Accepted linux-signed-i386 5.10.46+5 (source) into proposed-updates->stable-new, proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 23 Sep 2021 22:35:21 +0200
Source: linux-signed-i386
Architecture: source
Version: 5.10.46+5
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Changes:
linux-signed-i386 (5.10.46+5) bullseye-security; urgency=high
.
* Sign kernel from linux 5.10.46-5
.
* virtio_console: Assure used length from device is limited (CVE-2021-38160)
* NFSv4: Initialise connection to the server in nfs4_alloc_client()
(CVE-2021-38199)
* tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop.
(CVE-2021-3679)
* [poewrpc*] KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow
(CVE-2021-37576)
* ovl: prevent private clone if bind mount is not allowed (CVE-2021-3732)
* [x86] KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl
(CVE-2021-3653)
* [x86] KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656)
* bpf: Fix integer overflow involving bucket_size (CVE-2021-38166)
* ath: Use safer key clearing with key cache entries (CVE-2020-3702)
* ath9k: Clear key cache explicitly on disabling hardware (CVE-2020-3702)
* ath: Export ath_hw_keysetmac() (CVE-2020-3702)
* ath: Modify ath_key_delete() to not need full key entry (CVE-2020-3702)
* ath9k: Postpone key cache entry deletion for TXQ frames reference it
(CVE-2020-3702)
* btrfs: fix NULL pointer dereference when deleting device by invalid id
(CVE-2021-3739)
* net: qrtr: fix another OOB Read in qrtr_endpoint_post (CVE-2021-3743)
* vt_kdsetmode: extend console locking (CVE-2021-3753)
* ext4: fix race writing to an inline_data file while its xattrs are changing
(CVE-2021-40490)
* dccp: don't duplicate ccid when cloning dccp sock (CVE-2020-16119)
* io_uring: ensure symmetry in handling iter types in loop_rw_iter()
(CVE-2021-41073)
* netfilter: nftables: avoid potential overflows on 32bit arches
* netfilter: nf_tables: initialize set before expression setup
(Closes: #993978)
* netfilter: nftables: clone set element expression template
* bnx2x: Fix enabling network interfaces without VFs (Closes: #993948)
Checksums-Sha1:
ae4895e3afd0f1b229bbd964ab446e427bbefd06 14039 linux-signed-i386_5.10.46+5.dsc
7e1929a27512453663279adcdd080e60ab68e035 3614376 linux-signed-i386_5.10.46+5.tar.xz
Checksums-Sha256:
a5bb926fa9d60afacc5d7e8476f93c4891d468f02d7c34335a52594f58a3c2dd 14039 linux-signed-i386_5.10.46+5.dsc
87d05a0986762895b2f00b73c49f3552c50debc70f9f27cbf14f29268d62c89a 3614376 linux-signed-i386_5.10.46+5.tar.xz
Files:
a1b5a2e569dd7841a696d56dc3680327 14039 kernel optional linux-signed-i386_5.10.46+5.dsc
ac67d33e514dd2948f08b1db309939d7 3614376 kernel optional linux-signed-i386_5.10.46+5.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEfKFfvHEI+gkU+E+di0FRiLdONzYFAmFN2d0ACgkQi0FRiLdO
NzaPuA/9H5Y8ecmFRkze5QoSsFRNxRHDkAKoUAQ5N+Ho64URtSxonXBTl53PGAnm
A1xUpp/9oPImyKhqQ5UcMHUv8eLDHoth3JUROUl5BVTxmVHl5uGS/XZ6jCidnuoF
F1ozSQih7kqpSrzlE+Mg32sOl00v9eEj8469HinzMMnRADCQrHlPz7EzdKjFCbUW
h8MRXVXAY63jwQKAJMXWDuQkwCr2ulXVRA/GLA8+vHxO5uZ4FM71duNEy2dASgEI
NnvaeSZystThfsKOyCU5fGAstA/AzaIzAXDC3BpywN90iKL7TZHadj3q6zpRY0B/
MDPCwOnbEuja4kxu6XxL7eDJPaRRrJySqpGF6b0tu6c8AzzSwFuQAckHrQMUI1lR
7CReGYMhcGyiP7Sm/y65+ao4WCh45mOa2eLPsqEm9N9QlNrWKmhv3+YEiESuCEK2
wONUXNqJmnR5Eqjwnda7JhxpPk735YgAKe8dIFEs9kNa0R8wX7mHdsBY9FWzdkTM
WZdH5H43xYi5wijOcElHjsoJad9vifl1x2luxNXlSGqjjdptR7O9xVxRQZYLUDDI
yc3sYu0uoJjBcdjFfj4vWiDAZtVLP4sBvBDDe8V2gtzO/3NR3ODk/PCY/pVbtHUp
NbJa4gKgIcbzEA5IhGdMFNWJSl8m78gkJyjOfFOS7Lav8e0Tjtw=
=gCVe
-----END PGP SIGNATURE-----
Reply to: