-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 26 May 2023 18:54:51 +0200 Source: linux-5.10 Architecture: source Version: 5.10.179-1~deb10u1 Distribution: buster-security Urgency: high Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org> Changed-By: Ben Hutchings <benh@debian.org> Closes: 1035779 Changes: linux-5.10 (5.10.179-1~deb10u1) buster-security; urgency=high . * Rebuild for buster: - Change ABI number to 0.deb10.23 . linux (5.10.179-1) bullseye-security; urgency=high . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.179 - [arm64] dts: qcom: ipq8074-hk01: enable QMP device, not the PHY node - netfilter: br_netfilter: fix recent physdev match breakage - [arm64,armhf] regulator: fan53555: Explicitly include bits header - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg (CVE-2023-31436) - virtio_net: bugfix overflow inside xdp_linearize_page() - sfc: Split STATE_READY in to STATE_NET_DOWN and STATE_NET_UP. - sfc: Fix use-after-free due to selftest_work - netfilter: nf_tables: fix ifdef to also consider nf_tables=m - i40e: fix accessing vsi->active_filters without holding lock - i40e: fix i40e_setup_misc_vector() error handling - mlxfw: fix null-ptr-deref in mlxfw_mfa2_tlv_next() - net: rpl: fix rpl header size calculation - bpf: Fix incorrect verifier pruning due to missing register precision taints - e1000e: Disable TSO on i219-LM card to increase speed - f2fs: Fix f2fs_truncate_partial_nodes ftrace event - Input: i8042 - add quirk for Fujitsu Lifebook A574/H - scsi: megaraid_sas: Fix fw_crash_buffer_show() - scsi: core: Improve scsi_vpd_inquiry() checks - [s390x] ptrace: fix PTRACE_GET_LAST_BREAK error handling - nvme-tcp: fix a possible UAF when failing to allocate an io queue - xen/netback: use same error messages for same errors - xfs: drop submit side trans alloc for append ioends - iio: light: tsl2772: fix reading proximity-diodes from device tree - nilfs2: initialize unused bytes in segment summary blocks - memstick: fix memory leak if card device is never registered - kernel/sys.c: fix and improve control flow in __sys_setres[ug]id() - mm/khugepaged: check again on anon uffd-wp during isolation - sched/uclamp: Make task_fits_capacity() use util_fits_cpu() - sched/uclamp: Fix fits_capacity() check in feec() - sched/uclamp: Make select_idle_capacity() use util_fits_cpu() - sched/uclamp: Make asym_fits_capacity() use util_fits_cpu() - sched/uclamp: Make cpu_overutilized() use util_fits_cpu() - sched/uclamp: Cater for uclamp in find_energy_efficient_cpu()'s early exit condition - sched/fair: Detect capacity inversion - sched/fair: Consider capacity inversion in util_fits_cpu() - sched/uclamp: Fix a uninitialized variable warnings - sched/fair: Fixes for capacity inversion detection - virtiofs: clean up error handling in virtio_fs_get_tree() - virtiofs: split requests that exceed virtqueue size - fuse: check s_root when destroying sb - fuse: fix attr version comparison in fuse_read_update_size() - fuse: always revalidate rename target dentry - fuse: fix deadlock between atomic O_TRUNC and page invalidation - Revert "ext4: fix use-after-free in ext4_xattr_set_entry" - ext4: remove duplicate definition of ext4_xattr_ibody_inline_set() - ext4: fix use-after-free in ext4_xattr_set_entry - udp: Call inet6_destroy_sock() in setsockopt(IPV6_ADDRFORM). - tcp/udp: Call inet6_destroy_sock() in IPv6 sk->sk_destruct(). - inet6: Remove inet6_destroy_sock() in sk->sk_prot->destroy(). - dccp: Call inet6_destroy_sock() via sk->sk_destruct(). - sctp: Call inet6_destroy_sock() via sk->sk_destruct(). - [arm64,armhf] pwm: meson: Explicitly set .polarity in .get_state() - ASN.1: Fix check for strdup() success . [ Salvatore Bonaccorso ] * netfilter: nf_tables: deactivate anonymous set from preparation phase (CVE-2023-32233) * [rt] Refresh "sched/hotplug: Ensure only per-cpu kthreads run during hotplug" * Bump ABI to 23 * ovl: fail on invalid uid/gid mapping at copy up (CVE-2023-0386) * [x86] KVM: x86: hyper-v: Avoid calling kvm_make_vcpus_request_mask() with vcpu_mask==NULL (Closes: #1035779) Checksums-Sha1: 60bbb7d7eb4eb51579d96e67a45c166bb41c7755 42421 linux-5.10_5.10.179-1~deb10u1.dsc 23b58f3129701cf2ac429c6060dda22c8d370840 121861696 linux-5.10_5.10.179.orig.tar.xz a0af3a3c4a9cc7db05dd9b947947c3bf3ca09f0c 1574372 linux-5.10_5.10.179-1~deb10u1.debian.tar.xz a5c2e7031c8fbd8e7eda4254d6f3a6df01ca942f 13850 linux-5.10_5.10.179-1~deb10u1_source.buildinfo Checksums-Sha256: 4b0fec48a0e05905d6bbd934e493382a4c4999456e0dc97fa973ecb504bbe971 42421 linux-5.10_5.10.179-1~deb10u1.dsc 68071d7ce42fe90639946c2024bf1147a36b69833e8a0132874b9db1ca378666 121861696 linux-5.10_5.10.179.orig.tar.xz 17da2d22e3df52d7edf207cbb447f704a3e1928cd8a4039b29036006951e3060 1574372 linux-5.10_5.10.179-1~deb10u1.debian.tar.xz d962a8efc14b0599edd124d31e5faa2c5de5359953755c29b0542f2cb25268c9 13850 linux-5.10_5.10.179-1~deb10u1_source.buildinfo Files: 35fc5cafc91f962ae4bb818b8dd45910 42421 kernel optional linux-5.10_5.10.179-1~deb10u1.dsc f5bce98b7f5eecb3e80d4cef5c89141f 121861696 kernel optional linux-5.10_5.10.179.orig.tar.xz 545e0b7a1065b4f125be5f9c26d74957 1574372 kernel optional linux-5.10_5.10.179-1~deb10u1.debian.tar.xz 4229d6daacc593a663af2b16e30e8e78 13850 kernel optional linux-5.10_5.10.179-1~deb10u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAmR6FaoACgkQ57/I7JWG EQkcvA/+Nh4wsLlE9ZlmB5NDsfaMG9PDIN20W3F1VWm62RUm8Y+SR89bcLDyUGvr bFLA8f2wtT58ntyNzLIF+V0Ia5cwkcd+labqby+NSzE0YqT4cISwRiKFTKde6afN rYrmWCeOzmEmlgkDGZN4kZpJeoB6X7gQN9blmXavQpGQzgEIes9dZhF7VZqVoRIV 8joP+GXSyN0l+oST9IPsb1UdEGxwCYF1Fy9bDpox4/gog9+qD/kDm+8RA+ZhwwrM MkmMGOvdTbtCPBAls+g7xOT4QBiNCd9MWyGdnHS5FSvLxLRHpgD6WYFvaZPzSSH1 TQ52Oc2WMJEwcO+87YRGXWQ3TuNsh01xH93pTdKZZ4eTpvVAN59yTW2Zx8KTmc+W HMrqO0/YwlGhQVpmG4x+zANxAiAL/89AendvxbZCJ61w8QgF9xVAo6wwhj0NkTpy l/UA9gC4Qo/X6KOIwBrj3BgUaL954q3ybTUeeRe8mjb23DvQvWf4uN6qPAvb3KZT e/oL+Xf3cK3TMigVPXuFG98wnt/iuOcLM5WWF9/jwPOl58VPXhx1YZmWXsSXDhrU okAaKvE9WwuAyfMPcqLiv+WS2ZnBolIW0zDKxdwF/aWULDQ23Gja6ye//fnmVQpc iNG0AomFBJntoD7Vp2FSozcH0IauaZIClLIhVqQsGsby8iYenH0= =1zUK -----END PGP SIGNATURE-----