-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 24 Jul 2022 00:32:10 +0200
Source: linux-signed-arm64
Architecture: source
Version: 5.10.127+2
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: Ben Hutchings <benh@debian.org>
Changes:
linux-signed-arm64 (5.10.127+2) bullseye-security; urgency=high
.
* Sign kernel from linux 5.10.127-2
.
* [amd64,arm64,armhf] wireguard: Clear keys after suspend despite
CONFIG_ANDROID=y
* netfilter: nf_tables: stricter validation of element data (CVE-2022-34918)
* net: rose: fix UAF bugs caused by timer handler (CVE-2022-2318)
* net: rose: fix UAF bug caused by rose_t0timer_expiry
* xen/{blk,net}front: fix leaking data in shared pages (CVE-2022-26365,
CVE-2022-33740)
* xen/{blk,net}front: force data bouncing when backend is untrusted
(CVE-2022-33741, CVE-2022-33742)
* xen-netfront: restore __skb_queue_tail() positioning in
xennet_get_responses() (CVE-2022-33743)
* [arm64,armhf] xen/arm: Fix race in RB-tree based P2M accounting
(CVE-2022-33744)
* fbdev: fbmem: Fix logo center image dx issue
* fbdev: Fix potential out-of-bounds writes (CVE-2021-33655):
- fbmem: Check virtual screen sizes in fb_set_var()
- fbcon: Disallow setting font bigger than screen size
- fbcon: Prevent that screen size is smaller than font size
Checksums-Sha1:
1524421b4f64385c6aaf915b61509fc1f8d0bad4 7340 linux-signed-arm64_5.10.127+2.dsc
7181c199e8a0a0dce513cd71a80469e83dbc79a6 2521700 linux-signed-arm64_5.10.127+2.tar.xz
Checksums-Sha256:
48a6d86396e190a8fc825d4cb0f6997b77450410187d42c2acd8dd3061418c0c 7340 linux-signed-arm64_5.10.127+2.dsc
c873931ae297fa4b06262815e262c0516d216c8aeb25865cb2c547ca41929d42 2521700 linux-signed-arm64_5.10.127+2.tar.xz
Files:
3638d53eafae09fe642b1b0f56b66031 7340 kernel optional linux-signed-arm64_5.10.127+2.dsc
014d4d58729bf12ab57c79d3aaba7561 2521700 kernel optional linux-signed-arm64_5.10.127+2.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEfKFfvHEI+gkU+E+di0FRiLdONzYFAmLfLT0ACgkQi0FRiLdO
NzYiTg//Tv2+0a490SCtgUH17LOZsZQLesrj9YzUQiPt43pxirBMWIbaiaEgeDeU
f12OmbUUyrYY5x/L3ty/R+HgQ2nP1rajxmQdXDQK58Pwex5m295JHe0tIatqm+zO
osNtdObD4E1SitGLEuTztksus9mwuMrIgZ9c7lFS5VZRPsivF/psDH+JCPJ5WcGY
XxY5k64QOpzER+1Ie/nQaB3IsETJU71qnjbJNStVa81jArnXCK8ZJ5GUhFLPZZ9w
Z5cV1mx7VswyTccx7QAo/JUdKsao3rWj4CuYQet8GfqZIfe+8qvCPZlO2Q5rONwX
h2cR/TH2mOddyA7QU0la5VzUA/P1NJWPCPDAD+5QzTnXBZpNogBrlTWQSvrIQdLK
bVDPegZIwPwIfi2m95p76zaDZxAaGXR1wiqR5q01M56zdFWBlHOyP02qQeh/WkRc
2b3qpNKkiZ487CZY1psBinqrio5U/N+vihnqE14H5xRuPJqBCndlFEtKL+dzCKO7
LbJ1tjTyNxH3gKsKGGqqiwv/N9yLOB1a2I4iBsG9ANfm9IsgSOZPWeomyMUWh1Ow
OteEp8bxtephnN0xqhNPOAjWxVlKoeWL+WxOnLoP4JwKsvED3WS8A8WLhRIfQcoJ
MmJ+E9UpvmWJQD7JU/8gsZXSOj0LES50F9rUUT3fkoPtI8KmZjE=
=t9LX
-----END PGP SIGNATURE-----
