimer in selftest - wireguard: allowedips: don't corrupt stack when detecting overflow - HID: cp2112: prevent a buffer overflow in cp2112_xfer() - mtd: partitions: Fix refcount leak in parse_redboot_of - [arm64,armhf] usb: xhci: tegra: Fix error check - netfilter: xtables: Bring SPDX identifier back - [arm64,armhf] platform/chrome: cros_ec: Always expose last resume result - KVM: Don't set Accessed/Dirty bits for ZERO_PAGE - mwifiex: Ignore BTCOEX events from the 88W8897 firmware - mwifiex: fix sleep in atomic context bugs caused by dev_coredumpv - misc: rtsx: Fix an error handling path in rtsx_pci_probe() - driver core: fix potential deadlock in __driver_attach - usb: host: xhci: use snprintf() in xhci_decode_trb() - [arm64,armhf] PCI: dwc: Add unroll iATU space support to dw_pcie_disable_atu() - [arm64,armhf] PCI: dwc: Always enable CDM check if "snps,enable-cdm-check" exists - soundwire: bus_type: fix remove and shutdown support - [arm64] KVM: arm64: Don't return from void function - [x86] intel_th: Fix a resource leak in an error handling path - [x86] intel_th: msu-sink: Potential dereference of null pointer - [x86] intel_th: msu: Fix vmalloced buffers - [x86] staging: rtl8192u: Fix sleep in atomic context bug in dm_fsync_timer_callback - [arm64] mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch - mmc: block: Add single read for 4k sector cards - [s390x] KVM: s390: pv: leak the topmost page table when destroy fails - PCI/portdrv: Don't disable AER reporting in get_port_device_capability() - [arm64] PCI: qcom: Set up rev 2.1.0 PARF_PHY before enabling clocks - scsi: smartpqi: Fix DMA direction for RAID requests - [armhf] usb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc() - [arm64,armhf] usb: dwc3: core: Deprecate GCTL.CORESOFTRESET - [arm64,armhf] usb: dwc3: core: Do not perform GCTL_CORE_SOFTRESET during bootup - [arm64,armhf] usb: dwc3: qcom: fix missing optional irq warnings - RDMA/qedr: Improve error logs for rdma_alloc_tid error return - RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr() - [arm64] RDMA/hns: Fix incorrect clearing of interrupt status register - [amd64] RDMA/hfi1: fix potential memory leak in setup_base_ctxt() - gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data() - [mips64el,mipsel] mmc: cavium-octeon: Add of_node_put() when breaking out of loop - HID: alps: Declare U1_UNICORN_LEGACY support - USB: serial: fix tty-port initialized comments - [armhf,i386] platform/olpc: Fix uninitialized data in debugfs write - RDMA/srpt: Duplicate port name members - RDMA/srpt: Introduce a reference count in struct srpt_device - RDMA/srpt: Fix a use-after-free - mm/mmap.c: fix missing call to vm_unacct_memory in mmap_region - RDMA/mlx5: Add missing check for return value in get namespace flow - RDMA/rxe: Fix error unwind in rxe_create_qp() - null_blk: fix ida error handling in null_add_dev() - nvme: use command_id instead of req->tag in trace_nvme_complete_rq() - jbd2: fix outstanding credits assert in jbd2_journal_commit_transaction() - ext4: recover csum seed of tmp_inode after migrating to extents - jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted - opp: Fix error check in dev_pm_opp_attach_genpd() - serial: 8250: Export ICR access helpers for internal use - serial: 8250_dw: Store LSR into lsr_saved_flags in dw8250_tx_wait_empty() - profiling: fix shift too large makes kernel panic - tty: n_gsm: Delete gsmtty open SABM frame when config requester - tty: n_gsm: fix user open not possible at responder until initiator open - tty: n_gsm: fix wrong queuing behavior in gsm_dlci_data_output() - tty: n_gsm: fix non flow control frames during mux flow off - tty: n_gsm: fix packet re-transmission without open control channel - tty: n_gsm: fix race condition in gsmld_write() - [arm64] ASoC: qcom: Fix missing of_node_put() in asoc_qcom_lpass_cpu_platform_probe() - vfio: Remove extra put/gets around vfio_device->group - vfio: Simplify the lifetime logic for vfio_device - vfio: Split creation of a vfio_device into init and register ops - tty: n_gsm: fix wrong T1 retry count handling - tty: n_gsm: fix DM command - tty: n_gsm: fix missing corner cases in gsmld_poll() - kfifo: fix kfifo_to_user() return type - lib/smp_processor_id: fix imbalanced instrumentation_end() call - [arm64] mfd: max77620: Fix refcount leak in max77620_initialise_fps - [arm64] iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of loop - [s390x] dump: fix old lowcore virtual vs physical address confusion - fuse: Remove the control interface for virtio-fs - [armhf] ASoC: audio-graph-card: Add of_node_put() in fail path - [arm64] watchdog: armada_37xx_wdt: check the return value of devm_ioremap() in armada_37xx_wdt_probe() - [arm64,armhf] video: fbdev: amba-clcd: Fix refcount leak bugs - video: fbdev: sis: fix typos in SiS_GetModeID() - [powerpc*] pci: Prefer PCI domain assignment via DT 'linux,pci-domain' and alias - f2fs: don't set GC_FAILURE_PIN for background GC - f2fs: write checkpoint during FG_GC - f2fs: fix to remove F2FS_COMPR_FL and tag F2FS_NOCOMP_FL at the same time - [powerpc*] xive: Fix refcount leak in xive_get_max_prio - kprobes: Forbid probing on trampoline and BPF code areas - [powerpc*] pci: Fix PHB numbering when using opal-phbid - sched/deadline: Merge dl_task_can_attach() and dl_cpu_busy() - sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed - [amd64] x86/numa: Use cpumask_available instead of hardcoded NULL check - video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock() - sched: Fix the check of nr_running at queue wakelist - video: fbdev: vt8623fb: Check the size of screen before memset_io() - video: fbdev: arkfb: Check the size of screen before memset_io() - video: fbdev: s3fb: Check the size of screen before memset_io() - [s390x] scsi: zfcp: Fix missing auto port scan and thus missing target ports - scsi: qla2xxx: Fix discovery issues in FC-AL topology - scsi: qla2xxx: Turn off multi-queue for 8G adapters - scsi: qla2xxx: Fix erroneous mailbox timeout after PCI error injection - scsi: qla2xxx: Fix losing FCP-2 targets on long port disable with I/Os - scsi: qla2xxx: Fix losing FCP-2 targets during port perturbation tests - [x86] bugs: Enable STIBP for IBPB mitigated RETBleed - [x86] ftrace/x86: Add back ftrace_expected assignment - __follow_mount_rcu(): verify that mount_lock remains unchanged - spmi: trace: fix stack-out-of-bound access in SPMI tracing functions - [x86] drm/i915/dg1: Update DMC_DEBUG3 register - HID: Ignore battery for Elan touchscreen on HP Spectre X360 15-df0xxx - HID: hid-input: add Surface Go battery quirk - [arm*] drm/vc4: drv: Adopt the dma configuration from the HVS or V3D component - usbnet: smsc95xx: Don't clear read-only PHY interrupt - usbnet: smsc95xx: Avoid link settings race on interrupt reception - [x86] intel_th: pci: Add Meteor Lake-P support - [x86] intel_th: pci: Add Raptor Lake-S PCH support - [x86] intel_th: pci: Add Raptor Lake-S CPU support - [x86] KVM: set_msr_mce: Permit guests to ignore single-bit ECC errors - [x86] KVM: x86: Signal #GP, not -EPERM, on bad WRMSR(MCi_CTL/STATUS) - [amd64] iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE) - PCI/AER: Write AER Capability only when we control it - PCI/ERR: Bind RCEC devices to the Root Port driver - PCI/ERR: Rename reset_link() to reset_subordinates() - PCI/ERR: Simplify by using pci_upstream_bridge() - PCI/ERR: Simplify by computing pci_pcie_type() once - PCI/ERR: Use "bridge" for clarity in pcie_do_recovery() - PCI/ERR: Avoid negated conditional for clarity - PCI/ERR: Add pci_walk_bridge() to pcie_do_recovery() - PCI/ERR: Recover from RCEC AER errors - PCI/AER: Iterate over error counters instead of error strings - serial: 8250: Dissociate 4MHz Titan ports from Oxford ports - serial: 8250: Correct the clock for OxSemi PCIe devices - serial: 8250_pci: Refactor the loop in pci_ite887x_init() - serial: 8250_pci: Replace dev_*() by pci_*() macros - serial: 8250: Fold EndRun device support into OxSemi Tornado code - dm writecache: set a default MAX_WRITEBACK_JOBS - dm thin: fix use-after-free crash in dm_sm_register_threshold_callback - timekeeping: contribute wall clock to rng on time change - btrfs: reject log replay if there is unsupported RO compat flag - btrfs: reset block group chunk force if we have to wait - [amd64,arm64] ACPI: CPPC: Do not prevent CPPC from working in the future - [x86] KVM: VMX: Drop guest CPUID check for VMXE in vmx_set_cr4() - [x86] KVM: VMX: Drop explicit 'nested' check from vmx_set_cr4() - [x86] KVM: SVM: Drop VMXE check from svm_set_cr4() - [x86] KVM: x86: Move vendor CR4 validity check to dedicated kvm_x86_ops hook - [x86] KVM: nVMX: Inject #UD if VMXON is attempted with incompatible CR0/CR4 - [x86] KVM: x86/pmu: preserve IA32_PERF_CAPABILITIES across CPUID refresh - [x86] KVM: x86/pmu: Use binary search to check filtered events - [x86] KVM: x86/pmu: Use different raw event masks for AMD and Intel - [x86] KVM: x86/pmu: Introduce the ctrl_mask value for fixed counter - [x86] KVM: VMX: Mark all PERF_GLOBAL_(OVF)_CTRL bits reserved if there's no vPMU - [x86] KVM: x86/pmu: Ignore pmu->global_ctrl check if vPMU doesn't support global_ctrl - xen-blkback: fix persistent grants negotiation - xen-blkback: Apply 'feature_persistent' parameter when connect - xen-blkfront: Apply 'feature_persistent' parameter when connect - KEYS: asymmetric: enforce SM2 signature use pkey algo - tpm: eventlog: Fix section mismatch for DEBUG_SECTION_MISMATCH - tracing: Use a struct alignof to determine trace event field alignment - ext4: check if directory block is within i_size (CVE-2022-1184) - ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h - ext4: fix warning in ext4_iomap_begin as race between bmap and write - ext4: make sure ext4_append() always allocates new block - ext4: fix use-after-free in ext4_xattr_set_entry - ext4: update s_overhead_clusters in the superblock during an on-line resize - ext4: fix extent status tree race in writeback error recovery path - ext4: correct max_inline_xattr_value_size computing - ext4: correct the misjudgment in ext4_iget_extra_inode - dm raid: fix address sanitizer warning in raid_resume - dm raid: fix address sanitizer warning in raid_status - KVM: Add infrastructure and macro to mark VM as bugged - [x86] KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC irq (CVE-2022-2153) - [x86] KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast() (CVE-2022-2153) - mac80211: fix a memory leak where sta_info is not freed - tcp: fix over estimation in sk_forced_mem_schedule() - Revert "mwifiex: fix sleep in atomic context bugs caused by dev_coredumpv" - [arm*] drm/vc4: change vc4_dma_range_matches from a global to static - Revert "net: usb: ax88179_178a needs FLAG_SEND_ZLP" - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression - [x86] kvm: x86/pmu: Fix the compare function used by the pmu event filter - [arm64] tee: add overflow check in register_shm_helper() - net/9p: Initialize the iounit field during fid creation - net_sched: cls_route: disallow handle of 0 - sched/fair: Fix fault in reweight_entity - btrfs: only write the sectors in the vertical stripe which has data stripes - btrfs: raid56: don't trust any cached sector in __raid56_parity_recover() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.138 - ALSA: info: Fix llseek return value when using callback - ALSA: hda/realtek: Add quirk for Clevo NS50PU, NS70PU - [x86] mm: Use proper mask when setting PUD mapping - rds: add missing barrier to release_refill - ata: libata-eh: Add missing command name - [arm64] mmc: meson-gx: Fix an error handling path in meson_mmc_probe() - btrfs: fix lost error handling when looking up extended ref on log replay - tracing: Have filter accept "common_cpu" to be consistent - ALSA: usb-audio: More comprehensive mixer map for ASUS ROG Zenith II - can: ems_usb: fix clang's -Wunaligned-access warning - apparmor: fix quiet_denied for file rules - apparmor: fix absroot causing audited secids to begin with = - apparmor: Fix failed mount permission check error message - apparmor: fix aa_label_asxprint return check - apparmor: fix setting unconfined mode on a loaded profile - apparmor: fix overlapping attachment computation - apparmor: fix reference count leak in aa_pivotroot() - apparmor: Fix memleak in aa_simple_write_to_buffer() - Documentation: ACPI: EINJ: Fix obsolete example - NFSv4.1: Don't decrease the value of seq_nr_highest_sent - NFSv4.1: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly - NFSv4: Fix races in the legacy idmapper upcall - NFSv4.1: RECLAIM_COMPLETE must handle EACCES - NFSv4/pnfs: Fix a use-after-free bug in open - bpf: Acquire map uref in .init_seq_private for array map iterator - bpf: Acquire map uref in .init_seq_private for hash map iterator - bpf: Acquire map uref in .init_seq_private for sock local storage map iterator - bpf: Acquire map uref in .init_seq_private for sock{map,hash} iterator - bpf: Check the validity of max_rdwr_access for sock local storage map iterator - can: mcp251x: Fix race condition on receive interrupt - [amd64,arm64] net: atlantic: fix aq_vec index out of range error - sunrpc: fix expiry of auth creds - SUNRPC: Reinitialise the backchannel request buffers before reuse - virtio_net: fix memory leak inside XPD_TX with mergeable - devlink: Fix use-after-free after a failed reload - [arm64] pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed - [arm64,armhf] pinctrl: sunxi: Add I/O bias setting for H6 R-PIO - ACPI: property: Return type of acpi_add_nondev_subnodes() should be bool - geneve: do not use RT_TOS for IPv6 flowlabel - ipv6: do not use RT_TOS for IPv6 flowlabel - [x86] plip: avoid rcu debug splat - vsock: Fix memory leak in vsock_connect() - vsock: Set socket state back to SS_UNCONNECTED in vsock_connect_timeout() - dt-bindings: arm: qcom: fix MSM8916 MTP compatibles - dt-bindings: clock: qcom,gcc-msm8996: add more GCC clock sources - ceph: use correct index when encoding client supported features - ceph: don't leak snap_rwsem in handle_cap_grant - nfp: ethtool: fix the display error of `ethtool -m DEVNAME` - xen/xenbus: fix return type in xenbus_file_read() - atm: idt77252: fix use-after-free bugs caused by tst_timer - geneve: fix TOS inheriting for ipv4 - [arm64] dpaa2-eth: trace the allocated address instead of page struct - iavf: Fix adminq error handling - netfilter: nf_tables: really skip inactive sets when allocating name - netfilter: nf_tables: validate NFTA_SET_ELEM_OBJREF based on NFT_SET_OBJECT flag - netfilter: nf_tables: check NFT_SET_CONCAT flag if field_count is specified - [powerpc*] pci: Fix get_phb_number() locking - [arm64,armhf] spi: meson-spicc: add local pow2 clock ops to preserve rate between messages - [arm64,armhf] net: dsa: mv88e6060: prevent crash on an unused port - [arm64] net: dsa: felix: fix ethtool 256-511 and 512-1023 TX packet counters - net: genl: fix error path memory leak in policy dumping - ice: Ignore EEXIST when setting promisc mode - [arm64,armhf] i2c: imx: Make sure to unregister adapter on remove() - regulator: pca9450: Remove restrictions for regulator-name - i40e: Fix to stop tx_timeout recovery if GLOBR fails - [arm64,armhf] fec: Fix timer capture timing in `fec_ptp_enable_pps()` - [x86] stmmac: intel: Add a missing clk_disable_unprepare() call in intel_eth_pci_remove() - igb: Add lock to avoid data race - kbuild: fix the modules order between drivers and libs - locking/atomic: Make test_and_*_bit() ordered on failure - [x86] ASoC: SOF: intel: move sof_intel_dsp_desc() forward - [arm64] drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors() - audit: log nftables configuration change events once per table - netfilter: nftables: add helper function to set the base sequence number - netfilter: add helper function to set up the nfnetlink header and use it - [armhf] drm/sun4i: dsi: Prevent underflow when computing packet sizes - PCI: Add ACS quirk for Broadcom BCM5750x NICs - [arm64,armhf] platform/chrome: cros_ec_proto: don't show MKBP version if unsupported - usb: gadget: uvc: call uvc uvcg_warn on completed status instead of uvcg_info - [arm64,armhf] irqchip/tegra: Fix overflow implicit truncation warnings - [arm64] drm/meson: Fix overflow implicit truncation warnings - [armhf] clk: ti: Stop using legacy clkctrl names for omap4 and 5 - [arm*] usb: dwc2: gadget: remove D+ pull-up while no vbus with usb-role-switch - [x86] vboxguest: Do not use devm for irq - uacce: Handle parent device removal or parent driver module rmmod - zram: do not lookup algorithm in backends table - [arm64] clk: qcom: clk-alpha-pll: fix clk_trion_pll_configure description - scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input - gadgetfs: ep_io - wait until IRQ finishes - [x86] pinctrl: intel: Check against matching data instead of ACPI companion - [powerpc*] cxl: Fix a memory leak in an error handling path - [arm64] PCI/ACPI: Guard ARM64-specific mcfg_quirks - RDMA/rxe: Limit the number of calls to each tasklet - md: Notify sysfs sync_completed in md_reap_sync_thread() - nvmet-tcp: fix lockdep complaint on nvmet_tcp_wq flush during queue teardown - drivers:md:fix a potential use-after-free bug - ext4: avoid remove directory when directory is corrupted - ext4: avoid resizing to a partial cluster size - lib/list_debug.c: Detect uninitialized lists - vfio: Clear the caps->buf to NULL after free - [mips64el,mipsel] cavium-octeon: Fix missing of_node_put() in octeon2_usb_clocks_start - modules: Ensure natural alignment for .altinstructions and __bug_table sections - watchdog: export lockup_detector_reconfigure - ALSA: core: Add async signal helpers - ALSA: timer: Use deferred fasync helper - ALSA: control: Use deferred fasync helper - f2fs: fix to avoid use f2fs_bug_on() in f2fs_new_node_page() - f2fs: fix to do sanity check on segment type in build_sit_entries() - smb3: check xattr value length earlier - [powerpc*] 64: Init jump labels before parse_early_param() - netfilter: nftables: fix a warning message in nf_tables_commit_audit_collect() - netfilter: nf_tables: fix audit memory leak in nf_tables_commit - tracing/probes: Have kprobes and uprobes use $COMM too - can: j1939: j1939_sk_queue_activate_next_locked(): replace WARN_ON_ONCE with netdev_warn_once() - can: j1939: j1939_session_destroy(): fix memory leak of skbs - PCI/ERR: Retain status from error notification - qrtr: Convert qrtr_ports from IDR to XArray - bpf: Fix KASAN use-after-free Read in compute_effective_progs - [arm64] tee: fix memory leak in tee_shm_register() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.139 https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.140 - audit: fix potential double free on error path from fsnotify_add_inode_mark - pinctrl: amd: Don't save/restore interrupt status and wake status bits - xfs: prevent a WARN_ONCE() in xfs_ioc_attr_list() - xfs: reject crazy array sizes being fed to XFS_IOC_GETBMAP* - fs: remove __sync_filesystem - vfs: make sync_filesystem return errors from ->sync_fs - xfs: return errors in xfs_fs_sync_fs - xfs: only bother with sync_filesystem during readonly remount - kernel/sched: Remove dl_boosted flag comment - xfrm: fix refcount leak in __xfrm_policy_check() - xfrm: clone missing x->lastused in xfrm_do_migrate - af_key: Do not call xfrm_probe_algs in parallel (CVE-2022-3028) - xfrm: policy: fix metadata dst->dev xmit null pointer dereference - NFS: Don't allocate nfs_fattr on the stack in __nfs42_ssc_open() - NFSv4.2 fix problems with __nfs42_ssc_open - SUNRPC: RPC level errors should set task->tk_rpc_status - mm/huge_memory.c: use helper function migration_entry_to_page() - mm/smaps: don't access young/dirty bit if pte unpresent - rose: check NULL rose_loopback_neigh->loopback - ice: xsk: Force rings to be sized to power of 2 - ice: xsk: prohibit usage of non-balanced queue id - net/mlx5e: Properly disable vlan strip on non-UL reps - bonding: 802.3ad: fix no transmission of LACPDUs - net: ipvtap - add __init/__exit annotations to module init/exit funcs - netfilter: ebtables: reject blobs that don't provide all entry points - bnxt_en: fix NQ resource accounting during vf creation on 57500 chips - netfilter: nft_payload: report ERANGE for too long offset and length - netfilter: nft_payload: do not truncate csum_offset and csum_type - netfilter: nf_tables: do not leave chain stats enabled on error - netfilter: nft_osf: restrict osf to ipv4, ipv6 and inet families - netfilter: nft_tunnel: restrict it to netdev family - netfilter: nftables: remove redundant assignment of variable err - netfilter: nf_tables: consolidate rule verdict trace call - netfilter: nft_cmp: optimize comparison for 16-bytes - netfilter: bitwise: improve error goto labels - netfilter: nf_tables: upfront validation of data via nft_data_init() - netfilter: nf_tables: disallow jump to implicit chain from set element - netfilter: nf_tables: disallow binding to already bound chain (CVE-2022-39190) - tcp: tweak len/truesize ratio for coalesce candidates - net: Fix data-races around sysctl_[rw]mem(_offset)?. - net: Fix data-races around sysctl_[rw]mem_(max|default). - net: Fix data-races around weight_p and dev_weight_[rt]x_bias. - net: Fix data-races around netdev_max_backlog. - net: Fix data-races around netdev_tstamp_prequeue. - ratelimit: Fix data-races in ___ratelimit(). - bpf: Folding omem_charge() into sk_storage_charge() - net: Fix data-races around sysctl_optmem_max. - net: Fix a data-race around sysctl_tstamp_allow_data. - net: Fix a data-race around sysctl_net_busy_poll. - net: Fix a data-race around sysctl_net_busy_read. - net: Fix a data-race around netdev_budget. - net: Fix a data-race around netdev_budget_usecs. - net: Fix data-races around sysctl_fb_tunnels_only_for_init_net. - net: Fix data-races around sysctl_devconf_inherit_init_net. - net: Fix a data-race around sysctl_somaxconn. - ixgbe: stop resetting SYSTIME in ixgbe_ptp_start_cyclecounter - rxrpc: Fix locking in rxrpc's sendmsg - btrfs: fix silent failure when deleting root reference - btrfs: replace: drop assert for suspended replace - btrfs: add info when mount fails due to stale replace target - btrfs: check if root is readonly while setting security xattr - [x86] perf/x86/lbr: Enable the branch type for the Arch LBR by default - [amd64] x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry - [x86] bugs: Add "unknown" reporting for MMIO Stale Data - loop: Check for overflow while configuring loop - asm-generic: sections: refactor memory_intersects - [s390x] fix double free of GS and RI CBs on fork() failure - [x86] ACPI: processor: Remove freq Qos request for all CPUs - xen/privcmd: fix error exit of privcmd_ioctl_dm_op() - mm/hugetlb: fix hugetlb not supporting softdirty tracking - Revert "md-raid: destroy the bitmap after destroying the thread" - md: call __md_stop_writes in md_stop - [arm64] Fix match_list for erratum 1286807 on Arm Cortex-A76 - Documentation/ABI: Mention retbleed vulnerability info file for sysfs - blk-mq: fix io hung due to missing commit_rqs - [x86] perf/x86/intel/uncore: Fix broken read_counter() for SNB IMC PMU - [x86] scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq - bpf: Don't use tnum_range on array range checking for poke descriptors (CVE-2022-2905) . [ Salvatore Bonaccorso ] * Bump ABI to 18 * certs: Rotate to use the "Debian Secure Boot Signer 2022 - linux" certificate (Closes: #1018752) * [x86] nospec: Unwreck the RSB stuffing * [x86] nospec: Fix i386 RSB stuffing (Closes: #1017425) * mm: Force TLB flush for PFNMAP mappings before unlink_file_vma() (CVE-2022-39188) * Revert "PCI/portdrv: Don't disable AER reporting in get_port_device_capability()" * bpf: Don't redirect packets with invalid pkt_len * mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse * net/af_packet: check len when min_header_len equals to 0 linux-signed-arm64 (5.10.136+1) bullseye-security; urgency=high . * Sign kernel from linux 5.10.136-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.128 - MAINTAINERS: add Amir as xfs maintainer for 5.10.y - drm: remove drm_fb_helper_modinit - tick/nohz: unexport __init-annotated tick_nohz_full_setup() - bcache: memset on stack variables in bch_btree_check() and bch_sectors_dirty_init() - xfs: use kmem_cache_free() for kmem_cache objects - xfs: punch out data fork delalloc blocks on COW writeback failure - xfs: Fix the free logic of state in xfs_attr_node_hasname - xfs: remove all COW fork extents when remounting readonly - xfs: check sb_meta_uuid for dabuf buffer recovery - [powerpc*] ftrace: Remove ftrace init tramp once kernel init is complete - [arm64] net: mscc: ocelot: allow unregistered IP multicast flooding https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.129 - drm/amdgpu: To flush tlb for MMHUB of RAVEN series - ipv6: take care of disable_policy when restoring routes - nvme-pci: add NVME_QUIRK_BOGUS_NID for ADATA XPG SX6000LNP (AKA SPECTRIX S40G) - nvdimm: Fix badblocks clear off-by-one error - [powerpc*] bpf: Fix use of user_pt_regs in uapi - dm raid: fix accesses beyond end of raid member array - [s390x] archrandom: simplify back to earlier design and initialize earlier - SUNRPC: Fix READ_PLUS crasher (Closes: #1014793) - net: usb: ax88179_178a: Fix packet receiving - virtio-net: fix race between ndo_open() and virtio_device_ready() - [armhf] net: dsa: bcm_sf2: force pause link settings - net: tun: unlink NAPI from device on destruction - net: tun: stop NAPI when detaching queues - net: dp83822: disable false carrier interrupt - net: dp83822: disable rx error interrupt - RDMA/qedr: Fix reporting QP timeout attribute - RDMA/cm: Fix memory leak in ib_cm_insert_listen - linux/dim: Fix divide by 0 in RDMA DIM - usbnet: fix memory allocation in helpers - net: ipv6: unexport __init-annotated seg6_hmac_net_init() - NFSD: restore EINVAL error translation in nfsd_commit() - netfilter: nft_dynset: restore set element counter when failing to update - net/sched: act_api: Notify user space if any actions were flushed before error - net: bonding: fix possible NULL deref in rlb code - net: bonding: fix use-after-free after 802.3ad slave unbind - tipc: move bc link creation back to tipc_node_create - epic100: fix use after free on rmmod - io_uring: ensure that send/sendmsg and recv/recvmsg check sqe->ioprio - tunnels: do not assume mac header is set in skb_tunnel_check_pmtu() - net: tun: avoid disabling NAPI twice - xfs: use current->journal_info for detecting transaction recursion - xfs: rename variable mp to parsing_mp - xfs: Skip repetitive warnings about mount options - xfs: ensure xfs_errortag_random_default matches XFS_ERRTAG_MAX - xfs: fix xfs_trans slab cache name - xfs: update superblock counters correctly for !lazysbcount - xfs: fix xfs_reflink_unshare usage of filemap_write_and_wait_range - tcp: add a missing nf_reset_ct() in 3WHS handling - xen/gntdev: Avoid blocking in unmap_grant_pages() - [arm64] drivers: cpufreq: Add missing of_node_put() in qoriq-cpufreq.c - sit: use min - ipv6/sit: fix ipip6_tunnel_get_prl return value - hwmon: (ibmaem) don't call platform_device_del() if platform_device_add() fails - net: usb: qmi_wwan: add Telit 0x1060 composition - net: usb: qmi_wwan: add Telit 0x1070 composition https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.130 - mm/slub: add missing TID updates on slab deactivation - ALSA: hda/realtek: Add quirk for Clevo L140PU - can: bcm: use call_rcu() instead of costly synchronize_rcu() - can: gs_usb: gs_usb_open/close(): fix memory leak - bpf: Fix incorrect verifier simulation around jmp32's jeq/jne - bpf: Fix insufficient bounds propagation from adjust_scalar_min_max_vals - usbnet: fix memory leak in error case - netfilter: nft_set_pipapo: release elements in clone from abort path - [amd64] iommu/vt-d: Fix PCI bus rescan device hot add - PM: runtime: Redefine pm_runtime_release_supplier() - memregion: Fix memregion_free() fallback definition - video: of_display_timing.h: include errno.h - [powerpc*] powernv: delay rng platform device creation until later in boot - can: kvaser_usb: replace run-time checks with struct kvaser_usb_driver_info - can: kvaser_usb: kvaser_usb_leaf: fix CAN clock frequency regression - can: kvaser_usb: kvaser_usb_leaf: fix bittiming limits - xfs: remove incorrect ASSERT in xfs_rename - [armhf] meson: Fix refcount leak in meson_smp_prepare_cpus - [armhf] pinctrl: sunxi: a83t: Fix NAND function name for some pins - [arm64] dts: imx8mp-evk: correct mmc pad settings - [arm64] dts: imx8mp-evk: correct the uart2 pinctl value - [arm64] dts: imx8mp-evk: correct gpio-led pad settings - [arm64] dts: imx8mp-evk: correct I2C3 pad settings - [arm64,armhf] pinctrl: sunxi: sunxi_pconf_set: use correct offset - [arm64] dts: qcom: msm8992-*: Fix vdd_lvs1_2-supply typo - xsk: Clear page contiguity bit when unmapping pool - i40e: Fix dropped jumbo frames statistics - r8169: fix accessing unset transport header - [armhf] dmaengine: imx-sdma: Allow imx8m for imx7 FW revs - misc: rtsx_usb: fix use of dma mapped buffer for usb bulk transfer - misc: rtsx_usb: use separate command and response buffers - misc: rtsx_usb: set return value in rsp_buf alloc err path - dt-bindings: dma: allwinner,sun50i-a64-dma: Fix min/max typo - ida: don't use BUG_ON() for debugging - [arm64,armhf] dmaengine: pl330: Fix lockdep warning about non-static key - [armhf] dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate - [armhf] dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.131 - [armhf] Revert "mtd: rawnand: gpmi: Fix setting busy timeout setting" https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.132 - [x86] ALSA: hda - Add fixup for Dell Latitidue E5430 - [x86] ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model - [x86] ALSA: hda/realtek: Fix headset mic for Acer SF313-51 - [x86] ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671 - [x86] ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc221 - [x86] ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop - xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue - fix race between exit_itimers() and /proc/pid/timers - mm: split huge PUD on wp_huge_pud fallback - tracing/histograms: Fix memory leak problem - net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale pointer - ip: fix dflt addr selection for connected nexthop - [armhf] 9213/1: Print message about disabled Spectre workarounds only once - [armel,armhf] 9214/1: alignment: advance IT state after emulating Thumb instruction - wifi: mac80211: fix queue selection for mesh/OCB interfaces - cgroup: Use separate src/dst nodes when preloading css_sets for migration - btrfs: return -EAGAIN for NOWAIT dio reads/writes on compressed and inline extents - [arm64,armhf] drm/panfrost: Put mapping instead of shmem obj on panfrost_mmu_map_fault_addr() error - [arm64,armhf] drm/panfrost: Fix shrinker list corruption by madvise IOCTL - fs/remap: constrain dedupe of EOF blocks - nilfs2: fix incorrect masking of permission flags for symlinks - sh: convert nommu io{re,un}map() to static inline functions - Revert "evm: Fix memleak in init_desc" - ext4: fix race condition between ext4_write and ext4_convert_inline_data - [armhf] dts: imx6qdl-ts7970: Fix ngpio typo and count - [armhf] 9209/1: Spectre-BHB: avoid pr_info() every time a CPU comes out of idle - [armel,armhf] 9210/1: Mark the FDT_FIXED sections as shareable - net/mlx5e: Fix capability check for updating vnic env counters - [x86] drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector() - ima: Fix a potential integer overflow in ima_appraise_measurement - [arm64,armhf] ASoC: sgtl5000: Fix noise on shutdown/remove - [x86] ASoC: Intel: Skylake: Correct the ssp rate discovery in skl_get_ssp_clks() - [x86] ASoC: Intel: Skylake: Correct the handling of fmt_config flexible array - sysctl: Fix data races in proc_dointvec(). - sysctl: Fix data races in proc_douintvec(). - sysctl: Fix data races in proc_dointvec_minmax(). - sysctl: Fix data races in proc_douintvec_minmax(). - sysctl: Fix data races in proc_doulongvec_minmax(). - sysctl: Fix data races in proc_dointvec_jiffies(). - tcp: Fix a data-race around sysctl_tcp_max_orphans. - inetpeer: Fix data-races around sysctl. - net: Fix data-races around sysctl_mem. - cipso: Fix data-races around sysctl. - icmp: Fix data-races around sysctl. - ipv4: Fix a data-race around sysctl_fib_sync_mem. - [armhf] dts: sunxi: Fix SPI NOR campatible on Orange Pi Zero - [x86] drm/i915/gt: Serialize TLB invalidates with GT resets - sysctl: Fix data-races in proc_dointvec_ms_jiffies(). - icmp: Fix a data-race around sysctl_icmp_ratelimit. - icmp: Fix a data-race around sysctl_icmp_ratemask. - raw: Fix a data-race around sysctl_raw_l3mdev_accept. - ipv4: Fix data-races around sysctl_ip_dynaddr. - nexthop: Fix data-races around nexthop_compat_mode. - [armhf] net: ftgmac100: Hold reference returned by of_get_child_by_name() - ima: force signature verification when CONFIG_KEXEC_SIG is configured - ima: Fix potential memory leak in ima_init_crypto() - sfc: fix use after free when disabling sriov - seg6: fix skb checksum evaluation in SRH encapsulation/insertion - seg6: fix skb checksum in SRv6 End.B6 and End.B6.Encaps behaviors - seg6: bpf: fix skb checksum in bpf_push_seg6_encap() - sfc: fix kernel panic when creating VF - net: atlantic: remove deep parameter on suspend/resume functions - net: atlantic: remove aq_nic_deinit() when resume - [x86] KVM: x86: Fully initialize 'struct kvm_lapic_irq' in kvm_pv_kick_cpu_op() - net/tls: Check for errors in tls_device_init - mm: sysctl: fix missing numa_stat when !CONFIG_HUGETLB_PAGE - virtio_mmio: Add missing PM calls to freeze/restore - virtio_mmio: Restore guest page size on resume - netfilter: br_netfilter: do not skip all hooks with 0 priority - [arm64] scsi: hisi_sas: Limit max hw sectors for v3 HW - [powerpc*] cpufreq: pmac32-cpufreq: Fix refcount leak bug - [x86] platform/x86: hp-wmi: Ignore Sanitization Mode event - net: tipc: fix possible refcount leak in tipc_sk_create() - nvme-tcp: always fail a request when sending it failed - nvme: fix regression when disconnect a recovering ctrl - net: sfp: fix memory leak in sfp_probe() - ASoC: ops: Fix off by one in range control validation - [armhf] pinctrl: aspeed: Fix potential NULL dereference in aspeed_pinmux_set_mux() - [x86] ASoC: SOF: Intel: hda-loader: Clarify the cl_dsp_init() flow - ASoC: dapm: Initialise kcontrol data for mux/demux controls - [amd64] Clear .brk area at early boot - [armhf] dts: stm32: use the correct clock source for CEC on stm32mp151 - Revert "can: xilinx_can: Limit CANFD brp to 2" - nvme-pci: phison e16 has bogus namespace ids - signal handling: don't use BUG_ON() for debugging - USB: serial: ftdi_sio: add Belimo device ids - usb: typec: add missing uevent when partner support PD - [arm64,armhf] usb: dwc3: gadget: Fix event pending check - [armhf] tty: serial: samsung_tty: set dma burst_size to 1 - vt: fix memory overlapping when deleting chars in the buffer - serial: 8250: fix return error code in serial8250_request_std_resource() - [armhf] serial: stm32: Clear prev values before setting RTS delays - [arm*] serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle - serial: 8250: Fix PM usage_count for console handover - [x86] pat: Fix x86_has_pat_wp() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.133 - [amd64] Preparation for mitigating RETbleed: + KVM/VMX: Use TEST %REG,%REG instead of CMP $0,%REG in vmenter.S + KVM/nVMX: Use __vmx_vcpu_run in nested_vmx_check_vmentry_hw + objtool: Refactor ORC section generation + objtool: Add 'alt_group' struct + objtool: Support stack layout changes in alternatives + objtool: Support retpoline jump detection for vmlinux.o + objtool: Assume only ELF functions do sibling calls + objtool: Combine UNWIND_HINT_RET_OFFSET and UNWIND_HINT_FUNC + x86/xen: Support objtool validation in xen-asm.S + x86/xen: Support objtool vmlinux.o validation in xen-head.S + x86/alternative: Merge include files + x86/alternative: Support not-feature + x86/alternative: Support ALTERNATIVE_TERNARY + x86/alternative: Use ALTERNATIVE_TERNARY() in _static_cpu_has() + x86/insn: Rename insn_decode() to insn_decode_from_regs() + x86/insn: Add a __ignore_sync_check__ marker + x86/insn: Add an insn_decode() API + x86/insn-eval: Handle return values from the decoder + x86/alternative: Use insn_decode() + x86: Add insn_decode_kernel() + x86/alternatives: Optimize optimize_nops() + x86/retpoline: Simplify retpolines + objtool: Correctly handle retpoline thunk calls + objtool: Handle per arch retpoline naming + objtool: Rework the elf_rebuild_reloc_section() logic + objtool: Add elf_create_reloc() helper + objtool: Create reloc sections implicitly + objtool: Extract elf_strtab_concat() + objtool: Extract elf_symbol_add() + objtool: Add elf_create_undef_symbol() + objtool: Keep track of retpoline call sites + objtool: Cache instruction relocs + objtool: Skip magical retpoline .altinstr_replacement + objtool/x86: Rewrite retpoline thunk calls + objtool: Support asm jump tables + x86/alternative: Optimize single-byte NOPs at an arbitrary position + objtool: Fix .symtab_shndx handling for elf_create_undef_symbol() + objtool: Only rewrite unconditional retpoline thunk calls + objtool/x86: Ignore __x86_indirect_alt_* symbols + objtool: Don't make .altinstructions writable + objtool: Teach get_alt_entry() about more relocation types + objtool: print out the symbol type when complaining about it + objtool: Remove reloc symbol type checks in get_alt_entry() + objtool: Make .altinstructions section entry size consistent + objtool: Introduce CFI hash + objtool: Handle __sanitize_cov*() tail calls + objtool: Classify symbols + objtool: Explicitly avoid self modifying code in .altinstr_replacement + objtool,x86: Replace alternatives with .retpoline_sites + x86/retpoline: Remove unused replacement symbols + x86/asm: Fix register order + x86/asm: Fixup odd GEN-for-each-reg.h usage + x86/retpoline: Move the retpoline thunk declarations to nospec-branch.h + x86/retpoline: Create a retpoline thunk array + x86/alternative: Implement .retpoline_sites support + x86/alternative: Handle Jcc __x86_indirect_thunk_\reg + x86/alternative: Try inline spectre_v2=retpoline,amd + x86/alternative: Add debug prints to apply_retpolines() + bpf,x86: Simplify computing label offsets + bpf,x86: Respect X86_FEATURE_RETPOLINE* + x86/lib/atomic64_386_32: Rename things - [amd64] Mitigate straight-line speculation: + x86: Prepare asm files for straight-line-speculation + x86: Prepare inline-asm for straight-line-speculation + x86/alternative: Relax text_poke_bp() constraint + objtool: Add straight-line-speculation validation + x86: Add straight-line-speculation mitigation + tools arch: Update arch/x86/lib/mem{cpy,set}_64.S copies used in 'perf bench mem memcpy' + kvm/emulate: Fix SETcc emulation function offsets with SLS + objtool: Default ignore INT3 for unreachable + crypto: x86/poly1305 - Fixup SLS + objtool: Fix SLS validation for kcov tail-call replacement - objtool: Fix code relocs vs weak symbols - objtool: Fix type of reloc::addend - objtool: Fix symbol creation - x86/entry: Remove skip_r11rcx - objtool: Fix objtool regression on x32 systems - x86/realmode: build with -D__DISABLE_EXPORTS - [amd64] Add mitigations for RETbleed on AMD/Hygon (CVE-2022-29900) and Intel (CVE-2022-29901) processors: + x86/kvm/vmx: Make noinstr clean + x86/cpufeatures: Move RETPOLINE flags to word 11 + x86/retpoline: Cleanup some #ifdefery + x86/retpoline: Swizzle retpoline thunk + Makefile: Set retpoline cflags based on CONFIG_CC_IS_{CLANG,GCC} + x86/retpoline: Use -mfunction-return + x86: Undo return-thunk damage + x86,objtool: Create .return_sites + objtool: skip non-text sections when adding return-thunk sites + x86,static_call: Use alternative RET encoding + x86/ftrace: Use alternative RET encoding + x86/bpf: Use alternative RET encoding + x86/kvm: Fix SETcc emulation for return thunks + x86/vsyscall_emu/64: Don't use RET in vsyscall emulation + x86/sev: Avoid using __x86_return_thunk + x86: Use return-thunk in asm code + objtool: Treat .text.__x86.* as noinstr + x86: Add magic AMD return-thunk + x86/bugs: Report AMD retbleed vulnerability + x86/bugs: Add AMD retbleed= boot parameter + x86/bugs: Enable STIBP for JMP2RET + x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value + x86/entry: Add kernel IBRS implementation + x86/bugs: Optimize SPEC_CTRL MSR writes + x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS + x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation() + x86/bugs: Report Intel retbleed vulnerability + intel_idle: Disable IBRS during long idle + objtool: Update Retpoline validation + x86/xen: Rename SYS* entry points + x86/bugs: Add retbleed=ibpb + x86/bugs: Do IBPB fallback check only once + objtool: Add entry UNRET validation + x86/cpu/amd: Add Spectral Chicken + x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n + x86/speculation: Fix firmware entry SPEC_CTRL handling + x86/speculation: Fix SPEC_CTRL write on SMT state change + x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit + x86/speculation: Remove x86_spec_ctrl_mask + objtool: Re-add UNWIND_HINT_{SAVE_RESTORE} + KVM: VMX: Flatten __vmx_vcpu_run() + KVM: VMX: Convert launched argument to flags + KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS + KVM: VMX: Fix IBRS handling after vmexit + x86/speculation: Fill RSB on vmexit for IBRS + x86/common: Stamp out the stepping madness + x86/cpu/amd: Enumerate BTC_NO + x86/retbleed: Add fine grained Kconfig knobs + x86/bugs: Add Cannon lake to RETBleed affected CPU list + x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported + x86/kexec: Disable RET on kexec + x86/speculation: Disable RRSBA behavior - x86/static_call: Serialize __static_call_fixup() properly - tools/insn: Restore the relative include paths for cross building - x86, kvm: use proper ASM macros for kvm_vcpu_is_preempted - x86/xen: Fix initialisation in hypercall_page after rethunk - x86/ftrace: Add UNWIND_HINT_FUNC annotation for ftrace_stub - x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit - x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current - efi/x86: use naked RET on mixed mode call wrapper - x86/kvm: fix FASTOP_SIZE when return thunks are enabled - KVM: emulate: do not adjust size of fastop and setcc subroutines - tools arch x86: Sync the msr-index.h copy with the kernel sources - tools headers cpufeatures: Sync with the kernel sources - x86/bugs: Remove apostrophe typo - um: Add missing apply_returns() - x86: Use -mindirect-branch-cs-prefix for RETPOLINE builds - kvm: fix objtool relocation warning - objtool: Fix elf_create_undef_symbol() endianness - tools arch: Update arch/x86/lib/mem{cpy,set}_64.S copies used in 'perf bench mem memcpy' - again - tools headers: Remove broken definition of __LITTLE_ENDIAN https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.134 - [armhf] pinctrl: stm32: fix optional IRQ support to gpios - lockdown: Fix kexec lockdown bypass with ima policy (CVE-2022-21505) - io_uring: Use original task for req identity in io_identity_cow() - xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE - docs: net: explain struct net_device lifetime - net: make free_netdev() more lenient with unregistering devices - net: make sure devices go through netdev_wait_all_refs - net: move net_set_todo inside rollback_registered() - net: inline rollback_registered() - net: move rollback_registered_many() - net: inline rollback_registered_many() - [amd64] PCI: hv: Fix multi-MSI to allow more than one MSI vector - [amd64] PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI - [amd64] PCI: hv: Reuse existing IRTE allocation in compose_msi_msg() - [amd64] PCI: hv: Fix interrupt mapping for multi-MSI - [arm64] serial: mvebu-uart: correctly report configured baudrate value - xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in xfrm_bundle_lookup() (CVE-2022-36879) - perf/core: Fix data race between perf_event_set_output() and perf_mmap_close() - drm/amdgpu/display: add quirk handling for stutter mode - igc: Reinstate IGC_REMOVED logic and implement it properly - ip: Fix data-races around sysctl_ip_no_pmtu_disc. - ip: Fix data-races around sysctl_ip_fwd_use_pmtu. - ip: Fix data-races around sysctl_ip_fwd_update_priority. - ip: Fix data-races around sysctl_ip_nonlocal_bind. - ip: Fix a data-race around sysctl_ip_autobind_reuse. - ip: Fix a data-race around sysctl_fwmark_reflect. - tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept. - tcp: Fix data-races around sysctl_tcp_mtu_probing. - tcp: Fix data-races around sysctl_tcp_base_mss. - tcp: Fix data-races around sysctl_tcp_min_snd_mss. - tcp: Fix a data-race around sysctl_tcp_mtu_probe_floor. - tcp: Fix a data-race around sysctl_tcp_probe_threshold. - tcp: Fix a data-race around sysctl_tcp_probe_interval. - net: stmmac: fix unbalanced ptp clock issue in suspend/resume flow - net: stmmac: fix dma queue left shift overflow issue - igmp: Fix data-races around sysctl_igmp_llm_reports. - igmp: Fix a data-race around sysctl_igmp_max_memberships. - igmp: Fix data-races around sysctl_igmp_max_msf. - tcp: Fix data-races around keepalive sysctl knobs. - tcp: Fix data-races around sysctl_tcp_syncookies. - tcp: Fix data-races around sysctl_tcp_reordering. - tcp: Fix data-races around some timeout sysctl knobs. - tcp: Fix a data-race around sysctl_tcp_notsent_lowat. - tcp: Fix a data-race around sysctl_tcp_tw_reuse. - tcp: Fix data-races around sysctl_max_syn_backlog. - tcp: Fix data-races around sysctl_tcp_fastopen. - tcp: Fix data-races around sysctl_tcp_fastopen_blackhole_timeout. - iavf: Fix handling of dummy receive descriptors - i40e: Fix erroneous adapter reinitialization during recovery process - ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero - [arm64,armhf] gpio: pca953x: only use single read/write for No AI mode - [arm64,armhf] gpio: pca953x: use the correct range when do regmap sync - [arm64,armhf] gpio: pca953x: use the correct register address when regcache sync during init - be2net: Fix buffer overflow in be_get_module_eeprom - ipv4: Fix a data-race around sysctl_fib_multipath_use_neigh. - ip: Fix data-races around sysctl_ip_prot_sock. - udp: Fix a data-race around sysctl_udp_l3mdev_accept. - tcp: Fix data-races around sysctl knobs related to SYN option. - tcp: Fix a data-race around sysctl_tcp_early_retrans. - tcp: Fix data-races around sysctl_tcp_recovery. - tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts. - tcp: Fix data-races around sysctl_tcp_slow_start_after_idle. - tcp: Fix a data-race around sysctl_tcp_retrans_collapse. - tcp: Fix a data-race around sysctl_tcp_stdurg. - tcp: Fix a data-race around sysctl_tcp_rfc1337. - tcp: Fix data-races around sysctl_tcp_max_reordering. - [arm*] spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for non DMA transfers - KVM: Don't null dereference ops->destroy - mm/mempolicy: fix uninit-value in mpol_rebind_policy() - bpf: Make sure mac_header was set before using it - sched/deadline: Fix BUG_ON condition for deboosted tasks - [x86] bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts - dlm: fix pending remove if msg allocation fails - bitfield.h: Fix "type of reg too small for mask" test - ALSA: memalloc: Align buffer allocations in page size - Bluetooth: Add bt_skb_sendmsg helper - Bluetooth: Add bt_skb_sendmmsg helper - Bluetooth: SCO: Replace use of memcpy_from_msg with bt_skb_sendmsg - Bluetooth: RFCOMM: Replace use of memcpy_from_msg with bt_skb_sendmmsg - Bluetooth: Fix passing NULL to PTR_ERR - Bluetooth: SCO: Fix sco_send_frame returning skb->len - Bluetooth: Fix bt_skb_sendmmsg not allocating partial chunks - [x86] amd: Use IBPB for firmware calls - [x86] alternative: Report missing return thunk details - watchqueue: make sure to serialize 'wqueue->defunct' properly - tty: drivers/tty/, stop using tty_schedule_flip() - tty: the rest, stop using tty_schedule_flip() - tty: drop tty_schedule_flip() - tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push() - tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - net: usb: ax88179_178a needs FLAG_SEND_ZLP - watch-queue: remove spurious double semicolon https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.135 - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put - Revert "ocfs2: mount shared volume without ha stack" - [s390x] archrandom: prevent CPACF trng invocations in interrupt context - watch_queue: Fix missing rcu annotation - watch_queue: Fix missing locking in add_watch_to_object() - tcp: Fix data-races around sysctl_tcp_dsack. - tcp: Fix a data-race around sysctl_tcp_app_win. - tcp: Fix a data-race around sysctl_tcp_adv_win_scale. - tcp: Fix a data-race around sysctl_tcp_frto. - tcp: Fix a data-race around sysctl_tcp_nometrics_save. - tcp: Fix data-races around sysctl_tcp_no_ssthresh_metrics_save. - ice: check (DD | EOF) bits on Rx descriptor rather than (EOP | RS) - ice: do not setup vlan for loopback VSI - Revert "tcp: change pingpong threshold to 3" - tcp: Fix data-races around sysctl_tcp_moderate_rcvbuf. - tcp: Fix a data-race around sysctl_tcp_limit_output_bytes. - tcp: Fix a data-race around sysctl_tcp_challenge_ack_limit. - net: ping6: Fix memleak in ipv6_renew_options(). - ipv6/addrconf: fix a null-ptr-deref bug for ip6_ptr - igmp: Fix data-races around sysctl_igmp_qrv. - net: sungem_phy: Add of_node_put() for reference returned by of_get_parent() - tcp: Fix a data-race around sysctl_tcp_min_tso_segs. - tcp: Fix a data-race around sysctl_tcp_min_rtt_wlen. - tcp: Fix a data-race around sysctl_tcp_autocorking. - tcp: Fix a data-race around sysctl_tcp_invalid_ratelimit. - Documentation: fix sctp_wmem in ip-sysctl.rst - macsec: fix NULL deref in macsec_add_rxsa - macsec: fix error message in macsec_add_rxsa and _txsa - macsec: limit replay window size with XPN - macsec: always read MACSEC_SA_ATTR_PN as a u64 - net: macsec: fix potential resource leak in macsec_add_rxsa() and macsec_add_txsa() - tcp: Fix a data-race around sysctl_tcp_comp_sack_delay_ns. - tcp: Fix a data-race around sysctl_tcp_comp_sack_slack_ns. - tcp: Fix a data-race around sysctl_tcp_comp_sack_nr. - tcp: Fix data-races around sysctl_tcp_reflect_tos. - i40e: Fix interface init with MSI interrupts (no MSI-X) - sctp: fix sleep in atomic context bug in timer handlers - netfilter: nf_queue: do not allow packet truncation below transport header offset (CVE-2022-36946) - virtio-net: fix the race between refill work and close - sfc: disable softirqs for ptp TX - sctp: leave the err path free in sctp_stream_init to sctp_stream_free - page_alloc: fix invalid watermark check on a negative value - mt7601u: add USB device ID for some versions of XiaoDu WiFi Dongle. - [arm*] 9216/1: Fix MAX_DMA_ADDRESS overflow - docs/kernel-parameters: Update descriptions for "mitigations=" param with retbleed - xfs: refactor xfs_file_fsync - xfs: xfs_log_force_lsn isn't passed a LSN - xfs: prevent UAF in xfs_log_item_in_current_chkpt - xfs: fix log intent recovery ENOSPC shutdowns when inactivating inodes - xfs: force the log offline when log intent item recovery fails - xfs: hold buffer across unpin and potential shutdown processing - xfs: remove dead stale buf unpin handling code - xfs: logging the on disk inode LSN can make it go backwards - xfs: Enforce attr3 buffer recovery order - [x86] bugs: Do not enable IBPB at firmware entry when IBPB is not available - bpf: Consolidate shared test timing code - bpf: Add PROG_TEST_RUN support for sk_lookup programs https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.136 - [x86] speculation: Make all RETbleed mitigations 64-bit only - ath9k_htc: fix NULL pointer dereference at ath9k_htc_rxep() - ath9k_htc: fix NULL pointer dereference at ath9k_htc_tx_get_packet() - tun: avoid double free in tun_free_netdev - [x86] ACPI: video: Force backlight native for some TongFang devices - [x86] ACPI: video: Shortening quirk list by identifying Clevo by board_name only - ACPI: APEI: Better fix to avoid spamming the console with old error logs - [arm64] crypto: arm64/poly1305 - fix a read out-of-bound - Bluetooth: hci_bcm: Add BCM4349B1 variant - Bluetooth: hci_bcm: Add DT compatible for CYW55572 - Bluetooth: btusb: Add support of IMC Networks PID 0x3568 - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04CA:0x4007 - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04C5:0x1675 - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0CB8:0xC558 - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3587 - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3586 - [x86] Add mitigations for Post-Barrier Return Stack Buffer Prediction (PBRSB) issue (CVE-2022-26373): + x86/speculation: Add RSB VM Exit protections + x86/speculation: Add LFENCE to RSB fill sequence . [ Salvatore Bonaccorso ] * Bump ABI to 17 * [rt] Update to 5.10.131-rt72 * posix-cpu-timers: Cleanup CPU timers before freeing them during exec (CVE-2022-2585) * netfilter: nf_tables: do not allow SET_ID to refer to another table (CVE-2022-2586) * netfilter: nf_tables: do not allow CHAIN_ID to refer to another table * netfilter: nf_tables: do not allow RULE_ID to refer to another chain * net_sched: cls_route: remove from list when handle is 0 (CVE-2022-2588) linux-signed-arm64 (5.10.127+2) bullseye-security; urgency=high . * Sign kernel from linux 5.10.127-2 . * [amd64,arm64,armhf] wireguard: Clear keys after suspend despite CONFIG_ANDROID=y * netfilter: nf_tables: stricter validation of element data (CVE-2022-34918) * net: rose: fix UAF bugs caused by timer handler (CVE-2022-2318) * net: rose: fix UAF bug caused by rose_t0timer_expiry * xen/{blk,net}front: fix leaking data in shared pages (CVE-2022-26365, CVE-2022-33740) * xen/{blk,net}front: force data bouncing when backend is untrusted (CVE-2022-33741, CVE-2022-33742) * xen-netfront: restore __skb_queue_tail() positioning in xennet_get_responses() (CVE-2022-33743) * [arm64,armhf] xen/arm: Fix race in RB-tree based P2M accounting (CVE-2022-33744) * fbdev: fbmem: Fix logo center image dx issue * fbdev: Fix potential out-of-bounds writes (CVE-2021-33655): - fbmem: Check virtual screen sizes in fb_set_var() - fbcon: Disallow setting font bigger than screen size - fbcon: Prevent that screen size is smaller than font size linux-signed-arm64 (5.10.127+2~bpo10+1) buster-backports; urgency=high . * Sign kernel from linux 5.10.127-2~bpo10+1 . * Rebuild for buster-backports: - Change ABI number to 0.deb10.16 linux-signed-i386 (5.10.140+1) bullseye; urgency=medium . * Sign kernel from linux 5.10.140-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.137 - Makefile: link with -z noexecstack --no-warn-rwx-segments - [x86] link vdso and boot with -z noexecstack --no-warn-rwx-segments - Revert "pNFS: nfs3_set_ds_client should set NFS_CS_NOPING" - scsi: Revert "scsi: qla2xxx: Fix disk failure to rediscover" - ALSA: bcd2000: Fix a UAF bug on the error path of probing - ALSA: hda/realtek: Add quirk for Clevo NV45PZ - ALSA: hda/realtek: Add quirk for HP Spectre x360 15-eb0xxx - wifi: mac80211_hwsim: fix race condition in pending packet - wifi: mac80211_hwsim: add back erroneously removed cast - wifi: mac80211_hwsim: use 32-bit skb cookie - add barriers to buffer_uptodate and set_buffer_uptodate - HID: wacom: Only report rotation for art pen - HID: wacom: Don't register pad_input for touch switch - [x86] KVM: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending case - [x86] KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending case - [x86] KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 - [s390x] KVM: s390: pv: don't present the ecall interrupt twice - [x86] KVM: nVMX: Let userspace set nVMX MSR to any _host_ supported value - [x86] KVM: x86: Mark TSS busy during LTR emulation _after_ all fault checks - [x86] KVM: x86: Set error code to segment selector on LLDT/LTR non-canonical #GP - [x86] KVM: x86: Tag kvm_mmu_x86_module_init() with __init - mm: Add kvrealloc() - xfs: only set IOMAP_F_SHARED when providing a srcmap to a write - xfs: fix I_DONTCACHE - mm/mremap: hold the rmap lock in write mode when moving page table entries. - ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model - ALSA: hda/cirrus - support for iMac 12,1 model - ALSA: hda/realtek: Add quirk for another Asus K42JZ model - ALSA: hda/realtek: Add a quirk for HP OMEN 15 (8786) mute LED - tty: vt: initialize unicode screen buffer - vfs: Check the truncate maximum size in inode_newsize_ok() - fs: Add missing umask strip in vfs_tmpfile - thermal: sysfs: Fix cooling_device_stats_setup() error code path - fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters - fbcon: Fix accelerated fbdev scrolling while logo is still shown - usbnet: Fix linkwatch use-after-free on disconnect - ovl: drop WARN_ON() dentry is NULL in ovl_encode_fh() - drm/gem: Properly annotate WW context on drm_gem_lock_reservations() error - [arm*] drm/vc4: hdmi: Disable audio if dmas property is present but empty - drm/nouveau: fix another off-by-one in nvbios_addr - drm/nouveau: Don't pm_runtime_put_sync(), only pm_runtime_put_autosuspend() - drm/nouveau/acpi: Don't print error when we get -EINPROGRESS from pm_runtime - drm/amdgpu: Check BO's requested pinning domains against its preferred_domains - iio: light: isl29028: Fix the warning in isl29028_remove() - scsi: sg: Allow waiting for commands to complete on removed device - scsi: qla2xxx: Fix incorrect display of max frame size - scsi: qla2xxx: Zero undefined mailbox IN registers - fuse: limit nsec - [arm64] serial: mvebu-uart: uart2 error bits clearing - md-raid: destroy the bitmap after destroying the thread - md-raid10: fix KASAN warning - PCI: Add defines for normal and subtractive PCI bridges - [powerpc*] powernv: Avoid crashing if rng is NULL - [mips64el,mipsel] cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK - usb: typec: ucsi: Acknowledge the GET_ERROR_STATUS command completion - USB: HCD: Fix URB giveback issue in tasklet function - [arm64,armhf] usb: dwc3: gadget: refactor dwc3_repare_one_trb - [arm64,armhf] usb: dwc3: gadget: fix high speed multiplier setting - netfilter: nf_tables: fix null deref due to zeroed list head - epoll: autoremove wakers even more aggressively - [x86] Handle idle=nomwait cmdline properly for x86_idle - [arm64] Do not forget syscall when starting a new thread. - [arm64] fix oops in concurrently setting insn_emulation sysctls - genirq: Don't return error on missing optional irq_request_resources() - [mips64el,mipsel] irqchip/mips-gic: Only register IPI domain when SMP is enabled - genirq: GENERIC_IRQ_IPI depends on SMP - [mips64el,mipsel] irqchip/mips-gic: Check the return value of ioremap() in gic_of_init() - wait: Fix __wait_event_hrtimeout for RT/DL tasks - [armhf] OMAP2+: display: Fix refcount leak bug - ACPI: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI quirks - ACPI: EC: Drop the EC_FLAGS_IGNORE_DSDT_GPE quirk - ACPI: PM: save NVS memory for Lenovo G40-45 - ACPI: LPSS: Fix missing check in register_device_clock() - [arm64] dts: allwinner: a64: orangepi-win: Fix LED node name - PM: hibernate: defer device probing when resuming from hibernation - selinux: Add boundary check in put_entry() - [armel,armhf] findbit: fix overflowing offset - [arm64,armhf] meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init - ACPI: processor/idle: Annotate more functions to live in cpuidle section - Input: atmel_mxt_ts - fix up inverted RESET handler - [arm64] soc: amlogic: Fix refcount leak in meson-secure-pwrc.c - [x86] pmem: Fix platform-device leak in error path - [armhf] dts: ast2500-evb: fix board compatible - [armhf] dts: ast2600-evb: fix board compatible - [arm64] cpufeature: Allow different PMU versions in ID_DFR0_EL1 - locking/lockdep: Fix lockdep_init_map_*() confusion - [arm64] soc: fsl: guts: machine variable might be unset - block: fix infinite loop for invalid zone append - [armhf] OMAP2+: Fix refcount leak in omapdss_init_of - [armhf] OMAP2+: Fix refcount leak in omap3xxx_prm_late_init - [arm64] regulator: qcom_smd: Fix pm8916_pldo range - [arm64] ACPI: APEI: Fix _EINJ vs EFI_MEMORY_SP - [arm64] bus: hisi_lpc: fix missing platform_device_put() in hisi_lpc_acpi_probe() - erofs: avoid consecutive detection for Highmem memory - blk-mq: don't create hctx debugfs dir until q->debugfs_dir is created - hwmon: (drivetemp) Add module alias - block: remove the request_queue to argument request based tracepoints - blktrace: Trace remapped requests correctly - regulator: of: Fix refcount leak bug in of_get_regulation_constraints() - nohz/full, sched/rt: Fix missed tick-reenabling bug in dequeue_task_rt() - dm: return early from dm_pr_call() if DM device is suspended - ath10k: do not enforce interrupt trigger type - wifi: rtlwifi: fix error codes in rtl_debugfs_set_write_h2c() - ath11k: fix netdev open race - drm/mipi-dbi: align max_chunk to 2 in spi_transfer - ath11k: Fix incorrect debug_mask mappings - drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers() - virtio-gpu: fix a missing check to avoid NULL dereference - [arm64] drm: adv7511: override i2c address of cec before accessing it - net: fix sk_wmem_schedule() and sk_rmem_schedule() errors - i2c: Fix a potential use after free - media: tw686x: Register the irq at the end of probe - ath9k: fix use-after-free in ath9k_hif_usb_rx_cb (CVE-2022-1679) - wifi: iwlegacy: 4965: fix potential off-by-one overflow in il4965_rs_fill_link_cmd() - drm/radeon: fix incorrrect SPDX-License-Identifiers - [amd64] crypto: ccp - During shutdown, check SEV data pointer before using - [arm64] drm: bridge: adv7511: Add check for mipi_dsi_driver_register - media: hdpvr: fix error value returns in hdpvr_read - [arm64,armhf] media: v4l2-mem2mem: prevent pollerr when last_buffer_dequeued is set - media: tw686x: Fix memory leak in tw686x_video_init - [arm*] drm/vc4: plane: Remove subpixel positioning check - [arm*] drm/vc4: plane: Fix margin calculations for the right/bottom edges - [arm*] drm/vc4: dsi: Correct DSI divider calculations - [arm*] drm/vc4: dsi: Correct pixel order for DSI0 - [arm*] drm/vc4: drv: Remove the DSI pointer in vc4_drv - [arm*] drm/vc4: dsi: Use snprintf for the PHY clocks instead of an array - [arm*] drm/vc4: dsi: Introduce a variant structure - [arm*] drm/vc4: dsi: Register dsi0 as the correct vc4 encoder type - [arm*] drm/vc4: dsi: Fix dsi0 interrupt support - [arm*] drm/vc4: dsi: Add correct stop condition to vc4_dsi_encoder_disable iteration - [arm*] drm/vc4: hdmi: Remove firmware logic for MAI threshold setting - [arm*] drm/vc4: hdmi: Avoid full hdmi audio fifo writes - [arm*] drm/vc4: hdmi: Don't access the connector state in reset if kmalloc fails - [arm*] drm/vc4: hdmi: Limit the BCM2711 to the max without scrambling - [arm*] drm/vc4: hdmi: Fix timings for interlaced modes - [arm*] drm/vc4: hdmi: Correct HDMI timing registers for interlaced modes - [arm64,armhf] drm/rockchip: vop: Don't crash for invalid duplicate_state() - [arm64,armhf] drm/rockchip: Fix an error handling path rockchip_dp_probe() - lib: bitmap: order includes alphabetically - lib: bitmap: provide devm_bitmap_alloc() and devm_bitmap_zalloc() - hinic: Use the bitmap API when applicable - net: hinic: fix bug that ethtool get wrong stats - net: hinic: avoid kernel hung in hinic_get_stats64() - [arm64] drm/msm/mdp5: Fix global state lock backoff - mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg - mediatek: mt76: mac80211: Fix missing of_node_put() in mt76_led_init() - tcp: make retransmitted SKB fit into the send window - bpf: Fix subprog names in stack traces. - fs: check FMODE_LSEEK to control internal pipe splicing - wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi() - [i386] can: pch_can: do not report txerr and rxerr during bus-off - can: sja1000: do not report txerr and rxerr during bus-off - [armhf] can: sun4i_can: do not report txerr and rxerr during bus-off - can: kvaser_usb_hydra: do not report txerr and rxerr during bus-off - can: kvaser_usb_leaf: do not report txerr and rxerr during bus-off - can: usb_8dev: do not report txerr and rxerr during bus-off - can: error: specify the values of data[5..7] of CAN error frames - [i386] can: pch_can: pch_can_error(): initialize errc before using it - Bluetooth: hci_intel: Add check for platform_driver_register - wifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()` - wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue - wifi: libertas: Fix possible refcount leak in if_usb_probe() - [arm64,armhf] media: cedrus: hevc: Add check for invalid timestamp - net/mlx5e: Remove WARN_ON when trying to offload an unsupported TLS cipher/version - net/mlx5e: Fix the value of MLX5E_MAX_RQ_NUM_MTTS - [arm64] crypto: inside-secure - Add missing MODULE_DEVICE_TABLE for of - inet: add READ_ONCE(sk->sk_bound_dev_if) in INET_MATCH() - tcp: sk->sk_bound_dev_if once in inet_request_bound_dev_if() - ipv6: add READ_ONCE(sk->sk_bound_dev_if) in INET6_MATCH() - tcp: Fix data-races around sysctl_tcp_l3mdev_accept. - net: allow unbound socket for packets in VRF when tcp_l3mdev_accept set - iavf: Fix max_rate limiting - net: rose: fix netdev reference changes - dccp: put dccp_qpolicy_full() and dccp_qpolicy_push() in the same lock - wireguard: ratelimiter: use hrtimer in selftest - wireguard: allowedips: don't corrupt stack when detecting overflow - HID: cp2112: prevent a buffer overflow in cp2112_xfer() - mtd: partitions: Fix refcount leak in parse_redboot_of - [arm64,armhf] usb: xhci: tegra: Fix error check - netfilter: xtables: Bring SPDX identifier back - [arm64,armhf] platform/chrome: cros_ec: Always expose last resume result - KVM: Don't set Accessed/Dirty bits for ZERO_PAGE - mwifiex: Ignore BTCOEX events from the 88W8897 firmware - mwifiex: fix sleep in atomic context bugs caused by dev_coredumpv - misc: rtsx: Fix an error handling path in rtsx_pci_probe() - driver core: fix potential deadlock in __driver_attach - usb: host: xhci: use snprintf() in xhci_decode_trb() - [arm64,armhf] PCI: dwc: Add unroll iATU space support to dw_pcie_disable_atu() - [arm64,armhf] PCI: dwc: Always enable CDM check if "snps,enable-cdm-check" exists - soundwire: bus_type: fix remove and shutdown support - [arm64] KVM: arm64: Don't return from void function - [x86] intel_th: Fix a resource leak in an error handling path - [x86] intel_th: msu-sink: Potential dereference of null pointer - [x86] intel_th: msu: Fix vmalloced buffers - [x86] staging: rtl8192u: Fix sleep in atomic context bug in dm_fsync_timer_callback - [arm64] mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch - mmc: block: Add single read for 4k sector cards - [s390x] KVM: s390: pv: leak the topmost page table when destroy fails - PCI/portdrv: Don't disable AER reporting in get_port_device_capability() - [arm64] PCI: qcom: Set up rev 2.1.0 PARF_PHY before enabling clocks - scsi: smartpqi: Fix DMA direction for RAID requests - [armhf] usb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc() - [arm64,armhf] usb: dwc3: core: Deprecate GCTL.CORESOFTRESET - [arm64,armhf] usb: dwc3: core: Do not perform GCTL_CORE_SOFTRESET during bootup - [arm64,armhf] usb: dwc3: qcom: fix missing optional irq warnings - RDMA/qedr: Improve error logs for rdma_alloc_tid error return - RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr() - [arm64] RDMA/hns: Fix incorrect clearing of interrupt status register - [amd64] RDMA/hfi1: fix potential memory leak in setup_base_ctxt() - gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data() - [mips64el,mipsel] mmc: cavium-octeon: Add of_node_put() when breaking out of loop - HID: alps: Declare U1_UNICORN_LEGACY support - USB: serial: fix tty-port initialized comments - [armhf,i386] platform/olpc: Fix uninitialized data in debugfs write - RDMA/srpt: Duplicate port name members - RDMA/srpt: Introduce a reference count in struct srpt_device - RDMA/srpt: Fix a use-after-free - mm/mmap.c: fix missing call to vm_unacct_memory in mmap_region - RDMA/mlx5: Add missing check for return value in get namespace flow - RDMA/rxe: Fix error unwind in rxe_create_qp() - null_blk: fix ida error handling in null_add_dev() - nvme: use command_id instead of req->tag in trace_nvme_complete_rq() - jbd2: fix outstanding credits assert in jbd2_journal_commit_transaction() - ext4: recover csum seed of tmp_inode after migrating to extents - jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted - opp: Fix error check in dev_pm_opp_attach_genpd() - serial: 8250: Export ICR access helpers for internal use - serial: 8250_dw: Store LSR into lsr_saved_flags in dw8250_tx_wait_empty() - profiling: fix shift too large makes kernel panic - tty: n_gsm: Delete gsmtty open SABM frame when config requester - tty: n_gsm: fix user open not possible at responder until initiator open - tty: n_gsm: fix wrong queuing behavior in gsm_dlci_data_output() - tty: n_gsm: fix non flow control frames during mux flow off - tty: n_gsm: fix packet re-transmission without open control channel - tty: n_gsm: fix race condition in gsmld_write() - [arm64] ASoC: qcom: Fix missing of_node_put() in asoc_qcom_lpass_cpu_platform_probe() - vfio: Remove extra put/gets around vfio_device->group - vfio: Simplify the lifetime logic for vfio_device - vfio: Split creation of a vfio_device into init and register ops - tty: n_gsm: fix wrong T1 retry count handling - tty: n_gsm: fix DM command - tty: n_gsm: fix missing corner cases in gsmld_poll() - kfifo: fix kfifo_to_user() return type - lib/smp_processor_id: fix imbalanced instrumentation_end() call - [arm64] mfd: max77620: Fix refcount leak in max77620_initialise_fps - [arm64] iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of loop - [s390x] dump: fix old lowcore virtual vs physical address confusion - fuse: Remove the control interface for virtio-fs - [armhf] ASoC: audio-graph-card: Add of_node_put() in fail path - [arm64] watchdog: armada_37xx_wdt: check the return value of devm_ioremap() in armada_37xx_wdt_probe() - [arm64,armhf] video: fbdev: amba-clcd: Fix refcount leak bugs - video: fbdev: sis: fix typos in SiS_GetModeID() - [powerpc*] pci: Prefer PCI domain assignment via DT 'linux,pci-domain' and alias - f2fs: don't set GC_FAILURE_PIN for background GC - f2fs: write checkpoint during FG_GC - f2fs: fix to remove F2FS_COMPR_FL and tag F2FS_NOCOMP_FL at the same time - [powerpc*] xive: Fix refcount leak in xive_get_max_prio - kprobes: Forbid probing on trampoline and BPF code areas - [powerpc*] pci: Fix PHB numbering when using opal-phbid - sched/deadline: Merge dl_task_can_attach() and dl_cpu_busy() - sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed - [amd64] x86/numa: Use cpumask_available instead of hardcoded NULL check - video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock() - sched: Fix the check of nr_running at queue wakelist - video: fbdev: vt8623fb: Check the size of screen before memset_io() - video: fbdev: arkfb: Check the size of screen before memset_io() - video: fbdev: s3fb: Check the size of screen before memset_io() - [s390x] scsi: zfcp: Fix missing auto port scan and thus missing target ports - scsi: qla2xxx: Fix discovery issues in FC-AL topology - scsi: qla2xxx: Turn off multi-queue for 8G adapters - scsi: qla2xxx: Fix erroneous mailbox timeout after PCI error injection - scsi: qla2xxx: Fix losing FCP-2 targets on long port disable with I/Os - scsi: qla2xxx: Fix losing FCP-2 targets during port perturbation tests - [x86] bugs: Enable STIBP for IBPB mitigated RETBleed - [x86] ftrace/x86: Add back ftrace_expected assignment - __follow_mount_rcu(): verify that mount_lock remains unchanged - spmi: trace: fix stack-out-of-bound access in SPMI tracing functions - [x86] drm/i915/dg1: Update DMC_DEBUG3 register - HID: Ignore battery for Elan touchscreen on HP Spectre X360 15-df0xxx - HID: hid-input: add Surface Go battery quirk - [arm*] drm/vc4: drv: Adopt the dma configuration from the HVS or V3D component - usbnet: smsc95xx: Don't clear read-only PHY interrupt - usbnet: smsc95xx: Avoid link settings race on interrupt reception - [x86] intel_th: pci: Add Meteor Lake-P support - [x86] intel_th: pci: Add Raptor Lake-S PCH support - [x86] intel_th: pci: Add Raptor Lake-S CPU support - [x86] KVM: set_msr_mce: Permit guests to ignore single-bit ECC errors - [x86] KVM: x86: Signal #GP, not -EPERM, on bad WRMSR(MCi_CTL/STATUS) - [amd64] iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE) - PCI/AER: Write AER Capability only when we control it - PCI/ERR: Bind RCEC devices to the Root Port driver - PCI/ERR: Rename reset_link() to reset_subordinates() - PCI/ERR: Simplify by using pci_upstream_bridge() - PCI/ERR: Simplify by computing pci_pcie_type() once - PCI/ERR: Use "bridge" for clarity in pcie_do_recovery() - PCI/ERR: Avoid negated conditional for clarity - PCI/ERR: Add pci_walk_bridge() to pcie_do_recovery() - PCI/ERR: Recover from RCEC AER errors - PCI/AER: Iterate over error counters instead of error strings - serial: 8250: Dissociate 4MHz Titan ports from Oxford ports - serial: 8250: Correct the clock for OxSemi PCIe devices - serial: 8250_pci: Refactor the loop in pci_ite887x_init() - serial: 8250_pci: Replace dev_*() by pci_*() macros - serial: 8250: Fold EndRun device support into OxSemi Tornado code - dm writecache: set a default MAX_WRITEBACK_JOBS - dm thin: fix use-after-free crash in dm_sm_register_threshold_callback - timekeeping: contribute wall clock to rng on time change - btrfs: reject log replay if there is unsupported RO compat flag - btrfs: reset block group chunk force if we have to wait - [amd64,arm64] ACPI: CPPC: Do not prevent CPPC from working in the future - [x86] KVM: VMX: Drop guest CPUID check for VMXE in vmx_set_cr4() - [x86] KVM: VMX: Drop explicit 'nested' check from vmx_set_cr4() - [x86] KVM: SVM: Drop VMXE check from svm_set_cr4() - [x86] KVM: x86: Move vendor CR4 validity check to dedicated kvm_x86_ops hook - [x86] KVM: nVMX: Inject #UD if VMXON is attempted with incompatible CR0/CR4 - [x86] KVM: x86/pmu: preserve IA32_PERF_CAPABILITIES across CPUID refresh - [x86] KVM: x86/pmu: Use binary search to check filtered events - [x86] KVM: x86/pmu: Use different raw event masks for AMD and Intel - [x86] KVM: x86/pmu: Introduce the ctrl_mask value for fixed counter - [x86] KVM: VMX: Mark all PERF_GLOBAL_(OVF)_CTRL bits reserved if there's no vPMU - [x86] KVM: x86/pmu: Ignore pmu->global_ctrl check if vPMU doesn't support global_ctrl - xen-blkback: fix persistent grants negotiation - xen-blkback: Apply 'feature_persistent' parameter when connect - xen-blkfront: Apply 'feature_persistent' parameter when connect - KEYS: asymmetric: enforce SM2 signature use pkey algo - tpm: eventlog: Fix section mismatch for DEBUG_SECTION_MISMATCH - tracing: Use a struct alignof to determine trace event field alignment - ext4: check if directory block is within i_size (CVE-2022-1184) - ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h - ext4: fix warning in ext4_iomap_begin as race between bmap and write - ext4: make sure ext4_append() always allocates new block - ext4: fix use-after-free in ext4_xattr_set_entry - ext4: update s_overhead_clusters in the superblock during an on-line resize - ext4: fix extent status tree race in writeback error recovery path - ext4: correct max_inline_xattr_value_size computing - ext4: correct the misjudgment in ext4_iget_extra_inode - dm raid: fix address sanitizer warning in raid_resume - dm raid: fix address sanitizer warning in raid_status - KVM: Add infrastructure and macro to mark VM as bugged - [x86] KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC irq (CVE-2022-2153) - [x86] KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast() (CVE-2022-2153) - mac80211: fix a memory leak where sta_info is not freed - tcp: fix over estimation in sk_forced_mem_schedule() - Revert "mwifiex: fix sleep in atomic context bugs caused by dev_coredumpv" - [arm*] drm/vc4: change vc4_dma_range_matches from a global to static - Revert "net: usb: ax88179_178a needs FLAG_SEND_ZLP" - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression - [x86] kvm: x86/pmu: Fix the compare function used by the pmu event filter - [arm64] tee: add overflow check in register_shm_helper() - net/9p: Initialize the iounit field during fid creation - net_sched: cls_route: disallow handle of 0 - sched/fair: Fix fault in reweight_entity - btrfs: only write the sectors in the vertical stripe which has data stripes - btrfs: raid56: don't trust any cached sector in __raid56_parity_recover() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.138 - ALSA: info: Fix llseek return value when using callback - ALSA: hda/realtek: Add quirk for Clevo NS50PU, NS70PU - [x86] mm: Use proper mask when setting PUD mapping - rds: add missing barrier to release_refill - ata: libata-eh: Add missing command name - [arm64] mmc: meson-gx: Fix an error handling path in meson_mmc_probe() - btrfs: fix lost error handling when looking up extended ref on log replay - tracing: Have filter accept "common_cpu" to be consistent - ALSA: usb-audio: More comprehensive mixer map for ASUS ROG Zenith II - can: ems_usb: fix clang's -Wunaligned-access warning - apparmor: fix quiet_denied for file rules - apparmor: fix absroot causing audited secids to begin with = - apparmor: Fix failed mount permission check error message - apparmor: fix aa_label_asxprint return check - apparmor: fix setting unconfined mode on a loaded profile - apparmor: fix overlapping attachment computation - apparmor: fix reference count leak in aa_pivotroot() - apparmor: Fix memleak in aa_simple_write_to_buffer() - Documentation: ACPI: EINJ: Fix obsolete example - NFSv4.1: Don't decrease the value of seq_nr_highest_sent - NFSv4.1: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly - NFSv4: Fix races in the legacy idmapper upcall - NFSv4.1: RECLAIM_COMPLETE must handle EACCES - NFSv4/pnfs: Fix a use-after-free bug in open - bpf: Acquire map uref in .init_seq_private for array map iterator - bpf: Acquire map uref in .init_seq_private for hash map iterator - bpf: Acquire map uref in .init_seq_private for sock local storage map iterator - bpf: Acquire map uref in .init_seq_private for sock{map,hash} iterator - bpf: Check the validity of max_rdwr_access for sock local storage map iterator - can: mcp251x: Fix race condition on receive interrupt - [amd64,arm64] net: atlantic: fix aq_vec index out of range error - sunrpc: fix expiry of auth creds - SUNRPC: Reinitialise the backchannel request buffers before reuse - virtio_net: fix memory leak inside XPD_TX with mergeable - devlink: Fix use-after-free after a failed reload - [arm64] pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed - [arm64,armhf] pinctrl: sunxi: Add I/O bias setting for H6 R-PIO - ACPI: property: Return type of acpi_add_nondev_subnodes() should be bool - geneve: do not use RT_TOS for IPv6 flowlabel - ipv6: do not use RT_TOS for IPv6 flowlabel - [x86] plip: avoid rcu debug splat - vsock: Fix memory leak in vsock_connect() - vsock: Set socket state back to SS_UNCONNECTED in vsock_connect_timeout() - dt-bindings: arm: qcom: fix MSM8916 MTP compatibles - dt-bindings: clock: qcom,gcc-msm8996: add more GCC clock sources - ceph: use correct index when encoding client supported features - ceph: don't leak snap_rwsem in handle_cap_grant - nfp: ethtool: fix the display error of `ethtool -m DEVNAME` - xen/xenbus: fix return type in xenbus_file_read() - atm: idt77252: fix use-after-free bugs caused by tst_timer - geneve: fix TOS inheriting for ipv4 - [arm64] dpaa2-eth: trace the allocated address instead of page struct - iavf: Fix adminq error handling - netfilter: nf_tables: really skip inactive sets when allocating name - netfilter: nf_tables: validate NFTA_SET_ELEM_OBJREF based on NFT_SET_OBJECT flag - netfilter: nf_tables: check NFT_SET_CONCAT flag if field_count is specified - [powerpc*] pci: Fix get_phb_number() locking - [arm64,armhf] spi: meson-spicc: add local pow2 clock ops to preserve rate between messages - [arm64,armhf] net: dsa: mv88e6060: prevent crash on an unused port - [arm64] net: dsa: felix: fix ethtool 256-511 and 512-1023 TX packet counters - net: genl: fix error path memory leak in policy dumping - ice: Ignore EEXIST when setting promisc mode - [arm64,armhf] i2c: imx: Make sure to unregister adapter on remove() - regulator: pca9450: Remove restrictions for regulator-name - i40e: Fix to stop tx_timeout recovery if GLOBR fails - [arm64,armhf] fec: Fix timer capture timing in `fec_ptp_enable_pps()` - [x86] stmmac: intel: Add a missing clk_disable_unprepare() call in intel_eth_pci_remove() - igb: Add lock to avoid data race - kbuild: fix the modules order between drivers and libs - locking/atomic: Make test_and_*_bit() ordered on failure - [x86] ASoC: SOF: intel: move sof_intel_dsp_desc() forward - [arm64] drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors() - audit: log nftables configuration change events once per table - netfilter: nftables: add helper function to set the base sequence number - netfilter: add helper function to set up the nfnetlink header and use it - [armhf] drm/sun4i: dsi: Prevent underflow when computing packet sizes - PCI: Add ACS quirk for Broadcom BCM5750x NICs - [arm64,armhf] platform/chrome: cros_ec_proto: don't show MKBP version if unsupported - usb: gadget: uvc: call uvc uvcg_warn on completed status instead of uvcg_info - [arm64,armhf] irqchip/tegra: Fix overflow implicit truncation warnings - [arm64] drm/meson: Fix overflow implicit truncation warnings - [armhf] clk: ti: Stop using legacy clkctrl names for omap4 and 5 - [arm*] usb: dwc2: gadget: remove D+ pull-up while no vbus with usb-role-switch - [x86] vboxguest: Do not use devm for irq - uacce: Handle parent device removal or parent driver module rmmod - zram: do not lookup algorithm in backends table - [arm64] clk: qcom: clk-alpha-pll: fix clk_trion_pll_configure description - scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input - gadgetfs: ep_io - wait until IRQ finishes - [x86] pinctrl: intel: Check against matching data instead of ACPI companion - [powerpc*] cxl: Fix a memory leak in an error handling path - [arm64] PCI/ACPI: Guard ARM64-specific mcfg_quirks - RDMA/rxe: Limit the number of calls to each tasklet - md: Notify sysfs sync_completed in md_reap_sync_thread() - nvmet-tcp: fix lockdep complaint on nvmet_tcp_wq flush during queue teardown - drivers:md:fix a potential use-after-free bug - ext4: avoid remove directory when directory is corrupted - ext4: avoid resizing to a partial cluster size - lib/list_debug.c: Detect uninitialized lists - vfio: Clear the caps->buf to NULL after free - [mips64el,mipsel] cavium-octeon: Fix missing of_node_put() in octeon2_usb_clocks_start - modules: Ensure natural alignment for .altinstructions and __bug_table sections - watchdog: export lockup_detector_reconfigure - ALSA: core: Add async signal helpers - ALSA: timer: Use deferred fasync helper - ALSA: control: Use deferred fasync helper - f2fs: fix to avoid use f2fs_bug_on() in f2fs_new_node_page() - f2fs: fix to do sanity check on segment type in build_sit_entries() - smb3: check xattr value length earlier - [powerpc*] 64: Init jump labels before parse_early_param() - netfilter: nftables: fix a warning message in nf_tables_commit_audit_collect() - netfilter: nf_tables: fix audit memory leak in nf_tables_commit - tracing/probes: Have kprobes and uprobes use $COMM too - can: j1939: j1939_sk_queue_activate_next_locked(): replace WARN_ON_ONCE with netdev_warn_once() - can: j1939: j1939_session_destroy(): fix memory leak of skbs - PCI/ERR: Retain status from error notification - qrtr: Convert qrtr_ports from IDR to XArray - bpf: Fix KASAN use-after-free Read in compute_effective_progs - [arm64] tee: fix memory leak in tee_shm_register() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.139 https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.140 - audit: fix potential double free on error path from fsnotify_add_inode_mark - pinctrl: amd: Don't save/restore interrupt status and wake status bits - xfs: prevent a WARN_ONCE() in xfs_ioc_attr_list() - xfs: reject crazy array sizes being fed to XFS_IOC_GETBMAP* - fs: remove __sync_filesystem - vfs: make sync_filesystem return errors from ->sync_fs - xfs: return errors in xfs_fs_sync_fs - xfs: only bother with sync_filesystem during readonly remount - kernel/sched: Remove dl_boosted flag comment - xfrm: fix refcount leak in __xfrm_policy_check() - xfrm: clone missing x->lastused in xfrm_do_migrate - af_key: Do not call xfrm_probe_algs in parallel (CVE-2022-3028) - xfrm: policy: fix metadata dst->dev xmit null pointer dereference - NFS: Don't allocate nfs_fattr on the stack in __nfs42_ssc_open() - NFSv4.2 fix problems with __nfs42_ssc_open - SUNRPC: RPC level errors should set task->tk_rpc_status - mm/huge_memory.c: use helper function migration_entry_to_page() - mm/smaps: don't access young/dirty bit if pte unpresent - rose: check NULL rose_loopback_neigh->loopback - ice: xsk: Force rings to be sized to power of 2 - ice: xsk: prohibit usage of non-balanced queue id - net/mlx5e: Properly disable vlan strip on non-UL reps - bonding: 802.3ad: fix no transmission of LACPDUs - net: ipvtap - add __init/__exit annotations to module init/exit funcs - netfilter: ebtables: reject blobs that don't provide all entry points - bnxt_en: fix NQ resource accounting during vf creation on 57500 chips - netfilter: nft_payload: report ERANGE for too long offset and length - netfilter: nft_payload: do not truncate csum_offset and csum_type - netfilter: nf_tables: do not leave chain stats enabled on error - netfilter: nft_osf: restrict osf to ipv4, ipv6 and inet families - netfilter: nft_tunnel: restrict it to netdev family - netfilter: nftables: remove redundant assignment of variable err - netfilter: nf_tables: consolidate rule verdict trace call - netfilter: nft_cmp: optimize comparison for 16-bytes - netfilter: bitwise: improve error goto labels - netfilter: nf_tables: upfront validation of data via nft_data_init() - netfilter: nf_tables: disallow jump to implicit chain from set element - netfilter: nf_tables: disallow binding to already bound chain (CVE-2022-39190) - tcp: tweak len/truesize ratio for coalesce candidates - net: Fix data-races around sysctl_[rw]mem(_offset)?. - net: Fix data-races around sysctl_[rw]mem_(max|default). - net: Fix data-races around weight_p and dev_weight_[rt]x_bias. - net: Fix data-races around netdev_max_backlog. - net: Fix data-races around netdev_tstamp_prequeue. - ratelimit: Fix data-races in ___ratelimit(). - bpf: Folding omem_charge() into sk_storage_charge() - net: Fix data-races around sysctl_optmem_max. - net: Fix a data-race around sysctl_tstamp_allow_data. - net: Fix a data-race around sysctl_net_busy_poll. - net: Fix a data-race around sysctl_net_busy_read. - net: Fix a data-race around netdev_budget. - net: Fix a data-race around netdev_budget_usecs. - net: Fix data-races around sysctl_fb_tunnels_only_for_init_net. - net: Fix data-races around sysctl_devconf_inherit_init_net. - net: Fix a data-race around sysctl_somaxconn. - ixgbe: stop resetting SYSTIME in ixgbe_ptp_start_cyclecounter - rxrpc: Fix locking in rxrpc's sendmsg - btrfs: fix silent failure when deleting root reference - btrfs: replace: drop assert for suspended replace - btrfs: add info when mount fails due to stale replace target - btrfs: check if root is readonly while setting security xattr - [x86] perf/x86/lbr: Enable the branch type for the Arch LBR by default - [amd64] x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry - [x86] bugs: Add "unknown" reporting for MMIO Stale Data - loop: Check for overflow while configuring loop - asm-generic: sections: refactor memory_intersects - [s390x] fix double free of GS and RI CBs on fork() failure - [x86] ACPI: processor: Remove freq Qos request for all CPUs - xen/privcmd: fix error exit of privcmd_ioctl_dm_op() - mm/hugetlb: fix hugetlb not supporting softdirty tracking - Revert "md-raid: destroy the bitmap after destroying the thread" - md: call __md_stop_writes in md_stop - [arm64] Fix match_list for erratum 1286807 on Arm Cortex-A76 - Documentation/ABI: Mention retbleed vulnerability info file for sysfs - blk-mq: fix io hung due to missing commit_rqs - [x86] perf/x86/intel/uncore: Fix broken read_counter() for SNB IMC PMU - [x86] scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq - bpf: Don't use tnum_range on array range checking for poke descriptors (CVE-2022-2905) . [ Salvatore Bonaccorso ] * Bump ABI to 18 * certs: Rotate to use the "Debian Secure Boot Signer 2022 - linux" certificate (Closes: #1018752) * [x86] nospec: Unwreck the RSB stuffing * [x86] nospec: Fix i386 RSB stuffing (Closes: #1017425) * mm: Force TLB flush for PFNMAP mappings before unlink_file_vma() (CVE-2022-39188) * Revert "PCI/portdrv: Don't disable AER reporting in get_port_device_capability()" * bpf: Don't redirect packets with invalid pkt_len * mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse * net/af_packet: check len when min_header_len equals to 0 linux-signed-i386 (5.10.136+1) bullseye-security; urgency=high . * Sign kernel from linux 5.10.136-1 . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.128 - MAINTAINERS: add Amir as xfs maintainer for 5.10.y - drm: remove drm_fb_helper_modinit - tick/nohz: unexport __init-annotated tick_nohz_full_setup() - bcache: memset on stack variables in bch_btree_check() and bch_sectors_dirty_init() - xfs: use kmem_cache_free() for kmem_cache objects - xfs: punch out data fork delalloc blocks on COW writeback failure - xfs: Fix the free logic of state in xfs_attr_node_hasname - xfs: remove all COW fork extents when remounting readonly - xfs: check sb_meta_uuid for dabuf buffer recovery - [powerpc*] ftrace: Remove ftrace init tramp once kernel init is complete - [arm64] net: mscc: ocelot: allow unregistered IP multicast flooding https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.129 - drm/amdgpu: To flush tlb for MMHUB of RAVEN series - ipv6: take care of disable_policy when restoring routes - nvme-pci: add NVME_QUIRK_BOGUS_NID for ADATA XPG SX6000LNP (AKA SPECTRIX S40G) - nvdimm: Fix badblocks clear off-by-one error - [powerpc*] bpf: Fix use of user_pt_regs in uapi - dm raid: fix accesses beyond end of raid member array - [s390x] archrandom: simplify back to earlier design and initialize earlier - SUNRPC: Fix READ_PLUS crasher (Closes: #1014793) - net: usb: ax88179_178a: Fix packet receiving - virtio-net: fix race between ndo_open() and virtio_device_ready() - [armhf] net: dsa: bcm_sf2: force pause link settings - net: tun: unlink NAPI from device on destruction - net: tun: stop NAPI when detaching queues - net: dp83822: disable false carrier interrupt - net: dp83822: disable rx error interrupt - RDMA/qedr: Fix reporting QP timeout attribute - RDMA/cm: Fix memory leak in ib_cm_insert_listen - linux/dim: Fix divide by 0 in RDMA DIM - usbnet: fix memory allocation in helpers - net: ipv6: unexport __init-annotated seg6_hmac_net_init() - NFSD: restore EINVAL error translation in nfsd_commit() - netfilter: nft_dynset: restore set element counter when failing to update - net/sched: act_api: Notify user space if any actions were flushed before error - net: bonding: fix possible NULL deref in rlb code - net: bonding: fix use-after-free after 802.3ad slave unbind - tipc: move bc link creation back to tipc_node_create - epic100: fix use after free on rmmod - io_uring: ensure that send/sendmsg and recv/recvmsg check sqe->ioprio - tunnels: do not assume mac header is set in skb_tunnel_check_pmtu() - net: tun: avoid disabling NAPI twice - xfs: use current->journal_info for detecting transaction recursion - xfs: rename variable mp to parsing_mp - xfs: Skip repetitive warnings about mount options - xfs: ensure xfs_errortag_random_default matches XFS_ERRTAG_MAX - xfs: fix xfs_trans slab cache name - xfs: update superblock counters correctly for !lazysbcount - xfs: fix xfs_reflink_unshare usage of filemap_write_and_wait_range - tcp: add a missing nf_reset_ct() in 3WHS handling - xen/gntdev: Avoid blocking in unmap_grant_pages() - [arm64] drivers: cpufreq: Add missing of_node_put() in qoriq-cpufreq.c - sit: use min - ipv6/sit: fix ipip6_tunnel_get_prl return value - hwmon: (ibmaem) don't call platform_device_del() if platform_device_add() fails - net: usb: qmi_wwan: add Telit 0x1060 composition - net: usb: qmi_wwan: add Telit 0x1070 composition https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.130 - mm/slub: add missing TID updates on slab deactivation - ALSA: hda/realtek: Add quirk for Clevo L140PU - can: bcm: use call_rcu() instead of costly synchronize_rcu() - can: gs_usb: gs_usb_open/close(): fix memory leak - bpf: Fix incorrect verifier simulation around jmp32's jeq/jne - bpf: Fix insufficient bounds propagation from adjust_scalar_min_max_vals - usbnet: fix memory leak in error case - netfilter: nft_set_pipapo: release elements in clone from abort path - [amd64] iommu/vt-d: Fix PCI bus rescan device hot add - PM: runtime: Redefine pm_runtime_release_supplier() - memregion: Fix memregion_free() fallback definition - video: of_display_timing.h: include errno.h - [powerpc*] powernv: delay rng platform device creation until later in boot - can: kvaser_usb: replace run-time checks with struct kvaser_usb_driver_info - can: kvaser_usb: kvaser_usb_leaf: fix CAN clock frequency regression - can: kvaser_usb: kvaser_usb_leaf: fix bittiming limits - xfs: remove incorrect ASSERT in xfs_rename - [armhf] meson: Fix refcount leak in meson_smp_prepare_cpus - [armhf] pinctrl: sunxi: a83t: Fix NAND function name for some pins - [arm64] dts: imx8mp-evk: correct mmc pad settings - [arm64] dts: imx8mp-evk: correct the uart2 pinctl value - [arm64] dts: imx8mp-evk: correct gpio-led pad settings - [arm64] dts: imx8mp-evk: correct I2C3 pad settings - [arm64,armhf] pinctrl: sunxi: sunxi_pconf_set: use correct offset - [arm64] dts: qcom: msm8992-*: Fix vdd_lvs1_2-supply typo - xsk: Clear page contiguity bit when unmapping pool - i40e: Fix dropped jumbo frames statistics - r8169: fix accessing unset transport header - [armhf] dmaengine: imx-sdma: Allow imx8m for imx7 FW revs - misc: rtsx_usb: fix use of dma mapped buffer for usb bulk transfer - misc: rtsx_usb: use separate command and response buffers - misc: rtsx_usb: set return value in rsp_buf alloc err path - dt-bindings: dma: allwinner,sun50i-a64-dma: Fix min/max typo - ida: don't use BUG_ON() for debugging - [arm64,armhf] dmaengine: pl330: Fix lockdep warning about non-static key - [armhf] dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate - [armhf] dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.131 - [armhf] Revert "mtd: rawnand: gpmi: Fix setting busy timeout setting" https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.132 - [x86] ALSA: hda - Add fixup for Dell Latitidue E5430 - [x86] ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model - [x86] ALSA: hda/realtek: Fix headset mic for Acer SF313-51 - [x86] ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671 - [x86] ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc221 - [x86] ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop - xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue - fix race between exit_itimers() and /proc/pid/timers - mm: split huge PUD on wp_huge_pud fallback - tracing/histograms: Fix memory leak problem - net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale pointer - ip: fix dflt addr selection for connected nexthop - [armhf] 9213/1: Print message about disabled Spectre workarounds only once - [armel,armhf] 9214/1: alignment: advance IT state after emulating Thumb instruction - wifi: mac80211: fix queue selection for mesh/OCB interfaces - cgroup: Use separate src/dst nodes when preloading css_sets for migration - btrfs: return -EAGAIN for NOWAIT dio reads/writes on compressed and inline extents - [arm64,armhf] drm/panfrost: Put mapping instead of shmem obj on panfrost_mmu_map_fault_addr() error - [arm64,armhf] drm/panfrost: Fix shrinker list corruption by madvise IOCTL - fs/remap: constrain dedupe of EOF blocks - nilfs2: fix incorrect masking of permission flags for symlinks - sh: convert nommu io{re,un}map() to static inline functions - Revert "evm: Fix memleak in init_desc" - ext4: fix race condition between ext4_write and ext4_convert_inline_data - [armhf] dts: imx6qdl-ts7970: Fix ngpio typo and count - [armhf] 9209/1: Spectre-BHB: avoid pr_info() every time a CPU comes out of idle - [armel,armhf] 9210/1: Mark the FDT_FIXED sections as shareable - net/mlx5e: Fix capability check for updating vnic env counters - [x86] drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector() - ima: Fix a potential integer overflow in ima_appraise_measurement - [arm64,armhf] ASoC: sgtl5000: Fix noise on shutdown/remove - [x86] ASoC: Intel: Skylake: Correct the ssp rate discovery in skl_get_ssp_clks() - [x86] ASoC: Intel: Skylake: Correct the handling of fmt_config flexible array - sysctl: Fix data races in proc_dointvec(). - sysctl: Fix data races in proc_douintvec(). - sysctl: Fix data races in proc_dointvec_minmax(). - sysctl: Fix data races in proc_douintvec_minmax(). - sysctl: Fix data races in proc_doulongvec_minmax(). - sysctl: Fix data races in proc_dointvec_jiffies(). - tcp: Fix a data-race around sysctl_tcp_max_orphans. - inetpeer: Fix data-races around sysctl. - net: Fix data-races around sysctl_mem. - cipso: Fix data-races around sysctl. - icmp: Fix data-races around sysctl. - ipv4: Fix a data-race around sysctl_fib_sync_mem. - [armhf] dts: sunxi: Fix SPI NOR campatible on Orange Pi Zero - [x86] drm/i915/gt: Serialize TLB invalidates with GT resets - sysctl: Fix data-races in proc_dointvec_ms_jiffies(). - icmp: Fix a data-race around sysctl_icmp_ratelimit. - icmp: Fix a data-race around sysctl_icmp_ratemask. - raw: Fix a data-race around sysctl_raw_l3mdev_accept. - ipv4: Fix data-races around sysctl_ip_dynaddr. - nexthop: Fix data-races around nexthop_compat_mode. - [armhf] net: ftgmac100: Hold reference returned by of_get_child_by_name() - ima: force signature verification when CONFIG_KEXEC_SIG is configured - ima: Fix potential memory leak in ima_init_crypto() - sfc: fix use after free when disabling sriov - seg6: fix skb checksum evaluation in SRH encapsulation/insertion - seg6: fix skb checksum in SRv6 End.B6 and End.B6.Encaps behaviors - seg6: bpf: fix skb checksum in bpf_push_seg6_encap() - sfc: fix kernel panic when creating VF - net: atlantic: remove deep parameter on suspend/resume functions - net: atlantic: remove aq_nic_deinit() when resume - [x86] KVM: x86: Fully initialize 'struct kvm_lapic_irq' in kvm_pv_kick_cpu_op() - net/tls: Check for errors in tls_device_init - mm: sysctl: fix missing numa_stat when !CONFIG_HUGETLB_PAGE - virtio_mmio: Add missing PM calls to freeze/restore - virtio_mmio: Restore guest page size on resume - netfilter: br_netfilter: do not skip all hooks with 0 priority - [arm64] scsi: hisi_sas: Limit max hw sectors for v3 HW - [powerpc*] cpufreq: pmac32-cpufreq: Fix refcount leak bug - [x86] platform/x86: hp-wmi: Ignore Sanitization Mode event - net: tipc: fix possible refcount leak in tipc_sk_create() - nvme-tcp: always fail a request when sending it failed - nvme: fix regression when disconnect a recovering ctrl - net: sfp: fix memory leak in sfp_probe() - ASoC: ops: Fix off by one in range control validation - [armhf] pinctrl: aspeed: Fix potential NULL dereference in aspeed_pinmux_set_mux() - [x86] ASoC: SOF: Intel: hda-loader: Clarify the cl_dsp_init() flow - ASoC: dapm: Initialise kcontrol data for mux/demux controls - [amd64] Clear .brk area at early boot - [armhf] dts: stm32: use the correct clock source for CEC on stm32mp151 - Revert "can: xilinx_can: Limit CANFD brp to 2" - nvme-pci: phison e16 has bogus namespace ids - signal handling: don't use BUG_ON() for debugging - USB: serial: ftdi_sio: add Belimo device ids - usb: typec: add missing uevent when partner support PD - [arm64,armhf] usb: dwc3: gadget: Fix event pending check - [armhf] tty: serial: samsung_tty: set dma burst_size to 1 - vt: fix memory overlapping when deleting chars in the buffer - serial: 8250: fix return error code in serial8250_request_std_resource() - [armhf] serial: stm32: Clear prev values before setting RTS delays - [arm*] serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle - serial: 8250: Fix PM usage_count for console handover - [x86] pat: Fix x86_has_pat_wp() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.133 - [amd64] Preparation for mitigating RETbleed: + KVM/VMX: Use TEST %REG,%REG instead of CMP $0,%REG in vmenter.S + KVM/nVMX: Use __vmx_vcpu_run in nested_vmx_check_vmentry_hw + objtool: Refactor ORC section generation + objtool: Add 'alt_group' struct + objtool: Support stack layout changes in alternatives + objtool: Support retpoline jump detection for vmlinux.o + objtool: Assume only ELF functions do sibling calls + objtool: Combine UNWIND_HINT_RET_OFFSET and UNWIND_HINT_FUNC + x86/xen: Support objtool validation in xen-asm.S + x86/xen: Support objtool vmlinux.o validation in xen-head.S + x86/alternative: Merge include files + x86/alternative: Support not-feature + x86/alternative: Support ALTERNATIVE_TERNARY + x86/alternative: Use ALTERNATIVE_TERNARY() in _static_cpu_has() + x86/insn: Rename insn_decode() to insn_decode_from_regs() + x86/insn: Add a __ignore_sync_check__ marker + x86/insn: Add an insn_decode() API + x86/insn-eval: Handle return values from the decoder + x86/alternative: Use insn_decode() + x86: Add insn_decode_kernel() + x86/alternatives: Optimize optimize_nops() + x86/retpoline: Simplify retpolines + objtool: Correctly handle retpoline thunk calls + objtool: Handle per arch retpoline naming + objtool: Rework the elf_rebuild_reloc_section() logic + objtool: Add elf_create_reloc() helper + objtool: Create reloc sections implicitly + objtool: Extract elf_strtab_concat() + objtool: Extract elf_symbol_add() + objtool: Add elf_create_undef_symbol() + objtool: Keep track of retpoline call sites + objtool: Cache instruction relocs + objtool: Skip magical retpoline .altinstr_replacement + objtool/x86: Rewrite retpoline thunk calls + objtool: Support asm jump tables + x86/alternative: Optimize single-byte NOPs at an arbitrary position + objtool: Fix .symtab_shndx handling for elf_create_undef_symbol() + objtool: Only rewrite unconditional retpoline thunk calls + objtool/x86: Ignore __x86_indirect_alt_* symbols + objtool: Don't make .altinstructions writable + objtool: Teach get_alt_entry() about more relocation types + objtool: print out the symbol type when complaining about it + objtool: Remove reloc symbol type checks in get_alt_entry() + objtool: Make .altinstructions section entry size consistent + objtool: Introduce CFI hash + objtool: Handle __sanitize_cov*() tail calls + objtool: Classify symbols + objtool: Explicitly avoid self modifying code in .altinstr_replacement + objtool,x86: Replace alternatives with .retpoline_sites + x86/retpoline: Remove unused replacement symbols + x86/asm: Fix register order + x86/asm: Fixup odd GEN-for-each-reg.h usage + x86/retpoline: Move the retpoline thunk declarations to nospec-branch.h + x86/retpoline: Create a retpoline thunk array + x86/alternative: Implement .retpoline_sites support + x86/alternative: Handle Jcc __x86_indirect_thunk_\reg + x86/alternative: Try inline spectre_v2=retpoline,amd + x86/alternative: Add debug prints to apply_retpolines() + bpf,x86: Simplify computing label offsets + bpf,x86: Respect X86_FEATURE_RETPOLINE* + x86/lib/atomic64_386_32: Rename things - [amd64] Mitigate straight-line speculation: + x86: Prepare asm files for straight-line-speculation + x86: Prepare inline-asm for straight-line-speculation + x86/alternative: Relax text_poke_bp() constraint + objtool: Add straight-line-speculation validation + x86: Add straight-line-speculation mitigation + tools arch: Update arch/x86/lib/mem{cpy,set}_64.S copies used in 'perf bench mem memcpy' + kvm/emulate: Fix SETcc emulation function offsets with SLS + objtool: Default ignore INT3 for unreachable + crypto: x86/poly1305 - Fixup SLS + objtool: Fix SLS validation for kcov tail-call replacement - objtool: Fix code relocs vs weak symbols - objtool: Fix type of reloc::addend - objtool: Fix symbol creation - x86/entry: Remove skip_r11rcx - objtool: Fix objtool regression on x32 systems - x86/realmode: build with -D__DISABLE_EXPORTS - [amd64] Add mitigations for RETbleed on AMD/Hygon (CVE-2022-29900) and Intel (CVE-2022-29901) processors: + x86/kvm/vmx: Make noinstr clean + x86/cpufeatures: Move RETPOLINE flags to word 11 + x86/retpoline: Cleanup some #ifdefery + x86/retpoline: Swizzle retpoline thunk + Makefile: Set retpoline cflags based on CONFIG_CC_IS_{CLANG,GCC} + x86/retpoline: Use -mfunction-return + x86: Undo return-thunk damage + x86,objtool: Create .return_sites + objtool: skip non-text sections when adding return-thunk sites + x86,static_call: Use alternative RET encoding + x86/ftrace: Use alternative RET encoding + x86/bpf: Use alternative RET encoding + x86/kvm: Fix SETcc emulation for return thunks + x86/vsyscall_emu/64: Don't use RET in vsyscall emulation + x86/sev: Avoid using __x86_return_thunk + x86: Use return-thunk in asm code + objtool: Treat .text.__x86.* as noinstr + x86: Add magic AMD return-thunk + x86/bugs: Report AMD retbleed vulnerability + x86/bugs: Add AMD retbleed= boot parameter + x86/bugs: Enable STIBP for JMP2RET + x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value + x86/entry: Add kernel IBRS implementation + x86/bugs: Optimize SPEC_CTRL MSR writes + x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS + x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation() + x86/bugs: Report Intel retbleed vulnerability + intel_idle: Disable IBRS during long idle + objtool: Update Retpoline validation + x86/xen: Rename SYS* entry points + x86/bugs: Add retbleed=ibpb + x86/bugs: Do IBPB fallback check only once + objtool: Add entry UNRET validation + x86/cpu/amd: Add Spectral Chicken + x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n + x86/speculation: Fix firmware entry SPEC_CTRL handling + x86/speculation: Fix SPEC_CTRL write on SMT state change + x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit + x86/speculation: Remove x86_spec_ctrl_mask + objtool: Re-add UNWIND_HINT_{SAVE_RESTORE} + KVM: VMX: Flatten __vmx_vcpu_run() + KVM: VMX: Convert launched argument to flags + KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS + KVM: VMX: Fix IBRS handling after vmexit + x86/speculation: Fill RSB on vmexit for IBRS + x86/common: Stamp out the stepping madness + x86/cpu/amd: Enumerate BTC_NO + x86/retbleed: Add fine grained Kconfig knobs + x86/bugs: Add Cannon lake to RETBleed affected CPU list + x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported + x86/kexec: Disable RET on kexec + x86/speculation: Disable RRSBA behavior - x86/static_call: Serialize __static_call_fixup() properly - tools/insn: Restore the relative include paths for cross building - x86, kvm: use proper ASM macros for kvm_vcpu_is_preempted - x86/xen: Fix initialisation in hypercall_page after rethunk - x86/ftrace: Add UNWIND_HINT_FUNC annotation for ftrace_stub - x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit - x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current - efi/x86: use naked RET on mixed mode call wrapper - x86/kvm: fix FASTOP_SIZE when return thunks are enabled - KVM: emulate: do not adjust size of fastop and setcc subroutines - tools arch x86: Sync the msr-index.h copy with the kernel sources - tools headers cpufeatures: Sync with the kernel sources - x86/bugs: Remove apostrophe typo - um: Add missing apply_returns() - x86: Use -mindirect-branch-cs-prefix for RETPOLINE builds - kvm: fix objtool relocation warning - objtool: Fix elf_create_undef_symbol() endianness - tools arch: Update arch/x86/lib/mem{cpy,set}_64.S copies used in 'perf bench mem memcpy' - again - tools headers: Remove broken definition of __LITTLE_ENDIAN https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.134 - [armhf] pinctrl: stm32: fix optional IRQ support to gpios - lockdown: Fix kexec lockdown bypass with ima policy (CVE-2022-21505) - io_uring: Use original task for req identity in io_identity_cow() - xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE - docs: net: explain struct net_device lifetime - net: make free_netdev() more lenient with unregistering devices - net: make sure devices go through netdev_wait_all_refs - net: move net_set_todo inside rollback_registered() - net: inline rollback_registered() - net: move rollback_registered_many() - net: inline rollback_registered_many() - [amd64] PCI: hv: Fix multi-MSI to allow more than one MSI vector - [amd64] PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI - [amd64] PCI: hv: Reuse existing IRTE allocation in compose_msi_msg() - [amd64] PCI: hv: Fix interrupt mapping for multi-MSI - [arm64] serial: mvebu-uart: correctly report configured baudrate value - xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in xfrm_bundle_lookup() (CVE-2022-36879) - perf/core: Fix data race between perf_event_set_output() and perf_mmap_close() - drm/amdgpu/display: add quirk handling for stutter mode - igc: Reinstate IGC_REMOVED logic and implement it properly - ip: Fix data-races around sysctl_ip_no_pmtu_disc. - ip: Fix data-races around sysctl_ip_fwd_use_pmtu. - ip: Fix data-races around sysctl_ip_fwd_update_priority. - ip: Fix data-races around sysctl_ip_nonlocal_bind. - ip: Fix a data-race around sysctl_ip_autobind_reuse. - ip: Fix a data-race around sysctl_fwmark_reflect. - tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept. - tcp: Fix data-races around sysctl_tcp_mtu_probing. - tcp: Fix data-races around sysctl_tcp_base_mss. - tcp: Fix data-races around sysctl_tcp_min_snd_mss. - tcp: Fix a data-race around sysctl_tcp_mtu_probe_floor. - tcp: Fix a data-race around sysctl_tcp_probe_threshold. - tcp: Fix a data-race around sysctl_tcp_probe_interval. - net: stmmac: fix unbalanced ptp clock issue in suspend/resume flow - net: stmmac: fix dma queue left shift overflow issue - igmp: Fix data-races around sysctl_igmp_llm_reports. - igmp: Fix a data-race around sysctl_igmp_max_memberships. - igmp: Fix data-races around sysctl_igmp_max_msf. - tcp: Fix data-races around keepalive sysctl knobs. - tcp: Fix data-races around sysctl_tcp_syncookies. - tcp: Fix data-races around sysctl_tcp_reordering. - tcp: Fix data-races around some timeout sysctl knobs. - tcp: Fix a data-race around sysctl_tcp_notsent_lowat. - tcp: Fix a data-race around sysctl_tcp_tw_reuse. - tcp: Fix data-races around sysctl_max_syn_backlog. - tcp: Fix data-races around sysctl_tcp_fastopen. - tcp: Fix data-races around sysctl_tcp_fastopen_blackhole_timeout. - iavf: Fix handling of dummy receive descriptors - i40e: Fix erroneous adapter reinitialization during recovery process - ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero - [arm64,armhf] gpio: pca953x: only use single read/write for No AI mode - [arm64,armhf] gpio: pca953x: use the correct range when do regmap sync - [arm64,armhf] gpio: pca953x: use the correct register address when regcache sync during init - be2net: Fix buffer overflow in be_get_module_eeprom - ipv4: Fix a data-race around sysctl_fib_multipath_use_neigh. - ip: Fix data-races around sysctl_ip_prot_sock. - udp: Fix a data-race around sysctl_udp_l3mdev_accept. - tcp: Fix data-races around sysctl knobs related to SYN option. - tcp: Fix a data-race around sysctl_tcp_early_retrans. - tcp: Fix data-races around sysctl_tcp_recovery. - tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts. - tcp: Fix data-races around sysctl_tcp_slow_start_after_idle. - tcp: Fix a data-race around sysctl_tcp_retrans_collapse. - tcp: Fix a data-race around sysctl_tcp_stdurg. - tcp: Fix a data-race around sysctl_tcp_rfc1337. - tcp: Fix data-races around sysctl_tcp_max_reordering. - [arm*] spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for non DMA transfers - KVM: Don't null dereference ops->destroy - mm/mempolicy: fix uninit-value in mpol_rebind_policy() - bpf: Make sure mac_header was set before using it - sched/deadline: Fix BUG_ON condition for deboosted tasks - [x86] bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts - dlm: fix pending remove if msg allocation fails - bitfield.h: Fix "type of reg too small for mask" test - ALSA: memalloc: Align buffer allocations in page size - Bluetooth: Add bt_skb_sendmsg helper - Bluetooth: Add bt_skb_sendmmsg helper - Bluetooth: SCO: Replace use of memcpy_from_msg with bt_skb_sendmsg - Bluetooth: RFCOMM: Replace use of memcpy_from_msg with bt_skb_sendmmsg - Bluetooth: Fix passing NULL to PTR_ERR - Bluetooth: SCO: Fix sco_send_frame returning skb->len - Bluetooth: Fix bt_skb_sendmmsg not allocating partial chunks - [x86] amd: Use IBPB for firmware calls - [x86] alternative: Report missing return thunk details - watchqueue: make sure to serialize 'wqueue->defunct' properly - tty: drivers/tty/, stop using tty_schedule_flip() - tty: the rest, stop using tty_schedule_flip() - tty: drop tty_schedule_flip() - tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push() - tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - net: usb: ax88179_178a needs FLAG_SEND_ZLP - watch-queue: remove spurious double semicolon https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.135 - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put - Revert "ocfs2: mount shared volume without ha stack" - [s390x] archrandom: prevent CPACF trng invocations in interrupt context - watch_queue: Fix missing rcu annotation - watch_queue: Fix missing locking in add_watch_to_object() - tcp: Fix data-races around sysctl_tcp_dsack. - tcp: Fix a data-race around sysctl_tcp_app_win. - tcp: Fix a data-race around sysctl_tcp_adv_win_scale. - tcp: Fix a data-race around sysctl_tcp_frto. - tcp: Fix a data-race around sysctl_tcp_nometrics_save. - tcp: Fix data-races around sysctl_tcp_no_ssthresh_metrics_save. - ice: check (DD | EOF) bits on Rx descriptor rather than (EOP | RS) - ice: do not setup vlan for loopback VSI - Revert "tcp: change pingpong threshold to 3" - tcp: Fix data-races around sysctl_tcp_moderate_rcvbuf. - tcp: Fix a data-race around sysctl_tcp_limit_output_bytes. - tcp: Fix a data-race around sysctl_tcp_challenge_ack_limit. - net: ping6: Fix memleak in ipv6_renew_options(). - ipv6/addrconf: fix a null-ptr-deref bug for ip6_ptr - igmp: Fix data-races around sysctl_igmp_qrv. - net: sungem_phy: Add of_node_put() for reference returned by of_get_parent() - tcp: Fix a data-race around sysctl_tcp_min_tso_segs. - tcp: Fix a data-race around sysctl_tcp_min_rtt_wlen. - tcp: Fix a data-race around sysctl_tcp_autocorking. - tcp: Fix a data-race around sysctl_tcp_invalid_ratelimit. - Documentation: fix sctp_wmem in ip-sysctl.rst - macsec: fix NULL deref in macsec_add_rxsa - macsec: fix error message in macsec_add_rxsa and _txsa - macsec: limit replay window size with XPN - macsec: always read MACSEC_SA_ATTR_PN as a u64 - net: macsec: fix potential resource leak in macsec_add_rxsa() and macsec_add_txsa() - tcp: Fix a data-race around sysctl_tcp_comp_sack_delay_ns. - tcp: Fix a data-race around sysctl_tcp_comp_sack_slack_ns. - tcp: Fix a data-race around sysctl_tcp_comp_sack_nr. - tcp: Fix data-races around sysctl_tcp_reflect_tos. - i40e: Fix interface init with MSI interrupts (no MSI-X) - sctp: fix sleep in atomic context bug in timer handlers - netfilter: nf_queue: do not allow packet truncation below transport header offset (CVE-2022-36946) - virtio-net: fix the race between refill work and close - sfc: disable softirqs for ptp TX - sctp: leave the err path free in sctp_stream_init to sctp_stream_free - page_alloc: fix invalid watermark check on a negative value - mt7601u: add USB device ID for some versions of XiaoDu WiFi Dongle. - [arm*] 9216/1: Fix MAX_DMA_ADDRESS overflow - docs/kernel-parameters: Update descriptions for "mitigations=" param with retbleed - xfs: refactor xfs_file_fsync - xfs: xfs_log_force_lsn isn't passed a LSN - xfs: prevent UAF in xfs_log_item_in_current_chkpt - xfs: fix log intent recovery ENOSPC shutdowns when inactivating inodes - xfs: force the log offline when log intent item recovery fails - xfs: hold buffer across unpin and potential shutdown processing - xfs: remove dead stale buf unpin handling code - xfs: logging the on disk inode LSN can make it go backwards - xfs: Enforce attr3 buffer recovery order - [x86] bugs: Do not enable IBPB at firmware entry when IBPB is not available - bpf: Consolidate shared test timing code - bpf: Add PROG_TEST_RUN support for sk_lookup programs https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.136 - [x86] speculation: Make all RETbleed mitigations 64-bit only - ath9k_htc: fix NULL pointer dereference at ath9k_htc_rxep() - ath9k_htc: fix NULL pointer dereference at ath9k_htc_tx_get_packet() - tun: avoid double free in tun_free_netdev - [x86] ACPI: video: Force backlight native for some TongFang devices - [x86] ACPI: video: Shortening quirk list by identifying Clevo by board_name only - ACPI: APEI: Better fix to avoid spamming the console with old error logs - [arm64] crypto: arm64/poly1305 - fix a read out-of-bound - Bluetooth: hci_bcm: Add BCM4349B1 variant - Bluetooth: hci_bcm: Add DT compatible for CYW55572 - Bluetooth: btusb: Add support of IMC Networks PID 0x3568 - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04CA:0x4007 - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04C5:0x1675 - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0CB8:0xC558 - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3587 - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3586 - [x86] Add mitigations for Post-Barrier Return Stack Buffer Prediction (PBRSB) issue (CVE-2022-26373): + x86/speculation: Add RSB VM Exit protections + x86/speculation: Add LFENCE to RSB fill sequence . [ Salvatore Bonaccorso ] * Bump ABI to 17 * [rt] Update to 5.10.131-rt72 * posix-cpu-timers: Cleanup CPU timers before freeing them during exec (CVE-2022-2585) * netfilter: nf_tables: do not allow SET_ID to refer to another table (CVE-2022-2586) * netfilter: nf_tables: do not allow CHAIN_ID to refer to another table * netfilter: nf_tables: do not allow RULE_ID to refer to another chain * net_sched: cls_route: remove from list when handle is 0 (CVE-2022-2588) linux-signed-i386 (5.10.127+2) bullseye-security; urgency=high . * Sign kernel from linux 5.10.127-2 . * [amd64,arm64,armhf] wireguard: Clear keys after suspend despite CONFIG_ANDROID=y * netfilter: nf_tables: stricter validation of element data (CVE-2022-34918) * net: rose: fix UAF bugs caused by timer handler (CVE-2022-2318) * net: rose: fix UAF bug caused by rose_t0timer_expiry * xen/{blk,net}front: fix leaking data in shared pages (CVE-2022-26365, CVE-2022-33740) * xen/{blk,net}front: force data bouncing when backend is untrusted (CVE-2022-33741, CVE-2022-33742) * xen-netfront: restore __skb_queue_tail() positioning in xennet_get_responses() (CVE-2022-33743) * [arm64,armhf] xen/arm: Fix race in RB-tree based P2M accounting (CVE-2022-33744) * fbdev: fbmem: Fix logo center image dx issue * fbdev: Fix potential out-of-bounds writes (CVE-2021-33655): - fbmem: Check virtual screen sizes in fb_set_var() - fbcon: Disallow setting font bigger than screen size - fbcon: Prevent that screen size is smaller than font size linux-signed-i386 (5.10.127+2~bpo10+1) buster-backports; urgency=high . * Sign kernel from linux 5.10.127-2~bpo10+1 . * Rebuild for buster-backports: - Change ABI number to 0.deb10.16 llvm-toolchain-13 (1:13.0.1-6~deb11u1) bullseye; urgency=medium . * Non-maintainer upload. * Backport to bullseye. llvm-toolchain-13 (1:13.0.1-6~deb10u4) buster; urgency=medium . * Disable libunwind on mips. llvm-toolchain-13 (1:13.0.1-6~deb10u3) buster; urgency=medium . * Disable lldb on mips. llvm-toolchain-13 (1:13.0.1-6~deb10u2) buster; urgency=medium . * Don't build-dep on llvm-spirv, it's not available in buster and having an alternative doesn't work on the buildds. * Add support for mips in various places. llvm-toolchain-13 (1:13.0.1-6~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Backport to buster. * Don't install libclang grpc proto libs, they are not built in buster. llvm-toolchain-13 (1:13.0.1-5) unstable; urgency=medium . [ John Paul Adrian Glaubitz ] * Enable GRPC build dependency only on supported targets * Exclude lib{Monitoring,RemoteIndex}*Proto.a on m68k and sparc64 . [ Gianfranco Costamagna ] * fix grpc architectures, avoiding to install them where not available * Break/Replaces the Ubuntu library that moved GRPC binaries into the wrong location * newline/tab fix in rules * fix GRPC installation in port architectures * Add patches from Upstream/Ubuntu to: - Backport upstream patches to allow building EFI images for Ubuntu Core for arm64 (LP: #1960300) llvm-toolchain-13 (1:13.0.1-4) unstable; urgency=medium . * Backport D115098 for Rust 1.59 (Closes: #1010150) llvm-toolchain-13 (1:13.0.1-3) unstable; urgency=medium . * Fix a typo in an header (closes: #1005195) . * Also install usr/lib/llvm-@LLVM_VERSION@/lib/libRemoteIndexProto.a usr/lib/llvm-@LLVM_VERSION@/lib/libRemoteIndexServiceProto.a usr/lib/llvm-@LLVM_VERSION@/lib/libMonitoringServiceProto.a in libclang-X.Y-dev (Closes: #1005666) llvm-toolchain-13 (1:13.0.1-2) unstable; urgency=medium . * mlir: use the cmake option to avoid installing object files MLIR_INSTALL_AGGREGATE_OBJECTS Closes upstream #53134 * Build clangd with GRPC support Thanks to Sam McCall for the patch llvm-toolchain-13 (1:13.0.1-1) unstable; urgency=medium . * New stable release llvm-toolchain-13 (1:13.0.1~+rc3-1~exp1) experimental; urgency=medium . [ Samuel Thibault ] * Explicitly link against -latomic on all ports, not only the Linux ones. * Stop hardcoding -DCMAKE_SYSTEM_NAME=Linux as cmake parameter, as it breaks stage2 builds on non-Linux architectures . [ Pino Toscano ] * debian/rules: Disable 64bit runtime build on hurd-i386 (Closes: #1003081). . [ Sylvestre Ledru ] * New rc * Lower the debhelper dep to 10 for debian stretch * Rename ocaml-nox => ocaml-base (Closes: #1002609) * Remove Build-Conflicts: ocaml llvm-toolchain-13 (1:13.0.1~+rc2-1~exp1) experimental; urgency=medium . [ Samuel Thibault ] * Explicitly link against -latomic on all ports, not only the Linux ones. * Stop hardcoding -DCMAKE_SYSTEM_NAME=Linux as cmake parameter, as it breaks stage2 builds on non-Linux architectures . [ Pino Toscano ] * debian/rules: Disable 64bit runtime build on hurd-i386 (Closes: #1003081). . [ Sylvestre Ledru ] * New snapshot release llvm-toolchain-13 (1:13.0.1~+rc1-1~exp4) experimental; urgency=medium . * Fix the cmake file with the mlir introducing llvm-toolchain-13 (1:13.0.1~+rc1-1~exp3) experimental; urgency=medium . * Build and ship MLIR as 3 new packages (libmlir-13-dev, libmlir-13 and mlir-13-toolso * Install bfd plugins in /usr/lib/bfd-plugins/LLVMgold-@LLVM_VERSION@.so llvm-toolchain-13 (1:13.0.1~+rc1-1~exp2) experimental; urgency=medium . * Bring back the dependency clang => llvm-13-linker-tools * Unbreak llvm-toolchain-13 on buster. -fuse-ld=gold wasn't passed to compiler-rt. it was using bfd. And binutils shipping in buster has a bug preventing this to work: https://github.com/llvm/llvm-project/issues/42339 * Remove AVR from LLVM_EXPERIMENTAL_TARGETS_TO_BUILD. stable since 11 https://releases.llvm.org/11.0.0/docs/ReleaseNotes.html#changes-to-the-avr-target * Use the version suffix when calling wasm-ld => wasm-ld-13 https://bugzilla.mozilla.org/show_bug.cgi?id=1747145 * Fix run-clang-tidy symlink. it moved from /usr/lib/llvm-13/share/clang/run-clang-tidy to /usr/lib/llvm-13/bin/run-clang-tidy (Closes: #1001748) * Install LLVMgold in usr/lib/bfd-plugins to help various tools to understand the format (Closes: #919020) llvm-toolchain-13 (1:13.0.1~+rc1-1~exp1) experimental; urgency=medium . * New testing release * Use parallel + -4 for the xz tarballs compression to make it faster * Add manpages for git-clang-format & run-clang-tidy * Add back -DLLVM_VERSION_SUFFIX=. Useless for 13 but necessary for snapshot Otherwise, it adds "git" to the libs llvm-toolchain-13 (1:13.0.0-9) unstable; urgency=medium . * Upload to unstable (all green on exp) * Fix an autopkgtest test (Closes: #997902) llvm-toolchain-13 (1:13.0.0-9~exp2) experimental; urgency=medium . * patch compiler-rt build to add option to disable scudo standalone allocator as it is not always supported by all debian baseline arch profiles * add COMPILER_RT_BUILD_SCUDO_STANDALONE=OFF to armel build in debian/rules since the baseline armv5t arch profile is not supported llvm-toolchain-13 (1:13.0.0-9~exp1) experimental; urgency=medium . * Merge migration to 2stage runtimes build 12 => 13 * Adjust openmp runtime quilt patches from branch 12 for changes in upstream (llvmorg-13.0.0) sources llvm-toolchain-13 (1:13.0.0-8) unstable; urgency=medium . * Disable lldb on mipsel and mips64el as it isn't supported See https://reviews.llvm.org/D102872 (Closes: #997011) llvm-toolchain-13 (1:13.0.0-7) unstable; urgency=medium . * Remove omp-device-info from LLVMExports.cmake (Closes: #996551) For real this time * Fix the link issue (hopefully on all archs) (Closes: #995827) customs LDFLAGS were not passed to the stage2 * Trim trailing whitespace. * Update watch file format version to 4. * Update to compat 11. oldstable has 12 bionic has 11 llvm-toolchain-13 (1:13.0.0-6) unstable; urgency=medium . * Remove omp-device-info from LLVMExports.cmake (Closes: #996551) * Fix a atomic issue. Thanks to YunQiang Su for the patch Partial fix for #995827 * Bring back the llvm manpages (Closes: #995684) Were generated at the wrong place llvm-toolchain-13 (1:13.0.0-5) unstable; urgency=medium . * Restrict the dependency on libunwind-13-dev from Package: libc++-13-dev on amd64 arm64 armhf i386 mips64el ppc64el ppc64 riscv64 (Closes: #996462) llvm-toolchain-13 (1:13.0.0-4) unstable; urgency=medium . * Instead of using llvm-* to install binaries in llvm-X.Y list all the binaries one by one. It will prevent "llvm-omp-device-info" to be installed in llvm-X.Y which caused an explicit dependency on libomp which caused llvm-X.Y to be NOT coinstallable anymore * Move llvm-omp-device-info-X.Y from llvm-X to libompX-dev Fixes upstream #52162 llvm-toolchain-13 (1:13.0.0-3) unstable; urgency=medium . * libc++-13-dev should depends on libunwind-13-dev (Closes: #995810) * Disable a tsan and two lldb tests on i386 llvm-toolchain-13 (1:13.0.0-2) unstable; urgency=medium . * Fix the libclang detection in cmake (Closes: #994827) * Adjust the testsuite after various changes (rpass, libclang, polly lib, etc) llvm-toolchain-13 (1:13.0.0-1) unstable; urgency=medium . * New upstream release llvm-toolchain-13 (1:13.0.0~+rc4-1) unstable; urgency=medium . * New testing release * Ship clang-repl See https://reviews.llvm.org/D106813 * Replace make by ninja for the build process It is now more tested than make by upstream And it is supposed to be faster Removed openmp/bootstrap-with-openmp-version-export-missing.diff as it seems that the ninja move fixed it llvm-toolchain-13 (1:13.0.0~+rc3-1) unstable; urgency=medium . * New testing release * Remove debian/patches/disable-no-omit-leaf.diff as it is fixed upstream llvm-toolchain-13 (1:13.0.0~+rc2-3) unstable; urgency=medium . * compiler-rt scudo, don't add the option -mno-omit-leaf-frame-pointer when building on armel & armhf llvm-toolchain-13 (1:13.0.0~+rc2-2) unstable; urgency=medium . * Build with -DCMAKE_POSITION_INDEPENDENT_CODE=ON to libc++ and libc++abi * The changes from 12.0.1-7 . [ John Paul Adrian Glaubitz ] * Disable libunwind-X.Y{-dev} packages on sparc and sparc64 llvm-toolchain-13 (1:13.0.0~+rc2-1) unstable; urgency=medium . [ John Paul Adrian Glaubitz ] * Disable libunwind on m68k, sparc64 and x32 . [ Gianfranco Costamagna ] * integration-test-suite-test: fix build by using 13 as default version . [ Sylvestre Ledru ] * New testing release llvm-toolchain-13 (1:13.0.0~+rc1-2) unstable; urgency=medium . * clang-soname-extract-version.diff: improve the upstream declaration * Fix the libclang links llvm-toolchain-13 (1:13.0.0~+rc1-1~exp1) unstable; urgency=medium . * New snapshot release llvm-toolchain-13 (1:13~++20210731010128+6eaf46beb462-1~exp1) experimental; urgency=medium . * Branching of snapshot into 13 * Adjust libclang: - upstream decided to make it stable starting from 13, with the soname - for now, I am not planning to rename libclang1-13 to libclang13 as it will cause too much churn for a small gain as we will keep libllvm (while losing the capability to have different versions in parallel installed) lwip (2.1.2+dfsg1-8+deb11u1) bullseye; urgency=high . * Fix CVE-2020-22283 * Fix CVE-2020-22284 * closes: 1014447 mat2 (0.12.1-2+deb11u1) bullseye-security; urgency=high . * debian/patches: - Pull in upstream patch to prevent arbitrary file read via a zip archive and inform the user in case of a path traversal attempt. (CVE-2022-35410) mokutil (0.6.0-2~deb11u1) bullseye; urgency=medium . * Rebuild new upstream for bullseye, to allow for SBAT management + Move to new upstream version 0.6.0. + Drop old patches, no longer needed. + Switch to Arch: any to allow for more architectures. Closes: #987613, #991933. + Clean up old tweaks in debian/rules, no longer needed. + Add build-dep on libkeyutils-dev, new dependency. mokutil (0.6.0-2~deb10u1) buster; urgency=medium . * Rebuild new upstream for buster, to allow for SBAT management + Move to new upstream version 0.6.0. + Drop old patches, no longer needed. + Switch to Arch: any to allow for more architectures. Closes: #987613, #991933. + Clean up old tweaks in debian/rules, no longer needed. + Add build-dep on libkeyutils-dev, new dependency. mokutil (0.6.0-1) unstable; urgency=medium . * Move to new upstream version 0.6.0. + Drop old patches, no longer needed. * Switch to Arch: any to allow for more architectures. Closes: #987613, #991933. * Clean up old tweaks in debian/rules, no longer needed. * Add build-dep on libkeyutils-dev, new dependency. * Bump Standards-Version to 4.6.1, no changes needed. mokutil (0.4.0-1) unstable; urgency=medium . * Take mokutil under the wing of efi-team. Thanks to Simon for his work previously, added him as an uploader * Import the upstream source * Move to new upstream version 0.4.0. Closes: #925223 + Includes manpage fixes. Closes: #930759 * Fix compiler warnings about potential unaligned pointers * Update packaging: + Raise debhelper-compat to 13 + Raise Standards-Version to 4.5.1 + Remove now-redundant build-dep on dh-autoreconf net-snmp (5.9+dfsg-4+deb11u1) bullseye-security; urgency=high . * Backport upstream security patches from v5.9.3 Closes: #1016139 * snmpd_fix_bounds_checking: CVE-2022-24805, CVE-2022-24809 * snmpd_recover_set_status: CVE-2022-24806, CVE-2022-24807, CVE-2022-24808, CVE-2022-24810 node-log4js (6.3.0+~cs8.3.10-1+deb11u1) bullseye; urgency=medium . * Changed default file modes from 0o644 to 0o600 for better security (Closes: CVE-2022-21704) node-moment (2.29.1+ds-2+deb11u2) bullseye; urgency=medium . * Fix ReDoS (Closes: #1014845, CVE-2022-31129) nvidia-graphics-drivers (470.141.03-1~deb11u1) bullseye; urgency=medium . * Rebuild for bullseye. . nvidia-graphics-drivers (470.141.03-1) unstable; urgency=medium . * New upstream production branch release 470.141.03 (2022-08-02). * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016614) https://nvidia.custhelp.com/app/answers/detail/a_id/5383 - Added support for the following GPU: GeForce RTX 3050 OEM. * Improved compatibility with recent Linux kernels. (Closes: #1016736) . [ Andreas Beckmann ] * Replace obsolete pci_*() functions with their dma_*() counterparts in ppc64el specific code paths to fix kernel module build for ppc64el. * Refresh patches. * Update nv-readme.ids. * More generic handling of architectures with gsp firmware. * Drop references to kernel-package and make-kpkg, gone since stretch. * Overhaul build-module-packages.sh. * Add module-assistant based autopkgtest for the *-source package. * Simplify changelog management for the *-source package. * Copy the Source stanza from d/control to the module control file. nvidia-graphics-drivers (470.141.03-1~deb11u1~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. . nvidia-graphics-drivers (470.141.03-1~deb11u1) bullseye; urgency=medium . * Rebuild for bullseye. . nvidia-graphics-drivers (470.141.03-1) unstable; urgency=medium . * New upstream production branch release 470.141.03 (2022-08-02). * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016614) https://nvidia.custhelp.com/app/answers/detail/a_id/5383 - Added support for the following GPU: GeForce RTX 3050 OEM. * Improved compatibility with recent Linux kernels. (Closes: #1016736) . [ Andreas Beckmann ] * Replace obsolete pci_*() functions with their dma_*() counterparts in ppc64el specific code paths to fix kernel module build for ppc64el. * Refresh patches. * Update nv-readme.ids. * More generic handling of architectures with gsp firmware. * Drop references to kernel-package and make-kpkg, gone since stretch. * Overhaul build-module-packages.sh. * Add module-assistant based autopkgtest for the *-source package. * Simplify changelog management for the *-source package. * Copy the Source stanza from d/control to the module control file. nvidia-graphics-drivers (470.129.06-6) unstable; urgency=medium . * Minor packaging sync and cleanup. * Disable building nvidia-cuda-mps, will be built from src:nvidia-graphics-drivers-tesla-${latest}. nvidia-graphics-drivers-legacy-390xx (390.154-1~deb11u1) bullseye; urgency=medium . * Rebuild for bullseye. . nvidia-graphics-drivers-legacy-390xx (390.154-1~deb10u1) buster; urgency=medium . * Rebuild for buster. . nvidia-graphics-drivers-legacy-390xx (390.154-1) unstable; urgency=medium . * New upstream legacy branch release 390.154 (2022-08-02). * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016616) https://nvidia.custhelp.com/app/answers/detail/a_id/5383 * Improved compatibility with recent Linux kernels. . [ Andreas Beckmann ] * Refresh patches. * Minor packaging sync and cleanup (470.129.06-6). * Drop references to kernel-package and make-kpkg, gone since stretch (470.141.03-1). * Overhaul build-module-packages.sh (470.141.03-1). * Add module-assistant based autopkgtest for the *-source package (470.141.03-1). * Simplify changelog management for the *-source package (470.141.03-1). * Copy the Source stanza from d/control to the module control file (470.141.03-1). * Update lintian overrides. . nvidia-graphics-drivers-legacy-390xx (390.151-2) unstable; urgency=medium . * Backport pci/dma changes from 470.129.06 to fix kernel module build for Linux 5.18. (Closes: #1012700, #1012618) * Update lintian overrides. . nvidia-graphics-drivers-legacy-390xx (390.151-1~deb10u1) buster; urgency=medium . * Rebuild for buster. nvidia-graphics-drivers-legacy-390xx (390.154-1~deb10u1) buster; urgency=medium . * Rebuild for buster. . nvidia-graphics-drivers-legacy-390xx (390.154-1) unstable; urgency=medium . * New upstream legacy branch release 390.154 (2022-08-02). * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016616) https://nvidia.custhelp.com/app/answers/detail/a_id/5383 * Improved compatibility with recent Linux kernels. . [ Andreas Beckmann ] * Refresh patches. * Minor packaging sync and cleanup (470.129.06-6). * Drop references to kernel-package and make-kpkg, gone since stretch (470.141.03-1). * Overhaul build-module-packages.sh (470.141.03-1). * Add module-assistant based autopkgtest for the *-source package (470.141.03-1). * Simplify changelog management for the *-source package (470.141.03-1). * Copy the Source stanza from d/control to the module control file (470.141.03-1). * Update lintian overrides. . nvidia-graphics-drivers-legacy-390xx (390.151-2) unstable; urgency=medium . * Backport pci/dma changes from 470.129.06 to fix kernel module build for Linux 5.18. (Closes: #1012700, #1012618) * Update lintian overrides. nvidia-graphics-drivers-legacy-390xx (390.151-2) unstable; urgency=medium . * Backport pci/dma changes from 470.129.06 to fix kernel module build for Linux 5.18. (Closes: #1012700, #1012618) * Switch to B-D: dh-dkms. * Update lintian overrides. nvidia-graphics-drivers-legacy-390xx (390.151-1) unstable; urgency=medium . * New upstream legacy branch release 390.151 (2022-05-16). * Fixed CVE-2022-28181, CVE-2022-28185. (Closes: #1011142, #1004849) https://nvidia.custhelp.com/app/answers/detail/a_id/5353 - Fixed a bug which prevented kernel modules linked from precompiled kernel interface object files from being loaded on recent Linux kernels. This affected custom packages which were prepared with nvidia-installer's --add-this-kernel option, for example. - Fixed a driver installation failure on Linux kernel 5.17 release candidates, where the NVIDIA kernel module failed to build with error "implicit declaration of function 'PDE'". . [ Andreas Beckmann ] * Refresh patches. * Work around architecture misdetection when building the kernel modules in an armhf environment on an arm64 host. (Closes: #1010230) * Bump Standards-Version to 4.6.1. No changes needed. nvidia-graphics-drivers-tesla-450 (450.203.03-1~deb11u1) bullseye; urgency=medium . * Rebuild for bullseye. . nvidia-graphics-drivers-tesla-450 (450.203.03-1) unstable; urgency=medium . * New upstream Tesla release 450.203.03 (2022-08-02). * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016618) https://nvidia.custhelp.com/app/answers/detail/a_id/5383 * Improved compatibility with recent Linux kernels. . [ Andreas Beckmann ] * Replace obsolete pci_*() functions with their dma_*() counterparts in ppc64el specific code paths to fix kernel module build for ppc64el. * Refresh patches. * Drop references to kernel-package and make-kpkg, gone since stretch (470.141.03-1). * Overhaul build-module-packages.sh (470.141.03-1). * Add module-assistant based autopkgtest for the *-source package (470.141.03-1). * Simplify changelog management for the *-source package (470.141.03-1). * Copy the Source stanza from d/control to the module control file (470.141.03-1). nvidia-graphics-drivers-tesla-450 (450.203.03-1~deb11u1~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. . nvidia-graphics-drivers-tesla-450 (450.203.03-1~deb11u1) bullseye; urgency=medium . * Rebuild for bullseye. . nvidia-graphics-drivers-tesla-450 (450.203.03-1) unstable; urgency=medium . * New upstream Tesla release 450.203.03 (2022-08-02). * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016618) https://nvidia.custhelp.com/app/answers/detail/a_id/5383 * Improved compatibility with recent Linux kernels. . [ Andreas Beckmann ] * Replace obsolete pci_*() functions with their dma_*() counterparts in ppc64el specific code paths to fix kernel module build for ppc64el. * Refresh patches. * Drop references to kernel-package and make-kpkg, gone since stretch (470.141.03-1). * Overhaul build-module-packages.sh (470.141.03-1). * Add module-assistant based autopkgtest for the *-source package (470.141.03-1). * Simplify changelog management for the *-source package (470.141.03-1). * Copy the Source stanza from d/control to the module control file (470.141.03-1). nvidia-graphics-drivers-tesla-450 (450.191.01-2) unstable; urgency=medium . * Backport pci/dma, iosys_map, dma_set_coherent_mask, acpi_bus_get_device and cc_mkdec changes from 470.129.06 to fix kernel module build for Linux 5.18. (Closes: #1013130) * Update lintian overrides. nvidia-graphics-drivers-tesla-470 (470.141.03-1~deb11u1) bullseye; urgency=medium . * Rebuild for bullseye. . nvidia-graphics-drivers-tesla-470 (470.141.03-1) unstable; urgency=medium . * New upstream Tesla release 470.141.03 (2022-08-02). * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016620) https://nvidia.custhelp.com/app/answers/detail/a_id/5383 - Added support for the following GPU: GeForce RTX 3050 OEM. * Improved compatibility with recent Linux kernels. . [ Andreas Beckmann ] * Re-enable autopkgtest on ppc64el, fixed in Linux 5.19. . nvidia-graphics-drivers (470.141.03-1~deb11u1) bullseye; urgency=medium . * Rebuild for bullseye. . nvidia-graphics-drivers (470.141.03-1) unstable; urgency=medium . * New upstream production branch release 470.141.03 (2022-08-02). * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016614) https://nvidia.custhelp.com/app/answers/detail/a_id/5383 - Added support for the following GPU: GeForce RTX 3050 OEM. * Improved compatibility with recent Linux kernels. (Closes: #1016736) . [ Andreas Beckmann ] * Replace obsolete pci_*() functions with their dma_*() counterparts in ppc64el specific code paths to fix kernel module build for ppc64el. * Refresh patches. * Update nv-readme.ids. * More generic handling of architectures with gsp firmware. * Drop references to kernel-package and make-kpkg, gone since stretch. * Overhaul build-module-packages.sh. * Add module-assistant based autopkgtest for the *-source package. * Simplify changelog management for the *-source package. * Copy the Source stanza from d/control to the module control file. nvidia-graphics-drivers-tesla-470 (470.141.03-1~deb11u1~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. . nvidia-graphics-drivers-tesla-470 (470.141.03-1~deb11u1) bullseye; urgency=medium . * Rebuild for bullseye. . nvidia-graphics-drivers-tesla-470 (470.141.03-1) unstable; urgency=medium . * New upstream Tesla release 470.141.03 (2022-08-02). * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016620) https://nvidia.custhelp.com/app/answers/detail/a_id/5383 - Added support for the following GPU: GeForce RTX 3050 OEM. * Improved compatibility with recent Linux kernels. . [ Andreas Beckmann ] * Re-enable autopkgtest on ppc64el, fixed in Linux 5.19. . nvidia-graphics-drivers (470.141.03-1~deb11u1) bullseye; urgency=medium . * Rebuild for bullseye. . nvidia-graphics-drivers (470.141.03-1) unstable; urgency=medium . * New upstream production branch release 470.141.03 (2022-08-02). * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016614) https://nvidia.custhelp.com/app/answers/detail/a_id/5383 - Added support for the following GPU: GeForce RTX 3050 OEM. * Improved compatibility with recent Linux kernels. (Closes: #1016736) . [ Andreas Beckmann ] * Replace obsolete pci_*() functions with their dma_*() counterparts in ppc64el specific code paths to fix kernel module build for ppc64el. * Refresh patches. * Update nv-readme.ids. * More generic handling of architectures with gsp firmware. * Drop references to kernel-package and make-kpkg, gone since stretch. * Overhaul build-module-packages.sh. * Add module-assistant based autopkgtest for the *-source package. * Simplify changelog management for the *-source package. * Copy the Source stanza from d/control to the module control file. nvidia-graphics-drivers-tesla-470 (470.129.06-6) unstable; urgency=medium . * Rebuild as Tesla 470 driver. * Build nvidia-cuda-mps from the Tesla driver. . nvidia-graphics-drivers (470.129.06-6) UNRELEASED; urgency=medium . * Minor packaging sync and cleanup. * Disable building nvidia-cuda-mps, will be built from src:nvidia-graphics-drivers-tesla-${latest}. nvidia-settings (470.141.03-1~deb11u1) bullseye; urgency=medium . * Rebuild for bullseye. . nvidia-settings (470.141.03-1) unstable; urgency=medium . * New upstream release 470.141.03. - Fixed a bug that prevented nvidia-settings from accurately reflecting changes to some configuration properties. . nvidia-settings (470.129.06-1) unstable; urgency=medium . * New upstream release 470.129.06. * Bump Standards-Version to 4.6.1. No changes needed. * Update Lintian overrides. . nvidia-settings (470.103.01-2) unstable; urgency=medium . [ Luca Boccassi ] * Add salsa-ci.yml. . [ Helmut Grohne ] * Improve cross building: Pass more build tools to make. (Closes: #1005958) . [ Debian Janitor ] * Remove constraints unnecessary since buster: + Build-Depends: Drop versioned constraint on libvdpau-dev. nvidia-settings (470.141.03-1~deb11u1~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. . nvidia-settings (470.141.03-1~deb11u1) bullseye; urgency=medium . * Rebuild for bullseye. . nvidia-settings (470.141.03-1) unstable; urgency=medium . * New upstream release 470.141.03. - Fixed a bug that prevented nvidia-settings from accurately reflecting changes to some configuration properties. . nvidia-settings (470.129.06-1) unstable; urgency=medium . * New upstream release 470.129.06. * Bump Standards-Version to 4.6.1. No changes needed. * Update Lintian overrides. . nvidia-settings (470.103.01-2) unstable; urgency=medium . [ Luca Boccassi ] * Add salsa-ci.yml. . [ Helmut Grohne ] * Improve cross building: Pass more build tools to make. (Closes: #1005958) . [ Debian Janitor ] * Remove constraints unnecessary since buster: + Build-Depends: Drop versioned constraint on libvdpau-dev. nvidia-settings (470.129.06-1) unstable; urgency=medium . * New upstream release 470.129.06. * Bump Standards-Version to 4.6.1. No changes needed. * Update Lintian overrides. nvidia-settings (470.103.01-2) unstable; urgency=medium . [ Luca Boccassi ] * Add salsa-ci.yml. . [ Helmut Grohne ] * Improve cross building: Pass more build tools to make. (Closes: #1005958) . [ Debian Janitor ] * Remove constraints unnecessary since buster: + Build-Depends: Drop versioned constraint on libvdpau-dev. nvidia-settings (470.103.01-1) unstable; urgency=medium . * New upstream release 470.103.01. nvidia-settings-tesla-470 (470.141.03-1~deb11u1) bullseye; urgency=medium . * Rebuild for bullseye. . nvidia-settings-tesla-470 (470.141.03-1) unstable; urgency=medium . * Rebuild as nvidia-settings-tesla-470. . nvidia-settings (470.141.03-1~deb11u1) bullseye; urgency=medium . * Rebuild for bullseye. . nvidia-settings (470.141.03-1) unstable; urgency=medium . * New upstream release 470.141.03. - Fixed a bug that prevented nvidia-settings from accurately reflecting changes to some configuration properties. . nvidia-settings-tesla-470 (470.129.06-1) unstable; urgency=medium . * Rebuild as nvidia-settings-tesla-470. . nvidia-settings (470.129.06-1) unstable; urgency=medium . * New upstream release 470.129.06. * Bump Standards-Version to 4.6.1. No changes needed. * Update Lintian overrides. . nvidia-settings-tesla-470 (470.103.01-2) unstable; urgency=medium . * Rebuild as nvidia-settings-tesla-470. . nvidia-settings (470.103.01-2) unstable; urgency=medium . [ Luca Boccassi ] * Add salsa-ci.yml. . [ Helmut Grohne ] * Improve cross building: Pass more build tools to make. (Closes: #1005958) . [ Debian Janitor ] * Remove constraints unnecessary since buster: + Build-Depends: Drop versioned constraint on libvdpau-dev. nvidia-settings-tesla-470 (470.141.03-1~deb11u1~bpo10+1) buster-backports; urgency=medium . * Rebuild for buster-backports. . nvidia-settings-tesla-470 (470.141.03-1~deb11u1) bullseye; urgency=medium . * Rebuild for bullseye. . nvidia-settings-tesla-470 (470.141.03-1) unstable; urgency=medium . * Rebuild as nvidia-settings-tesla-470. . nvidia-settings (470.141.03-1~deb11u1) bullseye; urgency=medium . * Rebuild for bullseye. . nvidia-settings (470.141.03-1) unstable; urgency=medium . * New upstream release 470.141.03. - Fixed a bug that prevented nvidia-settings from accurately reflecting changes to some configuration properties. . nvidia-settings-tesla-470 (470.129.06-1) unstable; urgency=medium . * Rebuild as nvidia-settings-tesla-470. . nvidia-settings (470.129.06-1) unstable; urgency=medium . * New upstream release 470.129.06. * Bump Standards-Version to 4.6.1. No changes needed. * Update Lintian overrides. . nvidia-settings-tesla-470 (470.103.01-2) unstable; urgency=medium . * Rebuild as nvidia-settings-tesla-470. . nvidia-settings (470.103.01-2) unstable; urgency=medium . [ Luca Boccassi ] * Add salsa-ci.yml. . [ Helmut Grohne ] * Improve cross building: Pass more build tools to make. (Closes: #1005958) . [ Debian Janitor ] * Remove constraints unnecessary since buster: + Build-Depends: Drop versioned constraint on libvdpau-dev. nvidia-settings-tesla-470 (470.129.06-1) unstable; urgency=medium . * Rebuild as nvidia-settings-tesla-470. . nvidia-settings (470.129.06-1) unstable; urgency=medium . * New upstream release 470.129.06. * Bump Standards-Version to 4.6.1. No changes needed. * Update Lintian overrides. nvidia-settings-tesla-470 (470.103.01-2) unstable; urgency=medium . * Rebuild as nvidia-settings-tesla-470. . nvidia-settings (470.103.01-2) unstable; urgency=medium . [ Luca Boccassi ] * Add salsa-ci.yml. . [ Helmut Grohne ] * Improve cross building: Pass more build tools to make. (Closes: #1005958) . [ Debian Janitor ] * Remove constraints unnecessary since buster: + Build-Depends: Drop versioned constraint on libvdpau-dev. nvidia-settings-tesla-470 (470.103.01-1) unstable; urgency=medium . * Rebuild as nvidia-settings-tesla-470. open-vm-tools (2:11.2.5-2+deb11u1) bullseye-security; urgency=high . * [67b16ff] Properly check authorization on incoming guestOps requests. (Closes: #1018012 CVE-2022-31676) * [747392e] gbp: build in bullseye * [80c2e62] gitlab-ci: build in bullseye openjdk-11 (11.0.16+8-1~deb11u1) bullseye-security; urgency=medium . * Rebuild for bullseye openjdk-11 (11.0.16+8-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster openjdk-11 (11.0.15+10-1) unstable; urgency=high . * OpenJDK 11.0.15+10 build (release). * Security fixes - JDK-8269938: Enhance XML processing passes redux. - JDK-8270504, CVE-2022-21426: Better XPath expression handling. - JDK-8272255: Completely handle MIDI files. - JDK-8272261: Improve JFR recording file processing. - JDK-8272594: Better record of recordings. - JDK-8274221: More definite BER encodings. - JDK-8275082, JDK-8278008, CVE-2022-21476: Update XML Security for Java to 2.3.0. - JDK-8275151, CVE-2022-21443: Improved Object Identification. - JDK-8277227: Better identification of OIDs. - JDK-8277672, CVE-2022-21434: Better invocation handler handling. - JDK-8278356: Improve file creation. - JDK-8278449: Improve keychain support. - JDK-8278798: Improve supported intrinsic. - JDK-8278805: Enhance BMP image loading. - JDK-8278972, CVE-2022-21496: Improve URL supports. - JDK-8281388: Change wrapping of EncryptedPrivateKeyInfo. * Refresh patches. openjdk-17 (17.0.4+8-1~deb11u1) bullseye-security; urgency=medium . * Rebuild for bullseye openjdk-17 (17.0.3+7-1) unstable; urgency=high . * OpenJDK 17.0.3+7 (release). * Security fixes - JDK-8269938: Enhance XML processing passes redux. - JDK-8270504, CVE-2022-21426: Better XPath expression handling. - JDK-8272255: Completely handle MIDI files. - JDK-8272261: Improve JFR recording file processing. - JDK-8272588: Enhanced recording parsing. - JDK-8272594: Better record of recordings. - JDK-8274221: More definite BER encodings. - JDK-8275082, JDK-8278008, CVE-2022-21476: Update XML Security for Java to 2.3.0. - JDK-8275151, CVE-2022-21443: Improved Object Identification. - JDK-8277227: Better identification of OIDs. - JDK-8277233, CVE-2022-21449: Improve ECDSA signature support. - JDK-8277672, CVE-2022-21434: Better invocation handler handling. - JDK-8278356: Improve file creation. - JDK-8278449: Improve keychain support. - JDK-8278798: Improve supported intrinsic. - JDK-8278805: Enhance BMP image loading. - JDK-8278972, CVE-2022-21496: Improve URL supports. - JDK-8281388: Change wrapping of EncryptedPrivateKeyInfo. * Refresh patches. pcre2 (10.36-2+deb11u1) bullseye; urgency=medium . * Backport upstream fixes for CVE-2022-1586 CVE-2022-1587 (Closes: #1011954) php7.4 (7.4.30-1+deb11u1) bullseye-security; urgency=high . * New upstream version 7.4.30 + [CVE-2022-31626]: Fixed mysqlnd/pdo password buffer overflow. + [CVE-2022-31625]: Fixed uninitialized array in pg_query_params(). postgresql-13 (13.8-0+deb11u1) bullseye; urgency=medium . * New upstream version. . + Do not let extension scripts replace objects not already belonging to the extension (Tom Lane) (CVE-2022-2625) . This change prevents extension scripts from doing CREATE OR REPLACE if there is an existing object that does not belong to the extension. It also prevents CREATE IF NOT EXISTS in the same situation. This prevents a form of trojan-horse attack in which a hostile database user could become the owner of an extension object and then modify it to compromise future uses of the object by other users. As a side benefit, it also reduces the risk of accidentally replacing objects one did not mean to. . The PostgreSQL Project thanks Sven Klemm for reporting this problem. publicsuffix (20220811.1734-0+deb11u1) bullseye; urgency=medium . * new upstream publicsuffix data publicsuffix (20220811.1734-0+deb10u1) buster; urgency=medium . * new upstream publicsuffix data publicsuffix (20220614.1839-1) unstable; urgency=medium . * new upstream version publicsuffix (20211207.1025-1) unstable; urgency=medium . * new upstream version request-tracker4 (4.4.4+dfsg-2+deb11u2) bullseye-security; urgency=medium . * Apply upstream patch which fixes several security vulnerabilities. - A cross-site scripting (XSS) issue when displaying attachment content with fraudulent content types. This vulnerability is assigned CVE-2022-25802. - Not performing full rights checks on access to file or image type custom fields, possibly allowing access to these custom fields by users without rights to access to the associated objects (like the ticket it is associated with). rocksdb (6.11.4-3+deb11u1) bullseye; urgency=medium . [ Daniel Leidert ] * Fix illegal instruction on arm64 (closes: #1015224). rust-cbindgen (0.23.0-1~deb11u1) bullseye; urgency=medium . * Non-maintainer upload. * Backport to bullseye. * Vendor dependencies, they are not available in bullseye. * Only build the cbindgen binary. * Lower dh-cargo build-dep. * Build with rust-mozilla. rust-cbindgen (0.23.0-1~deb10u2) buster; urgency=medium . * Use override_ target instead of execute_after_, the latter is not supported in buster's debhelper. This fixes files with too old timestamps. Closes: #1015146. rust-cbindgen (0.23.0-1~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Backport to bullseye. * Bump rustc-mozilla build-deps to 1.59. rust-cbindgen (0.21.0-1) unstable; urgency=medium . * Package cbindgen 0.21.0 from crates.io using debcargo 2.5.0 rust-cbindgen (0.20.0-1) unstable; urgency=medium . * Package cbindgen 0.20.0 from crates.io using debcargo 2.4.4-alpha.0 rustc-mozilla (1.59.0+dfsg1-1~deb11u3) bullseye; urgency=medium . * Set up the symlinks in a target also called by binary-arch. rustc-mozilla (1.59.0+dfsg1-1~deb11u2) bullseye; urgency=medium . * Include mips(el) stage0 binaries. rustc-mozilla (1.59.0+dfsg1-1~deb11u1) bullseye; urgency=medium . * Non-maintainer upload. * Backport to bullseye as rustc-mozilla. * Do a bootstrap build. * Disable wasm. * Disable new binary packages rustfmt, -clippy, -all. rustc-mozilla (1.59.0+dfsg1-1~deb10u3) buster; urgency=medium . * Include mips(el) stage0 binaries. rustc-mozilla (1.59.0+dfsg1-1~deb10u2) buster; urgency=medium . * Inline atomics on arm64. * Increase allowed test failures on i386. rustc-mozilla (1.59.0+dfsg1-1~deb10u1) buster; urgency=medium . * Backport to buster. * Lower debhelper compat to 12. Stop using env variables in debhelper install files. * Disable windows target. samba (2:4.13.13+dfsg-1~deb11u5) bullseye-security; urgency=medium . * 3 patches: - CVE-2022-32742-bug-15085-4.13.patch - kpasswd_bugs_v15_4-13.patch - ldb-memory-bug-15096-4.13-v3.patch fixing: o CVE-2022-2031: Samba AD users can bypass certain restrictions associated with changing passwords. https://www.samba.org/samba/security/CVE-2022-2031.html o CVE-2022-32742: Server memory information leak via SMB1. https://www.samba.org/samba/security/CVE-2022-32742.html o CVE-2022-32744: Samba AD users can forge password change requests for any user. https://www.samba.org/samba/security/CVE-2022-32744.html o CVE-2022-32745: Samba AD users can crash the server process with an LDAP add or modify request. https://www.samba.org/samba/security/CVE-2022-32745.html o CVE-2022-32746: Samba AD users can induce a use-after-free in the server process with an LDAP add or modify request. https://www.samba.org/samba/security/CVE-2022-32746.html * Closes: #1016449, CVE-2022-2031 CVE-2022-32742, CVE-2022-32744, CVE-2022-32745, CVE-2022-32746 * Build-Depend on libldb-dev >= 2.2.3-2~deb11u2 (which includes the new symbols in libldb used by this update) * d/rules: use dpkg-query instead of pkg-config to find debian package version of libldb-dev, since this is what we actually want, not the internal version libldb thinks it is at. sbuild (0.81.2+deb11u1) bullseye; urgency=medium . [ Aurelien Jarno ] * Buildd::Mail: support MIME encoded Subject: header * Buildd::Mail: also copy the Content-Type: header when forwarding mail schroot (1.6.10-12+deb11u1) bullseye-security; urgency=medium . * Have a stricter limit on chroot names. [CVE-2022-2787] spip (3.2.11-3+deb11u5) bullseye-security; urgency=medium . * Backport security fixes from 3.2.16 - Remote code execution - XSS alowing priviledge escalation systemd (247.3-7+deb11u1) bullseye; urgency=medium . * Drop bundled copy of linux/if_arp.h. Fixes build failures with newer kernel headers. * virt: support detection for ARM64 Hyper-V guests (Closes: #1013342) * virt: detect OpenStack instance as KVM on arm (Closes: #1016157) thunderbird (1:91.13.0-1~deb11u1) bullseye-security; urgency=medium . * [06edfee] New upstream version 91.13.0 Fixed CVE issues in upstream version 91.13 (MFSA 2022-37): CVE-2022-38472: Address bar spoofing via XSLT error handling CVE-2022-38473: Cross-origin XSLT Documents would have inherited the parent's permissions CVE-2022-38478: Memory safety bugs fixed in Thunderbird 102.2, and Thunderbird 91.13 thunderbird (1:91.12.0-1~deb11u1) bullseye-security; urgency=medium . * [f7c7e7d] New upstream version 91.12.0 Fixed CVE issues in upstream version 91.12 (MFSA 2022-31): CVE-2022-36319: Mouse Position spoofing with CSS transforms CVE-2022-36318: Directory indexes for bundled resources reflected URL parameters (Closes: #1014004) thunderbird (1:91.12.0-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security thunderbird (1:91.11.0-1) unstable; urgency=medium . * [05a947d] New upstream version 91.11.0 Fixed CVE issues in upstream version 91.11 (MFSA 2022-26: CVE-2022-34479: A popup window could be resized in a way to overlay the address bar with web content CVE-2022-34470: Use-after-free in nsSHistory CVE-2022-34468: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI CVE-2022-2226: An email with a mismatching OpenPGP signature date was accepted as valid CVE-2022-34481: Potential integer overflow in ReplaceElementsAt CVE-2022-31744: CSP bypass enabling stylesheet injection CVE-2022-34472: Unavailable PAC file resulted in OCSP requests being blocked CVE-2022-2200: Undesired attributes could be set as part of prototype pollution CVE-2022-34484: Memory safety bugs fixed in Thunderbird 91.11 and Thunderbird 102 (Closes: #1014004) * [4c4944d] Rebuild patch queue from patch-queue branch Added patch: fixes/Bug-1773070-Rename-remove-some-eventState-s-variables.-r-.patch thunderbird (1:91.11.0-1~deb11u1) bullseye-security; urgency=medium . * Rebuild for bullseye-security * [f23e5c8] Revert "Rebuild patch queue from patch-queue branch" The {old-,}stable release doesn't have an "to new" version of cbindgen, so we don't need this added patch. thunderbird (1:91.11.0-1~deb10u1) buster-security; urgency=medium . * Rebuild for buster-security thunderbird (1:91.10.0-1) unstable; urgency=medium . * [969960a] New upstream version 91.10.0 Fixed CVE issues in upstream version 91.9.1 (MFSA 2022-19): CVE-2022-1802: Prototype pollution in Top-Level Await implementation CVE-2022-1529: Untrusted input used in JavaScript object indexing, leading to prototype pollution . Fixed CVE issues in upstream version 91.10 (MFSA 2022-22): CVE-2022-31736: Cross-Origin resource's length leaked CVE-2022-31737: Heap buffer overflow in WebGL CVE-2022-31738: Browser window spoof using fullscreen mode CVE-2022-31739: Attacker-influenced path traversal when saving downloaded files CVE-2022-31740: Register allocation problem in WASM on arm64 CVE-2022-31741: Uninitialized variable leads to invalid memory read CVE-2022-1834: Braille space character caused incorrect sender email to be shown for a digitally signed email CVE-2022-31742: Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information CVE-2022-31747: Memory safety bugs fixed in Thunderbird 91.10 * [4b55e16] d/control: Increase Standards-Version to 4.6.0 No further changes needed. trafficserver (8.1.5+ds-1~deb11u1) bullseye-security; urgency=high . * Update d/watch to stick to 8.1.X serie * Update upstream gpg keys * UPdate d/salsa-ci.yaml * New upstream version 8.1.5+ds * Patches refresh for 8.1.5 * Update experimental plugins list * Multiple CVE fixes for 8.1.x + CVE-2021-37150: Protocol vs scheme mismatch + CVE-2022-25763: Improper input validation on HTTP/2 headers + CVE-2022-28129: Insufficient Validation of HTTP/1.x Headers + CVE-2022-31778: Transfer-Encoding not treated as hop-by-hop + CVE-2022-31779: Improper HTTP/2 scheme and method validation + CVE-2022-31780: HTTP/2 framing vulnerabilities twitter-bootstrap4 (4.5.2+dfsg1-8~deb11u1) bullseye; urgency=medium . * Team upload. * Backport the fix for #991939 to bullseye. . twitter-bootstrap4 (4.5.2+dfsg1-8) unstable; urgency=medium . * Add missing .map files (Closes: #991939) tzdata (2021a-1+deb11u5) bullseye; urgency=medium . * Cherry-pick patches from upstream: - Iran plans to stop observing DST permanently, after it falls back on 2022-09-21. - Chile's 2022 DST start is delayed from September 4 to September 11. unzip (6.0-26+deb11u1) bullseye-security; urgency=medium . * Apply upstream patch for CVE-2022-0529 and CVE-2022-0530. - Fix null pointer dereference on invalid UTF-8 input. - Fix wide string conversion in process.c. Closes: #1010355. webkit2gtk (2.36.7-1~deb11u1) bullseye-security; urgency=high . * Rebuild for bullseye-security. * gcc 10 segfaults when building webkit in some architectures (see #1008098) so use clang instead. The exceptions are i386 and mipsel, where gcc works fine but clang is the buggy one (see #1010329). - debian/rules: Tell CMake to use clang. - debian/control: Build depend on clang. * Build libsoup2 packages only. - debian/rules: Set ENABLE_SOUP3=NO. - debian/control: Remove build dependency on libsoup3 and ccache and remove the entries for all 4.1 API packages (soup3 build). webkit2gtk (2.36.6-1) unstable; urgency=high . * New upstream release. * The WebKitGTK security advisory WSA-2022-0007 lists the following security fixes in the latest versions of WebKitGTK: - CVE identifiers: CVE-2022-32792, CVE-2022-32816 and CVE-2022-2294 (fixed in 2.36.5). * debian/rules: - Enable wpe on Ubuntu now that the MIR has been accepted (thanks, Sebastien Bacher) (Closes: #1016585). webkit2gtk (2.36.6-1~deb11u1) bullseye-security; urgency=high . * Rebuild for bullseye-security. * gcc 10 segfaults when building webkit in some architectures (see #1008098) so use clang instead. The exceptions are i386 and mipsel, where gcc works fine but clang is the buggy one (see #1010329). - debian/rules: Tell CMake to use clang. - debian/control: Build depend on clang. * Build libsoup2 packages only. - debian/rules: Set ENABLE_SOUP3=NO. - debian/control: Remove build dependency on libsoup3 and ccache and remove the entries for all 4.1 API packages (soup3 build). webkit2gtk (2.36.4-1) unstable; urgency=high . * New upstream release. * The WebKitGTK security advisory WSA-2022-0006 lists the following security fixes in the latest versions of WebKitGTK: - CVE-2022-22662 (fixed in 2.36.0). - CVE-2022-22677 and CVE-2022-26710 (fixed in 2.36.4). * debian/control: - Don't use ccache in i386 because Ubuntu doesn't have it and Debian can live without it (webkit-team/webkit!14). * Update format of lintian overrides (see #1007002). * debian/control: - Update Standards-Version to 4.6.1.0 (no changes). webkit2gtk (2.36.4-1~deb11u1) bullseye-security; urgency=high . * Rebuild for bullseye-security. * gcc 10 segfaults when building webkit in some architectures (see #1008098) so use clang instead. The exceptions are i386 and mipsel, where gcc works fine but clang is the buggy one (see #1010329). - debian/rules: Tell CMake to use clang. - debian/control: Build depend on clang. * Build libsoup2 packages only. - debian/rules: Set ENABLE_SOUP3=NO. - debian/control: Remove build dependency on libsoup3 and ccache and remove the entries for all 4.1 API packages (soup3 build). webkit2gtk (2.36.4-1~deb10u1) buster-security; urgency=high . * Rebuild for buster-security. * debian/patches/force-single-process.patch: - Force the single-process mode in Evolution and Geary * debian/control: - Remove all 4.1 API packages (soup3 build). - Remove Breaks for Evolution < 3.34.1. - Remove build dependencies on ccache, libwpebackend-fdo-1.0-dev, libmanette-0.2-dev, liblcms2-dev and libsoup-3.0-dev. - Switch build dependency from libenchant-2-dev to libenchant-dev. - Switch build dependencies on libgl-dev and libgles-dev with libgl1-mesa-dev and libgles2-mesa-dev. * Downgrade xdg-desktop-portal-gtk from a recommendation to a suggestion (See #989307) * debian/rules: - Build with -DENABLE_GAMEPAD=OFF -DUSE_LCMS=OFF. * Set the debhelper compatibility level back to 10. This fixes a dh_dwz error ".debug_info section not present" - Add debian/compat file. - Update build dependency on debhelper. webkit2gtk (2.36.3-1) unstable; urgency=high . * New upstream release. * Use ccache