-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 24 Jul 2022 00:32:10 +0200 Source: linux Architecture: source Version: 5.10.127-2 Distribution: bullseye-security Urgency: high Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org> Changed-By: Ben Hutchings <benh@debian.org> Changes: linux (5.10.127-2) bullseye-security; urgency=high . * [amd64,arm64,armhf] wireguard: Clear keys after suspend despite CONFIG_ANDROID=y * netfilter: nf_tables: stricter validation of element data (CVE-2022-34918) * net: rose: fix UAF bugs caused by timer handler (CVE-2022-2318) * net: rose: fix UAF bug caused by rose_t0timer_expiry * xen/{blk,net}front: fix leaking data in shared pages (CVE-2022-26365, CVE-2022-33740) * xen/{blk,net}front: force data bouncing when backend is untrusted (CVE-2022-33741, CVE-2022-33742) * xen-netfront: restore __skb_queue_tail() positioning in xennet_get_responses() (CVE-2022-33743) * [arm64,armhf] xen/arm: Fix race in RB-tree based P2M accounting (CVE-2022-33744) * fbdev: fbmem: Fix logo center image dx issue * fbdev: Fix potential out-of-bounds writes (CVE-2021-33655): - fbmem: Check virtual screen sizes in fb_set_var() - fbcon: Disallow setting font bigger than screen size - fbcon: Prevent that screen size is smaller than font size Checksums-Sha1: c2dee30357d5be76e34ffa85aa57bb5f7c550351 197083 linux_5.10.127-2.dsc 0dcdcd3c0cf1eb838b4e36ba025ae8e1109a1975 121727816 linux_5.10.127.orig.tar.xz f9ed634db06812ab2f1e8d713233fc76d17f671e 3450468 linux_5.10.127-2.debian.tar.xz ac84010c0afb5d4c2b02777401ec3288d47507d1 6025 linux_5.10.127-2_source.buildinfo Checksums-Sha256: 3dad248c5d2bb2e2c6d15bc6085d2b0fd6080be0c6ecf1300f4693f57f157df3 197083 linux_5.10.127-2.dsc 488af1775ba0402293482346589d1b19462c236201c6c873f6d297707074c19d 121727816 linux_5.10.127.orig.tar.xz 8b89a32daf57c1c9326db0228c26122338d958ccf1ab4098f2587f26d240dacb 3450468 linux_5.10.127-2.debian.tar.xz 2e1281c3de820db7ee58bb4f2f03c25882cc04fa8eaaebc849a0e5bac1f00267 6025 linux_5.10.127-2_source.buildinfo Files: 166d79b513b3340ae5424a8e2c21959d 197083 kernel optional linux_5.10.127-2.dsc ea27175417875124674f4795d55e7c36 121727816 kernel optional linux_5.10.127.orig.tar.xz a9d7ac7889b86f2fca8bb19bac42c7af 3450468 kernel optional linux_5.10.127-2.debian.tar.xz 50678ac79d020c31024bfb13cf93a40a 6025 kernel optional linux_5.10.127-2_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAmLdGp4ACgkQ57/I7JWG EQl46w/9ECH1Zs7KlnLs+/7QoKr8CDHyu086ETwDaR57oYdcqmiUDkJm5cCqvxgQ 5uGIok+S4adGiXleIfi+bhq8xj2PggSbuda49RTAX3kFXNPaJ42pOMdqd3LMwOqn SCCdxPvd+ttCKNMIS5Z+5xehra6lSHAcm1VRRt5/yniDHRs4HY4eLe5QBDguhgb8 qzPw7TsfUfwiczbKopZSqIkSnM6ewrWyJCB7UyNPoO8m1OZJxmFNjToESPxvpSMG izLEPL2c5oHv0gm2NB1byRSUbGfhkzgu3JMeQYZ0r6Dvir19rOHO528G9Tt6JdpP sbLjuDSs8q5dfwxD/VtlyBpACOk84s7GlnkZZssWAUMEQpNqSZGXgO8rV0MOGMlN Tet+pwjowwVnINP0dENKepA2YuX7qhv9+ZkP4A3qfg2wKv2vAvpOH8XmcJSR7ZPc Z88vRMjhb8w0+TCvOKXMKFZ+nJ+NPUrOLZPf8f623OwLsml9ptmtlc9rVwAeInFY knYoEsFP8HjypfUFLqo+NSM57+xjem1LRY8aNk2I39ovWSKgvVlavpeaoMiob4rB Bww9RJwwvV1T/XGJ4ZPX3Exjt2raRhQbRXI3fpxWFKgGOt1oPQY2v2YDyBNPhVKj lvhClS7M1Fwny5w/tQnGMQwlK2nhVCWnuUJpIyLbrGP7492Kr5M= =XR5a -----END PGP SIGNATURE-----