-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 17 Jun 2019 20:00:22 +0100 Source: linux Architecture: source Version: 4.19.37-4 Distribution: unstable Urgency: high Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org> Changed-By: Ben Hutchings <ben@decadent.org.uk> Closes: 929187 929366 929583 Changes: linux (4.19.37-4) unstable; urgency=high . [ Ben Hutchings ] * libbpf: Fix various build bugs: - Drop unnecessary changes from "libbpf: add SONAME to shared object" - libbpf: Use only 2 components in soversion, matching package name (Closes: #929187) - libbpf: Build out-of-tree * README.source: Document the various makefiles and use of out-of-tree builds * [x86] lockdown,sysrq: Enable ALLOW_LOCKDOWN_LIFT_BY_SYSRQ (Closes: #929583) * mwifiex: Fix possible buffer overflows at parsing bss descriptor (CVE-2019-3846) * mwifiex: Abort at too short BSS descriptor element * mwifiex: Don't abort on small, spec-compliant vendor IEs * mm/mincore.c: make mincore() more conservative (CVE-2019-5489) * mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (CVE-2019-10126) * tcp: limit payload size of sacked skbs (CVE-2019-11477) * tcp: tcp_fragment() should apply sane memory limits (CVE-2019-11478) * tcp: add tcp_min_snd_mss sysctl (CVE-2019-11479) * tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() . [ Romain Perier ] * [rt] Update to 4.19.37-rt20: - powerpc/pseries/iommu: Use a locallock instead local_irq_save() - powerpc: reshuffle TIF bits - tty/sysrq: Convert show_lock to raw_spinlock_t - drm/i915: Don't disable interrupts independently of the lock - sched/completion: Fix a lockup in wait_for_completion() . [ Salvatore Bonaccorso ] * brcmfmac: assure SSID length from firmware is limited (CVE-2019-9500) * brcmfmac: add subtype check for event handling in data path (CVE-2019-9503) * ext4: zero out the unused memory region in the extent tree block (CVE-2019-11833) * Bluetooth: hidp: fix buffer overflow (CVE-2019-11884) . [ Aurelien Jarno ] * [mips] Correctly bounds check virt_addr_valid (Closes: #929366) . [ John Paul Adrian Glaubitz ] * [sparc64] udeb: Disable suffix for kernel-image . [ Alper Nebi Yasak ] * udeb: input-modules: Include all keyboard driver modules * [arm64] udeb: kernel-image: Include cros_ec_spi and SPI drivers * [arm64] udeb: kernel-image: Include phy-rockchip-pcie * [arm64] udeb: usb-modules: Include phy-rockchip-typec, extcon-usbc-cros-ec * [arm64] udeb: mmc-modules: Include phy-rockchip-emmc * [arm64] udeb: fb-modules: Include rockchipdrm, panel-simple, pwm_bl and pwm-cros-ec Checksums-Sha1: dcf867c9dc110ea87230e9b58630970cfc9ee411 189124 linux_4.19.37-4.dsc ded214f43499ae130f9ff7a2972fd7f494ca2568 1241912 linux_4.19.37-4.debian.tar.xz 9404c2b3d16287bb79b1efec7e87e2a5d073fd55 47317 linux_4.19.37-4_source.buildinfo Checksums-Sha256: dc1b500e98085b5a29c9d3e82daba1d9114e15a159033ae5f50f38a652cd9dc2 189124 linux_4.19.37-4.dsc 0c68371af4e95eb51af66020fc339fdbdef0c88dfbb6e087224e0515972efeec 1241912 linux_4.19.37-4.debian.tar.xz e52e5a1d71abcf1259e8dc408c49b813a03c307104ca7aafeadbe63fdfea4e09 47317 linux_4.19.37-4_source.buildinfo Files: 5b632121885d3906853df87d927bbe6f 189124 kernel optional linux_4.19.37-4.dsc c076916392da0a3c3aa6f64b8c233323 1241912 kernel optional linux_4.19.37-4.debian.tar.xz a4ee5796862e252bb0ed583edb892af9 47317 kernel optional linux_4.19.37-4_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAl0Iv4AACgkQ57/I7JWG EQnypA/9FGqDiPSxXbf1ipqOQ7WqsVCwo2m8Dim9XH29FbAnNmqXfyGJZAIpDuIF opK0NlLXHT/3Tyw2gNlvoofIlk7kBbObLSMm42sBqnPFRpu4QN7U0vh/gfwkFEN6 yb0pjD6F0CbXlauV8eYsGrhg9HbYXYIDzEIcxdPfEgpE4eXx8LDWDU2Q292dHlDC YYnxQurEypoUxHAMAhgcjcP6ay9M5fMrodC9XbcHzuF3j/iyO8aIu0rjctiyWH6O LtbUfBhI2cA13+Fy7UVWnh8ahyYVbm8QEb3qXM0URU8oW9VEcRWWXsyM99N0duM2 LCXOpjsPO4kOo2hC7U2/MG/opAh0Lt/An9rnspGoHjV3pi1BljmfUkqT1JVQ7OoG fSs9+zzjaushpm0yUxhzujc2ViUS/6OixP3pQojuTBgpgkELMgIUOnWj9Zjpt3gF t8Ne7YGPrpJHKJUJG9TJbfJ77AQm8xR3AlshvTOH5SQGl3Kf8EemsMWpcHcETJbs cRFELY/B1ug67Upvx+boOJLWPeoZV0pL6JqPj6s/K/YLDFuS2opKJx2HHy8R0rRy lhEiHLZYw4MACyIce5ejYNQm7iBYRd9nnRMPu8wpg6DpmWoKtUUdv3co2B7REps7 46fgUY/q6wiP6/5zrVtYpA753f2LOmgttdGwUHC+OUlVAVyGcKQ= =1jQi -----END PGP SIGNATURE-----
