-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 03 Aug 2021 07:50:50 +0200 Source: linux Architecture: source Version: 5.10.46-4 Distribution: unstable Urgency: medium Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Closes: 990411 Changes: linux (5.10.46-4) unstable; urgency=medium . * bpf: Introduce BPF nospec instruction for mitigating Spectre v4 (CVE-2021-34556, CVE-2021-35477) * bpf: Fix leakage due to insufficient speculative store bypass mitigation (CVE-2021-34556, CVE-2021-35477) * bpf: Remove superfluous aux sanitation on subprog rejection * Ignore ABI changes for bpf_offload_dev_create and bpf_verifier_log_write * bpf: Add kconfig knob for disabling unpriv bpf by default * init: Enable BPF_UNPRIV_DEFAULT_OFF (Closes: #990411) * linux-image: Add NEWS entry documenting that unprivileged calls to bpf() are disabled by default in Debian. * bpf: verifier: Allocate idmap scratch in verifier env * bpf: Fix pointer arithmetic mask tightening under state pruning Checksums-Sha1: 7ad0f8d3cd45daff12d92ad5dc352b82bd4b64f5 195000 linux_5.10.46-4.dsc 38234ee7c5e8b6a5d12a8b875d423c7c729639dc 4373312 linux_5.10.46-4.debian.tar.xz 193f3f618d7857589b0b78d3005eca40dbea2649 6227 linux_5.10.46-4_source.buildinfo Checksums-Sha256: 2ac8a8639f90b9fcf09131c359c74949e97df62c180f4eb97a6604ec2228dc15 195000 linux_5.10.46-4.dsc 1c91aa76d70940b2caffc935e9427771c055aca5db87a3f374caa4dedf2bc4f2 4373312 linux_5.10.46-4.debian.tar.xz 6a0b9cf7babf935e3a4c4c815e352eec22d60c36433c6455628935c32e02e153 6227 linux_5.10.46-4_source.buildinfo Files: cde18df720117efed4f86bbae3af6f59 195000 kernel optional linux_5.10.46-4.dsc a4552fc829b1fa6c2559cd4feb79378d 4373312 kernel optional linux_5.10.46-4.debian.tar.xz 0ae47f6029f67cb2a01b3b8268f10aa8 6227 kernel optional linux_5.10.46-4_source.buildinfo -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmEI4FpfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EmtQP/iuQ+WRaV76USEoKJtMQTqaFgPnf3hNB j+lpKWAzjSRtbr8621OKwn3JTJCinetIjxINNO5jbqfLU6143wxNRD1bFBMztEmT ZTAsLytFEzFbm+Ub8jUWBiKRMrj61cp8xKiR34tkdx8NNtvweSZqRxdUpxaP0Upo iTzufRAfvSYhGY8PEC4w7xfNRcs5QjWC6uutJ8vU9qRlbJSMgZTb/bjTSYsF+pyn sPyf6Y1ek+7x9tRJp8buNUNCNcFnv5o/NOc0SUCUd8zPzDuHCzukYypDZmBENjND yht3N8mE75HUvs7Mnfik9CxEsDUcn9pnDaI32l6fwJq3LedupvHcVae3WZIfKogY L/7zMWb3qCvY+h9vrC7erpDNQto7MznYQ6egWvEHSCW+BIOxn6q13afZYVzqk24z bTByp6oDQhDZd3F2ncrbPLBuevDmRKhI7qAjZ+pMgxB4VlW0zIQ2cxCoZail1W9o Y/iw/ESQcMpgUVpIEVXgGX60kSWDNck6ihRlKVEDuAGjE3z99uKHnF8/W79Jbs0b p5wjboGAMnRhX5rtEU/7I3XK/7ZeDAipYnXwxHi9AZUDa7u+XSw4xYTiGBzDpmCk mmswQXAq4bfrbGwIPp3Hj98G5yd0YzpY3pUJrKRYMDUTYEW5U3+aZd/PS0ZBJ6ql 4R2YPR59/nxp =OtIO -----END PGP SIGNATURE-----