Accepted linux-signed-amd64 5.10.46+5 (source) into proposed-updates->stable-new, proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 23 Sep 2021 22:35:21 +0200
Source: linux-signed-amd64
Architecture: source
Version: 5.10.46+5
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Changes:
linux-signed-amd64 (5.10.46+5) bullseye-security; urgency=high
.
* Sign kernel from linux 5.10.46-5
.
* virtio_console: Assure used length from device is limited (CVE-2021-38160)
* NFSv4: Initialise connection to the server in nfs4_alloc_client()
(CVE-2021-38199)
* tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop.
(CVE-2021-3679)
* [poewrpc*] KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow
(CVE-2021-37576)
* ovl: prevent private clone if bind mount is not allowed (CVE-2021-3732)
* [x86] KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl
(CVE-2021-3653)
* [x86] KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656)
* bpf: Fix integer overflow involving bucket_size (CVE-2021-38166)
* ath: Use safer key clearing with key cache entries (CVE-2020-3702)
* ath9k: Clear key cache explicitly on disabling hardware (CVE-2020-3702)
* ath: Export ath_hw_keysetmac() (CVE-2020-3702)
* ath: Modify ath_key_delete() to not need full key entry (CVE-2020-3702)
* ath9k: Postpone key cache entry deletion for TXQ frames reference it
(CVE-2020-3702)
* btrfs: fix NULL pointer dereference when deleting device by invalid id
(CVE-2021-3739)
* net: qrtr: fix another OOB Read in qrtr_endpoint_post (CVE-2021-3743)
* vt_kdsetmode: extend console locking (CVE-2021-3753)
* ext4: fix race writing to an inline_data file while its xattrs are changing
(CVE-2021-40490)
* dccp: don't duplicate ccid when cloning dccp sock (CVE-2020-16119)
* io_uring: ensure symmetry in handling iter types in loop_rw_iter()
(CVE-2021-41073)
* netfilter: nftables: avoid potential overflows on 32bit arches
* netfilter: nf_tables: initialize set before expression setup
(Closes: #993978)
* netfilter: nftables: clone set element expression template
* bnx2x: Fix enabling network interfaces without VFs (Closes: #993948)
Checksums-Sha1:
0eb9229fa7a5960e919a3ea30310d687a4529883 8487 linux-signed-amd64_5.10.46+5.dsc
f04c2cc8c438f5c98aec08ff7828ebd81409b4ec 2669588 linux-signed-amd64_5.10.46+5.tar.xz
Checksums-Sha256:
afd6d13a81f77cbebd06950da2681691b2448c6c786bf62dcbc873be1e17cd15 8487 linux-signed-amd64_5.10.46+5.dsc
aaae7da86340328c26f91e2d8bf666482c0f849377018de626270a6b8a3e884c 2669588 linux-signed-amd64_5.10.46+5.tar.xz
Files:
cb82678b96fe8d437ee2a3000ddb0a69 8487 kernel optional linux-signed-amd64_5.10.46+5.dsc
9e90d336c87477ea55b21c1ce225dd48 2669588 kernel optional linux-signed-amd64_5.10.46+5.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEfKFfvHEI+gkU+E+di0FRiLdONzYFAmFNl9MACgkQi0FRiLdO
NzZ6PQ//VGWa3t0tB6AanoiOaNtYchz8cy7ydeATBIyk/OfuiQN7RCr31Q3J6o9M
ykV4znxgtal1pCEo1mZUZYdNqpDNI/23MUhENL2kAphwQV2c+yRX4sI6Y7TZVuQR
WpNU+v3JVwaZXSySIPdfKPxjgJrizL6cmJQHpLJIYLUX6Tp/T+5wSQp9PgWlcO/y
OXGbjD9+T2Pu1K5O+1lY2Wduvgu/1p9CoGKvVX5Yv0qVKJiXHGig4znROAxoIsuP
q47yCU/B00FGcN7SSd+7AXh2Vil6FXxeWxjnwPjWTSNQsYqTSmd9KplGAbn/iE4m
MLb9+gsWe5aIb4zSCtdpXTq89MOkCbvSPqtx9cYP5lfLX7Qg0GZ3WCy8RaFvG+eR
TKISGYqvBMeGi1mOrw3qgoOOCfXVpq5GWWz9SDyYBSG7+F2b6d9q29ToPc/6WdmR
9y/je7QNSawaJ/VO1UhIgl70GVNid8VbQTW8sWiSUWLNs8WZYhhdvkCfhPXjUH+n
0yegzrdsKl/I92CDxSdjZovrUc/VcULGzzeM8s7+qauStCnahvLkkHpFGo4/rakj
UZfOodOI8xmPg/O+orMkVGPx+0Pe45fTlkNtpIjvur7Vjx/ZNzlR3YyBdTrI4L3R
kdYU8ysuPf0pmFa62fip5Vf+JwPT9J3/fLDdVROuVJJASo0soRE=
=d015
-----END PGP SIGNATURE-----
Reply to: